From fde59f9ae638a3531e8b3744435d6c576dc6b34e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 3 Mar 2023 10:09:32 +0100 Subject: gpg: Get the signature keyid from the issuer fpr. * g10/parse-packet.c (parse_signature): Parse the ISSUER_FPR subpacket and use that to get the keyid. -- Because ADSKs are created w/o the issuer subpacket (despite that this is still a v4 signature) we need to get the key id from the issuer_fpr. This does not harm and we still fallback to the the issuer. Note that for ease of future backporting we also take v5 fingerprints into account. --- g10/parse-packet.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 5fea1ac43..e0fe9c0c8 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -2189,8 +2189,21 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, && opt.verbose && !glo_ctrl.silence_parse_warnings) log_info ("signature packet without timestamp\n"); - p = parse_sig_subpkt2 (sig, SIGSUBPKT_ISSUER); - if (p) + /* Set the key id. We first try the issuer fingerprint and if + * this is not found fallback to the issuer. Note that + * only the issuer packet is also searched in the unhashed area. */ + p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &len); + if (p && len == 21 && p[0] == 4) + { + sig->keyid[0] = buf32_to_u32 (p + 1 + 12); + sig->keyid[1] = buf32_to_u32 (p + 1 + 16); + } + else if (p && len == 33 && p[0] == 5) + { + sig->keyid[0] = buf32_to_u32 (p + 1 ); + sig->keyid[1] = buf32_to_u32 (p + 1 + 4); + } + else if ((p = parse_sig_subpkt2 (sig, SIGSUBPKT_ISSUER))) { sig->keyid[0] = buf32_to_u32 (p); sig->keyid[1] = buf32_to_u32 (p + 4); -- cgit v1.2.3