From 01329da8a778d3b0d121c83bfb61d99a39cccac4 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 24 Mar 2022 13:16:52 +0900
Subject: kbx: Fix searching for FPR20 in version 2 blob.

* kbx/keybox-search.c (blob_cmp_fpr_part): Don't change FPROFF, since
it's caller which tweaks the offset.
(has_short_kid, has_long_kid): Examine the key flags to determine if
fingerprint 32 or 20.

--

GnuPG-bug-id: 5888
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 kbx/keybox-search.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'kbx/keybox-search.c')

diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 5ff9111fa..8dea7cb8e 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -304,8 +304,6 @@ blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr,
   if (pos + (uint64_t)keyinfolen*nkeys > (uint64_t)length)
     return 0; /* out of bounds */
 
-  if (fpr32)
-    fproff = 0; /* keyid are the high-order bits.  */
   for (idx=0; idx < nkeys; idx++)
     {
       off = pos + idx*keyinfolen;
@@ -702,7 +700,7 @@ has_short_kid (KEYBOXBLOB blob, u32 lkid)
   buf[2] = lkid >> 8;
   buf[3] = lkid;
 
-  if (fpr32)
+  if (fpr32 && (get16 (buffer + 20 + 32) & 0x80))
     return blob_cmp_fpr_part (blob, buf, 0, 4);
   else
     return blob_cmp_fpr_part (blob, buf, 16, 4);
@@ -732,7 +730,7 @@ has_long_kid (KEYBOXBLOB blob, u32 mkid, u32 lkid)
   buf[6] = lkid >> 8;
   buf[7] = lkid;
 
-  if (fpr32)
+  if (fpr32 && (get16 (buffer + 20 + 32) & 0x80))
     return blob_cmp_fpr_part (blob, buf, 0, 8);
   else
     return blob_cmp_fpr_part (blob, buf, 12, 8);
-- 
cgit v1.2.3