diff options
| author | Werner Koch <[email protected]> | 2016-10-28 19:01:23 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2016-10-28 19:01:51 +0000 |
| commit | b6f08dbb0b45059cdbbb5d9be9725e437f42a8cc (patch) | |
| tree | 705d8fdfa8ad0d63e0782e5ed58bd7f3b8af973a | |
| parent | dirmngr: Fix signature checking. (diff) | |
| download | gnupg-b6f08dbb0b45059cdbbb5d9be9725e437f42a8cc.tar.gz gnupg-b6f08dbb0b45059cdbbb5d9be9725e437f42a8cc.zip | |
gpg: Enable the Issuer Fingerprint from rfc4880bis
* g10/build-packet.c (build_sig_subpkt_from_sig): Always write the new
Issuer Fingerprint sub-packet.
* g10/mainproc.c (check_sig_and_print): Always consider that
sub-packet.
--
The specs for this sub-packet have been pushed to the OpenPGP WG's
repo today.
See-also: https://mailarchive.ietf.org/arch/msg/\
openpgp/GvPo2eSL9GW9WcGhOocY7KBa9FY
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | g10/build-packet.c | 15 | ||||
| -rw-r--r-- | g10/mainproc.c | 3 |
2 files changed, 6 insertions, 12 deletions
diff --git a/g10/build-packet.c b/g10/build-packet.c index 86d42efe1..0115d64a1 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -1002,17 +1002,12 @@ build_sig_subpkt_from_sig (PKT_signature *sig, PKT_public_key *pksk) build_sig_subpkt (sig, SIGSUBPKT_ISSUER, buf, 8); } - /* For a future v5 keys we write the ISSUER_FPR subpacket. We - * also write that for a v4 key is experimental support for - * RFC4880bis is requested. */ - if (pksk->version > 4 || opt.flags.rfc4880bis) + /* Write the new ISSUER_FPR subpacket. */ + fingerprint_from_pk (pksk, buf+1, &fprlen); + if (fprlen == 20) { - fingerprint_from_pk (pksk, buf+1, &fprlen); - if (fprlen == 20) - { - buf[0] = pksk->version; - build_sig_subpkt (sig, SIGSUBPKT_ISSUER_FPR, buf, 21); - } + buf[0] = pksk->version; + build_sig_subpkt (sig, SIGSUBPKT_ISSUER_FPR, buf, 21); } /* Write the timestamp. */ diff --git a/g10/mainproc.c b/g10/mainproc.c index ce4c5951c..63f726097 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1748,7 +1748,7 @@ check_sig_and_print (CTX c, kbnode_t node) write_status_text (STATUS_NEWSIG, NULL); astr = openpgp_pk_algo_name ( sig->pubkey_algo ); - if (opt.flags.rfc4880bis && (issuer_fpr = issuer_fpr_string (sig))) + if ((issuer_fpr = issuer_fpr_string (sig))) { log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp)); log_info (_(" using %s key %s\n"), @@ -1853,7 +1853,6 @@ check_sig_and_print (CTX c, kbnode_t node) * favor this over the WKD method (to be tried next), because an * arbitrary keyserver is less subject to web bug like monitoring. */ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY - && opt.flags.rfc4880bis && (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE) && keyserver_any_configured (c->ctrl)) { |