* encode.c (encode_simple): Make sure that files larger than about 4G use

partial length encoding.  This is required because OpenPGP allows only for
32 bit length fields.  From Werner on stable branch.

* getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and
made extern. (get_pubkey_byfprint_fast): New.  From Werner on stable
branch.

* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might lead to
recursions. (revocation_present): Likewise for search by fingerprint.
From Werner on stable branch.

* g10.c (main): Try to create the trustdb even for non-colon-mode list-key
operations.  This is required because getkey needs to know whether a a key
is ultimately trusted.  From Werner on stable branch.

1 files changed, 51 insertions, 3 deletions

diff --git a/g10/getkey.c b/g10/getkey.c
index ab296f641..5bb2d2263 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -374,8 +374,8 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
 /* Get a public key and store it into the allocated pk.  This function
    differs from get_pubkey() in that it does not do a check of the key
    to avoid recursion.  It should be used only in very certain cases.  */
-static int
-get_pubkey_direct (PKT_public_key *pk, u32 *keyid)
+int
+get_pubkey_fast (PKT_public_key *pk, u32 *keyid)
 {
   int rc = 0;
   KEYDB_HANDLE hd;
@@ -906,6 +906,54 @@ get_pubkey_byfprint( PKT_public_key *pk,
     return rc;
 }
 
+
+/* Get a public key and store it into the allocated pk.  This function
+   differs from get_pubkey_byfprint() in that it does not do a check
+   of the key to avoid recursion.  It should be used only in very
+   certain cases.  PK may be NULL to check just for the existance of
+   the key. */
+int
+get_pubkey_byfprint_fast (PKT_public_key *pk,
+                          const byte *fprint, size_t fprint_len)
+{
+  int rc = 0;
+  KEYDB_HANDLE hd;
+  KBNODE keyblock;
+  unsigned char fprbuf[MAX_FINGERPRINT_LEN];
+  int i;
+  
+  for (i=0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++)
+    fprbuf[i] = fprint[i];
+  while (i < MAX_FINGERPRINT_LEN) 
+    fprbuf[i++] = 0;
+
+  hd = keydb_new (0);
+  rc = keydb_search_fpr (hd, fprbuf);
+  if (rc == -1)
+    {
+      keydb_release (hd);
+      return G10ERR_NO_PUBKEY;
+    }
+  rc = keydb_get_keyblock (hd, &keyblock);
+  keydb_release (hd);
+  if (rc) 
+    {
+      log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
+      return G10ERR_NO_PUBKEY;
+    }
+  
+  assert ( keyblock->pkt->pkttype == PKT_PUBLIC_KEY
+           ||  keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY );
+  if (pk)
+    copy_public_key (pk, keyblock->pkt->pkt.public_key );
+  release_kbnode (keyblock);
+
+  /* Not caching key here since it won't have all of the fields
+     properly set. */
+
+  return 0;
+}
+
 /****************
  * Search for a key with the given fingerprint and return the
  * complete keyblock which may have more than only this key.
@@ -1524,7 +1572,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
                        trusted key is still valid - if it has been
                        revoked or the user should also renmove the
                        ultimate trust flag.  */
-		    if(get_pubkey_direct(ultimate_pk,sig->keyid)==0 &&
+		    if(get_pubkey_fast(ultimate_pk,sig->keyid)==0 &&
 		       check_key_signature(keyblock,k,NULL)==0 &&
 		       get_ownertrust(ultimate_pk)==TRUST_ULTIMATE)
 		      {