diff options
| author | NIIBE Yutaka <[email protected]> | 2020-08-07 03:46:09 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2020-08-07 04:02:47 +0000 |
| commit | 373c975859a55f942276d6078f27ee33570bf2d5 (patch) | |
| tree | c0f94f54047f2f3ae55ed89c010b3ea35f320246 /g10/keyid.c | |
| parent | gpg: Fix short key ID for v5key. (diff) | |
| download | gnupg-373c975859a55f942276d6078f27ee33570bf2d5.tar.gz gnupg-373c975859a55f942276d6078f27ee33570bf2d5.zip | |
gpg: Fix trustdb for v5key.
* g10/keydb.h (fpr20_from_pk): New.
* g10/keyid.c (fpr20_from_pk): New.
* g10/tdbio.c (tdbio_search_trust_byfpr): Use fpr20_from_pk.
* g10/trustdb.c (keyid_from_fpr20): New.
(verify_own_keys): Use keyid_from_fpr20.
(tdb_update_ownertrust): Use fpr20_from_pk.
(update_min_ownertrust): Likewise.
(update_validity): Likewise.
--
For the compatibility of existing implementation, we keep the format
of trustdb untouched. The format of trustdb uses 20-byte fingerprint
for the trust record entry. To handle both of v4key (with 20-byte
fingerprint) and v5 key (with 32-byte fingerprint), we introduce FPR20
fingerprint, internally. For v4key, FPR20 is as same as v4
fingerprint. For v5key, FPR20 is constructed from v5key fingerprint.
GnuPG-bug-id: 5000
Signed-off-by: NIIBE Yutaka <[email protected]>
Diffstat (limited to 'g10/keyid.c')
| -rw-r--r-- | g10/keyid.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/g10/keyid.c b/g10/keyid.c index 23712e2a4..caf2e4f6f 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -867,6 +867,38 @@ fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len) } +/* + * Get FPR20 for the given PK/SK into ARRAY. + * + * FPR20 is special form of fingerprint of length 20 for the record of + * trustdb. For v4key, having fingerprint with SHA-1, FPR20 is the + * same one. For v5key, FPR20 is constructed from its fingerprint + * with SHA-2, so that its kid of last 8-byte can be as same as + * kid of v5key fingerprint. + * + */ +void +fpr20_from_pk (PKT_public_key *pk, byte array[20]) +{ + if (!pk->fprlen) + compute_fingerprint (pk); + + if (!array) + array = xmalloc (pk->fprlen); + + if (pk->fprlen == 32) /* v5 fingerprint */ + { + memcpy (array + 0, pk->fpr + 20, 4); + memcpy (array + 4, pk->fpr + 24, 4); + memcpy (array + 8, pk->fpr + 28, 4); + memcpy (array + 12, pk->fpr + 0, 4); /* kid[0] */ + memcpy (array + 16, pk->fpr + 4, 4); /* kid[1] */ + } + else /* v4 fingerprint */ + memcpy (array, pk->fpr, 20); +} + + /* Return an allocated buffer with the fingerprint of PK formatted as * a plain hexstring. If BUFFER is NULL the result is a malloc'd * string. If BUFFER is not NULL the result will be copied into this |