mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
gpg: Fix trustdb for v5key.
* g10/keydb.h (fpr20_from_pk): New. * g10/keyid.c (fpr20_from_pk): New. * g10/tdbio.c (tdbio_search_trust_byfpr): Use fpr20_from_pk. * g10/trustdb.c (keyid_from_fpr20): New. (verify_own_keys): Use keyid_from_fpr20. (tdb_update_ownertrust): Use fpr20_from_pk. (update_min_ownertrust): Likewise. (update_validity): Likewise. -- For the compatibility of existing implementation, we keep the format of trustdb untouched. The format of trustdb uses 20-byte fingerprint for the trust record entry. To handle both of v4key (with 20-byte fingerprint) and v5 key (with 32-byte fingerprint), we introduce FPR20 fingerprint, internally. For v4key, FPR20 is as same as v4 fingerprint. For v5key, FPR20 is constructed from v5key fingerprint. GnuPG-bug-id: 5000 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka
parent
20982bbd75
commit
373c975859
4 changed files with 88 additions and 30 deletions
32
g10/keyid.c
32
g10/keyid.c
|
|
@ -867,6 +867,38 @@ fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len)
|
|||
}
|
||||
|
||||
|
||||
/*
|
||||
* Get FPR20 for the given PK/SK into ARRAY.
|
||||
*
|
||||
* FPR20 is special form of fingerprint of length 20 for the record of
|
||||
* trustdb. For v4key, having fingerprint with SHA-1, FPR20 is the
|
||||
* same one. For v5key, FPR20 is constructed from its fingerprint
|
||||
* with SHA-2, so that its kid of last 8-byte can be as same as
|
||||
* kid of v5key fingerprint.
|
||||
*
|
||||
*/
|
||||
void
|
||||
fpr20_from_pk (PKT_public_key *pk, byte array[20])
|
||||
{
|
||||
if (!pk->fprlen)
|
||||
compute_fingerprint (pk);
|
||||
|
||||
if (!array)
|
||||
array = xmalloc (pk->fprlen);
|
||||
|
||||
if (pk->fprlen == 32) /* v5 fingerprint */
|
||||
{
|
||||
memcpy (array + 0, pk->fpr + 20, 4);
|
||||
memcpy (array + 4, pk->fpr + 24, 4);
|
||||
memcpy (array + 8, pk->fpr + 28, 4);
|
||||
memcpy (array + 12, pk->fpr + 0, 4); /* kid[0] */
|
||||
memcpy (array + 16, pk->fpr + 4, 4); /* kid[1] */
|
||||
}
|
||||
else /* v4 fingerprint */
|
||||
memcpy (array, pk->fpr, 20);
|
||||
}
|
||||
|
||||
|
||||
/* Return an allocated buffer with the fingerprint of PK formatted as
|
||||
* a plain hexstring. If BUFFER is NULL the result is a malloc'd
|
||||
* string. If BUFFER is not NULL the result will be copied into this
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue