gpg: Also allow a v5 fingerprint for --trusted-key.

* g10/trustdb.c (tdb_register_trusted_key): Add case for 32 octet fingerprints. -- GnuPG-bug-id: 4855 Signed-off-by: Werner Koch <wk@gnupg.org>
2024-12-22 10:19:57 +01:00 · 2020-03-18 13:56:43 +01:00 · 2020-03-18 13:56:43 +01:00 · 4287f89557
commit 4287f89557
parent 810ea2cc68
2 changed files with 9 additions and 1 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -1654,7 +1654,8 @@ claim" signatures are always accepted.
@item --trusted-key @var{long key ID or fingerprint}
@opindex trusted-key
 Assume that the specified key (which must be given
-as a full 8 byte key ID or 20 byte fingerprint) is as trustworthy as one of
+as a full 8 byte key ID, a 20 byte, or 32 byte fingerprint)
+is as trustworthy as one of
 your own secret keys. This option is useful if you
 don't want to keep your secret keys (or one of them)
 online but still want to be able to check the validity of a given
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -228,6 +228,13 @@ tdb_register_trusted_key (const char *string)
          register_trusted_keyid (kid);
          return;
        }
+      if (desc.mode == KEYDB_SEARCH_MODE_FPR && desc.fprlen == 32)
+        {
+          kid[0] = buf32_to_u32 (desc.u.fpr);
+          kid[1] = buf32_to_u32 (desc.u.fpr+4);
+          register_trusted_keyid (kid);
+          return;
+        }
    }
  log_error (_("'%s' is not a valid long keyID\n"), string );
 }