security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Also allow a v5 fingerprint for --trusted-key.

Browse Source 
* g10/trustdb.c (tdb_register_trusted_key): Add case for 32 octet
fingerprints.
--
GnuPG-bug-id: 4855

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-03-18 13:56:43 +01:00
parent 810ea2cc68
commit 4287f89557
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/gpg.texi
View File

@ -1654,7 +1654,8 @@ claim" signatures are always accepted.
@item --trusted-key @var{long key ID or fingerprint} @item --trusted-key @var{long key ID or fingerprint}
@opindex trusted-key @opindex trusted-key
Assume that the specified key (which must be given Assume that the specified key (which must be given
as a full 8 byte key ID or 20 byte fingerprint) is as trustworthy as one of as a full 8 byte key ID, a 20 byte, or 32 byte fingerprint)
is as trustworthy as one of
your own secret keys. This option is useful if you your own secret keys. This option is useful if you
don't want to keep your secret keys (or one of them) don't want to keep your secret keys (or one of them)
online but still want to be able to check the validity of a given online but still want to be able to check the validity of a given

7
g10/trustdb.c
View File

@ -228,6 +228,13 @@ tdb_register_trusted_key (const char *string)
register_trusted_keyid (kid); register_trusted_keyid (kid);
return; return;
} }
if (desc.mode == KEYDB_SEARCH_MODE_FPR && desc.fprlen == 32)
{
kid[0] = buf32_to_u32 (desc.u.fpr);
kid[1] = buf32_to_u32 (desc.u.fpr+4);
register_trusted_keyid (kid);
return;
}
} }
log_error (_("'%s' is not a valid long keyID\n"), string ); log_error (_("'%s' is not a valid long keyID\n"), string );
} }