security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-06-12 18:11:03 +02:00
Code Activity

Allow use of a standard space separated fingerprint.

Browse Source 
We allow a single or a double space in the middle of the fingerprint
to help with c+p fingerprints from an HTML pages which are not being
enclosed in a "pre" tag.
* g10/getkey.c (classify_user_id): Check for space separated GPG
fingerprint.
--
This is a backport of commit 957fe72 and 372fb4f.
This commit is contained in:
Werner Koch 2012-01-10 15:32:45 +01:00
parent b9333cd890
commit 9b2a98ea14
2 changed files with 71 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
NEWS
View File

@ -1,13 +1,16 @@
Noteworthy changes in version 1.4.12 (unreleased) Noteworthy changes in version 1.4.12 (unreleased)
------------------------------------------------- -------------------------------------------------
* GPG now accepts a space separated fingerprint as a user ID.
This allows to copy and paste the fingerprint from the key
listing.
Noteworthy changes in version 1.4.11 (2010-10-18) Noteworthy changes in version 1.4.11 (2010-10-18)
------------------------------------------------- -------------------------------------------------
* Bug fixes and portability changes. * Bug fixes and portability changes.
* Minor changes for better interoperability with GnuPG-2. * Minor changes for better interoperability with GnuPG-2.
@ -47,7 +50,7 @@ Noteworthy changes in version 1.4.9 (2008-03-26)
Noteworthy changes in version 1.4.8 (2007-12-20) Noteworthy changes in version 1.4.8 (2007-12-20)
------------------------------------------------ ------------------------------------------------
******************************************* *******************************************
* A decade of GnuPG: g10-0.0.0.tar.gz was * * A decade of GnuPG: g10-0.0.0.tar.gz was *
* released exactly 10 years ago. * * released exactly 10 years ago. *
@ -75,7 +78,7 @@ Noteworthy changes in version 1.4.8 (2007-12-20)
* Allow encryption using legacy Elgamal sign+encrypt keys if * Allow encryption using legacy Elgamal sign+encrypt keys if
option --rfc2440 is used. option --rfc2440 is used.
* Fixed the auto creation of the key stub for smartcards. * Fixed the auto creation of the key stub for smartcards.
* Fixed a rare bug in decryption using the OpenPGP card. * Fixed a rare bug in decryption using the OpenPGP card.
@ -99,7 +102,7 @@ Noteworthy changes in version 1.4.7 (2007-03-05)
language files "*.mo" are expected in a directory named language files "*.mo" are expected in a directory named
"gnupg.nls" below the directory with the gpg.exe binary. "gnupg.nls" below the directory with the gpg.exe binary.
* New --verify-option show-primary-uid-only. * New --verify-option show-primary-uid-only.
Noteworthy changes in version 1.4.6 (2006-12-06) Noteworthy changes in version 1.4.6 (2006-12-06)
@ -112,7 +115,7 @@ Noteworthy changes in version 1.4.6 (2006-12-06)
* Fixed a bug while decrypting certain compressed and encrypted * Fixed a bug while decrypting certain compressed and encrypted
messages. [bug#537] messages. [bug#537]
* Added --s2k-count to set the number of times passphrase mangling * Added --s2k-count to set the number of times passphrase mangling
is repeated. The default is 65536 times. is repeated. The default is 65536 times.
@ -318,7 +321,7 @@ Noteworthy changes in version 1.4.1 (2005-03-15)
of them. of them.
* [W32] The locale selection under Windows changed. You need to * [W32] The locale selection under Windows changed. You need to
enter the locale in the registry at HKCU\Software\GNU\GnuPG:Lang. enter the locale in the registry at HKCU\Software\GNU\GnuPG:Lang.
For German you would use "de". If it is not set, GnuPG falls For German you would use "de". If it is not set, GnuPG falls
back to HKLM. The languages files "*.mo" are expected in a back to HKLM. The languages files "*.mo" are expected in a
directory named "gnupg.nls" below the installation directory; directory named "gnupg.nls" below the installation directory;
@ -348,17 +351,17 @@ Noteworthy changes in version 1.3.93 (2004-12-14)
* Switched to automake 1.9. Minor big fixes. * Switched to automake 1.9. Minor big fixes.
Noteworthy changes in version 1.3.92 (2004-10-28) Noteworthy changes in version 1.3.92 (2004-10-28)
------------------------------------------------- -------------------------------------------------
* Added Russian man page. Thanks to Pawel I. Shajdo. * Added Russian man page. Thanks to Pawel I. Shajdo.
* libiconv is now used to support other character sets other than * libiconv is now used to support other character sets other than
UTF-8, Latin-1,-2 and KOI8-2. The W32 version will only work UTF-8, Latin-1,-2 and KOI8-2. The W32 version will only work
correctly when iconv.dll is installed on the system. A binary correctly when iconv.dll is installed on the system. A binary
version is available at all GNU mirror sites under libiconv. version is available at all GNU mirror sites under libiconv.
* gettext for Windows has been simplified. The MO files are now * gettext for Windows has been simplified. The MO files are now
distributed UTF-8 encoded and gpg translates on the fly. distributed UTF-8 encoded and gpg translates on the fly.
@ -393,13 +396,13 @@ Noteworthy changes in version 1.3.90 (2004-10-01)
* Support for the OpenPGP smartcard is now enabled by default. * Support for the OpenPGP smartcard is now enabled by default.
Use the option --disable-card-support to build without support Use the option --disable-card-support to build without support
for smartcards. for smartcards.
* New command "addcardkey" in the key edit menu to add subkeys to * New command "addcardkey" in the key edit menu to add subkeys to
a smartcard. New command "keytocard" to transfer a key to a smartcard. a smartcard. New command "keytocard" to transfer a key to a smartcard.
The serial number of the card is show in secret key listings. The serial number of the card is show in secret key listings.
* -K may now be used as an alias for --list-secret-keys. * -K may now be used as an alias for --list-secret-keys.
* HTTP Basic authentication is now supported for all HKP and HTTP * HTTP Basic authentication is now supported for all HKP and HTTP
keyserver functions, either through a proxy or via direct keyserver functions, either through a proxy or via direct
@ -586,12 +589,12 @@ Noteworthy changes in version 1.3.3 (2003-10-10)
expands to the fingerprint of the key making the signature expands to the fingerprint of the key making the signature
(which might be a subkey), and "%p" expands to the fingerprint (which might be a subkey), and "%p" expands to the fingerprint
of the primary key that owns the key making the signature. of the primary key that owns the key making the signature.
* New "tru" record in --with-colons --list-keys listings. It * New "tru" record in --with-colons --list-keys listings. It
shows the status of the trust database that was used to shows the status of the trust database that was used to
calculate the key validity in the listings. See doc/DETAILS for calculate the key validity in the listings. See doc/DETAILS for
the specifics of this. the specifics of this.
* New REVKEYSIG status tag for --status-fd. It indicates a valid * New REVKEYSIG status tag for --status-fd. It indicates a valid
signature that was issued by a revoked key. See doc/DETAILS for signature that was issued by a revoked key. See doc/DETAILS for
the specifics of this. the specifics of this.
@ -982,7 +985,7 @@ Noteworthy changes in version 1.0.7 (2002-04-29)
* RSA key generation. * RSA key generation.
* Merged Stefan's patches for RISC OS in. See comments in * Merged Stefan's patches for RISC OS in. See comments in
scripts/build-riscos. scripts/build-riscos.
* It is now possible to sign and conventional encrypt a message (-cs). * It is now possible to sign and conventional encrypt a message (-cs).
@ -1019,7 +1022,7 @@ Noteworthy changes in version 1.0.6 (2001-05-29)
* Security fix for a format string bug in the tty code. * Security fix for a format string bug in the tty code.
* Fixed format string bugs in all PO files. * Fixed format string bugs in all PO files.
* Removed Russian translation due to too many bugs. The FTP * Removed Russian translation due to too many bugs. The FTP
server has an unofficial but better translation in the contrib server has an unofficial but better translation in the contrib
@ -1064,7 +1067,7 @@ Noteworthy changes in version 1.0.5 (2001-04-29)
* Large File Support (LFS) is now working. * Large File Support (LFS) is now working.
* New options: --ignore-crc-error, --no-sig-create-check, * New options: --ignore-crc-error, --no-sig-create-check,
--no-sig-cache, --fixed-list-mode, --no-expensive-trust-checks, --no-sig-cache, --fixed-list-mode, --no-expensive-trust-checks,
--enable-special-filenames and --use-agent. See man page. --enable-special-filenames and --use-agent. See man page.
@ -1122,19 +1125,19 @@ Noteworthy changes in version 1.0.3 (2000-09-18)
* New configuration option --with-egd-socket. * New configuration option --with-egd-socket.
* The --trusted-key option is back after it left us with 0.9.5 * The --trusted-key option is back after it left us with 0.9.5
* RSA is supported. Key generation does not yet work but will come * RSA is supported. Key generation does not yet work but will come
soon. soon.
* CAST5 and SHA-1 are now the default algorithms to protect the key * CAST5 and SHA-1 are now the default algorithms to protect the key
and for symmetric-only encryption. This should solve a couple and for symmetric-only encryption. This should solve a couple
of compatibility problems because the old algorithms are optional of compatibility problems because the old algorithms are optional
according to RFC2440 according to RFC2440
* Twofish and MDC enhanced encryption is now used. PGP 7 supports * Twofish and MDC enhanced encryption is now used. PGP 7 supports
this. Older versions of GnuPG don't support it, so they should be this. Older versions of GnuPG don't support it, so they should be
upgraded to at least 1.0.2 upgraded to at least 1.0.2
Noteworthy changes in version 1.0.2 (2000-07-12) Noteworthy changes in version 1.0.2 (2000-07-12)
---------------------------------------------- ----------------------------------------------

54
g10/getkey.c
View File

@ -738,14 +738,54 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
} }
mode = KEYDB_SEARCH_MODE_FPR20; mode = KEYDB_SEARCH_MODE_FPR20;
} }
else { else if (!hexprefix) {
if (hexprefix) /* This was a hex number with a prefix */ /* No hex indicator; check for a space separated
return 0; /* and a wrong length */ OpenPGP v4 fingerprint like:
8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367
or
8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367
*/
mode = 0;
hexlength = strspn (s, " 0123456789abcdefABCDEF");
if (s[hexlength] && s[hexlength] != ' ')
hexlength = 0; /* Followed by non-space. */
while (hexlength && s[hexlength-1] == ' ')
hexlength--; /* Trim trailing spaces. */
if ((hexlength == 49 || hexlength == 50)
&& (!s[hexlength] || s[hexlength] == ' ')) {
int i, c;
desc->exact = 0; for (i=0; i < 20; i++) {
desc->u.name = s; if (i && !(i % 2)) {
mode = KEYDB_SEARCH_MODE_SUBSTR; /* default mode */ if (*s != ' ')
} break;
s++;
/* Skip the double space in the middle but
don't require it to help copying
fingerprints from sources which fold
multiple space to one. */
if (i == 10 && *s == ' ')
s++;
}
c = hextobyte(s);
if (c == -1)
break;
desc->u.fpr[i] = c;
s += 2;
}
if (i == 20)
mode = KEYDB_SEARCH_MODE_FPR20;
}
if (!mode) {
desc->exact = 0;
desc->u.name = s;
mode = KEYDB_SEARCH_MODE_SUBSTR; /* default mode */
}
}
else /* This was a hex number with a prefix */
return 0; /* and a wrong length */
} }
desc->mode = mode; desc->mode = mode;