From df531848a9618131921d584baba81c128f94de68 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 6 Aug 2020 19:24:49 +0900 Subject: [PATCH] kbx: Support v5key for short kid and long kid. * kbx/keybox-search.c (has_short_kid): Support v5key. (has_long_kid): Likewise. GnuPG-bug-id: 5000 Signed-off-by: NIIBE Yutaka --- kbx/keybox-search.c | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c index e1e1d0410..67862a376 100644 --- a/kbx/keybox-search.c +++ b/kbx/keybox-search.c @@ -685,18 +685,44 @@ blob_x509_has_grip (KEYBOXBLOB blob, const unsigned char *grip) static inline int has_short_kid (KEYBOXBLOB blob, u32 lkid) { + const unsigned char *buffer; + size_t length; + int fpr32; unsigned char buf[4]; + + buffer = _keybox_get_blob_image (blob, &length); + if (length < 48) + return 0; /* blob too short */ + fpr32 = buffer[5] == 2; + if (fpr32 && length < 56) + return 0; /* blob to short */ + buf[0] = lkid >> 24; buf[1] = lkid >> 16; buf[2] = lkid >> 8; buf[3] = lkid; - return blob_cmp_fpr_part (blob, buf, 16, 4); + + if (fpr32) + return blob_cmp_fpr_part (blob, buf, 0, 4); + else + return blob_cmp_fpr_part (blob, buf, 16, 4); } static inline int has_long_kid (KEYBOXBLOB blob, u32 mkid, u32 lkid) { + const unsigned char *buffer; + size_t length; + int fpr32; unsigned char buf[8]; + + buffer = _keybox_get_blob_image (blob, &length); + if (length < 48) + return 0; /* blob too short */ + fpr32 = buffer[5] == 2; + if (fpr32 && length < 56) + return 0; /* blob to short */ + buf[0] = mkid >> 24; buf[1] = mkid >> 16; buf[2] = mkid >> 8; @@ -705,7 +731,11 @@ has_long_kid (KEYBOXBLOB blob, u32 mkid, u32 lkid) buf[5] = lkid >> 16; buf[6] = lkid >> 8; buf[7] = lkid; - return blob_cmp_fpr_part (blob, buf, 12, 8); + + if (fpr32) + return blob_cmp_fpr_part (blob, buf, 0, 8); + else + return blob_cmp_fpr_part (blob, buf, 12, 8); } static inline int