I hit a bug at head recently because I had generated some ED448 subkeys of one of my keys. Looking up the public key block of the key id fails. It fails because the ED448 key has a 32 bit fingerprint and uses the first 64 bits as a long fingerprint. The lookup doesn't take this into account, because it assumes the same length of fingerprint for all subkeys beneath a key.
I've attached a patch that corrects the behavior when searching the keybox.
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 31ea0ba60..b85853615 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -289,6 +289,7 @@ blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr,
size_t pos, off;
size_t nkeys, keyinfolen;
int idx, fpr32, storedfprlen;
+ int key32, local_fproff;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
@@ -308,11 +309,21 @@ blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr,
{
off = pos + idx*keyinfolen;
if (fpr32)
- storedfprlen = (get16 (buffer + off + 32) & 0x80)? 32:20;
+ {
+ key32 = get16 (buffer + off + 32) & 0x80;
+ storedfprlen = key32 ? 32:20;
+ // This function is a helper for only this module. If the subkey uses
+ // a 32 bit fingerprint, override the passed fproff, as it should be 0
+ // no matter what the length is.
+ local_fproff = key32 ? 0 : fproff;
+ }
else
- storedfprlen = 20;
+ {
+ storedfprlen = 20;
+ local_fproff = fproff;
+ }
if ((fpr32 || storedfprlen == fproff + fprlen)
- && !memcmp (buffer + off + fproff, fpr, fprlen))
+ && !memcmp (buffer + off + local_fproff, fpr, fprlen))
return idx+1; /* found */
}
return 0; /* not found */
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
