diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-02-15 17:20:08 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-04-04 13:18:41 +0200 |
commit | 0872a598315ff24a042f7f676f7fa21ec993fdc3 (patch) | |
tree | 02531031c95a1e420a6404dad65d8e3678dc5e5f | |
parent | 9857f917090b7a0b7bd303d35ebcce995761186b (diff) |
openpgp: Implement v6 key IDs.crypto-refresh-keyhandles
- v4 and v6 key IDs are both 8 octets in length, hence we cannot
distinguish them.
- Rename KeyID::V4 to KeyID::Long to reflect this. Handle aliasing
with v6 fingerprints.
-rw-r--r-- | openpgp/src/keyhandle.rs | 38 | ||||
-rw-r--r-- | openpgp/src/keyid.rs | 24 | ||||
-rw-r--r-- | openpgp/src/serialize.rs | 6 |
3 files changed, 49 insertions, 19 deletions
diff --git a/openpgp/src/keyhandle.rs b/openpgp/src/keyhandle.rs index b9456b2f..9ce528ba 100644 --- a/openpgp/src/keyhandle.rs +++ b/openpgp/src/keyhandle.rs @@ -253,14 +253,31 @@ impl KeyHandle { /// # = "0123 4567 8901 2345 6789 0123 AACB 3243 6300 52D9" /// # .parse::<Fingerprint>()?.into(); /// # + /// # let v6_fpr1 : KeyHandle + /// # = "AACB3243630052D9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + /// # .parse::<Fingerprint>()?.into(); + /// # + /// # let v6_fpr2 : KeyHandle + /// # = "AACB3243630052D9BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB" + /// # .parse::<Fingerprint>()?.into(); + /// # /// # let keyid : KeyHandle = "AACB 3243 6300 52D9".parse::<KeyID>()? /// # .into(); /// # - /// // fpr1 and fpr2 are different fingerprints with the same KeyID. + /// // fpr1 and fpr2 are different v4 fingerprints with the same KeyID. /// assert!(! fpr1.eq(&fpr2)); /// assert!(fpr1.aliases(&keyid)); /// assert!(fpr2.aliases(&keyid)); /// assert!(! fpr1.aliases(&fpr2)); + /// + /// // v6_fpr1 and v6_fpr2 are different v6 fingerprints with the same KeyID. + /// assert!(! v6_fpr1.eq(&v6_fpr2)); + /// assert!(v6_fpr1.aliases(&keyid)); + /// assert!(v6_fpr2.aliases(&keyid)); + /// assert!(! v6_fpr1.aliases(&v6_fpr2)); + /// + /// // And of course, v4 and v6 don't alias. + /// assert!(! fpr1.aliases(&v6_fpr1)); /// # Ok(()) } /// ``` pub fn aliases<H>(&self, other: H) -> bool @@ -272,14 +289,23 @@ impl KeyHandle { } else { match (self, other) { (KeyHandle::Fingerprint(Fingerprint::V4(f)), - KeyHandle::KeyID(KeyID::V4(i))) - | (KeyHandle::KeyID(KeyID::V4(i)), + KeyHandle::KeyID(KeyID::Long(i))) + | (KeyHandle::KeyID(KeyID::Long(i)), KeyHandle::Fingerprint(Fingerprint::V4(f))) => { // A v4 key ID are the 8 right-most octets of a v4 // fingerprint. &f[12..] == i }, + (KeyHandle::Fingerprint(Fingerprint::V6(f)), + KeyHandle::KeyID(KeyID::Long(i))) + | (KeyHandle::KeyID(KeyID::Long(i)), + KeyHandle::Fingerprint(Fingerprint::V6(f))) => + { + // A v6 key ID are the 8 left-most octets of a v4 + // fingerprint. + &f[..8] == i + }, _ => false, } } @@ -406,7 +432,7 @@ mod tests { let handle = KeyHandle::Fingerprint(Fingerprint::Invalid(Box::new([10, 2, 3, 4]))); assert_eq!(format!("{:X}", handle), "0A020304"); - let handle = KeyHandle::KeyID(KeyID::V4([10, 2, 3, 4, 5, 6, 7, 8])); + let handle = KeyHandle::KeyID(KeyID::Long([10, 2, 3, 4, 5, 6, 7, 8])); assert_eq!(format!("{:X}", handle), "0A02030405060708"); let handle = KeyHandle::KeyID(KeyID::Invalid(Box::new([10, 2]))); @@ -422,7 +448,7 @@ mod tests { let handle = KeyHandle::Fingerprint(Fingerprint::Invalid(Box::new([10, 2, 3, 4]))); assert_eq!(format!("{:x}", handle), "0a020304"); - let handle = KeyHandle::KeyID(KeyID::V4([10, 2, 3, 4, 5, 6, 7, 8])); + let handle = KeyHandle::KeyID(KeyID::Long([10, 2, 3, 4, 5, 6, 7, 8])); assert_eq!(format!("{:x}", handle), "0a02030405060708"); let handle = KeyHandle::KeyID(KeyID::Invalid(Box::new([10, 2]))); @@ -439,7 +465,7 @@ mod tests { 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23, 0x45, 0x67]); let handle: KeyHandle = "89AB CDEF 0123 4567".parse()?; - assert_match!(&KeyHandle::KeyID(KeyID::V4(_)) = &handle); + assert_match!(&KeyHandle::KeyID(KeyID::Long(_)) = &handle); assert_eq!(handle.as_bytes(), [0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23, 0x45, 0x67]); diff --git a/openpgp/src/keyid.rs b/openpgp/src/keyid.rs index 5bee3ff2..67bac458 100644 --- a/openpgp/src/keyid.rs +++ b/openpgp/src/keyid.rs @@ -59,8 +59,12 @@ use crate::Result; #[non_exhaustive] #[derive(PartialEq, Eq, PartialOrd, Ord, Clone, Hash)] pub enum KeyID { - /// Lower 8 byte SHA-1 hash. - V4([u8;8]), + /// A long (8 bytes) key ID. + /// + /// For v4, this is the right-most 8 bytes of the v4 fingerprint. + /// For v6, this is the left-most 8 bytes of the v6 fingerprint. + Long([u8; 8]), + /// Used for holding invalid keyids encountered during parsing /// e.g. wrong number of bytes. Invalid(Box<[u8]>), @@ -114,7 +118,7 @@ impl From<KeyID> for Vec<u8> { fn from(id: KeyID) -> Self { let mut r = Vec::with_capacity(8); match id { - KeyID::V4(ref b) => r.extend_from_slice(b), + KeyID::Long(ref b) => r.extend_from_slice(b), KeyID::Invalid(ref b) => r.extend_from_slice(b), } r @@ -139,7 +143,7 @@ impl From<&Fingerprint> for KeyID { Fingerprint::V4(fp) => KeyID::from_bytes(&fp[fp.len() - 8..]), Fingerprint::V6(fp) => - KeyID::Invalid(fp.iter().cloned().collect()), + KeyID::from_bytes(&fp[..8]), Fingerprint::Invalid(fp) => { KeyID::Invalid(fp.clone()) } @@ -153,7 +157,7 @@ impl From<Fingerprint> for KeyID { Fingerprint::V4(fp) => KeyID::from_bytes(&fp[fp.len() - 8..]), Fingerprint::V6(fp) => - KeyID::Invalid(fp.into()), + KeyID::from_bytes(&fp[..8]), Fingerprint::Invalid(fp) => { KeyID::Invalid(fp) } @@ -193,7 +197,7 @@ impl KeyID { /// ``` pub fn as_u64(&self) -> Result<u64> { match &self { - KeyID::V4(ref b) => + KeyID::Long(ref b) => Ok(u64::from_be_bytes(*b)), KeyID::Invalid(_) => Err(Error::InvalidArgument("Invalid KeyID".into()).into()), @@ -219,7 +223,7 @@ impl KeyID { if raw.len() == 8 { let mut keyid : [u8; 8] = Default::default(); keyid.copy_from_slice(raw); - KeyID::V4(keyid) + KeyID::Long(keyid) } else { KeyID::Invalid(raw.to_vec().into_boxed_slice()) } @@ -242,7 +246,7 @@ impl KeyID { /// ``` pub fn as_bytes(&self) -> &[u8] { match self { - KeyID::V4(ref id) => id, + KeyID::Long(ref id) => id, KeyID::Invalid(ref id) => id, } } @@ -385,11 +389,11 @@ impl KeyID { let pretty = f.alternate(); let raw = match self { - KeyID::V4(ref fp) => &fp[..], + KeyID::Long(ref fp) => &fp[..], KeyID::Invalid(ref fp) => &fp[..], }; - // We currently only handle V4 Key IDs, which look like: + // We currently only handle long Key IDs, which look like: // // AACB 3243 6300 52D9 // diff --git a/openpgp/src/serialize.rs b/openpgp/src/serialize.rs index cf57eb8b..ad2cc354 100644 --- a/openpgp/src/serialize.rs +++ b/openpgp/src/serialize.rs @@ -836,7 +836,7 @@ impl seal::Sealed for KeyID {} impl Marshal for KeyID { fn serialize(&self, o: &mut dyn std::io::Write) -> Result<()> { let raw = match self { - KeyID::V4(ref fp) => &fp[..], + KeyID::Long(ref fp) => &fp[..], KeyID::Invalid(ref fp) => &fp[..], }; o.write_all(raw)?; @@ -848,7 +848,7 @@ impl SerializeInto for KeyID {} impl MarshalInto for KeyID { fn serialized_len(&self) -> usize { match self { - KeyID::V4(_) => 8, + KeyID::Long(_) => 8, KeyID::Invalid(ref fp) => fp.len(), } } @@ -1696,7 +1696,7 @@ impl Marshal for Signature3 { .map(|sp| sp.value()) { match keyid { - KeyID::V4(bytes) => { + KeyID::Long(bytes) => { assert_eq!(bytes.len(), 8); o.write_all(&bytes[..])?; } |