diff options
author | Neal H. Walfield <neal@pep.foundation> | 2023-02-01 20:06:07 +0100 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2023-02-01 20:06:07 +0100 |
commit | 2a315e00392af7f9791bdfc454074d5bde66d88f (patch) | |
tree | 7dc32367cf58c4fad70c3db00570642c7541d4e9 | |
parent | fede660dffedd0c7732a15b9320f480bc6248f62 (diff) |
ipc: Fix the keybox parser
- The current implementation of the parser cuts off the last eight
bytes of the certificate data, based on the assumption that they are
a magic fingerprint.
- Additional research indicates that they are actually a valid
gpg-specific trust packet, and the trust packet is not always
present.
- Since Sequoia has no problem parsing and ignoring trust packets
from gpg, and the trust packets are not always there, simply
return the certificate data as is.
- Fixes #981.
-rw-r--r-- | ipc/src/keybox.rs | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/ipc/src/keybox.rs b/ipc/src/keybox.rs index 2df63db3..9a6cb725 100644 --- a/ipc/src/keybox.rs +++ b/ipc/src/keybox.rs @@ -348,16 +348,7 @@ impl OpenPGPRecordV1 { /// Ignores metadata and flags stored in the record, but /// checks the checksum. pub fn cert(&self) -> Result<Cert> { - // At the end of the data section, there are 8 bytes following - // the cert that I don't understand. - // In my samples, there are two versions: - // "0xb006_0000_6770_6700" and - // "0xb006_0003_6770_6700". - // Note that b"gpg" == 0x677067. Maybe some kind of salt? - // Anyway, ignore those bytes. - let (cert_data, _trailer) = &self - .data_section()? - .split_at(self.data_section()?.len() - 8); + let cert_data = &self.data_section()?; Cert::from_bytes(cert_data) } } |