diff options
| author | Nora Widdecke <nora@sequoia-pgp.org> | 2020-03-13 12:35:47 +0100 |
|---|---|---|
| committer | Nora Widdecke <nora@sequoia-pgp.org> | 2020-03-19 11:54:06 +0100 |
| commit | 4eb60d2d2f160542a21b102a4205a2be5aaeb459 (patch) | |
| tree | 666c2768e49a54ce8929017b9041ae04a1c3195c /openpgp | |
| parent | 27bb14f4145ed50ad474ef9e03116dd55138bc55 (diff) | |
openpgp: Put issuer and issuer_fingerprint subpackets in unhashed area.
- Fixes #364.
Diffstat (limited to 'openpgp')
| -rw-r--r-- | openpgp/src/packet/signature/subpacket.rs | 26 |
1 files changed, 4 insertions, 22 deletions
diff --git a/openpgp/src/packet/signature/subpacket.rs b/openpgp/src/packet/signature/subpacket.rs index cea702e6..84e53ab5 100644 --- a/openpgp/src/packet/signature/subpacket.rs +++ b/openpgp/src/packet/signature/subpacket.rs @@ -1138,12 +1138,6 @@ impl SubpacketArea { /// Returns the value of the Issuer subpacket, which contains the /// KeyID of the key that allegedly created this signature. /// - /// Note: for historical reasons this packet is usually stored in - /// the unhashed area of the signature and, consequently, it is - /// *not* protected by the signature. Thus, it is trivial to - /// modify it in transit. For this reason, the Issuer Fingerprint - /// subpacket should be preferred, when it is present. - /// /// If the subpacket is not present, this returns `None`. /// /// Note: if the signature contains multiple instances of this @@ -1480,10 +1474,7 @@ impl SubpacketArea { /// this signature. /// /// This subpacket should be preferred to the Issuer subpacket, - /// because Fingerprints are not subject to collisions, and the - /// Issuer subpacket is, for historic reasons, traditionally - /// stored in the unhashed area, i.e., it is not cryptographically - /// secured. + /// because Fingerprints are not subject to collisions. /// /// If the subpacket is not present, this returns `None`. /// @@ -1785,12 +1776,6 @@ impl SubpacketAreas { /// Returns the value of the Issuer subpacket, which contains the /// KeyID of the key that allegedly created this signature. /// - /// Note: for historical reasons this packet is usually stored in - /// the unhashed area of the signature and, consequently, it is - /// *not* protected by the signature. Thus, it is trivial to - /// modify it in transit. For this reason, the Issuer Fingerprint - /// subpacket should be preferred, when it is present. - /// /// If the subpacket is not present, this returns `None`. /// /// Note: if the signature contains multiple instances of this @@ -1838,10 +1823,7 @@ impl SubpacketAreas { /// this signature. /// /// This subpacket should be preferred to the Issuer subpacket, - /// because Fingerprints are not subject to collisions, and the - /// Issuer subpacket is, for historic reasons, traditionally - /// stored in the unhashed area, i.e., it is not cryptographically - /// secured. + /// because Fingerprints are not subject to collisions. /// /// If the subpacket is not present, this returns `None`. /// @@ -2083,7 +2065,7 @@ impl signature::Builder { /// Sets the value of the Issuer subpacket, which contains the /// KeyID of the key that allegedly created this signature. pub fn set_issuer(mut self, id: KeyID) -> Result<Self> { - self.hashed_area.replace(Subpacket::new( + self.unhashed_area.replace(Subpacket::new( SubpacketValue::Issuer(id), false)?)?; @@ -2313,7 +2295,7 @@ impl signature::Builder { /// contains the fingerprint of the key that allegedly created /// this signature. pub fn set_issuer_fingerprint(mut self, fp: Fingerprint) -> Result<Self> { - self.hashed_area.replace(Subpacket::new( + self.unhashed_area.replace(Subpacket::new( SubpacketValue::IssuerFingerprint(fp), false)?)?; |