From b0a368248e289b6f3d20fb4a7eeef9693f6c0126 Mon Sep 17 00:00:00 2001 From: "Neal H. Walfield" Date: Mon, 1 Apr 2019 19:34:19 +0200 Subject: openpgp: Avoid key.fingerprint.to_keyid() - Instead of using key.fingerprint.to_keyid(), use key.keyid(). --- openpgp/examples/decrypt-with.rs | 3 +-- openpgp/examples/web-of-trust.rs | 2 +- openpgp/src/packet/signature/mod.rs | 2 +- openpgp/src/parse/stream.rs | 9 ++++----- openpgp/src/serialize/stream.rs | 2 +- openpgp/src/tpk/builder.rs | 2 +- openpgp/src/tpk/mod.rs | 32 +++++++++++++++++++------------- openpgp/src/tsk.rs | 8 ++++---- 8 files changed, 32 insertions(+), 28 deletions(-) (limited to 'openpgp') diff --git a/openpgp/examples/decrypt-with.rs b/openpgp/examples/decrypt-with.rs index 3d6118f0..3828e47f 100644 --- a/openpgp/examples/decrypt-with.rs +++ b/openpgp/examples/decrypt-with.rs @@ -63,8 +63,7 @@ impl Helper { { // This only works for unencrypted secret keys. if let Ok(keypair) = key.clone().into_keypair() { - keys.insert(key.fingerprint().to_keyid(), - keypair); + keys.insert(key.keyid(), keypair); } } } diff --git a/openpgp/examples/web-of-trust.rs b/openpgp/examples/web-of-trust.rs index eee9fffa..bfdd1558 100644 --- a/openpgp/examples/web-of-trust.rs +++ b/openpgp/examples/web-of-trust.rs @@ -36,7 +36,7 @@ fn main() { for tpk in parser { match tpk { Ok(tpk) => { - let keyid = tpk.fingerprint().to_keyid(); + let keyid = tpk.keyid(); for uidb in tpk.userids() { for tps in uidb.certifications() { if let Some(issuer) = tps.get_issuer() { diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs index e9a02490..cb7cc0e1 100644 --- a/openpgp/src/packet/signature/mod.rs +++ b/openpgp/src/packet/signature/mod.rs @@ -1047,7 +1047,7 @@ mod test { let sig = Builder::new(SignatureType::Binary) .set_signature_creation_time(time::now()).unwrap() .set_issuer_fingerprint(key.fingerprint()).unwrap() - .set_issuer(key.fingerprint().to_keyid()).unwrap() + .set_issuer(key.keyid()).unwrap() .sign_message( &mut KeyPair::new(key.clone(), mpis.clone()).unwrap(), HashAlgorithm::SHA512, msg).unwrap(); diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 419d18f1..b7819cbd 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -286,13 +286,13 @@ impl<'a, H: VerificationHelper> Verifier<'a, H> { if can_sign(tpk.primary(), tpk.primary_key_signature()) { - v.keys.insert(tpk.fingerprint().to_keyid(), (i, 0)); + v.keys.insert(tpk.keyid(), (i, 0)); } for (j, skb) in tpk.subkeys().enumerate() { let key = skb.subkey(); if can_sign(key, skb.binding_signature()) { - v.keys.insert(key.fingerprint().to_keyid(), + v.keys.insert(key.keyid(), (i, j + 1)); } } @@ -988,14 +988,13 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { if can_sign(tpk.primary(), tpk.primary_key_signature()) { - v.keys.insert(tpk.fingerprint().to_keyid(), (i, 0)); + v.keys.insert(tpk.keyid(), (i, 0)); } for (j, skb) in tpk.subkeys().enumerate() { let key = skb.subkey(); if can_sign(key, skb.binding_signature()) { - v.keys.insert(key.fingerprint().to_keyid(), - (i, j + 1)); + v.keys.insert(key.keyid(), (i, j + 1)); } } } diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index 0f513784..5bafbb55 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -379,7 +379,7 @@ impl<'a> Signer<'a> { let mut ops = OnePassSig3::new(SignatureType::Binary); ops.set_pk_algo(key.pk_algo()); ops.set_hash_algo(hash_algo); - ops.set_issuer(key.fingerprint().to_keyid()); + ops.set_issuer(key.keyid()); ops.set_last(i == signers.len() - 1); ops.serialize(&mut inner)?; } diff --git a/openpgp/src/tpk/builder.rs b/openpgp/src/tpk/builder.rs index 515d987a..40ee1ab1 100644 --- a/openpgp/src/tpk/builder.rs +++ b/openpgp/src/tpk/builder.rs @@ -274,7 +274,7 @@ impl TPKBuilder { .set_signature_creation_time(time::now().canonicalize())? .set_key_expiration_time(Some(time::Duration::weeks(3 * 52)))? .set_issuer_fingerprint(key.fingerprint())? - .set_issuer(key.fingerprint().to_keyid())? + .set_issuer(key.keyid())? .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512])?; let mut signer = key.clone().into_keypair() diff --git a/openpgp/src/tpk/mod.rs b/openpgp/src/tpk/mod.rs index e442c4e8..992ff724 100644 --- a/openpgp/src/tpk/mod.rs +++ b/openpgp/src/tpk/mod.rs @@ -29,6 +29,7 @@ use { Packet, PacketPile, TPK, + KeyID, Fingerprint, TSK, }; @@ -533,7 +534,7 @@ impl SubkeyBinding { .set_signature_creation_time(time::now().canonicalize())? .set_key_expiration_time(Some(time::Duration::weeks(3 * 52)))? .set_issuer_fingerprint(signer.public().fingerprint())? - .set_issuer(signer.public().fingerprint().to_keyid())? + .set_issuer(signer.public().keyid())? .sign_subkey_binding(signer, primary_key, &subkey, HashAlgorithm::SHA512)?; @@ -653,7 +654,7 @@ impl UserIDBinding { .set_signature_creation_time(time::now().canonicalize())? .set_key_expiration_time(Some(time::Duration::weeks(3 * 52)))? .set_issuer_fingerprint(signer.public().fingerprint())? - .set_issuer(signer.public().fingerprint().to_keyid())? + .set_issuer(signer.public().keyid())? .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512])? .sign_userid_binding(signer, key, &uid, HashAlgorithm::SHA512)?; @@ -1416,7 +1417,8 @@ impl<'a, I: Iterator> TPKParser<'a, I> { Some(tpk) }).and_then(|mut tpk| { - fn split_sigs(primary: &Fingerprint, sigs: Vec) + fn split_sigs(primary: &Fingerprint, primary_keyid: &KeyID, + sigs: Vec) -> (Vec, Vec, Vec, Vec) { @@ -1425,8 +1427,6 @@ impl<'a, I: Iterator> TPKParser<'a, I> { let mut self_revs = vec![]; let mut other_revs = vec![]; - let primary_keyid = primary.to_keyid(); - for sig in sigs.into_iter() { match sig { Signature::V4(sig) => { @@ -1437,7 +1437,7 @@ impl<'a, I: Iterator> TPKParser<'a, I> { .map(|fp| fp == *primary) .unwrap_or(false) || sig.issuer() - .map(|keyid| keyid == primary_keyid) + .map(|keyid| keyid == *primary_keyid) .unwrap_or(false); use self::SignatureType::*; @@ -1465,13 +1465,14 @@ impl<'a, I: Iterator> TPKParser<'a, I> { } let primary_fp = tpk.primary().fingerprint(); + let primary_keyid = primary_fp.to_keyid(); // The parser puts all of the signatures on the // certifications field. Split them now. let (selfsigs, certifications, self_revs, other_revs) = split_sigs( - &primary_fp, + &primary_fp, &primary_keyid, mem::replace(&mut tpk.primary_certifications, vec![])); tpk.primary_selfsigs = selfsigs; tpk.primary_certifications = certifications; @@ -1480,7 +1481,7 @@ impl<'a, I: Iterator> TPKParser<'a, I> { for mut b in tpk.userids.iter_mut() { let (selfsigs, certifications, self_revs, other_revs) - = split_sigs(&primary_fp, + = split_sigs(&primary_fp, &primary_keyid, mem::replace(&mut b.certifications, vec![])); b.selfsigs = selfsigs; b.certifications = certifications; @@ -1489,7 +1490,7 @@ impl<'a, I: Iterator> TPKParser<'a, I> { } for mut b in tpk.user_attributes.iter_mut() { let (selfsigs, certifications, self_revs, other_revs) - = split_sigs(&primary_fp, + = split_sigs(&primary_fp, &primary_keyid, mem::replace(&mut b.certifications, vec![])); b.selfsigs = selfsigs; b.certifications = certifications; @@ -1498,7 +1499,7 @@ impl<'a, I: Iterator> TPKParser<'a, I> { } for mut b in tpk.subkeys.iter_mut() { let (selfsigs, certifications, self_revs, other_revs) - = split_sigs(&primary_fp, + = split_sigs(&primary_fp, &primary_keyid, mem::replace(&mut b.certifications, vec![])); b.selfsigs = selfsigs; b.certifications = certifications; @@ -2706,6 +2707,11 @@ impl TPK { self.primary().fingerprint() } + /// Returns the TPK's keyid. + pub fn keyid(&self) -> KeyID { + self.primary().keyid() + } + /// Converts the TPK into a sequence of packets. /// /// This method discards an invalid components and bad signatures. @@ -3831,7 +3837,7 @@ mod test { .set_signature_creation_time(t1).unwrap() .set_key_expiration_time(Some(time::Duration::weeks(10 * 52))).unwrap() .set_issuer_fingerprint(key.fingerprint()).unwrap() - .set_issuer(key.fingerprint().to_keyid()).unwrap() + .set_issuer(key.keyid()).unwrap() .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512]).unwrap() .sign_primary_key_binding( &mut KeyPair::new(key.clone(), mpis.clone()).unwrap(), @@ -3840,7 +3846,7 @@ mod test { let rev = signature::Builder::new(SignatureType::KeyRevocation) .set_signature_creation_time(t2).unwrap() .set_issuer_fingerprint(key.fingerprint()).unwrap() - .set_issuer(key.fingerprint().to_keyid()).unwrap() + .set_issuer(key.keyid()).unwrap() .sign_primary_key_binding( &mut KeyPair::new(key.clone(), mpis.clone()).unwrap(), HashAlgorithm::SHA512).unwrap(); @@ -3851,7 +3857,7 @@ mod test { .set_signature_creation_time(t3).unwrap() .set_key_expiration_time(Some(time::Duration::weeks(10 * 52))).unwrap() .set_issuer_fingerprint(key.fingerprint()).unwrap() - .set_issuer(key.fingerprint().to_keyid()).unwrap() + .set_issuer(key.keyid()).unwrap() .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512]).unwrap() .sign_primary_key_binding( &mut KeyPair::new(key.clone(), mpis.clone()).unwrap(), diff --git a/openpgp/src/tsk.rs b/openpgp/src/tsk.rs index dcd6c496..0a632744 100644 --- a/openpgp/src/tsk.rs +++ b/openpgp/src/tsk.rs @@ -173,7 +173,7 @@ impl TSK { Some(&SecretKey::Unencrypted{ ref mpis }) => { builder .set_issuer_fingerprint(my_key.fingerprint())? - .set_issuer(my_key.fingerprint().to_keyid())? + .set_issuer(my_key.keyid())? .sign_userid_binding( &mut KeyPair::new((*my_key).clone(), mpis.clone())?, @@ -210,7 +210,7 @@ impl TSK { signature::Builder::new(SignatureType::GenericCertificate) .set_signature_creation_time(time::now())? .set_issuer_fingerprint(my_key.fingerprint())? - .set_issuer(my_key.fingerprint().to_keyid())? + .set_issuer(my_key.keyid())? .sign_user_attribute_binding( &mut pair, userattr, @@ -244,7 +244,7 @@ impl TSK { .set_signature_creation_time(time::now().canonicalize())? .set_key_expiration_time(Some(time::Duration::weeks(3 * 52)))? .set_issuer_fingerprint(prim.fingerprint())? - .set_issuer(prim.fingerprint().to_keyid())?; + .set_issuer(prim.keyid())?; if flags.can_encrypt_for_transport() || flags.can_encrypt_at_rest() { @@ -271,7 +271,7 @@ impl TSK { signature::Builder::new(SignatureType::PrimaryKeyBinding) .set_signature_creation_time(time::now().canonicalize())? .set_issuer_fingerprint(subkey.fingerprint())? - .set_issuer(subkey.fingerprint().to_keyid())? + .set_issuer(subkey.keyid())? .sign_subkey_binding( &mut KeyPair::new(subkey.clone(), mpis.clone())?, prim, &subkey, HashAlgorithm::SHA512)? -- cgit v1.2.3