From de51f1680d2a9a449639c2f32312fc1cba707a16 Mon Sep 17 00:00:00 2001 From: "Neal H. Walfield" Date: Wed, 24 Jan 2024 14:15:21 +0100 Subject: openpgp: Use KeyHandle::aliases to check for a fingerprint. - When checking of a list of issuers contains a fingerprint, use `KeyHandle::aliases`, don't search for the fingerprint, and then the key ID. --- openpgp/src/cert.rs | 7 ++----- openpgp/src/cert/parser/mod.rs | 18 +++++++----------- 2 files changed, 9 insertions(+), 16 deletions(-) (limited to 'openpgp') diff --git a/openpgp/src/cert.rs b/openpgp/src/cert.rs index 81a05c5d..f5579605 100644 --- a/openpgp/src/cert.rs +++ b/openpgp/src/cert.rs @@ -1794,7 +1794,6 @@ impl Cert { } let primary_fp: KeyHandle = self.key_handle(); - let primary_keyid = KeyHandle::KeyID(primary_fp.clone().into()); 'outer: for (unknown_idx, mut sig) in bad_sigs { // Did we find a new place for sig? @@ -1805,8 +1804,7 @@ impl Cert { sig.get_issuers(); let is_selfsig = issuers.is_empty() - || issuers.contains(&primary_fp) - || issuers.contains(&primary_keyid); + || issuers.iter().any(|kh| kh.aliases(&primary_fp)); macro_rules! check_one { ($desc:expr, $sigs:expr, $sig:expr, @@ -2091,9 +2089,8 @@ impl Cert { // Split signatures on unknown components. let primary_fp: KeyHandle = self.key_handle(); - let primary_keyid = KeyHandle::KeyID(primary_fp.clone().into()); for c in self.unknowns.iter_mut() { - parser::split_sigs(&primary_fp, &primary_keyid, c); + parser::split_sigs(&primary_fp, c); } // Sort again. We may have moved signatures to the right diff --git a/openpgp/src/cert/parser/mod.rs b/openpgp/src/cert/parser/mod.rs index e8963d94..ba39f993 100644 --- a/openpgp/src/cert/parser/mod.rs +++ b/openpgp/src/cert/parser/mod.rs @@ -883,21 +883,20 @@ impl<'a> CertParser<'a> { Some(cert) }).and_then(|mut cert| { let primary_fp: KeyHandle = cert.key_handle(); - let primary_keyid = KeyHandle::KeyID(primary_fp.clone().into()); // The parser puts all of the signatures on the // certifications field. Split them now. - split_sigs(&primary_fp, &primary_keyid, &mut cert.primary); + split_sigs(&primary_fp, &mut cert.primary); for b in cert.userids.iter_mut() { - split_sigs(&primary_fp, &primary_keyid, b); + split_sigs(&primary_fp, b); } for b in cert.user_attributes.iter_mut() { - split_sigs(&primary_fp, &primary_keyid, b); + split_sigs(&primary_fp, b); } for b in cert.subkeys.iter_mut() { - split_sigs(&primary_fp, &primary_keyid, b); + split_sigs(&primary_fp, b); } let cert = cert.canonicalize(); @@ -923,7 +922,7 @@ impl<'a> CertParser<'a> { /// Splits the signatures in b.certifications into the correct /// vectors. -pub(crate) fn split_sigs(primary: &KeyHandle, primary_keyid: &KeyHandle, +pub(crate) fn split_sigs(primary: &KeyHandle, b: &mut ComponentBundle) { let mut self_signatures = Vec::with_capacity(0); @@ -934,11 +933,8 @@ pub(crate) fn split_sigs(primary: &KeyHandle, primary_keyid: &KeyHandle, for sig in mem::replace(&mut b.certifications, Vec::with_capacity(0)) { let typ = sig.typ(); - let issuers = - sig.get_issuers(); - let is_selfsig = - issuers.contains(primary) - || issuers.contains(primary_keyid); + let issuers = sig.get_issuers(); + let is_selfsig = issuers.iter().any(|kh| kh.aliases(primary)); use crate::SignatureType::*; if typ == KeyRevocation -- cgit v1.2.3