pgp_netpgp : usr fpr, not keyID, in key revocation as well.
authorEdouard Tisserant
Thu, 24 Mar 2016 12:01:18 +0100
changeset 522c899b2ea1884
parent 521 db973ec1cd0c
child 524 465eaf414405
pgp_netpgp : usr fpr, not keyID, in key revocation as well.
src/pgp_netpgp.c
     1.1 --- a/src/pgp_netpgp.c	Wed Mar 23 17:03:17 2016 +0100
     1.2 +++ b/src/pgp_netpgp.c	Thu Mar 24 12:01:18 2016 +0100
     1.3 @@ -1530,7 +1530,7 @@
     1.4          goto unlock_netpgp;
     1.5      }
     1.6  
     1.7 -
     1.8 +    // FIXME : renew in a more gentle way
     1.9      if (!pgp_add_selfsigned_userid(skey, pkey, primid, duration))
    1.10      {
    1.11          status = PEP_CANNOT_CREATE_KEY;
    1.12 @@ -1554,49 +1554,53 @@
    1.13  
    1.14  PEP_STATUS pgp_revoke_key(
    1.15          PEP_SESSION session,
    1.16 -        const char *keyidstr,
    1.17 +        const char *fprstr,
    1.18          const char *reason
    1.19      )
    1.20  {
    1.21      pgp_key_t *pkey;
    1.22      pgp_key_t *skey;
    1.23 -    uint8_t keyid[PGP_KEY_ID_SIZE];
    1.24 +    uint8_t fpr[PGP_FINGERPRINT_SIZE];
    1.25 +    size_t length;
    1.26      unsigned from = 0;
    1.27  
    1.28      PEP_STATUS status = PEP_STATUS_OK;
    1.29  
    1.30      assert(session);
    1.31 -    assert(keyidstr);
    1.32 -    assert(reason);
    1.33 +    assert(fprstr);
    1.34  
    1.35 -    if (!session || !keyidstr || !reason )
    1.36 +    if (!session || !fprstr)
    1.37          return PEP_UNKNOWN_ERROR;
    1.38  
    1.39      if(pthread_mutex_lock(&netpgp_mutex)){
    1.40          return PEP_UNKNOWN_ERROR;
    1.41      }
    1.42  
    1.43 -    if(!str_to_id(keyid, keyidstr))
    1.44 -    {
    1.45 +    // FIXME : deduplicate that code w/ renew
    1.46 +    if (!str_to_fpr(fprstr, fpr, &length)) {
    1.47          status = PEP_ILLEGAL_VALUE;
    1.48          goto unlock_netpgp;
    1.49      }
    1.50 -
    1.51 -    pkey = pgp_getkeybyid(netpgp.io, netpgp.pubring, 
    1.52 -             keyid, &from, NULL, NULL, 
    1.53 -             1, 0); /* reject (already) revoked, accept expired */
    1.54 -
    1.55 +    
    1.56 +    pkey = pgp_getkeybyfpr(
    1.57 +                           netpgp.io,
    1.58 +                           netpgp.pubring,
    1.59 +                           fpr, length, &from, NULL,
    1.60 +                           1, 0); /* reject revoked, accept expired */
    1.61 +    
    1.62      if(pkey == NULL)
    1.63      {
    1.64          status = PEP_KEY_NOT_FOUND;
    1.65          goto unlock_netpgp;
    1.66      }
    1.67 -
    1.68 +    
    1.69      from = 0;
    1.70 -    skey = pgp_getkeybyid(netpgp.io, netpgp.secring, 
    1.71 -             keyid, &from, NULL, NULL, 
    1.72 -             1, 0); /* reject (already) revoked, accept expired */
    1.73 -
    1.74 +    skey = pgp_getkeybyfpr(
    1.75 +                           netpgp.io,
    1.76 +                           netpgp.secring,
    1.77 +                           fpr, length, &from, NULL,
    1.78 +                           1, 0); /* reject revoked, accept expired */
    1.79 +    
    1.80      if(skey == NULL)
    1.81      {
    1.82          status = PEP_KEY_NOT_FOUND;