From 52f5de3b2bfc272187772b03b3bcb8e069626b51 Mon Sep 17 00:00:00 2001
From: Jonathan McDowell <noodles@earth.li>
Date: Thu, 5 Sep 2019 14:06:44 +0100
Subject: [PATCH] Remove v5 keyid support when libnettle not present

v5 key fingerprints are SHA256 based. We have fallbacks for MD5 + SHA1
when libnettle is not present, but there's no intent to provide a SHA256
fallback, and we're close to the point where support for building
without libnettle will be removed entirely.
---
 keyid.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/keyid.c b/keyid.c
index d03d47a..6c789fd 100644
--- a/keyid.c
+++ b/keyid.c
@@ -87,7 +87,9 @@ onak_status_t get_keyid(struct openpgp_publickey *publickey, uint64_t *keyid)
 onak_status_t get_fingerprint(struct openpgp_packet *packet,
 	struct openpgp_fingerprint *fingerprint)
 {
+#ifdef HAVE_NETTLE
 	struct sha256_ctx sha2_ctx;
+#endif
 	struct sha1_ctx sha_ctx;
 	struct md5_ctx md5_context;
 	unsigned char c;
@@ -136,6 +138,7 @@ onak_status_t get_fingerprint(struct openpgp_packet *packet,
 		sha1_digest(&sha_ctx, fingerprint->length, fingerprint->fp);
 
 		break;
+#ifdef HAVE_NETTLE
 	case 5:
 		sha256_init(&sha2_ctx);
 		/* RFC4880bis 12.2 */
@@ -155,6 +158,7 @@ onak_status_t get_fingerprint(struct openpgp_packet *packet,
 		sha256_digest(&sha2_ctx, fingerprint->length, fingerprint->fp);
 
 		break;
+#endif
 	default:
 		return ONAK_E_UNKNOWN_VER;
 	}
-- 
2.39.2