From 52f5de3b2bfc272187772b03b3bcb8e069626b51 Mon Sep 17 00:00:00 2001 From: Jonathan McDowell Date: Thu, 5 Sep 2019 14:06:44 +0100 Subject: [PATCH] Remove v5 keyid support when libnettle not present v5 key fingerprints are SHA256 based. We have fallbacks for MD5 + SHA1 when libnettle is not present, but there's no intent to provide a SHA256 fallback, and we're close to the point where support for building without libnettle will be removed entirely. --- keyid.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/keyid.c b/keyid.c index d03d47a..6c789fd 100644 --- a/keyid.c +++ b/keyid.c @@ -87,7 +87,9 @@ onak_status_t get_keyid(struct openpgp_publickey *publickey, uint64_t *keyid) onak_status_t get_fingerprint(struct openpgp_packet *packet, struct openpgp_fingerprint *fingerprint) { +#ifdef HAVE_NETTLE struct sha256_ctx sha2_ctx; +#endif struct sha1_ctx sha_ctx; struct md5_ctx md5_context; unsigned char c; @@ -136,6 +138,7 @@ onak_status_t get_fingerprint(struct openpgp_packet *packet, sha1_digest(&sha_ctx, fingerprint->length, fingerprint->fp); break; +#ifdef HAVE_NETTLE case 5: sha256_init(&sha2_ctx); /* RFC4880bis 12.2 */ @@ -155,6 +158,7 @@ onak_status_t get_fingerprint(struct openpgp_packet *packet, sha256_digest(&sha2_ctx, fingerprint->length, fingerprint->fp); break; +#endif default: return ONAK_E_UNKNOWN_VER; } -- 2.39.5