From: Jonathan McDowell <noodles@earth.li>
Date: Thu, 5 Sep 2019 13:06:44 +0000 (+0100)
Subject: Remove v5 keyid support when libnettle not present
X-Git-Tag: onak-0.6.0~15
X-Git-Url: https://the.earth.li/gitweb/?p=onak.git;a=commitdiff_plain;h=52f5de3b2bfc272187772b03b3bcb8e069626b51

Remove v5 keyid support when libnettle not present

v5 key fingerprints are SHA256 based. We have fallbacks for MD5 + SHA1
when libnettle is not present, but there's no intent to provide a SHA256
fallback, and we're close to the point where support for building
without libnettle will be removed entirely.
---

diff --git a/keyid.c b/keyid.c
index d03d47a..6c789fd 100644
--- a/keyid.c
+++ b/keyid.c
@@ -87,7 +87,9 @@ onak_status_t get_keyid(struct openpgp_publickey *publickey, uint64_t *keyid)
 onak_status_t get_fingerprint(struct openpgp_packet *packet,
 	struct openpgp_fingerprint *fingerprint)
 {
+#ifdef HAVE_NETTLE
 	struct sha256_ctx sha2_ctx;
+#endif
 	struct sha1_ctx sha_ctx;
 	struct md5_ctx md5_context;
 	unsigned char c;
@@ -136,6 +138,7 @@ onak_status_t get_fingerprint(struct openpgp_packet *packet,
 		sha1_digest(&sha_ctx, fingerprint->length, fingerprint->fp);
 
 		break;
+#ifdef HAVE_NETTLE
 	case 5:
 		sha256_init(&sha2_ctx);
 		/* RFC4880bis 12.2 */
@@ -155,6 +158,7 @@ onak_status_t get_fingerprint(struct openpgp_packet *packet,
 		sha256_digest(&sha2_ctx, fingerprint->length, fingerprint->fp);
 
 		break;
+#endif
 	default:
 		return ONAK_E_UNKNOWN_VER;
 	}