gpg: Make trusted-key override for Tofu robust against swapped tofu.db.
authorWerner Koch <wk@gnupg.org>
Fri, 13 Nov 2015 15:09:01 +0000 (16:09 +0100)
committerWerner Koch <wk@gnupg.org>
Fri, 13 Nov 2015 15:09:30 +0000 (16:09 +0100)
commit7de8376430625c1f6f3a58ae16276deca8ff6a82
treebfd54102034ea5c436a2c1222ee9e5bd15941f5d
parent7e59fb21f728b5f54468cd35b1415a2f86003d4f
gpg: Make trusted-key override for Tofu robust against swapped tofu.db.

* g10/tofu.c (get_trust): For the UTK check lookup the key by
fingerprint.
--

Extracting the keyid form the fingerprint is not a good idea because
that only works for v4 keys.  It is also better to first read the key
and then extract the keyid from the actual available key.

The entire trusted-key stuff should be reworked to make use of
fingerprints.

Signed-off-by: Werner Koch <wk@gnupg.org>
g10/tofu.c