Mercurial > hg
changeset 36034:f3d8f61c425d
gpg: print unknown key IDs in their entirety
Shortening the key is nice in theory but it results in ambiguity which can
be exploited. Therefore, when encountering an unknown key ID we should
print the whole ID returned by gpg. This may or may not be the whole key,
however it will match the user preference set in gpg configuration.
Furthermore, the key ID shortening had a couple of issues:
(1) it truncated the key ID (dropping the last digit and outputting only 15
hex digits) making it very hard to find the correct key on a key server
(2) since only 15 digits were fed into shortkey(), it always emitted the
ui.debug() warning
author | Josef 'Jeff' Sipek <jeffpc@josefsipek.net> |
---|---|
date | Sun, 11 Feb 2018 18:32:37 -0500 |
parents | dae84ccebc57 |
children | 95791b275b73 |
files | hgext/gpg.py |
diffstat | 1 files changed, 1 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/hgext/gpg.py Sun Feb 11 14:35:35 2018 +0100 +++ b/hgext/gpg.py Sun Feb 11 18:32:37 2018 -0500 @@ -153,8 +153,7 @@ # warn for expired key and/or sigs for key in keys: if key[0] == "ERRSIG": - ui.write(_("%s Unknown key ID \"%s\"\n") - % (prefix, shortkey(ui, key[1][:15]))) + ui.write(_("%s Unknown key ID \"%s\"\n") % (prefix, key[1])) continue if key[0] == "BADSIG": ui.write(_("%s Bad signature from \"%s\"\n") % (prefix, key[2])) @@ -320,13 +319,6 @@ except ValueError as inst: raise error.Abort(str(inst)) -def shortkey(ui, key): - if len(key) != 16: - ui.debug("key ID \"%s\" format error\n" % key) - return key - - return key[-8:] - def node2txt(repo, node, ver): """map a manifest into some text""" if ver == "0":