[PATCH] gpg: print unknown key IDs in their entirety

Yuya Nishihara yuya at tcha.org
Sun Feb 11 19:21:06 EST 2018


On Sun, 11 Feb 2018 18:59:00 -0500, Josef 'Jeff' Sipek wrote:
> # HG changeset patch
> # User Josef 'Jeff' Sipek <jeffpc at josefsipek.net>
> # Date 1518391957 18000
> #      Sun Feb 11 18:32:37 2018 -0500
> # Node ID 0c3e67adde02590c1d8882ba7050d19ff41ba7ff
> # Parent  f91b7f26c68ac87961aa6ef883ba96e5a2822ad3
> gpg: print unknown key IDs in their entirety
> 
> Shortening the key is nice in theory but it results in ambiguity which can
> be exploited.  Therefore, when encountering an unknown key ID we should
> print the whole ID returned by gpg.  This may or may not be the whole key,
> however it will match the user preference set in gpg configuration.
> 
> Furthermore, the key ID shortening had a couple of issues:
> 
> (1) it truncated the key ID (dropping the last digit and outputting only 15
>     hex digits) making it very hard to find the correct key on a key server
> 
> (2) since only 15 digits were fed into shortkey(), it always emitted the
>     ui.debug() warning

There seemed no practical reason we had to shorten an unknown key.
Queued, thanks.


More information about the Mercurial-devel mailing list