Fixes in openpgp handshake with fingerprints. Reported by Joke de Buhr.

2 files changed, 10 insertions, 5 deletions

diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
index 5bcc5aca53..6c121b3acc 100644
--- a/lib/includes/gnutls/abstract.h
+++ b/lib/includes/gnutls/abstract.h
@@ -36,6 +36,13 @@ extern "C"
 
 /* Public key operations */
 
+#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1
+/* The following flag disables call to PIN callbacks etc.
+ * Only works for TPM keys.
+ */
+#define GNUTLS_PUBKEY_DISABLE_CALLBACKS (1<<2)
+#define GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT (1<<3)
+
 struct gnutls_pubkey_st;
 typedef struct gnutls_pubkey_st *gnutls_pubkey_t;
 
@@ -175,11 +182,6 @@ int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key);
 
 int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key);
 
-#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1
-/* The following flag disables call to PIN callbacks etc.
- * Only works for TPM keys.
- */
-#define GNUTLS_PUBKEY_DISABLE_CALLBACKS (1<<2)
 int
 gnutls_pubkey_verify_hash2 (gnutls_pubkey_t key, 
                             gnutls_sign_algorithm_t algo,
diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h
index bc6b3f13d4..e87e2d307f 100644
--- a/lib/includes/gnutls/openpgp.h
+++ b/lib/includes/gnutls/openpgp.h
@@ -52,6 +52,7 @@ extern "C"
   } gnutls_openpgp_crt_fmt_t;
 
 #define GNUTLS_OPENPGP_KEYID_SIZE 8
+#define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20
   typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
 
 /* gnutls_openpgp_cert_t should be defined in gnutls.h
@@ -310,6 +311,8 @@ extern "C"
  * fingerprint instead of a full key.  See also
  * gnutls_openpgp_set_recv_key_function().
  *
+ * The variable @key must be allocated using gnutls_malloc().
+ *
  * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
  *   otherwise an error code is returned.
  */