gpg: use policy URI subpacket for marking our public keys

keybase.io does not support experimental/private subpacket IDs
8 years ago · c7346d621d
parent 0342b39465
commit c7346d621d
2 changed files with 6 additions and 2 deletions
--- a/trezor_agent/gpg/decode.py
+++ b/trezor_agent/gpg/decode.py
@ -127,7 +127,9 @@ def _parse_signature(stream):
        log.debug('embedded sigs: %s', embedded)
        p['embedded'] = embedded

-    p['_is_custom'] = (protocol.CUSTOM_SUBPACKET in p['unhashed_subpackets'])
+    # Detect our custom public keys by matching subpacket data
+    p['_is_custom'] = any(protocol.CUSTOM_KEY_LABEL == subpacket[1:]
+                          for subpacket in p['unhashed_subpackets'])

    p['hash_prefix'] = stream.readfmt('2s')
    if p['pubkey_alg'] in ECDSA_ALGO_IDS:
--- a/trezor_agent/gpg/protocol.py
+++ b/trezor_agent/gpg/protocol.py
@ -167,7 +167,9 @@ SUPPORTED_CURVES = {

 ECDH_ALGO_ID = 18

-CUSTOM_SUBPACKET = subpacket(100, b'TREZOR-GPG')  # marks "our" pubkey
+CUSTOM_KEY_LABEL = b'TREZOR-GPG'  # marks "our" pubkey
+CUSTOM_SUBPACKET_ID = 26  # use "policy URL" subpacket
+CUSTOM_SUBPACKET = subpacket(CUSTOM_SUBPACKET_ID, CUSTOM_KEY_LABEL)


 def get_curve_name_by_oid(oid):