rename fingerprint struct field. no longer exposed to users, but since it's

not technically a fingerprint as others understand the term, pick another.
now it's a keynum!
after an email from Florian Weimer

diff --git a/usr.bin/signify/signify.c b/usr.bin/signify/signify.c
index f8faad5..d4dc52d 100644 (file)
--- a/usr.bin/signify/signify.c
+++ b/usr.bin/signify/signify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: signify.c,v 1.93 2014/12/29 14:16:04 tedu Exp $ */
+/* $OpenBSD: signify.c,v 1.94 2014/12/29 14:23:17 tedu Exp $ */
 /*
  * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
  *
@@ -42,7 +42,7 @@
 
 #define PKALG "Ed"
 #define KDFALG "BK"
-#define FPLEN 8
+#define KEYNUMLEN 8
 
 #define COMMENTHDR "untrusted comment: "
 #define COMMENTHDRLEN 19
@@ -55,19 +55,19 @@ struct enckey {
        uint32_t kdfrounds;
        uint8_t salt[16];
        uint8_t checksum[8];
-       uint8_t fingerprint[FPLEN];
+       uint8_t keynum[KEYNUMLEN];
        uint8_t seckey[SECRETBYTES];
 };
 
 struct pubkey {
        uint8_t pkalg[2];
-       uint8_t fingerprint[FPLEN];
+       uint8_t keynum[KEYNUMLEN];
        uint8_t pubkey[PUBLICBYTES];
 };
 
 struct sig {
        uint8_t pkalg[2];
-       uint8_t fingerprint[FPLEN];
+       uint8_t keynum[KEYNUMLEN];
        uint8_t sig[SIGBYTES];
 };
 
@@ -299,13 +299,13 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds,
        struct pubkey pubkey;
        struct enckey enckey;
        uint8_t xorkey[sizeof(enckey.seckey)];
-       uint8_t fingerprint[FPLEN];
+       uint8_t keynum[KEYNUMLEN];
        char commentbuf[COMMENTMAXLEN];
        SHA2_CTX ctx;
        int i, nr;
 
        crypto_sign_ed25519_keypair(pubkey.pubkey, enckey.seckey);
-       arc4random_buf(fingerprint, sizeof(fingerprint));
+       arc4random_buf(keynum, sizeof(keynum));
 
        SHA512Init(&ctx);
        SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey));
@@ -314,7 +314,7 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds,
        memcpy(enckey.pkalg, PKALG, 2);
        memcpy(enckey.kdfalg, KDFALG, 2);
        enckey.kdfrounds = htonl(rounds);
-       memcpy(enckey.fingerprint, fingerprint, FPLEN);
+       memcpy(enckey.keynum, keynum, KEYNUMLEN);
        arc4random_buf(enckey.salt, sizeof(enckey.salt));
        kdf(enckey.salt, sizeof(enckey.salt), rounds, 1, 1, xorkey, sizeof(xorkey));
        memcpy(enckey.checksum, digest, sizeof(enckey.checksum));
@@ -331,7 +331,7 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds,
        explicit_bzero(&enckey, sizeof(enckey));
 
        memcpy(pubkey.pkalg, PKALG, 2);
-       memcpy(pubkey.fingerprint, fingerprint, FPLEN);
+       memcpy(pubkey.keynum, keynum, KEYNUMLEN);
        if ((nr = snprintf(commentbuf, sizeof(commentbuf), "%s public key",
            comment)) == -1 || nr >= sizeof(commentbuf))
                errx(1, "comment too long");
@@ -374,7 +374,7 @@ sign(const char *seckeyfile, const char *msgfile, const char *sigfile,
        msg = readmsg(msgfile, &msglen);
 
        signmsg(enckey.seckey, msg, msglen, sig.sig);
-       memcpy(sig.fingerprint, enckey.fingerprint, FPLEN);
+       memcpy(sig.keynum, enckey.keynum, KEYNUMLEN);
        explicit_bzero(&enckey, sizeof(enckey));
 
        memcpy(sig.pkalg, PKALG, 2);
@@ -406,7 +406,7 @@ verifymsg(struct pubkey *pubkey, uint8_t *msg, unsigned long long msglen,
        uint8_t *sigbuf, *dummybuf;
        unsigned long long siglen, dummylen;
 
-       if (memcmp(pubkey->fingerprint, sig->fingerprint, FPLEN) != 0)
+       if (memcmp(pubkey->keynum, sig->keynum, KEYNUMLEN) != 0)
                errx(1, "verification failed: checked against wrong key");
 
        siglen = SIGBYTES + msglen;