search

jorgelbg / pinentry-touchid

Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.
Apache License 2.0
559 stars 27 forks source link

Allow for 18 chars long keys #16

Closed wojtodzio closed 2 years ago

wojtodzio commented 2 years ago

My key's ID has the following format: 0x123456789ABCDEF0 (I'm using rsa4096). When trying to use it with pinentry-touchid, it fails and prints Invalid keyID: 0x123456789ABCDEF0 to /tmp/pinentry-touchid.log. I added code allowing for 18-chars long keys and compiled it locally, and it works perfectly fine.

jorgelbg commented 2 years ago

Thanks for the PR @wojtodzio! I did a bit more of digging out of curiosity and I found out that this seems to be related to the keyid format:

--keyid-format {none|short|0xshort|long|0xlong}

Select how to display key IDs. "none" does not show the key ID at all but shows the fingerprint in a separate line. "short" is the traditional 8-character key ID. "long" is the more accurate (but less convenient) 16-character key ID. Add an "0x" to either to include an "0x" at the beginning of the key ID, as in 0x99242560. Note that this option is ignored if the option --with-colons is used.

I extended your solution in 9ae08b5523fe68409666462366b2f2048c511d89 to ignore the 0x prefix before validating the key id. Could you give it a try to see if it works with this commit? I was able to reproduce the issue that you found with:

❯ echo 1234 | /usr/local/bin/gpg --default-key $TESTKEY --keyid-format 0xshort -as -
wojtodzio commented 2 years ago

It does work! Sorry for the late response @jorgelbg, I recently switched to m1 mac and nix, and it took me a while to figure out how to properly use it with that setup. Do you plan on making a new release with those changes in the near future?