[seahorse/wip/nielsdg/dont-use-short-keyid] pgp: Key: Don't use short (8 chars) identifiers

[Niels De Graef <nielsdg src gnome org>]

commit e151deefedf619a82b1eb6d970e0720c5b1c4489
Author: Niels De Graef <nielsdegraef gmail com>
Date:   Fri Jan 10 06:39:23 2020 +0100

    pgp: Key: Don't use short (8 chars) identifiers
    
    Short key IDs (8 characters) are susceptible to collision attacks: it's
    quite easy to create a key with exactly the same short keyid. As such,
    start using the long key id (16 characters).
    
    For more info, see:
    * https://evil32.com/
    * http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html

 pgp/seahorse-combo-keys.c |  2 +-
 pgp/seahorse-pgp-key.c    | 16 ++++++++--------
 pgp/seahorse-pgp-key.h    |  2 +-
 pgp/seahorse-unknown.c    |  2 +-
 4 files changed, 11 insertions(+), 11 deletions(-)
---
diff --git a/pgp/seahorse-combo-keys.c b/pgp/seahorse-combo-keys.c
index a3b9b272..00ba2fff 100644
--- a/pgp/seahorse-combo-keys.c
+++ b/pgp/seahorse-combo-keys.c
@@ -77,7 +77,7 @@ calculate_markup_for_object (GtkComboBox *combo,
        ComboClosure *closure;
        const gchar *keyid;
        gchar *ident;
-       gchar *markup;
+       const char *markup;
 
        closure = g_object_get_data (G_OBJECT (combo), "combo-keys-closure");
 
diff --git a/pgp/seahorse-pgp-key.c b/pgp/seahorse-pgp-key.c
index ca588a80..3ffe12e1 100644
--- a/pgp/seahorse-pgp-key.c
+++ b/pgp/seahorse-pgp-key.c
@@ -299,7 +299,8 @@ seahorse_pgp_key_realize (SeahorsePgpKey *self)
 {
     const gchar *nickname, *keyid;
     const gchar *icon_name;
-    gchar *markup, *name, *identifier;
+    gchar *markup, *name;
+    const char *identifier;
     SeahorseUsage usage;
     GList *subkeys;
     GIcon *icon;
@@ -309,7 +310,7 @@ seahorse_pgp_key_realize (SeahorsePgpKey *self)
         keyid = seahorse_pgp_subkey_get_keyid (subkeys->data);
         identifier = seahorse_pgp_key_calc_identifier (keyid);
     } else {
-        identifier = g_strdup ("");
+        identifier = "";
     }
 
     name = calc_name (self);
@@ -337,7 +338,6 @@ seahorse_pgp_key_realize (SeahorsePgpKey *self)
               NULL);
 
     g_object_unref (icon);
-    g_free (identifier);
     g_free (markup);
     g_free (name);
 }
@@ -360,18 +360,18 @@ seahorse_pgp_key_viewable_iface (SeahorseViewableIface *iface)
     iface->create_viewer = seahorse_pgp_key_create_viewer;
 }
 
-gchar*
-seahorse_pgp_key_calc_identifier (const gchar *keyid)
+const char*
+seahorse_pgp_key_calc_identifier (const char *keyid)
 {
     guint len;
 
     g_return_val_if_fail (keyid, NULL);
 
     len = strlen (keyid);
-    if (len > 8)
-        keyid += len - 8;
+    if (len > 16)
+        keyid += len - 16;
 
-    return g_strdup (keyid);
+    return keyid;
 }
 
 GList*
diff --git a/pgp/seahorse-pgp-key.h b/pgp/seahorse-pgp-key.h
index 3baa35fd..df6c5de8 100644
--- a/pgp/seahorse-pgp-key.h
+++ b/pgp/seahorse-pgp-key.h
@@ -97,7 +97,7 @@ const gchar*      seahorse_pgp_key_get_keyid            (SeahorsePgpKey *self);
 gboolean          seahorse_pgp_key_has_keyid            (SeahorsePgpKey *self,
                                                          const gchar *keyid);
 
-gchar*            seahorse_pgp_key_calc_identifier      (const gchar *keyid);
+const char*       seahorse_pgp_key_calc_identifier      (const char *keyid);
 
 guint             seahorse_pgp_keyid_hash               (gconstpointer v);
 
diff --git a/pgp/seahorse-unknown.c b/pgp/seahorse-unknown.c
index d7c8e4b5..319620e4 100644
--- a/pgp/seahorse-unknown.c
+++ b/pgp/seahorse-unknown.c
@@ -53,7 +53,7 @@ seahorse_unknown_new (SeahorseUnknownSource *source,
                       const gchar *keyid,
                       const gchar *display)
 {
-       gchar *identifier;
+       const char *identifier;
 
        if (!display)
                display = _("Unavailable");