Index: keyring.c
===================================================================
RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c,v
retrieving revision 1.56
diff -u -r1.56 keyring.c
--- keyring.c	13 Nov 2018 14:52:30 -0000	1.56
+++ keyring.c	11 Oct 2020 16:24:59 -0000
@@ -620,8 +620,12 @@
 		key->subsigc += 1;
 		break;
 	case PGP_PTAG_CT_TRUST:
-		key->subsigs[key->subsigc - 1].trustlevel = pkt->u.ss_trust.level;
-		key->subsigs[key->subsigc - 1].trustamount = pkt->u.ss_trust.amount;
+		EXPAND_ARRAY(key, subsig);
+		key->subsigs[key->subsigc].trustlevel = pkt->u.ss_trust.level;
+		key->subsigs[key->subsigc].trustamount = pkt->u.ss_trust.amount;
+
+		key->subsigc += 1;
+
 		break;
 	case PGP_PTAG_SS_KEY_EXPIRY:
 		EXPAND_ARRAY(keyring, key);
@@ -667,7 +671,6 @@
 	default:
 		break;
 	}
-
 	return PGP_RELEASE_MEMORY;
 }
 
Index: packet-parse.c
===================================================================
RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c,v
retrieving revision 1.52
diff -u -r1.52 packet-parse.c
--- packet-parse.c	13 Nov 2018 14:52:30 -0000	1.52
+++ packet-parse.c	11 Oct 2020 16:25:00 -0000
@@ -984,6 +984,7 @@
 	case PGP_PTAG_SS_PRIMARY_USER_ID:
 	case PGP_PTAG_SS_REVOCABLE:
 	case PGP_PTAG_SS_REVOCATION_KEY:
+	case PGP_PTAG_SS_ISSUER_FINGERPRINT:
 	case PGP_PTAG_CT_LITDATA_HEADER:
 	case PGP_PTAG_CT_LITDATA_BODY:
 	case PGP_PTAG_CT_SIGNED_CLEARTEXT_BODY:
@@ -1554,6 +1555,7 @@
 	pgp_packet_t	pkt;
 	uint8_t		bools = 0x0;
 	uint8_t		c = 0x0;
+	uint8_t		temp = 0x0;
 	unsigned	doread = 1;
 	unsigned        t8;
 	unsigned        t7;
@@ -1764,6 +1766,26 @@
 		}
 		break;
 
+	case PGP_PTAG_SS_ISSUER_FINGERPRINT:
+		/* octet 0: version */
+		/* 	0x04:20 bytes, 0x05:32 bytes */
+		if (!limread(&temp, 1,&subregion, stream)) {
+			return 0;
+		}
+
+		switch (temp) {
+			case 0x04: pkt.u.ss_issuer_fingerprint.len = 20; break;
+			case 0x05: pkt.u.ss_issuer_fingerprint.len = 32; break;
+			default:
+				return 0;
+		}
+
+		if (!limread(pkt.u.ss_issuer_fingerprint.fingerprint, 
+			pkt.u.ss_issuer_fingerprint.len, &subregion, stream)) {
+			return 0;
+		}
+		
+		break;
 	case PGP_PTAG_SS_REVOCATION_KEY:
 		/* octet 0 = class. Bit 0x80 must be set */
 		if (!limread(&pkt.u.ss_revocation_key.class, 1,
Index: packet.h
===================================================================
RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/packet.h,v
retrieving revision 1.31
diff -u -r1.31 packet.h
--- packet.h	13 Nov 2018 14:52:30 -0000	1.31
+++ packet.h	11 Oct 2020 16:25:00 -0000
@@ -252,6 +252,8 @@
 	PGP_PTAG_SS_SIGNATURE_TARGET = 0x200 + 31,	/* signature target */
 	PGP_PTAG_SS_EMBEDDED_SIGNATURE = 0x200 + 32,	/* embedded signature */
 
+	PGP_PTAG_SS_ISSUER_FINGERPRINT = 0x200 + 33,	/* issuer fingerprint */
+
 	PGP_PTAG_SS_USERDEFINED00 = 0x200 + 100,	/* internal or
 							 * user-defined */
 	PGP_PTAG_SS_USERDEFINED01 = 0x200 + 101,
@@ -659,6 +661,11 @@
 	uint8_t			 amount;	/* Amount */
 } pgp_ss_trust_t;
 
+typedef struct pgp_ss_issuer_fingerprint {
+	uint8_t			len; /* 20 or 32 */
+	uint8_t			fingerprint[32]; /* max 32 */
+} pgp_ss_issuer_fingerprint;
+
 /** Signature Subpacket : Notation Data */
 typedef struct pgp_ss_notation_t {
 	pgp_data_t		flags;
@@ -823,13 +830,14 @@
 	pgp_data_t			userattr;
 	pgp_sig_t			sig;
 	pgp_ss_raw_t			ss_raw;
-	pgp_ss_trust_t		ss_trust;
+	pgp_ss_trust_t			ss_trust;
+	pgp_ss_issuer_fingerprint 	ss_issuer_fingerprint;
 	unsigned			ss_revocable;
 	time_t				ss_time;
 	uint8_t				ss_issuer[PGP_KEY_ID_SIZE];
 	pgp_ss_notation_t		ss_notation;
-	pgp_subpacket_t		packet;
-	pgp_compression_type_t	compressed;
+	pgp_subpacket_t			packet;
+	pgp_compression_type_t		compressed;
 	pgp_one_pass_sig_t		one_pass_sig;
 	pgp_data_t			ss_skapref;
 	pgp_data_t			ss_hashpref;
@@ -840,7 +848,7 @@
 	char				*ss_regexp;
 	char				*ss_policy;
 	char				*ss_keyserv;
-	pgp_ss_revocation_key_t	ss_revocation_key;
+	pgp_ss_revocation_key_t		ss_revocation_key;
 	pgp_data_t			ss_userdef;
 	pgp_data_t			ss_unknown;
 	pgp_litdata_header_t		litdata_header;