diff --git a/src/libostree/ostree-gpg-verify-result.c b/src/libostree/ostree-gpg-verify-result.c index 0277ce1e..059b3d56 100644 --- a/src/libostree/ostree-gpg-verify-result.c +++ b/src/libostree/ostree-gpg-verify-result.c @@ -237,7 +237,7 @@ ostree_gpg_verify_result_lookup (OstreeGpgVerifyResult *result, const gchar *key_id, guint *out_signature_index) { - g_autofree char *key_id_upper = NULL; + gpgme_key_t lookup_key = NULL; gpgme_signature_t signature; guint signature_index; gboolean ret = FALSE; @@ -245,25 +245,46 @@ ostree_gpg_verify_result_lookup (OstreeGpgVerifyResult *result, g_return_val_if_fail (OSTREE_IS_GPG_VERIFY_RESULT (result), FALSE); g_return_val_if_fail (key_id != NULL, FALSE); - /* signature->fpr is always upper-case. */ - key_id_upper = g_ascii_strup (key_id, -1); + /* fetch requested key_id from keyring to canonicalise ID */ + (void) gpgme_get_key (result->context, key_id, &lookup_key, 0); + + if (lookup_key == NULL) + { + g_debug ("Could not find key ID %s to lookup signature.", key_id); + return FALSE; + } for (signature = result->details->signatures, signature_index = 0; signature != NULL; signature = signature->next, signature_index++) { - if (signature->fpr == NULL) - continue; + gpgme_key_t signature_key = NULL; - if (g_str_has_suffix (signature->fpr, key_id_upper)) + (void) gpgme_get_key (result->context, signature->fpr, &signature_key, 0); + + if (signature_key == NULL) + { + g_debug ("Could not find key when looking up signature from %s.", signature->fpr); + continue; + } + + /* the first subkey in the list is the primary key */ + if (!g_strcmp0 (lookup_key->subkeys->fpr, + signature_key->subkeys->fpr)) { if (out_signature_index != NULL) *out_signature_index = signature_index; ret = TRUE; - break; } + + gpgme_key_unref (signature_key); + + if (ret) + break; } + gpgme_key_unref (lookup_key); + return ret; }