check that key data is not empty, and return error otherwise.

[monkeysphere-validation-agent.git] / Crypt / Monkeysphere / MSVA.pm

diff --git a/Crypt/Monkeysphere/MSVA.pm b/Crypt/Monkeysphere/MSVA.pm
index ed72f4dda43770f8e45f6d3031260a41a345da97..f2bb7b1108f406dfd46ce014f579ab89f363e733 100755 (executable)
--- a/Crypt/Monkeysphere/MSVA.pm
+++ b/Crypt/Monkeysphere/MSVA.pm
@@ -649,6 +649,12 @@
                  message => 'Unknown failure',
                };
 
+    # check that there actually is key data
+    if ($data->{pkc}->{data} eq '') {
+      $ret->{message} = sprintf("Key data empty.");
+      return $status,$ret;
+    }
+
     # check context string
     if ($data->{context} =~ /^(https|ssh|smtp|ike|postgresql|imaps|imap|submission|e-mail)$/) {
        $data->{context} = $1;
@@ -711,8 +717,8 @@
     my $key;
     my $gpgquery;
     if (lc($data->{pkc}->{type}) eq 'openpgp4fpr') {
-      if ($data->{pkc}->{data} =~ /^(0x)?([[:xdigit:]]+)$/) {
-       $data->{pkc}->{data} = $2;
+      if ($data->{pkc}->{data} =~ /^(0x)?([[:xdigit:]]{40})$/) {
+       $data->{pkc}->{data} = uc($2);
        $fpr = $data->{pkc}->{data};
        msvalog('verbose', "OpenPGP v4 fingerprint: %s\n",$fpr);
       } else {
@@ -773,13 +779,8 @@
        }
        # treat primary keys just like subkeys:
        foreach my $subkey ($gpgkey, @{$gpgkey->subkeys}) {
-         my $primarymatch;
-         if (defined $key) {
-           $primarymatch = keycomp($key, $subkey);
-         } else {
-           $primarymatch = 1;
-         }
-         if ($primarymatch) {
+          if ((defined($key) && keycomp($key, $subkey)) ||
+              (defined($fpr) && ($subkey->fingerprint->as_hex_string eq $fpr))) {
            my $iscapable = 0;
            msvalog('verbose', "key 0x%s matches...\n",$subkey->hex_id);
            if ($data->{context} eq 'e-mail') {