properly match fingerprints with leading 0 bytes (https://labs.riseup.net/code/issues...

diff --git a/packaging/debian/changelog b/packaging/debian/changelog
index fa94721d4ecca6ec74a812b457e8632cc9bf20da..e8e535a2ac886476fdcbf196470035de6c70d723 100644 (file)
--- a/packaging/debian/changelog
+++ b/packaging/debian/changelog
@@ -10,9 +10,11 @@ monkeysphere (0.25-1~pre) UNRELEASED; urgency=low
     - add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key
     - pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1
     - some portability improvements
+    - properly handle translation of keys with fingerprints with leading
+      all-zero bytes.
   * update Standard-Version to 3.8.1
 
- -- Jameson Graef Rollins <jrollins@finestructure.net>  Thu, 30 Apr 2009 15:34:28 -0700
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Thu, 21 May 2009 13:04:10 -0400
 
 monkeysphere (0.24-1) unstable; urgency=low
 

diff --git a/src/share/keytrans b/src/share/keytrans
index 516f2da8714948e8e0d06cdde25868b7cc852a09..c47ccdc792d6cdfd98cf6fdb591ee9dae13e3969 100755 (executable)
--- a/src/share/keytrans
+++ b/src/share/keytrans
@@ -690,6 +690,8 @@ sub openpgp2ssh {
          my $foundfpr = fingerprint($pubkey, $timestamp);
 
          my $foundfprstr = Crypt::OpenSSL::Bignum->new_from_bin($foundfpr)->to_hex();
+         # left-pad with 0's to bring up to full 40-char (160-bit) fingerprint:
+         $foundfprstr = sprintf("%040s", $foundfprstr);
 
          # is this a match?
          if ((!defined($fpr)) ||