From 61921f44314fda6dd7de2d6b94c824a80ec84947 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Wed, 24 May 2017 14:54:54 -0400
Subject: tighten forced subkey matching

Someone might have a name or email address ending in a bang..
---
 Utility/Gpg.hs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'Utility')

diff --git a/Utility/Gpg.hs b/Utility/Gpg.hs
index c20be754f..dae254854 100644
--- a/Utility/Gpg.hs
+++ b/Utility/Gpg.hs
@@ -22,6 +22,7 @@ import Utility.Format (decode_c)
 import Control.Concurrent
 import Control.Monad.IO.Class
 import qualified Data.Map as M
+import Data.Char
 
 type KeyId = String
 
@@ -158,9 +159,9 @@ pipeLazy (GpgCmd cmd) params feeder reader = do
  - GnuPG's manpage.) -}
 findPubKeys :: GpgCmd -> String -> IO KeyIds
 findPubKeys cmd for
-	-- "subkey!" tells gpg to force use of a specific subkey,
-	-- so pass it through as-is rather than looking up the master key.
-	| "!" `isSuffixOf` for = return $ KeyIds [for]
+	-- pass forced subkey through as-is rather than
+	-- looking up the master key.
+	| isForcedSubKey for = return $ KeyIds [for]
 	| otherwise = KeyIds . parse . lines <$> readStrict cmd params
   where
 	params = [Param "--with-colons", Param "--list-public-keys", Param for]
@@ -168,6 +169,10 @@ findPubKeys cmd for
 	keyIdField ("pub":_:_:_:f:_) = Just f
 	keyIdField _ = Nothing
 
+{- "subkey!" tells gpg to force use of a specific subkey -}
+isForcedSubKey :: String -> Bool
+isForcedSubKey s = "!" `isSuffixOf` s && all isHexDigit (drop 1 s)
+
 type UserId = String
 
 {- All of the user's secret keys, with their UserIds.
-- 
cgit v1.2.3