From 4ec3c49862c9b3cf0ccd7bd2d8112faf36bb04f0 Mon Sep 17 00:00:00 2001
From: Zac Medico <zmedico@gentoo.org>
Date: Wed, 17 Oct 2012 18:43:27 -0700
Subject: ManifestTask: stricter gpg key comparison

Use normalization and == comparison instead of the "in" operator.
---
 .../package/ebuild/_parallel_manifest/ManifestTask.py     | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py b/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py
index e155bc94b..d923088f5 100644
--- a/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py
+++ b/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py
@@ -82,13 +82,26 @@ class ManifestTask(CompositeTask):
 				return m.group(0)
 		return None
 
+	@staticmethod
+	def _normalize_gpg_key(key_str):
+		"""
+		Strips leading "0x" and trailing "!", and converts to uppercase
+		(intended to be the same format as that in gpg --verify output).
+		"""
+		key_str = key_str.upper()
+		if key_str.startswith("0X"):
+			key_str = key_str[2:]
+		key_str = key_str.rstrip("!")
+		return key_str
+
 	def _check_sig_key_exit(self, proc):
 		self._assert_current(proc)
 
 		parsed_key = self._parse_gpg_key(
 			proc.pipe_reader.getvalue().decode('utf_8', 'replace'))
 		if parsed_key is not None and \
-			parsed_key.lower() in self.force_sign_key.lower():
+			self._normalize_gpg_key(parsed_key) == \
+			self._normalize_gpg_key(self.force_sign_key):
 			self.returncode = os.EX_OK
 			self._current_task = None
 			self.wait()
-- 
cgit v1.2.3-1-g7c22