When comparing fingerprints, you may also want to compare the version

[nwalfield]

The issuer fingerprint subpacket is defined as:

  (1 octet key version number, N octets of fingerprint)

When comparing the issuer fingerprint with a key fingerprint, the version should probably also be compared to avoid possible version confusion attacks:

The pgp_fingerprint_t data structure appears to be versionless.

This code appears to compare a key's fingerprint with an issuer fingerprint subpacket, but doesn't also compare their versions:

      if (subsig.sig.has_keyfp() && (key->fp() == subsig.sig.keyfp())) {

In practice, this is probably not an issue as comparing fingerprints is probably enough. But, it may be confusing if you encounter a vX issuer fingerprint that matches the fingerprint in question, and accept it when the issuer fingerprint is technically malformed, and other OpenPGP implementations would reject it.

[antonsviridenko]

@nwalfield thank you for your findings