commit: fcf9bc99b653b580954079ac0ea7461eaf2fc4e1
Author: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
AuthorDate: Sun Aug 17 20:59:24 2014 +0000
Commit: Brian Dolbec <brian.dolbec <AT> gmail <DOT> com>
CommitDate: Sun Aug 17 22:07:11 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=commit;h=fcf9bc99
key checking improvements
---
gkeys/lib.py | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/gkeys/lib.py b/gkeys/lib.py
index a8af408..5f39cd3 100644
--- a/gkeys/lib.py
+++ b/gkeys/lib.py
@@ -215,8 +215,7 @@ class GkeysGPG(GPG):
@param keyid: the keyid to check
'''
result = self.list_keys(keydir, colons=True)
- revoked = expired = invalid = False
- sign = True
+ revoked = expired = invalid = sign = False
for data in result.status.data:
if data.name == "PUB":
if data.long_keyid == keyid[2:]:
@@ -237,19 +236,22 @@ class GkeysGPG(GPG):
break
if data.name == "SUB":
if data.long_keyid == keyid[2:]:
- # check if subkey has signing capabilities
- if 's' not in data.key_capabilities:
- sign = False
- logger.debug("ERROR in subkey %s : No signing
capabilities" % data.long_keyid)
+ # check if invalid
+ if 'i' in data.validity:
+ logger.debug("WARNING in subkey %s : invalid" %
data.long_keyid)
+ continue
# check if expired
if 'e' in data.validity:
logger.debug("WARNING in subkey %s : expired" %
data.long_keyid)
- # check if revoked
+ continue
+ # check if revoked
if 'r' in data.validity:
logger.debug("WARNING in subkey %s : revoked" %
data.long_keyid)
- # check if invalid
- if 'i' in data.validity:
- logger.debug("WARNING in subkey %s : invalid" %
data.long_keyid)
+ continue
+ # check if subkey has signing capabilities
+ if 's' in data.key_capabilities:
+ sign = True
+ logger.debug("INFO subkey %s : signing capabilities" %
data.long_keyid)
return GKEY_CHECK(keyid, revoked, expired, invalid, sign)
