gpg: handle ASCII-armored keyrings as well

gpg command "--list-keys" requires input files to be passed with
option "--keyring" and each file must match type "public keyring v4"
while gpg command "--show-keys" doesn't require extra options and
handles also ASCII-armored public keyrings as well.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
This commit is contained in:
Konstantin Demin 2021-04-15 03:00:39 +03:00
parent 2767b051bc
commit ccd4b5c163
Signed by untrusted user: rockdrilla
GPG key ID: 1F33CB0BA4731BC6

View file

@ -4937,30 +4937,37 @@ sub main() {
. " signed-by value"; . " signed-by value";
last; last;
} }
# initialize gpg trustdb with empty one
{
`@gpgcmd --update-trustdb >/dev/null 2>/dev/null`;
$? == 0 or error "gpg failed to initialize trustdb: $?";
}
# find all the fingerprints of the keys apt currently # find all the fingerprints of the keys apt currently
# knows about # knows about
my @keyringopts = (); my @keyrings = ();
opendir my $dh, "$options->{apttrustedparts}" opendir my $dh, "$options->{apttrustedparts}"
or error "cannot read $options->{apttrustedparts}"; or error "cannot read $options->{apttrustedparts}";
while (my $filename = readdir $dh) { while (my $filename = readdir $dh) {
if ($filename !~ /\.(asc|gpg)$/) { if ($filename !~ /\.(asc|gpg)$/) {
next; next;
} }
push @keyringopts, '--keyring', $filename = "$options->{apttrustedparts}/$filename";
"$options->{apttrustedparts}/$filename"; # skip empty keyrings
-s "$filename" || next;
push @keyrings, "$filename";
} }
closedir $dh; closedir $dh;
if (-e $options->{apttrusted}) { if (-s $options->{apttrusted}) {
push @keyringopts, '--keyring', $options->{apttrusted}; push @keyrings, $options->{apttrusted};
} }
my @aptfingerprints = (); my @aptfingerprints = ();
if (scalar @keyringopts == 0) { if (scalar @keyrings == 0) {
$signedby = " [signed-by=\"$keyring\"]"; $signedby = " [signed-by=\"$keyring\"]";
last; last;
} }
{ {
open my $fh, '-|', @gpgcmd, @keyringopts, '--with-colons', open(my $fh, '-|', @gpgcmd, '--with-colons', '--show-keys',
'--list-keys' // error "failed to fork(): $!"; @keyrings) // error "failed to fork(): $!";
while (my $line = <$fh>) { while (my $line = <$fh>) {
if ($line !~ /^fpr:::::::::([^:]+):/) { if ($line !~ /^fpr:::::::::([^:]+):/) {
next; next;
@ -4981,9 +4988,8 @@ sub main() {
# the case # the case
my @suitefingerprints = (); my @suitefingerprints = ();
{ {
open my $fh, '-|', @gpgcmd, '--keyring', $keyring, open(my $fh, '-|', @gpgcmd, '--with-colons', '--show-keys',
'--with-colons', $keyring) // error "failed to fork(): $!";
'--list-keys' // error "failed to fork(): $!";
while (my $line = <$fh>) { while (my $line = <$fh>) {
if ($line !~ /^fpr:::::::::([^:]+):/) { if ($line !~ /^fpr:::::::::([^:]+):/) {
next; next;