[gnome-keysign: 8/9] gpgmeh: catch INV_SGNR to make it work with an expired private key
- From: Tobias Mueller <tobiasmue src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keysign: 8/9] gpgmeh: catch INV_SGNR to make it work with an expired private key
- Date: Mon, 12 Feb 2018 22:11:10 +0000 (UTC)
commit fbb0fc7824e002eb1560ecaba7d6643d0c9e202b
Author: Tobias Mueller <muelli cryptobitch de>
Date: Mon Feb 12 22:26:26 2018 +0100
gpgmeh: catch INV_SGNR to make it work with an expired private key
We did not want to let this message go unnoticed, because you get it
when you don't have any keys at all.
But you also get it when you have multiple private keys out of which one
expired.
A proper solution probably involves checking for private keys first and
present a message when attempting to sign a key. We may also want to
maintain the state in the sign_key helper.
keysign.gpgmeh (INFO): Signing key uid 0
root (INFO): Returning None for u'KEY_CONSIDERED'
u'FA031B51100C8EE62FDE6D381E3CA871762B9C31 0'
root (INFO): Returning None for u'KEY_CONSIDERED'
u'FA031B51100C8EE62FDE6D381E3CA871762B9C31 0'
keysign.gpgmeh (INFO): edit_cb: u'GET_LINE' u'keyedit.prompt' 'None'
keysign.gpgmeh (INFO): edit_cb data: u'uid 0'
root (INFO): Returning None for u'GOT_IT' u''
keysign.gpgmeh (INFO): edit_cb: u'GET_LINE' u'keyedit.prompt' 'None'
keysign.gpgmeh (INFO): edit_cb data: u'sign'
root (INFO): Returning None for u'GOT_IT' u''
root (INFO): Returning None for u'KEYEXPIRED' u'1494349781'
root (INFO): Returning None for u'KEY_CONSIDERED'
u'FF52DA33C025B1E0B91092FC1C3419BF1BF98D6D 1'
keysign.gpgmeh (INFO): edit_cb: u'INV_SGNR' u'9 1C3419BF1BF98D6D' 'None'
Traceback (most recent call last):
File "/tmp/gks-master/keysign/receive.py", line 155, in
on_sign_key_confirmed
sign_keydata_and_send(keydata))
File "/tmp/gks-master/keysign/util.py", line 127, in
sign_keydata_and_send
for uid, encrypted_key in list(sign_keydata_and_encrypt(keydata,
error_cb)):
File "/tmp/gks-master/keysign/gpgmeh.py", line 413, in
sign_keydata_and_encrypt
ctx.interact(key, GenEdit(sign_key(error_cb=error_cb)).edit_cb,
sink=sink)
File "/usr/lib/python2.7/dist-packages/gpg/core.py", line 570, in
interact
gpgme.gpg_raise_callback_exception(self)
File "/tmp/gks-master/keysign/gpgmeh.py", line 78, in edit_cb
data = self.generator.send((status, args)) #, sinkdata))
File "/tmp/gks-master/keysign/gpgmeh.py", line 150, in sign_key
raise AssertionError("Unexpected state %r %r" % (status, prompt))
AssertionError: Unexpected state u'INV_SGNR' u'9 1C3419BF1BF98D6D'
keysign/gpgmeh.py | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
---
diff --git a/keysign/gpgmeh.py b/keysign/gpgmeh.py
index bc3d3cc..8d36706 100644
--- a/keysign/gpgmeh.py
+++ b/keysign/gpgmeh.py
@@ -127,9 +127,17 @@ def sign_key(uid=0, sign_cmd=u"sign", expire=False, check=3,
status, prompt = yield '%d' % check
elif prompt == 'sign_uid.okay':
status, prompt = yield 'Y'
- #elif status == gpg.constants.STATUS_INV_SGNR:
- # When does this actually happen?
- # status, prompt = yield None
+ elif status == gpg.constants.STATUS_INV_SGNR:
+ # seems to happen if you have an expired
+ # (or otherwise unsuable) signing key.
+ # The CONSIDERED line should have been issued
+ # with details.
+ # We don't maintain that state at the moment which is
+ # a bit unfortunate as we cannot properly detect
+ # when we have no usable key at all rather than
+ # one key being expired.
+ log.warn("INV_SGNR: %r", prompt)
+ status, prompt = yield None
elif status == gpg.constants.STATUS_PINENTRY_LAUNCHED:
status, prompt = yield None
elif status == gpg.constants.STATUS_GOT_IT:
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
