[gnome-keysign: 2/5] gpgmeh: Check for certification being produced

From: Tobias Mueller <tobiasmue src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-keysign: 2/5] gpgmeh: Check for certification being produced
Date: Mon, 2 Sep 2019 10:35:03 +0000 (UTC)

commit 8a1cd04bc83eed988834ba47f1afcb6a2f7afcb7
Author: Tobias Mueller <muelli cryptobitch de>
Date:   Mon Sep 2 12:32:28 2019 +0200

    gpgmeh: Check for certification being produced
    
    If there is something going wrong, we'd like to show a warning or
    something.
    This is the first step towards detecting edge cases.
    
    We expect at least two signatures there. One self-certification and at
    least one from our key.

 keysign/gpgmeh.py | 8 ++++++++
 1 file changed, 8 insertions(+)
---
diff --git a/keysign/gpgmeh.py b/keysign/gpgmeh.py
index b1019fb..78fb60c 100755
--- a/keysign/gpgmeh.py
+++ b/keysign/gpgmeh.py
@@ -503,6 +503,14 @@ def sign_keydata_and_encrypt(keydata, error_cb=None, homedir=None):
             if uid.revoked or uid.invalid:
                 continue
             else:
+                log.debug("The UID %s has %d signatures",
+                    uid, len(uid.signatures))
+                if len(uid.signatures) < 2:
+                    log.error("We seem to not have produced signatures correctly. "
+                        "%s has less than 2 signatures: %s",
+                        uid, uid.signatures,
+                    )
+
                 uid_data = UIDExport(signed_keydata, i)
                 # FIXME: Check whether this bug is resolved and the remove this conditional
                 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884900

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]