From: Robert McQueen Date: Sun, 30 Jul 2017 16:44:35 +0000 (+0100) Subject: gpg-verify-result: try to display the primary key ID from signatures X-Git-Tag: archive/raspbian/2022.1-3+rpi1~1^2~4^2~33^2~62 X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=e8a9172daad5f27ba5805fd4e4abba1b419dffc0;p=ostree.git gpg-verify-result: try to display the primary key ID from signatures The fingerprint associated with each signature can be different to the primary key ID (the normal one that people use to identify a GPG key) if the signature is from a signing subkey. Try to find the primary key and print this ID in preference to the subkey signature. https://github.com/ostreedev/ostree/issues/608 Closes: #1036 Approved by: cgwalters --- diff --git a/src/libostree/ostree-gpg-verify-result.c b/src/libostree/ostree-gpg-verify-result.c index 059b3d56..7cee6c28 100644 --- a/src/libostree/ostree-gpg-verify-result.c +++ b/src/libostree/ostree-gpg-verify-result.c @@ -334,7 +334,8 @@ ostree_gpg_verify_result_get (OstreeGpgVerifyResult *result, * (OSTREE_GPG_SIGNATURE_ATTR_KEY_MISSING). */ for (ii = 0; ii < n_attrs; ii++) { - if (attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_USER_NAME || + if (attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_FINGERPRINT || + attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_USER_NAME || attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_USER_EMAIL) { (void) gpgme_get_key (result->context, signature->fpr, &key, 0); @@ -378,7 +379,11 @@ ostree_gpg_verify_result_get (OstreeGpgVerifyResult *result, break; case OSTREE_GPG_SIGNATURE_ATTR_FINGERPRINT: - child = g_variant_new_string (signature->fpr); + if (key != NULL && key->subkeys != NULL) + v_string = key->subkeys->fpr; + else + v_string = signature->fpr; + child = g_variant_new_string (v_string); break; case OSTREE_GPG_SIGNATURE_ATTR_TIMESTAMP: