core: For a failed verification return the sig's fingerprint.

* src/verify.c (parse_new_sig): Parse the new ERRSIG fpr.
--

This works only when the signatures features an ISSUER_FPR sub-packet
and with GnuPG >= 2.2.7.  If that is not the case the keyid is kept in
the FPR field.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-04-12 20:26:00 +02:00
parent ee8fad3ea0
commit 478d1650bb
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -284,6 +284,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,
gpgme_signature_t sig;
char *end = strchr (args, ' ');
char *tail;
int got_fpr = 0;
if (end)
{
@ -370,7 +371,23 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,
if (!*end)
goto parse_err_sig_fail;
sig->status = strtoul (end, NULL, 10);
gpg_err_set_errno (0);
sig->status = strtoul (end, &tail, 10);
if (errno || end == tail || (*tail && *tail != ' '))
goto parse_err_sig_fail;
if (!*tail)
goto parse_err_sig_ok;
end = tail;
while (*end == ' ')
end++;
/* Parse the new fingerprint (from the ISSUER_FPR subpacket). */
if (!*end || (*end == '-' && (end[1] == ' ' || !end[1])))
goto parse_err_sig_ok; /* Okay (just trailing spaces). */
sig->fpr = strdup (end);
if (!sig->fpr)
return gpg_error_from_syserror ();
got_fpr = 1;
goto parse_err_sig_ok;
parse_err_sig_fail:
@ -382,7 +399,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,
return gpg_error (GPG_ERR_GENERAL);
}
if (*args)
if (*args && !got_fpr)
{
sig->fpr = strdup (args);
if (!sig->fpr)