used detached sigs; at least this way gpgme++ is giving me fingerprints on success

2011-05-26 15:12:56 +02:00 · 2011-05-26 15:12:56 +02:00 · 7c095ebd31
commit 7c095ebd31
parent 5f0face742
2 changed files with 14 additions and 5 deletions
--- a/remote/signing.cpp
+++ b/remote/signing.cpp
@ -509,7 +509,7 @@ QString Signing::signerOf(const KUrl &package, const KUrl &signature) const
        return QString();
    }

-    const QString signaturePath = signature.isEmpty() ? packagePath + (".asc")
+    const QString signaturePath = signature.isEmpty() ? packagePath + (".sig")
                                                      : signature.path();

    if (!QFile::exists(signaturePath)) {
@ -517,7 +517,7 @@ QString Signing::signerOf(const KUrl &package, const KUrl &signature) const
        return QString();
    }

-    kDebug() << "Cheking if " << packagePath << " and " << signaturePath << " matches";
+    //kDebug() << "Cheking if " << packagePath << " and " << signaturePath << " matches";

    FILE *pFile = fopen(packagePath.toLocal8Bit().data(), "r");
    if (!pFile) {
@ -539,8 +539,15 @@ QString Signing::signerOf(const KUrl &package, const KUrl &signature) const
    QString rv;

    if (!vRes.error()) {
-        kDebug() << "message " << packagePath << " and signature " << signaturePath << "matched! The fingerprint of the signer is: " << vRes.signature(0).fingerprint();
-        rv = vRes.signature(0).fingerprint();
+        //kDebug() << "got" << vRes.signatures().size() << "signatures out" << vRes.error().asString();
+        foreach (GpgME::Signature sig, vRes.signatures()) {
+            if (sig.fingerprint()) {
+                rv = sig.fingerprint();
+                break;
+            }
+        }
+
+        //kDebug() << "message " << packagePath << " and signature " << signaturePath << "matched! The fingerprint of the signer is: " << rv;
    }

    fclose(pFile);
--- a/remote/signing.h
+++ b/remote/signing.h
@ -119,7 +119,9 @@ public:
    /**
      * Tests for a successful match between the object and signature files, referenced by their
      * absolute path. The signature path is optional and, if not specified, the function will
-      * automatically try to retrieve it by appending the string ".asc" to the object path.
+      * automatically try to retrieve it by appending the string ".sig" to the package path.
+      *
+      * The signature should be a "detached signature" for correct results.
      *
      * @arg package the full path of the package we want to test
      * @arg signature optional path for the signature file