local GPG="$GPG_CMD --keyring $KEYRINGFILE"
for KEY in "$@"; do
# check if the key is in this keyring: the key id is in the 5 column at the end
- if ! get_fingerprints_of_keyring "$KEYRINGFILE" | grep -q "^[0-9A-F]*${KEY}$"; then
+ if ! get_fingerprints_of_keyring "$KEYRINGFILE" | grep -iq "^[0-9A-F]*${KEY}$"; then
continue
fi
if [ ! -w "$KEYRINGFILE" ]; then
foreach_keyring_do() {
local ACTION="$1"
shift
- # if a --keyring was given, just remove from there
+ # if a --keyring was given, just work on this one
if [ -n "$FORCED_KEYRING" ]; then
$ACTION "$FORCED_KEYRING" "$@"
else
}
setup_merged_keyring() {
- if [ -z "$FORCED_KEYRING" ]; then
+ if [ -n "$FORCED_KEYID" ]; then
+ foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/allrings.gpg"
+ FORCED_KEYRING="${GPGHOMEDIR}/forcedkeyid.gpg"
+ TRUSTEDFILE="${FORCED_KEYRING}"
+ GPG="$GPG --keyring $TRUSTEDFILE"
+ # ignore error as this "just" means we haven't found the forced keyid and the keyring will be empty
+ $GPG_CMD --batch --yes --keyring "${GPGHOMEDIR}/allrings.gpg" --export "$FORCED_KEYID" | $GPG --batch --yes --import || true
+ elif [ -z "$FORCED_KEYRING" ]; then
foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
if [ -r "${GPGHOMEDIR}/pubring.gpg" ]; then
cp -a "${GPGHOMEDIR}/pubring.gpg" "${GPGHOMEDIR}/pubring.orig.gpg"
TRUSTEDFILE="$1"
FORCED_KEYRING="$1"
;;
+ --keyid)
+ shift
+ FORCED_KEYID="$1"
+ ;;
--secret-keyring)
shift
FORCED_SECRET_KEYRING="$1"
;;
--readonly)
merge_back_changes() { true; }
+ create_new_keyring() { true; }
;;
--fakeroot)
requires_root() { true; }
verify)
setup_merged_keyring
if which gpgv >/dev/null 2>&1; then
- gpgv --homedir "${GPGHOMEDIR}" --keyring "${GPGHOMEDIR}/pubring.gpg" --ignore-time-conflict "$@"
+ if [ -n "$FORCED_KEYRING" ]; then
+ gpgv --homedir "${GPGHOMEDIR}" --keyring "${FORCED_KEYRING}" --ignore-time-conflict "$@"
+ else
+ gpgv --homedir "${GPGHOMEDIR}" --keyring "${GPGHOMEDIR}/pubring.gpg" --ignore-time-conflict "$@"
+ fi
else
$GPG --verify "$@"
fi