-fingerprint_keys_from_keyring() {
- local KEYRINGFILE="$1"
- shift
- # don't show the error message if this keyring doesn't include the fingerprint
- $GPG_CMD --keyring "$KEYRINGFILE" --batch --fingerprint "$@" 2>/dev/null || true
+import_keyring_into_keyring() {
+ local FROM="${1:-${GPGHOMEDIR}/pubring.gpg}"
+ local TO="${2:-${GPGHOMEDIR}/pubring.gpg}"
+ shift 2
+ rm -f "${GPGHOMEDIR}/gpgoutput.log"
+ # the idea is simple: We take keys from one keyring and copy it to another
+ # we do this with so many checks in between to ensure that WE control the
+ # creation, so we know that the (potentially) created $TO keyring is a
+ # simple keyring rather than a keybox as gpg2 would create it which in turn
+ # can't be read by gpgv.
+ # BEWARE: This is designed more in the way to work with the current
+ # callers, than to have a well defined it would be easy to add new callers to.
+ if [ ! -s "$TO" ]; then
+ if [ -s "$FROM" ]; then
+ if [ -z "$2" ]; then
+ if ! aptkey_execute "$GPG_SH" --keyring "$FROM" --export ${1:+"$1"} > "$TO" 2> "${GPGHOMEDIR}/gpgoutput.log"; then
+ cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
+ false
+ else
+ chmod 0644 -- "$TO"
+ fi
+ else
+ create_new_keyring "$TO"
+ fi
+ else
+ create_new_keyring "$TO"
+ fi
+ elif [ -s "$FROM" ]; then
+ local EXPORTLIMIT="$1"
+ if [ -n "$1$2" ]; then shift; fi
+ if ! aptkey_execute "$GPG_SH" --keyring "$FROM" --export ${EXPORTLIMIT:+"$EXPORTLIMIT"} \
+ | aptkey_execute "$GPG_SH" --keyring "$TO" --batch --import "$@" > "${GPGHOMEDIR}/gpgoutput.log" 2>&1; then
+ cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
+ false
+ fi
+ fi