Skip to content

please ignore (or check) gpg signature files instead of panicking

When reading OpenPGP/gpg signature files (both detatched and inline, both armoured and not), sq-keyring-linter currently panicks.

Since sq-keyring-linter may be used in non-interactive situations where all .asc files are passed to it, regardless of whether they are OpenPGP keys or signatures, it would be useful if sq-keyring-linter would either ignore OpenPGP/gpg signature files, or perform some checks on them.

PS: this would make the proposed integration of sq-keyring-linter into the OpenPGP support in check-all-the-things much more user-friendly.

$ touch foo
$ gpg --detach-sign foo
gpg: using "610B28B55CFCFE45EA1B563B3116BA5E9FFA69A3" as default secret key for signing
$ gpg --armor --detach-sign foo
gpg: using "610B28B55CFCFE45EA1B563B3116BA5E9FFA69A3" as default secret key for signing
$ sq-keyring-linter foo.sig
thread 'main' panicked at 'parsing cert #0: Malformed Cert: Unrecognized token `Signature Packet` found at 0:0
Expected one of PUBLIC_KEY or SECRET_KEY', src/keyring-linter.rs:769:29
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
$ sq-keyring-linter foo.asc
thread 'main' panicked at 'parsing cert #0: Malformed Cert: Unrecognized token `Signature Packet` found at 0:0
Expected one of PUBLIC_KEY or SECRET_KEY', src/keyring-linter.rs:769:29
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

$ touch bar
$ gpg --sign bar
gpg: using "610B28B55CFCFE45EA1B563B3116BA5E9FFA69A3" as default secret key for signing
$ gpg --armor --sign bar
gpg: using "610B28B55CFCFE45EA1B563B3116BA5E9FFA69A3" as default secret key for signing
$ sq-keyring-linter bar.gpg thread 'main' panicked at 'parsing cert #0: Unsupported Cert: Packet sequence includes non-Cert packets.', src/keyring-linter.rs:769:29
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
$ sq-keyring-linter bar.asc
thread 'main' panicked at 'parsing cert #0: Unsupported Cert: Packet sequence includes non-Cert packets.', src/keyring-linter.rs:769:29
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
```