python GPGME bindings and key signatures

brent s. bts at square-r00t.net
Mon Nov 5 06:20:55 CET 2018 

i frequently do work with the GPGME bindings for python (is this still
referred to as "pyME" after the merge into mainline?), and i really must
start by saying thank you to whomever maintains it!

i do have a quick question as i'm not sure it's something expected or not.

it seems the signatures interface is obsolete[0].

it seems that the non-obsolete way of accessing this is in
gpgme_user_id_t's `signatures` member[1] (or
<key>.uids[<idx>].signatures per the bindings).

however, this is empty in python's bindings:

_________________________________________________________________
>>> import os
>>> os.environ['GNUPGHOME']
'/var/tmp/python_testing/gpg/homedir'
>>> import gpg
>>> ctx = gpg.Context()
>>> k = ctx.get_key('C548200C7F6AA9541F6EDFF65A6D013706B6BE26')
>>> k.uids[0].signatures
[]
>>>
_________________________________________________________________


whereas signatures most definitely do exist:


_________________________________________________________________
[bts at cylon gpg]$ echo $GNUPGHOME
/var/tmp/python_testing/gpg/homedir
[bts at cylon gpg]$ gpg --list-keys --with-sig-check
C548200C7F6AA9541F6EDFF65A6D013706B6BE26
pub   rsa4096 2012-10-30 [SC]
      C548200C7F6AA9541F6EDFF65A6D013706B6BE26
uid           [  full  ] A Test Key for Expiring, delete when done
(1351649839.474725) <test2 at test.com>
sig!3        5A6D013706B6BE26 2012-10-30  A Test Key for Expiring,
delete when done (1351649839.474725) <test2 at test.com>
sig!         33F7494F9AF6E3D1 2018-11-04  A Test Key (a comment)
<test at test.com>
sig!       2 33F7494F9AF6E3D1 2018-11-05  A Test Key (a comment)
<test at test.com>
sub   rsa4096 2012-10-30 [S]
sig!         5A6D013706B6BE26 2012-10-30  A Test Key for Expiring,
delete when done (1351649839.474725) <test2 at test.com>

gpg: 4 good signatures
_________________________________________________________________


is this intentional/known behaviour? did i do a goof?

if the former, is there an expected ETA on support for this?
if the latter, is there a certain constant that needs to be set for the
context first or something; how can i implement key signature listing?

thanks!


[0] https://gnupg.org/documentation/manuals/gpgme/Key-Signatures.html
[1]
https://www.gnupg.org/documentation/manuals/gpgme/Key-objects.html#index-gpgme_005fuser_005fid_005ft


-- 
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20181105/9a78d54e/attachment.sig>

More information about the Gnupg-devel mailing list