feature(keyringctl): add clean functionality to match import-clean

De-duplicate not needed certifications by cleaning the keyring after import to remove old files when processing revocations. This basically adds the functionality compared to import-clean.
2021-12-08 20:50:45 +01:00
parent d0ea790c6a
commit 37ad62d6e5
3 changed files with 49 additions and 2 deletions
--- a/libkeyringctl/verify.py
+++ b/libkeyringctl/verify.py
@ -159,6 +159,11 @@ def verify_integrity(certificate: Path, all_fingerprints: Set[Fingerprint]) -> N
                                )
                                if issuer != sig.stem:
                                    raise Exception(f"Unexpected issuer in file {str(sig)}: {issuer}")
+
+                                certification = uid_path.parent / "certification" / sig.name
+                                if certification.exists():
+                                    raise Exception(f"Certification exists for revocation {str(sig)}: {certification}")
+
                                debug(f"OK: {sig}")
                        else:
                            raise Exception(f"Unexpected directory in certificate {certificate.name}: {str(uid_path)}")