openpgp: Process import status instead of export, for GnuPG-1.4

GnuPG 1.4 does not print machine-readable data when exporting keys.
Rework the WKD code to process the data on import instead.  This means
that keys will be imported via WKD even if not all were exported --
however, that should cause no harm as invalid data still will not be
accepted.

1 files changed, 10 insertions, 10 deletions

diff --git a/gemato/openpgp.py b/gemato/openpgp.py
index 0744399..2329482 100644
--- a/gemato/openpgp.py
+++ b/gemato/openpgp.py
@@ -296,24 +296,24 @@ disable-scdaemon
                 return False
 
             # otherwise, xfer the keys
-            exitst, out, err = subenv._spawn_gpg(['--status-fd', '2',
-                '--export'] + list(keys), '')
+            exitst, out, err = subenv._spawn_gpg(['--export'] + list(keys), '')
             if exitst != 0:
                 return False
             
+            exitst, out, err = self._spawn_gpg(['--import',
+                '--status-fd', '1'], out)
+            if exitst != 0:
+                # there's no valid reason for import to fail here
+                raise gemato.exceptions.OpenPGPKeyRefreshError(err.decode('utf8'))
+
             # we need to explicitly ensure all keys were fetched
-            for l in err.splitlines():
-                if l.startswith(b'[GNUPG:] EXPORTED'):
-                    fpr = l.split(b' ')[2].decode('ASCII')
+            for l in out.splitlines():
+                if l.startswith(b'[GNUPG:] IMPORT_OK'):
+                    fpr = l.split(b' ')[3].decode('ASCII')
                     keys.remove(fpr)
             if keys:
                 return False
 
-            exitst, out2, err = self._spawn_gpg(['--import'], out)
-            if exitst != 0:
-                # there's no valid reason for import to fail here
-                raise gemato.exceptions.OpenPGPKeyRefreshError(err.decode('utf8'))
-
         return True
 
     def refresh_keys_keyserver(self, keyserver=None):