2 files changed, 105 insertions, 68 deletions

diff --git a/src/mailman_pgp/commands/eml_key.py b/src/mailman_pgp/commands/eml_key.py
index a298ea7..29fa99c 100644
--- a/src/mailman_pgp/commands/eml_key.py
+++ b/src/mailman_pgp/commands/eml_key.py
@@ -347,6 +347,8 @@ def _cmd_revoke(pgp_list, mlist, msg, msgdata, arguments, results):
             with transaction():
                 pgp_address.key = key_copy
             print('Key succesfully updated.', file=results)
+        else:
+            print('Nothing to do.', file=results)
     return ContinueProcessing.yes
 
 
@@ -432,9 +434,12 @@ def _cmd_sign(pgp_list, mlist, msg, msgdata, arguments, results):
                 continue
             # sig is a new signature, not currenctly on uid, ans seems to
             # be made by the pgp_address.key
-            verification = pgp_address.key.verify(uid, sig)
-            if bool(verification):
-                uid_sigs.setdefault(uid, []).append(sig)
+            try:
+                verification = pgp_address.key.verify(uid, sig)
+                if bool(verification):
+                    uid_sigs.setdefault(uid, []).append(sig)
+            except PGPError:
+                pass
 
     if len(uid_sigs) == 0:
         print('No new certifications found.', file=results)
diff --git a/src/mailman_pgp/commands/tests/test_key.py b/src/mailman_pgp/commands/tests/test_key.py
index 5a6bb12..8dd6fcc 100644
--- a/src/mailman_pgp/commands/tests/test_key.py
+++ b/src/mailman_pgp/commands/tests/test_key.py
@@ -801,6 +801,103 @@ class TestAfterSubscription(unittest.TestCase):
                 'Need a key which can be used to encrypt communications.',
                 results_msg.get_payload())
 
+    def test_revoke_resets(self):
+        bart = getUtility(IUserManager).create_address('bart@example.com',
+                                                       'Bart Person')
+        with transaction() as t:
+            pgp_address = PGPAddress(bart)
+            pgp_address.key = self.bart_key.pubkey
+            pgp_address.key_confirmed = True
+            t.add(pgp_address)
+
+        revoc = self.bart_key.revoke(self.bart_key)
+
+        message = _create_mixed('bart@example.com', 'test@example.com',
+                                'key revoke')
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.attach_revocs(revoc)
+
+        items = _run_message(message, 2)
+        if (items[0].msg['Subject'] ==
+                'The results of your email commands'):  # pragma: no cover
+            results_msg = items[0].msg
+        else:
+            results_msg = items[1].msg
+
+        self.assertIsNone(pgp_address.key)
+        self.assertFalse(pgp_address.key_confirmed)
+
+        self.assertIn('Key needs to be reset.', results_msg.get_payload())
+
+    def test_revoke_updates(self):
+        bart = getUtility(IUserManager).create_address('bart@example.com',
+                                                       'Bart Person')
+
+        test_key = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 1024)
+        uid = PGPUID.new('Some Name', email='anne@example.org')
+        test_key.add_uid(uid,
+                         usage={KeyFlags.Certify,
+                                KeyFlags.EncryptCommunications,
+                                KeyFlags.Sign},
+                         hashes=[HashAlgorithm.SHA256,
+                                 HashAlgorithm.SHA512],
+                         ciphers=[SymmetricKeyAlgorithm.AES256],
+                         compression=[CompressionAlgorithm.ZLIB])
+        sub = PGPKey.new(PubKeyAlgorithm.ECDH, EllipticCurveOID.SECP256K1)
+        test_key.add_subkey(sub, usage={KeyFlags.EncryptCommunications})
+
+        with transaction() as t:
+            pgp_address = PGPAddress(bart)
+            pgp_address.key = test_key.pubkey
+            pgp_address.key_confirmed = True
+            t.add(pgp_address)
+
+        revoc = test_key.revoke(sub.pubkey)
+
+        message = _create_mixed('bart@example.com', 'test@example.com',
+                                'key revoke')
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.attach_revocs(revoc)
+
+        items = _run_message(message, 1)
+        results_msg = items[0].msg
+
+        self.assertIn('Key succesfully updated.', results_msg.get_payload())
+        sub = next(iter(pgp_address.key.subkeys.values()))
+        revocs = list(sub.revocation_signatures)
+        self.assertEqual(len(revocs), 1)
+        self.assertEqual(revoc.hash2, revocs[0].hash2)
+
+    def test_revoke_encrypted(self):
+        bart = getUtility(IUserManager).create_address('bart@example.com',
+                                                       'Bart Person')
+        with transaction() as t:
+            pgp_address = PGPAddress(bart)
+            pgp_address.key = self.bart_key.pubkey
+            pgp_address.key_confirmed = True
+            t.add(pgp_address)
+
+        revoc = self.bart_key.revoke(self.bart_key)
+
+        message = _create_mixed('bart@example.com', 'test@example.com',
+                                'key revoke')
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.attach_revocs(revoc)
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.encrypt(self.pgp_list.pubkey)
+
+        items = _run_message(message, 2)
+        if (items[0].msg['Subject'] ==
+                'The results of your email commands'):  # pragma: no cover
+            results_msg = items[0].msg
+        else:
+            results_msg = items[1].msg
+
+        self.assertIsNone(pgp_address.key)
+        self.assertFalse(pgp_address.key_confirmed)
+
+        self.assertIn('Key needs to be reset.', results_msg.get_payload())
+
     def test_revoke_extra_arg(self):
         message = _create_plain('bart@example.com', 'test@example.com',
                                 'key revoke extra arguments', '')
@@ -878,71 +975,6 @@ class TestAfterSubscription(unittest.TestCase):
         self.assertIn('No key revocations attached? Send a key revocation.',
                       results_msg.get_payload())
 
-    def test_revoke_resets(self):
-        bart = getUtility(IUserManager).create_address('bart@example.com',
-                                                       'Bart Person')
-        with transaction() as t:
-            pgp_address = PGPAddress(bart)
-            pgp_address.key = self.bart_key.pubkey
-            pgp_address.key_confirmed = True
-            t.add(pgp_address)
-
-        revoc = self.bart_key.revoke(self.bart_key)
-
-        message = _create_mixed('bart@example.com', 'test@example.com',
-                                'key revoke')
-        wrapped_message = MIMEWrapper(message)
-        message = wrapped_message.attach_revocs(revoc)
-
-        items = _run_message(message, 2)
-        if (items[0].msg['Subject'] ==
-                'The results of your email commands'):  # pragma: no cover
-            results_msg = items[0].msg
-        else:
-            results_msg = items[1].msg
-        # TODO: finish test
-
-        self.assertIn('Key needs to be reset.', results_msg.get_payload())
-
-    def test_revoke_updates(self):
-        bart = getUtility(IUserManager).create_address('bart@example.com',
-                                                       'Bart Person')
-
-        test_key = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 1024)
-        uid = PGPUID.new('Some Name', email='anne@example.org')
-        test_key.add_uid(uid,
-                         usage={KeyFlags.Certify,
-                                KeyFlags.EncryptCommunications,
-                                KeyFlags.Sign},
-                         hashes=[HashAlgorithm.SHA256,
-                                 HashAlgorithm.SHA512],
-                         ciphers=[SymmetricKeyAlgorithm.AES256],
-                         compression=[CompressionAlgorithm.ZLIB])
-        sub = PGPKey.new(PubKeyAlgorithm.ECDH, EllipticCurveOID.SECP256K1)
-        test_key.add_subkey(sub, usage={KeyFlags.EncryptCommunications})
-
-        with transaction() as t:
-            pgp_address = PGPAddress(bart)
-            pgp_address.key = test_key.pubkey
-            pgp_address.key_confirmed = True
-            t.add(pgp_address)
-
-        revoc = test_key.revoke(sub.pubkey)
-
-        message = _create_mixed('bart@example.com', 'test@example.com',
-                                'key revoke')
-        wrapped_message = MIMEWrapper(message)
-        message = wrapped_message.attach_revocs(revoc)
-
-        items = _run_message(message, 1)
-        results_msg = items[0].msg
-
-        self.assertIn('Key succesfully updated.', results_msg.get_payload())
-        sub = next(iter(pgp_address.key.subkeys.values()))
-        revocs = list(sub.revocation_signatures)
-        self.assertEqual(len(revocs), 1)
-        self.assertEqual(revoc.hash2, revocs[0].hash2)
-
     def test_sign(self):
         bart = getUtility(IUserManager).create_address('bart@example.com',
                                                        'Bart Person')