implement Signed-By without using gpg for verification

The previous commit returns to the possibility of using just gpgv for verification proposes. There is one problem through: We can't enforce a specific keyid without using gpg, but our acquire method can as it parses gpgv output anyway, so it can deal with good signatures from not expected signatures and treats them as unknown keys instead. Git-Dch: Ignore
author: David Kalnischkies <david@kalnischkies.de> 2015-07-07 22:11:20 +0200
committer: David Kalnischkies <david@kalnischkies.de> 2015-08-10 17:25:26 +0200
commit: 4e03c47de15164f2656d9655edab6fb3570cb2f2 (patch)
tree: b3475a46b3cc5ede3a4da4042c9bc80569549aba /test/integration/test-apt-key
parent: 25f2731928f0b571f7521d7d7a7e301499d0f6ee (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index 1226e7dc4..a1a0d883d 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -204,6 +204,7 @@ gpg:              unchanged: 1' aptkey --fakeroot update
 		testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
 		testfailure test -e keys/does-not-exist.pub
 
+		# note: this isn't how apts gpgv method implements keyid for verify
 		msgtest 'Test verify a file' 'with good keyid'
 		testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
author	David Kalnischkies <david@kalnischkies.de>	2015-07-07 22:11:20 +0200
committer	David Kalnischkies <david@kalnischkies.de>	2015-08-10 17:25:26 +0200
commit	4e03c47de15164f2656d9655edab6fb3570cb2f2 (patch)
tree	b3475a46b3cc5ede3a4da4042c9bc80569549aba /test/integration/test-apt-key
parent	25f2731928f0b571f7521d7d7a7e301499d0f6ee (diff)