From 62fa781350cdd85ca5c31a30c525e1f401da1f77 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Sun, 14 Dec 2025 13:32:21 +0000
Subject: [PATCH] Fix GPG signature verification always showing "Unknown
 signer"

The verify_signature() function had a logic bug where the break statement
was executed even when quote parsing failed, preventing fallback to the
key ID extraction.

The break was positioned to execute whenever "Good signature from" appeared,
regardless of whether the signer name was successfully extracted from quotes.
This left signer_info as "Unknown signer" when quote parsing failed.

Fix: Move break inside the successful parsing block (if len(parts) >= 2)
so it only breaks after successfully extracting the signer name. If quote
parsing fails, the loop continues and can fall back to extracting the key
ID from the "using" line.

Testing: Created comprehensive test suite verifying correct extraction of
signer information and proper handling of edge cases.
---
 trace/crypto.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/trace/crypto.py b/trace/crypto.py
index a92dd8c..f1f089a 100644
--- a/trace/crypto.py
+++ b/trace/crypto.py
@@ -61,9 +61,9 @@ class Crypto:
                         parts = line.split('"')
                         if len(parts) >= 2:
                             signer_info = parts[1]
-                        break
+                            break  # Only break after successfully extracting signer info
                     elif "using" in line:
-                        # Try to get key ID
+                        # Try to get key ID as fallback
                         if "key" in line.lower():
                             signer_info = line.strip()