alot/crypto: make keys required for detached_signature_for

This function is always passed a key to sign with, and not passing one
leads to the first available signing key in the keyring being selected
otherwise, which is problematic if one has two signing keys.

1 files changed, 4 insertions, 5 deletions

diff --git a/alot/crypto.py b/alot/crypto.py
index 3c748162..cd03d9e7 100644
--- a/alot/crypto.py
+++ b/alot/crypto.py
@@ -146,7 +146,7 @@ def list_keys(hint=None, private=False):
     return ctx.keylist(hint, private)
 
 
-def detached_signature_for(plaintext_str, key=None):
+def detached_signature_for(plaintext_str, keys):
     """
     Signs the given plaintext string and returns the detached signature.
 
@@ -154,14 +154,13 @@ def detached_signature_for(plaintext_str, key=None):
     a signature for the specified plaintext.
 
     :param str plaintext_str: text to sign
-    :param key: key to sign with
-    :type key: gpg.gpgme._gpgme_key
+    :param keys: list of one or more key to sign with.
+    :type keys: list[gpg.gpgme._gpgme_key]
     :returns: A list of signature and the signed blob of data
     :rtype: tuple[list[gpg.results.NewSignature], str]
     """
     ctx = gpg.core.Context(armor=True)
-    if key is not None:
-        ctx.signers = [key]
+    ctx.signers = keys
     (sigblob, sign_result) = ctx.sign(plaintext_str, mode=gpg.constants.SIG_MODE_DETACH)
     return sign_result.signatures, sigblob