gpg: use explicit function to check for custom subpacket marker

trezor_agent/gpg/decode.py

@@ -92,6 +92,12 @@ def _parse_embedded_signatures(subpackets):
             yield _parse_signature(util.Reader(stream))
 
 
+def has_custom_subpacket(signature_packet):
+    """Detect our custom public keys by matching subpacket data."""
+    return any(protocol.CUSTOM_KEY_LABEL == subpacket[1:]
+               for subpacket in signature_packet['unhashed_subpackets'])
+
+
 def _parse_signature(stream):
     """See https://tools.ietf.org/html/rfc4880#section-5.2 for details."""
     p = {'type': 'signature'}
@@ -115,10 +121,6 @@ def _parse_signature(stream):
         log.debug('embedded sigs: %s', embedded)
         p['embedded'] = embedded
 
-    # Detect our custom public keys by matching subpacket data
-    p['_is_custom'] = any(protocol.CUSTOM_KEY_LABEL == subpacket[1:]
-                          for subpacket in p['unhashed_subpackets'])
-
     p['hash_prefix'] = stream.readfmt('2s')
     if p['pubkey_alg'] in ECDSA_ALGO_IDS:
         p['sig'] = (parse_mpi(stream), parse_mpi(stream))

trezor_agent/gpg/encode.py

@@ -87,7 +87,7 @@ def create_subkey(primary_bytes, subkey, signer_func, user_id=None):
         unhashed_subpackets.append(protocol.subpacket(32, embedded_sig))
     unhashed_subpackets.append(protocol.CUSTOM_SUBPACKET)
 
-    if not signature['_is_custom']:
+    if not decode.has_custom_subpacket(signature):
         signer_func = keyring.create_agent_signer(user_id['value'])
 
     signature = protocol.make_signature(