fix: verify all subkeys expiration date

For: https://github.com/ben-grande/qusal/issues/46

scripts/pgp-expiration.sh

@@ -9,20 +9,34 @@ set -eu
 now="$(date +%s)"
 fail="0"
 for key in "${@}"; do
-  ## TODO: exit only after evaluating all subkeys, not on the first error.
+  data="$(gpg --no-keyring --no-auto-check-trustdb --no-autostart \
-  gpg --no-keyring --no-auto-check-trustdb --no-autostart \
+          --with-colons --show-keys "${key}")"
-  --with-colons --show-keys "${key}" |
+  nr="$(echo "${data}" | awk '/^(p|s)ub:/' | wc -l | cut -d " " -f1)"
-  awk -v key="${key}" -v now="${now}" -F ':' '/^(p|s)ub:/ {
+  echo "${data}" | awk -v fail="0" -v key="${key}" -v nr="${nr}" \
+    -v now="${now}" -F ':' '/^(p|s)ub:/ {
+    nlines++;
+
     if ($7=="") {
+      if (nlines==nr) { if (fail==1) { exit 1; }; }
       next
     }
+
     if ($7<now) {
       print key ": expired:", $5 >"/dev/stderr";
-        exit 1
+      fail=1
+      if (nlines==nr) { if (fail==1) { exit 1; }; }
+      next
     }
+
     # 60 days
     else if (($7-now)<(60*60*24*60)) {
       print key ": expires soon:", $5 >"/dev/stderr";
+      fail=1
+      if (nlines==nr) { if (fail==1) { exit 1; }; }
+      next
+    }
+
+    if (fail==1) {
       exit 1
     }
   }' || fail="1"