gnupg: 'gnupg-status-missing-key?' returns a fingerprint when possible.
Until then, 'gnupg-status-missing-key?' would return a key id. Its
user, 'gnupg-verify*', would then fetch a key with that ID from key
servers, thus possibly the wrong key (due to key ID collisions). If it
did fetch the wrong key, the effect would be a signature verification
failure down the path--e.g., in "guix refresh -u".
* guix/gnupg.scm (gnupg-verify)[maybe-fingerprint]: New procedure.
[status-line->sexp](errsig-rx): Add parenthetical expression at the end.
Fetch it and add it to the 'signature-error' sexp.
(gnupg-status-missing-key?): Match the whole 'signature-error' sexp and
return preferably the fingerprint rather than KEY-ID.
(gnupg-receive-keys): Rename 'key-id' parameter to 'fingerprint/key-id'.