Use gpgme_get_sig_ulong_attr(.., GPGME_ATTR_SIG_SUMMARY ) function to return extended signature status information from the CryptPlug to the calling process after trying to verify a signature.

2002-06-19 10:22:49 +00:00 · 2002-06-19 10:22:49 +00:00 · 6798c68f2f
commit 6798c68f2f
parent ccde48c08d
2 changed files with 67 additions and 0 deletions
--- a/gpgmeplug/cryptplug.h
+++ b/gpgmeplug/cryptplug.h
@ -254,6 +254,48 @@ typedef enum {
 } CertificateSource;


+/*! \ingroup groupSignAct
+    \brief Flags used to compose the SigStatusFlags value.
+
+    This status flags are used to compose the SigStatusFlags value
+    returned in \c SignatureMetaDataExtendedInfo after trying to
+    verify a signed message part's signature status.
+
+    The normal flags may <b>not</b> be used together with the
+    special SigStat_NUMERICAL_CODE flag. When finding the special
+    SigStat_NUMERICAL_CODE flag in a SigStatusFlags value you
+    can obtain the respective error code number by substracting
+    the SigStatusFlags value by SigStat_NUMERICAL_CODE: this is
+    used to transport special status information NOT matching
+    any of the normal predefined status codes.
+
+    \note to PlugIn developers: Implementations of the CryptPlug API
+    should try to express their signature states by bit-wise OR'ing
+    the normal SigStatusFlags values. Using the SigStat_NUMERICAL_CODE
+    flag should only be used as for exceptional situations where no
+    other flag(s) could be used. By using the normal status flags your
+    PlugIn's users will be told an understandable description of the
+    status - when using (SigStat_NUMERICAL_CODE + internalCode) they
+    will only be shown the respective code number and have to look
+    into your PlugIn's manual to learn about it's meaning...
+*/
+enum {
+    SigStat_VALID       = 0x0001,   /* The signature is fully valid */
+    SigStat_GREEN       = 0x0002,   /* The signature is good. */
+    SigStat_RED         = 0x0004,   /* The signature is bad. */
+    SigStat_KEY_REVOKED = 0x0010,   /* One key has been revoked. */
+    SigStat_KEY_EXPIRED = 0x0020,   /* One key has expired. */
+    SigStat_SIG_EXPIRED = 0x0040,   /* The signature has expired. */
+    SigStat_KEY_MISSING = 0x0080,   /* Can't verify: key missing. */
+    SigStat_CRL_MISSING = 0x0100,   /* CRL not available. */
+    SigStat_CRL_TOO_OLD = 0x0200,   /* Available CRL is too old. */
+    SigStat_BAD_POLICY  = 0x0400,   /* A policy was not met. */
+    SigStat_SYS_ERROR   = 0x0800,   /* A system error occured. */
+
+    SigStat_NUMERICAL_CODE = 0x8000 /* An other error occured. */
+};
+typedef unsigned long SigStatusFlags;
+



@ -1456,6 +1498,7 @@ bool signMessage( const char*  cleartext,
 struct SignatureMetaDataExtendedInfo
 {
    struct tm* creation_time;
+    SigStatusFlags sigStatusFlags;
    char* status_text;
    char* keyid;
    char* fingerprint;
--- a/gpgmeplug/gpgmeplug.c
+++ b/gpgmeplug/gpgmeplug.c
@ -1179,6 +1179,8 @@ bool checkMessageSignature( char** cleartext,
 {
  GpgmeCtx ctx;
  GpgmeSigStat status;
+  unsigned long sumGPGME;
+  SigStatusFlags sumPlug;
  GpgmeData datapart, sigpart;
  char* rClear = 0;
  size_t clearLen;
@ -1268,6 +1270,28 @@ bool checkMessageSignature( char** cleartext,
                ctime_val, sizeof( struct tm ) );
      }

+      /* the extended signature verification status */
+      sumGPGME = gpgme_get_sig_ulong_attr( ctx,
+                                           sig_idx,
+                                           GPGME_ATTR_SIG_SUMMARY,
+                                           0 );
+      // translate GPGME status flags to common CryptPlug status flags
+      sumPlug = 0;
+      if( sumGPGME & GPGME_SIGSUM_VALID       ) sumPlug |= SigStat_VALID      ;
+      if( sumGPGME & GPGME_SIGSUM_GREEN       ) sumPlug |= SigStat_GREEN      ;
+      if( sumGPGME & GPGME_SIGSUM_RED         ) sumPlug |= SigStat_RED        ;
+      if( sumGPGME & GPGME_SIGSUM_KEY_REVOKED ) sumPlug |= SigStat_KEY_REVOKED;
+      if( sumGPGME & GPGME_SIGSUM_KEY_EXPIRED ) sumPlug |= SigStat_KEY_EXPIRED;
+      if( sumGPGME & GPGME_SIGSUM_SIG_EXPIRED ) sumPlug |= SigStat_SIG_EXPIRED;
+      if( sumGPGME & GPGME_SIGSUM_KEY_MISSING ) sumPlug |= SigStat_KEY_MISSING;
+      if( sumGPGME & GPGME_SIGSUM_CRL_MISSING ) sumPlug |= SigStat_CRL_MISSING;
+      if( sumGPGME & GPGME_SIGSUM_CRL_TOO_OLD ) sumPlug |= SigStat_CRL_TOO_OLD;
+      if( sumGPGME & GPGME_SIGSUM_BAD_POLICY  ) sumPlug |= SigStat_BAD_POLICY ;
+      if( sumGPGME & GPGME_SIGSUM_SYS_ERROR   ) sumPlug |= SigStat_SYS_ERROR  ;
+      if( !sumPlug )
+        sumPlug = SigStat_NUMERICAL_CODE | sumGPGME;
+      sigmeta->extended_info[sig_idx].sigStatusFlags = sumPlug;
+
      sigmeta->extended_info[sig_idx].validity = GPGME_VALIDITY_UNKNOWN;

      err = gpgme_get_sig_key (ctx, sig_idx, &key);