Use gpgme_get_sig_ulong_attr(.., GPGME_ATTR_SIG_SUMMARY ) function to return extended signature status information from the CryptPlug to the calling process after trying to verify a signature.
This commit is contained in:
Karl-Heinz Zimmer
parent
ccde48c08d
commit
6798c68f2f
@ -254,6 +254,48 @@ typedef enum {
|
|||||||
} CertificateSource;
|
} CertificateSource;
|
||||||
|
|
||||||
|
|
||||||
|
/*! \ingroup groupSignAct
|
||||||
|
\brief Flags used to compose the SigStatusFlags value.
|
||||||
|
|
||||||
|
This status flags are used to compose the SigStatusFlags value
|
||||||
|
returned in \c SignatureMetaDataExtendedInfo after trying to
|
||||||
|
verify a signed message part's signature status.
|
||||||
|
|
||||||
|
The normal flags may <b>not</b> be used together with the
|
||||||
|
special SigStat_NUMERICAL_CODE flag. When finding the special
|
||||||
|
SigStat_NUMERICAL_CODE flag in a SigStatusFlags value you
|
||||||
|
can obtain the respective error code number by substracting
|
||||||
|
the SigStatusFlags value by SigStat_NUMERICAL_CODE: this is
|
||||||
|
used to transport special status information NOT matching
|
||||||
|
any of the normal predefined status codes.
|
||||||
|
|
||||||
|
\note to PlugIn developers: Implementations of the CryptPlug API
|
||||||
|
should try to express their signature states by bit-wise OR'ing
|
||||||
|
the normal SigStatusFlags values. Using the SigStat_NUMERICAL_CODE
|
||||||
|
flag should only be used as for exceptional situations where no
|
||||||
|
other flag(s) could be used. By using the normal status flags your
|
||||||
|
PlugIn's users will be told an understandable description of the
|
||||||
|
status - when using (SigStat_NUMERICAL_CODE + internalCode) they
|
||||||
|
will only be shown the respective code number and have to look
|
||||||
|
into your PlugIn's manual to learn about it's meaning...
|
||||||
|
*/
|
||||||
|
enum {
|
||||||
|
SigStat_VALID = 0x0001, /* The signature is fully valid */
|
||||||
|
SigStat_GREEN = 0x0002, /* The signature is good. */
|
||||||
|
SigStat_RED = 0x0004, /* The signature is bad. */
|
||||||
|
SigStat_KEY_REVOKED = 0x0010, /* One key has been revoked. */
|
||||||
|
SigStat_KEY_EXPIRED = 0x0020, /* One key has expired. */
|
||||||
|
SigStat_SIG_EXPIRED = 0x0040, /* The signature has expired. */
|
||||||
|
SigStat_KEY_MISSING = 0x0080, /* Can't verify: key missing. */
|
||||||
|
SigStat_CRL_MISSING = 0x0100, /* CRL not available. */
|
||||||
|
SigStat_CRL_TOO_OLD = 0x0200, /* Available CRL is too old. */
|
||||||
|
SigStat_BAD_POLICY = 0x0400, /* A policy was not met. */
|
||||||
|
SigStat_SYS_ERROR = 0x0800, /* A system error occured. */
|
||||||
|
|
||||||
|
SigStat_NUMERICAL_CODE = 0x8000 /* An other error occured. */
|
||||||
|
};
|
||||||
|
typedef unsigned long SigStatusFlags;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -1456,6 +1498,7 @@ bool signMessage( const char* cleartext,
|
|||||||
struct SignatureMetaDataExtendedInfo
|
struct SignatureMetaDataExtendedInfo
|
||||||
{
|
{
|
||||||
struct tm* creation_time;
|
struct tm* creation_time;
|
||||||
|
SigStatusFlags sigStatusFlags;
|
||||||
char* status_text;
|
char* status_text;
|
||||||
char* keyid;
|
char* keyid;
|
||||||
char* fingerprint;
|
char* fingerprint;
|
||||||
|
|||||||
@ -1179,6 +1179,8 @@ bool checkMessageSignature( char** cleartext,
|
|||||||
{
|
{
|
||||||
GpgmeCtx ctx;
|
GpgmeCtx ctx;
|
||||||
GpgmeSigStat status;
|
GpgmeSigStat status;
|
||||||
|
unsigned long sumGPGME;
|
||||||
|
SigStatusFlags sumPlug;
|
||||||
GpgmeData datapart, sigpart;
|
GpgmeData datapart, sigpart;
|
||||||
char* rClear = 0;
|
char* rClear = 0;
|
||||||
size_t clearLen;
|
size_t clearLen;
|
||||||
@ -1268,6 +1270,28 @@ bool checkMessageSignature( char** cleartext,
|
|||||||
ctime_val, sizeof( struct tm ) );
|
ctime_val, sizeof( struct tm ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* the extended signature verification status */
|
||||||
|
sumGPGME = gpgme_get_sig_ulong_attr( ctx,
|
||||||
|
sig_idx,
|
||||||
|
GPGME_ATTR_SIG_SUMMARY,
|
||||||
|
0 );
|
||||||
|
// translate GPGME status flags to common CryptPlug status flags
|
||||||
|
sumPlug = 0;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_VALID ) sumPlug |= SigStat_VALID ;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_GREEN ) sumPlug |= SigStat_GREEN ;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_RED ) sumPlug |= SigStat_RED ;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_KEY_REVOKED ) sumPlug |= SigStat_KEY_REVOKED;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_KEY_EXPIRED ) sumPlug |= SigStat_KEY_EXPIRED;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_SIG_EXPIRED ) sumPlug |= SigStat_SIG_EXPIRED;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_KEY_MISSING ) sumPlug |= SigStat_KEY_MISSING;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_CRL_MISSING ) sumPlug |= SigStat_CRL_MISSING;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_CRL_TOO_OLD ) sumPlug |= SigStat_CRL_TOO_OLD;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_BAD_POLICY ) sumPlug |= SigStat_BAD_POLICY ;
|
||||||
|
if( sumGPGME & GPGME_SIGSUM_SYS_ERROR ) sumPlug |= SigStat_SYS_ERROR ;
|
||||||
|
if( !sumPlug )
|
||||||
|
sumPlug = SigStat_NUMERICAL_CODE | sumGPGME;
|
||||||
|
sigmeta->extended_info[sig_idx].sigStatusFlags = sumPlug;
|
||||||
|
|
||||||
sigmeta->extended_info[sig_idx].validity = GPGME_VALIDITY_UNKNOWN;
|
sigmeta->extended_info[sig_idx].validity = GPGME_VALIDITY_UNKNOWN;
|
||||||
|
|
||||||
err = gpgme_get_sig_key (ctx, sig_idx, &key);
|
err = gpgme_get_sig_key (ctx, sig_idx, &key);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user