[Kalle] signature verification and decoding of encrypted mails

2001-11-25 15:23:21 +00:00 · 2001-11-25 15:23:21 +00:00 · 9e24b66475
commit 9e24b66475
parent 14aa91a95b
2 changed files with 28 additions and 6 deletions
--- a/gpgmeplug/cryptplug.h
+++ b/gpgmeplug/cryptplug.h
@ -921,9 +921,9 @@ struct SignatureMetaData {

 /*! \ingroup groupSignAct
   \brief Checks whether the signature of a message is
-          valid. \c ciphertext specifies the message
-          as it was received by the MUA, \c cleartext
-          is the message with the signature(s) removed.
+          valid. \c ciphertext specifies the signed message
+          as it was received by the MUA, \c signaturetext is the
+          signature itself.

   Depending on the configuration, MUAs might not need to use this.
   If \c sigmeta is non-null, the
@ -932,7 +932,7 @@ struct SignatureMetaData {
          function call.
 */
 bool checkMessageSignature( const char* ciphertext,
-                            const char** cleartext,
+                            const char* signaturetext,
                            struct SignatureMetaData* sigmeta );

 /*! \ingroup groupSignAct
--- a/gpgmeplug/gpgmeplug.c
+++ b/gpgmeplug/gpgmeplug.c
@ -773,8 +773,30 @@ bool signMessage( const char*  cleartext,
  return bOk;
 }

-bool checkMessageSignature( const char* ciphertext, const char**
-        cleartext, struct SignatureMetaData* sigmeta ){ return true; }
+
+bool checkMessageSignature( const char* ciphertext, 
+                            const char* signaturetext,
+                            struct SignatureMetaData* sigmeta )
+{ 
+    GpgmeCtx ctx;
+    GpgmeSigStat status;
+    GpgmeData datapart, sigpart;
+
+    gpgme_new( &ctx );
+    gpgme_data_new_from_mem( &datapart, ciphertext,
+                             1+strlen( ciphertext ), 1 );
+    gpgme_data_new_from_mem( &sigpart, signaturetext,
+                             1+strlen( signaturetext ), 1 );
+
+    gpgme_op_verify( ctx, sigpart, datapart, &status );
+    gpgme_data_release( datapart );
+    gpgme_data_release( sigpart );
+    gpgme_release( ctx );
+
+    // PENDING(khz) Differentiate better between various failures
+    // PENDING(khz) Fill sigmeta
+    return ( status == GPGME_SIG_STAT_GOOD );
+}

 bool storeCertificatesFromMessage(
        const char* ciphertext ){ return true; }