diff --git a/gpgmeplug/cryptplug.h b/gpgmeplug/cryptplug.h index e809fca1..1e4a67de 100644 --- a/gpgmeplug/cryptplug.h +++ b/gpgmeplug/cryptplug.h @@ -921,9 +921,9 @@ struct SignatureMetaData { /*! \ingroup groupSignAct \brief Checks whether the signature of a message is - valid. \c ciphertext specifies the message - as it was received by the MUA, \c cleartext - is the message with the signature(s) removed. + valid. \c ciphertext specifies the signed message + as it was received by the MUA, \c signaturetext is the + signature itself. Depending on the configuration, MUAs might not need to use this. If \c sigmeta is non-null, the @@ -932,7 +932,7 @@ struct SignatureMetaData { function call. */ bool checkMessageSignature( const char* ciphertext, - const char** cleartext, + const char* signaturetext, struct SignatureMetaData* sigmeta ); /*! \ingroup groupSignAct diff --git a/gpgmeplug/gpgmeplug.c b/gpgmeplug/gpgmeplug.c index 3fe308b2..8be1948e 100644 --- a/gpgmeplug/gpgmeplug.c +++ b/gpgmeplug/gpgmeplug.c @@ -773,8 +773,30 @@ bool signMessage( const char* cleartext, return bOk; } -bool checkMessageSignature( const char* ciphertext, const char** - cleartext, struct SignatureMetaData* sigmeta ){ return true; } + +bool checkMessageSignature( const char* ciphertext, + const char* signaturetext, + struct SignatureMetaData* sigmeta ) +{ + GpgmeCtx ctx; + GpgmeSigStat status; + GpgmeData datapart, sigpart; + + gpgme_new( &ctx ); + gpgme_data_new_from_mem( &datapart, ciphertext, + 1+strlen( ciphertext ), 1 ); + gpgme_data_new_from_mem( &sigpart, signaturetext, + 1+strlen( signaturetext ), 1 ); + + gpgme_op_verify( ctx, sigpart, datapart, &status ); + gpgme_data_release( datapart ); + gpgme_data_release( sigpart ); + gpgme_release( ctx ); + + // PENDING(khz) Differentiate better between various failures + // PENDING(khz) Fill sigmeta + return ( status == GPGME_SIG_STAT_GOOD ); +} bool storeCertificatesFromMessage( const char* ciphertext ){ return true; }