2 files changed, 28 insertions, 6 deletions

diff --git a/gpgmeplug/cryptplug.h b/gpgmeplug/cryptplug.h
index e809fca1..1e4a67de 100644
--- a/gpgmeplug/cryptplug.h
+++ b/gpgmeplug/cryptplug.h
@@ -921,9 +921,9 @@ struct SignatureMetaData {
 
 /*! \ingroup groupSignAct
    \brief Checks whether the signature of a message is
-          valid. \c ciphertext specifies the message
-          as it was received by the MUA, \c cleartext
-          is the message with the signature(s) removed.
+          valid. \c ciphertext specifies the signed message
+          as it was received by the MUA, \c signaturetext is the
+          signature itself.
 
    Depending on the configuration, MUAs might not need to use this.
    If \c sigmeta is non-null, the
@@ -932,7 +932,7 @@ struct SignatureMetaData {
           function call.
 */
 bool checkMessageSignature( const char* ciphertext,
-                            const char** cleartext,
+                            const char* signaturetext,
                             struct SignatureMetaData* sigmeta );
 
 /*! \ingroup groupSignAct
diff --git a/gpgmeplug/gpgmeplug.c b/gpgmeplug/gpgmeplug.c
index 3fe308b2..8be1948e 100644
--- a/gpgmeplug/gpgmeplug.c
+++ b/gpgmeplug/gpgmeplug.c
@@ -773,8 +773,30 @@ bool signMessage( const char*  cleartext,
   return bOk;
 }
 
-bool checkMessageSignature( const char* ciphertext, const char**
-        cleartext, struct SignatureMetaData* sigmeta ){ return true; }
+
+bool checkMessageSignature( const char* ciphertext, 
+                            const char* signaturetext,
+                            struct SignatureMetaData* sigmeta )
+{ 
+    GpgmeCtx ctx;
+    GpgmeSigStat status;
+    GpgmeData datapart, sigpart;
+
+    gpgme_new( &ctx );
+    gpgme_data_new_from_mem( &datapart, ciphertext,
+                             1+strlen( ciphertext ), 1 );
+    gpgme_data_new_from_mem( &sigpart, signaturetext,
+                             1+strlen( signaturetext ), 1 );
+
+    gpgme_op_verify( ctx, sigpart, datapart, &status );
+    gpgme_data_release( datapart );
+    gpgme_data_release( sigpart );
+    gpgme_release( ctx );
+
+    // PENDING(khz) Differentiate better between various failures
+    // PENDING(khz) Fill sigmeta
+    return ( status == GPGME_SIG_STAT_GOOD );
+}
 
 bool storeCertificatesFromMessage(
         const char* ciphertext ){ return true; }