From 478d1650bbef84958ccce439fac982ef57b16cd0 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 12 Apr 2018 20:26:00 +0200 Subject: core: For a failed verification return the sig's fingerprint. * src/verify.c (parse_new_sig): Parse the new ERRSIG fpr. -- This works only when the signatures features an ISSUER_FPR sub-packet and with GnuPG >= 2.2.7. If that is not the case the keyid is kept in the FPR field. Signed-off-by: Werner Koch --- src/verify.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/verify.c b/src/verify.c index ee730a34..4eab902b 100644 --- a/src/verify.c +++ b/src/verify.c @@ -284,6 +284,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, gpgme_signature_t sig; char *end = strchr (args, ' '); char *tail; + int got_fpr = 0; if (end) { @@ -370,7 +371,23 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, if (!*end) goto parse_err_sig_fail; - sig->status = strtoul (end, NULL, 10); + gpg_err_set_errno (0); + sig->status = strtoul (end, &tail, 10); + if (errno || end == tail || (*tail && *tail != ' ')) + goto parse_err_sig_fail; + if (!*tail) + goto parse_err_sig_ok; + end = tail; + while (*end == ' ') + end++; + + /* Parse the new fingerprint (from the ISSUER_FPR subpacket). */ + if (!*end || (*end == '-' && (end[1] == ' ' || !end[1]))) + goto parse_err_sig_ok; /* Okay (just trailing spaces). */ + sig->fpr = strdup (end); + if (!sig->fpr) + return gpg_error_from_syserror (); + got_fpr = 1; goto parse_err_sig_ok; parse_err_sig_fail: @@ -382,7 +399,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, return gpg_error (GPG_ERR_GENERAL); } - if (*args) + if (*args && !got_fpr) { sig->fpr = strdup (args); if (!sig->fpr) -- cgit v1.2.3