aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2014-05-07 12:08:16 +0000
committerWerner Koch <[email protected]>2014-05-07 12:08:42 +0000
commite5279c85a04084a2277acb224bd4ca3026dcafd4 (patch)
tree8625774192742acca54122369ee12976ba387c58
parentgpg: Mark experimental algorithms in the key listing. (diff)
downloadgnupg-e5279c85a04084a2277acb224bd4ca3026dcafd4.tar.gz
gnupg-e5279c85a04084a2277acb224bd4ca3026dcafd4.zip
gpg: Fix indendation of check_sig_and_print.
--
Diffstat
-rw-r--r--g10/mainproc.c679
1 files changed, 347 insertions, 332 deletions
diff --git a/g10/mainproc.c b/g10/mainproc.c
index f830eeedb..20a799f0b 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1,7 +1,7 @@
/* mainproc.c - handle packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
* 2008, 2009 Free Software Foundation, Inc.
- * Copyright (C) 2013 Werner Koch
+ * Copyright (C) 2013, 2014 Werner Koch
*
* This file is part of GnuPG.
*
@@ -1529,7 +1529,7 @@ pka_uri_from_sig (PKT_signature *sig)
static int
-check_sig_and_print( CTX c, KBNODE node )
+check_sig_and_print (CTX c, KBNODE node)
{
PKT_signature *sig = node->pkt->pkt.signature;
const char *astr;
@@ -1649,390 +1649,405 @@ check_sig_and_print( CTX c, KBNODE node )
log_error(_("can't handle this ambiguous signature data\n"));
return 0;
}
-
}
- /* (Indendation below not yet changed to GNU style.) */
+ astr = openpgp_pk_algo_name ( sig->pubkey_algo );
+ if (keystrlen () > 8)
+ {
+ log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
+ log_info (_(" using %s key %s\n"),
+ astr? astr: "?",keystr(sig->keyid));
+ }
+ else
+ log_info (_("Signature made %s using %s key ID %s\n"),
+ asctimestamp(sig->timestamp), astr? astr: "?",
+ keystr(sig->keyid));
- astr = openpgp_pk_algo_name ( sig->pubkey_algo );
- if(keystrlen()>8)
- {
- log_info(_("Signature made %s\n"),asctimestamp(sig->timestamp));
- log_info(_(" using %s key %s\n"),
- astr? astr: "?",keystr(sig->keyid));
- }
- else
- log_info(_("Signature made %s using %s key ID %s\n"),
- asctimestamp(sig->timestamp), astr? astr: "?",
- keystr(sig->keyid));
+ rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
- rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
+ /* If the key isn't found, check for a preferred keyserver */
- /* If the key isn't found, check for a preferred keyserver */
+ if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && sig->flags.pref_ks)
+ {
+ const byte *p;
+ int seq = 0;
+ size_t n;
- if(rc==G10ERR_NO_PUBKEY && sig->flags.pref_ks)
- {
- const byte *p;
- int seq=0;
- size_t n;
+ while ((p=enum_sig_subpkt (sig->hashed,SIGSUBPKT_PREF_KS,&n,&seq,NULL)))
+ {
+ /* According to my favorite copy editor, in English grammar,
+ you say "at" if the key is located on a web page, but
+ "from" if it is located on a keyserver. I'm not going to
+ even try to make two strings here :) */
+ log_info(_("Key available at: ") );
+ print_utf8_buffer (log_get_stream(), p, n);
+ log_printf ("\n");
+
+ if (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
+ && opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
+ {
+ struct keyserver_spec *spec;
- while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&n,&seq,NULL)))
- {
- /* According to my favorite copy editor, in English
- grammar, you say "at" if the key is located on a web
- page, but "from" if it is located on a keyserver. I'm
- not going to even try to make two strings here :) */
- log_info(_("Key available at: ") );
- print_utf8_buffer (log_get_stream(), p, n);
- log_printf ("\n");
-
- if(opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
- && opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
- {
- struct keyserver_spec *spec;
+ spec = parse_preferred_keyserver (sig);
+ if (spec)
+ {
+ int res;
- spec=parse_preferred_keyserver(sig);
- if(spec)
- {
- int res;
+ glo_ctrl.in_auto_key_retrieve++;
+ res = keyserver_import_keyid (c->ctrl, sig->keyid,spec);
+ glo_ctrl.in_auto_key_retrieve--;
+ if (!res)
+ rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
+ free_keyserver_spec (spec);
- glo_ctrl.in_auto_key_retrieve++;
- res = keyserver_import_keyid (c->ctrl, sig->keyid,spec);
- glo_ctrl.in_auto_key_retrieve--;
- if(!res)
- rc=do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
- free_keyserver_spec(spec);
-
- if(!rc)
- break;
- }
- }
- }
- }
+ if (!rc)
+ break;
+ }
+ }
+ }
+ }
- /* If the preferred keyserver thing above didn't work, our second
- try is to use the URI from a DNS PKA record. */
- if ( rc == G10ERR_NO_PUBKEY
- && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
- && opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD)
- {
- const char *uri = pka_uri_from_sig (sig);
+ /* If the preferred keyserver thing above didn't work, our second
+ try is to use the URI from a DNS PKA record. */
+ if (gpg_err_code (rc) == G10ERR_NO_PUBKEY
+ && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)
+ && (opt.keyserver_options.options & KEYSERVER_HONOR_PKA_RECORD))
+ {
+ const char *uri = pka_uri_from_sig (sig);
- if (uri)
- {
- /* FIXME: We might want to locate the key using the
- fingerprint instead of the keyid. */
- int res;
- struct keyserver_spec *spec;
+ if (uri)
+ {
+ /* FIXME: We might want to locate the key using the
+ fingerprint instead of the keyid. */
+ int res;
+ struct keyserver_spec *spec;
- spec = parse_keyserver_uri (uri, 1, NULL, 0);
- if (spec)
- {
- glo_ctrl.in_auto_key_retrieve++;
- res = keyserver_import_keyid (c->ctrl, sig->keyid, spec);
+ spec = parse_keyserver_uri (uri, 1, NULL, 0);
+ if (spec)
+ {
+ glo_ctrl.in_auto_key_retrieve++;
+ res = keyserver_import_keyid (c->ctrl, sig->keyid, spec);
glo_ctrl.in_auto_key_retrieve--;
free_keyserver_spec (spec);
if (!res)
- rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
- }
- }
- }
+ rc = do_check_sig (c, node, NULL, &is_expkey, &is_revkey );
+ }
+ }
+ }
- /* If the preferred keyserver thing above didn't work and we got
+ /* If the preferred keyserver thing above didn't work and we got
no information from the DNS PKA, this is a third try. */
- if( rc == G10ERR_NO_PUBKEY && opt.keyserver
- && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE)
- {
- int res;
+ if (gpg_err_code (rc) == G10ERR_NO_PUBKEY
+ && opt.keyserver
+ && (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE))
+ {
+ int res;
- glo_ctrl.in_auto_key_retrieve++;
- res=keyserver_import_keyid (c->ctrl, sig->keyid, opt.keyserver );
- glo_ctrl.in_auto_key_retrieve--;
- if(!res)
- rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
- }
+ glo_ctrl.in_auto_key_retrieve++;
+ res=keyserver_import_keyid (c->ctrl, sig->keyid, opt.keyserver );
+ glo_ctrl.in_auto_key_retrieve--;
+ if (!res)
+ rc = do_check_sig (c, node, NULL, &is_expkey, &is_revkey );
+ }
- if( !rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE ) {
- KBNODE un, keyblock;
- int count=0, statno;
- char keyid_str[50];
- PKT_public_key *pk=NULL;
-
- if(rc)
- statno=STATUS_BADSIG;
- else if(sig->flags.expired)
- statno=STATUS_EXPSIG;
- else if(is_expkey)
- statno=STATUS_EXPKEYSIG;
- else if(is_revkey)
- statno=STATUS_REVKEYSIG;
- else
- statno=STATUS_GOODSIG;
+ if (!rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE)
+ {
+ kbnode_t un, keyblock;
+ int count = 0;
+ int statno;
+ char keyid_str[50];
+ PKT_public_key *pk = NULL;
+
+ if (rc)
+ statno = STATUS_BADSIG;
+ else if (sig->flags.expired)
+ statno = STATUS_EXPSIG;
+ else if (is_expkey)
+ statno = STATUS_EXPKEYSIG;
+ else if(is_revkey)
+ statno = STATUS_REVKEYSIG;
+ else
+ statno = STATUS_GOODSIG;
+
+ keyblock = get_pubkeyblock (sig->keyid);
+
+ snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ",
+ (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
+
+ /* Find and print the primary user ID. */
+ for (un=keyblock; un; un = un->next)
+ {
+ char *p;
+ int valid;
- keyblock = get_pubkeyblock( sig->keyid );
+ if (un->pkt->pkttype==PKT_PUBLIC_KEY)
+ {
+ pk=un->pkt->pkt.public_key;
+ continue;
+ }
+ if (un->pkt->pkttype != PKT_USER_ID)
+ continue;
+ if (!un->pkt->pkt.user_id->created)
+ continue;
+ if (un->pkt->pkt.user_id->is_revoked)
+ continue;
+ if (un->pkt->pkt.user_id->is_expired)
+ continue;
+ if (!un->pkt->pkt.user_id->is_primary)
+ continue;
+ /* We want the textual primary user ID here */
+ if (un->pkt->pkt.user_id->attrib_data)
+ continue;
- sprintf (keyid_str, "%08lX%08lX [uncertain] ",
- (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
+ assert (pk);
- /* find and print the primary user ID */
- for( un=keyblock; un; un = un->next ) {
- char *p;
- int valid;
- if(un->pkt->pkttype==PKT_PUBLIC_KEY)
- {
- pk=un->pkt->pkt.public_key;
- continue;
- }
- if( un->pkt->pkttype != PKT_USER_ID )
- continue;
- if ( !un->pkt->pkt.user_id->created )
- continue;
- if ( un->pkt->pkt.user_id->is_revoked )
- continue;
- if ( un->pkt->pkt.user_id->is_expired )
- continue;
- if ( !un->pkt->pkt.user_id->is_primary )
- continue;
- /* We want the textual primary user ID here */
- if ( un->pkt->pkt.user_id->attrib_data )
- continue;
+ /* Get it before we print anything to avoid interrupting the
+ output with the "please do a --check-trustdb" line. */
+ valid = get_validity (pk, un->pkt->pkt.user_id);
- assert(pk);
+ keyid_str[17] = 0; /* cut off the "[uncertain]" part */
+ write_status_text_and_buffer (statno, keyid_str,
+ un->pkt->pkt.user_id->name,
+ un->pkt->pkt.user_id->len,
+ -1);
- /* Get it before we print anything to avoid interrupting
- the output with the "please do a --check-trustdb"
- line. */
- valid=get_validity(pk,un->pkt->pkt.user_id);
+ p = utf8_to_native (un->pkt->pkt.user_id->name,
+ un->pkt->pkt.user_id->len, 0);
- keyid_str[17] = 0; /* cut off the "[uncertain]" part */
- write_status_text_and_buffer (statno, keyid_str,
- un->pkt->pkt.user_id->name,
- un->pkt->pkt.user_id->len,
- -1 );
-
- p=utf8_to_native(un->pkt->pkt.user_id->name,
- un->pkt->pkt.user_id->len,0);
-
- if(rc)
- log_info(_("BAD signature from \"%s\""),p);
- else if(sig->flags.expired)
- log_info(_("Expired signature from \"%s\""),p);
- else
- log_info(_("Good signature from \"%s\""),p);
+ if (rc)
+ log_info (_("BAD signature from \"%s\""), p);
+ else if (sig->flags.expired)
+ log_info (_("Expired signature from \"%s\""), p);
+ else
+ log_info (_("Good signature from \"%s\""), p);
- xfree(p);
+ xfree(p);
- if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
- log_printf (" [%s]\n",trust_value_to_string(valid));
- else
- log_printf ("\n");
- count++;
+ if (opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
+ log_printf (" [%s]\n",trust_value_to_string(valid));
+ else
+ log_printf ("\n");
+ count++;
}
- if( !count ) { /* just in case that we have no valid textual
- userid */
- char *p;
- /* Try for an invalid textual userid */
- for( un=keyblock; un; un = un->next ) {
- if( un->pkt->pkttype == PKT_USER_ID &&
- !un->pkt->pkt.user_id->attrib_data )
- break;
+ if (!count) /* Just in case that we have no valid textual userid */
+ {
+ char *p;
+
+ /* Try for an invalid textual userid */
+ for (un=keyblock; un; un = un->next)
+ {
+ if (un->pkt->pkttype == PKT_USER_ID
+ && !un->pkt->pkt.user_id->attrib_data)
+ break;
}
- /* Try for any userid at all */
- if(!un) {
- for( un=keyblock; un; un = un->next ) {
- if( un->pkt->pkttype == PKT_USER_ID )
- break;
+ /* Try for any userid at all */
+ if (!un)
+ {
+ for (un=keyblock; un; un = un->next)
+ {
+ if (un->pkt->pkttype == PKT_USER_ID)
+ break;
}
}
- if (opt.trust_model==TM_ALWAYS || !un)
- keyid_str[17] = 0; /* cut off the "[uncertain]" part */
-
- write_status_text_and_buffer (statno, keyid_str,
- un? un->pkt->pkt.user_id->name:"[?]",
- un? un->pkt->pkt.user_id->len:3,
- -1 );
-
- if(un)
- p=utf8_to_native(un->pkt->pkt.user_id->name,
- un->pkt->pkt.user_id->len,0);
- else
- p=xstrdup("[?]");
+ if (opt.trust_model==TM_ALWAYS || !un)
+ keyid_str[17] = 0; /* cut off the "[uncertain]" part */
- if(rc)
- log_info(_("BAD signature from \"%s\""),p);
- else if(sig->flags.expired)
- log_info(_("Expired signature from \"%s\""),p);
- else
- log_info(_("Good signature from \"%s\""),p);
- if (opt.trust_model!=TM_ALWAYS && un)
- log_printf (" %s",_("[uncertain]") );
- log_printf ("\n");
+ write_status_text_and_buffer (statno, keyid_str,
+ un? un->pkt->pkt.user_id->name:"[?]",
+ un? un->pkt->pkt.user_id->len:3,
+ -1 );
+
+ if (un)
+ p= utf8_to_native (un->pkt->pkt.user_id->name,
+ un->pkt->pkt.user_id->len, 0);
+ else
+ p = xstrdup ("[?]");
+
+ if (rc)
+ log_info (_("BAD signature from \"%s\""), p);
+ else if (sig->flags.expired)
+ log_info (_("Expired signature from \"%s\""), p);
+ else
+ log_info (_("Good signature from \"%s\""), p);
+ if (opt.trust_model != TM_ALWAYS && un)
+ log_printf (" %s",_("[uncertain]") );
+ log_printf ("\n");
}
- /* If we have a good signature and already printed
- * the primary user ID, print all the other user IDs */
- if ( count && !rc
- && !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY)) {
- char *p;
- for( un=keyblock; un; un = un->next ) {
- if( un->pkt->pkttype != PKT_USER_ID )
- continue;
- if((un->pkt->pkt.user_id->is_revoked
- || un->pkt->pkt.user_id->is_expired)
- && !(opt.verify_options&VERIFY_SHOW_UNUSABLE_UIDS))
- continue;
- /* Only skip textual primaries */
- if ( un->pkt->pkt.user_id->is_primary &&
- !un->pkt->pkt.user_id->attrib_data )
- continue;
-
- if(un->pkt->pkt.user_id->attrib_data)
- {
- dump_attribs (un->pkt->pkt.user_id, pk);
+ /* If we have a good signature and already printed
+ * the primary user ID, print all the other user IDs */
+ if (count
+ && !rc
+ && !(opt.verify_options & VERIFY_SHOW_PRIMARY_UID_ONLY))
+ {
+ char *p;
+ for( un=keyblock; un; un = un->next)
+ {
+ if (un->pkt->pkttype != PKT_USER_ID)
+ continue;
+ if ((un->pkt->pkt.user_id->is_revoked
+ || un->pkt->pkt.user_id->is_expired)
+ && !(opt.verify_options & VERIFY_SHOW_UNUSABLE_UIDS))
+ continue;
+ /* Only skip textual primaries */
+ if (un->pkt->pkt.user_id->is_primary
+ && !un->pkt->pkt.user_id->attrib_data )
+ continue;
- if(opt.verify_options&VERIFY_SHOW_PHOTOS)
- show_photos(un->pkt->pkt.user_id->attribs,
- un->pkt->pkt.user_id->numattribs,
- pk ,un->pkt->pkt.user_id);
- }
+ if (un->pkt->pkt.user_id->attrib_data)
+ {
+ dump_attribs (un->pkt->pkt.user_id, pk);
- p=utf8_to_native(un->pkt->pkt.user_id->name,
- un->pkt->pkt.user_id->len,0);
- log_info(_(" aka \"%s\""),p);
- xfree(p);
+ if (opt.verify_options&VERIFY_SHOW_PHOTOS)
+ show_photos (un->pkt->pkt.user_id->attribs,
+ un->pkt->pkt.user_id->numattribs,
+ pk ,un->pkt->pkt.user_id);
+ }
- if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
- {
- const char *valid;
- if(un->pkt->pkt.user_id->is_revoked)
- valid=_("revoked");
- else if(un->pkt->pkt.user_id->is_expired)
- valid=_("expired");
- else
- valid=trust_value_to_string(get_validity(pk,
- un->pkt->
- pkt.user_id));
- log_printf (" [%s]\n",valid);
- }
- else
- log_printf ("\n");
+ p = utf8_to_native (un->pkt->pkt.user_id->name,
+ un->pkt->pkt.user_id->len, 0);
+ log_info (_(" aka \"%s\""), p);
+ xfree (p);
+
+ if ((opt.verify_options & VERIFY_SHOW_UID_VALIDITY))
+ {
+ const char *valid;
+
+ if (un->pkt->pkt.user_id->is_revoked)
+ valid = _("revoked");
+ else if (un->pkt->pkt.user_id->is_expired)
+ valid = _("expired");
+ else
+ valid = (trust_value_to_string
+ (get_validity (pk, un->pkt->pkt.user_id)));
+ log_printf (" [%s]\n",valid);
+ }
+ else
+ log_printf ("\n");
}
}
- release_kbnode( keyblock );
+ release_kbnode( keyblock );
- if( !rc )
- {
- if(opt.verify_options&VERIFY_SHOW_POLICY_URLS)
- show_policy_url(sig,0,1);
- else
- show_policy_url(sig,0,2);
-
- if(opt.verify_options&VERIFY_SHOW_KEYSERVER_URLS)
- show_keyserver_url(sig,0,1);
- else
- show_keyserver_url(sig,0,2);
+ if (!rc)
+ {
+ if ((opt.verify_options & VERIFY_SHOW_POLICY_URLS))
+ show_policy_url (sig, 0, 1);
+ else
+ show_policy_url (sig, 0, 2);
+
+ if ((opt.verify_options & VERIFY_SHOW_KEYSERVER_URLS))
+ show_keyserver_url (sig, 0, 1);
+ else
+ show_keyserver_url (sig, 0, 2);
+
+ if ((opt.verify_options & VERIFY_SHOW_NOTATIONS))
+ show_notation
+ (sig, 0, 1,
+ (((opt.verify_options&VERIFY_SHOW_STD_NOTATIONS)?1:0)
+ + ((opt.verify_options&VERIFY_SHOW_USER_NOTATIONS)?2:0)));
+ else
+ show_notation (sig, 0, 2, 0);
+ }
- if(opt.verify_options&VERIFY_SHOW_NOTATIONS)
- show_notation(sig,0,1,
- ((opt.verify_options&VERIFY_SHOW_STD_NOTATIONS)?1:0)+
- ((opt.verify_options&VERIFY_SHOW_USER_NOTATIONS)?2:0));
- else
- show_notation(sig,0,2,0);
- }
+ if (!rc && is_status_enabled ())
+ {
+ /* Print a status response with the fingerprint. */
+ PKT_public_key *vpk = xmalloc_clear (sizeof *vpk);
- if( !rc && is_status_enabled() ) {
- /* print a status response with the fingerprint */
- PKT_public_key *vpk = xmalloc_clear( sizeof *vpk );
-
- if( !get_pubkey( vpk, sig->keyid ) ) {
- byte array[MAX_FINGERPRINT_LEN], *p;
- char buf[MAX_FINGERPRINT_LEN*4+90], *bufp;
- size_t i, n;
-
- bufp = buf;
- fingerprint_from_pk( vpk, array, &n );
- p = array;
- for(i=0; i < n ; i++, p++, bufp += 2)
- sprintf(bufp, "%02X", *p );
- /* TODO: Replace the reserved '0' in the field below
- with bits for status flags (policy url, notation,
- etc.). Remember to make the buffer larger to
- match! */
- sprintf(bufp, " %s %lu %lu %d 0 %d %d %02X ",
- strtimestamp( sig->timestamp ),
- (ulong)sig->timestamp,(ulong)sig->expiredate,
- sig->version,sig->pubkey_algo,sig->digest_algo,
- sig->sig_class);
- bufp = bufp + strlen (bufp);
- if (!vpk->flags.primary) {
- u32 akid[2];
-
- akid[0] = vpk->main_keyid[0];
- akid[1] = vpk->main_keyid[1];
- free_public_key (vpk);
- vpk = xmalloc_clear( sizeof *vpk );
- if (get_pubkey (vpk, akid)) {
- /* impossible error, we simply return a zeroed out fpr */
- n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20;
- memset (array, 0, n);
- }
- else
- fingerprint_from_pk( vpk, array, &n );
+ if (!get_pubkey (vpk, sig->keyid))
+ {
+ byte array[MAX_FINGERPRINT_LEN], *p;
+ char buf[MAX_FINGERPRINT_LEN*4+90], *bufp;
+ size_t i, n;
+
+ bufp = buf;
+ fingerprint_from_pk (vpk, array, &n);
+ p = array;
+ for(i=0; i < n ; i++, p++, bufp += 2)
+ sprintf (bufp, "%02X", *p );
+ /* TODO: Replace the reserved '0' in the field below
+ with bits for status flags (policy url, notation,
+ etc.). Remember to make the buffer larger to match! */
+ sprintf (bufp, " %s %lu %lu %d 0 %d %d %02X ",
+ strtimestamp( sig->timestamp ),
+ (ulong)sig->timestamp,(ulong)sig->expiredate,
+ sig->version,sig->pubkey_algo,sig->digest_algo,
+ sig->sig_class);
+ bufp = bufp + strlen (bufp);
+ if (!vpk->flags.primary)
+ {
+ u32 akid[2];
+
+ akid[0] = vpk->main_keyid[0];
+ akid[1] = vpk->main_keyid[1];
+ free_public_key (vpk);
+ vpk = xmalloc_clear (sizeof *vpk);
+ if (get_pubkey (vpk, akid))
+ {
+ /* Impossible error, we simply return a zeroed out fpr */
+ n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20;
+ memset (array, 0, n);
+ }
+ else
+ fingerprint_from_pk( vpk, array, &n );
}
- p = array;
- for(i=0; i < n ; i++, p++, bufp += 2)
- sprintf(bufp, "%02X", *p );
- write_status_text( STATUS_VALIDSIG, buf );
+ p = array;
+ for (i=0; i < n ; i++, p++, bufp += 2)
+ sprintf(bufp, "%02X", *p );
+ write_status_text (STATUS_VALIDSIG, buf);
}
- free_public_key( vpk );
+ free_public_key (vpk);
}
- if (!rc)
- {
- if(opt.verify_options&VERIFY_PKA_LOOKUPS)
- pka_uri_from_sig (sig); /* Make sure PKA info is available. */
- rc = check_signatures_trust( sig );
- }
+ if (!rc)
+ {
+ if ((opt.verify_options & VERIFY_PKA_LOOKUPS))
+ pka_uri_from_sig (sig); /* Make sure PKA info is available. */
+ rc = check_signatures_trust (sig);
+ }
- if(sig->flags.expired)
- {
- log_info(_("Signature expired %s\n"),
- asctimestamp(sig->expiredate));
- rc=G10ERR_GENERAL; /* need a better error here? */
- }
- else if(sig->expiredate)
- log_info(_("Signature expires %s\n"),asctimestamp(sig->expiredate));
-
- if(opt.verbose)
- log_info(_("%s signature, digest algorithm %s\n"),
- sig->sig_class==0x00?_("binary"):
- sig->sig_class==0x01?_("textmode"):_("unknown"),
- gcry_md_algo_name (sig->digest_algo));
-
- if( rc )
- g10_errors_seen = 1;
- if( opt.batch && rc )
- g10_exit(1);
+ if (sig->flags.expired)
+ {
+ log_info (_("Signature expired %s\n"), asctimestamp(sig->expiredate));
+ rc = G10ERR_GENERAL; /* need a better error here? */
+ }
+ else if (sig->expiredate)
+ log_info (_("Signature expires %s\n"), asctimestamp(sig->expiredate));
+
+ if (opt.verbose)
+ log_info (_("%s signature, digest algorithm %s\n"),
+ sig->sig_class==0x00?_("binary"):
+ sig->sig_class==0x01?_("textmode"):_("unknown"),
+ gcry_md_algo_name (sig->digest_algo));
+
+ if (rc)
+ g10_errors_seen = 1;
+ if (opt.batch && rc)
+ g10_exit (1);
}
- else {
- char buf[50];
- sprintf(buf, "%08lX%08lX %d %d %02x %lu %d",
- (ulong)sig->keyid[0], (ulong)sig->keyid[1],
- sig->pubkey_algo, sig->digest_algo,
- sig->sig_class, (ulong)sig->timestamp, rc );
- write_status_text( STATUS_ERRSIG, buf );
- if( rc == G10ERR_NO_PUBKEY ) {
- buf[16] = 0;
- write_status_text( STATUS_NO_PUBKEY, buf );
+ else
+ {
+ char buf[50];
+
+ snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d",
+ (ulong)sig->keyid[0], (ulong)sig->keyid[1],
+ sig->pubkey_algo, sig->digest_algo,
+ sig->sig_class, (ulong)sig->timestamp, rc);
+ write_status_text (STATUS_ERRSIG, buf);
+ if (gpg_err_code (rc) == G10ERR_NO_PUBKEY)
+ {
+ buf[16] = 0;
+ write_status_text (STATUS_NO_PUBKEY, buf);
}
- if( rc != G10ERR_NOT_PROCESSED )
- log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
+ if (gpg_err_code (rc) != G10ERR_NOT_PROCESSED)
+ log_error (_("Can't check signature: %s\n"), g10_errstr(rc));
}
- return rc;
+
+ return rc;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-02 13:09:53 +0000