some work on verify

git-svn-id: http://cpunk.de/svn/src/gpg4usb/branches/0.3.2-mac@943 34ebc366-c3a9-4b3c-9f84-69acf7962910

1 files changed, 158 insertions, 2 deletions

diff --git a/verifynotification.cpp b/verifynotification.cpp
index 3e056b9..9d9a0d9 100644
--- a/verifynotification.cpp
+++ b/verifynotification.cpp
@@ -98,8 +98,14 @@ bool VerifyNotification::refresh()
     mCtx->preventNoDataErr(&text);
     int textIsSigned = mCtx->textIsSigned(text);
 
-    gpgme_signature_t sign = mCtx->verify(text);
+    //gpgme_signature_t sign = mCtx->verify(text);
 
+    //KGpgVerify *verify = new KGpgVerify(this, message.mid(posstart, posend - posstart));
+    KGpgVerify *verify = new KGpgVerify(this, text);
+    connect(verify, SIGNAL(done(int)), SLOT(slotVerifyDone(int)));
+    verify->start();
+
+    /*
     if (sign == NULL) {
         return false;
     }
@@ -178,6 +184,156 @@ bool VerifyNotification::refresh()
     verifyLabelText.remove(verifyLabelText.length()-1,1);
 
     this->setVerifyLabel(verifyLabelText,verifyStatus);
-
+    */
     return true;
 }
+
+void VerifyNotification::slotVerifyDone(int result)
+{
+    const KGpgVerify * const verify = qobject_cast<KGpgVerify *>(sender());
+    sender()->deleteLater();
+    Q_ASSERT(verify != NULL);
+
+    if (result == KGpgVerify::TS_MISSING_KEY) {
+        qDebug() << "missing keys" << verify->missingId();
+        this->keysNotInList->append(verify->missingId());
+        this->showImportAction(true);
+    }
+
+    const QStringList messages = verify->getMessages();
+    foreach(QString mess, messages) {
+        qDebug() << "vm: " <<  mess;
+    }
+
+    getReport(messages);
+    /*emit verifyFinished();
+
+    if (result == KGpgVerify::TS_MISSING_KEY) {
+        verifyKeyNeeded(verify->missingId());
+        return;
+    }
+
+    const QStringList messages = verify->getMessages();
+
+    if (messages.isEmpty())
+        return;
+
+    QStringList msglist;
+    foreach (QString rawmsg, messages)
+        msglist << rawmsg.replace(QLatin1Char('<'), QLatin1String("&lt;"));
+
+    (void) new KgpgDetailedInfo(this, KGpgVerify::getReport(messages, m_model),
+            msglist.join(QLatin1String("<br/>")),
+            QStringList(), i18nc("Caption of message box", "Verification Finished"));
+    */
+}
+
+QString VerifyNotification::getReport(const QStringList &log)
+{
+    QString verifyLabelText;
+    verify_label_status verifyStatus=VERIFY_ERROR_OK;
+
+    QString result;
+    // newer versions of GnuPG emit both VALIDSIG and GOODSIG
+    // for a good signature. Since VALIDSIG has more information
+    // we use that.
+    const QRegExp validsig(QLatin1String("^\\[GNUPG:\\] VALIDSIG([ ]+[^ ]+){10,}.*$"));
+
+
+//	const bool useGoodSig = (model != NULL) && (log.indexOf(validsig) == -1);
+    const bool useGoodSig = false;
+
+    QString sigtime;	// timestamp of signature creation
+
+    foreach (const QString &line, log) {
+        if (!line.startsWith(QLatin1String("[GNUPG:] ")))
+            continue;
+
+        const QString msg = line.mid(9);
+
+        if (msg.startsWith(QLatin1String("VALIDSIG ")) && !useGoodSig) {
+            // from GnuPG source, doc/DETAILS:
+            //   VALIDSIG    <fingerprint in hex> <sig_creation_date> <sig-timestamp>
+            //                <expire-timestamp> <sig-version> <reserved> <pubkey-algo>
+            //                <hash-algo> <sig-class> <primary-key-fpr>
+            const QStringList vsig = msg.mid(9).split(QLatin1Char(' '), QString::SkipEmptyParts);
+            Q_ASSERT(vsig.count() >= 10);
+
+            qDebug() << "sig: " << vsig[9];
+
+            verifyStatus=VERIFY_ERROR_WARN;
+            verifyLabelText.append(tr("Error for key with fingerprint ")+mCtx->beautifyFingerprint(QString(vsig[9])));
+
+
+        }
+    }
+
+    this->setVerifyLabel(verifyLabelText,verifyStatus);
+            /*const KGpgKeyNode *node = model->findKeyNode(vsig[9]);
+
+            if (node != NULL) {
+                // ignore for now if this is signed with the primary id (vsig[0] == vsig[9]) or not
+                if (node->getEmail().isEmpty())
+                    result += tr("<qt>Good signature from:<br /><b>%1</b><br />Key ID: %2<br /></qt>")
+                            .arg(node->getName()).arg(vsig[9]);
+                else
+                    result += tr("Good signature from: NAME <EMAIL>, Key ID: HEXID",
+                            "<qt>Good signature from:<br /><b>%1 &lt;%2&gt;</b><br />Key ID: %3<br /></qt>")
+                            .arg(node->getName()).arg(node->getEmail()).arg(vsig[9]);
+
+                result += sigTimeMessage(vsig[2]);
+            } else {
+                // this should normally never happen, but one could delete
+                // the key just after the verification. Brute force solution:
+                // do the whole report generation again, but this time make
+                // sure GOODSIG is used.
+                return getReport(log, NULL);
+            }
+        } else if (msg.startsWith(QLatin1String("UNEXPECTED")) ||
+                msg.startsWith(QLatin1String("NODATA"))) {
+            result += tr("No signature found.") + QLatin1Char('\n');
+        } else if (useGoodSig && msg.startsWith(QLatin1String("GOODSIG "))) {
+            int sigpos = msg.indexOf( ' ' , 8);
+            const QString keyid = msg.mid(8, sigpos - 8);
+
+            // split the name/email pair to give translators more power to handle this
+            QString email;
+            QString name = msg.mid(sigpos + 1);
+
+            int oPos = name.indexOf(QLatin1Char('<'));
+            int cPos = name.indexOf(QLatin1Char('>'));
+            if ((oPos >= 0) && (cPos >= 0)) {
+                email = name.mid(oPos + 1, cPos - oPos - 1);
+                name = name.left(oPos).simplified();
+            }
+
+            if (email.isEmpty())
+                result += tr("<qt>Good signature from:<br /><b>%1</b><br />Key ID: %2<br /></qt>")
+                        .arg(name).arg(keyid);
+            else
+                result += tr("Good signature from: NAME <EMAIL>, Key ID: HEXID",
+                             "<qt>Good signature from:<br /><b>%1 &lt;%2&gt;</b><br />Key ID: %3<br /></qt>")
+                        .arg(name).arg(email).arg(keyid);
+            if (!sigtime.isEmpty()) {
+                result += sigTimeMessage(sigtime);
+                sigtime.clear();
+            }
+        } else if (msg.startsWith(QLatin1String("SIG_ID "))) {
+            const QStringList parts = msg.simplified().split(QLatin1Char(' '));
+            if (parts.count() > 2)
+                sigtime = parts[2];
+        } else if (msg.startsWith(QLatin1String("BADSIG"))) {
+            int sigpos = msg.indexOf( ' ', 7);
+            result += tr("<qt><b>BAD signature</b> from:<br /> %1<br />Key id: %2<br /><br /><b>The file is corrupted</b><br /></qt>")
+                    .arg(msg.mid(sigpos + 1).replace(QLatin1Char('<'), QLatin1String("&lt;")))
+                    .arg(msg.mid(7, sigpos - 7));
+        } else  if (msg.startsWith(QLatin1String("TRUST_UNDEFINED"))) {
+            result += tr("<qt>The signature is valid, but the key is untrusted<br /></qt>");
+        } else if (msg.startsWith(QLatin1String("TRUST_ULTIMATE"))) {
+            result += tr("<qt>The signature is valid, and the key is ultimately trusted<br /></qt>");
+        }
+    }
+    */
+    return result;
+}
+