diff options
| author | Andre Heinecke <[email protected]> | 2020-06-09 08:21:54 +0000 |
|---|---|---|
| committer | Andre Heinecke <[email protected]> | 2020-06-09 08:22:27 +0000 |
| commit | 88f3202521d422d94bfd79e61bde00707d6f28c9 (patch) | |
| tree | ef27d4df0528c18487a0c3e2b4032582274f4067 /doc | |
| parent | core: Fix setting of the chain_model signature result. (diff) | |
| download | gpgme-88f3202521d422d94bfd79e61bde00707d6f28c9.tar.gz gpgme-88f3202521d422d94bfd79e61bde00707d6f28c9.zip | |
doc: Explain verify_result_t.status == 0 more
* doc/gpgme.texi (gpgme_verify_result_t): Explain
GPGME_STATUS_NO_ERROR more clearly.
--
This might help to avoid misunderstandings how the
status can be interpreted and explains why a verify
of unsigned PGP Data returns no error.
As a reaction to CVE-2020-10759 discovered by Justin Steven.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/gpgme.texi | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 3e1f30a7..3c9594f5 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -5773,8 +5773,15 @@ status codes are of interest: @table @code @item GPG_ERR_NO_ERROR - This status indicates that the signature is valid. For the combined - result this status means that all signatures are valid. + This status indicates that the signature could be verified or that + there is no signature. For the combined result this status + means that all signatures could be verified. + + Note: This does not mean that a valid signature could be found. Check + the @code{summary} field for that. + + For example a @code{gpgme_op_decrypt_verify} returns a verification + result with GPG_ERR_NO_ERROR for encrypted but unsigned data. @item GPG_ERR_SIG_EXPIRED This status indicates that the signature is valid but expired. For |