Line data Source code
1 : /* run-verify.c - Helper to perform a verify operation
2 : Copyright (C) 2009 g10 Code GmbH
3 :
4 : This file is part of GPGME.
5 :
6 : GPGME is free software; you can redistribute it and/or modify it
7 : under the terms of the GNU Lesser General Public License as
8 : published by the Free Software Foundation; either version 2.1 of
9 : the License, or (at your option) any later version.
10 :
11 : GPGME is distributed in the hope that it will be useful, but
12 : WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 : Lesser General Public License for more details.
15 :
16 : You should have received a copy of the GNU Lesser General Public
17 : License along with this program; if not, see <http://www.gnu.org/licenses/>.
18 : */
19 :
20 : /* We need to include config.h so that we know whether we are building
21 : with large file system (LFS) support. */
22 : #ifdef HAVE_CONFIG_H
23 : #include <config.h>
24 : #endif
25 :
26 : #include <stdlib.h>
27 : #include <stdio.h>
28 : #include <string.h>
29 :
30 : #include <gpgme.h>
31 :
32 : #define PGM "run-verify"
33 :
34 : #include "run-support.h"
35 :
36 :
37 : static int verbose;
38 :
39 : static void
40 0 : print_summary (gpgme_sigsum_t summary)
41 : {
42 0 : if ( (summary & GPGME_SIGSUM_VALID ))
43 0 : fputs (" valid", stdout);
44 0 : if ( (summary & GPGME_SIGSUM_GREEN ))
45 0 : fputs (" green", stdout);
46 0 : if ( (summary & GPGME_SIGSUM_RED ))
47 0 : fputs (" red", stdout);
48 0 : if ( (summary & GPGME_SIGSUM_KEY_REVOKED))
49 0 : fputs (" revoked", stdout);
50 0 : if ( (summary & GPGME_SIGSUM_KEY_EXPIRED))
51 0 : fputs (" key-expired", stdout);
52 0 : if ( (summary & GPGME_SIGSUM_SIG_EXPIRED))
53 0 : fputs (" sig-expired", stdout);
54 0 : if ( (summary & GPGME_SIGSUM_KEY_MISSING))
55 0 : fputs (" key-missing", stdout);
56 0 : if ( (summary & GPGME_SIGSUM_CRL_MISSING))
57 0 : fputs (" crl-missing", stdout);
58 0 : if ( (summary & GPGME_SIGSUM_CRL_TOO_OLD))
59 0 : fputs (" crl-too-old", stdout);
60 0 : if ( (summary & GPGME_SIGSUM_BAD_POLICY ))
61 0 : fputs (" bad-policy", stdout);
62 0 : if ( (summary & GPGME_SIGSUM_SYS_ERROR ))
63 0 : fputs (" sys-error", stdout);
64 0 : }
65 :
66 : static void
67 0 : print_validity (gpgme_validity_t val)
68 : {
69 0 : const char *s = NULL;
70 :
71 0 : switch (val)
72 : {
73 0 : case GPGME_VALIDITY_UNKNOWN: s = "unknown"; break;
74 0 : case GPGME_VALIDITY_UNDEFINED:s = "undefined"; break;
75 0 : case GPGME_VALIDITY_NEVER: s = "never"; break;
76 0 : case GPGME_VALIDITY_MARGINAL: s = "marginal"; break;
77 0 : case GPGME_VALIDITY_FULL: s = "full"; break;
78 0 : case GPGME_VALIDITY_ULTIMATE: s = "ultimate"; break;
79 : }
80 0 : if (s)
81 0 : fputs (s, stdout);
82 : else
83 0 : printf ("[bad validity value %u]", (unsigned int)val);
84 0 : }
85 :
86 :
87 : static void
88 0 : print_result (gpgme_verify_result_t result)
89 : {
90 : gpgme_signature_t sig;
91 0 : int count = 0;
92 :
93 0 : printf ("Original file name: %s\n", nonnull(result->file_name));
94 0 : for (sig = result->signatures; sig; sig = sig->next)
95 : {
96 0 : printf ("Signature %d\n", count++);
97 0 : printf (" status ....: %s\n", gpgme_strerror (sig->status));
98 0 : printf (" summary ...:"); print_summary (sig->summary); putchar ('\n');
99 0 : printf (" fingerprint: %s\n", nonnull (sig->fpr));
100 0 : printf (" created ...: %lu\n", sig->timestamp);
101 0 : printf (" expires ...: %lu\n", sig->exp_timestamp);
102 0 : printf (" validity ..: ");
103 0 : print_validity (sig->validity); putchar ('\n');
104 0 : printf (" val.reason : %s\n", gpgme_strerror (sig->status));
105 0 : printf (" pubkey algo: %d\n", sig->pubkey_algo);
106 0 : printf (" digest algo: %d\n", sig->hash_algo);
107 0 : printf (" pka address: %s\n", nonnull (sig->pka_address));
108 0 : printf (" pka trust .: %s\n",
109 0 : sig->pka_trust == 0? "n/a" :
110 0 : sig->pka_trust == 1? "bad" :
111 0 : sig->pka_trust == 2? "okay": "RFU");
112 0 : printf (" other flags:%s%s\n",
113 0 : sig->wrong_key_usage? " wrong-key-usage":"",
114 0 : sig->chain_model? " chain-model":""
115 : );
116 0 : printf (" notations .: %s\n",
117 0 : sig->notations? "yes":"no");
118 : }
119 0 : }
120 :
121 :
122 :
123 : static int
124 0 : show_usage (int ex)
125 : {
126 0 : fputs ("usage: " PGM " [options] [DETACHEDSIGFILE] FILE\n\n"
127 : "Options:\n"
128 : " --verbose run in verbose mode\n"
129 : " --openpgp use the OpenPGP protocol (default)\n"
130 : " --cms use the CMS protocol\n"
131 : , stderr);
132 0 : exit (ex);
133 : }
134 :
135 :
136 : int
137 0 : main (int argc, char **argv)
138 : {
139 0 : int last_argc = -1;
140 : gpgme_error_t err;
141 : gpgme_ctx_t ctx;
142 0 : gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP;
143 0 : FILE *fp_sig = NULL;
144 0 : gpgme_data_t sig = NULL;
145 0 : FILE *fp_msg = NULL;
146 0 : gpgme_data_t msg = NULL;
147 : gpgme_verify_result_t result;
148 :
149 0 : if (argc)
150 0 : { argc--; argv++; }
151 :
152 0 : while (argc && last_argc != argc )
153 : {
154 0 : last_argc = argc;
155 0 : if (!strcmp (*argv, "--"))
156 : {
157 0 : argc--; argv++;
158 0 : break;
159 : }
160 0 : else if (!strcmp (*argv, "--help"))
161 0 : show_usage (0);
162 0 : else if (!strcmp (*argv, "--verbose"))
163 : {
164 0 : verbose = 1;
165 0 : argc--; argv++;
166 : }
167 0 : else if (!strcmp (*argv, "--openpgp"))
168 : {
169 0 : protocol = GPGME_PROTOCOL_OpenPGP;
170 0 : argc--; argv++;
171 : }
172 0 : else if (!strcmp (*argv, "--cms"))
173 : {
174 0 : protocol = GPGME_PROTOCOL_CMS;
175 0 : argc--; argv++;
176 : }
177 0 : else if (!strncmp (*argv, "--", 2))
178 0 : show_usage (1);
179 :
180 : }
181 :
182 0 : if (argc < 1 || argc > 2)
183 0 : show_usage (1);
184 :
185 0 : fp_sig = fopen (argv[0], "rb");
186 0 : if (!fp_sig)
187 : {
188 0 : err = gpgme_error_from_syserror ();
189 0 : fprintf (stderr, PGM ": can't open `%s': %s\n",
190 : argv[0], gpgme_strerror (err));
191 0 : exit (1);
192 : }
193 0 : if (argc > 1)
194 : {
195 0 : fp_msg = fopen (argv[1], "rb");
196 0 : if (!fp_msg)
197 : {
198 0 : err = gpgme_error_from_syserror ();
199 0 : fprintf (stderr, PGM ": can't open `%s': %s\n",
200 0 : argv[1], gpgme_strerror (err));
201 0 : exit (1);
202 : }
203 : }
204 :
205 0 : init_gpgme (protocol);
206 :
207 0 : err = gpgme_new (&ctx);
208 0 : fail_if_err (err);
209 0 : gpgme_set_protocol (ctx, protocol);
210 :
211 0 : err = gpgme_data_new_from_stream (&sig, fp_sig);
212 0 : if (err)
213 : {
214 0 : fprintf (stderr, PGM ": error allocating data object: %s\n",
215 : gpgme_strerror (err));
216 0 : exit (1);
217 : }
218 0 : if (fp_msg)
219 : {
220 0 : err = gpgme_data_new_from_stream (&msg, fp_msg);
221 0 : if (err)
222 : {
223 0 : fprintf (stderr, PGM ": error allocating data object: %s\n",
224 : gpgme_strerror (err));
225 0 : exit (1);
226 : }
227 : }
228 :
229 0 : err = gpgme_op_verify (ctx, sig, msg, NULL);
230 0 : result = gpgme_op_verify_result (ctx);
231 0 : if (result)
232 0 : print_result (result);
233 0 : if (err)
234 : {
235 0 : fprintf (stderr, PGM ": signing failed: %s\n", gpgme_strerror (err));
236 0 : exit (1);
237 : }
238 :
239 0 : gpgme_data_release (msg);
240 0 : gpgme_data_release (sig);
241 :
242 0 : gpgme_release (ctx);
243 0 : return 0;
244 : }
|
