(skip_token): New.
(_gpgme_verify_status_handler): Watch out for wrong key usage.
(gpgme_get_sig_string_attr): Hack to return info on the key
usage. Does now make use of the former RESERVED argument which
has been renamed to WHATIDX.
(gpgme_get_sig_ulong_attr): Renamed RESERVED to WHATIDX.
* gpgme.texi (Verify): Explain the new whatidx variable.
+2002-06-20 Werner Koch <wk@gnupg.org>
+
+ * gpgme.texi (Verify): Explain the new whatidx variable.
+
2002-06-10 Werner Koch <wk@gnupg.org>
* gpgme.texi (Verify): Document attribute GPGME_ATTR_ERRTOK.
no verification could be performed.
@end deftypefun
-@deftypefun {const char *} gpgme_get_sig_string_attr (@w{GpgmeCtx @var{ctx}}, @w{int @var{idx}}, @w{GpgmeAttr @var{what}}, @w{int @var{reserved}})
+@deftypefun {const char *} gpgme_get_sig_string_attr (@w{GpgmeCtx @var{ctx}}, @w{int @var{idx}}, @w{GpgmeAttr @var{what}}, @w{int @var{whatidx}})
This function is similar to @code{gpgme_get_sig_status} but may be used
to retrieve more detailed information. @var{ctx} should be the context
used for the last signature verification, @var{idx} is used to enumerate
-over all signatures starting with @code{0} and @var{reserved} should be
-@code{0} for now.
+over all signatures starting with @code{0} and @var{whatidx} should be
+@code{0} for unless otherwise stated.
-The attributes @var{what} currently supports are
-@code{GPGME_ATTR_FPR} to return the fingerprint of the key used to
-create the signature and @code{GPGME_ERRTOK} to return a token
-with a more detailed error description.
+The following values may be used for @var{what}:
+@table @code
+@item GPGME_ATTR_FPR
+Return the fingerprint of the key used to create the signature.
+
+@item GPGME_ATTR_ERRTOK
+Return a token with a more detailed error description. A @var{whatidx}
+of @code{0} returns an error token associated with validity calculation,
+a value of @code{1} return an error token related to the certifixate
+checking.
+
+@end table
@end deftypefun
-@deftypefun {const char *} gpgme_get_sig_ulong_attr (@w{GpgmeCtx @var{ctx}}, @w{int @var{idx}}, @w{GpgmeAttr @var{waht}}, @w{int @var{reserved}})
-This fucntion is similar to @code{gpgme_get_sig_string_attr} but used
+@deftypefun {const char *} gpgme_get_sig_ulong_attr (@w{GpgmeCtx @var{ctx}}, @w{int @var{idx}}, @w{GpgmeAttr @var{waht}}, @w{int @var{whatidx}})
+This function is similar to @code{gpgme_get_sig_string_attr} but used
for attributes which can be represented by an @code{unsigned long} data
type. @var{ctx} should be the context used for the last signature
verification, @var{idx} is used to enumerate over all signatures
-starting with @code{0} and @var{reserved} should be @code{0} for now.
+starting with @code{0} and @var{whatidx} should be @code{0} for unless
+otherwise stated.
The following values may be used for @var{what}:
@table @code
+2002-06-20 Werner Koch <wk@gnupg.org>
+
+ * verify.c (calc_sig_summary): Set bad policy for wrong key usage.
+ (skip_token): New.
+ (_gpgme_verify_status_handler): Watch out for wrong key usage.
+ (gpgme_get_sig_string_attr): Hack to return info on the key
+ usage. Does now make use of the former RESERVED argument which
+ has been renamed to WHATIDX.
+ (gpgme_get_sig_ulong_attr): Renamed RESERVED to WHATIDX.
+
2002-06-14 Marcus Brinkmann <marcus@g10code.de>
* wait.c (do_select): Return -1 on error, and 0 if nothing to run.
/* Retrieve certain attributes of a signature. IDX is the index
number of the signature after a successful verify operation. WHAT
is an attribute where GPGME_ATTR_EXPIRE is probably the most useful
- one. RESERVED must be passed as 0. */
+ one. WHATIDX is to be passed as 0 for most attributes . */
unsigned long gpgme_get_sig_ulong_attr (GpgmeCtx c, int idx,
- GpgmeAttr what, int reserved);
+ GpgmeAttr what, int whatidx);
const char *gpgme_get_sig_string_attr (GpgmeCtx c, int idx,
- GpgmeAttr what, int reserved);
+ GpgmeAttr what, int whatidx);
/* Get the key used to create signature IDX in CTX and return it in
ulong timestamp; /* Signature creation time. */
ulong exptimestamp; /* signature exipration time or 0 */
GpgmeValidity validity;
+ int wrong_key_usage;
char trust_errtok[31]; /* error token send with the trust status */
};
return 1;
}
+static int
+skip_token (const char *string, size_t *next)
+{
+ size_t n = 0;
+
+ for (;*string && *string != ' '; string++, n++)
+ ;
+ for (;*string == ' '; string++, n++)
+ ;
+ if (!*string)
+ return 0;
+ if (next)
+ *next = n;
+ return 1;
+}
+
+
static size_t
copy_token (const char *string, char *buffer, size_t length)
{
ctx->result.verify->status = GPGME_SIG_STAT_ERROR;
}
+ else if (skip_token (args, &n) && n)
+ {
+ args += n;
+ if (is_token (args, "Wrong_Key_Usage", NULL))
+ ctx->result.verify->wrong_key_usage = 1;
+ }
break;
case STATUS_EOF:
else if (*result->trust_errtok)
sum |= GPGME_SIGSUM_SYS_ERROR;
+ if (result->wrong_key_usage)
+ sum |= GPGME_SIGSUM_BAD_POLICY;
+
/* Set the valid flag when the signature is unquestionable
valid. */
if ((sum & GPGME_SIGSUM_GREEN) && !(sum & ~GPGME_SIGSUM_GREEN))
const char *
-gpgme_get_sig_string_attr (GpgmeCtx c, int idx, GpgmeAttr what, int reserved)
+gpgme_get_sig_string_attr (GpgmeCtx c, int idx, GpgmeAttr what, int whatidx)
{
VerifyResult result;
if (!c || c->pending || !c->result.verify)
return NULL; /* No results yet or verification error. */
- if (reserved)
- return NULL; /* We might want to use it to enumerate attributes of
- one signature */
+
for (result = c->result.verify;
result && idx > 0; result = result->next, idx--)
;
case GPGME_ATTR_FPR:
return result->fpr;
case GPGME_ATTR_ERRTOK:
- return result->trust_errtok;
+ if (whatidx == 1)
+ return result->wrong_key_usage? "Wrong_Key_Usage":"";
+ else
+ return result->trust_errtok;
default:
break;
}
if (!c || c->pending || !c->result.verify)
return 0; /* No results yet or verification error. */
- if (reserved)
- return 0;
+
for (result = c->result.verify;
result && idx > 0; result = result->next, idx--)
;
projects / gpgme.git / commitdiff