/*! \ingroup groupSignAct
\brief Checks whether the signature of a message is
- valid. \c ciphertext specifies the message
- as it was received by the MUA, \c cleartext
- is the message with the signature(s) removed.
+ valid. \c ciphertext specifies the signed message
+ as it was received by the MUA, \c signaturetext is the
+ signature itself.
Depending on the configuration, MUAs might not need to use this.
If \c sigmeta is non-null, the
function call.
*/
bool checkMessageSignature( const char* ciphertext,
- const char** cleartext,
+ const char* signaturetext,
struct SignatureMetaData* sigmeta );
/*! \ingroup groupSignAct
return bOk;
}
-bool checkMessageSignature( const char* ciphertext, const char**
- cleartext, struct SignatureMetaData* sigmeta ){ return true; }
+
+bool checkMessageSignature( const char* ciphertext,
+ const char* signaturetext,
+ struct SignatureMetaData* sigmeta )
+{
+ GpgmeCtx ctx;
+ GpgmeSigStat status;
+ GpgmeData datapart, sigpart;
+
+ gpgme_new( &ctx );
+ gpgme_data_new_from_mem( &datapart, ciphertext,
+ 1+strlen( ciphertext ), 1 );
+ gpgme_data_new_from_mem( &sigpart, signaturetext,
+ 1+strlen( signaturetext ), 1 );
+
+ gpgme_op_verify( ctx, sigpart, datapart, &status );
+ gpgme_data_release( datapart );
+ gpgme_data_release( sigpart );
+ gpgme_release( ctx );
+
+ // PENDING(khz) Differentiate better between various failures
+ // PENDING(khz) Fill sigmeta
+ return ( status == GPGME_SIG_STAT_GOOD );
+}
bool storeCertificatesFromMessage(
const char* ciphertext ){ return true; }
projects / gpgme.git / commitdiff