Add support for certificates having the e-mail address stored in GPGME_ATTR_USERID...

diff --git a/branches/gpgme-0-3-branch/gpgmeplug/gpgmeplug.c b/branches/gpgme-0-3-branch/gpgmeplug/gpgmeplug.c
index 03d3dbe580e5cfc4d1e4a674dccde9f7c56cad7b..85b395db7f32efd066d5bc78c68d8fd4ccac3301 100644 (file)
--- a/branches/gpgme-0-3-branch/gpgmeplug/gpgmeplug.c
+++ b/branches/gpgme-0-3-branch/gpgmeplug/gpgmeplug.c
@@ -451,20 +451,65 @@ bool warnNoCertificate()
 }
 
 
-bool isEmailInCertificate( const char* email, const char* certificate )
-{
-    /* PENDING(g10) this function should return true if the email
-       address passed as the first parameter is contained in the
-       certificate passed as the second parameter, and false
-       otherwise. This is used to alert the user if his own email
-       address is not contained in the certificate he uses for
-       signing.
-       Note that the parameter email can be anything that is allowed
-       in a From: line.
-       Another note: OK, OK, we'll handle that in the MUA. You can
-       assume that you only get the email address.
-    */
-  return false; /* dummy*/
+bool isEmailInCertificate( const char* email, const char* fingerprint )
+{
+  GpgmeCtx ctx;
+  GpgmeError err;
+  GpgmeKey rKey;
+  int UID_idx;
+  const char* attr_string;
+  int emailCount = 0;
+  bool bOk = false;
+  int fprLen = strlen( fingerprint );
+
+  fprintf( stderr, "gpgmeplug isEmailInCertificate looking for fingerprint %s\n", fingerprint );
+  
+  gpgme_new( &ctx );
+  gpgme_set_protocol( ctx, GPGMEPLUG_PROTOCOL );
+
+  err = gpgme_op_keylist_start( ctx, fingerprint, 0 );
+  if ( GPGME_No_Error == err ) {
+    err = gpgme_op_keylist_next( ctx, &rKey );
+    gpgme_op_keylist_end( ctx );
+    if ( GPGME_No_Error == err ) {
+      /* extract email(s) */
+      for( UID_idx = 0; 
+           (attr_string = gpgme_key_get_string_attr(
+                            rKey, GPGME_ATTR_EMAIL, 0, UID_idx ) );
+          ++UID_idx ){
+        if (attr_string && *attr_string) {
+          ++emailCount;
+          fprintf( stderr, "gpgmeplug isEmailInCertificate found email: %s\n", attr_string );
+          if( 0 == strcasecmp(attr_string, email) ){
+            bOk = true;
+            break;
+          }else{
+            attr_string = gpgme_key_get_string_attr(
+                            rKey, GPGME_ATTR_USERID, 0, UID_idx );
+            if (attr_string && *attr_string == '<'){
+              ++attr_string;
+              if( 0 == strncasecmp(attr_string, email, fprLen) ){
+                bOk = true;
+                break;
+              }
+            }
+          }
+        }
+      }
+      if( !emailCount )
+        fprintf( stderr, "gpgmeplug isEmailInCertificate found NO EMAIL\n" );
+      else if( !bOk )
+        fprintf( stderr, "gpgmeplug isEmailInCertificate found NO MATCHING email\n" );
+      gpgme_key_release( rKey );
+    }else{
+      fprintf( stderr, "gpgmeplug isEmailInCertificate found NO CERTIFICATE for fingerprint %s\n", fingerprint );
+    }
+  }else{
+    fprintf( stderr, "gpgmeplug isEmailInCertificate could NOT open KEYLIST for fingerprint %s\n", fingerprint );
+  }
+  gpgme_release( ctx );
+  
+  return bOk;
 }