From 61c97e9fa9c939a76c6fc6be0dc4462cb62f01c5 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 12 Jun 2002 14:34:15 +0000 Subject: [PATCH] tests/ * gpgsm/t-keylist.c (doit): Print operation info if available. gpgme/ * keylist.c (struct keylist_result_s): New. (_gpgme_release_keylist_result): Release it here (keylist_status_handler): Handle truncated. (append_xml_keylistinfo): New. * gpgme.c (_gpgme_release_result): and use it here. * types.h: Declare the new type here. * context.h (struct gpgme_context_s): Use it here. --- doc/gpgme.texi | 48 +++++++++++++++++++++++++++ gpgme/ChangeLog | 10 ++++++ gpgme/context.h | 1 + gpgme/gpgme.c | 1 + gpgme/keylist.c | 64 ++++++++++++++++++++++++++++++++++++ gpgme/ops.h | 3 ++ gpgme/types.h | 4 +++ gpgme/verify.c | 18 ++++++---- tests/ChangeLog | 4 +++ tests/gpgsm/t-keylist.c | 13 ++++++++ tests/gpgsm/t-verify.c | 73 +++++++++++++++++++++++++++++------------ 11 files changed, 212 insertions(+), 27 deletions(-) diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 9e6ee61..cd5e57f 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -2255,6 +2255,54 @@ is one of @code{GPGME_VALIDITY_UNKNOWN}, @code{GPGME_VALIDITY_NEVER}, @item GPGME_ATTR_SIG_STATUS This is the same value as returned by @code{gpgme_get_sig_status}. +@item GPGME_ATTR_SIG_SUMMARY +This returns a bit vector giving a summary of the signature status. +Itprovides an easy interface to a defined semantic of the signature +status. Checking just one bit is sufficient to see whether a signature +is valid without any restrictions. + +The defined bits are: + @table @code + @item GPGME_SIGSUM_VALID + The signature is fully valid. + + @item GPGME_SIGSUM_GREEN + The signature is good but one might want to display some extra + information. Check the other bits. + + @item GPGME_SIGSUM_RED + The signature is bad. It might be useful to checkother bits and + display moe information, i.e. a revoked certificate might not render a + signature invalid when the message was received prior to the cause for + the revocation. + + @item GPGME_SIGSUM_KEY_REVOKED + The key or at least one certificate has been revoked. + + @item GPGME_SIGSUM_KEY_EXPIRED + The key or one of the certificates has expired. It is probably a good + idea to display the date of the expiration. + + @item GPGME_SIGSUM_SIG_EXPIRED + The signature has expired. + + @item GPGME_SIGSUM_KEY_MISSING + Can't verifydue to a missing key o certificate. + + @item GPGME_SIGSUM_CRL_MISSING + The CRL (or an equivalent mechanism) is not available. + + @item GPGME_SIGSUM_CRL_TOO_OLD + Available CRL is too old. + + @item GPGME_SIGSUM_BAD_POLICY + A policy requirement was not met. + + @item GPGME_SIGSUM_SYS_ERROR + A system error occured. + + @end table + @end table @end deftypefun diff --git a/gpgme/ChangeLog b/gpgme/ChangeLog index 7337181..09c56ac 100644 --- a/gpgme/ChangeLog +++ b/gpgme/ChangeLog @@ -1,3 +1,13 @@ +2002-06-12 Werner Koch + + * keylist.c (struct keylist_result_s): New. + (_gpgme_release_keylist_result): Release it here + (keylist_status_handler): Handle truncated. + (append_xml_keylistinfo): New. + * gpgme.c (_gpgme_release_result): and use it here. + * types.h: Declare the new type here. + * context.h (struct gpgme_context_s): Use it here. + 2002-06-11 Marcus Brinkmann * engine-gpgsm.c (_gpgme_gpgsm_release): Close status_cb.fd. diff --git a/gpgme/context.h b/gpgme/context.h index 590d8e1..256c480 100644 --- a/gpgme/context.h +++ b/gpgme/context.h @@ -82,6 +82,7 @@ struct gpgme_context_s ImportResult import; DeleteResult delete; GenKeyResult genkey; + KeylistResult keylist; } result; /* Last signature notation. */ diff --git a/gpgme/gpgme.c b/gpgme/gpgme.c index 04ec986..ed14996 100644 --- a/gpgme/gpgme.c +++ b/gpgme/gpgme.c @@ -94,6 +94,7 @@ _gpgme_release_result (GpgmeCtx ctx) _gpgme_release_import_result (ctx->result.import); _gpgme_release_delete_result (ctx->result.delete); _gpgme_release_genkey_result (ctx->result.genkey); + _gpgme_release_keylist_result (ctx->result.keylist); memset (&ctx->result, 0, sizeof (ctx->result)); _gpgme_set_op_info (ctx, NULL); ctx->error = 0; diff --git a/gpgme/keylist.c b/gpgme/keylist.c index 7c014cd..2adc3ac 100644 --- a/gpgme/keylist.c +++ b/gpgme/keylist.c @@ -33,19 +33,83 @@ #define my_isdigit(a) ( (a) >='0' && (a) <= '9' ) +struct keylist_result_s +{ + int truncated; + GpgmeData xmlinfo; +}; + static void finish_key ( GpgmeCtx ctx ); +void +_gpgme_release_keylist_result (KeylistResult result) +{ + if (!result) + return; + xfree (result); +} + +/* Append some XML info. args is currently ignore but we might want + to add more information in the future (like source of the + keylisting. With args of NULL the XML structure is closed. */ +static void +append_xml_keylistinfo (GpgmeData *rdh, char *args) +{ + GpgmeData dh; + + if (!*rdh) + { + if (gpgme_data_new (rdh)) + return; /* FIXME: We are ignoring out-of-core. */ + dh = *rdh; + _gpgme_data_append_string (dh, "\n"); + } + else + { + dh = *rdh; + _gpgme_data_append_string (dh, " \n"); + } + + if (!args) + { + /* Just close the XML containter. */ + _gpgme_data_append_string (dh, "\n"); + return; + } + + _gpgme_data_append_string (dh, + " \n" + " \n" + ); + +} + + + static void keylist_status_handler (GpgmeCtx ctx, GpgStatusCode code, char *args) { if (ctx->error) return; + test_and_allocate_result (ctx, keylist); switch (code) { + case STATUS_TRUNCATED: + ctx->result.keylist->truncated = 1; + break; + case STATUS_EOF: finish_key (ctx); + if (ctx->result.keylist->truncated) + append_xml_keylistinfo (&ctx->result.keylist->xmlinfo, "1"); + if (ctx->result.keylist->xmlinfo) + { + append_xml_keylistinfo (&ctx->result.keylist->xmlinfo, NULL); + _gpgme_set_op_info (ctx, ctx->result.keylist->xmlinfo); + ctx->result.keylist->xmlinfo = NULL; + } break; default: diff --git a/gpgme/ops.h b/gpgme/ops.h index bf5bb46..28e0f54 100644 --- a/gpgme/ops.h +++ b/gpgme/ops.h @@ -129,6 +129,9 @@ void _gpgme_release_delete_result (DeleteResult res); /*-- genkey.c --*/ void _gpgme_release_genkey_result (GenKeyResult res); +/*-- keylist.c --*/ +void _gpgme_release_keylist_result (KeylistResult res); + /*-- version.c --*/ const char *_gpgme_compare_versions (const char *my_version, const char *req_version); diff --git a/gpgme/types.h b/gpgme/types.h index 9ebdfe9..8d23097 100644 --- a/gpgme/types.h +++ b/gpgme/types.h @@ -88,5 +88,9 @@ typedef struct delete_result_s *DeleteResult; struct genkey_result_s; typedef struct genkey_result_s *GenKeyResult; +/*-- keylist.c --*/ +struct keylist_result_s; +typedef struct keylist_result_s *KeylistResult; + #endif /* TYPES_H */ diff --git a/gpgme/verify.c b/gpgme/verify.c index 6afa1eb..be2067c 100644 --- a/gpgme/verify.c +++ b/gpgme/verify.c @@ -92,7 +92,7 @@ copy_token (const char *string, char *buffer, size_t length) for (i = 1; i < length && *s && *s != ' ' ; i++) *p++ = *s++; *p = 0; - /* conmtinue scanning in case the copy was truncated */ + /* continue scanning in case the copy was truncated */ while (*s && *s != ' ') s++; return s - string; @@ -537,12 +537,18 @@ calc_sig_summary (VerifyResult result) else if (result->status == GPGME_SIG_STAT_ERROR) sum |= GPGME_SIGSUM_SYS_ERROR; - /* FIXME: Set GPGME_SIGSUM_KEY_REVOKED. */ - /* FIXME: Set GPGME_SIGSUM_CRL_MISSING. */ - /* FIXME: Set GPGME_SIGSUM_CRL_TOO_OLD. */ - /* FIXME: Set GPGME_SIGSUM_BAD_POLICY. */ + if ( !strcmp (result->trust_errtok, "Certificate_Revoked")) + sum |= GPGME_SIGSUM_KEY_REVOKED; + else if ( !strcmp (result->trust_errtok, "No_CRL_Known")) + sum |= GPGME_SIGSUM_CRL_MISSING; + else if ( !strcmp (result->trust_errtok, "CRL_Too_Old")) + sum |= GPGME_SIGSUM_CRL_TOO_OLD; + else if ( !strcmp (result->trust_errtok, "No_Policy_Match")) + sum |= GPGME_SIGSUM_BAD_POLICY; + else if (*result->trust_errtok) + sum |= GPGME_SIGSUM_SYS_ERROR; - /* That the valid flag when the signature is unquestionable + /* Set the valid flag when the signature is unquestionable valid. */ if ((sum & GPGME_SIGSUM_GREEN) && !(sum & ~GPGME_SIGSUM_GREEN)) sum |= GPGME_SIGSUM_VALID; diff --git a/tests/ChangeLog b/tests/ChangeLog index 5ab20b2..aea23e5 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,7 @@ +2002-06-12 Werner Koch + + * gpgsm/t-keylist.c (doit): Print operation info if available. + 2002-06-10 Werner Koch * gpgsm/t-verify.c (print_sig_stat): Print the error token. diff --git a/tests/gpgsm/t-keylist.c b/tests/gpgsm/t-keylist.c index 21fca7c..bb14ee8 100644 --- a/tests/gpgsm/t-keylist.c +++ b/tests/gpgsm/t-keylist.c @@ -91,6 +91,19 @@ doit ( GpgmeCtx ctx, const char *pattern ) } if ( err != GPGME_EOF ) fail_if_err (err); + + { + char *p; + + p = gpgme_get_op_info (ctx, 0); + if (p) + { + fputs ("\n", stdout); + fputs (p, stdout); + fputs ("\n", stdout); + free (p); + } + } } diff --git a/tests/gpgsm/t-verify.c b/tests/gpgsm/t-verify.c index 9ce6678..f65a83b 100644 --- a/tests/gpgsm/t-verify.c +++ b/tests/gpgsm/t-verify.c @@ -106,29 +106,60 @@ validity_string (GpgmeValidity val) static void print_sig_stat ( GpgmeCtx ctx, GpgmeSigStat status ) { - const char *s; - time_t created; - int idx; - GpgmeKey key; - - printf ("Verification Status: %s\n", status_string (status)); + const char *s; + time_t created; + int idx; + GpgmeKey key; + + printf ("Verification Status: %s\n", status_string (status)); - for(idx=0; (s=gpgme_get_sig_status (ctx, idx, &status, &created)); idx++ ) { - printf ("sig %d: created: %lu expires: %lu status: %s\n", - idx, (unsigned long)created, - gpgme_get_sig_ulong_attr (ctx, idx, GPGME_ATTR_EXPIRE, 0), - status_string(status) ); - printf ("sig %d: fpr/keyid: `%s' exterr: `%s' validity: %s\n", - idx, s, + for (idx=0; (s=gpgme_get_sig_status (ctx, idx, &status, &created)); idx++ ) + { + unsigned long sum; + + printf ("sig %d: created: %lu expires: %lu status: %s\n", + idx, (unsigned long)created, + gpgme_get_sig_ulong_attr (ctx, idx, GPGME_ATTR_EXPIRE, 0), + status_string(status) ); + printf ("sig %d: fpr/keyid: `%s' exterr: `%s' validity: %s\n", + idx, s, gpgme_get_sig_string_attr (ctx, idx, GPGME_ATTR_ERRTOK, 0), - validity_string (gpgme_get_sig_ulong_attr - (ctx, idx, GPGME_ATTR_VALIDITY, 0)) ); - if ( !gpgme_get_sig_key (ctx, idx, &key) ) { - char *p = gpgme_key_get_as_xml ( key ); - printf ("sig %d: key object:\n%s\n", idx, p ); - free (p); - gpgme_key_release (key); - } + validity_string (gpgme_get_sig_ulong_attr + (ctx, idx, GPGME_ATTR_VALIDITY, 0)) ); + + sum = gpgme_get_sig_ulong_attr (ctx, idx, GPGME_ATTR_SIG_SUMMARY, 0); + fputs ("summary:", stdout); + if ((sum & GPGME_SIGSUM_VALID)) + fputs (" valid", stdout); + if ((sum & GPGME_SIGSUM_GREEN)) + fputs (" green", stdout); + if ((sum & GPGME_SIGSUM_RED)) + fputs (" red", stdout); + if ((sum & GPGME_SIGSUM_KEY_REVOKED)) + fputs (" keyRevoked", stdout); + if ((sum & GPGME_SIGSUM_KEY_EXPIRED)) + fputs (" keyExpired", stdout); + if ((sum & GPGME_SIGSUM_SIG_EXPIRED)) + fputs (" sigExpired", stdout); + if ((sum & GPGME_SIGSUM_KEY_MISSING)) + fputs (" keyMissing", stdout); + if ((sum & GPGME_SIGSUM_CRL_MISSING)) + fputs (" crlMissing", stdout); + if ((sum & GPGME_SIGSUM_CRL_TOO_OLD)) + fputs (" crlTooOld", stdout); + if ((sum & GPGME_SIGSUM_BAD_POLICY)) + fputs (" badPolicy", stdout); + if ((sum & GPGME_SIGSUM_SYS_ERROR)) + fputs (" sysError", stdout); + putchar ('\n'); + + if ( !gpgme_get_sig_key (ctx, idx, &key) ) + { + char *p = gpgme_key_get_as_xml ( key ); + printf ("sig %d: key object:\n%s\n", idx, p ); + free (p); + gpgme_key_release (key); + } } } -- 2.26.2