From 6798c68f2f1e3c64008ef3eec98fd3fab9bf4004 Mon Sep 17 00:00:00 2001
From: Karl-Heinz Zimmer <khz@kde.org>
Date: Wed, 19 Jun 2002 10:22:49 +0000
Subject: [PATCH] Use gpgme_get_sig_ulong_attr(.., GPGME_ATTR_SIG_SUMMARY )
 function to return extended signature status information from the CryptPlug
 to the calling process after trying to verify a signature.

---
 gpgmeplug/cryptplug.h | 43 +++++++++++++++++++++++++++++++++++++++++++
 gpgmeplug/gpgmeplug.c | 24 ++++++++++++++++++++++++
 2 files changed, 67 insertions(+)

diff --git a/gpgmeplug/cryptplug.h b/gpgmeplug/cryptplug.h
index e1ba0a9..c07f4cf 100644
--- a/gpgmeplug/cryptplug.h
+++ b/gpgmeplug/cryptplug.h
@@ -254,6 +254,48 @@ typedef enum {
 } CertificateSource;
 
 
+/*! \ingroup groupSignAct
+    \brief Flags used to compose the SigStatusFlags value.
+
+    This status flags are used to compose the SigStatusFlags value
+    returned in \c SignatureMetaDataExtendedInfo after trying to
+    verify a signed message part's signature status.
+
+    The normal flags may <b>not</b> be used together with the
+    special SigStat_NUMERICAL_CODE flag. When finding the special
+    SigStat_NUMERICAL_CODE flag in a SigStatusFlags value you
+    can obtain the respective error code number by substracting
+    the SigStatusFlags value by SigStat_NUMERICAL_CODE: this is
+    used to transport special status information NOT matching
+    any of the normal predefined status codes.
+
+    \note to PlugIn developers: Implementations of the CryptPlug API
+    should try to express their signature states by bit-wise OR'ing
+    the normal SigStatusFlags values. Using the SigStat_NUMERICAL_CODE
+    flag should only be used as for exceptional situations where no
+    other flag(s) could be used. By using the normal status flags your
+    PlugIn's users will be told an understandable description of the
+    status - when using (SigStat_NUMERICAL_CODE + internalCode) they
+    will only be shown the respective code number and have to look
+    into your PlugIn's manual to learn about it's meaning...
+*/
+enum {
+    SigStat_VALID       = 0x0001,   /* The signature is fully valid */
+    SigStat_GREEN       = 0x0002,   /* The signature is good. */
+    SigStat_RED         = 0x0004,   /* The signature is bad. */
+    SigStat_KEY_REVOKED = 0x0010,   /* One key has been revoked. */
+    SigStat_KEY_EXPIRED = 0x0020,   /* One key has expired. */
+    SigStat_SIG_EXPIRED = 0x0040,   /* The signature has expired. */
+    SigStat_KEY_MISSING = 0x0080,   /* Can't verify: key missing. */
+    SigStat_CRL_MISSING = 0x0100,   /* CRL not available. */
+    SigStat_CRL_TOO_OLD = 0x0200,   /* Available CRL is too old. */
+    SigStat_BAD_POLICY  = 0x0400,   /* A policy was not met. */
+    SigStat_SYS_ERROR   = 0x0800,   /* A system error occured. */
+
+    SigStat_NUMERICAL_CODE = 0x8000 /* An other error occured. */
+};
+typedef unsigned long SigStatusFlags;
+
 
 
 
@@ -1456,6 +1498,7 @@ bool signMessage( const char*  cleartext,
 struct SignatureMetaDataExtendedInfo
 {
     struct tm* creation_time;
+    SigStatusFlags sigStatusFlags;
     char* status_text;
     char* keyid;
     char* fingerprint;
diff --git a/gpgmeplug/gpgmeplug.c b/gpgmeplug/gpgmeplug.c
index eabcf35..217cca1 100644
--- a/gpgmeplug/gpgmeplug.c
+++ b/gpgmeplug/gpgmeplug.c
@@ -1179,6 +1179,8 @@ bool checkMessageSignature( char** cleartext,
 {
   GpgmeCtx ctx;
   GpgmeSigStat status;
+  unsigned long sumGPGME;
+  SigStatusFlags sumPlug;
   GpgmeData datapart, sigpart;
   char* rClear = 0;
   size_t clearLen;
@@ -1268,6 +1270,28 @@ bool checkMessageSignature( char** cleartext,
                 ctime_val, sizeof( struct tm ) );
       }
 
+      /* the extended signature verification status */
+      sumGPGME = gpgme_get_sig_ulong_attr( ctx,
+                                           sig_idx,
+                                           GPGME_ATTR_SIG_SUMMARY,
+                                           0 );
+      // translate GPGME status flags to common CryptPlug status flags
+      sumPlug = 0;
+      if( sumGPGME & GPGME_SIGSUM_VALID       ) sumPlug |= SigStat_VALID      ;
+      if( sumGPGME & GPGME_SIGSUM_GREEN       ) sumPlug |= SigStat_GREEN      ;
+      if( sumGPGME & GPGME_SIGSUM_RED         ) sumPlug |= SigStat_RED        ;
+      if( sumGPGME & GPGME_SIGSUM_KEY_REVOKED ) sumPlug |= SigStat_KEY_REVOKED;
+      if( sumGPGME & GPGME_SIGSUM_KEY_EXPIRED ) sumPlug |= SigStat_KEY_EXPIRED;
+      if( sumGPGME & GPGME_SIGSUM_SIG_EXPIRED ) sumPlug |= SigStat_SIG_EXPIRED;
+      if( sumGPGME & GPGME_SIGSUM_KEY_MISSING ) sumPlug |= SigStat_KEY_MISSING;
+      if( sumGPGME & GPGME_SIGSUM_CRL_MISSING ) sumPlug |= SigStat_CRL_MISSING;
+      if( sumGPGME & GPGME_SIGSUM_CRL_TOO_OLD ) sumPlug |= SigStat_CRL_TOO_OLD;
+      if( sumGPGME & GPGME_SIGSUM_BAD_POLICY  ) sumPlug |= SigStat_BAD_POLICY ;
+      if( sumGPGME & GPGME_SIGSUM_SYS_ERROR   ) sumPlug |= SigStat_SYS_ERROR  ;
+      if( !sumPlug )
+        sumPlug = SigStat_NUMERICAL_CODE | sumGPGME;
+      sigmeta->extended_info[sig_idx].sigStatusFlags = sumPlug;
+
       sigmeta->extended_info[sig_idx].validity = GPGME_VALIDITY_UNKNOWN;
 
       err = gpgme_get_sig_key (ctx, sig_idx, &key);
-- 
2.26.2