GPGME: Signature summary
Matthias Fuchs
mat69 at gmx.net
Thu Oct 15 18:12:43 CEST 2009
On Thursday 15 October 2009 17:32:20 Matthias Fuchs wrote:
> Hi,
>
> I do a verification of a file and what baffles me is the summary of the
> signature. If I use a wrong file it correctly outputs GPGME_SIGSUM_RED, yet
> if the file is correct it outputs 0 instead of GPGME_SIGSUM_VALID (==1). I
> wonder if that is a bug somewhere in GPGME.
OK, I mixed up something, imo it should be GPGME_SIGSUM_GREEN because it is
GPGME_VALIDITY_UNKNOWN.
Imo the code in
static void calc_sig_summary (gpgme_signature_t sig)
verify.c:96++
is wrong.
It should probably be something like:
/* Calculate the red/green flag. */
if (sig->validity == GPGME_VALIDITY_FULL
|| sig->validity == GPGME_VALIDITY_ULTIMATE)
{
if (gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
sum |= GPGME_SIGSUM_VALID;
else if(gpg_err_code (sig->status) == GPG_ERR_SIG_EXPIRED
|| gpg_err_code (sig->status) == GPG_ERR_KEY_EXPIRED)
sum |= GPGME_SIGSUM_GREEN;
}
else if (sig->validity == GPGME_VALIDITY_NEVER)
{
if (gpg_err_code (sig->status) == GPG_ERR_NO_ERROR
|| gpg_err_code (sig->status) == GPG_ERR_SIG_EXPIRED
|| gpg_err_code (sig->status) == GPG_ERR_KEY_EXPIRED)
sum |= GPGME_SIGSUM_RED;
}
else if (sig->validity == GPGME_VALIDITY_UNKNOWN)
{
if (gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
|| gpg_err_code (sig->status) == GPG_ERR_SIG_EXPIRED
|| gpg_err_code (sig->status) == GPG_ERR_KEY_EXPIRED)
sum |= GPGME_SIGSUM_GREEN;
}
else if (gpg_err_code (sig->status) == GPG_ERR_BAD_SIGNATURE)
sum |= GPGME_SIGSUM_RED;
Btw. I don't get what this is for and think that it does not work:
if ((sum & GPGME_SIGSUM_GREEN) && !(sum & ~GPGME_SIGSUM_GREEN))
sum |= GPGME_SIGSUM_VALID;
If you want to check wether GPGME_SIGSUM_GREEN is the only flag set you should
do it imo differently, I did not try it though, but I think that it works:
if (sum == GPGME_SIGSUM_GREEN)
sum = GPGME_SIGSUM_VALID;
Cheers,
matthias
More information about the Gnupg-devel
mailing list