GPGME: Signature summary

Matthias Fuchs mat69 at gmx.net
Fri Oct 16 15:51:29 CEST 2009 

On Friday 16 October 2009 14:26:38 Werner Koch wrote:
> On Fri, 16 Oct 2009 11:22, mat69 at gmx.net said:
> >> This sets another bit and thus the VALID flag is not anymore correct.
> >
> > This would imo apply to the current code as well.
> 
> Nope.  The code sets the valid bit at the end of the function _only_ if
> no other bits but GREEN is set.  That is what VALID is about.
Oh, sorry, obviously I did not look at it good enough.

> > The problem I have still remains though and is unadressed, namely summary
> > returning 0, a value that is not defined for gpgme_sigsum_t and imo that
> > is not a good practice as it leaves the user in the cold of what is the
> > case. So
> 
> I already mentioned that this indicates: Not enough information to tell
> anything about the validity of the signature.
> 
> > And as I have pointed out this happens when GPGME_VALIDITY_UNKNOWN is
> > set. Even if the signature is correct. So what is one supposed to do when
> > summary returns 0?
> 
> You can't tell anything without further digging into the subject.  The
> mathematical correctness of the signature does not tell you anything.
> It is not more than a checksum to spot errors on the transport channel.

So I have to assume that 0 tells me that it is mathematical correct, as it 
would be e.g. 4 otherwise?

I thought it was more than a checksum but rather telling me that the file was 
signed with a key of which I have the public version, if the owner of that key 
is who I think he is would be a different story...

> What some programs do is to check the key used to create the signature
> against a database of known keys and from that deduce that this is a
> valid signature.  This is what I mean with YELLOW state: Use other means
> to see whether you driver trough the crossing / take the signature as
> valid.
In that case it would be great if the documentation could be adapted to this, 
mentioning when it would be zero.


Btw.

    case GPG_ERR_SIG_EXPIRED:
      if (gpg_err_code (sig->status) & GPG_ERR_KEY_EXPIRED)
          sum |= GPGME_SIGSUM_KEY_EXPIRED;
      sum |= GPGME_SIGSUM_SIG_EXPIRED;
      break;

    case GPG_ERR_KEY_EXPIRED:
      if (gpg_err_code (sig->status) & GPG_ERR_SIG_EXPIRED)
          sum |= GPGME_SIGSUM_KEY_EXPIRED;
      sum |= GPGME_SIGSUM_SIG_EXPIRED;
      break;

would fix the FIXME, it is not nice but keeps the switch.

Cheers,
matthias

More information about the Gnupg-devel mailing list