483
483
oktext = _("|audit-log-result|Not enabled");
484
484
else if (!strcmp (oktext, "error"))
485
485
oktext = _("|audit-log-result|Error");
486
else if (!strcmp (oktext, "not-used"))
487
oktext = _("|audit-log-result|Not used");
488
else if (!strcmp (oktext, "okay"))
489
oktext = _("|audit-log-result|Okay");
490
else if (!strcmp (oktext, "skipped"))
491
oktext = _("|audit-log-result|Skipped");
492
else if (!strcmp (oktext, "some"))
493
oktext = _("|audit-log-result|Some");
807
815
proc_type_sign (audit_ctx_t ctx)
817
log_item_t item, loopitem;
824
item = find_log_item (ctx, AUDIT_SIGNING_DONE, 0);
812
825
writeout_li (ctx, item?"Yes":"No", "%s", _("Data signing succeeded"));
816
829
item = find_log_item (ctx, AUDIT_GOT_DATA, 0);
817
830
writeout_li (ctx, item? "Yes":"No", "%s", _("Data available"));
831
/* Write remarks with the data hash algorithms. We use a very
832
simple scheme to avoid some duplicates. */
835
while ((loopitem = find_next_log_item
836
(ctx, loopitem, AUDIT_DATA_HASH_ALGO, AUDIT_NEW_SIG)))
838
if (loopitem->intvalue && loopitem->intvalue != lastalgo)
839
writeout_rem (ctx, _("data hash algorithm: %s"),
840
gcry_md_algo_name (loopitem->intvalue));
841
lastalgo = loopitem->intvalue;
844
/* Loop over all signer. */
847
while ((loopitem=find_next_log_item (ctx, loopitem, AUDIT_NEW_SIG, 0)))
851
item = find_next_log_item (ctx, loopitem, AUDIT_SIGNED_BY, AUDIT_NEW_SIG);
856
else if (gpg_err_code (item->err) == GPG_ERR_CANCELED)
859
result = gpg_strerror (item->err);
860
cert = item? item->cert : NULL;
862
writeout_li (ctx, result, _("Signer %d"), signer);
863
item = find_next_log_item (ctx, loopitem,
864
AUDIT_ATTR_HASH_ALGO, AUDIT_NEW_SIG);
866
writeout_rem (ctx, _("attr hash algorithm: %s"),
867
gcry_md_algo_name (item->intvalue));
871
name = get_cert_name (cert);
872
writeout_rem (ctx, "%s", name);
875
for (idx=0; (name = get_cert_subject (cert, idx)); idx++)
877
writeout_rem (ctx, "%s", name);
827
891
proc_type_decrypt (audit_ctx_t ctx)
893
log_item_t loopitem, item;
832
writeout_li (ctx, item?"Yes":"No", "%s", _("Data decryption succeeded"));
899
item = find_log_item (ctx, AUDIT_DECRYPTION_RESULT, 0);
900
writeout_li (ctx, item && !item->err?"Yes":"No",
901
"%s", _("Data decryption succeeded"));
836
905
item = find_log_item (ctx, AUDIT_GOT_DATA, 0);
837
906
writeout_li (ctx, item? "Yes":"No", "%s", _("Data available"));
908
item = find_log_item (ctx, AUDIT_DATA_CIPHER_ALGO, 0);
909
algo = item? item->intvalue : 0;
910
writeout_li (ctx, algo?"Yes":"No", "%s", _("Encryption algorithm supported"));
912
writeout_rem (ctx, _("algorithm: %s"), gcry_cipher_algo_name (algo));
914
item = find_log_item (ctx, AUDIT_BAD_DATA_CIPHER_ALGO, 0);
915
if (item && item->string)
917
algo = gcry_cipher_map_name (item->string);
919
writeout_rem (ctx, _("algorithm: %s"), gcry_cipher_algo_name (algo));
920
else if (item->string && !strcmp (item->string, "1.2.840.113549.3.2"))
921
writeout_rem (ctx, _("unsupported algorithm: %s"), "RC2");
922
else if (item->string)
923
writeout_rem (ctx, _("unsupported algorithm: %s"), item->string);
925
writeout_rem (ctx, _("seems to be not encrypted"));
929
for (recpno = 0, item = NULL;
930
(item = find_next_log_item (ctx, item, AUDIT_NEW_RECP, 0)); recpno++)
932
snprintf (numbuf, sizeof numbuf, "%d", recpno);
933
writeout_li (ctx, numbuf, "%s", _("Number of recipients"));
935
/* Loop over all recipients. */
937
while ((loopitem = find_next_log_item (ctx, loopitem, AUDIT_NEW_RECP, 0)))
941
recpno = loopitem->have_intvalue? loopitem->intvalue : -1;
943
item = find_next_log_item (ctx, loopitem,
944
AUDIT_RECP_RESULT, AUDIT_NEW_RECP);
949
else if (gpg_err_code (item->err) == GPG_ERR_CANCELED)
952
result = gpg_strerror (item->err);
954
item = find_next_log_item (ctx, loopitem,
955
AUDIT_RECP_NAME, AUDIT_NEW_RECP);
956
writeout_li (ctx, result, _("Recipient %d"), recpno);
957
if (item && item->string)
958
writeout_rem (ctx, "%s", item->string);
960
/* If we have a certificate write out more infos. */
961
item = find_next_log_item (ctx, loopitem,
962
AUDIT_SAVE_CERT, AUDIT_NEW_RECP);
963
if (item && item->cert)
966
for (idx=0; (name = get_cert_subject (item->cert, idx)); idx++)
968
writeout_rem (ctx, "%s", name);
847
982
proc_type_verify (audit_ctx_t ctx)
849
984
log_item_t loopitem, item;
850
int signo, count, idx;
985
int signo, count, idx, n_good, n_bad;
853
989
/* If there is at least one signature status we claim that the
854
verifciation succeeded. This does not mean that the data has
990
verification succeeded. This does not mean that the data has
855
991
verified okay. */
856
992
item = find_log_item (ctx, AUDIT_SIG_STATUS, 0);
857
993
writeout_li (ctx, item?"Yes":"No", "%s", _("Data verification succeeded"));
870
item = find_log_item (ctx, AUDIT_DATA_HASH_ALGO, AUDIT_NEW_SIG);
871
writeout_li (ctx, item?"Yes":"No", "%s", _("Parsing signature succeeded"));
874
item = find_log_item (ctx, AUDIT_BAD_DATA_HASH_ALGO, AUDIT_NEW_SIG);
876
writeout_rem (ctx, _("Bad hash algorithm: %s"),
877
item->string? item->string:"?");
1006
/* Print info about the used data hashing algorithms. */
1007
for (idx=0, n_good=n_bad=0; idx < ctx->logused; idx++)
1009
item = ctx->log + idx;
1010
if (item->event == AUDIT_NEW_SIG)
1012
else if (item->event == AUDIT_DATA_HASH_ALGO)
1014
else if (item->event == AUDIT_BAD_DATA_HASH_ALGO)
1017
item = find_log_item (ctx, AUDIT_DATA_HASHING, AUDIT_NEW_SIG);
1018
if (!item || item->err || !n_good)
1020
else if (n_good && !n_bad)
1024
writeout_li (ctx, result, "%s", _("Parsing data succeeded"));
1025
if (n_good || n_bad)
1027
for (idx=0; idx < ctx->logused; idx++)
1029
item = ctx->log + idx;
1030
if (item->event == AUDIT_NEW_SIG)
1032
else if (item->event == AUDIT_DATA_HASH_ALGO)
1033
writeout_rem (ctx, _("data hash algorithm: %s"),
1034
gcry_md_algo_name (item->intvalue));
1035
else if (item->event == AUDIT_BAD_DATA_HASH_ALGO)
1036
writeout_rem (ctx, _("bad data hash algorithm: %s"),
1037
item->string? item->string:"?");
882
1042
/* Loop over all signatures. */
883
1043
loopitem = find_log_item (ctx, AUDIT_NEW_SIG, 0);
893
1053
AUDIT_SIG_NAME, AUDIT_NEW_SIG);
895
1055
writeout_rem (ctx, "%s", item->string);
1057
item = find_next_log_item (ctx, loopitem,
1058
AUDIT_DATA_HASH_ALGO, AUDIT_NEW_SIG);
1060
writeout_rem (ctx, _("data hash algorithm: %s"),
1061
gcry_md_algo_name (item->intvalue));
1062
item = find_next_log_item (ctx, loopitem,
1063
AUDIT_ATTR_HASH_ALGO, AUDIT_NEW_SIG);
1065
writeout_rem (ctx, _("attr hash algorithm: %s"),
1066
gcry_md_algo_name (item->intvalue));
898
1070
/* List the certificate chain. */