1
/* verify.c - verify signed data
2
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
1
/* verify.c - Verify signed data
2
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004, 2005, 2006,
3
* 2007 Free Software Foundation, Inc.
4
5
* This file is part of GnuPG.
6
7
* GnuPG is free software; you can redistribute it and/or modify
7
8
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
9
* the Free Software Foundation; either version 3 of the License, or
9
10
* (at your option) any later version.
11
12
* GnuPG is distributed in the hope that it will be useful,
55
54
verify_signatures( int nfiles, char **files )
58
armor_filter_context_t afx;
59
progress_filter_context_t pfx;
57
armor_filter_context_t *afx = NULL;
58
progress_filter_context_t *pfx = new_progress_context ();
60
59
const char *sigfile;
64
memset( &afx, 0, sizeof afx);
65
/* decide whether we should handle a detached or a normal signature,
63
/* Decide whether we should handle a detached or a normal signature,
66
64
* which is needed so that the code later can hash the correct data and
67
65
* not have a normal signature act as detached signature and ignoring the
68
66
* indended signed material from the 2nd file or stdin.
86
84
* that all quite easily in mainproc.c
90
87
sigfile = nfiles? *files : NULL;
92
89
/* open the signature file */
93
90
fp = iobuf_open(sigfile);
91
if (fp && is_secured_file (iobuf_get_fd (fp)))
95
rc = gpg_error_from_errno (errno);
98
rc = gpg_error_from_syserror ();
96
99
log_error(_("can't open `%s': %s\n"),
97
100
print_fname_stdin(sigfile), strerror (errno));
100
handle_progress (&pfx, fp, sigfile);
103
handle_progress (pfx, fp, sigfile);
102
if( !opt.no_armor && use_armor_filter( fp ) )
103
iobuf_push_filter( fp, armor_filter, &afx );
105
if ( !opt.no_armor && use_armor_filter( fp ) )
107
afx = new_armor_context ();
108
push_armor_filter (afx, fp);
106
for(i=1 ; i < nfiles; i++ )
112
for(i=nfiles-1 ; i > 0 ; i-- )
107
113
add_to_strlist( &sl, files[i] );
108
114
rc = proc_signature_packets( NULL, fp, sl, sigfile );
109
115
free_strlist(sl);
111
if( afx.no_openpgp_data && rc == -1 ) {
117
if( (afx && afx->no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) {
112
118
log_error(_("the signature could not be verified.\n"
113
119
"Please remember that the signature file (.sig or .asc)\n"
114
120
"should be the first file given on the command line.\n") );
125
release_armor_context (afx);
126
release_progress_context (pfx);
123
133
print_file_status( int status, const char *name, int what )
125
char *p = xmalloc (strlen(name)+10);
135
char *p = xmalloc(strlen(name)+10);
126
136
sprintf(p, "%d %s", what, name );
127
137
write_status_text( status, p );
133
143
verify_one_file( const char *name )
136
armor_filter_context_t afx;
137
progress_filter_context_t pfx;
146
armor_filter_context_t *afx = NULL;
147
progress_filter_context_t *pfx = new_progress_context ();
140
150
print_file_status( STATUS_FILE_START, name, 1 );
141
151
fp = iobuf_open(name);
153
iobuf_ioctl (fp,3,1,NULL); /* disable fd caching */
154
if (fp && is_secured_file (iobuf_get_fd (fp)))
143
rc = gpg_error_from_errno (errno);
161
rc = gpg_error_from_syserror ();
144
162
log_error(_("can't open `%s': %s\n"),
145
163
print_fname_stdin(name), strerror (errno));
146
164
print_file_status( STATUS_FILE_ERROR, name, 1 );
149
handle_progress (&pfx, fp, name);
167
handle_progress (pfx, fp, name);
151
169
if( !opt.no_armor ) {
152
170
if( use_armor_filter( fp ) ) {
153
memset( &afx, 0, sizeof afx);
154
iobuf_push_filter( fp, armor_filter, &afx );
171
afx = new_armor_context ();
172
push_armor_filter (afx, fp);
158
176
rc = proc_signature_packets( NULL, fp, NULL, name );
160
178
write_status( STATUS_FILE_DONE );
180
reset_literals_seen();
183
release_armor_context (afx);
184
release_progress_context (pfx);
226
/* Perform a verify operation. To verify detached signatures, DATA_FD
227
shall be the descriptor of the signed data; for regular signatures
228
it needs to be -1. If OUT_FP is not NULL and DATA_FD is not -1 the
229
the signed material gets written that stream.
231
FIXME: OUTFP is not yet implemented.
234
gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp)
238
armor_filter_context_t *afx = NULL;
239
progress_filter_context_t *pfx = new_progress_context ();
241
fp = iobuf_fdopen (sig_fd, "rb");
242
if (fp && is_secured_file (sig_fd))
249
rc = gpg_error_from_syserror ();
250
log_error (_("can't open fd %d: %s\n"), sig_fd, strerror (errno));
254
handle_progress (pfx, fp, NULL);
256
if ( !opt.no_armor && use_armor_filter (fp) )
258
afx = new_armor_context ();
259
push_armor_filter (afx, fp);
262
rc = proc_signature_packets_by_fd ( NULL, fp, data_fd );
264
if ( afx && afx->no_openpgp_data
265
&& (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF) )
266
rc = gpg_error (GPG_ERR_NO_DATA);
271
release_progress_context (pfx);
272
release_armor_context (afx);