[gmime] Use gpgme's sig->summary instead of our own status + errors
- From: Jeffrey Stedfast <fejj src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gmime] Use gpgme's sig->summary instead of our own status + errors
- Date: Tue, 7 Feb 2017 18:33:59 +0000 (UTC)
commit 756c6fe88e9d0482b5c9f7ccbd21a5266f805629
Author: Jeffrey Stedfast <jestedfa microsoft com>
Date: Tue Feb 7 13:33:20 2017 -0500
Use gpgme's sig->summary instead of our own status + errors
gmime/gmime-gpg-context.c | 47 +++++++----------------------
gmime/gmime-pkcs7-context.c | 40 ++----------------------
gmime/gmime-signature.c | 40 +-----------------------
gmime/gmime-signature.h | 60 ++++++++++++++++--------------------
tests/test-pgp.c | 16 +++++++---
tests/test-pgpmime.c | 71 ++++++++++++++++++-------------------------
tests/test-pkcs7.c | 16 +++++++---
tests/test-smime.c | 71 ++++++++++++++++++-------------------------
8 files changed, 125 insertions(+), 236 deletions(-)
---
diff --git a/gmime/gmime-gpg-context.c b/gmime/gmime-gpg-context.c
index 401bcd3..797b553 100644
--- a/gmime/gmime-gpg-context.c
+++ b/gmime/gmime-gpg-context.c
@@ -540,8 +540,8 @@ gpg_get_signatures (GMimeGpgContext *gpg, gboolean verify)
GMimeSignatureList *signatures;
GMimeSignature *signature;
gpgme_verify_result_t result;
- gpgme_subkey_t subkey;
gpgme_signature_t sig;
+ gpgme_subkey_t subkey;
gpgme_user_id_t uid;
gpgme_key_t key;
@@ -557,23 +557,13 @@ gpg_get_signatures (GMimeGpgContext *gpg, gboolean verify)
while (sig != NULL) {
signature = g_mime_signature_new ();
g_mime_signature_list_add (signatures, signature);
-
- if (sig->status != GPG_ERR_NO_ERROR)
- g_mime_signature_set_status (signature, GMIME_SIGNATURE_STATUS_ERROR);
- else
- g_mime_signature_set_status (signature, GMIME_SIGNATURE_STATUS_GOOD);
+ g_mime_signature_set_status (signature, (GMimeSignatureStatus) sig->summary);
+ g_mime_signature_set_expires (signature, sig->exp_timestamp);
+ g_mime_signature_set_created (signature, sig->timestamp);
g_mime_certificate_set_pubkey_algo (signature->cert, (GMimePubKeyAlgo) sig->pubkey_algo);
g_mime_certificate_set_digest_algo (signature->cert, (GMimeDigestAlgo) sig->hash_algo);
g_mime_certificate_set_fingerprint (signature->cert, sig->fpr);
- g_mime_signature_set_expires (signature, sig->exp_timestamp);
- g_mime_signature_set_created (signature, sig->timestamp);
-
- if (sig->exp_timestamp != 0 && sig->exp_timestamp <= time (NULL)) {
- /* signature expired, automatically results in a BAD signature */
- signature->errors |= GMIME_SIGNATURE_ERROR_EXPSIG;
- signature->status = GMIME_SIGNATURE_STATUS_BAD;
- }
if (gpgme_get_key (gpg->ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR && key) {
/* get more signer info from their signing key */
@@ -607,25 +597,6 @@ gpg_get_signatures (GMimeGpgContext *gpg, gboolean verify)
if (subkey) {
g_mime_certificate_set_created (signature->cert, subkey->timestamp);
g_mime_certificate_set_expires (signature->cert, subkey->expires);
-
- if (subkey->revoked) {
- /* signer's key has been revoked, automatic BAD status */
- signature->errors |= GMIME_SIGNATURE_ERROR_REVKEYSIG;
- signature->status = GMIME_SIGNATURE_STATUS_BAD;
- }
-
- if (subkey->expired) {
- /* signer's key has expired, automatic BAD status */
- signature->errors |= GMIME_SIGNATURE_ERROR_EXPKEYSIG;
- signature->status = GMIME_SIGNATURE_STATUS_BAD;
- }
- } else {
- /* If we don't have the subkey used by the signer, then we can't
- * tell what the status is, so set to ERROR if it hasn't already
- * been designated as BAD. */
- if (signature->status != GMIME_SIGNATURE_STATUS_BAD)
- signature->status = GMIME_SIGNATURE_STATUS_ERROR;
- signature->errors |= GMIME_SIGNATURE_ERROR_NO_PUBKEY;
}
gpgme_key_unref (key);
@@ -634,9 +605,6 @@ gpg_get_signatures (GMimeGpgContext *gpg, gboolean verify)
* the status is, so set it to ERROR if it hasn't already been
* designated as BAD. */
g_mime_certificate_set_trust (signature->cert, GMIME_CERTIFICATE_TRUST_UNDEFINED);
- if (signature->status != GMIME_SIGNATURE_STATUS_BAD)
- signature->status = GMIME_SIGNATURE_STATUS_ERROR;
- signature->errors |= GMIME_SIGNATURE_ERROR_NO_PUBKEY;
}
sig = sig->next;
@@ -793,9 +761,14 @@ gpg_get_decrypt_result (GMimeGpgContext *gpg)
result->recipients = g_mime_certificate_list_new ();
result->signatures = gpg_get_signatures (gpg, FALSE);
+ // TODO: ciper, mdc
+
if (!(res = gpgme_op_decrypt_result (gpg->ctx)) || !res->recipients)
return result;
+ //if (res->session_key)
+ // result->session_key = g_strdup (res->session_key);
+
recipient = res->recipients;
while (recipient != NULL) {
cert = g_mime_certificate_new ();
@@ -830,6 +803,8 @@ gpg_decrypt_session (GMimeCryptoContext *context, const char *session_key,
gpgme_data_t input, output;
gpgme_error_t error;
+ // TODO: make use of the session_key
+
if ((error = gpgme_data_new_from_cbs (&input, &gpg_stream_funcs, istream)) != GPG_ERR_NO_ERROR) {
g_set_error (err, GMIME_GPGME_ERROR, error, _("Could not open input stream"));
return NULL;
diff --git a/gmime/gmime-pkcs7-context.c b/gmime/gmime-pkcs7-context.c
index 84e4717..276ff1d 100644
--- a/gmime/gmime-pkcs7-context.c
+++ b/gmime/gmime-pkcs7-context.c
@@ -522,8 +522,8 @@ pkcs7_get_signatures (GMimePkcs7Context *pkcs7, gboolean verify)
GMimeSignatureList *signatures;
GMimeSignature *signature;
gpgme_verify_result_t result;
- gpgme_subkey_t subkey;
gpgme_signature_t sig;
+ gpgme_subkey_t subkey;
gpgme_user_id_t uid;
gpgme_key_t key;
@@ -539,23 +539,13 @@ pkcs7_get_signatures (GMimePkcs7Context *pkcs7, gboolean verify)
while (sig != NULL) {
signature = g_mime_signature_new ();
g_mime_signature_list_add (signatures, signature);
-
- if (sig->status != GPG_ERR_NO_ERROR)
- g_mime_signature_set_status (signature, GMIME_SIGNATURE_STATUS_ERROR);
- else
- g_mime_signature_set_status (signature, GMIME_SIGNATURE_STATUS_GOOD);
+ g_mime_signature_set_status (signature, (GMimeSignatureStatus) sig->summary);
+ g_mime_signature_set_expires (signature, sig->exp_timestamp);
+ g_mime_signature_set_created (signature, sig->timestamp);
g_mime_certificate_set_pubkey_algo (signature->cert, (GMimePubKeyAlgo) sig->pubkey_algo);
g_mime_certificate_set_digest_algo (signature->cert, (GMimeDigestAlgo) sig->hash_algo);
g_mime_certificate_set_fingerprint (signature->cert, sig->fpr);
- g_mime_signature_set_expires (signature, sig->exp_timestamp);
- g_mime_signature_set_created (signature, sig->timestamp);
-
- if (sig->exp_timestamp != 0 && sig->exp_timestamp <= time (NULL)) {
- /* signature expired, automatically results in a BAD signature */
- signature->errors |= GMIME_SIGNATURE_ERROR_EXPSIG;
- signature->status = GMIME_SIGNATURE_STATUS_BAD;
- }
if (gpgme_get_key (pkcs7->ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR && key) {
/* get more signer info from their signing key */
@@ -589,25 +579,6 @@ pkcs7_get_signatures (GMimePkcs7Context *pkcs7, gboolean verify)
if (subkey) {
g_mime_certificate_set_created (signature->cert, subkey->timestamp);
g_mime_certificate_set_expires (signature->cert, subkey->expires);
-
- if (subkey->revoked) {
- /* signer's key has been revoked, automatic BAD status */
- signature->errors |= GMIME_SIGNATURE_ERROR_REVKEYSIG;
- signature->status = GMIME_SIGNATURE_STATUS_BAD;
- }
-
- if (subkey->expired) {
- /* signer's key has expired, automatic BAD status */
- signature->errors |= GMIME_SIGNATURE_ERROR_EXPKEYSIG;
- signature->status = GMIME_SIGNATURE_STATUS_BAD;
- }
- } else {
- /* If we don't have the subkey used by the signer, then we can't
- * tell what the status is, so set to ERROR if it hasn't already
- * been designated as BAD. */
- if (signature->status != GMIME_SIGNATURE_STATUS_BAD)
- signature->status = GMIME_SIGNATURE_STATUS_ERROR;
- signature->errors |= GMIME_SIGNATURE_ERROR_NO_PUBKEY;
}
gpgme_key_unref (key);
@@ -616,9 +587,6 @@ pkcs7_get_signatures (GMimePkcs7Context *pkcs7, gboolean verify)
* the status is, so set it to ERROR if it hasn't already been
* designated as BAD. */
g_mime_certificate_set_trust (signature->cert, GMIME_CERTIFICATE_TRUST_UNDEFINED);
- if (signature->status != GMIME_SIGNATURE_STATUS_BAD)
- signature->status = GMIME_SIGNATURE_STATUS_ERROR;
- signature->errors |= GMIME_SIGNATURE_ERROR_NO_PUBKEY;
}
sig = sig->next;
diff --git a/gmime/gmime-signature.c b/gmime/gmime-signature.c
index b79bfda..3f74c05 100644
--- a/gmime/gmime-signature.c
+++ b/gmime/gmime-signature.c
@@ -83,11 +83,10 @@ g_mime_signature_class_init (GMimeSignatureClass *klass)
static void
g_mime_signature_init (GMimeSignature *sig, GMimeSignatureClass *klass)
{
- sig->status = GMIME_SIGNATURE_STATUS_GOOD;
- sig->errors = GMIME_SIGNATURE_ERROR_NONE;
sig->cert = g_mime_certificate_new ();
sig->created = (time_t) -1;
sig->expires = (time_t) -1;
+ sig->status = 0;
}
static void
@@ -143,48 +142,13 @@ g_mime_signature_set_status (GMimeSignature *sig, GMimeSignatureStatus status)
GMimeSignatureStatus
g_mime_signature_get_status (GMimeSignature *sig)
{
- g_return_val_if_fail (GMIME_IS_SIGNATURE (sig), GMIME_SIGNATURE_STATUS_BAD);
+ g_return_val_if_fail (GMIME_IS_SIGNATURE (sig), 0);
return sig->status;
}
/**
- * g_mime_signature_set_errors:
- * @sig: a #GMimeSignature
- * @errors: a #GMimeSignatureError
- *
- * Set the errors on the signature.
- **/
-void
-g_mime_signature_set_errors (GMimeSignature *sig, GMimeSignatureError errors)
-{
- g_return_if_fail (GMIME_IS_SIGNATURE (sig));
-
- sig->errors = errors;
-}
-
-
-/**
- * g_mime_signature_get_errors:
- * @sig: a #GMimeSignature
- *
- * Get the signature errors. If the #GMimeSignatureStatus returned from
- * g_mime_signature_get_status() is not #GMIME_SIGNATURE_STATUS_GOOD, then the
- * errors may provide a clue as to why.
- *
- * Returns: a bitfield of errors.
- **/
-GMimeSignatureError
-g_mime_signature_get_errors (GMimeSignature *sig)
-{
- g_return_val_if_fail (GMIME_IS_SIGNATURE (sig), GMIME_SIGNATURE_ERROR_NONE);
-
- return sig->errors;
-}
-
-
-/**
* g_mime_signature_set_certificate:
* @sig: a #GMimeSignature
* @cert: a #GMimeCertificate
diff --git a/gmime/gmime-signature.h b/gmime/gmime-signature.h
index 4073cad..58f8ab7 100644
--- a/gmime/gmime-signature.h
+++ b/gmime/gmime-signature.h
@@ -50,46 +50,42 @@ typedef struct _GMimeSignatureListClass GMimeSignatureListClass;
/**
* GMimeSignatureStatus:
- * @GMIME_SIGNATURE_STATUS_GOOD: Good signature.
- * @GMIME_SIGNATURE_STATUS_ERROR: An error occurred.
- * @GMIME_SIGNATURE_STATUS_BAD: Bad signature.
+ * @GMIME_SIGNATURE_STATUS_VALID: The signature is fully valid.
+ * @GMIME_SIGNATURE_STATUS_GREEN: The signature is good.
+ * @GMIME_SIGNATURE_STATUS_RED: The signature is bad.
+ * @GMIME_SIGNATURE_STATUS_KEY_REVOKED: The key has been revoked.
+ * @GMIME_SIGNATURE_STATUS_KEY_EXPIRED: The key has expired.
+ * @GMIME_SIGNATURE_STATUS_SIG_EXPIRED: The signature has expired.
+ * @GMIME_SIGNATURE_STATUS_KEY_MISSING: Can't verify due to missing key.
+ * @GMIME_SIGNATURE_STATUS_CRL_MISSING: CRL not available.
+ * @GMIME_SIGNATURE_STATUS_CRL_TOO_OLD: Available CRL is too old.
+ * @GMIME_SIGNATURE_STATUS_BAD_POLICY: A policy was not met.
+ * @GMIME_SIGNATURE_STATUS_SYS_ERROR: A system error occurred.
+ * @GMIME_SIGNATURE_STATUS_TOFU_CONFLICT: Tofu conflict detected.
*
- * A value representing the signature status for a particular
+ * A value representing the signature status flags for a particular
* #GMimeSignature.
**/
typedef enum {
- GMIME_SIGNATURE_STATUS_GOOD,
- GMIME_SIGNATURE_STATUS_ERROR,
- GMIME_SIGNATURE_STATUS_BAD
+ GMIME_SIGNATURE_STATUS_VALID = 0x0001,
+ GMIME_SIGNATURE_STATUS_GREEN = 0x0002,
+ GMIME_SIGNATURE_STATUS_RED = 0x0004,
+ GMIME_SIGNATURE_STATUS_KEY_REVOKED = 0x0010,
+ GMIME_SIGNATURE_STATUS_KEY_EXPIRED = 0x0020,
+ GMIME_SIGNATURE_STATUS_SIG_EXPIRED = 0x0040,
+ GMIME_SIGNATURE_STATUS_KEY_MISSING = 0x0080,
+ GMIME_SIGNATURE_STATUS_CRL_MISSING = 0x0100,
+ GMIME_SIGNATURE_STATUS_CRL_TOO_OLD = 0x0200,
+ GMIME_SIGNATURE_STATUS_BAD_POLICY = 0x0400,
+ GMIME_SIGNATURE_STATUS_SYS_ERROR = 0x0800,
+ GMIME_SIGNATURE_STATUS_TOFU_CONFLICT = 0x1000
} GMimeSignatureStatus;
/**
- * GMimeSignatureError:
- * @GMIME_SIGNATURE_ERROR_NONE: No error.
- * @GMIME_SIGNATURE_ERROR_EXPSIG: Expired signature.
- * @GMIME_SIGNATURE_ERROR_NO_PUBKEY: No public key found.
- * @GMIME_SIGNATURE_ERROR_EXPKEYSIG: Expired signature key.
- * @GMIME_SIGNATURE_ERROR_REVKEYSIG: Revoked signature key.
- * @GMIME_SIGNATURE_ERROR_UNSUPP_ALGO: Unsupported algorithm.
- *
- * Possible errors that a #GMimeSignature could have.
- **/
-typedef enum {
- GMIME_SIGNATURE_ERROR_NONE = 0,
- GMIME_SIGNATURE_ERROR_EXPSIG = (1 << 0), /* expired signature */
- GMIME_SIGNATURE_ERROR_NO_PUBKEY = (1 << 1), /* no public key */
- GMIME_SIGNATURE_ERROR_EXPKEYSIG = (1 << 2), /* expired key */
- GMIME_SIGNATURE_ERROR_REVKEYSIG = (1 << 3), /* revoked key */
- GMIME_SIGNATURE_ERROR_UNSUPP_ALGO = (1 << 4) /* unsupported algorithm */
-} GMimeSignatureError;
-
-
-/**
* GMimeSignature:
* @parent_object: parent #GObject
- * @status: A #GMimeSignatureStatus.
- * @errors: A bitfield of #GMimeSignatureError values.
+ * @status: A bitfield of #GMimeSignatureStatus values.
* @cert: The #GMimeCertificate used in the signature.
* @created: The creation date of the signature.
* @expires: The expiration date of the signature.
@@ -100,7 +96,6 @@ struct _GMimeSignature {
GObject parent_object;
GMimeSignatureStatus status;
- GMimeSignatureError errors;
GMimeCertificate *cert;
time_t created;
time_t expires;
@@ -122,9 +117,6 @@ GMimeCertificate *g_mime_signature_get_certificate (GMimeSignature *sig);
void g_mime_signature_set_status (GMimeSignature *sig, GMimeSignatureStatus status);
GMimeSignatureStatus g_mime_signature_get_status (GMimeSignature *sig);
-void g_mime_signature_set_errors (GMimeSignature *sig, GMimeSignatureError errors);
-GMimeSignatureError g_mime_signature_get_errors (GMimeSignature *sig);
-
void g_mime_signature_set_created (GMimeSignature *sig, time_t created);
time_t g_mime_signature_get_created (GMimeSignature *sig);
diff --git a/tests/test-pgp.c b/tests/test-pgp.c
index eb0c32c..122649d 100644
--- a/tests/test-pgp.c
+++ b/tests/test-pgp.c
@@ -51,16 +51,16 @@ request_passwd (GMimeCryptoContext *ctx, const char *user_id, const char *prompt
static GMimeSignatureStatus
get_sig_status (GMimeSignatureList *signatures)
{
- GMimeSignatureStatus status = GMIME_SIGNATURE_STATUS_GOOD;
+ GMimeSignatureStatus status = 0;
GMimeSignature *sig;
int i;
if (!signatures || signatures->array->len == 0)
- return GMIME_SIGNATURE_STATUS_ERROR;
+ return GMIME_SIGNATURE_STATUS_RED;
for (i = 0; i < g_mime_signature_list_length (signatures); i++) {
sig = g_mime_signature_list_get_signature (signatures, i);
- status = MAX (status, sig->status);
+ status |= sig->status;
}
return status;
@@ -93,6 +93,7 @@ static void
test_verify (GMimeCryptoContext *ctx, GMimeStream *cleartext, GMimeStream *ciphertext)
{
GMimeSignatureList *signatures;
+ GMimeSignatureStatus status;
GError *err = NULL;
Exception *ex;
@@ -105,7 +106,9 @@ test_verify (GMimeCryptoContext *ctx, GMimeStream *cleartext, GMimeStream *ciphe
throw (ex);
}
- if (get_sig_status (signatures) != GMIME_SIGNATURE_STATUS_GOOD) {
+ status = get_sig_status (signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0) {
g_object_unref (signatures);
throw (exception_new ("signature BAD"));
}
@@ -142,6 +145,7 @@ test_encrypt (GMimeCryptoContext *ctx, gboolean sign, GMimeStream *cleartext, GM
static void
test_decrypt (GMimeCryptoContext *ctx, gboolean sign, GMimeStream *cleartext, GMimeStream *ciphertext)
{
+ GMimeSignatureStatus status;
GMimeDecryptResult *result;
Exception *ex = NULL;
GMimeStream *stream;
@@ -158,7 +162,9 @@ test_decrypt (GMimeCryptoContext *ctx, gboolean sign, GMimeStream *cleartext, GM
}
if (sign) {
- if (!result->signatures || get_sig_status (result->signatures) != GMIME_SIGNATURE_STATUS_GOOD)
+ status = get_sig_status (result->signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0)
ex = exception_new ("expected GOOD signature");
} else {
if (result->signatures != NULL)
diff --git a/tests/test-pgpmime.c b/tests/test-pgpmime.c
index 3032890..1002ff0 100644
--- a/tests/test-pgpmime.c
+++ b/tests/test-pgpmime.c
@@ -52,16 +52,16 @@ request_passwd (GMimeCryptoContext *ctx, const char *user_id, const char *prompt
static GMimeSignatureStatus
get_sig_status (GMimeSignatureList *signatures)
{
- GMimeSignatureStatus status = GMIME_SIGNATURE_STATUS_GOOD;
+ GMimeSignatureStatus status = 0;
GMimeSignature *sig;
int i;
if (!signatures || signatures->array->len == 0)
- return GMIME_SIGNATURE_STATUS_ERROR;
+ return GMIME_SIGNATURE_STATUS_RED;
for (i = 0; i < g_mime_signature_list_length (signatures); i++) {
sig = g_mime_signature_list_get_signature (signatures, i);
- status = MAX (status, sig->status);
+ status |= sig->status;
}
return status;
@@ -70,23 +70,18 @@ get_sig_status (GMimeSignatureList *signatures)
static void
print_verify_results (GMimeSignatureList *signatures)
{
+ GMimeSignatureStatus status;
GMimeSignature *sig;
int count, i;
- switch (get_sig_status (signatures)) {
- case GMIME_SIGNATURE_STATUS_GOOD:
- fputs ("GOOD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_BAD:
+ status = get_sig_status (signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0)
fputs ("BAD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_ERROR:
- fputs ("ERROR status\n", stdout);
- break;
- default:
- fputs ("Unknown enum value\n", stdout);
- break;
- }
+ else if ((status & GMIME_SIGNATURE_STATUS_GREEN) != 0)
+ fputs ("GOOD\n", stdout);
+ else
+ fputs ("UNKNOWN\n", stdout);
fputs ("\nSignatures:\n", stdout);
count = g_mime_signature_list_length (signatures);
@@ -120,17 +115,12 @@ print_verify_results (GMimeSignatureList *signatures)
}
fprintf (stdout, "\tStatus: ");
- switch (sig->status) {
- case GMIME_SIGNATURE_STATUS_GOOD:
- fputs ("GOOD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_BAD:
+ if ((sig->status & GMIME_SIGNATURE_STATUS_RED) != 0)
fputs ("BAD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_ERROR:
- fputs ("ERROR\n", stdout);
- break;
- }
+ else if ((sig->status & GMIME_SIGNATURE_STATUS_GREEN) != 0)
+ fputs ("GOOD\n", stdout);
+ else
+ fputs ("UNKNOWN\n", stdout);
fprintf (stdout, "\tSignature made on %s", ctime (&sig->created));
if (sig->expires != (time_t) 0)
@@ -138,20 +128,16 @@ print_verify_results (GMimeSignatureList *signatures)
else
fprintf (stdout, "\tSignature never expires\n");
- if (sig->errors) {
- fprintf (stdout, "\tErrors: ");
- if (sig->errors & GMIME_SIGNATURE_ERROR_EXPSIG)
- fputs ("Expired, ", stdout);
- if (sig->errors & GMIME_SIGNATURE_ERROR_NO_PUBKEY)
- fputs ("No Pub Key, ", stdout);
- if (sig->errors & GMIME_SIGNATURE_ERROR_EXPKEYSIG)
- fputs ("Key Expired, ", stdout);
- if (sig->errors & GMIME_SIGNATURE_ERROR_REVKEYSIG)
- fputs ("Key Revoked", stdout);
- fputc ('\n', stdout);
- } else {
- fprintf (stdout, "\tNo errors for this signer\n");
- }
+ fprintf (stdout, "\tErrors: ");
+ if (sig->status & GMIME_SIGNATURE_STATUS_SIG_EXPIRED)
+ fputs ("Expired, ", stdout);
+ if (sig->status & GMIME_SIGNATURE_STATUS_KEY_MISSING)
+ fputs ("No Pub Key, ", stdout);
+ if (sig->status & GMIME_SIGNATURE_STATUS_KEY_EXPIRED)
+ fputs ("Key Expired, ", stdout);
+ if (sig->status & GMIME_SIGNATURE_STATUS_KEY_REVOKED)
+ fputs ("Key Revoked", stdout);
+ fputc ('\n', stdout);
if (i + 1 < count)
fputc ('\n', stdout);
@@ -360,6 +346,7 @@ test_multipart_encrypted (GMimeCryptoContext *ctx, gboolean sign,
GMimeStream *cleartext, GMimeStream *stream,
const char *session_key)
{
+ GMimeSignatureStatus status;
GMimeStream *test_stream;
GMimeMultipartEncrypted *mpe;
GMimeDecryptResult *result;
@@ -407,7 +394,9 @@ test_multipart_encrypted (GMimeCryptoContext *ctx, gboolean sign,
v(print_verify_results (result->signatures));
if (sign) {
- if (!result->signatures || get_sig_status (result->signatures) != GMIME_SIGNATURE_STATUS_GOOD)
+ status = get_sig_status (result->signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0)
ex = exception_new ("signature status expected to be GOOD");
} else {
if (result->signatures)
diff --git a/tests/test-pkcs7.c b/tests/test-pkcs7.c
index be05d44..eafbef7 100644
--- a/tests/test-pkcs7.c
+++ b/tests/test-pkcs7.c
@@ -52,16 +52,16 @@ request_passwd (GMimeCryptoContext *ctx, const char *user_id, const char *prompt
static GMimeSignatureStatus
get_sig_status (GMimeSignatureList *signatures)
{
- GMimeSignatureStatus status = GMIME_SIGNATURE_STATUS_GOOD;
+ GMimeSignatureStatus status = 0;
GMimeSignature *sig;
int i;
if (!signatures || signatures->array->len == 0)
- return GMIME_SIGNATURE_STATUS_ERROR;
+ return GMIME_SIGNATURE_STATUS_RED;
for (i = 0; i < g_mime_signature_list_length (signatures); i++) {
sig = g_mime_signature_list_get_signature (signatures, i);
- status = MAX (status, sig->status);
+ status |= sig->status;
}
return status;
@@ -94,6 +94,7 @@ static void
test_verify (GMimeCryptoContext *ctx, GMimeStream *cleartext, GMimeStream *ciphertext)
{
GMimeSignatureList *signatures;
+ GMimeSignatureStatus status;
GError *err = NULL;
Exception *ex;
@@ -105,8 +106,10 @@ test_verify (GMimeCryptoContext *ctx, GMimeStream *cleartext, GMimeStream *ciphe
g_error_free (err);
throw (ex);
}
+
+ status = get_sig_status (signatures);
- if (get_sig_status (signatures) != GMIME_SIGNATURE_STATUS_GOOD) {
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0) {
g_object_unref (signatures);
throw (exception_new ("signature BAD"));
}
@@ -144,6 +147,7 @@ test_encrypt (GMimeCryptoContext *ctx, gboolean sign, GMimeStream *cleartext, GM
static void
test_decrypt (GMimeCryptoContext *ctx, gboolean sign, GMimeStream *cleartext, GMimeStream *ciphertext)
{
+ GMimeSignatureStatus status;
GMimeDecryptResult *result;
Exception *ex = NULL;
GMimeStream *stream;
@@ -160,7 +164,9 @@ test_decrypt (GMimeCryptoContext *ctx, gboolean sign, GMimeStream *cleartext, GM
}
if (sign) {
- if (!result->signatures || get_sig_status (result->signatures) != GMIME_SIGNATURE_STATUS_GOOD)
+ status = get_sig_status (result->signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0)
ex = exception_new ("expected GOOD signature");
} else {
if (result->signatures)
diff --git a/tests/test-smime.c b/tests/test-smime.c
index 168a8c1..957e96a 100644
--- a/tests/test-smime.c
+++ b/tests/test-smime.c
@@ -53,16 +53,16 @@ request_passwd (GMimeCryptoContext *ctx, const char *user_id, const char *prompt
static GMimeSignatureStatus
get_sig_status (GMimeSignatureList *signatures)
{
- GMimeSignatureStatus status = GMIME_SIGNATURE_STATUS_GOOD;
+ GMimeSignatureStatus status = 0;
GMimeSignature *sig;
int i;
if (!signatures || signatures->array->len == 0)
- return GMIME_SIGNATURE_STATUS_ERROR;
+ return GMIME_SIGNATURE_STATUS_RED;
for (i = 0; i < g_mime_signature_list_length (signatures); i++) {
sig = g_mime_signature_list_get_signature (signatures, i);
- status = MAX (status, sig->status);
+ status |= sig->status;
}
return status;
@@ -71,23 +71,18 @@ get_sig_status (GMimeSignatureList *signatures)
static void
print_verify_results (GMimeSignatureList *signatures)
{
+ GMimeSignatureStatus status;
GMimeSignature *sig;
int count, i;
- switch (get_sig_status (signatures)) {
- case GMIME_SIGNATURE_STATUS_GOOD:
- fputs ("GOOD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_BAD:
+ status = get_sig_status (signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0)
fputs ("BAD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_ERROR:
- fputs ("ERROR status\n", stdout);
- break;
- default:
- fputs ("Unknown enum value\n", stdout);
- break;
- }
+ else if ((status & GMIME_SIGNATURE_STATUS_GREEN) != 0)
+ fputs ("GOOD\n", stdout);
+ else
+ fputs ("UNKNOWN\n", stdout);
fputs ("\nSignatures:\n", stdout);
count = g_mime_signature_list_length (signatures);
@@ -121,17 +116,12 @@ print_verify_results (GMimeSignatureList *signatures)
}
fprintf (stdout, "\tStatus: ");
- switch (sig->status) {
- case GMIME_SIGNATURE_STATUS_GOOD:
- fputs ("GOOD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_BAD:
+ if ((sig->status & GMIME_SIGNATURE_STATUS_RED) != 0)
fputs ("BAD\n", stdout);
- break;
- case GMIME_SIGNATURE_STATUS_ERROR:
- fputs ("ERROR\n", stdout);
- break;
- }
+ else if ((sig->status & GMIME_SIGNATURE_STATUS_GREEN) != 0)
+ fputs ("GOOD\n", stdout);
+ else
+ fputs ("UNKNOWN\n", stdout);
fprintf (stdout, "\tSignature made on %s", ctime (&sig->created));
if (sig->expires != (time_t) 0)
@@ -139,20 +129,16 @@ print_verify_results (GMimeSignatureList *signatures)
else
fprintf (stdout, "\tSignature never expires\n");
- if (sig->errors) {
- fprintf (stdout, "\tErrors: ");
- if (sig->errors & GMIME_SIGNATURE_ERROR_EXPSIG)
- fputs ("Expired, ", stdout);
- if (sig->errors & GMIME_SIGNATURE_ERROR_NO_PUBKEY)
- fputs ("No Pub Key, ", stdout);
- if (sig->errors & GMIME_SIGNATURE_ERROR_EXPKEYSIG)
- fputs ("Key Expired, ", stdout);
- if (sig->errors & GMIME_SIGNATURE_ERROR_REVKEYSIG)
- fputs ("Key Revoked", stdout);
- fputc ('\n', stdout);
- } else {
- fprintf (stdout, "\tNo errors for this signer\n");
- }
+ fprintf (stdout, "\tErrors: ");
+ if (sig->status & GMIME_SIGNATURE_STATUS_SIG_EXPIRED)
+ fputs ("Expired, ", stdout);
+ if (sig->status & GMIME_SIGNATURE_STATUS_KEY_MISSING)
+ fputs ("No Pub Key, ", stdout);
+ if (sig->status & GMIME_SIGNATURE_STATUS_KEY_EXPIRED)
+ fputs ("Key Expired, ", stdout);
+ if (sig->status & GMIME_SIGNATURE_STATUS_KEY_REVOKED)
+ fputs ("Key Revoked", stdout);
+ fputc ('\n', stdout);
if (i + 1 < count)
fputc ('\n', stdout);
@@ -277,6 +263,7 @@ test_multipart_signed (GMimeCryptoContext *ctx)
static void
test_multipart_encrypted (GMimeCryptoContext *ctx, gboolean sign)
{
+ GMimeSignatureStatus status;
GMimeStream *cleartext, *stream;
GMimeMultipartEncrypted *mpe;
GMimeDecryptResult *result;
@@ -384,7 +371,9 @@ test_multipart_encrypted (GMimeCryptoContext *ctx, gboolean sign)
v(print_verify_results (result->signatures));
if (sign) {
- if (!result->signatures || get_sig_status (result->signatures) != GMIME_SIGNATURE_STATUS_GOOD)
+ status = get_sig_status (result->signatures);
+
+ if ((status & GMIME_SIGNATURE_STATUS_RED) != 0)
ex = exception_new ("signature status expected to be GOOD");
} else {
if (result->signatures)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
