/* get a human-readable report about the signature */
static char*
get_verdict_report (GMimeSignature *msig)
{
time_t t;
const char *status, *created, *expires;
gchar *certdata, *report;
switch (g_mime_signature_get_status (msig)) {
case GMIME_SIGNATURE_STATUS_GOOD: status = "good"; break;
case GMIME_SIGNATURE_STATUS_ERROR: status = "error"; break;
case GMIME_SIGNATURE_STATUS_BAD: status = "bad"; break;
default: g_return_val_if_reached (NULL);
}
t = g_mime_signature_get_created (msig);
created = (t == 0 || t == (time_t)-1) ? "?" : mu_date_str_s ("%x", t);
t = g_mime_signature_get_expires (msig);
expires = (t == 0 || t == (time_t)-1) ? "?" : mu_date_str_s ("%x", t);
certdata = get_cert_data (g_mime_signature_get_certificate (msig));
report = g_strdup_printf ("%s; created:%s, expires:%s, %s",
status, created, expires,
certdata ? certdata : "?");
g_free (certdata);
return report;
}
static MuMsgPartSigInfo*
sig_info_new (GMimeSignature *sig)
{
MuMsgPartSigInfo *siginfo;
MuMsgPartSigStatus status;
switch (g_mime_signature_get_status (sig)) {
case GMIME_SIGNATURE_STATUS_GOOD:
status = MU_MSG_PART_SIG_STATUS_GOOD; break;
case GMIME_SIGNATURE_STATUS_BAD:
status = MU_MSG_PART_SIG_STATUS_BAD; break;
default:
status = MU_MSG_PART_SIG_STATUS_ERROR; break;
}
if (status != MU_MSG_PART_SIG_STATUS_GOOD) {
GMimeSignatureError sigerr;
sigerr = g_mime_signature_get_errors (sig);
if (sigerr & GMIME_SIGNATURE_ERROR_EXPSIG)
status |= MU_MSG_PART_SIG_STATUS_EXPSIG;
if (sigerr & GMIME_SIGNATURE_ERROR_NO_PUBKEY)
status |= MU_MSG_PART_SIG_STATUS_NO_PUBKEY;
if (sigerr & GMIME_SIGNATURE_ERROR_EXPKEYSIG)
status |= MU_MSG_PART_SIG_STATUS_EXPKEYSIG;
if (sigerr & GMIME_SIGNATURE_ERROR_REVKEYSIG)
status |= MU_MSG_PART_SIG_STATUS_REVKEYSIG;
if (sigerr & GMIME_SIGNATURE_ERROR_UNSUPP_ALGO)
status |= MU_MSG_PART_SIG_STATUS_UNSUPP_ALGO;
}
siginfo = g_new0 (MuMsgPartSigInfo, 1);
siginfo->status = status;
siginfo->created = g_mime_signature_get_created (sig);
siginfo->expires = g_mime_signature_get_expires (sig);
harvest_certificate_info (sig, siginfo);
return siginfo;
}
static void
format_part_sigstatus_json (mime_node_t *node)
{
GMimeSignatureList *siglist = node->sig_list;
printf ("[");
if (!siglist) {
printf ("]");
return;
}
void *ctx_quote = talloc_new (NULL);
int i;
for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
if (i > 0)
printf (", ");
printf ("{");
/* status */
GMimeSignatureStatus status = g_mime_signature_get_status (signature);
printf ("\"status\": %s",
json_quote_str (ctx_quote,
signature_status_to_string (status)));
GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
if (status == GMIME_SIGNATURE_STATUS_GOOD) {
if (certificate)
printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
/* these dates are seconds since the epoch; should we
* provide a more human-readable format string? */
time_t created = g_mime_signature_get_created (signature);
if (created != -1)
printf (", \"created\": %d", (int) created);
time_t expires = g_mime_signature_get_expires (signature);
if (expires > 0)
printf (", \"expires\": %d", (int) expires);
/* output user id only if validity is FULL or ULTIMATE. */
/* note that gmime is using the term "trust" here, which
* is WRONG. It's actually user id "validity". */
if (certificate) {
const char *name = g_mime_certificate_get_name (certificate);
GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
}
} else if (certificate) {
const char *key_id = g_mime_certificate_get_key_id (certificate);
if (key_id)
printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
}
GMimeSignatureError errors = g_mime_signature_get_errors (signature);
if (errors != GMIME_SIGNATURE_ERROR_NONE) {
printf (", \"errors\": %d", errors);
}
printf ("}");
}
printf ("]");
talloc_free (ctx_quote);
}
/* Signature status sprinter (GMime 2.6) */
static void
format_part_sigstatus_sprinter (sprinter_t *sp, mime_node_t *node)
{
/* Any changes to the JSON or S-Expression format should be
* reflected in the file devel/schemata. */
GMimeSignatureList *siglist = node->sig_list;
sp->begin_list (sp);
if (!siglist) {
sp->end (sp);
return;
}
int i;
for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
sp->begin_map (sp);
/* status */
GMimeSignatureStatus status = g_mime_signature_get_status (signature);
sp->map_key (sp, "status");
sp->string (sp, signature_status_to_string (status));
GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
if (status == GMIME_SIGNATURE_STATUS_GOOD) {
if (certificate) {
sp->map_key (sp, "fingerprint");
sp->string (sp, g_mime_certificate_get_fingerprint (certificate));
}
/* these dates are seconds since the epoch; should we
* provide a more human-readable format string? */
time_t created = g_mime_signature_get_created (signature);
if (created != -1) {
sp->map_key (sp, "created");
sp->integer (sp, created);
}
time_t expires = g_mime_signature_get_expires (signature);
if (expires > 0) {
sp->map_key (sp, "expires");
sp->integer (sp, expires);
}
/* output user id only if validity is FULL or ULTIMATE. */
/* note that gmime is using the term "trust" here, which
* is WRONG. It's actually user id "validity". */
if (certificate) {
const char *name = g_mime_certificate_get_name (certificate);
GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE)) {
sp->map_key (sp, "userid");
sp->string (sp, name);
}
}
} else if (certificate) {
const char *key_id = g_mime_certificate_get_key_id (certificate);
if (key_id) {
sp->map_key (sp, "keyid");
sp->string (sp, key_id);
}
}
GMimeSignatureError errors = g_mime_signature_get_errors (signature);
if (errors != GMIME_SIGNATURE_ERROR_NONE) {
sp->map_key (sp, "errors");
sp->integer (sp, errors);
}
sp->end (sp);
}
sp->end (sp);
}
