bool RSAVerifyFile(const char *pubFilename, const char *messageFilename, const char *signatureFilename)
{
FileSource pubFile(pubFilename, true);
RSASSA_PKCS1v15_SHA_Verifier pub(pubFile);
FileSource signatureFile(signatureFilename, true);
if (signatureFile.MaxRetrievable() != pub.SignatureLength())
return false;
SecByteBlock signature(pub.SignatureLength());
signatureFile.Get(signature, signature.size());
VerifierFilter *verifierFilter = new VerifierFilter(pub);
verifierFilter->Put(signature, pub.SignatureLength());
FileSource f(messageFilename, true, verifierFilter);
return verifierFilter->GetLastResult();
}
int main( int argc, char* argv[] )
{
if( argv[ 1 ] == std::string( "--sign" ) )
{
boost::asio::io_service ioService;
const auto host = "127.0.0.1";
const auto port = argv[ 2 ];
Client< ReaderSign, WriterSign >( ioService, host, port, argc, argv );
}
else if( argv[ 1 ] == std::string( "--key" ) )
{
boost::asio::io_service ioService;
const auto host = "127.0.0.1";
const auto port = argv[ 2 ];
Client< ReaderKey, WriterKey >( ioService, host, port );
}
else if( argv[ 1 ] == std::string( "--verify" ) )
{
char sha1[ 1024 ];
{
SHA_CTX ctx;
SHA1_Init( & ctx );
char buffer[ 4 * 1024 ];
std::ifstream fileIn( argv[ 2 ], std::ios_base::in | std::ios_base::binary );
while( fileIn.read( & buffer[ 0 ], sizeof( buffer ) ) )
{
SHA1_Update( & ctx, & buffer[ 0 ], sizeof( buffer ) );
}
SHA1_Update( & ctx, & buffer[ 0 ], fileIn.gcount() );
SHA1_Final( (unsigned char*)( & sha1[ 0 ] ), & ctx );
}
RSA * rsa = nullptr;
{
std::ifstream keyFile( argv[ 3 ], std::ios_base::in | std::ios_base::binary );
char key[ 1024 ];
keyFile.read( key, 1024 );
unsigned keySize = keyFile.gcount();
unsigned char const * buffer = (unsigned char const*)( & key[ 0 ] );
rsa = d2i_RSAPublicKey( nullptr, & buffer, keySize );
}
std::ifstream signatureFile( argv[ 4 ], std::ios_base::binary );
char signature[ 1024 ];
signatureFile.read( signature, 1024 );
unsigned signatureSize = signatureFile.gcount();
const auto verifyResult = RSA_verify(
NID_sha1,
(unsigned char const*)( & sha1 ),
SHA_DIGEST_LENGTH,
(unsigned char const*) signature,
signatureSize,
rsa
);
if( verifyResult == 1 )
{
std::cout << "OK" << std::endl;
}
else
{
std::cout << "Failed" << std::endl;
}
return ! verifyResult;
}
else
{
std::cout
<< "Usage: " << argv[ 0 ] << '\n'
<< " --sign <port> <filename>\n"
<< " --key <port>\n"
<< " --verify <messagefile> <keyfile> <signaturefile>\n";
return 1;
}
return 0;
}
void IdentityDialog::slotOk() {
const QString email = mEmailEdit->text().stripWhiteSpace();
// Validate email addresses
if ( !isValidSimpleEmailAddress( email )) {
QString errorMsg( simpleEmailAddressErrorMsg());
KMessageBox::sorry( this, errorMsg, i18n("Invalid Email Address") );
return;
}
if ( !validateAddresses( mReplyToEdit->text().stripWhiteSpace() ) ) {
return;
}
if ( !validateAddresses( mBccEdit->text().stripWhiteSpace() ) ) {
return;
}
const std::vector<GpgME::Key> & pgpSigningKeys = mPGPSigningKeyRequester->keys();
const std::vector<GpgME::Key> & pgpEncryptionKeys = mPGPEncryptionKeyRequester->keys();
const std::vector<GpgME::Key> & smimeSigningKeys = mSMIMESigningKeyRequester->keys();
const std::vector<GpgME::Key> & smimeEncryptionKeys = mSMIMEEncryptionKeyRequester->keys();
QString msg;
bool err = false;
if ( std::find_if( pgpSigningKeys.begin(), pgpSigningKeys.end(),
DoesntMatchEMailAddress( email ) ) != pgpSigningKeys.end() ) {
msg = i18n("One of the configured OpenPGP signing keys does not contain "
"any user ID with the configured email address for this "
"identity (%1).\n"
"This might result in warning messages on the receiving side "
"when trying to verify signatures made with this configuration.");
err = true;
}
else if ( std::find_if( pgpEncryptionKeys.begin(), pgpEncryptionKeys.end(),
DoesntMatchEMailAddress( email ) ) != pgpEncryptionKeys.end() ) {
msg = i18n("One of the configured OpenPGP encryption keys does not contain "
"any user ID with the configured email address for this "
"identity (%1).");
err = true;
}
else if ( std::find_if( smimeSigningKeys.begin(), smimeSigningKeys.end(),
DoesntMatchEMailAddress( email ) ) != smimeSigningKeys.end() ) {
msg = i18n("One of the configured S/MIME signing certificates does not contain "
"the configured email address for this "
"identity (%1).\n"
"This might result in warning messages on the receiving side "
"when trying to verify signatures made with this configuration.");
err = true;
}
else if ( std::find_if( smimeEncryptionKeys.begin(), smimeEncryptionKeys.end(),
DoesntMatchEMailAddress( email ) ) != smimeEncryptionKeys.end() ) {
msg = i18n("One of the configured S/MIME encryption certificates does not contain "
"the configured email address for this "
"identity (%1).");
err = true;
}
if ( err )
if ( KMessageBox::warningContinueCancel( this, msg.arg( email ),
i18n("Email Address Not Found in Key/Certificates"),
KStdGuiItem::cont(), "warn_email_not_in_certificate" )
!= KMessageBox::Continue)
return;
if ( mSignatureConfigurator->isSignatureEnabled() &&
mSignatureConfigurator->signatureType()==Signature::FromFile ) {
KURL url( mSignatureConfigurator->fileURL() );
KFileItem signatureFile( KFileItem::Unknown, KFileItem::Unknown, url );
if ( !signatureFile.isFile() || !signatureFile.isReadable() || !signatureFile.isLocalFile() ) {
KMessageBox::error( this, i18n( "The signature file is not valid" ) );
return;
}
}
return KDialogBase::slotOk();
}