src/pgp_netpgp.c
changeset 188 0a882568ccd3
parent 187 0199040b3395
child 207 b17a74f2acd9
     1.1 --- a/src/pgp_netpgp.c	Mon Apr 13 15:23:33 2015 +0200
     1.2 +++ b/src/pgp_netpgp.c	Mon Apr 13 19:00:53 2015 +0200
     1.3 @@ -12,6 +12,8 @@
     1.4  #include <netpgp/netpgpsdk.h>
     1.5  #include <netpgp/validate.h>
     1.6  
     1.7 +#include <regex.h>
     1.8 +
     1.9  #define PEP_NETPGP_DEBUG
    1.10  
    1.11  PEP_STATUS pgp_init(PEP_SESSION session, bool in_first)
    1.12 @@ -79,6 +81,23 @@
    1.13      // out_last unused here
    1.14  }
    1.15  
    1.16 +/* return 1 if the file contains ascii-armoured text 
    1.17 + * buf MUST be \0 terminated to be checked for armour */
    1.18 +static unsigned
    1.19 +_armoured(const char *buf, size_t size, const char *pattern)
    1.20 +{
    1.21 +    unsigned armoured = 0;
    1.22 +    if(buf[size]=='\0'){
    1.23 +        regex_t r;
    1.24 +        regcomp(&r, pattern, REG_EXTENDED|REG_NEWLINE|REG_NOSUB);
    1.25 +        if (regexec(&r, buf, 0, NULL, 0) == 0) {
    1.26 +            armoured = 1;
    1.27 +        }
    1.28 +        regfree(&r);
    1.29 +    }
    1.30 +    return armoured;
    1.31 +}
    1.32 +
    1.33  // Iterate through netpgp' reported valid signatures 
    1.34  // fill a list of valid figerprints
    1.35  // returns PEP_STATUS_OK if all sig reported valid
    1.36 @@ -86,30 +105,30 @@
    1.37  static PEP_STATUS _validation_results(netpgp_t *netpgp, pgp_validation_t *vresult,
    1.38                                               stringlist_t **_keylist)
    1.39  {
    1.40 -	time_t	now;
    1.41 -	time_t	t;
    1.42 -	char	buf[128];
    1.43 +    time_t    now;
    1.44 +    time_t    t;
    1.45 +    char    buf[128];
    1.46  
    1.47 -	now = time(NULL);
    1.48 -	if (now < vresult->birthtime) {
    1.49 -		// signature is not valid yet
    1.50 +    now = time(NULL);
    1.51 +    if (now < vresult->birthtime) {
    1.52 +        // signature is not valid yet
    1.53  #ifdef PEP_NETPGP_DEBUG
    1.54 -		(void) printf(
    1.55 -			"signature not valid until %.24s\n",
    1.56 -			ctime(&vresult->birthtime));
    1.57 +        (void) printf(
    1.58 +            "signature not valid until %.24s\n",
    1.59 +            ctime(&vresult->birthtime));
    1.60  #endif //PEP_NETPGP_DEBUG
    1.61 -		return PEP_UNENCRYPTED;
    1.62 -	}
    1.63 -	if (vresult->duration != 0 && now > vresult->birthtime + vresult->duration) {
    1.64 -		// signature has expired
    1.65 -		t = vresult->duration + vresult->birthtime;
    1.66 +        return PEP_UNENCRYPTED;
    1.67 +    }
    1.68 +    if (vresult->duration != 0 && now > vresult->birthtime + vresult->duration) {
    1.69 +        // signature has expired
    1.70 +        t = vresult->duration + vresult->birthtime;
    1.71  #ifdef PEP_NETPGP_DEBUG
    1.72 -		(void) printf(
    1.73 -			"signature not valid after %.24s\n",
    1.74 -			ctime(&t));
    1.75 +        (void) printf(
    1.76 +            "signature not valid after %.24s\n",
    1.77 +            ctime(&t));
    1.78  #endif //PEP_NETPGP_DEBUG
    1.79 -		return PEP_UNENCRYPTED;
    1.80 -	}
    1.81 +        return PEP_UNENCRYPTED;
    1.82 +    }
    1.83      if (vresult->validc && vresult->valid_sigs &&
    1.84          !vresult->invalidc && !vresult->unknownc ) {
    1.85          unsigned    n;
    1.86 @@ -130,7 +149,7 @@
    1.87  #ifdef PEP_NETPGP_DEBUG
    1.88              const pgp_key_t *key;
    1.89              pgp_pubkey_t *sigkey;
    1.90 -	        unsigned from = 0;
    1.91 +            unsigned from = 0;
    1.92              key = pgp_getkeybyid(netpgp->io, netpgp->pubring,
    1.93                  (const uint8_t *) vresult->valid_sigs[n].signer_id,
    1.94                  &from, &sigkey);
    1.95 @@ -169,7 +188,7 @@
    1.96                  (const uint8_t *) vresult->invalid_sigs[n].signer_id,
    1.97                  &from, &sigkey);
    1.98              pgp_print_keydata(netpgp->io, netpgp->pubring, key, "invalid signature ", &key->key.pubkey, 0);
    1.99 -	        if (sigkey->duration != 0 && now > sigkey->birthtime + sigkey->duration) {
   1.100 +            if (sigkey->duration != 0 && now > sigkey->birthtime + sigkey->duration) {
   1.101                  printf("EXPIRED !\n");
   1.102              }
   1.103          }
   1.104 @@ -182,6 +201,7 @@
   1.105      return PEP_DECRYPT_WRONG_FORMAT;
   1.106  }
   1.107  
   1.108 +#define ARMOR_HEAD	"^-----BEGIN PGP MESSAGE-----\\s*$"
   1.109  PEP_STATUS pgp_decrypt_and_verify(
   1.110      PEP_SESSION session, const char *ctext, size_t csize,
   1.111      char **ptext, size_t *psize, stringlist_t **keylist
   1.112 @@ -220,7 +240,7 @@
   1.113  
   1.114      mem = pgp_decrypt_and_validate_buf(netpgp->io, vresult, ctext, csize,
   1.115                  netpgp->secring, netpgp->pubring,
   1.116 -                1 /* armoured */,
   1.117 +                _armoured(ctext, csize, ARMOR_HEAD),
   1.118                  0 /* sshkeys */,
   1.119                  NULL, -1, NULL  /* pass fp,attempts,cb */);
   1.120      if (mem == NULL) {
   1.121 @@ -274,6 +294,7 @@
   1.122      return result;
   1.123  }
   1.124  
   1.125 +#define ARMOR_SIG_HEAD	"^-----BEGIN PGP (SIGNATURE|SIGNED MESSAGE)-----\\s*$"
   1.126  PEP_STATUS pgp_verify_text(
   1.127      PEP_SESSION session, const char *text, size_t size,
   1.128      const char *signature, size_t sig_size, stringlist_t **keylist
   1.129 @@ -320,7 +341,7 @@
   1.130  
   1.131      pgp_validate_mem_detached(netpgp->io, vresult, sig,
   1.132                  NULL,/* output */
   1.133 -                1,/* armored */
   1.134 +                _armoured(text, size, ARMOR_SIG_HEAD),
   1.135                  netpgp->pubring,
   1.136                  signedmem);
   1.137