NeoMutt  2022-04-29-145-g9b6a0e
Teaching an old dog new tricks
 		DOXYGEN
Functions
verify_one()
Crypto API

Check a signed MIME part against a signature. More...

+ Collaboration diagram for verify_one():

Functions

int pgp_gpgme_verify_one (struct Body *sigbdy, struct State *s, const char *tempfile)
 Implements CryptModuleSpecs::verify_one() -. More...
 
int smime_gpgme_verify_one (struct Body *sigbdy, struct State *s, const char *tempfile)
 Implements CryptModuleSpecs::verify_one() -. More...
 
int pgp_class_verify_one (struct Body *sigbdy, struct State *s, const char *tempfile)
 Implements CryptModuleSpecs::verify_one() -. More...
 
int smime_class_verify_one (struct Body *sigbdy, struct State *s, const char *tempfile)
 Implements CryptModuleSpecs::verify_one() -. More...
 

Detailed Description

Check a signed MIME part against a signature.

Parameters
sigbdyBody of the signed mail
sState of text being processed
tempfFile containing the key
Return values
0Success
-1Error

Function Documentation

◆ pgp_gpgme_verify_one()

int pgp_gpgme_verify_one ( struct Body sigbdy,
struct State s,
const char *  tempfile 
)

Implements CryptModuleSpecs::verify_one() -.

Definition at line 2027 of file crypt_gpgme.c.

2028 {
2029  return verify_one(sigbdy, s, tempfile, false);
2030 }
verify_one
static int verify_one(struct Body *sigbdy, struct State *s, const char *tempfile, bool is_smime)
Do the actual verification step.
Definition: crypt_gpgme.c:1902
+ Here is the call graph for this function:

◆ smime_gpgme_verify_one()

int smime_gpgme_verify_one ( struct Body sigbdy,
struct State s,
const char *  tempfile 
)

Implements CryptModuleSpecs::verify_one() -.

Definition at line 2035 of file crypt_gpgme.c.

2036 {
2037  return verify_one(sigbdy, s, tempfile, true);
2038 }
+ Here is the call graph for this function:

◆ pgp_class_verify_one()

int pgp_class_verify_one ( struct Body sigbdy,
struct State s,
const char *  tempfile 
)

Implements CryptModuleSpecs::verify_one() -.

Definition at line 880 of file pgp.c.

881 {
882  FILE *fp_pgp_out = NULL;
883  pid_t pid;
884  int badsig = -1;
885  struct Buffer *sigfile = mutt_buffer_pool_get();
886 
887  mutt_buffer_printf(sigfile, "%s.asc", tempfile);
888 
889  FILE *fp_sig = mutt_file_fopen(mutt_buffer_string(sigfile), "w");
890  if (!fp_sig)
891  {
892  mutt_perror(mutt_buffer_string(sigfile));
893  goto cleanup;
894  }
895 
896  if (!mutt_file_seek(s->fp_in, sigbdy->offset, SEEK_SET))
897  {
898  mutt_file_fclose(&fp_sig);
899  goto cleanup;
900  }
901  mutt_file_copy_bytes(s->fp_in, fp_sig, sigbdy->length);
902  mutt_file_fclose(&fp_sig);
903 
904  FILE *fp_pgp_err = mutt_file_mkstemp();
905  if (!fp_pgp_err)
906  {
907  mutt_perror(_("Can't create temporary file"));
908  unlink(mutt_buffer_string(sigfile));
909  goto cleanup;
910  }
911 
912  crypt_current_time(s, "PGP");
913 
914  pid = pgp_invoke_verify(NULL, &fp_pgp_out, NULL, -1, -1, fileno(fp_pgp_err),
915  tempfile, mutt_buffer_string(sigfile));
916  if (pid != -1)
917  {
918  if (pgp_copy_checksig(fp_pgp_out, s->fp_out) >= 0)
919  badsig = 0;
920 
921  mutt_file_fclose(&fp_pgp_out);
922  fflush(fp_pgp_err);
923  rewind(fp_pgp_err);
924 
925  if (pgp_copy_checksig(fp_pgp_err, s->fp_out) >= 0)
926  badsig = 0;
927 
928  const int rv = filter_wait(pid);
929  if (rv)
930  badsig = -1;
931 
932  mutt_debug(LL_DEBUG1, "filter_wait returned %d\n", rv);
933  }
934 
935  mutt_file_fclose(&fp_pgp_err);
936 
937  state_attach_puts(s, _("[-- End of PGP output --]\n\n"));
938 
939  mutt_file_unlink(mutt_buffer_string(sigfile));
940 
941 cleanup:
942  mutt_buffer_pool_release(&sigfile);
943 
944  mutt_debug(LL_DEBUG1, "returning %d\n", badsig);
945  return badsig;
946 }
mutt_buffer_printf
int mutt_buffer_printf(struct Buffer *buf, const char *fmt,...)
Format a string overwriting a Buffer.
Definition: buffer.c:158
mutt_buffer_string
static const char * mutt_buffer_string(const struct Buffer *buf)
Convert a buffer to a const char * "string".
Definition: buffer.h:77
crypt_current_time
void crypt_current_time(struct State *s, const char *app_name)
Print the current time.
Definition: crypt.c:70
mutt_file_copy_bytes
int mutt_file_copy_bytes(FILE *fp_in, FILE *fp_out, size_t size)
Copy some content from one file to another.
Definition: file.c:230
mutt_file_fclose
int mutt_file_fclose(FILE **fp)
Close a FILE handle (and NULL the pointer)
Definition: file.c:152
mutt_file_seek
bool mutt_file_seek(FILE *fp, LOFF_T offset, int whence)
Wrapper for fseeko with error handling.
Definition: file.c:690
mutt_file_fopen
FILE * mutt_file_fopen(const char *path, const char *mode)
Call fopen() safely.
Definition: file.c:618
mutt_file_unlink
void mutt_file_unlink(const char *s)
Delete a file, carefully.
Definition: file.c:194
mutt_file_mkstemp
#define mutt_file_mkstemp()
Definition: file.h:112
filter_wait
int filter_wait(pid_t pid)
Wait for the exit of a process and return its status.
Definition: filter.c:217
mutt_debug
#define mutt_debug(LEVEL,...)
Definition: logging.h:84
mutt_perror
#define mutt_perror(...)
Definition: logging.h:88
LL_DEBUG1
@ LL_DEBUG1
Log at debug level 1.
Definition: logging.h:40
_
#define _(a)
Definition: message.h:28
state_attach_puts
void state_attach_puts(struct State *s, const char *t)
Write a string to the state.
Definition: state.c:100
pgp_copy_checksig
static int pgp_copy_checksig(FILE *fp_in, FILE *fp_out)
Copy PGP output and look for signs of a good signature.
Definition: pgp.c:251
pgp_invoke_verify
pid_t pgp_invoke_verify(FILE **fp_pgp_in, FILE **fp_pgp_out, FILE **fp_pgp_err, int fd_pgp_in, int fd_pgp_out, int fd_pgp_err, const char *fname, const char *sig_fname)
Use PGP to verify a message.
Definition: pgpinvoke.c:278
mutt_buffer_pool_release
void mutt_buffer_pool_release(struct Buffer **pbuf)
Free a Buffer from the pool.
Definition: pool.c:112
mutt_buffer_pool_get
struct Buffer * mutt_buffer_pool_get(void)
Get a Buffer from the pool.
Definition: pool.c:101
Body::offset
LOFF_T offset
offset where the actual data begins
Definition: body.h:52
Body::length
LOFF_T length
length (in bytes) of attachment
Definition: body.h:53
Buffer
String manipulation buffer.
Definition: buffer.h:34
State::fp_out
FILE * fp_out
File to write to.
Definition: state.h:48
State::fp_in
FILE * fp_in
File to read from.
Definition: state.h:47
+ Here is the call graph for this function:

◆ smime_class_verify_one()

int smime_class_verify_one ( struct Body sigbdy,
struct State s,
const char *  tempfile 
)

Implements CryptModuleSpecs::verify_one() -.

Definition at line 1728 of file smime.c.

1729 {
1730  FILE *fp = NULL, *fp_smime_out = NULL, *fp_smime_err = NULL;
1731  pid_t pid;
1732  int badsig = -1;
1733 
1734  LOFF_T tmpoffset = 0;
1735  size_t tmplength = 0;
1736  int orig_type = sigbdy->type;
1737 
1738  struct Buffer *signedfile = mutt_buffer_pool_get();
1739 
1740  mutt_buffer_printf(signedfile, "%s.sig", tempfile);
1741 
1742  /* decode to a tempfile, saving the original destination */
1743  fp = s->fp_out;
1744  s->fp_out = mutt_file_fopen(mutt_buffer_string(signedfile), "w");
1745  if (!s->fp_out)
1746  {
1747  mutt_perror(mutt_buffer_string(signedfile));
1748  goto cleanup;
1749  }
1750  /* decoding the attachment changes the size and offset, so save a copy
1751  * of the "real" values now, and restore them after processing */
1752  tmplength = sigbdy->length;
1753  tmpoffset = sigbdy->offset;
1754 
1755  /* if we are decoding binary bodies, we don't want to prefix each
1756  * line with the prefix or else the data will get corrupted. */
1757  char *save_prefix = s->prefix;
1758  s->prefix = NULL;
1759 
1760  mutt_decode_attachment(sigbdy, s);
1761 
1762  sigbdy->length = ftello(s->fp_out);
1763  sigbdy->offset = 0;
1764  mutt_file_fclose(&s->fp_out);
1765 
1766  /* restore final destination and substitute the tempfile for input */
1767  s->fp_out = fp;
1768  fp = s->fp_in;
1769  s->fp_in = fopen(mutt_buffer_string(signedfile), "r");
1770 
1771  /* restore the prefix */
1772  s->prefix = save_prefix;
1773 
1774  sigbdy->type = orig_type;
1775 
1776  fp_smime_err = mutt_file_mkstemp();
1777  if (!fp_smime_err)
1778  {
1779  mutt_perror(_("Can't create temporary file"));
1780  goto cleanup;
1781  }
1782 
1783  crypt_current_time(s, "OpenSSL");
1784 
1785  pid = smime_invoke_verify(NULL, &fp_smime_out, NULL, -1, -1, fileno(fp_smime_err),
1786  tempfile, mutt_buffer_string(signedfile), 0);
1787  if (pid != -1)
1788  {
1789  fflush(fp_smime_out);
1790  mutt_file_fclose(&fp_smime_out);
1791 
1792  if (filter_wait(pid))
1793  badsig = -1;
1794  else
1795  {
1796  char *line = NULL;
1797  size_t linelen;
1798 
1799  fflush(fp_smime_err);
1800  rewind(fp_smime_err);
1801 
1802  line = mutt_file_read_line(line, &linelen, fp_smime_err, NULL, MUTT_RL_NO_FLAGS);
1803  if (linelen && mutt_istr_equal(line, "verification successful"))
1804  badsig = 0;
1805 
1806  FREE(&line);
1807  }
1808  }
1809 
1810  fflush(fp_smime_err);
1811  rewind(fp_smime_err);
1812  mutt_file_copy_stream(fp_smime_err, s->fp_out);
1813  mutt_file_fclose(&fp_smime_err);
1814 
1815  state_attach_puts(s, _("[-- End of OpenSSL output --]\n\n"));
1816 
1817  mutt_file_unlink(mutt_buffer_string(signedfile));
1818 
1819  sigbdy->length = tmplength;
1820  sigbdy->offset = tmpoffset;
1821 
1822  /* restore the original source stream */
1823  mutt_file_fclose(&s->fp_in);
1824  s->fp_in = fp;
1825 
1826 cleanup:
1827  mutt_buffer_pool_release(&signedfile);
1828  return badsig;
1829 }
mutt_file_copy_stream
int mutt_file_copy_stream(FILE *fp_in, FILE *fp_out)
Copy the contents of one file into another.
Definition: file.c:260
mutt_file_read_line
char * mutt_file_read_line(char *line, size_t *size, FILE *fp, int *line_num, ReadLineFlags flags)
Read a line from a file.
Definition: file.c:720
MUTT_RL_NO_FLAGS
#define MUTT_RL_NO_FLAGS
No flags are set.
Definition: file.h:38
mutt_decode_attachment
void mutt_decode_attachment(struct Body *b, struct State *s)
Decode an email's attachment.
Definition: handler.c:1867
FREE
#define FREE(x)
Definition: memory.h:43
mutt_istr_equal
bool mutt_istr_equal(const char *a, const char *b)
Compare two strings, ignoring case.
Definition: string.c:796
smime_invoke_verify
static pid_t smime_invoke_verify(FILE **fp_smime_in, FILE **fp_smime_out, FILE **fp_smime_err, int fp_smime_infd, int fp_smime_outfd, int fp_smime_errfd, const char *fname, const char *sig_fname, int opaque)
Use SMIME to verify a file.
Definition: smime.c:1687
Body::type
unsigned int type
content-type primary type, ContentType
Definition: body.h:40
State::prefix
char * prefix
String to add to the beginning of each output line.
Definition: state.h:49
+ Here is the call graph for this function: