Checks the detached OpenPGP signature of the file given by FILENAME. The name of the signature file is derived from FILENAME by appending ".asc".
If a signature file exists and it contains at least one fully valid signature, the function returns 0. If all of the signatures are not valid or were made by an unknown or untrusted key, the function returns 1. If an error occurs or the file does not have a corresponding detached signature the function returns -1.
120 int retcode = -1, sig_count = 0;
121 char *sigfilename = NULL;
122 gsize siglen = 0, flen = 0;
123 gchar * scontent = NULL;
124 gchar * offset = NULL;
125 gchar * endpos = NULL;
126 gchar * fcontent = NULL;
130 gpgme_data_t sig = NULL, text = NULL;
134 nasl_trace (NULL,
"gpgme context could not be initialized.\n");
139 nasl_trace (NULL,
"nasl_verify_signature: loading scriptfile '%s'\n",
141 if (!g_file_get_contents (filename, &fcontent, &flen, NULL))
145 sigfilename = g_malloc0 (strlen (filename) + 4 + 1);
146 strcpy (sigfilename, filename);
147 strcat (sigfilename,
".asc");
148 nasl_trace (NULL,
"nasl_verify_signature: loading signature file '%s'\n",
150 success = g_file_get_contents (sigfilename, &scontent, NULL, NULL);
158 offset = g_strstr_len (scontent, strlen(scontent),
"-----B");
161 nasl_trace (NULL,
"nasl_verify_signature: No signature in '%s'\n",
165 endpos = g_strstr_len (offset,-1,
"-----E");
167 siglen = strlen(offset) - strlen(endpos) + 17 ;
170 nasl_trace (NULL,
"nasl_verify_signature: No signature in '%s'\n",
180 err = gpgme_data_new_from_mem (&text, fcontent, flen, 1);
183 print_gpgme_error (
"gpgme_data_new_from_file",
err);
188 err = gpgme_data_new_from_mem (&sig, offset, siglen, 1);
190 nasl_trace (NULL,
"nasl_verify_signature: %s: %s\n",
191 sigfilename, gpgme_strerror (
err));
194 err = gpgme_op_verify (ctx, sig, text, NULL);
195 nasl_trace (NULL,
"nasl_verify_signature: gpgme_op_verify " 198 print_gpgme_error (
"gpgme_op_verify",
err);
201 if (examine_signatures (gpgme_op_verify_result (ctx), sig_count))
211 offset = g_strstr_len (offset + 1, strlen(offset),
"-----B");
214 if ( (endpos = g_strstr_len (offset, strlen (offset),
"-----E")) )
215 siglen = (strlen(offset) - strlen(endpos) + 17);
218 nasl_trace (NULL,
"nasl_verify_signature: No signature in '%s'\n",
224 gpgme_data_release (sig);
226 gpgme_data_release (text);
235 gpgme_data_release (sig);
237 gpgme_data_release (text);
240 g_free (sigfilename);
gpgme_ctx_t openvas_init_gpgme_sysconf_ctx(void)
Returns a new gpgme context using the sycconf directory.
void nasl_trace(lex_ctxt *lexic, char *msg,...)
Prints debug message in printf fashion to nasl_trace_fp if it exists.