Checks the detached OpenPGP signature of the file given by FILENAME. The name of the signature file is derived from FILENAME by appending ".asc".
If a signature file exists and it contains at least one fully valid signature, the function returns 0. If all of the signatures are not valid or were made by an unknown or untrusted key, the function returns 1. If an error occurs or the file does not have a corresponding detached signature the function returns -1.
100 int retcode = -1, sig_count = 0;
101 char *sigfilename = NULL;
103 gchar *scontent = NULL;
104 gchar *offset = NULL;
105 gchar *endpos = NULL;
106 gchar *path = g_build_filename (OPENVAS_GPG_BASE_DIR,
"gnupg", NULL);
109 gpgme_ctx_t ctx = gvm_init_gpgme_ctx_from_dir (path);
110 gpgme_data_t sig = NULL, text = NULL;
115 nasl_trace (NULL,
"gpgme context could not be initialized.\n");
120 sigfilename = g_malloc0 (strlen (filename) + 4 + 1);
121 strcpy (sigfilename, filename);
122 strcat (sigfilename,
".asc");
123 nasl_trace (NULL,
"nasl_verify_signature: loading signature file '%s'\n",
126 success = g_file_get_contents (sigfilename, &scontent, NULL, NULL);
134 offset = g_strstr_len (scontent, strlen (scontent),
"-----B");
137 nasl_trace (NULL,
"nasl_verify_signature: No signature in '%s'\n",
141 endpos = g_strstr_len (offset, -1,
"-----E");
143 siglen = strlen (offset) - strlen (endpos) + 17;
146 nasl_trace (NULL,
"nasl_verify_signature: No signature in '%s'\n",
156 err = gpgme_data_new_from_mem (&text, fcontent, flen, 1);
164 err = gpgme_data_new_from_mem (&sig, offset, siglen, 1);
166 nasl_trace (NULL,
"nasl_verify_signature: %s: %s\n", sigfilename,
167 gpgme_strerror (err));
170 err = gpgme_op_verify (ctx, sig, text, NULL);
172 "nasl_verify_signature: gpgme_op_verify "
189 offset = g_strstr_len (offset + 1, strlen (offset),
"-----B");
192 if ((endpos = g_strstr_len (offset, strlen (offset),
"-----E")))
193 siglen = (strlen (offset) - strlen (endpos) + 17);
196 nasl_trace (NULL,
"nasl_verify_signature: No signature in '%s'\n",
202 gpgme_data_release (sig);
204 gpgme_data_release (text);
212 gpgme_data_release (sig);
214 gpgme_data_release (text);
217 g_free (sigfilename);