1 /* gpgv.c - The GnuPG signature verify utility
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2005,
3 * 2006, 2008 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #ifdef HAVE_DOSISH_SYSTEM
29 #include <fcntl.h> /* for setmode() */
31 #ifdef HAVE_LIBREADLINE
32 #define GNUPG_LIBREADLINE_H_INCLUDED
33 #include <readline/readline.h>
36 #define INCLUDED_BY_MAIN_MODULE 1
51 #include "call-agent.h"
54 enum cmd_and_opt_values
{
68 static ARGPARSE_OPTS opts
[] = {
69 ARGPARSE_group (300, N_("@\nOptions:\n ")),
71 ARGPARSE_s_n (oVerbose
, "verbose", N_("verbose")),
72 ARGPARSE_s_n (oQuiet
, "quiet", N_("be somewhat more quiet")),
73 ARGPARSE_s_s (oKeyring
, "keyring",
74 N_("|FILE|take the keys from the keyring FILE")),
75 ARGPARSE_s_n (oIgnoreTimeConflict
, "ignore-time-conflict",
76 N_("make timestamp conflicts only a warning")),
77 ARGPARSE_s_i (oStatusFD
, "status-fd",
78 N_("|FD|write status info to this FD")),
79 ARGPARSE_s_i (oLoggerFD
, "logger-fd", "@"),
80 ARGPARSE_s_s (oHomedir
, "homedir", "@"),
87 int g10_errors_seen
= 0;
91 make_libversion (const char *libname
, const char *(*getfnc
)(const char*))
97 result
= xmalloc (strlen (libname
) + 1 + strlen (s
) + 1);
98 strcpy (stpcpy (stpcpy (result
, libname
), " "), s
);
103 my_strusage( int level
)
105 static char *ver_gcry
;
110 case 11: p
= "gpgv (GnuPG)";
112 case 13: p
= VERSION
; break;
113 case 17: p
= PRINTABLE_OS_NAME
; break;
114 case 19: p
= _("Please report bugs to <@EMAIL@>.\n"); break;
117 case 40: p
= _("Usage: gpgv [options] [files] (-h for help)");
119 case 41: p
= _("Syntax: gpgv [options] [files]\n"
120 "Check signatures against known trusted keys\n");
125 ver_gcry
= make_libversion ("libgcrypt", gcry_check_version
);
138 main( int argc
, char **argv
)
143 strlist_t nrings
=NULL
;
144 unsigned configlineno
;
146 set_strusage (my_strusage
);
147 log_set_prefix ("gpgv", 1);
149 /* Make sure that our subsystems are ready. */
151 init_common_subsystems ();
153 gnupg_init_signals (0, NULL
);
155 opt
.command_fd
= -1; /* no command fd */
156 opt
.pgp2_workarounds
= 1;
157 opt
.keyserver_options
.options
|=KEYSERVER_AUTO_KEY_RETRIEVE
;
158 opt
.trust_model
= TM_ALWAYS
;
161 opt
.homedir
= default_homedir ();
169 pargs
.flags
= 1; /* do not remove the args */
170 while (optfile_parse( NULL
, NULL
, &configlineno
, &pargs
, opts
))
174 case oQuiet
: opt
.quiet
= 1; break;
178 gcry_control (GCRYCTL_SET_VERBOSITY
, (int)opt
.verbose
);
180 case oKeyring
: append_to_strlist( &nrings
, pargs
.r
.ret_str
); break;
181 case oStatusFD
: set_status_fd( pargs
.r
.ret_int
); break;
183 log_set_fd (translate_sys2libc_fd_int (pargs
.r
.ret_int
, 1));
185 case oHomedir
: opt
.homedir
= pargs
.r
.ret_str
; break;
186 case oIgnoreTimeConflict
: opt
.ignore_time_conflict
= 1; break;
187 default : pargs
.err
= ARGPARSE_PRINT_ERROR
; break;
191 if (log_get_errorcount (0))
195 set_packet_list_mode(1);
197 /* Note: We open all keyrings in read-only mode (flag value: 8). */
198 if (!nrings
) /* No keyring given: use default one. */
199 keydb_add_resource ("trustedkeys" EXTSEP_S
"gpg", 8, 0);
200 for (sl
= nrings
; sl
; sl
= sl
->next
)
201 keydb_add_resource (sl
->d
, 8, 0 );
203 FREE_STRLIST (nrings
);
205 if ( (rc
= verify_signatures( argc
, argv
) ))
206 log_error("verify signatures failed: %s\n", g10_errstr(rc
) );
210 return 8; /*NOTREACHED*/
217 rc
= rc
? rc
: log_get_errorcount(0)? 2 : g10_errors_seen
? 1 : 0;
223 * We have to override the trustcheck from pkclist.c becuase
224 * this utility assumes that all keys in the keyring are trustworthy
227 check_signatures_trust( PKT_signature
*sig
)
234 read_trust_options(byte
*trust_model
, ulong
*created
, ulong
*nextcheck
,
235 byte
*marginals
, byte
*completes
, byte
*cert_depth
)
246 * We don't have the trustdb , so we have to provide some stub functions
251 cache_disabled_value(PKT_public_key
*pk
)
258 check_trustdb_stale(void)
263 get_validity_info (PKT_public_key
*pk
, PKT_user_id
*uid
)
271 get_validity (PKT_public_key
*pk
, PKT_user_id
*uid
)
279 trust_value_to_string (unsigned int value
)
286 uid_trust_string_fixed (PKT_public_key
*key
, PKT_user_id
*uid
)
294 get_ownertrust_info (PKT_public_key
*pk
)
301 get_ownertrust (PKT_public_key
*pk
)
304 return TRUST_UNKNOWN
;
309 * Because we only work with trusted keys, it does not make sense to
310 * get them from a keyserver
313 struct keyserver_spec
*
314 keyserver_match (struct keyserver_spec
*spec
)
321 keyserver_import_keyid (u32
*keyid
, void *dummy
)
329 keyserver_import_cert (const char *name
)
336 keyserver_import_pka (const char *name
,unsigned char *fpr
)
344 keyserver_import_name (const char *name
,struct keyserver_spec
*spec
)
352 keyserver_import_ldap (const char *name
)
359 * No encryption here but mainproc links to these functions.
362 get_session_key (PKT_pubkey_enc
*k
, DEK
*dek
)
366 return G10ERR_GENERAL
;
371 get_override_session_key (DEK
*dek
, const char *string
)
375 return G10ERR_GENERAL
;
380 decrypt_data (void *procctx
, PKT_encrypted
*ed
, DEK
*dek
)
385 return G10ERR_GENERAL
;
390 * No interactive commands, so we don't need the helptexts
393 display_online_help (const char *keyword
)
399 * We don't use secret keys, but getkey.c links to this
402 check_secret_key (PKT_secret_key
*sk
, int n
)
406 return G10ERR_GENERAL
;
410 * No secret key, so no passphrase needed
413 passphrase_to_dek (u32
*keyid
, int pubkey_algo
,
414 int cipher_algo
, STRING2KEY
*s2k
, int mode
,
415 const char *tmp
, int *canceled
)
430 passphrase_clear_cache (u32
*keyid
, const char *cacheid
, int algo
)
437 struct keyserver_spec
*
438 parse_preferred_keyserver(PKT_signature
*sig
)
444 struct keyserver_spec
*
445 parse_keyserver_uri (const char *uri
, int require_scheme
,
446 const char *configname
, unsigned int configlineno
)
449 (void)require_scheme
;
456 free_keyserver_spec (struct keyserver_spec
*keyserver
)
461 /* Stubs to avoid linking to photoid.c */
463 show_photos (const struct user_attribute
*attrs
, int count
, PKT_public_key
*pk
)
471 parse_image_header (const struct user_attribute
*attr
, byte
*type
, u32
*len
)
480 image_type_to_string (byte type
, int string
)
487 #ifdef ENABLE_CARD_SUPPORT
489 agent_scd_getattr (const char *name
, struct agent_card_info_s
*info
)
495 #endif /* ENABLE_CARD_SUPPORT */
497 /* We do not do any locking, so use these stubs here */
499 disable_dotlock (void)
504 create_dotlock (const char *file_to_lock
)
511 destroy_dotlock (dotlock_t h
)
517 make_dotlock (dotlock_t h
, long timeout
)
525 release_dotlock (dotlock_t h
)
532 remove_lockfiles (void)