trunk/Src/wptVerifyList.cpp

/* wptVerifyList.cpp - Listview for verifying signatures
 *      Copyright (C) 2001, 2002, 2003, 2005, 2006 Timo Schulz
 *      Copyright (C) 2005 g10 Code GmbH
 *
 * This file is part of WinPT.
 *
 * WinPT is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License 
 * as published by the Free Software Foundation; either version 2 
 * of the License, or (at your option) any later version.
 *  
 * WinPT is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <windows.h>
#include <time.h>

#include "resource.h"
#include "wptTypes.h"
#include "wptGPG.h"
#include "wptCommonCtl.h"
#include "wptKeylist.h"
#include "wptNLS.h"
#include "wptContext.h"
#include "wptErrors.h"
#include "wptW32API.h"
#include "wptVersion.h"

/* Symbolic column IDs */
enum {
    VER_COL_NAME = 0,
    VER_COL_STAT = 1,
    VER_COL_SIGNED = 2,
    VER_COL_TRUST = 3,
    VER_COL_KEYID = 4,
    VER_COL_UID = 5
};


/* Extract the file name part out of the given path in @path.
   Return value: file part or NULL on error. */
static char*
extract_filename (const char *path)
{
    char * fname, *p;
    int n, len = 0;

    p = strrchr (path, '\\');
    if (!p)
        return m_strdup (path);
    n = p - path;
    len = strlen (path) - n;
    fname = new char[len+1];
    if (!fname)
        BUG (NULL);
    memcpy (fname, path+n+1, len);
    fname[len] = '\0';
    return fname;
}


/* Return human printable PKA status.
   If no pka information is available, return NULL. */
char*
get_pka_status (gpgme_signature_t sig)
{
    const char *fmt;
    char *pka_inf;

    if (sig->pka_trust == 0 || !sig->pka_address)
        return NULL;
    fmt = _("PKA: Verified signer's address is '%s'");
    pka_inf = new char[strlen (fmt)+strlen (sig->pka_address)+2];
    if (!pka_inf)
        BUG (NULL);     
    sprintf (pka_inf, fmt, sig->pka_address);
    return pka_inf;
}


/* Set additional signature information according to the
   signature @sig. If no info control is used, just return. */
void
verlist_set_additional_info (verlist_ctrl_t vlv, gpgme_signature_t sig)
{
    int used = 1;

    if (!vlv->infctl)
        return;

    /* if the signature is bad, we just hide the window and return. */
    if (sig->summary & GPGME_SIGSUM_RED) {
        ShowWindow (vlv->infctl, SW_HIDE);
        return;
    }
    /* XXX: if the summary does not contain GPGME_SIGSUM_GREEN, issue a warning. */
    if (sig->validity != GPGME_VALIDITY_MARGINAL &&
        sig->validity != GPGME_VALIDITY_FULL &&
        sig->validity != GPGME_VALIDITY_ULTIMATE &&
        !(sig->summary & GPGME_SIGSUM_KEY_MISSING)) {
        SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
                     _("WARNING: This key is not certified with a trusted signature!\r\n"
                       "                   There is no indication that the signature belongs to the owner.\r\n"));
    }
    else if (sig->exp_timestamp > (DWORD)time (NULL))
        SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
                     _("The signature is expired!"));
    else {
        char *pka_info = get_pka_status (sig);
        if (pka_info != NULL) {
            SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)pka_info);
            free_if_alloc (pka_info);
        }
        else {
            SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)"");
            used = 0;
        }
    }    
    ShowWindow (vlv->infctl, used? SW_SHOW : SW_HIDE);
}


/* Build a verify signature list control. With the parent window
   from @ctrl and the mod given in @fm_mode. @lv contains the
   new control on success.
   Return value: 0 on success. */
void
verlist_build (verlist_ctrl_t *vlv, HWND ctrl, int fm_mode)
{
    struct listview_column_s verlist[] = {
        {0, 120, (char *)_("Name")},
        {1, 140, (char *)_("Status")},
        {2, 120, (char *)_("Signed")},
        {3,  58, (char *)_("Trust") },
        {4,  80, (char *)_("Key ID" )},
        {5, 160, (char *)_("User ID")},
        {6, 0, NULL}
    };
    HICON ico[2];
    struct verlist_ctrl_s *v;
    int j;
    
    v = new verlist_ctrl_s;
    if (!v)
        BUG (0);
    memset (v, 0, sizeof *v);
    listview_new (&v->lv, ctrl);
    for(j=0; verlist[j].fieldname; j++)
        listview_add_column (v->lv, &verlist[j]);
    if (!fm_mode)
        listview_set_column_width (v->lv, 0, 80);
    listview_set_ext_style (v->lv);
    ico[0] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_GOOD);
    ico[1] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_BAD);
    listview_set_image_list (v->lv, 16, 16, ico, 2);
    *vlv = v;
}


void
verlist_set_info_control (verlist_ctrl_t vlv, HWND infctl)
{
    vlv->infctl = infctl;
}


/* Delete the given verify control in @lv. */
void
verlist_delete (verlist_ctrl_t vlv)
{
    if (vlv) {
        listview_release (vlv->lv);
        free_if_alloc (vlv);
    }
}


/* Handy function to extract the real key ID from a signature. */
const char *
sig_get_real_keyid (gpgme_signature_t sig, winpt_key_t key)
{
    const char *keyid;
    
     /* We still need an extra check for RSA:MD5 keys because we
        cannot derrive the keyid directly from the fingerprint. */
    if (strlen (sig->fpr) == 32) {
        if (key->ext != NULL)
            keyid = key->ext->key->subkeys->keyid+8;
        else /* show the fingerprint if the key is not in the keyring. */
            keyid = sig->fpr;
    }
    else
        keyid = get_keyid_from_fpr (sig->fpr);
    return keyid;
}

    
/* Add the given signature in @sig to the verify control @lv.
   Return value: 0 on success. */
int
verlist_add_sig (verlist_ctrl_t vlv, gpgme_signature_t sig)
{
    listview_ctrl_t lv;
    struct winpt_key_s key;    
    const char *attr;
    char keyid[32+1], timebuf[128];
    u32 key_attr;
    int is_bad;
    
    is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
    lv = vlv->lv;
    if (listview_add_item_image (lv, " ", is_bad))
        return WPTERR_GENERAL;
        
    listview_add_sub_item (lv, 0, VER_COL_NAME, _("Clipboard"));

    memset (&key, 0, sizeof (key));
    winpt_get_pubkey (sig->fpr, &key);
    if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
        attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
    else
        attr = get_gpg_sigstat (sig->summary);
    if (attr)
        listview_add_sub_item (lv, 0, VER_COL_STAT, (char *)attr);
    
    attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
    if (!attr)
        attr = _("Unknown");
    listview_add_sub_item (lv, 0, VER_COL_SIGNED, (char *)attr);
    
    attr = _("Unknown");
    if (key.ctx) {
        key_attr = key.ext->uids->validity;
        attr = get_key_trust2 (NULL, key_attr, 0, 0);
    }
    listview_add_sub_item (lv, 0, VER_COL_TRUST, (char *)attr);
    
    attr = sig_get_real_keyid (sig, &key);
    _snprintf (keyid, DIM (keyid) -1, "0x%s", attr);
    listview_add_sub_item (lv, 0, VER_COL_KEYID, keyid);
    
    attr = key.ctx? key.ext->uids->name : _("user ID not found");
    listview_add_sub_item (lv, 0, VER_COL_UID, attr);

    if (vlv->infctl)
        verlist_set_additional_info (vlv, sig);
    return 0;
}


/* Add the given file signature in @log to the verify control @lv.
   Return value: 0 on success. */
int
verlist_add_sig_log (verlist_ctrl_t vlv, file_sig_ctx_t log)
{
    gpgme_signature_t sig = log->sig;
    struct listview_ctrl_s *lv;
    struct winpt_key_s key;
    const char *attr;
    char t[64], timebuf[128], *name;
    int is_bad;

    lv = vlv->lv;
    is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
    if (listview_add_item_image (lv, "", is_bad)) {
        log_debug ("verlist_add_sig_log: listview_add_item() failed.\n");
        return WPTERR_GENERAL;
    }

    memset (&key, 0, sizeof (key));
    winpt_get_pubkey (sig->fpr, &key);
    
    name = extract_filename (log->file);
    if (name)
        listview_add_sub_item (lv, 0, VER_COL_NAME, name);
    else
        listview_add_sub_item (lv, 0, VER_COL_NAME, log->file);
    free_if_alloc (name);
    
    if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
        attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
    else
        attr = get_gpg_sigstat (sig->summary);
    if (attr)
        listview_add_sub_item (lv, 0, VER_COL_STAT, attr);

    if (sig->timestamp > 0) {
        attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
        if (!attr)
            attr = _("Unknown");
    }
        attr = _("Unknown");
    listview_add_sub_item (lv, 0, VER_COL_SIGNED, attr);
        
    if (key.ctx != NULL)
        attr = get_key_trust2 (NULL, key.ctx->uids->validity, 0, 0);
    else
        attr = _("Unknown");
    listview_add_sub_item (lv, 0, VER_COL_TRUST, attr);


    attr = sig_get_real_keyid (sig, &key);
    _snprintf (t, DIM (t)-1, "0x%s", attr);
    listview_add_sub_item (lv, 0, VER_COL_KEYID, t);
    listview_add_sub_item (lv, 0, VER_COL_UID, 
                           log->user_id? 
                           log->user_id : _("user ID not found"));
    if (vlv->infctl)
        verlist_set_additional_info (vlv, sig);

    return 0;
}
1	werner	36	/* wptVerifyList.cpp - Listview for verifying signatures
2	twoaday	256	* Copyright (C) 2001, 2002, 2003, 2005, 2006 Timo Schulz
3	werner	36	* Copyright (C) 2005 g10 Code GmbH
4			*
5			* This file is part of WinPT.
6			*
7			* WinPT is free software; you can redistribute it and/or
8			* modify it under the terms of the GNU General Public License
9			* as published by the Free Software Foundation; either version 2
10			* of the License, or (at your option) any later version.
11			*
12			* WinPT is distributed in the hope that it will be useful,
13			* but WITHOUT ANY WARRANTY; without even the implied warranty of
14			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15			* General Public License for more details.
16			*/
17	twoaday	129
18	werner	36	#ifdef HAVE_CONFIG_H
19			#include <config.h>
20			#endif
21
22			#include <windows.h>
23			#include <time.h>
24
25	twoaday	228	#include "resource.h"
26	werner	36	#include "wptTypes.h"
27			#include "wptGPG.h"
28			#include "wptCommonCtl.h"
29			#include "wptKeylist.h"
30			#include "wptNLS.h"
31	twoaday	208	#include "wptContext.h"
32	werner	36	#include "wptErrors.h"
33			#include "wptW32API.h"
34	twoaday	228	#include "wptVersion.h"
35	werner	36
36	twoaday	193	/* Symbolic column IDs */
37			enum {
38			VER_COL_NAME = 0,
39			VER_COL_STAT = 1,
40			VER_COL_SIGNED = 2,
41			VER_COL_TRUST = 3,
42			VER_COL_KEYID = 4,
43			VER_COL_UID = 5
44			};
45
46
47	werner	36	/* Extract the file name part out of the given path in @path.
48			Return value: file part or NULL on error. */
49			static char*
50			extract_filename (const char *path)
51			{
52			char * fname, *p;
53			int n, len = 0;
54
55			p = strrchr (path, '\\');
56			if (!p)
57			return m_strdup (path);
58			n = p - path;
59			len = strlen (path) - n;
60			fname = new char[len+1];
61			if (!fname)
62			BUG (NULL);
63			memcpy (fname, path+n+1, len);
64			fname[len] = '\0';
65			return fname;
66			}
67
68
69	twoaday	219	/* Return human printable PKA status.
70			If no pka information is available, return NULL. */
71			char*
72			get_pka_status (gpgme_signature_t sig)
73			{
74			const char *fmt;
75			char *pka_inf;
76
77			if (sig->pka_trust == 0 \|\| !sig->pka_address)
78			return NULL;
79			fmt = _("PKA: Verified signer's address is '%s'");
80			pka_inf = new char[strlen (fmt)+strlen (sig->pka_address)+2];
81			if (!pka_inf)
82			BUG (NULL);
83			sprintf (pka_inf, fmt, sig->pka_address);
84			return pka_inf;
85			}
86
87
88			/* Set additional signature information according to the
89			signature @sig. If no info control is used, just return. */
90			void
91			verlist_set_additional_info (verlist_ctrl_t vlv, gpgme_signature_t sig)
92			{
93			int used = 1;
94
95			if (!vlv->infctl)
96			return;
97
98	twoaday	256	/* if the signature is bad, we just hide the window and return. */
99			if (sig->summary & GPGME_SIGSUM_RED) {
100			ShowWindow (vlv->infctl, SW_HIDE);
101			return;
102			}
103	twoaday	262	/* XXX: if the summary does not contain GPGME_SIGSUM_GREEN, issue a warning. */
104			if (sig->validity != GPGME_VALIDITY_MARGINAL &&
105			sig->validity != GPGME_VALIDITY_FULL &&
106			sig->validity != GPGME_VALIDITY_ULTIMATE &&
107			!(sig->summary & GPGME_SIGSUM_KEY_MISSING)) {
108	twoaday	219	SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
109			_("WARNING: This key is not certified with a trusted signature!\r\n"
110			" There is no indication that the signature belongs to the owner.\r\n"));
111			}
112	twoaday	262	else if (sig->exp_timestamp > (DWORD)time (NULL))
113			SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
114			_("The signature is expired!"));
115	twoaday	219	else {
116			char *pka_info = get_pka_status (sig);
117			if (pka_info != NULL) {
118			SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)pka_info);
119			free_if_alloc (pka_info);
120			}
121			else {
122			SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)"");
123			used = 0;
124			}
125			}
126			ShowWindow (vlv->infctl, used? SW_SHOW : SW_HIDE);
127			}
128
129
130	werner	36	/* Build a verify signature list control. With the parent window
131			from @ctrl and the mod given in @fm_mode. @lv contains the
132			new control on success.
133			Return value: 0 on success. */
134	twoaday	219	void
135			verlist_build (verlist_ctrl_t *vlv, HWND ctrl, int fm_mode)
136			{
137	twoaday	193	struct listview_column_s verlist[] = {
138	twoaday	228	{0, 120, (char *)_("Name")},
139	twoaday	256	{1, 140, (char *)_("Status")},
140			{2, 120, (char *)_("Signed")},
141	twoaday	193	{3, 58, (char *)_("Trust") },
142			{4, 80, (char *)_("Key ID" )},
143	twoaday	256	{5, 160, (char *)_("User ID")},
144	twoaday	193	{6, 0, NULL}
145	werner	36	};
146	twoaday	228	HICON ico[2];
147	twoaday	219	struct verlist_ctrl_s *v;
148	twoaday	193	int j;
149	werner	36
150	twoaday	219	v = new verlist_ctrl_s;
151			if (!v)
152			BUG (0);
153			memset (v, 0, sizeof *v);
154			listview_new (&v->lv, ctrl);
155	twoaday	193	for(j=0; verlist[j].fieldname; j++)
156	twoaday	219	listview_add_column (v->lv, &verlist[j]);
157	twoaday	193	if (!fm_mode)
158	twoaday	228	listview_set_column_width (v->lv, 0, 80);
159	twoaday	219	listview_set_ext_style (v->lv);
160	twoaday	228	ico[0] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_GOOD);
161			ico[1] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_BAD);
162			listview_set_image_list (v->lv, 16, 16, ico, 2);
163	twoaday	219	*vlv = v;
164	werner	36	}
165
166
167	twoaday	219	void
168			verlist_set_info_control (verlist_ctrl_t vlv, HWND infctl)
169			{
170			vlv->infctl = infctl;
171			}
172
173
174	werner	36	/* Delete the given verify control in @lv. */
175			void
176	twoaday	219	verlist_delete (verlist_ctrl_t vlv)
177	werner	36	{
178	twoaday	219	if (vlv) {
179			listview_release (vlv->lv);
180			free_if_alloc (vlv);
181	werner	36	}
182			}
183
184
185	twoaday	286	/* Handy function to extract the real key ID from a signature. */
186			const char *
187			sig_get_real_keyid (gpgme_signature_t sig, winpt_key_t key)
188			{
189			const char *keyid;
190
191			/* We still need an extra check for RSA:MD5 keys because we
192			cannot derrive the keyid directly from the fingerprint. */
193			if (strlen (sig->fpr) == 32) {
194			if (key->ext != NULL)
195			keyid = key->ext->key->subkeys->keyid+8;
196			else /* show the fingerprint if the key is not in the keyring. */
197			keyid = sig->fpr;
198			}
199			else
200			keyid = get_keyid_from_fpr (sig->fpr);
201			return keyid;
202			}
203
204
205	werner	36	/* Add the given signature in @sig to the verify control @lv.
206			Return value: 0 on success. */
207			int
208	twoaday	219	verlist_add_sig (verlist_ctrl_t vlv, gpgme_signature_t sig)
209	werner	36	{
210	twoaday	228	listview_ctrl_t lv;
211	twoaday	256	struct winpt_key_s key;
212	twoaday	205	const char *attr;
213	twoaday	278	char keyid[32+1], timebuf[128];
214	twoaday	256	u32 key_attr;
215	twoaday	228	int is_bad;
216	werner	36
217	twoaday	228	is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
218	twoaday	219	lv = vlv->lv;
219	twoaday	228	if (listview_add_item_image (lv, " ", is_bad))
220	werner	36	return WPTERR_GENERAL;
221	twoaday	193
222	twoaday	270	listview_add_sub_item (lv, 0, VER_COL_NAME, _("Clipboard"));
223	twoaday	193
224	twoaday	208	memset (&key, 0, sizeof (key));
225			winpt_get_pubkey (sig->fpr, &key);
226	twoaday	76	if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
227			attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
228			else
229			attr = get_gpg_sigstat (sig->summary);
230			if (attr)
231	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_STAT, (char *)attr);
232	werner	36
233	twoaday	278	attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
234			if (!attr)
235			attr = _("Unknown");
236	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_SIGNED, (char *)attr);
237	werner	36
238			attr = _("Unknown");
239	twoaday	208	if (key.ctx) {
240			key_attr = key.ext->uids->validity;
241	werner	36	attr = get_key_trust2 (NULL, key_attr, 0, 0);
242			}
243	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_TRUST, (char *)attr);
244	werner	36
245	twoaday	286	attr = sig_get_real_keyid (sig, &key);
246	twoaday	271	_snprintf (keyid, DIM (keyid) -1, "0x%s", attr);
247	twoaday	205	listview_add_sub_item (lv, 0, VER_COL_KEYID, keyid);
248	werner	36
249	twoaday	208	attr = key.ctx? key.ext->uids->name : _("user ID not found");
250	twoaday	204	listview_add_sub_item (lv, 0, VER_COL_UID, attr);
251	twoaday	219
252			if (vlv->infctl)
253			verlist_set_additional_info (vlv, sig);
254	werner	36	return 0;
255			}
256
257
258			/* Add the given file signature in @log to the verify control @lv.
259			Return value: 0 on success. */
260			int
261	twoaday	219	verlist_add_sig_log (verlist_ctrl_t vlv, file_sig_ctx_t log)
262	werner	36	{
263			gpgme_signature_t sig = log->sig;
264	twoaday	219	struct listview_ctrl_s *lv;
265	twoaday	208	struct winpt_key_s key;
266	twoaday	204	const char *attr;
267	twoaday	278	char t[64], timebuf[128], *name;
268	twoaday	270	int is_bad;
269	werner	36
270	twoaday	219	lv = vlv->lv;
271	twoaday	270	is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
272			if (listview_add_item_image (lv, "", is_bad)) {
273	twoaday	109	log_debug ("verlist_add_sig_log: listview_add_item() failed.\n");
274	werner	36	return WPTERR_GENERAL;
275	twoaday	109	}
276	werner	36
277	twoaday	208	memset (&key, 0, sizeof (key));
278			winpt_get_pubkey (sig->fpr, &key);
279	werner	36
280			name = extract_filename (log->file);
281			if (name)
282	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_NAME, name);
283	werner	36	else
284	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_NAME, log->file);
285	werner	36	free_if_alloc (name);
286	twoaday	109
287	twoaday	76	if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
288			attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
289			else
290			attr = get_gpg_sigstat (sig->summary);
291	werner	36	if (attr)
292	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_STAT, attr);
293	werner	36
294	twoaday	278	if (sig->timestamp > 0) {
295			attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
296			if (!attr)
297			attr = _("Unknown");
298			}
299			attr = _("Unknown");
300	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_SIGNED, attr);
301
302	twoaday	208	if (key.ctx != NULL)
303			attr = get_key_trust2 (NULL, key.ctx->uids->validity, 0, 0);
304	twoaday	193	else
305			attr = _("Unknown");
306			listview_add_sub_item (lv, 0, VER_COL_TRUST, attr);
307	twoaday	205
308	twoaday	286
309			attr = sig_get_real_keyid (sig, &key);
310	twoaday	271	_snprintf (t, DIM (t)-1, "0x%s", attr);
311	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_KEYID, t);
312	twoaday	204	listview_add_sub_item (lv, 0, VER_COL_UID,
313			log->user_id?
314			log->user_id : _("user ID not found"));
315	twoaday	219	if (vlv->infctl)
316			verlist_set_additional_info (vlv, sig);
317
318	werner	36	return 0;
319			}