trunk/Src/wptVerifyList.cpp

/* wptVerifyList.cpp - Listview for verifying signatures
 *      Copyright (C) 2001, 2002, 2003, 2005, 2006 Timo Schulz
 *      Copyright (C) 2005 g10 Code GmbH
 *
 * This file is part of WinPT.
 *
 * WinPT is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License 
 * as published by the Free Software Foundation; either version 2 
 * of the License, or (at your option) any later version.
 *  
 * WinPT is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <windows.h>
#include <time.h>

#include "resource.h"
#include "wptTypes.h"
#include "wptGPG.h"
#include "wptCommonCtl.h"
#include "wptKeylist.h"
#include "wptNLS.h"
#include "wptContext.h"
#include "wptErrors.h"
#include "wptW32API.h"
#include "wptVersion.h"

/* Symbolic column IDs */
enum {
    VER_COL_NAME = 0,
    VER_COL_STAT = 1,
    VER_COL_SIGNED = 2,
    VER_COL_TRUST = 3,
    VER_COL_KEYID = 4,
    VER_COL_UID = 5
};


/* Extract the file name part out of the given path in @path.
   Return value: file part or NULL on error. */
static char*
extract_filename (const char *path)
{
    char *p;
    size_t pos;

    p = strrchr (path, '\\');
    if (p == NULL)
        return m_strdup (path);
    pos = p-path;
    return substr (path, pos+1, strlen (path)-1);
}


/* Return human printable PKA status.
   If no pka information is available, return NULL. */
char*
get_pka_status (gpgme_signature_t sig)
{
    const char *fmt;
    char *pka_inf;

    if (sig->pka_trust == 0 || !sig->pka_address)
        return NULL;
    fmt = _("PKA: Verified signer's address is '%s'");
    pka_inf = new char[strlen (fmt)+strlen (sig->pka_address)+2];
    if (!pka_inf)
        BUG (NULL);     
    sprintf (pka_inf, fmt, sig->pka_address);
    return pka_inf;
}


/* Set additional signature information according to the
   signature @sig. If no info control is used, just return. */
void
verlist_set_additional_info (verlist_ctrl_t vlv, gpgme_signature_t sig)
{
    int used = 1;

    if (!vlv->infctl)
        return;

    /* if the signature is bad, we just hide the window and return. */
    if (sig->summary & GPGME_SIGSUM_RED) {
        ShowWindow (vlv->infctl, SW_HIDE);
        return;
    }
    /* XXX: if the summary does not contain GPGME_SIGSUM_GREEN, issue a warning. */
    if (sig->validity != GPGME_VALIDITY_MARGINAL &&
        sig->validity != GPGME_VALIDITY_FULL &&
        sig->validity != GPGME_VALIDITY_ULTIMATE &&
        !(sig->summary & GPGME_SIGSUM_KEY_MISSING)) {
        SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
                     _("WARNING: This key is not certified with a trusted signature!\r\n"
                       "                   There is no indication that the signature belongs to the owner.\r\n"));
    }
    else if (sig->exp_timestamp > (DWORD)time (NULL))
        SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
                     _("The signature is expired!"));
    else {
        char *pka_info = get_pka_status (sig);
        if (pka_info != NULL) {
            SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)pka_info);
            free_if_alloc (pka_info);
        }
        else {
            SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)"");
            used = 0;
        }
    }    
    ShowWindow (vlv->infctl, used? SW_SHOW : SW_HIDE);
}


/* Build a verify signature list control. With the parent window
   from @ctrl and the mod given in @fm_mode. @lv contains the
   new control on success.
   Return value: 0 on success. */
void
verlist_build (verlist_ctrl_t *vlv, HWND ctrl, int fm_mode)
{
    struct listview_column_s verlist[] = {
        {0, 120, (char *)_("Name")},
        {1, 140, (char *)_("Status")},
        {2, 120, (char *)_("Signed")},
        {3,  58, (char *)_("Trust") },
        {4,  80, (char *)_("Key ID" )},
        {5, 160, (char *)_("User ID")},
        {6, 0, NULL}
    };
    HICON ico[2];
    struct verlist_ctrl_s *v;
    int j;
    
    v = new verlist_ctrl_s;
    if (!v)
        BUG (0);
    memset (v, 0, sizeof *v);
    listview_new (&v->lv, ctrl);
    for (j=0; verlist[j].fieldname; j++)
        listview_add_column (v->lv, &verlist[j]);
    if (!fm_mode)
        listview_set_column_width (v->lv, 0, 80);
    listview_set_ext_style (v->lv);
    ico[0] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_GOOD);
    ico[1] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_BAD);
    listview_set_image_list (v->lv, 16, 16, ico, 2);
    *vlv = v;
}


void
verlist_set_info_control (verlist_ctrl_t vlv, HWND infctl)
{
    vlv->infctl = infctl;
}


/* Delete the given verify control in @lv. */
void
verlist_delete (verlist_ctrl_t vlv)
{
    if (vlv) {
        listview_release (vlv->lv);
        free_if_alloc (vlv);
    }
}


/* Handy function to extract the real key ID from a signature. */
const char *
sig_get_real_keyid (gpgme_signature_t sig, winpt_key_t key)
{
    const char *keyid;
    
     /* We still need an extra check for RSA:MD5 keys because we
        cannot derrive the keyid directly from the fingerprint. */
    if (strlen (sig->fpr) == 32) {
        if (key->ext != NULL)
            keyid = key->ext->key->subkeys->keyid+8;
        else /* show the fingerprint if the key is not in the keyring. */
            keyid = sig->fpr;
    }
    else
        keyid = get_keyid_from_fpr (sig->fpr);
    return keyid;
}

    
/* Add the given signature in @sig to the verify control @lv.
   Return value: 0 on success. */
int
verlist_add_sig (verlist_ctrl_t vlv, gpgme_signature_t sig)
{
    listview_ctrl_t lv;
    struct winpt_key_s key;    
    const char *attr;
    char keyid[32+1], timebuf[128];
    u32 key_attr;
    int is_bad;
    
    is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
    lv = vlv->lv;
    if (listview_add_item_image (lv, " ", is_bad))
        return WPTERR_GENERAL;
        
    listview_add_sub_item (lv, 0, VER_COL_NAME, _("Clipboard"));

    memset (&key, 0, sizeof (key));
    winpt_get_pubkey (sig->fpr, &key);
    if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
        attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
    else
        attr = get_gpg_sigstat (sig->summary);
    if (attr)
        listview_add_sub_item (lv, 0, VER_COL_STAT, (char *)attr);
    
    attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
    if (!attr)
        attr = _("Unknown");
    listview_add_sub_item (lv, 0, VER_COL_SIGNED, (char *)attr);
    
    attr = _("Unknown");
    if (key.ctx) {
        key_attr = key.ext->uids->validity;
        attr = get_key_trust2 (NULL, key_attr, 0, 0);
    }
    listview_add_sub_item (lv, 0, VER_COL_TRUST, (char *)attr);
    
    attr = sig_get_real_keyid (sig, &key);
    _snprintf (keyid, DIM (keyid) -1, "0x%s", attr);
    listview_add_sub_item (lv, 0, VER_COL_KEYID, keyid);
    
    attr = key.ctx? key.ext->uids->name : _("user ID not found");
    listview_add_sub_item (lv, 0, VER_COL_UID, attr);

    if (vlv->infctl)
        verlist_set_additional_info (vlv, sig);
    return 0;
}


/* Add the given file signature in @log to the verify control @lv.
   Return value: 0 on success. */
int
verlist_add_sig_log (verlist_ctrl_t vlv, file_sig_ctx_t log)
{
    gpgme_signature_t sig = log->sig;
    struct listview_ctrl_s *lv;
    struct winpt_key_s key;
    const char *attr;
    char t[64], timebuf[128], *name;
    int is_bad;

    lv = vlv->lv;
    is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
    if (listview_add_item_image (lv, "", is_bad)) {
        log_debug ("verlist_add_sig_log: listview_add_item() failed.\n");
        return WPTERR_GENERAL;
    }

    memset (&key, 0, sizeof (key));
    winpt_get_pubkey (sig->fpr, &key);
    
    name = extract_filename (log->file);
    if (name != NULL)
        listview_add_sub_item (lv, 0, VER_COL_NAME, name);
    else
        listview_add_sub_item (lv, 0, VER_COL_NAME, log->file);
    free_if_alloc (name);
    
    if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
        attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
    else
        attr = get_gpg_sigstat (sig->summary);
    listview_add_sub_item (lv, 0, VER_COL_STAT, attr);

    if (sig->timestamp > 0) {
        attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
        if (!attr)
            attr = _("Unknown");
    }
    else
        attr = _("Unknown");
    listview_add_sub_item (lv, 0, VER_COL_SIGNED, attr);
        
    if (key.ctx != NULL)
        attr = get_key_trust2 (NULL, key.ctx->uids->validity, 0, 0);
    else
        attr = _("Unknown");
    listview_add_sub_item (lv, 0, VER_COL_TRUST, attr);

    attr = sig_get_real_keyid (sig, &key);
    _snprintf (t, DIM (t)-1, "0x%s", attr);
    listview_add_sub_item (lv, 0, VER_COL_KEYID, t);
    listview_add_sub_item (lv, 0, VER_COL_UID, 
                           log->user_id? 
                           log->user_id : _("user ID not found"));
    if (vlv->infctl)
        verlist_set_additional_info (vlv, sig);

    return 0;
}
1	werner	36	/* wptVerifyList.cpp - Listview for verifying signatures
2	twoaday	256	* Copyright (C) 2001, 2002, 2003, 2005, 2006 Timo Schulz
3	werner	36	* Copyright (C) 2005 g10 Code GmbH
4			*
5			* This file is part of WinPT.
6			*
7			* WinPT is free software; you can redistribute it and/or
8			* modify it under the terms of the GNU General Public License
9			* as published by the Free Software Foundation; either version 2
10			* of the License, or (at your option) any later version.
11			*
12			* WinPT is distributed in the hope that it will be useful,
13			* but WITHOUT ANY WARRANTY; without even the implied warranty of
14			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15			* General Public License for more details.
16			*/
17	twoaday	129
18	werner	36	#ifdef HAVE_CONFIG_H
19			#include <config.h>
20			#endif
21
22			#include <windows.h>
23			#include <time.h>
24
25	twoaday	228	#include "resource.h"
26	werner	36	#include "wptTypes.h"
27			#include "wptGPG.h"
28			#include "wptCommonCtl.h"
29			#include "wptKeylist.h"
30			#include "wptNLS.h"
31	twoaday	208	#include "wptContext.h"
32	werner	36	#include "wptErrors.h"
33			#include "wptW32API.h"
34	twoaday	228	#include "wptVersion.h"
35	werner	36
36	twoaday	193	/* Symbolic column IDs */
37			enum {
38			VER_COL_NAME = 0,
39			VER_COL_STAT = 1,
40			VER_COL_SIGNED = 2,
41			VER_COL_TRUST = 3,
42			VER_COL_KEYID = 4,
43			VER_COL_UID = 5
44			};
45
46
47	werner	36	/* Extract the file name part out of the given path in @path.
48			Return value: file part or NULL on error. */
49			static char*
50			extract_filename (const char *path)
51			{
52	twoaday	291	char *p;
53			size_t pos;
54	werner	36
55			p = strrchr (path, '\\');
56	twoaday	291	if (p == NULL)
57	werner	36	return m_strdup (path);
58	twoaday	291	pos = p-path;
59	twoaday	292	return substr (path, pos+1, strlen (path)-1);
60	werner	36	}
61
62
63	twoaday	219	/* Return human printable PKA status.
64			If no pka information is available, return NULL. */
65			char*
66			get_pka_status (gpgme_signature_t sig)
67			{
68			const char *fmt;
69			char *pka_inf;
70
71			if (sig->pka_trust == 0 \|\| !sig->pka_address)
72			return NULL;
73			fmt = _("PKA: Verified signer's address is '%s'");
74			pka_inf = new char[strlen (fmt)+strlen (sig->pka_address)+2];
75			if (!pka_inf)
76			BUG (NULL);
77			sprintf (pka_inf, fmt, sig->pka_address);
78			return pka_inf;
79			}
80
81
82			/* Set additional signature information according to the
83			signature @sig. If no info control is used, just return. */
84			void
85			verlist_set_additional_info (verlist_ctrl_t vlv, gpgme_signature_t sig)
86			{
87			int used = 1;
88
89			if (!vlv->infctl)
90			return;
91
92	twoaday	256	/* if the signature is bad, we just hide the window and return. */
93			if (sig->summary & GPGME_SIGSUM_RED) {
94			ShowWindow (vlv->infctl, SW_HIDE);
95			return;
96			}
97	twoaday	262	/* XXX: if the summary does not contain GPGME_SIGSUM_GREEN, issue a warning. */
98			if (sig->validity != GPGME_VALIDITY_MARGINAL &&
99			sig->validity != GPGME_VALIDITY_FULL &&
100			sig->validity != GPGME_VALIDITY_ULTIMATE &&
101			!(sig->summary & GPGME_SIGSUM_KEY_MISSING)) {
102	twoaday	219	SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
103			_("WARNING: This key is not certified with a trusted signature!\r\n"
104			" There is no indication that the signature belongs to the owner.\r\n"));
105			}
106	twoaday	262	else if (sig->exp_timestamp > (DWORD)time (NULL))
107			SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)
108			_("The signature is expired!"));
109	twoaday	219	else {
110			char *pka_info = get_pka_status (sig);
111			if (pka_info != NULL) {
112			SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)pka_info);
113			free_if_alloc (pka_info);
114			}
115			else {
116			SendMessage (vlv->infctl, WM_SETTEXT, 0, (LPARAM)(char*)"");
117			used = 0;
118			}
119			}
120			ShowWindow (vlv->infctl, used? SW_SHOW : SW_HIDE);
121			}
122
123
124	werner	36	/* Build a verify signature list control. With the parent window
125			from @ctrl and the mod given in @fm_mode. @lv contains the
126			new control on success.
127			Return value: 0 on success. */
128	twoaday	219	void
129			verlist_build (verlist_ctrl_t *vlv, HWND ctrl, int fm_mode)
130			{
131	twoaday	193	struct listview_column_s verlist[] = {
132	twoaday	228	{0, 120, (char *)_("Name")},
133	twoaday	256	{1, 140, (char *)_("Status")},
134			{2, 120, (char *)_("Signed")},
135	twoaday	193	{3, 58, (char *)_("Trust") },
136			{4, 80, (char *)_("Key ID" )},
137	twoaday	256	{5, 160, (char *)_("User ID")},
138	twoaday	193	{6, 0, NULL}
139	werner	36	};
140	twoaday	228	HICON ico[2];
141	twoaday	219	struct verlist_ctrl_s *v;
142	twoaday	193	int j;
143	werner	36
144	twoaday	219	v = new verlist_ctrl_s;
145			if (!v)
146			BUG (0);
147			memset (v, 0, sizeof *v);
148			listview_new (&v->lv, ctrl);
149	twoaday	291	for (j=0; verlist[j].fieldname; j++)
150	twoaday	219	listview_add_column (v->lv, &verlist[j]);
151	twoaday	193	if (!fm_mode)
152	twoaday	228	listview_set_column_width (v->lv, 0, 80);
153	twoaday	219	listview_set_ext_style (v->lv);
154	twoaday	228	ico[0] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_GOOD);
155			ico[1] = LoadIcon (glob_hinst, (LPCTSTR)IDI_SIG_BAD);
156			listview_set_image_list (v->lv, 16, 16, ico, 2);
157	twoaday	219	*vlv = v;
158	werner	36	}
159
160
161	twoaday	219	void
162			verlist_set_info_control (verlist_ctrl_t vlv, HWND infctl)
163			{
164			vlv->infctl = infctl;
165			}
166
167
168	werner	36	/* Delete the given verify control in @lv. */
169			void
170	twoaday	219	verlist_delete (verlist_ctrl_t vlv)
171	werner	36	{
172	twoaday	219	if (vlv) {
173			listview_release (vlv->lv);
174			free_if_alloc (vlv);
175	werner	36	}
176			}
177
178
179	twoaday	286	/* Handy function to extract the real key ID from a signature. */
180			const char *
181			sig_get_real_keyid (gpgme_signature_t sig, winpt_key_t key)
182			{
183			const char *keyid;
184
185			/* We still need an extra check for RSA:MD5 keys because we
186			cannot derrive the keyid directly from the fingerprint. */
187			if (strlen (sig->fpr) == 32) {
188			if (key->ext != NULL)
189			keyid = key->ext->key->subkeys->keyid+8;
190			else /* show the fingerprint if the key is not in the keyring. */
191			keyid = sig->fpr;
192			}
193			else
194			keyid = get_keyid_from_fpr (sig->fpr);
195			return keyid;
196			}
197
198
199	werner	36	/* Add the given signature in @sig to the verify control @lv.
200			Return value: 0 on success. */
201			int
202	twoaday	219	verlist_add_sig (verlist_ctrl_t vlv, gpgme_signature_t sig)
203	werner	36	{
204	twoaday	228	listview_ctrl_t lv;
205	twoaday	256	struct winpt_key_s key;
206	twoaday	205	const char *attr;
207	twoaday	278	char keyid[32+1], timebuf[128];
208	twoaday	256	u32 key_attr;
209	twoaday	228	int is_bad;
210	werner	36
211	twoaday	228	is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
212	twoaday	219	lv = vlv->lv;
213	twoaday	228	if (listview_add_item_image (lv, " ", is_bad))
214	werner	36	return WPTERR_GENERAL;
215	twoaday	193
216	twoaday	270	listview_add_sub_item (lv, 0, VER_COL_NAME, _("Clipboard"));
217	twoaday	193
218	twoaday	208	memset (&key, 0, sizeof (key));
219			winpt_get_pubkey (sig->fpr, &key);
220	twoaday	76	if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
221			attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
222			else
223			attr = get_gpg_sigstat (sig->summary);
224			if (attr)
225	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_STAT, (char *)attr);
226	werner	36
227	twoaday	278	attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
228			if (!attr)
229			attr = _("Unknown");
230	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_SIGNED, (char *)attr);
231	werner	36
232			attr = _("Unknown");
233	twoaday	208	if (key.ctx) {
234			key_attr = key.ext->uids->validity;
235	werner	36	attr = get_key_trust2 (NULL, key_attr, 0, 0);
236			}
237	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_TRUST, (char *)attr);
238	werner	36
239	twoaday	286	attr = sig_get_real_keyid (sig, &key);
240	twoaday	271	_snprintf (keyid, DIM (keyid) -1, "0x%s", attr);
241	twoaday	205	listview_add_sub_item (lv, 0, VER_COL_KEYID, keyid);
242	werner	36
243	twoaday	208	attr = key.ctx? key.ext->uids->name : _("user ID not found");
244	twoaday	204	listview_add_sub_item (lv, 0, VER_COL_UID, attr);
245	twoaday	219
246			if (vlv->infctl)
247			verlist_set_additional_info (vlv, sig);
248	werner	36	return 0;
249			}
250
251
252			/* Add the given file signature in @log to the verify control @lv.
253			Return value: 0 on success. */
254			int
255	twoaday	219	verlist_add_sig_log (verlist_ctrl_t vlv, file_sig_ctx_t log)
256	werner	36	{
257			gpgme_signature_t sig = log->sig;
258	twoaday	219	struct listview_ctrl_s *lv;
259	twoaday	208	struct winpt_key_s key;
260	twoaday	204	const char *attr;
261	twoaday	278	char t[64], timebuf[128], *name;
262	twoaday	270	int is_bad;
263	werner	36
264	twoaday	219	lv = vlv->lv;
265	twoaday	270	is_bad = sig->summary & GPGME_SIGSUM_RED? 1 : 0;
266			if (listview_add_item_image (lv, "", is_bad)) {
267	twoaday	109	log_debug ("verlist_add_sig_log: listview_add_item() failed.\n");
268	werner	36	return WPTERR_GENERAL;
269	twoaday	109	}
270	werner	36
271	twoaday	208	memset (&key, 0, sizeof (key));
272			winpt_get_pubkey (sig->fpr, &key);
273	werner	36
274			name = extract_filename (log->file);
275	twoaday	291	if (name != NULL)
276	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_NAME, name);
277	werner	36	else
278	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_NAME, log->file);
279	werner	36	free_if_alloc (name);
280	twoaday	109
281	twoaday	76	if (sig->summary == 0 && gpg_err_code (sig->status) == GPG_ERR_NO_ERROR)
282			attr = get_gpg_sigstat (GPGME_SIGSUM_GREEN);
283			else
284			attr = get_gpg_sigstat (sig->summary);
285	twoaday	291	listview_add_sub_item (lv, 0, VER_COL_STAT, attr);
286	werner	36
287	twoaday	278	if (sig->timestamp > 0) {
288			attr = get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1);
289			if (!attr)
290			attr = _("Unknown");
291			}
292	twoaday	291	else
293	twoaday	278	attr = _("Unknown");
294	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_SIGNED, attr);
295
296	twoaday	208	if (key.ctx != NULL)
297			attr = get_key_trust2 (NULL, key.ctx->uids->validity, 0, 0);
298	twoaday	193	else
299			attr = _("Unknown");
300			listview_add_sub_item (lv, 0, VER_COL_TRUST, attr);
301	twoaday	205
302	twoaday	286	attr = sig_get_real_keyid (sig, &key);
303	twoaday	271	_snprintf (t, DIM (t)-1, "0x%s", attr);
304	twoaday	193	listview_add_sub_item (lv, 0, VER_COL_KEYID, t);
305	twoaday	204	listview_add_sub_item (lv, 0, VER_COL_UID,
306			log->user_id?
307			log->user_id : _("user ID not found"));
308	twoaday	219	if (vlv->infctl)
309			verlist_set_additional_info (vlv, sig);
310
311	werner	36	return 0;
312			}