gpg: Improve and regularize naming of signature checking functions.

* g10/packet.h (signature_check): Rename from this... (check_signature): ... to this. Update users. (signature_check2): Rename from this... (check_signature2): ... to this. Update users. * g10/sig-check.c (do_check): Rename from this... (check_signature_end): ... to this. Update users. (do_check_messages): Rename from this... (check_signature_metadata_validity): ... to this. Update users. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2024-06-29 02:22:45 +02:00 · 2015-10-19 11:06:57 +02:00 · 2015-10-19 11:06:57 +02:00 · 0433e66702
commit 0433e66702
parent 547a1b3fb8
3 changed files with 41 additions and 31 deletions
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -873,7 +873,7 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
        }
      else /* detached signature */
        {
-          /* signature_check() will enable the md. */
+          /* check_signature() will enable the md. */
          if (gcry_md_open (&md, 0, 0 ))
            BUG ();
        }
@ -892,7 +892,7 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
      else /* detached signature */
        {
          log_debug ("Do we really need this here?");
-          /* signature_check() will enable the md*/
+          /* check_signature() will enable the md*/
          if (gcry_md_open (&md, 0, 0 ))
            BUG ();
          if (gcry_md_open (&md2, 0, 0 ))
@ -926,12 +926,14 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
  else
    return GPG_ERR_SIG_CLASS;
-  rc = signature_check2 (sig, md, NULL, is_expkey, is_revkey, NULL);
+  /* We only get here if we are checking the signature of a binary
     (0x00) or text document (0x01).  */
  rc = check_signature2 (sig, md, NULL, is_expkey, is_revkey, NULL);
  if (! rc)
    md_good = md;
  else if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2)
    {
-      rc = signature_check2 (sig, md2, NULL, is_expkey, is_revkey, NULL);
+      rc = check_signature2 (sig, md2, NULL, is_expkey, is_revkey, NULL);
      if (! rc)
 	md_good = md2;
    }
--- a/g10/packet.h
+++ b/g10/packet.h
@ -638,8 +638,8 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
 /*-- sig-check.c --*/
-int signature_check( PKT_signature *sig, gcry_md_hd_t digest );
+int check_signature( PKT_signature *sig, gcry_md_hd_t digest );
-int signature_check2( PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
+int check_signature2( PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
 		      int *r_expired, int *r_revoked, PKT_public_key *ret_pk );
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -1,6 +1,7 @@
 /* sig-check.c -  Check a signature
 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
 *               2004, 2006 Free Software Foundation, Inc.
 * Copyright (C) 2015 g10 Code GmbH
 *
 * This file is part of GnuPG.
 *
@ -34,26 +35,25 @@
 #include "options.h"
 #include "pkglue.h"
 static int check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 				gcry_md_hd_t digest,
 				int *r_expired, int *r_revoked,
 				PKT_public_key *ret_pk);
 static int do_check( PKT_public_key *pk, PKT_signature *sig,
                     gcry_md_hd_t digest,
 		     int *r_expired, int *r_revoked, PKT_public_key *ret_pk);
 /****************
 * Check the signature which is contained in SIG.
 * The MD_HANDLE should be currently open, so that this function
 * is able to append some data, before finalizing the digest.
 */
 int
-signature_check (PKT_signature *sig, gcry_md_hd_t digest)
+check_signature (PKT_signature *sig, gcry_md_hd_t digest)
 {
-    return signature_check2( sig, digest, NULL, NULL, NULL, NULL );
+    return check_signature2 (sig, digest, NULL, NULL, NULL, NULL);
 }
 int
-signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
+check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
 		  int *r_expired, int *r_revoked, PKT_public_key *pk )
 {
    int rc=0;
@ -93,14 +93,14 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
        if(r_expiredate)
 	  *r_expiredate = pk->expiredate;
-	rc = do_check( pk, sig, digest, r_expired, r_revoked, NULL );
+	rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL);
 	/* Check the backsig.  This is a 0x19 signature from the
 	   subkey on the primary key.  The idea here is that it should
 	   not be possible for someone to "steal" subkeys and claim
 	   them as their own.  The attacker couldn't actually use the
 	   subkey, but they could try and claim ownership of any
-	   signaures issued by it. */
+	   signatures issued by it. */
 	if(rc==0 && !pk->flags.primary && pk->flags.backsig < 2)
 	  {
 	    if (!pk->flags.backsig)
@ -205,8 +205,8 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
 static int
-do_check_messages( PKT_public_key *pk, PKT_signature *sig,
+check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig,
-		   int *r_expired, int *r_revoked )
+				   int *r_expired, int *r_revoked)
 {
    u32 cur_time;
@ -269,14 +269,16 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig,
 static int
-do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
+check_signature_end (PKT_public_key *pk, PKT_signature *sig,
-	  int *r_expired, int *r_revoked, PKT_public_key *ret_pk )
+		     gcry_md_hd_t digest,
 		     int *r_expired, int *r_revoked, PKT_public_key *ret_pk)
 {
    gcry_mpi_t result = NULL;
    int rc = 0;
    const struct weakhash *weak;
-    if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
+    if ((rc = check_signature_metadata_validity (pk, sig,
 						 r_expired, r_revoked)))
        return rc;
    if (!opt.flags.allow_weak_digest_algos)
@ -466,7 +468,7 @@ check_revocation_keys(PKT_public_key *pk,PKT_signature *sig)
              if (gcry_md_open (&md, sig->digest_algo, 0))
                BUG ();
              hash_public_key(md,pk);
-              rc=signature_check(sig,md);
+              rc=check_signature(sig,md);
 	      cache_sig_result(sig,rc);
              gcry_md_close (md);
 	      break;
@ -505,7 +507,7 @@ check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
    {
      hash_public_key(md,main_pk);
      hash_public_key(md,sub_pk);
-      rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
+      rc = check_signature_end (sub_pk, backsig, md, NULL, NULL, NULL);
      cache_sig_result(backsig,rc);
      gcry_md_close(md);
    }
@ -570,7 +572,8 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
 	    }
 	    /* BUG: This is wrong for non-self-sigs.. needs to be the
 	       actual pk */
-	    if((rc=do_check_messages(pk,sig,r_expired,NULL)))
+	    if((rc = check_signature_metadata_validity (pk, sig,
 							r_expired, NULL)))
 	      return rc;
            return sig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
        }
@ -593,7 +596,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
 	    if (gcry_md_open (&md, algo, 0 ))
              BUG ();
 	    hash_public_key( md, pk );
-	    rc = do_check( pk, sig, md, r_expired, NULL, ret_pk );
+	    rc = check_signature_end (pk, sig, md, r_expired, NULL, ret_pk);
 	    cache_sig_result ( sig, rc );
 	    gcry_md_close(md);
 	  }
@ -606,7 +609,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
              BUG ();
 	    hash_public_key( md, pk );
 	    hash_public_key( md, snode->pkt->pkt.public_key );
-	    rc = do_check( pk, sig, md, r_expired, NULL, ret_pk );
+	    rc = check_signature_end (pk, sig, md, r_expired, NULL, ret_pk);
            cache_sig_result ( sig, rc );
 	    gcry_md_close(md);
 	}
@ -633,7 +636,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
              BUG ();
 	    hash_public_key( md, pk );
 	    hash_public_key( md, snode->pkt->pkt.public_key );
-	    rc = do_check( pk, sig, md, r_expired, NULL, ret_pk );
+	    rc = check_signature_end (pk, sig, md, r_expired, NULL, ret_pk);
            cache_sig_result ( sig, rc );
 	    gcry_md_close(md);
 	}
@ -649,7 +652,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
        if (gcry_md_open (&md, algo, 0 ))
          BUG ();
 	hash_public_key( md, pk );
-	rc = do_check( pk, sig, md, r_expired, NULL, ret_pk );
+	rc = check_signature_end (pk, sig, md, r_expired, NULL, ret_pk);
        cache_sig_result ( sig, rc );
 	gcry_md_close(md);
    }
@ -668,12 +671,17 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
 	      {
 		if( is_selfsig )
 		  *is_selfsig = 1;
-		rc = do_check( pk, sig, md, r_expired, NULL, ret_pk );
+		rc = check_signature_end (pk, sig, md, r_expired, NULL, ret_pk);
 	      }
 	    else if (check_pk)
-	      rc=do_check(check_pk,sig,md,r_expired,NULL,ret_pk);
+	      /* The caller specified a key.  Try that.  */
 	      rc = check_signature_end (check_pk, sig, md,
 					r_expired, NULL, ret_pk);
 	    else
-	      rc=signature_check2(sig,md,r_expiredate,r_expired,NULL,ret_pk);
+	      /* Look up the key.  XXX: Could it be that the key is
 		 not is not in this keyblock?  */
 	      rc = check_signature2 (sig, md, r_expiredate, r_expired,
 				     NULL, ret_pk);
            cache_sig_result ( sig, rc );
 	    gcry_md_close(md);