diff -r 236696558ccb -r 4f50e6aa028b scratch/verify --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scratch/verify Wed Jan 04 09:21:35 2012 +0100 @@ -0,0 +1,82 @@ +#! /usr/bin/perl + +use 5.010; +use strict; +use warnings; +use File::Temp; +use GnuPG; +use autodie qw(:all); + +use blib; +use Message::2822; + +umask(077); +my $dir = File::Temp->newdir(); + +my $signed = Message::2822->new(file => shift // "ex/mails/signed"); + +# output the original message if not 'multipart/sign' +my ($content_type) = ($signed->header_lines(qr/^content-type/i) =~ /\s+(\S+)/i); +unless ($content_type =~ /multipart\/signed/i) { + print $signed->header_lines, "\n"; + print $signed->orig_body; + exit 0; +} + +my ($boundary) = + ($signed->header_lines(qr/^content-type/i) =~ /boundary=['"](.*?)['"]/); + +open(my $body, "+>$dir/body"); +print {$body} $signed->orig_body; +seek($body, 0, 0); + +# cut the message +open(my $message, "+>$dir/message"); +my $last_line = ""; +while (<$body>) { + last if ($last_line =~ /^\s+$/ and /^--\Q$boundary\E/); + next if (/^--\Q$boundary\E/); + s/\r?\n/\r\n/g; + print {$message} $last_line; + $last_line = $_; +} + +# cut the signature +open(my $signature, "+>$dir/message.sig"); +my $in_sign = 0; +while (<$body>) { + if (/^-----BEGIN\s+PGP\s+SIGNATURE-----$/ or $in_sign) { + if (/^-----END\s+PGP\s+SIGNATURE-----$/) { + $in_sign = 0; + print {$signature} $_; + } + else { + $in_sign = 1; + print {$signature} $_; + } + } +} + +seek($message, 0, 0); +seek($signature, 0, 0); + +# ask GPG to verify it… +my $gpg = new GnuPG(homedir => "ex/gpg"); +my $sign; +eval { + $sign = + ($gpg->verify(signature => "$dir/message.sig", file => "$dir/message")); +}; +if ($@) { + $signed->add_header_line("\nX-GPGate-Sign: bad signature\n"); + print $signed->header_lines, "\n"; + print $signed->orig_body; + exit 0; +} + +$signed->add_header_line("\nX-GPGate-Sign: good signature\n"); +$signed->add_header_line("X-GPGate-SignUser: $sign->{user}\n"); +$signed->add_header_line("X-GPGate-KeyId: $sign->{keyid}\n"); + +print $signed->header_lines, "\n"; +print $signed->orig_body;