35 lines
1.2 KiB
Plaintext
35 lines
1.2 KiB
Plaintext
|
#!/bin/sh
|
||
|
|
# mverify MSG - verify a OpenPGP or SMIME message
|
||
|
|
|
||
|
|
# Needs gpg2 (for OpenPGP) and openssl (for SMIME).
|
||
|
|
|
||
|
|
[ "$#" -eq 0 ] && set -- .
|
||
|
|
|
||
|
|
mshow -t "$1" | DOS2UNIX='/
$/!s/$/
/' awk -v "msg=$1" '
|
||
|
|
{ match($0, "^ *"); indent = RLENGTH }
|
||
|
|
$2 == "text/plain" { plain++ }
|
||
|
|
$2 == "multipart/signed" { signed = 0+$1; si = indent; next }
|
||
|
|
signed && !content && indent == si+2 { content = 0+$1; next }
|
||
|
|
signed && content && !signature && indent == si+2 { signature = 0+$1; type = $2 }
|
||
|
|
function q(a) { gsub("\\47", "\47\\\47\47", a); return "\47"a"\47" }
|
||
|
|
END {
|
||
|
|
if (type == "" && plain) { // guess plain text armored signature
|
||
|
|
exit(system("mshow -r " q(msg) " | gpg2 --verify"));
|
||
|
|
} else if (type == "") {
|
||
|
|
print("No signature found.")
|
||
|
|
exit(100)
|
||
|
|
} else if (type == "application/pgp-signature") {
|
||
|
|
exit(system("mshow -r -O " q(msg) " " q(content) \
|
||
|
|
" | sed $DOS2UNIX | " \
|
||
|
|
" { mshow -O " q(msg) " " q(signature) \
|
||
|
|
" | gpg2 --verify - /dev/fd/3; } 3<&0"))
|
||
|
|
} else if (type == "application/pkcs7-signature") {
|
||
|
|
exit(system("mshow -r -O " q(msg) " " q(signed) \
|
||
|
|
" | openssl smime -verify"))
|
||
|
|
} else {
|
||
|
|
print("Cannot verify signatures of type " type ".")
|
||
|
|
exit(2)
|
||
|
|
}
|
||
|
|
}
|
||
|
|
'
|