summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2018-10-05 00:22:28 +0200
committerFlorian Pritz <bluewind@xinu.at>2018-10-05 00:22:28 +0200
commit58443e7cbeef7e7db2533c90f50e6c95140b6d52 (patch)
tree29b2b46cb118763cb4b8bac892f6eb6b2885f202
parent022f22e140977ad83d017a30744201f34089162a (diff)
downloadbin-58443e7cbeef7e7db2533c90f50e6c95140b6d52.tar.gz
bin-58443e7cbeef7e7db2533c90f50e6c95140b6d52.tar.xz
Add mutt-gpg-time-check
Signed-off-by: Florian Pritz <bluewind@xinu.at>
-rwxr-xr-xmutt-gpg-time-check52
1 files changed, 52 insertions, 0 deletions
diff --git a/mutt-gpg-time-check b/mutt-gpg-time-check
new file mode 100755
index 0000000..4203ef2
--- /dev/null
+++ b/mutt-gpg-time-check
@@ -0,0 +1,52 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use Date::Parse;
+
+my $gpg_verification_line_distance = 0;
+
+while (<STDIN>) {
+ my $in_header = 1 .. /^$/;
+ my $in_body = /^$/ .. eof;
+
+ if ($in_header) {
+ print $_;
+ } else {
+ print;
+ $gpg_verification_line_distance++;
+ if (m/PGP output follows \(current time: (?<time>[^(]+)\)/) {
+ my $timestamp = str2time($+{time});
+ if (abs(time() - $timestamp) > 2) {
+ print "WARNING: GPG signature verification time is different from current time\n";
+ print "WARNING: The signature may be a fake!\n";
+ } else {
+ $gpg_verification_line_distance = 0;
+ }
+ }
+
+ if (m/^gpg: Signature made .*/) {
+ if ($gpg_verification_line_distance != 1) {
+ print "WARNING: GPG signature without valid verification timestamp!\n";
+ print "WARNING: The signature may be a fake!\n";
+ }
+ }
+
+ if (m/^gpg:\s+issuer ".*"$/) {
+ if ($gpg_verification_line_distance == 3) {
+ $gpg_verification_line_distance--;
+ }
+ }
+
+ if (m/^gpg: Good signature from .*/) {
+ if ($gpg_verification_line_distance != 3) {
+ print "WARNING: GPG signature without valid verification timestamp!\n";
+ print "WARNING: The signature may be a fake!\n";
+ }
+ }
+
+ }
+}
+
+# vim:set ft=perl: