Add mutt-gpg-time-check

Signed-off-by: Florian Pritz <bluewind@xinu.at>

1 files changed, 52 insertions, 0 deletions

diff --git a/mutt-gpg-time-check b/mutt-gpg-time-check
new file mode 100755
index 0000000..4203ef2
--- /dev/null
+++ b/mutt-gpg-time-check
@@ -0,0 +1,52 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use Date::Parse;
+
+my $gpg_verification_line_distance = 0;
+
+while (<STDIN>) {
+	my $in_header =   1  .. /^$/;
+	my $in_body   = /^$/ .. eof;
+
+	if ($in_header) {
+		print $_;
+	} else {
+		print;
+		$gpg_verification_line_distance++;
+		if (m/PGP output follows \(current time: (?<time>[^(]+)\)/) {
+			my $timestamp = str2time($+{time});
+			if (abs(time() - $timestamp) > 2) {
+				print "WARNING: GPG signature verification time is different from current time\n";
+				print "WARNING: The signature may be a fake!\n";
+			} else {
+				$gpg_verification_line_distance = 0;
+			}
+		}
+
+		if (m/^gpg: Signature made .*/) {
+			if ($gpg_verification_line_distance != 1) {
+				print "WARNING: GPG signature without valid verification timestamp!\n";
+				print "WARNING: The signature may be a fake!\n";
+			}
+		}
+
+		if (m/^gpg:\s+issuer ".*"$/) {
+			if ($gpg_verification_line_distance == 3) {
+				$gpg_verification_line_distance--;
+			}
+		}
+
+		if (m/^gpg: Good signature from .*/) {
+			if ($gpg_verification_line_distance != 3) {
+				print "WARNING: GPG signature without valid verification timestamp!\n";
+				print "WARNING: The signature may be a fake!\n";
+			}
+		}
+
+	}
+}
+
+# vim:set ft=perl: