diff options
Diffstat (limited to 'mutt-gpg-time-check')
-rwxr-xr-x | mutt-gpg-time-check | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/mutt-gpg-time-check b/mutt-gpg-time-check new file mode 100755 index 0000000..4203ef2 --- /dev/null +++ b/mutt-gpg-time-check @@ -0,0 +1,52 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +use Date::Parse; + +my $gpg_verification_line_distance = 0; + +while (<STDIN>) { + my $in_header = 1 .. /^$/; + my $in_body = /^$/ .. eof; + + if ($in_header) { + print $_; + } else { + print; + $gpg_verification_line_distance++; + if (m/PGP output follows \(current time: (?<time>[^(]+)\)/) { + my $timestamp = str2time($+{time}); + if (abs(time() - $timestamp) > 2) { + print "WARNING: GPG signature verification time is different from current time\n"; + print "WARNING: The signature may be a fake!\n"; + } else { + $gpg_verification_line_distance = 0; + } + } + + if (m/^gpg: Signature made .*/) { + if ($gpg_verification_line_distance != 1) { + print "WARNING: GPG signature without valid verification timestamp!\n"; + print "WARNING: The signature may be a fake!\n"; + } + } + + if (m/^gpg:\s+issuer ".*"$/) { + if ($gpg_verification_line_distance == 3) { + $gpg_verification_line_distance--; + } + } + + if (m/^gpg: Good signature from .*/) { + if ($gpg_verification_line_distance != 3) { + print "WARNING: GPG signature without valid verification timestamp!\n"; + print "WARNING: The signature may be a fake!\n"; + } + } + + } +} + +# vim:set ft=perl: |