exposed un-verified PGP signatures on GXS ids in GUI. Added auto-ban of GXS ids signed by a PGP ids that has already signed a large enough set of GXS ids. Still needs some GUI to change the threshold.

libretroshare/src/pgp/pgpauxutils.cc

@@ -66,6 +66,11 @@ bool PgpAuxUtilsImpl::getGPGAllList(std::list<RsPgpId> &ids)
 	return AuthGPG::getAuthGPG()->getGPGAllList(ids);
 }
 
+bool PgpAuxUtilsImpl::parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const 
+{
+	return AuthGPG::getAuthGPG()->parseSignature(sign,signlen,issuer);
+}
+
 bool PgpAuxUtilsImpl::askForDeferredSelfSignature(const void *data, 
 		const uint32_t len, 
 		unsigned char *sign, 

libretroshare/src/pgp/pgpauxutils.h

@@ -41,10 +41,9 @@ class PgpAuxUtils
 	virtual bool getGPGAllList(std::list<RsPgpId> &ids) = 0;
 	virtual	bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const = 0;
 
+	virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const =0;
 	virtual bool VerifySignBin(const void *data, uint32_t len, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint) = 0;
 	virtual bool askForDeferredSelfSignature(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen,int& signature_result ) = 0;
-
-
 };
 
 class PgpAuxUtilsImpl: public PgpAuxUtils
@@ -55,6 +54,7 @@ public:
 	virtual const RsPgpId &getPGPOwnId();
 	virtual RsPgpId getPGPId(const RsPeerId& sslid);
 
+	virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const ;
 	virtual	bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const;
 	virtual bool VerifySignBin(const void *data, uint32_t len, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint);
 	virtual bool getGPGAllList(std::list<RsPgpId> &ids);

libretroshare/src/pgp/pgphandler.cc

@@ -1692,6 +1692,24 @@ bool PGPHandler::mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src)
 	return to_add.size() > 0 ;
 }
 
+bool PGPHandler::parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) 
+{
+    uint64_t issuer ;
+    
+    if(!PGPKeyManagement::parseSignature(sign,signlen,issuer))
+        return false ;
+    
+    unsigned char bytes[8] ;
+    for(int i=0;i<8;++i)
+    {
+        bytes[7-i] = issuer & 0xff ;
+        issuer >>= 8 ;
+    }
+    issuer_id = RsPgpId(bytes) ;
+    
+    return true ;     
+}
+
 bool PGPHandler::privateTrustCertificate(const RsPgpId& id,int trustlvl)
 {
 	if(trustlvl < 0 || trustlvl >= 6 || trustlvl == 1)

libretroshare/src/pgp/pgphandler.h

@@ -74,7 +74,7 @@ class PGPHandler
 		bool haveSecretKey(const RsPgpId& id) const ;
 
 		bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_id,std::string& import_error) ;
-        bool importGPGKeyPairFromString(const std::string& data,RsPgpId& imported_id,std::string& import_error) ;
+		bool importGPGKeyPairFromString(const std::string& data,RsPgpId& imported_id,std::string& import_error) ;
 		bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_id) const ;
 
 		bool availableGPGCertificatesWithPrivateKeys(std::list<RsPgpId>& ids);
@@ -85,6 +85,7 @@ class PGPHandler
 		std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const ;
 		bool exportPublicKey(const RsPgpId& id,unsigned char *& mem,size_t& mem_size,bool armoured,bool include_signatures) const ;
 
+        	bool parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) ;
 		bool SignDataBin(const RsPgpId& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen,bool make_raw_signature=false) ;
 		bool VerifySignBin(const void *data, uint32_t data_len, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& withfingerprint) ;
 		bool privateSignCertificate(const RsPgpId& own_id,const RsPgpId& id_of_key_to_sign) ;
@@ -110,7 +111,7 @@ class PGPHandler
 		// Removes the given keys from the keyring. Also backup the keyring to a file which name is automatically generated
 		// and given pack for proper display.
 		//
-        bool removeKeysFromPGPKeyring(const std::set<RsPgpId>& key_ids,std::string& backup_file,uint32_t& error_code) ;
+		bool removeKeysFromPGPKeyring(const std::set<RsPgpId>& key_ids,std::string& backup_file,uint32_t& error_code) ;
 
 		//bool isKeySupported(const RsPgpId& id) const ;
 

libretroshare/src/pgp/pgpkeyutil.cc

@@ -157,7 +157,75 @@ uint32_t PGPKeyManagement::compute24bitsCRC(unsigned char *octets, size_t len)
 				crc ^= PGP_CRC24_POLY;
 		}
 	}
-	return crc & 0xFFFFFFL;
+    return crc & 0xFFFFFFL;
+}
+
+bool PGPKeyManagement::parseSignature(const unsigned char *signature, size_t sign_len, uint64_t& issuer)
+{
+    unsigned char *data = (unsigned char *)signature ;
+
+#ifdef DEBUG_PGPUTIL
+    std::cerr << "Total size: " << len << std::endl;
+#endif
+
+    uint8_t packet_tag;
+    uint32_t packet_length ;
+
+    PGPKeyParser::read_packetHeader(data,packet_tag,packet_length) ;
+    
+    std::cerr << "Packet tag : " << (int)packet_tag << ", length=" << packet_length << std::endl;
+    
+    // 2 - parse key data, only keep public key data, user id and self-signature.
+
+    bool issuer_found=false ;
+    
+    if(sign_len < 12)	// conservative check to allow the explicit reads below, until header of first sub-packet
+        return false ;
+    
+    unsigned char signature_type = data[0] ;
+    
+    if(signature_type != 4)
+        return false ;
+    
+    data += 1 ;	// skip version number 
+    data += 1 ;	// skip signature type
+    data += 1 ;	// skip public key algorithm
+    data += 1 ;	// skip hash algorithm
+
+    uint32_t hashed_size = 256u*data[0] + data[1] ;
+    data += 2 ;
+    
+    // now read hashed sub-packets
+    
+    uint8_t *start_hashed_data = data ;
+   
+    while(true) 
+    {
+	    int subpacket_size = PGPKeyParser::read_125Size(data) ; // following RFC4880
+	    uint8_t subpacket_type = data[0] ; data+=1 ;
+
+#ifdef DEBUG_PGPUTIL
+	    std::cerr << "  SubPacket tag: " << (int)subpacket_type << std::endl;
+	    std::cerr << "  SubPacket length: " << subpacket_size << std::endl;
+#endif
+
+	    if(subpacket_type == PGPKeyParser::PGP_PACKET_TAG_ISSUER && subpacket_size == 9)
+	    {
+		    issuer_found = true ;
+		    issuer = PGPKeyParser::read_KeyID(data) ;
+	    }
+	    else
+		    data += subpacket_size-1 ;	// we remove the size of subpacket type
+
+	    if(issuer_found)
+		    break ;
+
+	    if( (uint64_t)data - (uint64_t)start_hashed_data >= hashed_size )
+		    break ;
+    }
+    // non hashed sub-packets are ignored for now. 
+    
+    return issuer_found ;
 }
 
 uint64_t PGPKeyParser::read_KeyID(unsigned char *& data)

libretroshare/src/pgp/pgpkeyutil.h

@@ -65,6 +65,8 @@ class PGPKeyManagement
 		// Computes the 24 bits CRC checksum necessary to all PGP data.
 		// 
 		static uint32_t compute24bitsCRC(unsigned char *data,size_t len) ;
+        
+        	static bool parseSignature(const unsigned char *signature, size_t sign_len, uint64_t &issuer) ;
 };
 
 // This class handles the parsing of PGP packet headers under various (old and new) formats.
@@ -75,6 +77,7 @@ class PGPKeyParser
 		static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY  =  6 ;
 		static const uint8_t PGP_PACKET_TAG_USER_ID     = 13 ;
 		static const uint8_t PGP_PACKET_TAG_SIGNATURE   =  2 ;
+		static const uint8_t PGP_PACKET_TAG_ISSUER      = 16 ;
 
 		// These functions read and move the data pointer to the next byte after the read section.
 		//