From 0f12af8aa1021c8240c0e9b52a16dd689d421170 Mon Sep 17 00:00:00 2001
From: Luca Saiu <positron@pep.foundation>
Date: Wed, 16 Aug 2023 16:44:49 +0200
Subject: [PATCH] WIP positron-check-signature

---
 src/pEp/_pEp/message.cc   | 9 +++++++++
 src/pEp/_pEp/message.hh   | 2 ++
 src/pEp/_pEp/pEpmodule.cc | 7 +++++++
 3 files changed, 18 insertions(+)

diff --git a/src/pEp/_pEp/message.cc b/src/pEp/_pEp/message.cc
index 2a83225..584fd17 100644
--- a/src/pEp/_pEp/message.cc
+++ b/src/pEp/_pEp/message.cc
@@ -344,6 +344,15 @@ namespace pEp {
             msg_c->recv_by = new_recv_by_copy_c;
         }
 
+        void Message::check_signature()
+        {
+            ::message *msg_c = _msg.get();
+            PEP_STATUS status = ::check_message_signature(Adapter::session(), msg_c);
+            if (status == PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH)
+                throw runtime_error("signature mismatch");
+            _throw_status(status);
+        }
+
         Message Message::encrypt()
         {
             boost::python::list extra;
diff --git a/src/pEp/_pEp/message.hh b/src/pEp/_pEp/message.hh
index ed82103..dd526d8 100644
--- a/src/pEp/_pEp/message.hh
+++ b/src/pEp/_pEp/message.hh
@@ -305,6 +305,8 @@ namespace pEp {
 
             void set_recv_by(Identity &new_recv_by);
 
+            void check_signature();
+
             Message encrypt();
 
             Message _encrypt(boost::python::list extra, int enc_format = 4, int flags = 0);
diff --git a/src/pEp/_pEp/pEpmodule.cc b/src/pEp/_pEp/pEpmodule.cc
index 53bbb5d..d4845dd 100644
--- a/src/pEp/_pEp/pEpmodule.cc
+++ b/src/pEp/_pEp/pEpmodule.cc
@@ -559,6 +559,13 @@ namespace pEp {
                                           "field with the given own identity.\n"
                                           "\n"
                                           "   identity       an own identity, on which myself has been called already\n")
+                                     .def("check_signature", &Message::check_signature,
+                                          "msg.check_signature()\n"
+                                          "\n"
+                                          "Fail if the signature in the decrypted message does not match.  Do nothing on\n"
+                                          "success.\n"
+                                          "\n"
+                                          "   msg            a message, already decrypted, at least reliable\n")
                                      .def("encrypt", (Message(Message::*)()) & Message::encrypt)
                                      .def(
                                          "encrypt",