pgpkeys.h

vc环境下的pgp源码

/*____________________________________________________________________________
	pgpKeys.h
	
	Copyright(C) 1996,1997 Network Associates Inc. and affiliated companies.
	All rights reserved.
	
	Public definitions for PGP KeyDB Library

	$Id: pgpKeys.h,v 1.132 1999/05/18 19:38:45 heller Exp $
____________________________________________________________________________*/
#ifndef Included_pgpKeys_h	/* [ */
#define Included_pgpKeys_h



#include "pgpPubTypes.h"
#include "pgpHash.h"
#include "pgpOptionList.h"



/* Key ordering */
enum PGPKeyOrdering_
{
	kPGPInvalidOrdering					= 0,
	kPGPAnyOrdering 					= 1,
	kPGPUserIDOrdering					= 2,
	kPGPReverseUserIDOrdering			= 3,
	kPGPKeyIDOrdering					= 4,
	kPGPReverseKeyIDOrdering			= 5,
	kPGPValidityOrdering				= 6,
	kPGPReverseValidityOrdering			= 7,
	kPGPTrustOrdering					= 8,
	kPGPReverseTrustOrdering			= 9,
	kPGPEncryptKeySizeOrdering			= 10,
	kPGPReverseEncryptKeySizeOrdering	= 11,
	kPGPSigKeySizeOrdering				= 12,
	kPGPReverseSigKeySizeOrdering		= 13,
	kPGPCreationOrdering				= 14,
	kPGPReverseCreationOrdering			= 15,
	kPGPExpirationOrdering				= 16,
	kPGPReverseExpirationOrdering		= 17,
	
	PGP_ENUM_FORCE( PGPKeyOrdering_ )
} ;
PGPENUM_TYPEDEF( PGPKeyOrdering_, PGPKeyOrdering );



/* Key properties */

enum PGPKeyPropName_
{	
/* String properties */
	kPGPKeyPropFingerprint				= 1,
	kPGPKeyPropPreferredAlgorithms		= 2,
	kPGPKeyPropThirdPartyRevocationKeyID= 3,
	kPGPKeyPropKeyData					= 4,
	kPGPKeyPropX509MD5Hash				= 5,
	
	/* Number properties */
	kPGPKeyPropAlgID 					= 20,
	kPGPKeyPropBits						= 21,	
	kPGPKeyPropTrust					= 22,	/* old trust model only */
	kPGPKeyPropValidity					= 23,	/* both trust models */
	kPGPKeyPropLockingAlgID				= 24,
	kPGPKeyPropLockingBits				= 25,
	kPGPKeyPropFlags					= 26,

	/* Time properties */
	kPGPKeyPropCreation 				= 40,
	kPGPKeyPropExpiration				= 41,
	kPGPKeyPropCRLThisUpdate			= 42,
	kPGPKeyPropCRLNextUpdate			= 43,

	/* PGPBoolean properties */
	kPGPKeyPropIsSecret 				= 60,
	kPGPKeyPropIsAxiomatic				= 61,
	kPGPKeyPropIsRevoked				= 62,
	kPGPKeyPropIsDisabled				= 63,
	kPGPKeyPropIsNotCorrupt				= 64,
	kPGPKeyPropIsExpired				= 65,
	kPGPKeyPropNeedsPassphrase			= 66,
	kPGPKeyPropHasUnverifiedRevocation	= 67,
	kPGPKeyPropCanEncrypt				= 68,
	kPGPKeyPropCanDecrypt				= 69,
	kPGPKeyPropCanSign					= 70,
	kPGPKeyPropCanVerify				= 71,
	kPGPKeyPropIsEncryptionKey			= 72,
	kPGPKeyPropIsSigningKey				= 73,
	kPGPKeyPropIsSecretShared			= 74,
	kPGPKeyPropIsRevocable				= 75,
	kPGPKeyPropHasThirdPartyRevocation	= 76,
	kPGPKeyPropHasCRL					= 77,
	
	PGP_ENUM_FORCE( PGPKeyPropName_ )
} ;
PGPENUM_TYPEDEF( PGPKeyPropName_, PGPKeyPropName );


/* kPGPKeyPropFlags bits */
enum	/* PGPKeyPropFlags */
{
	kPGPKeyPropFlags_UsageSignUserIDs			= (1UL << 0 ),
	kPGPKeyPropFlags_UsageSignMessages			= (1UL << 1 ),
	kPGPKeyPropFlags_UsageEncryptCommunications	= (1UL << 2 ),
	kPGPKeyPropFlags_UsageEncryptStorage		= (1UL << 3 ),

	kPGPKeyPropFlags_PrivateSplit				= (1UL << 4 ),
	kPGPKeyPropFlags_PrivateShared				= (1UL << 7 )
} ;
typedef PGPFlags		PGPKeyPropFlags;



/* User ID properties */

enum PGPUserIDPropName_
{	
	/* String properties */
	kPGPUserIDPropName 					= 80,
	kPGPUserIDPropAttributeData			= 81,
	kPGPUserIDPropCommonName			= 82,
	kPGPUserIDPropEmailAddress			= 83,
	
	/* Number properties */
	kPGPUserIDPropValidity 				= 100,	/* both trust models */
	kPGPUserIDPropConfidence			= 101,	/* new trust model only */
	kPGPUserIDPropAttributeType			= 102,

	/* Time properties */

	/* PGPBoolean properties */
	kPGPUserIDPropIsAttribute			= 110,
	
	PGP_ENUM_FORCE( PGPUserIDPropName_ )
} ;
PGPENUM_TYPEDEF( PGPUserIDPropName_, PGPUserIDPropName );

/* Signature properties */

enum PGPSigPropName_
{
	/* String properties */
	kPGPSigPropKeyID 					= 120,
	kPGPSigPropX509Certificate			= 121,
	kPGPSigPropX509IASN					= 122,
	kPGPSigPropX509LongName				= 123,
	kPGPSigPropX509IssuerLongName		= 124,
	kPGPSigPropX509DNSName				= 125,
	kPGPSigPropX509IPAddress			= 126,
	kPGPSigPropX509DERDName				= 127,
	
	/* Number properties */
	kPGPSigPropAlgID 					= 140,
	kPGPSigPropTrustLevel				= 141,
	kPGPSigPropTrustValue				= 142,
	
	/* Time properties */
	kPGPSigPropCreation 				= 160,
	kPGPSigPropExpiration				= 161,
	
	/* PGPBoolean properties */
	kPGPSigPropIsRevoked 				= 180,
	kPGPSigPropIsNotCorrupt				= 181,
	kPGPSigPropIsTried					= 182,
	kPGPSigPropIsVerified				= 183,
	kPGPSigPropIsMySig					= 184,
	kPGPSigPropIsExportable				= 185,
	kPGPSigPropHasUnverifiedRevocation	= 186,
	kPGPSigPropIsExpired				= 187,
	kPGPSigPropIsX509					= 188,
	
	PGP_ENUM_FORCE( PGPSigPropName_ )
} ;
PGPENUM_TYPEDEF( PGPSigPropName_, PGPSigPropName );
/*
 * Note on kPGPSigPropIsMySig.  This is a convenience property for
 * determining whether the certification was made by one of the
 * caller's own private keys.  This can only return true if the
 * signing key is in the same base keyset as the certification. If the
 * signing key is( suspected to be) in a different base keyset, call
 * PGPGetSigCertifierKey( certset, signerset, &key) followed by
 * PGPGetKeyBoolean( key, kPGPKeyPropIsSecret, &secret).
 */


/* Attribute types, for use with kPGPUserIDPropAttributeType */
enum PGPAttributeType_
{
	kPGPAttribute_Image						= 1,
	kPGPAttribute_IPAddress					= 10,
	kPGPAttribute_DNSName					= 11,
	kPGPAttribute_Notation					= 20,

	PGP_ENUM_FORCE( PGPAttributeType_ )
} ;
PGPENUM_TYPEDEF( PGPAttributeType_, PGPAttributeType );


enum	/* PGPKeyRingOpenFlags */
{
	kPGPKeyRingOpenFlags_None				= 0,
	kPGPKeyRingOpenFlags_Reserved			= (1UL << 0 ),
	kPGPKeyRingOpenFlags_Mutable			= (1UL << 1 ),
	kPGPKeyRingOpenFlags_Create				= (1UL << 2 ),

	/* The following flags are only used by PGPOpenKeyRing */
	kPGPKeyRingOpenFlags_Private			= (1UL << 8 ),
	kPGPKeyRingOpenFlags_Trusted			= (1UL << 9 )
} ;
typedef PGPFlags		PGPKeyRingOpenFlags;

/*
 * Used by filtering functions to specify type of match.
 */

enum PGPMatchCriterion_
{
	kPGPMatchDefault = 1,
	kPGPMatchEqual = 1,			 /* searched val == supplied val */
	kPGPMatchGreaterOrEqual = 2, /* searched val >= supplied val */
	kPGPMatchLessOrEqual = 3, /* searched val <= supplied val */
	kPGPMatchSubString = 4,	 /* searched val is contained in supplied val */

	PGP_ENUM_FORCE( PGPMatchCriterion_ )
} ;
PGPENUM_TYPEDEF( PGPMatchCriterion_, PGPMatchCriterion );


/* This is the value of the expiration time which means "never expires" */
#define kPGPExpirationTime_Never	( (PGPTime)0 )

/* Secret sharing header size */
#define kPGPShareHeaderSize		4

/* Public entry points */

PGP_BEGIN_C_DECLARATIONS
#if PRAGMA_IMPORT_SUPPORTED
#pragma import on
#endif


/* Functions for setting up key filters. */

PGPError 		PGPIncFilterRefCount ( PGPFilterRef filter );

PGPError 		PGPFreeFilter ( PGPFilterRef filter );

PGPError 		PGPNewKeyIDFilter( PGPContextRef context, 
						PGPKeyID const * keyID, PGPFilterRef *outFilter);

PGPError		PGPNewSubKeyIDFilter( PGPContextRef		context,
						PGPKeyID const *	subKeyID,  
						PGPFilterRef *		outFilter);

PGPError 		PGPNewKeyEncryptAlgorithmFilter( PGPContextRef context, 
						PGPPublicKeyAlgorithm encryptAlgorithm,
						PGPFilterRef *outFilter );

PGPError 		PGPNewKeyFingerPrintFilter( PGPContextRef context, 
						void const *fingerPrint, 
						PGPSize fingerPrintLength, PGPFilterRef *outFilter );

PGPError 		PGPNewKeyCreationTimeFilter( PGPContextRef context, 
						PGPTime creationTime, PGPMatchCriterion match, 
						PGPFilterRef *outFilter );

PGPError 		PGPNewKeyExpirationTimeFilter( PGPContextRef context, 
						PGPTime expirationTime, 
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewKeyRevokedFilter( PGPContextRef context,
						PGPBoolean revoked, PGPFilterRef *outFilter );

PGPError		PGPNewKeyDisabledFilter( PGPContextRef context, 
						PGPBoolean			disabled, 
						PGPFilterRef *		outFilter);

PGPError 		PGPNewKeySigAlgorithmFilter( PGPContextRef context,
						PGPPublicKeyAlgorithm sigAlgorithm, 
						PGPFilterRef *outFilter );

PGPError 		PGPNewKeyEncryptKeySizeFilter( PGPContextRef context,
						PGPUInt32 keySize, PGPMatchCriterion match,
						PGPFilterRef *outFilter );

PGPError 		PGPNewKeySigKeySizeFilter( PGPContextRef context,
						PGPUInt32 keySize, PGPMatchCriterion match,
						PGPFilterRef *outFilter );

PGPError		PGPNewUserIDStringFilter( PGPContextRef context,
						char const *		userIDString, 
						PGPMatchCriterion	match,
						PGPFilterRef *		outFilter);

PGPError 		PGPNewUserIDEmailFilter( PGPContextRef context,
						char const *		emailString, 
						PGPMatchCriterion	match,
						PGPFilterRef *		outFilter);

PGPError 		PGPNewUserIDNameFilter( PGPContextRef context,
						char const *		nameString, 
						PGPMatchCriterion	match,
						PGPFilterRef *		outFilter);

PGPError 		PGPNewSigKeyIDFilter( PGPContextRef context,
						PGPKeyID const * keyID,
						PGPFilterRef *outFilter );

PGPError 		PGPNewKeyBooleanFilter( PGPContextRef context,
						PGPKeyPropName property, PGPBoolean match,
						PGPFilterRef *outFilter );

PGPError 		PGPNewKeyNumberFilter( PGPContextRef context,
						PGPKeyPropName property, PGPUInt32 value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewKeyTimeFilter( PGPContextRef context,
						PGPKeyPropName property, PGPTime value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewKeyPropertyBufferFilter( PGPContextRef context,
						PGPKeyPropName property, void *buffer, PGPSize length,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewSubKeyBooleanFilter( PGPContextRef context,
						PGPKeyPropName property, PGPBoolean match,
						PGPFilterRef *outFilter );

PGPError 		PGPNewSubKeyNumberFilter( PGPContextRef context,
						PGPKeyPropName property, PGPUInt32 value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewSubKeyTimeFilter( PGPContextRef context,
						PGPKeyPropName property, PGPTime value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewSubKeyPropertyBufferFilter( PGPContextRef context,
						PGPKeyPropName property, void *buffer, PGPSize length,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewUserIDBooleanFilter( PGPContextRef context,
						PGPUserIDPropName property, PGPBoolean match,
						PGPFilterRef *outFilter );

PGPError 		PGPNewUserIDNumberFilter( PGPContextRef context,
						PGPUserIDPropName property, PGPUInt32 value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewUserIDStringBufferFilter( PGPContextRef context,
						PGPUserIDPropName property,
						void *buffer, PGPSize length,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewSigBooleanFilter( PGPContextRef context,
						PGPSigPropName property, PGPBoolean match,
						PGPFilterRef *outFilter );

PGPError 		PGPNewSigNumberFilter( PGPContextRef context,
						PGPSigPropName property, PGPUInt32 value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewSigTimeFilter( PGPContextRef context,
						PGPSigPropName property, PGPTime value,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

PGPError 		PGPNewSigPropertyBufferFilter( PGPContextRef context,
						PGPSigPropName property, void *buffer, PGPSize length,
						PGPMatchCriterion match, PGPFilterRef *outFilter );

/* freeing outfilter will call PGPFreeFilter on filter */
PGPError 		PGPNegateFilter( PGPFilterRef filter,
						PGPFilterRef *outFilter);

/* freeing outfilter will call PGPFreeFilter on filter1, filter2 */
PGPError 		PGPIntersectFilters( PGPFilterRef filter1,
						PGPFilterRef filter2, PGPFilterRef *outFilter);

/* freeing outfilter will call PGPFreeFilter on filter1, filter2 */
PGPError 		PGPUnionFilters( PGPFilterRef filter1,
						PGPFilterRef filter2, PGPFilterRef *outFilter);


PGPError 		PGPFilterKeySet( PGPKeySetRef origSet,
						PGPFilterRef filter, PGPKeySetRef *resultSet);


/* Keyserver filter functions */

PGPError 		PGPLDAPQueryFromFilter( PGPFilterRef filter,
						char **queryOut );

PGPError 		PGPHKSQueryFromFilter( PGPFilterRef	filter,
						char **queryOut );
						
PGPError		PGPNetToolsCAHTTPQueryFromFilter( PGPFilterRef filter,
						char **queryOut );

/* KeySet manipulations */


/* Creates a new memory-based KeyDB and returns its root set */
PGPError  		PGPNewKeySet(PGPContextRef context, PGPKeySetRef *keySet);


/* Used for building arbitrary subsets of an existing KeyDB */
PGPError  		PGPNewEmptyKeySet(PGPKeySetRef origSet, PGPKeySetRef *newSet);
PGPError  		PGPNewSingletonKeySet(PGPKeyRef key, PGPKeySetRef *keySet);
PGPError		PGPUnionKeySets(PGPKeySetRef set1, PGPKeySetRef set2,
								PGPKeySetRef *newSet);

PGPError  		PGPOpenDefaultKeyRings( PGPContextRef context,
						PGPKeyRingOpenFlags openFlags, PGPKeySetRef *keySet);

PGPError  		PGPOpenKeyRingPair( PGPContextRef context,
						PGPKeyRingOpenFlags openFlags, 
						PGPFileSpecRef pubFileRef, PGPFileSpecRef secFileRef,
						PGPKeySetRef *keySet);

PGPError  		PGPOpenKeyRing (PGPContextRef context,
						PGPKeyRingOpenFlags openFlags, PGPFileSpecRef fileRef,
						PGPKeySetRef *keySet);

PGPError 		PGPCommitKeyRingChanges (PGPKeySetRef keys);

PGPError 		PGPPropagateTrust (PGPKeySetRef keys);

PGPError 		PGPRevertKeyRingChanges (PGPKeySetRef keys);

PGPError 		PGPCheckKeyRingSigs (PGPKeySetRef keysToCheck,
						PGPKeySetRef keysSigning, PGPBoolean checkAll,
						PGPEventHandlerProcPtr eventHandler,
						PGPUserValue eventHandlerData);

PGPError 		PGPReloadKeyRings (PGPKeySetRef keys);

PGPError 		PGPGetKeyByKeyID (PGPKeySetRef keys,
						PGPKeyID const * keyID,