📄 pkgenwiz.c
字号:
/*____________________________________________________________________________
Copyright (C) 1998 Network Associates, Inc.
All rights reserved
PKgenwiz.c - handle wizard for creating new keys
$Id: PKgenwiz.c,v 1.117 1999/05/14 13:37:53 pbj Exp $
____________________________________________________________________________*/
#include "pgpPFLConfig.h"
// project header files
#include "pgpkeysx.h"
// pgp header files
#include "pgpRandomPool.h"
#include "pgpUserInterface.h"
// system header files
#include <process.h>
// constant definitions
#define MAX_FULL_NAME_LEN 126
#define MAX_EMAIL_LEN 126
#define BADPHRASE_LENGTH 0x01
#define BADPHRASE_QUALITY 0x02
#define BADPHRASE_CONFIRMATION 0x04
#define MIN_KEY_SIZE 1024
#define MAX_RSA_KEY_SIZE 2048
#define MAX_DSA_KEY_SIZE 4096
#define DEFAULT_MINPHRASELEN 8
#define DEFAULT_MINPHRASEQUAL 60
#define DEFAULT_KEYSIZE 2048
#define DEFAULT_SUBKEYSIZE 1024
#define DEFAULT_KEYTYPE kPGPPublicKeyAlgorithm_DSA
#define PROGRESS_TIMER 2345L
#define LEDTIMERPERIOD 100L
#define NUMLEDS 10
#define LEDSPACING 2
#define AVI_RUNTIME 11000L // duration of AVI in ms
#define KGWIZ_INTRO 0
#define KGWIZ_NAME 1
#define KGWIZ_TYPE 2
#define KGWIZ_SIZE 3
#define KGWIZ_EXPIRE 4
#define KGWIZ_ADK 5
#define KGWIZ_CORPCERT 6
#define KGWIZ_REVOKER 7
#define KGWIZ_PHRASE 8
#define KGWIZ_BADPHRASE 9
#define KGWIZ_ENTROPY 10
#define KGWIZ_KEYGEN 11
#define KGWIZ_SIGN 12
#define KGWIZ_PRESEND 13
#define KGWIZ_SEND 14
#define KGWIZ_CERTREQ 15
#define KGWIZ_DONE 16
#define NUM_WIZ_PAGES 17
// external globals
extern HINSTANCE g_hInst;
extern PGPContextRef g_Context;
extern PGPtlsContextRef g_TLSContext;
extern CHAR g_szHelpFile[MAX_PATH]; // name of help file
// local globals
static HHOOK hhookKeyboard;
static HHOOK hhookJournalRecord;
static HHOOK hhookCBT;
static HHOOK hhookGetMessage;
static HHOOK hhookMsgFilter;
static HHOOK hhookSysMsgFilter;
static HWND hWndCollectEntropy = NULL;
static WNDPROC wpOrigPhrase1Proc;
static WNDPROC wpOrigPhrase2Proc;
static BOOL bHideTyping = TRUE;
static LPSTR szPhrase1 = NULL;
static LPSTR szPhrase2 = NULL;
static LONG lPhrase1Len = 0;
static LONG lPhrase2Len = 0;
static PGPKeySetRef KeySetMain;
// typedefs
typedef struct _KeyGenInfo
{
PGPContextRef Context;
PGPtlsContextRef tlsContext;
PGPPrefRef PrefRefAdmin;
PGPPrefRef PrefRefClient;
HWND hWndWiz;
HBITMAP hBitmap;
HPALETTE hPalette;
LPSTR pszFullName;
LPSTR pszEmail;
LPSTR pszUserID;
LPSTR pszPassPhrase;
PGPKeyRef ADK;
BOOL bEnforceADK;
PGPKeyRef CorpKey;
BOOL bMetaCorpKey;
PGPKeyRef RevokerKey;
BOOL bMinPhraseQuality;
INT iMinPhraseQuality;
BOOL bMinPhraseLength;
INT iMinPhraseLength;
BOOL bAllowRSAGen;
UINT uMinKeySize;
UINT uPhraseFlags;
UINT uKeyType;
UINT uKeySize;
UINT uSubKeySize;
UINT uExpireDays;
HWND hwndExpirationDate;
LONG lRandomBitsNeeded;
LONG lOriginalEntropy;
PGPKeyRef Key;
PGPKeyRef OldKey;
BOOL bFinishSelected;
BOOL bCancelPending;
BOOL bInGeneration;
UINT uWorkingPhase;
BOOL bDoSend;
BOOL bDoCertRequest;
BOOL bSendInProgress;
INT iStatusValue;
INT iStatusDirection;
BOOL bSendComplete;
INT iFinalResult;
} KEYGENINFO, *PKEYGENINFO;
// ____________________________________
//
// Secure memory allocation routines
//
static VOID*
secAlloc (UINT uBytes)
{
return (PGPNewSecureData (
PGPGetContextMemoryMgr (g_Context),
uBytes, 0));
}
static VOID
secFree (VOID* p)
{
if (p)
{
FillMemory (p, lstrlen (p), '\0');
PGPFreeData (p);
}
}
// ____________________________________
//
// Hook procedure for WH_KEYBOARD hook
static LRESULT CALLBACK
sWizKeyboardHookProc (
INT iCode,
WPARAM wParam,
LPARAM lParam)
{
if (hWndCollectEntropy)
{
PGPGlobalRandomPoolAddKeystroke (wParam);
PostMessage (hWndCollectEntropy, WM_MOUSEMOVE, 0, 0);
return 1;
}
return 0;
}
// ____________________________________
//
// Hook procedure for various hooks -- used to prevent
// passing the hook info on to next hook procedure
static LRESULT CALLBACK
sWizGenericHookProc (
INT iCode,
WPARAM wParam,
LPARAM lParam)
{
return 0;
}
// ____________________________________
//
// set all the message hooks
static VOID
sInstallWindowsHooks (VOID)
{
DWORD dwThreadID;
dwThreadID = GetCurrentThreadId ();
// keyboard hook is to trap entropy
hhookKeyboard = SetWindowsHookEx (WH_KEYBOARD,
sWizKeyboardHookProc, NULL, dwThreadID);
// others are just to prevent messages from going to sniffer hooks
hhookJournalRecord = SetWindowsHookEx (WH_JOURNALRECORD,
sWizGenericHookProc, NULL, dwThreadID);
hhookCBT = SetWindowsHookEx (WH_CBT,
sWizGenericHookProc, NULL, dwThreadID);
hhookGetMessage = SetWindowsHookEx (WH_GETMESSAGE,
sWizGenericHookProc, NULL, dwThreadID);
hhookMsgFilter = SetWindowsHookEx (WH_MSGFILTER,
sWizGenericHookProc, NULL, dwThreadID);
hhookMsgFilter = SetWindowsHookEx (WH_SYSMSGFILTER,
sWizGenericHookProc, NULL, dwThreadID);
}
// ____________________________________
//
// remove all the message hooks
static VOID
sUninstallWindowsHooks (VOID)
{
UnhookWindowsHookEx (hhookSysMsgFilter);
UnhookWindowsHookEx (hhookMsgFilter);
UnhookWindowsHookEx (hhookGetMessage);
UnhookWindowsHookEx (hhookCBT);
UnhookWindowsHookEx (hhookJournalRecord);
UnhookWindowsHookEx (hhookKeyboard);
}
// ____________________________________
//
// test admin prefs for validity
static BOOL
sValidateConfiguration (PKEYGENINFO pkgi)
{
BOOL bPrefsOK = TRUE;
BOOL bPrefsCorrupt = FALSE;
PGPError err;
#if PGP_BUSINESS_SECURITY
CHAR szID[20];
PGPBoolean b;
PGPUInt32 u;
#endif
pkgi->uKeyType = DEFAULT_KEYTYPE;
pkgi->uKeySize = DEFAULT_KEYSIZE;
pkgi->uSubKeySize = DEFAULT_SUBKEYSIZE;
pkgi->uExpireDays = 0;
pkgi->pszPassPhrase = NULL;
pkgi->uPhraseFlags = 0;
pkgi->lRandomBitsNeeded = 0;
pkgi->lOriginalEntropy = 0;
pkgi->Key = kInvalidPGPKeyRef;
pkgi->OldKey = kInvalidPGPKeyRef;
pkgi->bFinishSelected = FALSE;
pkgi->bCancelPending = FALSE;
pkgi->bInGeneration = FALSE;
pkgi->uWorkingPhase = 0;
pkgi->bDoSend = FALSE;
pkgi->bSendComplete = FALSE;
pkgi->iFinalResult = 0;
// minimum passphrase length
#if PGP_BUSINESS_SECURITY
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefEnforceMinChars, &b);
pkgi->bMinPhraseLength = b;
if (b)
{
u = DEFAULT_MINPHRASELEN;
err = PGPGetPrefNumber (pkgi->PrefRefAdmin, kPGPPrefMinChars, &u);
if (IsPGPError (err)) bPrefsCorrupt = TRUE;
pkgi->iMinPhraseLength = (INT)u;
}
else pkgi->iMinPhraseLength = DEFAULT_MINPHRASELEN;
#else
pkgi->bMinPhraseLength = FALSE;
pkgi->iMinPhraseLength = DEFAULT_MINPHRASELEN;
#endif // PGP_BUSINESS_SECURITY
// minimum passphrase quality
#if PGP_BUSINESS_SECURITY
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefEnforceMinQuality, &b);
pkgi->bMinPhraseQuality = b;
if (b)
{
u = DEFAULT_MINPHRASEQUAL;
err = PGPGetPrefNumber (pkgi->PrefRefAdmin, kPGPPrefMinQuality, &u);
if (IsPGPError (err)) bPrefsCorrupt = TRUE;
pkgi->iMinPhraseQuality = (INT)u;
}
else pkgi->iMinPhraseQuality = 0;
#else
pkgi->bMinPhraseQuality = FALSE;
pkgi->iMinPhraseQuality = 0;
#endif // PGP_BUSINESS_SECURITY
// RSA key generation
pkgi->bAllowRSAGen = TRUE;
#if PGP_BUSINESS_SECURITY
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefAllowRSAKeyGen, &b);
pkgi->bAllowRSAGen = b;
#endif
err = PGPclCheckSDKSupportForPKAlg (
kPGPPublicKeyAlgorithm_RSA, FALSE, FALSE);
if (IsPGPError (err))
pkgi->bAllowRSAGen = FALSE;
#if NO_RSA_KEYGEN
pkgi->bAllowRSAGen = FALSE;
#endif
// minimum key size
#if PGP_BUSINESS_SECURITY
u = MIN_KEY_SIZE;
PGPGetPrefNumber (pkgi->PrefRefAdmin, kPGPPrefMinimumKeySize, &u);
pkgi->uMinKeySize = u;
#else
pkgi->uMinKeySize = MIN_KEY_SIZE;
#endif
// ADK stuff
#if PGP_BUSINESS_SECURITY
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefEnforceIncomingADK, &b);
pkgi->bEnforceADK = b;
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefUseDHADK, &b);
if (b)
{
err = PGPGetPrefStringBuffer (pkgi->PrefRefAdmin,
kPGPPrefDHADKID, sizeof(szID), szID);
if (IsntPGPError (err))
{
err = PGPclGetKeyFromKeyID (pkgi->Context, KeySetMain,
szID, kPGPPublicKeyAlgorithm_DSA, &(pkgi->ADK));
}
if (IsPGPError (err))
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_MISSINGADK,
MB_OK|MB_ICONSTOP);
}
else
{
PGPGetKeyBoolean (pkgi->ADK, kPGPKeyPropIsExpired, &b);
if (b)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_EXPIREDADK,
MB_OK|MB_ICONSTOP);
}
else
{
PGPGetKeyBoolean (pkgi->ADK, kPGPKeyPropIsRevoked, &b);
if (b)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_REVOKEDADK,
MB_OK|MB_ICONSTOP);
}
}
}
}
else pkgi->ADK = NULL;
#else
pkgi->ADK = NULL;
pkgi->bEnforceADK = FALSE;
#endif // PGP_BUSINESS_SECURITY
// Corporate Key stuff
#if PGP_BUSINESS_SECURITY
// corp key signing type
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefMetaIntroducerCorp, &b);
pkgi->bMetaCorpKey = b;
// corp key
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefAutoSignTrustCorp, &b);
if (b)
{
err = PGPGetPrefStringBuffer (pkgi->PrefRefAdmin,
kPGPPrefCorpKeyID, sizeof(szID), szID);
if (IsntPGPError (err))
{
err = PGPGetPrefNumber (pkgi->PrefRefAdmin,
kPGPPrefCorpKeyPublicKeyAlgorithm, &u);
if (IsntPGPError (err))
{
err = PGPclGetKeyFromKeyID (pkgi->Context, KeySetMain,
szID, u, &(pkgi->CorpKey));
}
}
if (IsPGPError (err))
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_MISSINGCORPKEY,
MB_OK|MB_ICONSTOP);
}
else
{
PGPGetKeyBoolean (pkgi->CorpKey, kPGPKeyPropIsExpired, &b);
if (b)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_EXPIREDCORPKEY,
MB_OK|MB_ICONSTOP);
}
else
{
PGPGetKeyBoolean (pkgi->CorpKey, kPGPKeyPropIsRevoked, &b);
if (b)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_REVOKEDCORPKEY,
MB_OK|MB_ICONSTOP);
}
}
}
}
else
pkgi->CorpKey = NULL;
#else
pkgi->bMetaCorpKey = FALSE;
pkgi->CorpKey = NULL;
#endif // PGP_BUSINESS_SECURITY
// Designated Revoker Key stuff
#if PGP_BUSINESS_SECURITY
// revoker key
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefAutoAddRevoker, &b);
if (b)
{
err = PGPGetPrefStringBuffer (pkgi->PrefRefAdmin,
kPGPPrefRevokerKeyID, sizeof(szID), szID);
if (IsntPGPError (err))
{
err = PGPGetPrefNumber (pkgi->PrefRefAdmin,
kPGPPrefRevokerPublicKeyAlgorithm, &u);
if (IsntPGPError (err))
{
err = PGPclGetKeyFromKeyID (pkgi->Context, KeySetMain,
szID, u, &(pkgi->RevokerKey));
}
}
if (IsPGPError (err))
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_MISSINGREVOKERKEY,
MB_OK|MB_ICONSTOP);
}
else {
PGPGetKeyBoolean (pkgi->RevokerKey, kPGPKeyPropIsExpired, &b);
if (b)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_EXPIREDREVOKERKEY,
MB_OK|MB_ICONSTOP);
}
else
{
PGPGetKeyBoolean (pkgi->RevokerKey, kPGPKeyPropIsRevoked,&b);
if (b)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_REVOKEDREVOKERKEY,
MB_OK|MB_ICONSTOP);
}
}
}
}
else
pkgi->RevokerKey = NULL;
#else
pkgi->RevokerKey = NULL;
#endif // PGP_BUSINESS_SECURITY
// Auto Cert Request stuff
#if PGP_BUSINESS_SECURITY
b = FALSE;
PGPGetPrefBoolean (pkgi->PrefRefAdmin, kPGPPrefKeyGenX509CertRequest, &b);
pkgi->bDoCertRequest = b;
#else
pkgi->bDoCertRequest = FALSE;
#endif // PGP_BUSINESS_SECURITY
// everything OK ?
if (bPrefsCorrupt)
{
bPrefsOK = FALSE;
PKMessageBox (NULL, IDS_CAPTION, IDS_ADMINPREFSCORRUPT,
MB_OK|MB_ICONSTOP);
}
return bPrefsOK;
}
// ____________________________________
//
// return DSA key size on basis of requested ElGamal key size
static ULONG
sGetDSAKeySize (ULONG ulRequested)
{
ULONG ulActualBits = ulRequested;
if (ulRequested > 1024)
ulActualBits = 1024;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -