📄 clmisc.c
字号:
PGPclCloseClientPrefs (prefsClient, TRUE);
if (PGPPrefRefIsValid (prefsAdmin))
PGPclCloseAdminPrefs (prefsAdmin, FALSE);
#endif // PGP_BUSINESS_SECURITY
return err;
}
//----------------------------------------------------|
// Sign key dialog message procedure
static BOOL CALLBACK
sConfirmAuthDlgProc (
HWND hDlg,
UINT uMsg,
WPARAM wParam,
LPARAM lParam)
{
PCONFIRMAUTHSTRUCT pcas;
CHAR sz[64];
INT i;
PGPValidity validity;
PGPUInt32 uAlgorithm;
UINT uIDS;
switch (uMsg) {
case WM_INITDIALOG :
{
CHAR szText[256];
SetWindowLong (hDlg, GWL_USERDATA, lParam);
pcas = (PCONFIRMAUTHSTRUCT)lParam;
// initialize validity bar
i = KMConvertFromPGPValidity (kPGPValidity_Complete);
SendMessage (GetDlgItem (hDlg, IDC_VALIDITY), PBM_SETRANGE,
0, MAKELPARAM (0,i));
PGPGetKeyNumber (pcas->keyAuthenticating, kPGPKeyPropValidity,
&validity);
i = KMConvertFromPGPValidity (validity);
SendMessage (GetDlgItem (hDlg, IDC_VALIDITY), PBM_SETPOS,
(WPARAM)i, 0);
// initialize text
uIDS = 0;
switch (pcas->uFlags) {
case PGPCL_SHOWAUTHENTICATION :
ShowWindow (GetDlgItem (hDlg, IDOK), SW_HIDE);
LoadString (g_hInst, IDS_DONE, sz, sizeof(sz));
SetDlgItemText (hDlg, IDCANCEL, sz);
break;
case PGPCL_AUTHEXPECTEDKEY :
if (validity >= pcas->validityThreshold) {
EndDialog (hDlg, 1);
return FALSE;
}
else
uIDS = IDS_INVALIDAUTHKEY;
break;
case PGPCL_AUTHRECONSTITUTING :
if (validity < pcas->validityThreshold)
uIDS = IDS_INVALIDAUTHKEY;
else
uIDS = IDS_VALIDAUTHKEY;
break;
case PGPCL_AUTHNEWKEY :
uIDS = IDS_NEWAUTHKEY;
break;
case PGPCL_AUTHUNEXPECTEDKEY :
uIDS = IDS_UNEXPECTEDAUTHKEY;
break;
}
if (uIDS)
{
LoadString (g_hInst, uIDS, szText, sizeof(szText));
SetDlgItemText (hDlg, IDC_AUTHTEXT, szText);
}
// initialize server name
SetDlgItemText (hDlg, IDC_SERVERNAME, pcas->pszRemoteHost);
// initialize key name
SetDlgItemText (hDlg, IDC_KEYNAME, pcas->szName);
// initialize fingerprint edit control
PGPGetKeyPropertyBuffer (pcas->keyAuthenticating,
kPGPKeyPropFingerprint, sizeof (sz), sz, &i);
PGPGetKeyNumber (pcas->keyAuthenticating,
kPGPKeyPropAlgID, &uAlgorithm);
KMConvertStringFingerprint (uAlgorithm, sz);
SetDlgItemText (hDlg, IDC_FINGERPRINT, sz);
// initialize security text strings
uIDS = 0;
switch (pcas->tlsCipher) {
case kPGPtls_TLS_NULL_WITH_NULL_NULL :
uIDS = IDS_TLS_NULL_WITH_NULL_NULL;
break;
case kPGPtls_TLS_PGP_DHE_DSS_WITH_CAST_CBC_SHA :
uIDS = IDS_TLS_PGP_DHE_DSS_WITH_CAST_CBC_SHA;
break;
case kPGPtls_TLS_PGP_DHE_RSA_WITH_CAST_CBC_SHA :
uIDS = IDS_TLS_PGP_DHE_RSA_WITH_CAST_CBC_SHA;
break;
case kPGPtls_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA :
uIDS = IDS_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA;
break;
case kPGPtls_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA :
uIDS = IDS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
break;
case kPGPtls_TLS_RSA_WITH_3DES_EDE_CBC_SHA :
uIDS = IDS_TLS_RSA_WITH_3DES_EDE_CBC_SHA;
break;
case kPGPtls_TLS_RSA_WITH_IDEA_CBC_SHA :
uIDS = IDS_TLS_RSA_WITH_IDEA_CBC_SHA;
break;
case kPGPtls_TLS_PGP_RSA_WITH_CAST_CBC_SHA :
uIDS = IDS_TLS_PGP_RSA_WITH_CAST_CBC_SHA;
break;
case kPGPtls_TLS_PGP_DHE_DSS_WITH_NULL_SHA :
uIDS = IDS_TLS_PGP_DHE_DSS_WITH_NULL_SHA;
break;
case kPGPtls_TLS_DHE_DSS_WITH_NULL_SHA :
uIDS = IDS_TLS_DHE_DSS_WITH_NULL_SHA;
break;
}
if (uIDS)
{
LPSTR pszStart;
LPSTR pszStop;
LoadString (g_hInst, uIDS, szText, sizeof(szText));
pszStart = szText;
pszStop = strchr (pszStart, '/');
*pszStop = '\0';
SetDlgItemText (hDlg, IDC_CERTIFICATE, pszStart);
pszStart = pszStop+1;
pszStop = strchr (pszStart, '/');
*pszStop = '\0';
SetDlgItemText (hDlg, IDC_SIGNATURE, pszStart);
pszStart = pszStop+1;
pszStop = strchr (pszStart, '/');
*pszStop = '\0';
SetDlgItemText (hDlg, IDC_EXCHANGE, pszStart);
pszStart = pszStop+1;
pszStop = strchr (pszStart, '/');
*pszStop = '\0';
SetDlgItemText (hDlg, IDC_CIPHER, pszStart);
pszStart = pszStop+1;
SetDlgItemText (hDlg, IDC_HASH, pszStart);
}
return TRUE;
}
case WM_HELP:
WinHelp (((LPHELPINFO) lParam)->hItemHandle, g_szHelpFile,
HELP_WM_HELP, (DWORD) (LPSTR) aIds);
break;
case WM_CONTEXTMENU:
WinHelp ((HWND) wParam, g_szHelpFile, HELP_CONTEXTMENU,
(DWORD) (LPVOID) aIds);
break;
case WM_COMMAND :
switch (LOWORD(wParam)) {
case IDCANCEL :
EndDialog (hDlg, 0);
break;
case IDOK :
EndDialog (hDlg, 1);
break;
case IDC_IMPORTKEY :
pcas = (PCONFIRMAUTHSTRUCT)GetWindowLong (hDlg, GWL_USERDATA);
{
PGPKeySetRef keysetAuth;
PGPError err;
err = PGPNewSingletonKeySet (
pcas->keyAuthenticating, &keysetAuth);
if (IsntPGPError (err) && PGPKeySetRefIsValid (keysetAuth))
{
err = CLAddKeysToMain (
pcas->context,
hDlg,
keysetAuth,
pcas->keysetMain);
PGPFreeKeySet (keysetAuth);
}
}
break;
}
return TRUE;
}
return FALSE;
}
//----------------------------------------------------|
// post confirmation dialog for authentication key
PGPError PGPclExport
PGPclConfirmRemoteAuthentication (
PGPContextRef context,
HWND hwndParent,
LPSTR pszServer,
PGPKeyRef keyAuth,
PGPtlsCipherSuiteNum tlsCipher,
PGPKeySetRef keysetMain,
UINT uFlags)
{
CONFIRMAUTHSTRUCT cas;
UINT u;
PGPPrefRef prefs;
PGPBoolean bMargIsInvalid;
cas.context = context;
cas.pszRemoteHost = pszServer;
cas.keyAuthenticating = keyAuth;
cas.tlsCipher = tlsCipher;
cas.keysetMain = keysetMain;
cas.uFlags = uFlags;
cas.szName[0] = '\0';
if (PGPKeyRefIsValid (keyAuth))
PGPGetPrimaryUserIDNameBuffer (keyAuth, kPGPMaxUserIDSize,
cas.szName, &u);
// use prefs to determine validity threshold
PGPclOpenClientPrefs (PGPGetContextMemoryMgr (context), &prefs);
PGPGetPrefBoolean (prefs, kPGPPrefMarginalIsInvalid, &bMargIsInvalid);
PGPclCloseClientPrefs (prefs, FALSE);
if (bMargIsInvalid)
cas.validityThreshold = kPGPValidity_Complete;
else
cas.validityThreshold = kPGPValidity_Marginal;
if (DialogBoxParam (g_hInst,
MAKEINTRESOURCE(IDD_CONFIRMAUTHENTICATION),
hwndParent, sConfirmAuthDlgProc, (LPARAM)&cas))
return kPGPError_NoErr;
else
return kPGPError_UserAbort;
}
//----------------------------------------------------|
// find unknown signer key
PGPError PGPclExport
PGPclLookupUnknownSigner(
PGPContextRef context,
PGPKeySetRef KeySetMain,
PGPtlsContextRef tlsContext,
HWND hwnd,
PGPEvent *event,
PGPKeyID signingKeyID,
PGPBoolean* pbGotKeys)
{
PGPKeySetRef newKeySet = NULL;
PGPUInt32 numKeys = 0;
PGPError lookupErr;
int nOleErr;
if (pbGotKeys == NULL)
return kPGPError_BadParams;
*pbGotKeys = FALSE;
lookupErr = PGPclSearchServerForKeyIDs(context,
NULL, hwnd, &signingKeyID, 1,
PGPCL_DEFAULTSERVER, KeySetMain, &newKeySet);
if (IsPGPError(lookupErr))
PGPclErrorBox(hwnd, lookupErr);
else
{
PGPCountKeys(newKeySet, &numKeys);
if (numKeys > 0)
{
nOleErr = OleInitialize(NULL);
if ((nOleErr == S_OK) || (nOleErr == S_FALSE))
{
PGPclQueryAddKeys(context, tlsContext, hwnd, newKeySet,
NULL);
OleUninitialize();
}
PGPAddJobOptions(event->job,
PGPOKeySetRef(context, newKeySet),
PGPOLastOption(context));
PGPFreeKeySet(newKeySet);
*pbGotKeys = TRUE;
}
}
return kPGPError_NoErr;
}
// ____________________________________
//
// Get HWND of PGPkeys application
static HWND
sGetPGPkeysWindow (VOID)
{
HWND hWndMe = NULL;
HANDLE hSem;
// Create or open a named semaphore.
hSem = CreateSemaphore (NULL, 0, 1, SEMAPHORENAME);
// return HWND if existing semaphore was opened.
if (hSem != NULL) {
if (GetLastError() == ERROR_ALREADY_EXISTS) {
hWndMe = FindWindow (WINCLASSNAME, WINDOWTITLE);
}
CloseHandle(hSem);
}
return hWndMe;
}
//----------------------------------------------------|
// Add keys in specified keyset to main keyset
BOOL
CLAddKeysToMain (
PGPContextRef context,
HWND hwnd,
PGPKeySetRef keysetToAdd,
PGPKeySetRef keysetMain)
{
PGPError err = 0;
PGPKeySetRef keyset = kInvalidPGPKeySetRef;
UINT uReloadMessage;
HWND hwndPGPkeys;
LPVOID pBuffer;
INT slen;
COPYDATASTRUCT cds;
HCURSOR hCursorOld;
if (PGPKeySetRefIsValid (keysetMain)) {
err = PGPAddKeys (keysetToAdd, keysetMain);
if (IsntPGPError (err)) {
hCursorOld = SetCursor (LoadCursor (NULL, IDC_WAIT));
err = PGPCommitKeyRingChanges (keysetMain);
SetCursor (hCursorOld);
if (IsntPGPError (err)) {
uReloadMessage = RegisterWindowMessage (RELOADKEYRINGMSG);
PostMessage (HWND_BROADCAST, uReloadMessage,
MAKEWPARAM (LOWORD (hwnd), TRUE),
GetCurrentProcessId ());
}
}
}
// no main keyset, we're supposed to try to add it to default keyring
else {
hwndPGPkeys = sGetPGPkeysWindow ();
// PGPkeys is running ... send it the key block
if (hwndPGPkeys) {
err = PGPExportKeySet (keysetToAdd,
PGPOAllocatedOutputBuffer (context,
&pBuffer, 0x40000000, &slen),
PGPOExportPrivateKeys (context, TRUE),
PGPOExportFormat (context,
kPGPExportFormat_Complete),
PGPOLastOption (context));
if (IsntPGPError (err)) {
cds.dwData = PGPPK_IMPORTKEYBUFFER;
cds.cbData = slen+1;
cds.lpData = pBuffer;
err = SendMessage (hwndPGPkeys, WM_COPYDATA,
0, (LPARAM)&cds);
if (err) err = kPGPError_NoErr;
else err = kPGPError_UnknownError;
PGPFreeData (pBuffer);
}
}
// PGPkeys is not running ... try to add keys to default keyring
else {
PGPsdkLoadDefaultPrefs (context);
err = PGPOpenDefaultKeyRings ( context,
kPGPKeyRingOpenFlags_Mutable,
&keyset);
if (IsntPGPError (err) && keyset) {
err = PGPAddKeys (keysetToAdd, keyset);
if (IsntPGPError (err)) {
err = PGPCommitKeyRingChanges (keyset);
if (IsntPGPError (err)) {
uReloadMessage =
RegisterWindowMessage (RELOADKEYRINGMSG);
PostMessage (HWND_BROADCAST, uReloadMessage,
MAKEWPARAM (LOWORD (hwnd), FALSE),
GetCurrentProcessId ());
}
}
PGPFreeKeySet (keyset);
}
}
}
if (IsPGPError (err)) {
PGPclMessageBox (hwnd, IDS_CAPTION, IDS_IMPORTKEYERROR,
MB_OK|MB_ICONEXCLAMATION);
}
return (IsntPGPError (err));
}
//----------------------------------------------------|
// determine if we are running under an Admin account
BOOL PGPclExport
PGPclLoggedInAsAdministrator (VOID)
{
TOKEN_GROUPS* ptg = NULL;
BOOL bAdmin;
HANDLE hThread;
DWORD cbTokenGroups;
DWORD dwGroup;
PSID psidAdmin;
OSVERSIONINFO osvi;
SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY;
// if not running under NT, just return TRUE
osvi.dwOSVersionInfoSize = sizeof(osvi);
if (GetVersionEx (&osvi))
{
if (osvi.dwPlatformId != VER_PLATFORM_WIN32_NT)
return TRUE;
}
else
return FALSE;
// open a handle to the access token for this thread
if (!OpenThreadToken (GetCurrentThread(), TOKEN_QUERY, FALSE, &hThread))
{
if (GetLastError() == ERROR_NO_TOKEN)
{
// the thread does not have an access token --
// use that of the process
if (!OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &hThread))
return FALSE;
}
else
return FALSE;
}
// query the size of the group information associated with the token.
// Note that we expect a FALSE result from GetTokenInformation
// because we've given it a NULL buffer. On exit cbTokenGroups will tell
// the size of the group information.
if (GetTokenInformation (hThread, TokenGroups, NULL, 0, &cbTokenGroups))
return FALSE;
// verify that GetTokenInformation failed for lack of a large
// enough buffer.
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
return FALSE;
// allocate a buffer for the group information.
// Since _alloca allocates on the stack, we don't have
// to explicitly deallocate it. That happens automatically
// when we exit this function.
if (!(ptg = _alloca (cbTokenGroups)))
return FALSE;
// ask for the group information again.
// This may fail if an administrator has added this account
// to an additional group between our first call to
// GetTokenInformation and this one.
if (!GetTokenInformation (hThread, TokenGroups,
ptg, cbTokenGroups, &cbTokenGroups))
return FALSE;
// create a System Identifier for the Admin group.
if (!AllocateAndInitializeSid (&SystemSidAuthority, 2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0, &psidAdmin))
return FALSE;
// iterate through the list of groups for this access
// token looking for a match against the SID we created above.
bAdmin = FALSE;
for (dwGroup = 0; dwGroup < ptg->GroupCount; dwGroup++)
{
if (EqualSid (ptg->Groups[dwGroup].Sid, psidAdmin))
{
bAdmin = TRUE;
break;
}
}
FreeSid (psidAdmin);
return bAdmin;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -