📄 keyadd.c
字号:
/*____________________________________________________________________________
keymgmt.c
Copyright(C) 1998,1999 Network Associates, Inc.
All rights reserved.
PGP 6.5 Command Line
$Id: keyadd.c,v 1.11 1999/05/12 21:01:03 sluu Exp $
____________________________________________________________________________*/
#include <stdio.h>
#include "pgpBase.h"
#include "pgpKeys.h"
#include "pgpErrors.h"
#include "pgpContext.h"
#include "pgpEnv.h"
#include "usuals.h"
#include "pgp.h"
#include "globals.h"
#include "prototypes.h"
#include "language.h"
static int pgpGetKeyTrust( PGPKeyRef key ) {
PGPUInt32 propData;
PGPError err;
err = PGPGetKeyNumber( key, kPGPKeyPropTrust, &propData );
pgpAssertNoErr( err );
return propData;
}
static int pgpGetKeyValidity( PGPKeyRef key ) {
PGPUInt32 propData;
PGPError err;
err = PGPGetKeyNumber( key, kPGPKeyPropValidity, &propData );
pgpAssertNoErr( err );
return propData;
}
static PGPError askToSign( struct pgpmainBones *mainbPtr, PGPKeyRef key,
PGPBoolean firsttimeaskfirst )
{
PGPContextRef context = mainbPtr->pgpContext;
struct pgpfileBones *filebPtr = mainbPtr->filebPtr;
/*
- seems to get your public key
- then it opens the ringfile i guess for the target key
- and if key is compromised then it returns 0
- and on a file i/o error it returns -1
- and if not a key then it returns zero
- and it scans till it reaches the userid
- or fails
- and then it reads the trust level
- and if the trust is fine then it returns 0
- and if asking is enabled it asks you generally speaking
- and then it shows the key
- and then it asks you specifically if you want to certify
- and then it does another maint update pass
*/
PGPError err;
PGPInt32 pri;
PGPEnv *env = pgpContextGetEnvironment( context );
PGPBoolean batchmode = pgpenvGetInt( env, PGPENV_BATCHMODE, &pri, &err );
PGPBoolean issec;
pgpAssertAddrValid( mainbPtr, struct pgpmainBones );
pgpAssertAddrValid( mainbPtr->workingRingSet, PGPKeySetRef );
if( pgpGetKeyValidity( key ) > kPGPValidity_Unknown ) {
return kPGPError_ItemAlreadyExists;
}
PGPGetKeyBoolean( key, kPGPKeyPropIsSecret, &issec );
if(issec)
return kPGPError_ItemAlreadyExists;
if( firsttimeaskfirst == TRUE ) {
fprintf(filebPtr->pgpout,LANG(
"\nOne or more of the new keys are not fully certified.\n"
"Do you want to certify any of these keys yourself (y/N)? "));
if(!getyesno(filebPtr,'n',batchmode )) {
return kPGPError_UserAbort;
}
}
pgpShowKeyBrief( filebPtr, key );
fprintf(filebPtr->pgpout, LANG(
"\nDo you want to certify this key yourself (y/N)? "));
if( getyesno(filebPtr,'n',batchmode )) {
PGPKeyRef sigkey;
/* mainbPtr->workingRingSet=ringSet;*/
/* mainbPtr->workingGroupSet=NULL;*/
err = pgpGetMySigningKey( mainbPtr, &sigkey );
if( err ) {
return err;
}
if( pgpSignKey( mainbPtr, sigkey, key, NULL ) ) {
PGPPropagateTrust( mainbPtr->workingRingSet );
}
}
return kPGPError_NoErr;
}
PGPError addToWorkingRingSetFinish( struct pgpmainBones *mainbPtr ) {
PGPKeySetRef ringSet = mainbPtr->workingRingSet;
PGPError err;
if(PGPKeySetNeedsCommit( ringSet ))
err = PGPCommitKeyRingChanges( ringSet );
return err;
}
PGPError pgpAddKeyToKeySet( PGPKeyRef key, PGPKeySetRef keySet)
{
PGPError err,er2;
PGPKeySetRef tmpset;
err = PGPNewSingletonKeySet( key, &tmpset );
if( IsPGPError(err))
return err;
err = PGPAddKeys( tmpset, keySet );
er2 = PGPFreeKeySet( tmpset );
pgpAssertNoErr(er2);
return err;
}
enum {
kMark_Undefined = 0,
kMark_Ordinary = 1,
kMark_Revocation = 2,
kMark_Secret = 4,
kMark_Trust = 8
};
PGPError pgpMarkKey( PGPKeyIterRef iterContext, PGPKeyRef key )
{
PGPError err;
PGPUserIDRef alias;
PGPBoolean iskrev,issec;
err = PGPGetKeyBoolean( key, kPGPKeyPropIsRevoked, &iskrev );
pgpAssertNoErr(err);
err = PGPGetKeyBoolean( key, kPGPKeyPropIsSecret, &issec );
pgpAssertNoErr(err);
err = PGPSetKeyUserVal( key, (PGPUserValue) (( iskrev ?
kMark_Revocation :
kMark_Ordinary )|( issec ? kMark_Secret : 0)) );
pgpAssertNoErr(err);
err = PGPKeyIterRewindUserID( iterContext );
pgpAssertNoErr(err);
err = PGPKeyIterNextUserID( iterContext, &alias);
pgpAssertNoErr(err);
while( alias ) {
PGPSigRef cert;
err = PGPSetUserIDUserVal( alias, (PGPUserValue) kMark_Ordinary );
pgpAssertNoErr(err);
err = PGPKeyIterRewindUIDSig( iterContext );
pgpAssertNoErr(err);
err = PGPKeyIterNextUIDSig( iterContext, &cert );
/*if err, there are none.*/
while( cert ) {
PGPBoolean isrev;
err = PGPGetSigBoolean( cert, kPGPSigPropIsRevoked, &isrev );
if( isrev )
err = PGPSetSigUserVal( cert, (PGPUserValue)
kMark_Revocation );
else
err = PGPSetSigUserVal( cert, (PGPUserValue)
kMark_Ordinary );
pgpAssertNoErr(err);
err = PGPKeyIterNextUIDSig( iterContext, &cert );
/*if err, there are no more.*/
}
err = PGPKeyIterNextUserID( iterContext, &alias );
}
if(err == kPGPError_EndOfIteration )
err = kPGPError_NoErr;
return err;
}
PGPError pgpMarkKeyInSet( PGPKeySetRef keySet, PGPKeyRef srchkey )
{
PGPError err,er2;
PGPKeyRef key;
PGPKeyListRef keylist;
PGPKeyIterRef iter;
err = PGPOrderKeySet( keySet, kPGPAnyOrdering, &keylist );
pgpAssertNoErr(err);
err = PGPNewKeyIter( keylist, &iter );
pgpAssertNoErr(err);
err = PGPKeyIterRewind( iter );
pgpAssertNoErr(err);
PGPKeyIterNext( iter, &key);
/*if err, there are none.*/
while( key )
{
if( PGPCompareKeys( key, srchkey, kPGPKeyIDOrdering ) == 0)
{
err = pgpMarkKey( iter, key );
if(err)
break;
}
PGPKeyIterNext( iter, &key);
/*if err, there are no more.*/
}
er2 = PGPFreeKeyIter( iter );
pgpAssertNoErr(err);
er2 = PGPFreeKeyList( keylist );
pgpAssertNoErr(err);
return err;
}
/*
mark an existing keySet before merging in a new keySet, so
we can determine new userids, sigs / revocations
*/
PGPError pgpMarkKeySet( PGPKeySetRef keySet )
{
PGPError err,er2;
PGPKeyRef key;
PGPKeyListRef keylist;
PGPKeyIterRef iter;
err = PGPOrderKeySet( keySet, kPGPAnyOrdering, &keylist );
pgpAssertNoErr(err);
err = PGPNewKeyIter( keylist, &iter );
pgpAssertNoErr(err);
err = PGPKeyIterRewind( iter );
pgpAssertNoErr(err);
PGPKeyIterNext( iter, &key);
/*if err, there are none.*/
while( key )
{
err = pgpMarkKey( iter, key );
if(err)
break;
PGPKeyIterNext( iter, &key);
/*if err, there are no more.*/
}
er2 = PGPFreeKeyIter( iter );
pgpAssertNoErr(err);
er2 = PGPFreeKeyList( keylist );
pgpAssertNoErr(err);
return err;
}
/*
Show the keys, userids, sigs that have not been marked by pgpMarkKey().
If interactive mode, ask the user whether to add each new userid.
Note, the key passed to this function should not be associated with
any persistent key database or undesired behaviour may result.
*/
PGPError pgpShowKeyUnmarked( struct pgpfileBones *filebPtr,
PGPKeyIterRef iterContext, PGPKeyRef key,
PGPSize *newKeyCount, PGPSize *newUIDCount,
PGPSize *newSigCount, PGPSize *newRevokeCount )
{
PGPError err;
PGPUserIDRef alias;
struct pgpenvBones *envbPtr = filebPtr->envbPtr;
PGPEnv *env = envbPtr->m_env;
PGPInt32 pri;
PGPBoolean batchmode = pgpenvGetInt( env, PGPENV_BATCHMODE, &pri, &err );
PGPBoolean verbose = pgpenvGetInt( env, PGPENV_VERBOSE, &pri, &err );
PGPUserValue val;
PGPBoolean iskrev,issec;
PGPBoolean compatible = envbPtr->compatible;
PGPInt32 interactive = envbPtr->interactiveAdd;
if(newKeyCount)
*newKeyCount = 0;
if(newUIDCount)
*newUIDCount = 0;
if(newSigCount)
*newSigCount = 0;
if(newRevokeCount)
*newRevokeCount = 0;
err = PGPGetKeyBoolean( key, kPGPKeyPropIsRevoked, &iskrev );
pgpAssertNoErr(err);
err = PGPGetKeyBoolean( key, kPGPKeyPropIsSecret, &issec );
pgpAssertNoErr(err);
err = PGPGetKeyUserVal( key, &val );
if( iskrev ) {
if( !( (PGPInt32)val & kMark_Revocation ) ) {
if(verbose)
fprintf( filebPtr->pgpout, LANG("\nNew revocation\n") );
if(newRevokeCount)
(*newRevokeCount)++;
}
} else {
if( !( (PGPInt32)val & kMark_Ordinary ) ) {
if(verbose)
fprintf( filebPtr->pgpout, LANG("\nnew key\n") );
/* new key. return early.*/
if(newKeyCount)
(*newKeyCount)++;
/*return kPGPError_NoErr;*/
}
}
if( issec ) {
if( !( (PGPInt32)val & kMark_Secret ) ) {
if(verbose)
fprintf( filebPtr->pgpout, LANG("\nNew secret key\n") );
if(newKeyCount)
(*newKeyCount)++;
}
}
err = PGPKeyIterRewindUserID( iterContext );
pgpAssertNoErr(err);
err = PGPKeyIterNextUserID( iterContext, &alias);
while( alias ) {
PGPSize actual;
char useridstr[ kPGPMaxUserIDSize ];
err = PGPGetUserIDStringBuffer( alias, kPGPUserIDPropName,
kPGPMaxUserIDSize, useridstr, &actual );
pgpAssertNoErr(err);
err = PGPGetUserIDUserVal( alias, &val);
pgpAssertNoErr(err);
if( val != (PGPUserValue) kMark_Ordinary ) {
PGPBoolean ans;
fprintf( filebPtr->pgpout, LANG("\nNew userid: \"%s\".\n"),
useridstr );
if( interactive ) {
fprintf( filebPtr->pgpout,
LANG("\nWill be added to the following key:\n"));
pgpShowKeyBrief( filebPtr, key );
fprintf( filebPtr->pgpout, LANG("Add this userid (y/N)? "));
fflush( filebPtr->pgpout );
ans = getyesno( filebPtr, 'n', batchmode );
}
if( interactive && !ans ) {
err = PGPRemoveUserID( alias );
if( err == kPGPError_BadParams )
err = kPGPError_NoErr;
pgpAssertNoErr(err);
goto next;
} else
if(newUIDCount)
(*newUIDCount)++;
}
{
PGPSigRef cert;
err = PGPKeyIterRewindUIDSig( iterContext );
pgpAssertNoErr(err);
err = PGPKeyIterNextUIDSig( iterContext, &cert );
/*if err, there are none.*/
while( cert ) {
PGPKeyID kid;
char kstr[kPGPMaxKeyIDStringSize];
PGPBoolean isrev;
err = PGPGetKeyIDOfCertifier( cert, &kid );
pgpAssertNoErr(err);
err = pgpGetKeyIDStringCompat( &kid, TRUE, compatible,
kstr );
pgpAssertNoErr(err);
err = PGPGetSigBoolean( cert, kPGPSigPropIsRevoked, &isrev );
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -