pgpkeyman.c

著名的加密软件的应用于电子邮件中

			ringKeyFingerprint16 (ringset, keyobj, buffer);
			*len = 16;
		}
		else {
			ringKeyFingerprint20 (ringset, keyobj, buffer);
			*len = 20;
		}
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return pgpReturnPropBuffer ((const char *) buffer, prop, *len, length);
}


PGPError
pgpGetKeyString (PGPKey *key, PGPKeyPropName propname, char *prop, size_t *len)
{
        RingSet *ringset;

	pgpa(pgpaPGPKeyValid(key));
	ringset = pgpKeyDBRingSet (key->keyDB);
	return pgpGetKeyStringInternal (ringset, key->key, propname, prop, len);
}


PGPError
pgpGetSubKeyString (PGPSubKey *subkey, PGPKeyPropName propname,
					char *prop, size_t *len)
{
RingSet *ringset;

	pgpa(pgpaPGPSubKeyValid(subkey));
	CHECKREMOVED(subkey);
	ringset = pgpKeyDBRingSet (subkey->key->keyDB);
	return pgpGetKeyStringInternal (ringset, subkey->subKey, propname,
									prop, len);
}

static PGPError
pgpGetKeyBooleanInternal (RingSet *ringset, RingObject *keyobj,
			 		 			PGPKeyPropName propname, Boolean *prop)
{
		struct PgpSecKey	*seckey = NULL;
		word32		 			expiration;

		switch (propname) {
	case kPGPKeyPropIsSecret:
		*prop = (ringKeyIsSec (ringset, keyobj) != 0);
		break;
	case kPGPKeyPropIsAxiomatic:
		*prop = (ringKeyAxiomatic (ringset, keyobj) != 0);
		break;
	case kPGPKeyPropIsRevoked:
		*prop = (ringKeyRevoked (ringset, keyobj) != 0);
		break;
	case kPGPKeyPropIsDisabled:
		*prop = (ringKeyDisabled (ringset, keyobj) != 0);
		break;
	case kPGPKeyPropNeedsPassphrase:
		if (!ringKeyIsSec (ringset, keyobj))
			return PGPERR_NO_SECKEY;
		seckey = ringSecSecKey (ringset, keyobj, 0);
		if (!seckey)
			return ringSetError(ringset)->error;
		*prop = (pgpSecKeyIslocked (seckey) != 0);
		pgpSecKeyDestroy (seckey);
		break;
	case kPGPKeyPropIsExpired:
		expiration = ringKeyExpiration (ringset, keyobj);
		if (expiration == 0)
			*prop = 0;
		else
			*prop = (expiration < (word32) pgpGetTime());
		break;
	case kPGPKeyPropIsNotCorrupt:
	*prop = (ringKeyError (ringset, keyobj) == 0);
		break;
	case kPGPKeyPropCanSign:
	*prop = ((ringKeyUse (ringset, keyobj) & PGP_PKUSE_SIGN) != 0);
		break;
	case kPGPKeyPropCanEncrypt:
	*prop = ((ringKeyUse (ringset, keyobj) & PGP_PKUSE_ENCRYPT) != 0);
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return PGPERR_OK;
}


PGPError
pgpGetKeyBoolean (PGPKey *key, PGPKeyPropName propname, Boolean *prop)
{
RingSet *ringset;

	pgpa(pgpaPGPKeyValid(key));
	ringset = pgpKeyDBRingSet (key->keyDB);
	return pgpGetKeyBooleanInternal (ringset, key->key, propname, prop);
}


PGPError
pgpGetSubKeyBoolean (PGPSubKey *subkey, PGPKeyPropName propname, Boolean *prop)
{
RingSet *ringset;

	pgpa(pgpaPGPSubKeyValid(subkey));
	CHECKREMOVED(subkey);
	ringset = pgpKeyDBRingSet (subkey->key->keyDB);
	if (propname == kPGPKeyPropIsAxiomatic)
	return PGPERR_KEYDB_INVALIDPROPERTY;
	return pgpGetKeyBooleanInternal (ringset, subkey->subKey, propname, prop);
}


PGPError
pgpGetUserIDNumber (PGPUserID *userid, PGPUserIDPropName propname, long *prop)
{
	struct RingSet		*ringset = NULL;
	union RingObject *nameobj = NULL;

	pgpa(pgpaPGPUserIDValid(userid));
	CHECKREMOVED(userid);
	ringset =	 pgpKeyDBRingSet (userid->key->keyDB);
	nameobj =	 userid->userID;

	switch (propname) {
	case kPGPUserIDPropValidity:
		if (pgpTrustModel (pgpRingPool) == PGPTRUST0)
		*prop = (long) ringNameTrust (ringset, nameobj);
		else
			*prop = (long) ringNameValidity (ringset, nameobj);
		break;
	case kPGPUserIDPropConfidence:
		if (pgpTrustModel (pgpRingPool) > PGPTRUST0) {
			*prop = ringNameConfidence (ringset, nameobj);
			break;
		}
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return PGPERR_OK;
}


PGPError
pgpGetUserIDString (PGPUserID *userid, PGPUserIDPropName propname,
					char *prop, size_t *len)
{
	struct RingSet		*ringset = NULL;
	union RingObject *nameobj = NULL;
	size_t length = *len;
	char const	*bufptr;

	pgpa(pgpaPGPUserIDValid(userid));
	CHECKREMOVED(userid);
	ringset =	 pgpKeyDBRingSet (userid->key->keyDB);
	nameobj =	 userid->userID;

	switch (propname) {
	case kPGPUserIDPropName:
		bufptr = ringNameName (ringset, nameobj, len);
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return pgpReturnPropBuffer (bufptr, prop, *len, length);
}

PGPError
pgpGetCertNumber (PGPCert *cert, PGPCertPropName propname, long *prop)
{
	struct RingSet		*ringset = NULL;
	union RingObject *sigobj = NULL;
	byte				keyid[8];
	unsigned long	 	longkeyid;
	int i;

	pgpa(pgpaPGPCertValid(cert));
	CHECKREMOVED(cert);
	ringset =	 pgpKeyDBRingSet (cert->up.userID->key->keyDB);
	sigobj =	cert->cert;

	switch (propname) {
	case kPGPCertPropKeyID:
		ringSigID8 (ringset, sigobj, NULL, keyid);
		longkeyid = 0;
		for (i = 4; i < 8; i++)
			longkeyid = (longkeyid << 8) + keyid[i];
		/* *prop should be cast to (unsigned long) below */
		*prop = (long) longkeyid;
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return PGPERR_OK;
}



PGPError
pgpGetCertString (PGPCert *cert, PGPCertPropName propname, char *prop,
				size_t *len)
{
	struct RingSet		*ringset = NULL;
	union RingObject *sigobj = NULL;
	unsigned char buffer[8];
	size_t length = *len;

	pgpa(pgpaPGPCertValid(cert));
	CHECKREMOVED(cert);
	ringset =	 pgpKeyDBRingSet (cert->up.userID->key->keyDB);
	sigobj =	cert->cert;

	switch (propname) {
	case kPGPCertPropKeyID:
		ringSigID8 (ringset, sigobj, NULL, buffer);
		*len = 8;
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return pgpReturnPropBuffer ((const char *) buffer, prop, *len, length);
}



PGPError
pgpGetCertTime (PGPCert *cert, PGPCertPropName propname, PGPTime *prop)
{
	struct RingSet		*ringset = NULL;
	union RingObject *sigobj = NULL;

	pgpa(pgpaPGPCertValid(cert));
	CHECKREMOVED(cert);
	ringset =	 pgpKeyDBRingSet (cert->up.userID->key->keyDB);
	sigobj =	cert->cert;

	switch (propname) {
	case kPGPCertPropCreation:
		*prop = ringSigTimestamp (ringset, sigobj);
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return PGPERR_OK;
}



PGPError
pgpGetCertBoolean (PGPCert *cert, PGPCertPropName propname, Boolean *prop)
{
	struct RingSet		*ringset = NULL;
	union RingObject *sigobj = NULL, *obj = NULL;
	char				keyid[8], revkeyid[8];
	struct RingIterator *iter = NULL;
	unsigned			level;

	pgpa(pgpaPGPCertValid(cert));
	CHECKREMOVED(cert);
	ringset =	 pgpKeyDBRingSet (cert->up.userID->key->keyDB);
	sigobj =	cert->cert;

	switch (propname) {
	case kPGPCertPropIsRevoked:
		/* Must look for a revocation signature with the same signing
			key id. The revocation sig must be the newer than the certifying
			sig to be considered. */
		*prop = 0;
		ringSigID8 (ringset, sigobj, NULL, (unsigned char *) keyid);
		iter = ringIterCreate (ringset);
		if (!iter)
			return PGPERR_NOMEM;
		ringIterSeekTo (iter, sigobj);
		level = ringIterCurrentLevel (iter);
		ringIterRewind (iter, level);
		while (ringIterNextObject (iter, level) > 0) {
			obj = ringIterCurrentObject (iter, level);
			if (ringSigType (ringset, obj) == PGP_SIGTYPE_KEY_UID_REVOKE) {
				ringSigID8 (ringset, obj, NULL, (unsigned char *) revkeyid);
				if (memcmp (keyid, revkeyid, 8) == 0 &&
					ringSigChecked (ringset, obj) &&
					ringSigTimestamp (ringset, obj) >=
						ringSigTimestamp (ringset, sigobj)) {
					*prop = 1;
					break;
				}
			}
		}
		ringIterDestroy (iter);
		break;
	case kPGPCertPropIsNotCorrupt:
		*prop = (ringSigError (ringset, sigobj) == 0);
		break;
	case kPGPCertPropIsTried:
		*prop = ringSigTried (ringset, sigobj);
		break;
	case kPGPCertPropIsVerified:
		*prop = ringSigChecked (ringset, sigobj);
		break;
	case kPGPCertPropIsMyCert:
		obj = ringSigMaker (ringset, sigobj, ringset);
		if (!obj)
			*prop = 0;
		else
			*prop = ringKeyIsSec (ringset, obj);
		break;
	default:
		return PGPERR_KEYDB_INVALIDPROPERTY;
	}
	return PGPERR_OK;
}



/* Get and Set default private key. The identification of
	the key is stored as an ascii keyid in the preferences
	repository. */


PGPKey *
pgpGetDefaultPrivateKey (PGPKeySet *keyset)
{
	pgpa(pgpaPGPKeySetValid(keyset));
	return pgpGetDefaultPrivateKeyInternal (keyset->keyDB);
}


static char const hex[16] = {
	'0','1','2','3','4','5','6','7',
	'8','9','a','b','c','d','e','f'
};

PGPError
pgpSetDefaultPrivateKey (PGPKey *key)
{
	int			i;
	size_t		len = 8;
	char		keyid[8];
	char		keyidstr[19];
	byte		digit;
	Boolean		secret = 0, cansign = 0;

	pgpa(pgpaPGPKeyValid(key));
	if (pgpKeyIsDead (key))
	return PGPERR_BADPARAM;
	/* Default key must be secret and must be able to sign */
	pgpGetKeyBoolean (key, kPGPKeyPropIsSecret, &secret);
	if (!secret)
		return PGPERR_BADPARAM;
	pgpGetKeyBoolean (key, kPGPKeyPropCanSign, &cansign);
	if (!cansign)
	return PGPERR_BADPARAM;

	/* Set the default key axiomatic (note we don't require a passphrase) */
	pgpSetKeyAxiomatic (key, FALSE, NULL);
	pgpGetKeyString (key, kPGPKeyPropKeyId, keyid, &len);
	keyidstr[0] = '0';
	keyidstr[1] = 'x';
	for (i = 0; i < 8; i++) {
		digit = (byte) keyid[i];
		keyidstr[i * 2 + 2] = hex[digit >> 4];
		keyidstr[i * 2 + 3] = hex[digit & 0xF];
	}
	keyidstr[18] = '\0';
	pgpSetPrefString (kPGPPrefUserID, keyidstr, 18);
	return PGPERR_OK;
}


PgpTrustModel
pgpGetTrustModel (void)
{
return pgpTrustModel (pgpRingPool);
}


/* UserVal functions */

PGPError
pgpSetKeyUserVal (PGPKey *key, long userVal)
{
	pgpa(pgpaPGPKeyValid(key));
	key->userVal = userVal;
	return PGPERR_OK;
}


PGPError
pgpSetUserIDUserVal (PGPUserID *userid, long userVal)
{
	pgpa(pgpaPGPUserIDValid(userid));
	userid->userVal = userVal;
	return PGPERR_OK;
}


PGPError
pgpSetSubKeyUserVal (PGPSubKey *subkey, long userVal)
{
	pgpa(pgpaPGPSubKeyValid(subkey));
	subkey->userVal = userVal;
	return PGPERR_OK;
}


PGPError
pgpSetCertUserVal (PGPCert *cert, long userVal)
{
	pgpa(pgpaPGPCertValid(cert));
	cert->userVal = userVal;
	return PGPERR_OK;
}


PGPError
pgpGetKeyUserVal (PGPKey *key, long *userVal)
{
	pgpa(pgpaPGPKeyValid(key));
	*userVal = key->userVal;
	return PGPERR_OK;
}


PGPError
pgpGetUserIDUserVal (PGPUserID *userid, long *userVal)
{
	pgpa(pgpaPGPUserIDValid(userid));
	*userVal = userid->userVal;
	return PGPERR_OK;
}

PGPError
pgpGetSubKeyUserVal (PGPSubKey *subkey, long *userVal)
{
	pgpa(pgpaPGPSubKeyValid(subkey));
	*userVal = subkey->userVal;
	return PGPERR_OK;
}

PGPError
pgpGetCertUserVal (PGPCert *cert, long *userVal)
{
	pgpa(pgpaPGPCertValid(cert));
	*userVal = cert->userVal;
	return PGPERR_OK;
}

PGPUserID *
pgpGetPrimaryUserID (PGPKey *key)
{
	PGPUserID *		userID;

	pgpa(pgpaPGPKeyValid(key));

	userID = (PGPUserID *) &key->userIDs;
	do {
		userID = userID->next;
		if (userID == (PGPUserID *)&key->userIDs)
			return NULL;
	} while (userID->removed);

	return userID;
}

PGPError
pgpGetPrimaryUserIDName(PGPKey *key, char *buf, size_t *len)
{
	PGPUserID *		userID;

	pgpa(pgpaPGPKeyValid(key));

	userID = pgpGetPrimaryUserID (key);
	if (userID == NULL)
		return PGPERR_KEYDB_CORRUPT;	/* XXX correct error? */
	return pgpGetUserIDString(userID, kPGPUserIDPropName, buf, len);
}

PGPError
pgpGetPrimaryUserIDValidity (PGPKey *key, long *validity)
{
	PGPUserID *		userID;

	pgpa(pgpaPGPKeyValid(key));

	userID = pgpGetPrimaryUserID(key);
	if (userID == NULL)
		return PGPERR_KEYDB_CORRUPT;	/* XXX correct error? */
	return pgpGetUserIDNumber(userID, kPGPUserIDPropValidity, validity);
}

/*
* XXX: This routine must be kept in sync with the hash algorithm
* selection made in pgpSigSpecCreate (in pgpSigSpec.c)
*/
PGPError
pgpGetHashAlgUsed (PGPKey *key, long *hashAlg)
{
	long			pkAlg;
	PGPError		result;

	pgpa((
		pgpaPGPKeyValid(key),
		pgpaAddrValid(hashAlg, uchar)));

	result = pgpGetKeyNumber(key, kPGPKeyPropAlgId, &pkAlg);
	if (result == PGPERR_OK)
	{
		if (pkAlg == PGP_PKALG_DSA)
			*hashAlg = PGP_HASH_SHA;
		else
			*hashAlg = pgpenvGetInt(pgpEnv, PGPENV_HASH, NULL, NULL);
	}
	return result;
}

/*
* Local Variables:
* tab-width: 4
* End:
* vi: ts=4 sw=4
* vim: si
*/