📄 pgpk.c
字号:
* Revoke a key or a signature
*/
static int
doKeyRevoke (struct Flags *flags, int argc, char *argv[])
{
int err;
Boolean secret, revoked;
PGPKeyIter *iter = NULL;
char *prep = NULL;
int revokelevel;
char passphrase[PASSLEN];
LoadString(&prep, "TO_BE_REVOKED_FRAGMENT");
/* Distinguish what we are to revoke */
if (flags->argc && strchr(flags->args, 's'))
revokelevel = KDBTYPE_CERT; /* signature on a name */
else
revokelevel = KDBTYPE_KEY; /* key */
/* Select object to revoke */
if((err = selectDBObject(argc, argv, defaultset, revokelevel,
prep, &iter)) > PGPERR_OK) {
/* Display it for him */
objPrint(iter, OUTPUT_INTERACTION);
if (revokelevel == KDBTYPE_KEY) {
/* Make sure it is our key */
pgpGetKeyBoolean(pgpKeyIterKey (iter),
kPGPKeyPropIsSecret,
&secret);
if (!secret) {
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"YOU_DONT_HAVE_THE_PRIVATE_KEY");
err = PGPERR_NO_SECKEY;
goto cleanup;
}
/* Make sure it hasn't already been revoked. */
pgpGetKeyBoolean (pgpKeyIterKey (iter), kPGPKeyPropIsRevoked,
&revoked);
if (revoked) {
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"KEY_IS_ALREADY_REVOKED");
err = PGPERR_OK;
goto cleanup;
}
}
else {
/* Make sure it hasn't already been revoked */
pgpGetCertBoolean (pgpKeyIterCert (iter), kPGPCertPropIsRevoked,
&revoked);
if (revoked) {
InteractionOutput(TRUE,
"SIG_ALREADY_REVOKED");
if (!pgpTtyGetBool(0, TRUE)) {
StatusOutput(TRUE, "SIG_REVOCATION_CANCELLED");
goto cleanup;
}
}
}
/* Confirm signature */
if (revokelevel == KDBTYPE_KEY) {
InteractionOutput(TRUE,
"CONFIRM_REVOKE_KEY");
} else {
InteractionOutput(TRUE,
"CONFIRM_REVOKE_SIG");
}
if (!pgpTtyGetBool(0, TRUE)) {
StatusOutput(TRUE, "REVOKE_CANCELLED");
err = PGPERR_OK;
goto cleanup;
}
pgpTtyGetPass (FALSE, passphrase, PASSLEN);
if (revokelevel == KDBTYPE_CERT)
err = pgpRevokeCert(pgpKeyIterCert (iter),
defaultset,
passphrase);
else
err = pgpRevokeKey (pgpKeyIterKey (iter), passphrase);
if (err)
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"UNABLE_TO_GENERATE_REVOCATION_SIGNATURE");
else
StatusOutput(TRUE, "KEY_REVOCATION_CERT_ADDED");
pgpCommitKeyRingChanges (defaultset);
}
cleanup:
if(iter)
pgpFreeKeyIter(iter);
if(prep)
FreeString(&prep);
return err;
}
static void
mainParseArgs (int *argcp, char *argv[], struct Flags *flags,
struct PgpUICb *ui, struct PgpTtyUI *ui_arg)
{
extern PgpEnv *pgpEnv;
struct PgpOptContext opt;
int c, argc = *argcp;
pgpOptStart (&opt, argc, argv);
argc = 0;
while ((c = pgpOptNext (&opt)) != EOF) {
switch (c) {
case 0:
if (opt.optarg[0] != '+' || opt.optarg[1] == '\0')
argv[argc++] = opt.optarg;
else if (pgpConfigLineProcess (ui, ui_arg, pgpEnv,
opt.optarg + 1,
PGPENV_PRI_CMDLINE)) {
if(opt.optarg && *opt.optarg)
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"UNRECOGNIZED_OPTION_STRING",
opt.optarg);
exitUsage (PGPEXIT_ARGS);
}
break;
case '-': {
Boolean IsGoodArg = FALSE;
/* This accepts --foo */
/* -- is special-cased, so "-- foo" won't do. */
/* Before we call the general case, we allow two --options
*in pgpk: --revoke and --revokes. So, we look for those,
*first.
*/
if(strncmp(opt.optarg, "revoke", strlen("revoke")) == 0 ||
strcmp(opt.optarg, "version") == 0) {
/*Is it a signature revocation?*/
if(strcmp(opt.optarg, "revokes") == 0) {
flags->opt = 'k';
flags->args[flags->argc++] = 's';
IsGoodArg = TRUE;
}
else {
/*Make sure it's "revoke" and not "revokarooni" or
*something (smart alec!):
*/
if(strcmp(opt.optarg, "revoke") == 0) {
flags->opt = 'k';
IsGoodArg = TRUE;
}
else {
if(strcmp(opt.optarg, "version") == 0) {
exitVersion();
}
}
}
}
else {
/*It's not one of our args, so call the generic stuff
*that processess the config options, etc.
*/
IsGoodArg = !pgpConfigLineProcess(ui,
ui_arg,
pgpEnv,
opt.optarg,
PGPENV_PRI_CMDLINE);
}
if(!IsGoodArg) {
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"UNRECOGNIZED_OPTION_STRING_DASH",
opt.optarg - 1);
exitCleanup(PGPEXIT_ARGS);
}
opt.optarg = NULL;
break;
}
case 'a': /* Add */
case 'c': /* Check */
case 'd': /* Disable */
case 'e': /* Edit */
case 'g': /* Generate */
case 'l': /* List */
case 'r': /* Remove */
case 's': /* Sign */
case 'x': /* eXtract */
setOpt (c, &opt, flags);
break;
case 'h': /* Help */
exitUsage (PGPEXIT_OK);
/*NOTREACHED*/
case 'o': /* Output */
if (flags->outfile) {
ErrorOutput(TRUE, LEVEL_CRITICAL, "ONLY_ONE_OUTPUT_FILE");
exitUsage(PGPEXIT_ARGS);
}
if (!opt.optarg) {
ErrorOutput(TRUE, LEVEL_CRITICAL, "NO_OUTPUT_FILENAME");
exitUsage(PGPEXIT_ARGS);
}
if(!(*opt.optarg == '-' && *(opt.optarg + 1) == '\0'))
flags->outfile = opt.optarg;
opt.optarg = 0;
break;
case 'u': /* Username (myname) */
if (flags->signName) {
ErrorOutput(TRUE, LEVEL_CRITICAL, "ONLY_ONE_USERNAME");
exitUsage(PGPEXIT_ARGS);
}
if (!opt.optarg) {
ErrorOutput(TRUE, LEVEL_CRITICAL, "NO_USERID_SPECIFIED");
exitUsage(PGPEXIT_ARGS);
}
flags->signName = opt.optarg;
opt.optarg = 0;
break;
case 'K': /* Keyring file */
if (flags->ringfile) {
/* exitArgError ("Only one -K option allowed");*/
exitUsage(PGPEXIT_ARGS);
}
if (!opt.optarg) {
#if 0
exitArgError (
"-K option requires a keyring filename argument");
#endif
exitUsage(PGPEXIT_ARGS);
}
flags->ringfile = opt.optarg;
opt.optarg = 0;
break;
case 'v': /* Verbose */
break;
case 'q': /* Quit */
flags->quit = 1;
break;
default:
if(c)
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"UNRECOGNIZED_OPTION_CHAR",
c);
exitUsage(PGPEXIT_OK);
}
}
if(pgpenvGetInt(pgpEnv, PGPENV_LICENSE, NULL, NULL)) {
display_license();
exitCleanup (PGPEXIT_ARGS);
}
*argcp = argc;
return;
}
static int
mainProcessFlags (struct Flags *flags, int argc,
char *argv[], PgpTtyUI *ui_arg)
{
int ReturnCode = PGPERR_UNKNOWN_ARGUMENT;
switch (flags->opt) {
case 'a':
ReturnCode = doKeyAdd(argc, argv);
break;
case 'c':
ReturnCode = doKeyCheck (flags, argc, argv);
break;
case 'd':
ReturnCode = doKeyDisable (argc, argv);
break;
case 'g':
ReturnCode = doKeyGenerate (defaultset, argc, argv, ui_arg);
break;
case 'k':
ReturnCode = doKeyRevoke (flags, argc, argv);
break;
case 'l':
ReturnCode = doKeyList (flags, argc, argv);
break;
case 'r':
ReturnCode = doKeyRemove (flags, argc, argv);
break;
case 's':
ReturnCode = doKeySign (flags, argc, argv);
break;
case 'x':
ReturnCode = doKeyExtract (ui_arg->env,
flags,
argc,
argv);
break;
case 'e':
ReturnCode = doKeyEdit (flags, argc, argv);
break;
default:
/*Dammit, I mean it! Unknown Argument! Now, stick!*/
ReturnCode = PGPERR_UNKNOWN_ARGUMENT;
break;
}
return(ReturnCode);
}
/* Clean up allocated space (like the pipeline and the rng) on exit */
static void
mainExit (void)
{
if (defaultset) {
pgpFreeKeySet (defaultset);
defaultset = NULL;
}
return;
}
/* #define LOOP 1 to cause the program to loop and collect commands */
int
appMain (int argc, char *argv[])
{
struct PgpUICb ui;
struct PgpTtyUI ui_arg;
struct Flags flags;
int retval = 0;
int nsets, nfiles;
PGPError pgpErr = PGPERR_OK;
extern RingPool *pgpRingPool;
extern PgpEnv *pgpEnv;
char *string = NULL;
atexit(mainExit);
pgpClearMemory(&ui, sizeof(ui));
/* Setup the UI callback functions */
ui.message = pgpTtyMessage;
ui.doCommit = pgpTtyDoCommit;
ui.newOutput = pgpTtyNewOutput;
ui.needInput = pgpTtyNeedInput;
ui.sigVerify = pgpTtySigVerify;
ui.eskDecrypt = pgpTtyEskDecrypt;
ui.annotate = NULL;
/* Setup the TTY UI argument */
ui_arg.verbose = 1;
ui_arg.fp = stderr;
ui_arg.ringset = NULL;
ui_arg.showpass = 0;
ui_arg.commits = -1;
ui_arg.protect_name = 0;
ui_arg.env = pgpEnv;
retval = pgpInitApp (&pgpEnv, &argc, &ui, &ui_arg, EXIT_PROG_PGPK, 0);
if (retval == PGPERR_OK) {
/* Now initialize the values that need initialization */
/* ui_arg.passcache = pgpPassCacheCreate (env);*/
ui_arg.verbose = pgpenvGetInt(pgpEnv, PGPENV_VERBOSE, NULL, NULL);
/* Check the exiration date on the application */
exitExpiryCheck (pgpEnv);
pgpLibInit();
/* Setup the TTY UI argument */
#if 0
pgpClearMemory(&ui_arg, sizeof(ui_arg));
#endif
pgpClearMemory (&flags, sizeof (flags));
mainParseArgs (&argc, argv, &flags, &ui, &ui_arg);
#if 0
InitializeOutputHandlesToDefaults();
LoadLanguageStrings(pgpEnv);
#endif
enableUI = !pgpenvGetInt(pgpEnv, PGPENV_BATCHMODE, NULL, NULL);
/* Open keyring file(s) */
defaultset = NULL;
if (flags.ringfile)
{
PGPFileRef *fileRef = pgpNewFileRefFromFullPath(flags.ringfile);
if (fileRef == NULL)
pgpErr = PGPERR_NO_FILE;
else
{
defaultset = pgpOpenKeyRing(TRUE, 0, 1, fileRef, &pgpErr);
pgpFreeFileRef(fileRef);
}
}
else
defaultset = pgpOpenDefaultKeyRings (TRUE, &pgpErr);
if (defaultset) {
/* Consistency check */
ringPoolConsistent (pgpRingPool, &nsets, &nfiles);
pgpAssert (nfiles <= 3);
/*
* Set variables which may have been set on the command line.
*/
ui_arg.showpass = 0;
if (flags.signName && !flags.signKey) {
LoadString(&string, "SELECT_SIGNING_KEY");
if (selectOneKey(flags.signName, defaultset, &flags.signKey,
string)
!= PGPERR_OK ||
flags.signKey == NULL) {
/*XXX Should this use PGPEXIT_ARGS?*/
ErrorOutput(TRUE,
LEVEL_CRITICAL,
"KEY_NOT_FOUND",
flags.signName);
FreeString(&string);
exitCleanup (PGPEXIT_ARGS);
}
FreeString(&string);
}
if((retval = mainProcessFlags (&flags, argc, argv, &ui_arg))
!= PGPERR_OK) {
if (retval == PGPERR_UNKNOWN_ARGUMENT) {
exitUsage(retval);
}
else {
PGPErrCodeOutput(TRUE, LEVEL_CRITICAL, retval);
}
ringPoolConsistent (pgpRingPool, &nsets, &nfiles);
}
/* 2 sets per file, plus 1 for union; files includes memring */
pgpAssert (nsets <= 5);
pgpAssert (nfiles <= 3);
}
else {
ErrorOutput(TRUE, LEVEL_CRITICAL, "UNABLE_TO_OPEN_KEYRING");
PGPErrCodeOutput(TRUE, LEVEL_CRITICAL, pgpErr);
}
}
else {
ErrorOutput(TRUE, LEVEL_CRITICAL, "PGPINITAPP_FAILED");
PGPErrCodeOutput(TRUE, LEVEL_CRITICAL, retval);
}
return retval;
}
/*
* Local Variables:
* tab-width: 4
* End:
* vi: ts=4 sw=4
* vim: si
*/
#if 0
#if 0
AddKeysResult = pgpAddKeys(TmpSet, SingleMatchSet);
#endif
}
}
#if 0
if(AddKeysResult == PGPERR_OK && TmpSet) {
*subset = pgpFilterKeySetAuto(fullset, argv[0]);
pgpFreeKeySet(TmpSet);
char foo[8096];
int len;
len = sizeof(foo);
pgpExportKeyBuffer(TmpSet, foo, &len);
*subset = pgpImportKeyBuffer(foo, strlen(foo));
pgpIncKeySetRefCount(*subset);
*subset = pgpFilterKeySetAuto(TmpSet, argv[0]);
pgpIncKeySetRefCount(*subset);
*subset = pgpCopyKeySet(TmpSet);
*subset = pgpFilterKeySetAuto(fooset, argv[0]);
pgpCountKeys(*subset);
pgpFreeKeySet(*subset);
AddKeysResult = PGPERR_OK;
}
#endif
#endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -