📄 keyusage.c
字号:
/*____________________________________________________________________________
KeyUsage.c
Copyright (C) 2003,2004 PGP Corporation
All rights reserved.
An example of how to filter out what keys can/should be
used to encrypt data.
$Id: KeyUsage.c 48493 2006-10-12 21:19:56Z vinnie $
____________________________________________________________________________*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "pgpFeatures.h"
#include "pgpErrors.h"
#include "pgpUtilities.h"
#include "pgpRandomPool.h"
#include "pgpKeys.h"
#include "pgpPublicKey.h"
#include "pgpEncode.h"
#include "pgpRandomPool.h"
#include "pgpMemoryMgr.h"
#include "optest.h"
PGPBoolean canKeyVerify( PGPKeyDBObjRef key)
{
PGPBoolean bCanVerify = FALSE;
PGPGetKeyDBObjBooleanProperty(key, kPGPKeyProperty_CanVerify, &bCanVerify );
return bCanVerify;
}
PGPBoolean canKeyDecrypt( PGPKeyDBObjRef key)
{
PGPBoolean bCanDecrypt = FALSE;
PGPGetKeyDBObjBooleanProperty(key, kPGPKeyProperty_CanDecrypt, &bCanDecrypt );
return bCanDecrypt;
}
PGPBoolean canKeySignMessages( PGPKeyDBObjRef key)
{
PGPBoolean bCanSign = FALSE;
PGPKeyDBObjRef useKey = kInvalidPGPKeyDBObjRef;
PGPGetKeyDBObjBooleanProperty(key, kPGPKeyProperty_CanSign, &bCanSign );
bCanSign = bCanSign && IsntPGPError( PGPGetKeyForUsage(key, kPGPKeyPropertyFlags_UsageSignMessages, &useKey))
&& PGPKeyDBObjRefIsValid(useKey);
return bCanSign;
}
PGPBoolean canKeySignUserIDs( PGPKeyDBObjRef key)
{
PGPBoolean bCanSign = FALSE;
PGPKeyDBObjRef useKey = kInvalidPGPKeyDBObjRef;
PGPGetKeyDBObjBooleanProperty(key, kPGPKeyProperty_CanSign, &bCanSign );
bCanSign = bCanSign && IsntPGPError( PGPGetKeyForUsage(key, kPGPKeyPropertyFlags_UsageSignUserIDs, &useKey))
&& PGPKeyDBObjRefIsValid(useKey);
return bCanSign;
}
PGPBoolean canKeyEncrypt( PGPKeyDBObjRef key)
{
PGPBoolean bCanEncrypt = FALSE;
PGPGetKeyDBObjBooleanProperty(key, kPGPKeyProperty_CanEncrypt, &bCanEncrypt);
return bCanEncrypt;
}
typedef PGPBoolean (*KeyTestProcPtr)(PGPKeyDBObjRef key);
static PGPError sSelectKeys(
PGPKeySetRef keySet,
KeyTestProcPtr testProc,
PGPKeySetRef *resultSet)
{
PGPError err = kPGPError_NoErr;
PGPKeySetRef filteredSet = kInvalidPGPKeySetRef;
PGPKeyIterRef iter = kInvalidPGPKeyIterRef;
PGPKeyDBObjRef key = kInvalidPGPKeyDBObjRef;
*resultSet = kInvalidPGPKeySetRef;
err = PGPCheckKeyRingSigs(keySet,PGPPeekKeySetKeyDB(keySet), FALSE, NULL,NULL );CKERR;
err = PGPNewEmptyKeySet(PGPPeekKeySetKeyDB(keySet), &filteredSet ); CKERR;
err = PGPNewKeyIterFromKeySet(keySet, &iter); CKERR;
while( IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &key) ) )
{
if( (testProc(key)) )
err = PGPAddKey(key, filteredSet); CKERR;
}
*resultSet = filteredSet;
done:
if(IsPGPError(err) && PGPKeySetRefIsValid (filteredSet) )
PGPFreeKeySet(filteredSet);
if( PGPKeyIterRefIsValid( iter ) )
PGPFreeKeyIter( iter );
return err;
}
PGPError TestKeyUsage (PGPContextRef context )
{
PGPError err = kPGPError_NoErr;
PGPKeyDBRef keyDB = kInvalidPGPKeyDBRef;
PGPFilterRef filter = kInvalidPGPFilterRef;
PGPKeySetRef workingSet = kInvalidPGPKeySetRef;
PGPKeySetRef filteredSet = kInvalidPGPKeySetRef;
PGPKeyListRef keylist = kInvalidPGPKeyListRef;
PGPKeyIterRef iter = kInvalidPGPKeyIterRef;
PGPKeyDBObjRef theKey = kInvalidPGPKeyDBObjRef;
PGPUInt32 numKeys;
static const char kEmailString[] = "optest.com";
err = importKeys(context,gTestKeysPath, kPGPInputFormat_PGP, &keyDB); CKERR;
#if 1
/* create a search filter */
err = PGPNewKeyDBObjDataFilter(context, kPGPUserIDProperty_EmailAddress,
kEmailString, sizeof (kEmailString) -1,
kPGPMatchCriterion_SubString, &filter); CKERR;
/* search for keys */
err = PGPFilterKeyDB(keyDB, filter, &workingSet); CKERR;
// filter = kInvalidPGPFilterRef;
#else
err = PGPNewKeySet(keyDB, &workingSet); CKERR;
#endif
/* We must perform the KeyRing Sig check for stuff to work */
err = PGPCheckKeyRingSigs(workingSet,keyDB, TRUE, NULL,NULL );CKERR;
err = PGPCountKeys(workingSet, &numKeys); CKERR;
OPTESTPrintF("%d Keys Filtered\n",numKeys);
err = sSelectKeys(workingSet, canKeyEncrypt, &filteredSet); CKERR;
err = PGPCountKeys(filteredSet, &numKeys); CKERR;
OPTESTPrintF("%d key(s) that can Encrypt\n",numKeys);
err = PGPOrderKeySet(filteredSet, kPGPKeyOrdering_UserID, FALSE, &keylist); CKERR;
err = PGPNewKeyIter(keylist, &iter); CKERR;
/* Iterate through each key */
for(numKeys = 1; IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &theKey) ); numKeys++)
{
char header[32];
sprintf(header, " [%d] ", numKeys);
if(gVerbose_flag)
{
printKeyDetails(header, FALSE, theKey);
OPTESTPrintF( "\n%*s--------------------------------\n\n", (int) strlen(header)," ");
}
else
{
printKeyName(header,theKey);
}
}
if( PGPKeyIterRefIsValid( iter ) )
{
PGPFreeKeyIter( iter );
iter = kInvalidPGPKeyIterRef;
}
if(PGPKeyListRefIsValid(keylist))
{
PGPFreeKeyList(keylist);
keylist = kInvalidPGPKeyListRef;
}
if( PGPKeySetRefIsValid (filteredSet) )
{
PGPFreeKeySet(filteredSet);
filteredSet = kInvalidPGPKeySetRef;
}
err = sSelectKeys(workingSet, canKeySignUserIDs, &filteredSet); CKERR;
err = PGPCountKeys(filteredSet, &numKeys); CKERR;
OPTESTPrintF("%d key(s) that can Sign UserIDs\n",numKeys);
err = PGPOrderKeySet(filteredSet, kPGPKeyOrdering_UserID, FALSE, &keylist); CKERR;
err = PGPNewKeyIter(keylist, &iter); CKERR;
/* Iterate through each key */
for(numKeys = 1; IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &theKey) ); numKeys++)
{
char header[32];
sprintf(header, " [%d] ", numKeys);
if(gVerbose_flag)
{
printKeyDetails(header, FALSE, theKey);
OPTESTPrintF( "\n%*s--------------------------------\n\n", (int) strlen(header)," ");
}
else
{
printKeyName(header,theKey);
}
}
if( PGPKeyIterRefIsValid( iter ) )
{
PGPFreeKeyIter( iter );
iter = kInvalidPGPKeyIterRef;
}
if(PGPKeyListRefIsValid(keylist))
{
PGPFreeKeyList(keylist);
keylist = kInvalidPGPKeyListRef;
}
if( PGPKeySetRefIsValid (filteredSet) )
{
PGPFreeKeySet(filteredSet);
filteredSet = kInvalidPGPKeySetRef;
}
err = sSelectKeys(workingSet, canKeySignMessages, &filteredSet); CKERR;
err = PGPCountKeys(filteredSet, &numKeys); CKERR;
OPTESTPrintF("%d key(s) that can Sign Messages Found\n",numKeys);
err = PGPOrderKeySet(filteredSet, kPGPKeyOrdering_UserID, FALSE, &keylist); CKERR;
err = PGPNewKeyIter(keylist, &iter); CKERR;
/* Iterate through each key */
for(numKeys = 1; IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &theKey) ); numKeys++)
{
char header[32];
sprintf(header, " [%d] ", numKeys);
if(gVerbose_flag)
{
printKeyDetails(header, FALSE, theKey);
OPTESTPrintF( "\n%*s--------------------------------\n\n", (int) strlen(header)," ");
}
else
{
printKeyName(header,theKey);
}
}
done:
if( PGPKeyIterRefIsValid( iter ) )
PGPFreeKeyIter( iter );
if( PGPFilterRefIsValid( filter ) )
PGPFreeFilter( filter );
if(PGPKeyListRefIsValid(keylist))
PGPFreeKeyList(keylist);
if( PGPKeySetRefIsValid (filteredSet) )
PGPFreeKeySet(filteredSet);
if( PGPKeySetRefIsValid (workingSet) )
PGPFreeKeySet(workingSet);
if( PGPKeyDBRefIsValid( keyDB ) )
PGPFreeKeyDB( keyDB );
return err;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -