keymgmt.c

PGP.Corporation.PGP.SDK.v3.7.2.rar 此前从本站下载的那个缺少几个lib文件

/* TE03.14.02  - Manage a Key Set  */
	/* create a search filter */
	err = PGPNewKeyDBObjDataFilter(context,  kPGPUserIDProperty_EmailAddress,
								kEmailString, strlen (kEmailString)  ,
								kPGPMatchCriterion_SubString, &filter); CKERR;

  	err = PGPNewKeyDBObjDataFilter(context,  kPGPUserIDProperty_EmailAddress, 
								kEmailString1, strlen (kEmailString1),
								kPGPMatchCriterion_SubString, &filter1); CKERR;
 	
 	err = PGPUnionFilters(filter,filter1, &filter); CKERR;
 
	/* search for keys */
 	err = PGPFilterKeyDB(keyDB, filter, &keyset); CKERR;
 
	/* how many did we find ?*/
	err = PGPCountKeys(keyset, &numKeys); CKERR;
 	OPTESTPrintF("    %d keys passed through filter\n",numKeys );
	
	if(numKeys == 0) FAIL("Key Filtering Failed");
	
	/* Check KeyRing Sigs */
	/* NOTE: We must perform the KeyRing Sig check for expiration dates to work */
 	err = PGPCheckKeyRingSigs(keyset,keyDB, TRUE, NULL,NULL  );CKERR;

	/* Create a key list in  the set */
	err = PGPOrderKeySet( keyset, kPGPKeyOrdering_KeyID, TRUE, &keyList ); CKERR;
	
 	/* make an iterator */
 	err = PGPNewKeyIter( keyList, &iter); CKERR;
  
	/* Iterate through each key */
	for(i = 1;  IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &theKey) ); i++)
	{
		char		tempBuf[256];
		PGPSize		length;
		PGPKeyID	tempID;
  		
		PGPGetKeyID(theKey, &tempID);
		PGPGetKeyIDString( &tempID, kPGPKeyIDString_Abbreviated, (void*)tempBuf);
		OPTESTPrintF( "     [%d] %s ", i, tempBuf);
 		err = PGPGetPrimaryUserIDName(theKey, tempBuf, sizeof(tempBuf), &length); CKERR;
 		OPTESTPrintF("%s\n", (char*)tempBuf); 
  	}
	OPTESTPrintF("\n"); 
  
	/* find some well known Key ID's */
	err = PGPNewKeyIDFromString(kBobsKeyIDString,		kPGPPublicKeyAlgorithm_Invalid,&BobsKeyID); CKERR;
 	err = PGPNewKeyIDFromString(kAlicesKeyIDString,		kPGPPublicKeyAlgorithm_Invalid,&AlicesKeyID); CKERR;
 	err = PGPNewKeyIDFromString(kEvesKeyIDString,		kPGPPublicKeyAlgorithm_Invalid,&EvesKeyID); CKERR;
	err = PGPNewKeyIDFromString(kOptestCAKeyIDString,	kPGPPublicKeyAlgorithm_Invalid,&RootKeyID); CKERR;
 	err = PGPNewKeyIDFromString(kAlicesOldSubKeyString, kPGPPublicKeyAlgorithm_Invalid,&AliceSubKeyID); CKERR;
	
  	err = PGPFindKeyByKeyID(keyDB,&BobsKeyID, &BobsKey); CKERR;
	err = PGPFindKeyByKeyID(keyDB,&AlicesKeyID, &AlicesKey); CKERR;
	err = PGPFindKeyByKeyID(keyDB,&EvesKeyID, &EvesKey); CKERR;
	err = PGPFindKeyByKeyID(keyDB,&RootKeyID, &RootKey); CKERR;
	err = PGPFindKeyByKeyID(keyDB,&AliceSubKeyID, &AliceSubKey); CKERR;
  	
	/* get Bob's signing key */
	err = PGPGetPrimaryUserID(BobsKey, &BobsKey); CKERR;
	
	/* Clean Bobs key */
	OPTESTPrintF("   Clean Excess Sigs from keys\n");
	err = PGPCleanSignatures(keyset, kPGPSignatureCleaning_None); CKERR;
	
 	/* add in photo */
	OPTESTPrintF("   Add Photo To Alice's Key\n");
	err = PGPAddAttributeUserID (AlicesKey,
							kPGPAttribute_Image,
							(void*) testImage,
							sizeof(testImage),
							PGPOPassphrase( context, kAlicesPassPhrase ),
							PGPOLastOption (context)); CKERR;
 
 	OPTESTPrintF("   Make Alice's Key Axiomatic\n");
	err = PGPSetKeyAxiomatic(AlicesKey, TRUE, PGPOLastOption( context ) );
	
	OPTESTPrintF("   Add New User To Alice's Key\n");
	err = PGPAddUserID(AlicesKey, "Alice in Wonderland",
						PGPOPassphrase( context, kAlicesPassPhrase ),
						PGPOLastOption( context ) );  CKERR;
  
  	OPTESTPrintF("   Add Optest CA as ADK for Alice's Key\n");
	err = PGPNewOneKeySet(RootKey, &adkset);  CKERR; 
	err = PGPUpdateKeyOptions(AlicesKey, 
					PGPOAdditionalRecipientRequestKeySet(context, adkset, 0x00),
					PGPOPassphrase( context, kAlicesPassPhrase ),
					PGPOLastOption( context ) );  CKERR;
  
   	OPTESTPrintF("   Add Bob as Revoker for Alice's Key\n");
//	err = PGPNewOneKeySet(BobsKey, &revokerset);  CKERR; 
 	err  = PGPNewOneInclusiveKeySet(BobsKey, &revokerset);  CKERR; 
	err = PGPAddKeyOptions(AlicesKey, 
					PGPORevocationKeySet(context, revokerset ),
					PGPOPassphrase( context, kAlicesPassPhrase ),
					PGPOLastOption( context ) );  CKERR;
 
    
	OPTESTPrintF("   Search for the Alices new username and make it the primary\n");
   	/* Search for the New UserName and make it the primary  */
 	for( PGPKeyIterSeek( iter, AlicesKey );
		 IsntPGPError( PGPKeyIterNextKeyDBObj(iter, kPGPKeyDBObjType_UserID, &userID ));)
 	{
		char		propBuf[64];
		PGPSize		propLen;

		if( IsntPGPError( PGPGetKeyDBObjDataProperty( userID, kPGPUserIDProperty_CommonName, propBuf, sizeof(propBuf), &propLen))
			&& strcmp(propBuf,"Alice in Wonderland") == 0)
		{
			err = PGPSetPrimaryUserID(userID,
						PGPOPassphrase( context, kAlicesPassPhrase ),
						PGPOLastOption( context ) );  CKERR;
			break;
 		}
 	} 
  
	OPTESTPrintF("   Alice Signs Bob's Key\n");
 	/* Check for suffcient random bits */
	err = ConsoleAcquireEntropy(context, PGPGlobalRandomPoolGetMinimumEntropy()/8, NULL, FALSE); CKERR;
							
	/* TE03.14.02  - sign Key  */
	err =  PGPCertifyUserID( BobsKey, AlicesKey,
				   PGPOPassphrase( context, kAlicesPassPhrase ),
				   PGPOExpiration( context, 1 ),
				   PGPOExportable( context, FALSE ),
				   PGPOSigTrust( context, 2,  kPGPKeyTrust_Complete ),
				   PGPOLastOption( context ) );
	
	if(err == kPGPError_DuplicateCert)
		err = kPGPError_NoErr;
	CKERR;

 
 	OPTESTPrintF("   Alice Signs Bob's Key again with longer expiration date.\n");
 	err =  PGPCertifyUserID( BobsKey, AlicesKey,
				   PGPOPassphrase( context, kAlicesPassPhrase ),
				   PGPOCleanSignatures(context, kPGPSignatureCleaning_Replaced),
				   PGPOExpiration( context, 2 ),
				   PGPOExportable( context, FALSE ),
				   PGPOSigTrust( context, 2,  kPGPKeyTrust_Complete ),
				   PGPOLastOption( context ) );
	CKERR;
 
	OPTESTPrintF("   Alice revokes subkey %s.\n", kAlicesOldSubKeyString);
	err = PGPRevoke( AliceSubKey,
					PGPOPassphrase( context, kAlicesPassPhrase ),
					PGPOLastOption( context ) ); CKERR;
  
#if 0
#if PGP_SYMBIAN
#elif !PGP_WIN32
#warning 3rd Party revoke doesnt work if you have priv key
#else
#pragma message( "3rd Party revoke doesnt work if you have priv key" )
#endif

 
	OPTESTPrintF("   revoke Subkey %s from Alice.\n", kAlicesOldSubKeyString);
	err = PGPRevoke( AlicesKey, //AliceSubKey,
					   PGPOPassphrase( context, kBobsPassPhrase ),
 						PGPOLastOption( context ) ); CKERR;
#endif
	  
 	OPTESTPrintF("   Delete Eve's Key\n");
	err = PGPDeleteKeyDBObj(EvesKey); CKERR;
	
	/* display results */
	
	OPTESTPrintF("\n   Display modified Key DataBase \n     -------\n");
	
	PGPKeyIterRewind(iter, kPGPKeyDBObjType_Key);
	
	/* Iterate through each key */
	for(i = 1;  IsntPGPError( PGPKeyIterNextKeyDBObj( iter, kPGPKeyDBObjType_Key, &theKey) ); i++)
	{
	 	char	header[32];
 		
		sprintf(header, "     [%d] ", i);
 		printKeyDetails(header, FALSE, theKey);
		OPTESTPrintF( "\n%*s--------------------------------\n\n", (int) strlen(header)," ");

 	}

  	/* additional function tests */
#if 0
	{

 		PGPByte keyIDBytes[8];
		PGPSize  numKeyIDBytes;
		PGPBoolean	foo;
	
		err = PGPGetKeyIDBytes(&BobsKeyID, keyIDBytes, &numKeyIDBytes); CKERR;
 	 	err = PGPKeyDBIsUpdated(keyDB,  &foo );
	 	err = PGPIncKeyDBRefCount(keyDB);
	 	err = PGPCacheKeyDB(keyDB, 0);
 	 	err = PGPPurgeKeyDBCache( context );
 		
 	}
#endif
	
 

done:
 
	/* Cleanup this mess */
	if( exportBuf)
		PGPFreeData(exportBuf);

	if( PGPFileSpecRefIsValid(pubKeysFileSpec))
			PGPFreeFileSpec(pubKeysFileSpec);

	if( PGPFileSpecRefIsValid(privKeysFileSpec))
		PGPFreeFileSpec(privKeysFileSpec);
	 
	if( PGPKeyIterRefIsValid( iter ) )
		PGPFreeKeyIter( iter );

 	if( PGPKeyListRefIsValid (keyList) )
		PGPFreeKeyList(keyList);
 		
	if( PGPKeySetRefIsValid (keyset) )
		PGPFreeKeySet(keyset);
 		
	if( PGPKeySetRefIsValid (adkset) )
		PGPFreeKeySet(adkset);
 		
	if( PGPKeySetRefIsValid (revokerset) )
		PGPFreeKeySet(revokerset);
 
	if( PGPFilterRefIsValid( filter ) )
		PGPFreeFilter( filter );
 
	if( PGPKeyDBRefIsValid( importKeyDB ) )
 		PGPFreeKeyDB( importKeyDB );
 
	if( PGPKeyDBRefIsValid( keyDB ) )
	{
		OPTESTPrintF("    Closing Key DB.\n" );


/* OP TEST	Archive key Database */
		PGPFlushKeyDB(keyDB);

/* OP TEST	Free a key Database */
		PGPFreeKeyDB( keyDB );
	}
	
 	 
    return err;
}