pgpkeyobj.c

可以实现对邮件的加密解密以及签名

	if( IsNull( signer ) )
		return FALSE;

	for( obj=sig->up->down; IsntNull(obj); obj=obj->next ) {
		if( obj == sig )
			continue;
		if( !pgpKeyDBObjIsReal(obj) )
			continue;
		if( !OBJISSIG(obj) )
			continue;
		if( pgpSigMaker (obj) != signer )
			continue;
		if( (pgpSigType (obj) & 0xf0) != type )
			continue;
		if( !pgpSigChecked (obj) )
			continue;
		if (pgpSigTimestamp(sig) >= pgpSigTimestamp(obj))
			continue;
		return TRUE;
	}
	return FALSE;
}


/* There ain't much to know about a name... */
char const *
pgpUserIDName(PGPKeyDBObj *name, PGPSize *lenp)
{
	char const *buf;
	PGPSize len;
	PGPSize hlen;

	pgpAssert(OBJISUSERID(name));
	buf = (char const *)pgpFetchObject(name, &len);
	hlen = pgpPktBufferHeaderLen( (PGPByte *) buf );
	buf += hlen;
	len -= hlen;
	if( IsntNull(lenp) )
		*lenp = len;
	return buf;
}

	PGPBoolean
pgpUserIDIsAttribute(PGPKeyDBObj *name)
{
	PGPUserIDInfo *uinfo;

	pgpAssert(OBJISUSERID(name));
	uinfo = pgpUserIDToUserIDInfo( name );

	return (PGPBoolean)NAMEISATTR(uinfo);
}

	PGPUInt32
pgpUserIDCountAttributes(PGPKeyDBObj *name)
{
	PGPUserIDInfo *uinfo;
	PGPByte			*p;
	PGPSize			len;
	
	pgpAssert(OBJISUSERID(name));
	uinfo = pgpUserIDToUserIDInfo( name );
	if (!NAMEISATTR(uinfo))
		return 0;

	p = (PGPByte *)pgpFetchObject(name, &len);
	if (!p) {
		return 0;
	}

	return pgpAttrCountSubpackets (p, len);
}


/* Return the nth attribute subpacket for the specified name */
	PGPByte const *
pgpUserIDAttributeSubpacket (PGPKeyDBObj *name, PGPUInt32 nth,
	PGPUInt32 *subpacktype, PGPSize *plen, PGPError *error)
{
	PGPUserIDInfo *uinfo;
	PGPByte			*p;
	PGPSize			len;
	
	pgpAssert(OBJISUSERID(name));
	uinfo = pgpUserIDToUserIDInfo( name );

	if (error)
		*error = kPGPError_NoErr;

	if (!NAMEISATTR(uinfo)) {
		if (error)
			*error = kPGPError_BadParams;
		return NULL;
	}

	p = (PGPByte *)pgpFetchObject(name, &len);

	return pgpAttrSubpacket(p, len, nth, subpacktype, plen);
}	

/* Return true if userid is self-signed.  If checked is true, it must
 * be checked, otherwise we will accept it as long as it has not failed
 * the signature check.
 */
	PGPBoolean
pgpUserIDIsSelfSigned( PGPKeyDBObj *name, PGPBoolean checked )
{
	PGPKeyDBObj		*signer;
	PGPKeyDBObj		*sig;

	pgpAssert(OBJISUSERID(name));

	signer = name->up;
	pgpAssert( OBJISTOPKEY( signer ) );
	for( sig = name->down; sig; sig = sig->next )
	{
		if( !pgpKeyDBObjIsReal(sig) )
			continue;
		if( !OBJISSIG(sig) )
			continue;
		if( pgpSigMaker (sig) != signer )
			continue;
		if( (pgpSigType (sig) & 0xf0) != PGP_SIGTYPE_KEY_GENERIC )
			continue;
		if( (checked || pgpSigTried(sig)) && !pgpSigChecked(sig) )
			continue;
		if( pgpSigRevoked (sig) )
			continue;
		return TRUE;
	}
	return FALSE;
}


/* Return the primary userid of the specified attribute type */
/* This reads from disk and munges the pktbuf for nonzero attribute */
	PGPKeyDBObj *
pgpKeyPrimaryUserID (PGPKeyDBObj *key, PGPUInt32 type)
{
	PGPKeyDBObj *name;
	PGPKeyDBObj *firstname;
	PGPKeyDBObj *sig;
	PGPKeyDBObj *newestsig;
	PGPUserIDInfo *uinfo;
	PGPSigInfo *sinfo;
	PGPSigInfo *newestsinfo = NULL;
	PGPKeyDBObj *settrustname;
	PGPUInt32 subpacktype;

    pgpAssert(OBJISKEY(key));

	newestsig = NULL;
	firstname = NULL;
	settrustname = NULL;
	for (name=key->down; IsntNull(name); name=name->next) {
		if( !pgpKeyDBObjIsReal(name) )
			continue;
		if (!OBJISUSERID(name))
			continue;
		uinfo = pgpUserIDToUserIDInfo( name );
		if ((type == 0) != !NAMEISATTR(uinfo))
			continue;
		subpacktype = 0;
		if (NAMEISATTR(uinfo)) {
			(void)pgpUserIDAttributeSubpacket (name, 0, &subpacktype,
											  NULL, NULL);
			if (subpacktype != type)
				continue;
		}
		/* Have a name which is the right attribute type */
		if (!firstname)
			firstname = name;
		/* Names set manually by user win over subpacket userids */
		if( uinfo->oldvalidity & PGP_USERIDTRUSTF_PRIMARY )
		{
			settrustname = name;
			break;
		}
		sig = pgpLatestSigByKey (name, key);
		if (sig) {
			pgpAssert (OBJISSIG(sig));
			sinfo = pgpSigToSigInfo( sig );
			if (SIGISPRIMARYUID (sinfo)) {
				if (!newestsig) {
					newestsig = sig;
					newestsinfo = sinfo;
				} else {
					/* Don't override irrevocable settings */
					if (SIGISREVOCABLE(newestsinfo) &&
								(pgpSigTimestamp(sig) >
								 pgpSigTimestamp(newestsig))) {
						newestsig = sig;
						newestsinfo = sinfo;
					}
				}
			}
		}
	}

	if (firstname == NULL)
		return NULL;

	if( settrustname ) {
		name = settrustname;
	} else if (newestsig) {
		name = newestsig->up;
	} else {
		name = firstname;
	}

	pgpAssert (name);
	pgpAssert (OBJISUSERID(name));
	return name;
}


/* Set the specified userid as primary userid in trust field. */
	PGPError
pgpKeySetPrimaryUserID( PGPKeyDBObj *userid )
{
	PGPUserIDInfo *uinfo;
	PGPUInt32 type;

    pgpAssert(OBJISUSERID(userid));
	
	uinfo = pgpUserIDToUserIDInfo( userid );
	if( NAMEISATTR(uinfo) )
	{
		pgpUserIDAttributeSubpacket (userid, 0, &type, NULL, NULL);
	} else {
		type = 0;
	}
	pgpKeyClearPrimaryUserIDs( userid->up, type );
	uinfo->oldvalidity |= PGP_USERIDTRUSTF_PRIMARY;
	return kPGPError_NoErr;
}

/* Clear the primary userid flags from trust bytes of all userids of
 * specified type.  If type == -1UL then do it from all userids.
 */
	PGPError
pgpKeyClearPrimaryUserIDs( PGPKeyDBObj *key, PGPUInt32 type )
{
	PGPKeyDBObj *name;
	PGPUserIDInfo *uinfo;
	PGPUInt32 subpacktype;

    pgpAssert(OBJISTOPKEY(key));

	for (name=key->down; IsntNull(name); name=name->next) {
		if( !pgpKeyDBObjIsReal(name) )
			continue;
		if (!OBJISUSERID(name))
			continue;
		uinfo = pgpUserIDToUserIDInfo( name );
		/* Make sure it is right type */
		if( type != -1UL )
		{
			if ((type == 0) != !NAMEISATTR(uinfo))
				continue;
			subpacktype = 0;
			if (NAMEISATTR(uinfo)) {
				(void)pgpUserIDAttributeSubpacket (name, 0, &subpacktype,
												  NULL, NULL);
				if (subpacktype != type)
					continue;
			}
		}
		uinfo->oldvalidity &= ~PGP_USERIDTRUSTF_PRIMARY;
	}
	return kPGPError_NoErr;
}



/*  Return the old-style 4-level validity of a name */

	PGPByte
pgpUserIDOldValidity(PGPKeyDBObj *name)
{
	PGPKeyInfo *kinfo;
    PGPKeyDBObj *key;
	PGPUserIDInfo *uinfo;
	
    pgpAssert(OBJISUSERID(name));

    key = name->up;
    pgpAssert(OBJISTOPKEY(key));
	kinfo = pgpKeyToKeyInfo( key );
    /*
	 * Force returned value if key is revoked or axiomatic.
	 * Allow expired keys to stay valid, so users can know what their status
	 * was before they expired.
	 */
    if (kinfo->trust & PGP_KEYTRUSTF_REVOKED)
        return kPGPUserIDTrust_Untrusted;
    if (kinfo->trust & PGP_KEYTRUSTF_BUCKSTOP)
        return kPGPUserIDTrust_Complete;
	uinfo = pgpUserIDToUserIDInfo( name );
    return uinfo->oldvalidity & kPGPUserIDTrust_Mask;
}

	PGPBoolean
pgpUserIDWarnonly(PGPKeyDBObj *name)
{
	PGPUserIDInfo *uinfo;

	pgpAssert(OBJISUSERID(name));

	uinfo = pgpUserIDToUserIDInfo( name );
	return uinfo->oldvalidity & PGP_USERIDTRUSTF_WARNONLY;
}

void
pgpUserIDSetWarnonly(PGPKeyDBObj *name)
{
	PGPUserIDInfo *uinfo;

	pgpAssert(OBJISUSERID(name));

	uinfo = pgpUserIDToUserIDInfo( name );
	if (!(uinfo->oldvalidity & PGP_USERIDTRUSTF_WARNONLY)) {
		uinfo->oldvalidity |= PGP_USERIDTRUSTF_WARNONLY;
	}
}

	PGPUInt16
pgpUserIDValidity(PGPKeyDBObj *name)
{
	PGPKeyInfo *kinfo;
    PGPKeyDBObj *key;
	PGPUserIDInfo *uinfo;

    pgpAssert(OBJISUSERID(name));

    key = name->up;
    pgpAssert (OBJISTOPKEY(key));
	kinfo = pgpKeyToKeyInfo( key );
	/*
	 * Force returned value if key is revoked or axiomatic.
	 * Allow expired keys to stay valid, so users can know what their status
	 * was before they expired.
	 */
    if (kinfo->trust & PGP_KEYTRUSTF_REVOKED)
        return 0;
    if (kinfo->trust & PGP_KEYTRUSTF_BUCKSTOP)
        return PGP_TRUST_INFINITE;
	uinfo = pgpUserIDToUserIDInfo( name );
    return pgpTrustToIntern (uinfo->validity); 
}

	PGPUInt16
pgpUserIDConfidence(PGPKeyDBObj *name)
{
	PGPUserIDInfo *uinfo;

	pgpAssert(OBJISUSERID(name));

	uinfo = pgpUserIDToUserIDInfo( name );
	return pgpTrustToIntern (uinfo->confidence);
}

	PGPBoolean
pgpUserIDConfidenceUndefined(PGPKeyDBObj *name)
{
	PGPUserIDInfo *uinfo;

	pgpAssert(OBJISUSERID(name));

	uinfo = pgpUserIDToUserIDInfo( name );
	return (uinfo->confidence == PGP_NEWTRUST_UNDEFINED);
}


void
pgpUserIDSetConfidence(PGPKeyDBObj *name,
		      PGPUInt16 confidence)
{
	PGPUserIDInfo *uinfo;

	pgpAssert(OBJISUSERID(name));

	confidence = (PGPUInt16) pgpTrustToExtern (confidence);
	
	uinfo = pgpUserIDToUserIDInfo( name );
	if (uinfo->confidence != confidence) {
		uinfo->confidence = (PGPByte) confidence;
	}
}


	PGPKeyDBObj *
pgpSigMaker(PGPKeyDBObj const *sig)
{
	PGPKeyDBObj *key;
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));

	sinfo = pgpSigToSigInfo( sig );
	key = sinfo->by;
	if( !pgpKeyDBObjIsReal( key )  ||  ! OBJISTOPKEY( key ) )
		return NULL;
	pgpAssert(OBJISKEY(key));
	return key;
}

/*
 * This is like pgpSigMaker but will return the signer even if dummy or
 * not a top level key.
 */
	PGPKeyDBObj *
pgpSigMakerDummyOK(PGPKeyDBObj const *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));

	sinfo = pgpSigToSigInfo( sig );
	return sinfo->by;
}

void
pgpSigID8(PGPKeyDBObj const *sig, PGPByte *pkalg, PGPKeyID *keyID)
{
	PGPKeyDBObj *key;
	PGPSigInfo *sinfo;
	PGPKeyInfo *kinfo;
	PGPByte keypkalg;

	pgpAssert(OBJISSIG(sig));

	sinfo = pgpSigToSigInfo( sig );
	key = sinfo->by;
	pgpAssert(OBJISKEY(key));
	kinfo = pgpKeyToKeyInfo( key );
	keypkalg = kinfo->pkalg;
	if ((keypkalg | 1) == 3)
		keypkalg = 1;	/* ViaCrypt */
	if (pkalg)
		*pkalg = keypkalg;
	if ( keyID )
	{
		pgpNewKeyIDFromRawData( kinfo->keyID, keypkalg, 8, keyID );
	}
}

	PGPByte
pgpSigTrust(PGPKeyDBObj *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));
	sinfo = pgpSigToSigInfo( sig );

	if (sinfo->by == NULL)
		return PGP_SIGTRUST_NOKEY;
	if (!(sinfo->trust & PGP_SIGTRUSTF_TRIED))
		return PGP_SIGTRUST_UNTRIED;
	if (!(sinfo->trust & PGP_SIGTRUSTF_CHECKED))
		return PGP_SIGTRUST_BAD;
	else
		return sinfo->trust & kPGPKeyTrust_Mask;
}

	PGPBoolean
pgpSigChecked(PGPKeyDBObj const *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));
	sinfo = pgpSigToSigInfo( sig );

	return sinfo->trust & PGP_SIGTRUSTF_CHECKED;
}

	PGPBoolean
pgpSigTried(PGPKeyDBObj const *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));

	sinfo = pgpSigToSigInfo( sig );
	return sinfo->trust & PGP_SIGTRUSTF_TRIED;
}

	PGPBoolean
pgpSigExportable(PGPKeyDBObj const *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));
	sinfo = pgpSigToSigInfo( sig );

	return SIGISEXPORTABLE(sinfo);
}

	PGPByte
pgpSigTrustLevel(PGPKeyDBObj const *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));
	sinfo = pgpSigToSigInfo( sig );

	return sinfo->trustLevel;
}

	PGPByte
pgpSigTrustValue(PGPKeyDBObj const *sig)
{
	PGPSigInfo *sinfo;

	pgpAssert(OBJISSIG(sig));
	sinfo = pgpSigToSigInfo( sig );

	return sinfo->trustValue;
}

/* Call pgpSigTrust to get sig status, then call this function if
   sig is good and the confidence is required. */

	PGPUInt16
pgpSigConfidence(PGPKeyDBObj *sig)
{
	PGPKeyDBObj *key;
	PGPSigInfo *sinfo;
	PGPKeyInfo *kinfo;

	pgpAssert(OBJISSIG(sig));
	sinfo = pgpSigToSigInfo( sig );

	if (sinfo->by != NULL) {
		key = sinfo->by;
		pgpAssert( OBJISKEY( key ) );
		kinfo = pgpKeyToKeyInfo( key );
		if (kinfo->trust & PGP_KEYTRUSTF_REVOKED)
			return 0;
		else
			return pgpKeyCalcTrust (key);