📄 pgpskep.c
字号:
if (!weConfirmed)
err = kPGPError_UserAbort;
}
if (IsntPGPError(err))
err = sSocketSend(skep, socket, &shareDataSize,
sizeof(shareDataSize), TRUE, &progressData);
if (IsntPGPError(err))
{
dataSize = sizeof(PGPKeyID);
err = sSocketSend(skep, socket, &dataSize,
sizeof(dataSize), TRUE, &progressData);
}
if (IsntPGPError(err))
{
PGPGetKeyIDFromShares(shares, &keyID);
err = sSocketSend(skep, socket, &keyID, sizeof(PGPKeyID),
FALSE, &progressData);
}
if (IsntPGPError(err))
{
dataSize = sizeof(PGPShareID);
err = sSocketSend(skep, socket, &dataSize,
sizeof(dataSize), TRUE, &progressData);
}
if (IsntPGPError(err))
{
PGPGetShareID(shares, &shareID);
err = sSocketSend(skep, socket, &shareID, sizeof(PGPShareID),
FALSE, &progressData);
}
if (IsntPGPError(err))
{
threshold = PGPGetShareThreshold(shares);
err = sSocketSend(skep, socket, &threshold, sizeof(threshold),
TRUE, &progressData);
}
if (IsntPGPError(err))
{
numShares = PGPGetNumberOfShares(shares);
err = sSocketSend(skep, socket, &numShares, sizeof(numShares),
TRUE, &progressData);
}
if (IsntPGPError(err))
{
totalShares = PGPGetTotalNumberOfShares(shares);
err = sSocketSend(skep, socket, &totalShares, sizeof(totalShares),
TRUE, &progressData);
}
if (IsntPGPError(err))
{
err = sSocketSend(skep, socket, shareData,
shareDataSize, FALSE, &progressData);
}
if (IsntPGPError(err))
{
skepEvent.type = kPGPskepEvent_CloseEvent;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
}
if (IsntPGPError(err))
{
progressData.bytesTotal = 0;
err = sSocketReceive(skep, socket, &closing, sizeof(closing), TRUE,
&progressData);
}
if (IsntPGPError(err))
{
if (closing != kPGPskep_ClosingMessage)
{
err = kPGPError_CorruptData;
pgpAssertNoErr(err);
}
}
if (IsntNull(shareData))
PGPFreeData(shareData);
if (IsntNull(newPassphrase))
PGPFreeData(newPassphrase);
if (IsntNull(newPasskey))
PGPFreeData(newPasskey);
if (IsntNull(tlsSession))
{
if (IsntNull(remoteKey))
PGPtlsClose(tlsSession, FALSE);
else
PGPtlsClose(tlsSession, TRUE);
PGPFreeTLSSession(tlsSession);
}
if (IsntNull(socket))
{
PGPCloseSocket(socket);
skep->socketOut = NULL;
}
if (IsntNull(skep->eventHandler))
PGPSetSocketsIdleEventHandler(oldCallback, oldUserValue);
PGPSocketsDisposeThreadStorage(previousStorage);
PGPSocketsCleanup();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
return err;
}
static PGPSocketRef sSocketAccept(PGPskepRef skep, PGPSocketRef sock,
PGPSocketAddress *sockAddr, PGPInt32 *addrLength)
{
PGPError err;
PGPInt32 result;
PGPSocketRef asock;
PGPSocketSet readSet;
PGPSocketsTimeValue tv;
PGPEvent event;
tv.tv_sec = kPGPskepAcceptTimeout;
tv.tv_usec = 0;
do
{
PGPSOCKETSET_ZERO (&readSet);
PGPSOCKETSET_SET ((PGPInt32) sock, &readSet);
result = PGPSelect ((PGPInt32) sock + 1, &readSet, NULL, NULL, &tv);
err = sSocketCallback (skep->context, &event, (PGPUserValue) skep);
} while ((result <= 0) && (!PGPSOCKETSET_ISSET(sock, &readSet)) && (IsntPGPError (err)));
if (IsPGPError (err))
return (PGPSocketRef) kPGPSockets_Error;
asock = PGPAccept (sock, sockAddr, addrLength);
if (asock < 0)
return (PGPSocketRef) kPGPSockets_Error;
return asock;
}
PGPError PGPskepReceiveShares(PGPskepRef skep, PGPKeyDBObjRef authKey,
const char *passphrase)
{
PGPShareRef shares;
PGPSocketRef socket = NULL;
PGPSocketRef socketIn;
PGPtlsSessionRef tlsSession;
PGPEventHandlerProcPtr oldCallback = NULL;
PGPUserValue oldUserValue;
PGPSocketAddressInternet sockAddr;
PGPskepEvent skepEvent;
PGPskepEventProgressData progressData;
PGPInt32 result;
PGPKeyDBObjRef remoteKey;
PGPKeyID keyID;
PGPShareID shareID;
PGPUInt32 threshold;
PGPUInt32 numShares;
PGPUInt32 totalShares;
PGPUInt32 closing = kPGPskep_ClosingMessage;
PGPUInt32 shareDataSize;
PGPSize dataSize;
PGPByte * shareData;
PGPByte version;
PGPBoolean weConfirmed;
PGPBoolean theyConfirmed;
PGPHostEntry * hostEntry;
char * newPassphrase = NULL;
PGPByte * newPasskey = NULL;
PGPSize newPasskeySize = 0;
PGPError err = kPGPError_NoErr;
PGPSocketsThreadStorageRef previousStorage;
#if PGP_WIN32
char h_name[256];
#endif
PGPValidateSKEP(skep);
PGPValidateParam(PGPKeyDBObjRefIsValid(authKey));
pgpAssertMsg(skep->magic == kPGPskepMagic, "Invalid SKEP object");
skep->cancel = FALSE;
PGPSocketsInit();
PGPSocketsCreateThreadStorage(&previousStorage);
if (IsntNull(skep->eventHandler))
{
PGPGetSocketsIdleEventHandler(&oldCallback, &oldUserValue);
PGPSetSocketsIdleEventHandler(sSocketCallback, skep);
}
socket = PGPOpenSocket(kPGPAddressFamilyInternet,
kPGPSocketTypeStream, kPGPTCPProtocol);
if (IsNull(socket))
{
err = PGPGetLastSocketsError();
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
skep->socketOut = socket;
sockAddr.sin_family = kPGPAddressFamilyInternet;
sockAddr.sin_port = PGPHostToNetShort(kPGPskep_Port);
sockAddr.sin_addr.s_addr = kPGPInternetAddressAny;
result = PGPBindSocket(socket, (PGPSocketAddress *) &sockAddr,
sizeof(sockAddr));
if (result == kPGPSockets_Error)
{
err = PGPGetLastSocketsError();
pgpAssertNoErr(err);
}
}
if (IsntPGPError(err))
{
result = PGPListen(socket, 4);
if (result == kPGPSockets_Error)
{
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
}
while (IsntPGPError(err))
{
socketIn = NULL;
tlsSession = NULL;
progressData.bytesSoFar = 0;
progressData.bytesTotal = 0;
remoteKey = NULL;
shareData = NULL;
hostEntry = NULL;
shares = NULL;
weConfirmed = TRUE;
theyConfirmed = TRUE;
skepEvent.type = kPGPskepEvent_ListenEvent;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
result = sizeof(sockAddr);
socketIn = sSocketAccept(skep, socket, (PGPSocketAddress *) &sockAddr,
&result);
if (IsNull(socketIn) || ((int) socketIn == kPGPSockets_Error))
{
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
skep->socketIn = socketIn;
skepEvent.type = kPGPskepEvent_ConnectEvent;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
}
if (IsntPGPError(err))
{
#if PGP_WIN32
err = PGPStartAsyncGetHostByAddress(sockAddr.sin_addr.s_addr,
&skep->asyncHostEntryRef);
if (IsntPGPError(err)) {
PGPWaitForGetHostByAddress(skep->asyncHostEntryRef,
h_name, 256);
skep->asyncHostEntryRef = kPGPInvalidAsyncHostEntryRef;
}
#else
hostEntry = PGPGetHostByAddress((char *) &sockAddr.sin_addr,
sizeof(PGPInternetAddress),
kPGPProtocolFamilyInternet);
#endif
}
if (IsntPGPError(err))
{
err = PGPNewTLSSession(skep->tlsContext, &tlsSession);
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPtlsSetProtocolOptions(tlsSession,
kPGPtlsFlags_ServerSide | kPGPtlsFlags_RequestClientCert);
pgpAssertNoErr(err);
}
while (IsntPGPError(err))
{
PGPBoolean goodPassphrase;
if (IsNull(newPasskey))
goodPassphrase = PGPPassphraseIsValid(authKey,
passphrase ?
PGPOPassphrase(skep->context,
passphrase):
PGPONullOption(skep->context),
PGPOLastOption(skep->context));
else
goodPassphrase = PGPPassphraseIsValid(authKey,
PGPOPasskeyBuffer(skep->context,
newPasskey, newPasskeySize),
PGPOLastOption(skep->context));
if (!goodPassphrase)
{
if (IsntNull(newPassphrase))
PGPFreeData(newPassphrase);
if (IsntNull(newPasskey))
PGPFreeData(newPasskey);
if (IsntNull(skep->eventHandler))
{
skepEvent.type = kPGPskepEvent_PassphraseEvent;
skepEvent.data.ppd.passphrase = NULL;
skepEvent.data.ppd.passkey = NULL;
err = skep->eventHandler(skep, &skepEvent, skep->userValue);
if (IsPGPError(err))
break;
newPassphrase = skepEvent.data.ppd.passphrase;
newPasskey = skepEvent.data.ppd.passkey;
newPasskeySize = skepEvent.data.ppd.passkeySize;
if (IsNull(newPassphrase) && IsNull(newPasskey))
err = kPGPError_BadPassphrase;
else
passphrase = newPassphrase;
}
else
err = kPGPError_BadPassphrase;
}
else
break;
}
if (IsntPGPError(err))
{
if (IsNull(newPasskey))
err = PGPtlsSetLocalPrivateKey(tlsSession, authKey, NULL,
passphrase ?
PGPOPassphrase( skep->context, passphrase ) :
PGPONullOption( skep->context),
PGPOLastOption( skep->context ) );
else
err = PGPtlsSetLocalPrivateKey(tlsSession, authKey, NULL,
PGPOPasskeyBuffer( skep->context, newPasskey,
newPasskeySize),
PGPOLastOption( skep->context ) );
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPSocketsEstablishTLSSession(socketIn, tlsSession);
if (IsPGPError(err))
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPtlsGetRemoteAuthenticatedKey(tlsSession, &remoteKey, NULL);
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
skepEvent.type = kPGPskepEvent_AuthenticateEvent;
skepEvent.data.ad.remoteKey = remoteKey;
skepEvent.data.ad.remoteIPAddress =
PGPInternetAddressToDottedString(sockAddr.sin_addr);
PGPtlsGetNegotiatedCipherSuite( tlsSession,
&skepEvent.data.ad.tlsCipher );
/* If the hostname doesn't exist, set it to the ip address */
if (IsntNull(hostEntry))
{
#if PGP_WIN32
skepEvent.data.ad.remoteHostname = h_name;
#else
skepEvent.data.ad.remoteHostname = hostEntry->h_name;
#endif
}
else
{
skepEvent.data.ad.remoteHostname =
skepEvent.data.ad.remoteIPAddress;
}
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -