pkrevoke.c

PGP8.0源码 请认真阅读您的文件包然后写出其具体功能

/*____________________________________________________________________________
	Copyright (C) 2002 PGP Corporation
	All rights reserved.
	
	PKRevoke.c - implements various operations performed on keys. 
	
	$Id: PKRevoke.c,v 1.21 2002/10/25 01:42:16 pbj Exp $
____________________________________________________________________________*/
#include "pgpPFLConfig.h"

// project header files
#include "PGPkeysx.h"
#include "UTF8Edit.h"

// constant definitions
#define BITMAP_WIDTH	16
#define BITMAP_HEIGHT	16

#define INITIAL_SIGN_COLUMNWIDTH	210

#define SIG_NONEXPORTABLE	0
#define SIG_EXPORTABLE		1
#define SIG_TRUST			2
#define SIG_META			3

// external globals  
extern HINSTANCE		g_hinst;
extern PGPContextRef	g_context;
extern PGPtlsContextRef	g_tlscontext;

// typedefs
typedef struct {
	PPGPKEYSSTRUCT	ppks;
	PGPKeyDBObjRef	key;
	PGPBoolean		bSyncWithServer;
} REVOKECERTSTRUCT, *PREVOKECERTSTRUCT;


//	___________________________________________________
//
//  revoke split key and all subkeys

static PGPError 
sRevokeKeySplit (
		PGPKeyDBRef		keydb,
		PGPKeyDBObjRef	key,
		PGPByte*		passkey,
		PGPSize			sizePasskey)
{
	PGPKeyIterRef	keyiter;
	PGPKeyDBObjRef	subkey;
	PGPError		err;

	err = PGPRevoke (key, 
			PGPOPasskeyBuffer (g_context, passkey, sizePasskey),
			PGPOLastOption (g_context));
	if (IsPGPError (err)) 
		return err;

	PGPNewKeyIterFromKeyDB (keydb, &keyiter);
	PGPKeyIterSeek (keyiter, key);
	PGPKeyIterNextKeyDBObj (keyiter, kPGPKeyDBObjType_SubKey, &subkey);
	while (subkey) 
	{
		err = PGPRevoke (subkey, 
				PGPOPasskeyBuffer (g_context, passkey, sizePasskey),
				PGPOLastOption (g_context));
		PGPKeyIterNextKeyDBObj (keyiter, kPGPKeyDBObjType_SubKey, &subkey);
	}
	PGPFreeKeyIter (keyiter);

	return err;
}

//	___________________________________________________
//
//  revoke normal key and all subkeys

static PGPError 
sRevokeKeyNormal (
		PGPKeyDBRef		keydb,
		PGPKeyDBObjRef	key, 
		LPSTR			pszPhrase)
{
	PGPKeyIterRef	keyiter;
	PGPKeyDBObjRef	subkey;
	PGPError		err;

	err = PGPRevoke (key, 
			PGPOPassphrase (g_context, pszPhrase),
			PGPOLastOption (g_context));
	if (IsPGPError (err)) 
		return err;

	PGPNewKeyIterFromKeyDB (keydb, &keyiter);
	PGPKeyIterSeek (keyiter, key);
	PGPKeyIterNextKeyDBObj (keyiter, kPGPKeyDBObjType_SubKey, &subkey);
	while (subkey) 
	{
		err = PGPRevoke (subkey, 
				PGPOPassphrase (g_context, pszPhrase),
				PGPOLastOption (g_context));
		PGPKeyIterNextKeyDBObj (keyiter, kPGPKeyDBObjType_SubKey, &subkey);
	}
	PGPFreeKeyIter (keyiter);

	return err;
}

//	___________________________________________________
//
//  Revoke selected key

BOOL 
PKRevokeKey (
		PPGPKEYSSTRUCT	ppks)
{
	PGPPrefRef		prefref				= kInvalidPGPPrefRef;
	BOOL			bRetVal				= TRUE;
	PGPError		err					= kPGPError_NoErr;
	LPSTR			pszPhrase			= NULL;
	PGPByte*		pPasskey			= NULL;
	PGPKeySetRef	keysetRevokers		= kInvalidPGPKeySetRef;
	PGPKeyDBObjRef	keyRevoker			= kInvalidPGPKeyDBObjRef;
	PGPBoolean		bSecret				= FALSE;
	PGPBoolean		bSplit				= FALSE;
	PGPBoolean		bSyncWithServer		= FALSE;

	PGPSize			sizePasskey;
	PGPKeyDBObjRef	key;
	PGPKeyDBObjRef	keyToRevoke;
	PGPKeyDBObjRef	keyDef;
	CHAR			sz128[128];
	PGPUInt32		u, uNumRevokers;

	if (IsPGPError (PGPclPeekClientLibPrefRefs (&prefref, NULL)))
		return FALSE;

	PGPGetPrefBoolean (prefref, kPGPPrefKeyServerSyncOnRevocation, 
						&bSyncWithServer);

	PGPclKeyListGetSelectionInfo (ppks->hKL, NULL, &keyToRevoke, NULL, NULL);
	PGPclGetDefaultPrivateKey (ppks->keydbMain, &keyDef);

	if (keyToRevoke == keyDef) 
	{
		if (PKMessageBox (ppks->hwndMain, IDS_CAPTIONWARNING, IDS_REVCONFDEFKEY,
				MB_YESNO|MB_TASKMODAL|MB_DEFBUTTON2|MB_ICONWARNING) == IDNO)
		{
			return FALSE;
		}
	}
	else 
	{
		if (PKMessageBox (ppks->hwndMain, IDS_CAPTIONWARNING, IDS_REVOKECONFIRM, 
				MB_YESNO|MB_ICONWARNING) == IDNO) 
		{
			return FALSE;
		}
	}

	err = PGPGetKeyDBObjBooleanProperty (keyToRevoke, 
				kPGPKeyProperty_IsSecret, &bSecret); CKERR;

	if (bSecret) 
	{
		keyRevoker = keyToRevoke;
		err = PGPGetKeyDBObjBooleanProperty (keyToRevoke, 
				kPGPKeyProperty_IsSecretShared, &bSplit); CKERR;
	}
	else 
	{
		err = PGPCountRevocationKeys (keyToRevoke, &uNumRevokers);  CKERR;
		for (u = 0; u < uNumRevokers; u++) 
		{
			err = PGPGetIndexedRevocationKey (keyToRevoke, 
					u, &key, NULL); CKERR;
			key = PGPPeekKeyDBObjKey (key);

			if (PGPKeyDBObjRefIsValid (key)) 
			{
				err = PGPGetKeyDBObjBooleanProperty (key, 
						kPGPKeyProperty_IsSecret, &bSecret); CKERR;
				err = PGPGetKeyDBObjBooleanProperty (key, 
						kPGPKeyProperty_IsSecretShared, &bSplit); CKERR;

				if (bSecret) 
				{
					keyRevoker = key;
					if (!bSplit) 
						break;
				}
			}
		}
	}

	if (!PGPKeyDBObjRefIsValid (keyRevoker))
		goto done;

	// get valid passphrase
	LoadString (g_hinst, IDS_SELKEYPASSPHRASE, sz128, 128); 
	err = PGPclGetKeyPhrase (g_context, g_tlscontext,
			ppks->hwndMain, sz128,
			ppks->keydbMain, keyRevoker,
			&pszPhrase, &pPasskey, &sizePasskey);
	PGPclErrorBox (ppks->hwndMain, err);

	// now we have a valid passphrase, if required
	if (IsntPGPError (err)) 
	{
		// update from server
		if (bSyncWithServer) 
		{
			if (!PKGetFromServerInternal (ppks, FALSE, FALSE, FALSE)) 
			{
				if (PKMessageBox (ppks->hwndMain, IDS_CAPTIONALERT, 
						IDS_QUERYCONTINUEREVOKINGKEY, 
						MB_YESNO|MB_ICONQUESTION) == IDNO) 
				{
					bRetVal = FALSE;
				}
			}
		}
		
		if (bRetVal) 
		{
			// make sure we have enough entropy
			PGPclRandom (g_context, ppks->hwndMain, 0);

			if (bSplit) 
			{
				err = sRevokeKeySplit (ppks->keydbMain,
						keyToRevoke, pPasskey, sizePasskey);
			}
			else 
			{
				err = sRevokeKeyNormal (ppks->keydbMain,
						keyToRevoke, pszPhrase);
			}
						
			if (IsntPGPError (PGPclErrorBox (NULL, err))) 
			{
				PKKeyDBModified (ppks, PK_MOD_INDEX_0);
				PGPclKeyListUpdateTree (ppks->hKL, 
						kPGPclKeyListUpdateObject, keyToRevoke, FALSE);
				PGPclKeyListSetTree (ppks->hKL,
						kPGPclSelectSpecifiedOnly, keyToRevoke);
				PGPclKeyListUpdateTree (ppks->hKL, 
						kPGPclKeyListUpdateValidities, NULL, TRUE);

				// send to server
				if (bSyncWithServer)
					PKSendToServer (ppks, kPGPclDefaultServer);
			}
			else 
				bRetVal = FALSE;
		}
	}
	else 
		bRetVal = FALSE;

done :
	if (IsntNull (pszPhrase))
		PGPclFreePhrase (pszPhrase);
	if (IsntNull (pPasskey)) 
		PGPclFreePasskey (pPasskey, sizePasskey);
	if (PGPKeySetRefIsValid (keysetRevokers))
		PGPFreeKeySet (keysetRevokers);

	PGPclErrorBox (ppks->hwndMain, err);

	return bRetVal;
}


//	___________________________________________________
//
//	Revoke signature dialog message procedure

static BOOL CALLBACK 
sRevokeCertDlgProc (
		HWND	hwnd, 
		UINT	uMsg, 								
		WPARAM	wParam, 
		LPARAM	lParam) 
{
	PREVOKECERTSTRUCT prcs;

	switch (uMsg) {

	case WM_INITDIALOG :
		{
			CHAR		sz[kPGPMaxUserIDSize +1];
			PGPKeyID	keyid;
			PGPSize		size;

			SetWindowLong (hwnd, GWL_USERDATA, lParam);
			prcs = (PREVOKECERTSTRUCT)lParam;

			PGPGetKeyID (prcs->key, &keyid);
			PGPGetKeyIDString (&keyid, kPGPKeyIDString_Abbreviated, sz);
			SetDlgItemText (hwnd, IDC_KEYID, sz);

			UTF8EditInit (GetDlgItem (hwnd, IDC_NAME));
			PGPclGetPrimaryUserIDNameUTF8 (prcs->key, sz, sizeof(sz), &size);
			UTF8EditSetText (GetDlgItem (hwnd, IDC_NAME), sz);