📄 pgpkeyman.c
字号:
err = PGPFindNode( keydb->idToObj, newkeyid,
(PGPUserValue *)&newkey );
}
#if PGP_WIN32
if( IsntPGPError( err ) && IsntNull( progress ) )
{
/* If interrupted during keygen, don't save key */
PGPOptionListRef newOptionList = NULL;
err = pgpEventKeyGen (context, &newOptionList,
progress, userValue, (PGPUInt32)'.');
if (IsntNull (newOptionList))
pgpFreeOptionList (newOptionList);
if( IsntPGPError( err ) )
{
PGPCopyKeys( PGPPeekKeyDBRootKeySet( keydb ), olddb, NULL );
pgpKeyDBAddObject( olddb, newkey, &newkey );
}
}
if( IsntNull( progress ) )
{
PGPFreeKeyDB( keydb );
keydb = olddb;
}
#endif /* PGP_WIN32 */
} else {
err = pgpDoGenerateKey_internal( keydb, NULL, (PGPByte)pkalg,
bits, creationDate, (PGPUInt16)expiration,
(const char *)name, nameLength,
(const char *)passphrase, passphraseLength,
passphraseIsKey, NULL, 0, cacheTimeOut,
cacheGlobal, progress, userValue,
(PGPBoolean)fastgen, (PGPBoolean)!noentropy,
useToken, tokenID, adkset, (PGPByte)adkclass,
rakset, (PGPByte)rakclass,
prefalg, prefalgLength, prefkeyserv,
prefkeyservLength, keyflags, keyflagsop,
keyservprefs, keyservprefsop, &newkey );
}
if( IsntPGPError( err ) )
*key = newkey;
error:
return err;
}
static const PGPOptionType subkeygenOptionSet[] = {
kPGPOptionType_KeyGenMasterKey,
kPGPOptionType_KeyGenParams,
kPGPOptionType_Passphrase,
kPGPOptionType_Passkey,
kPGPOptionType_CachePassphrase,
kPGPOptionType_Expiration,
kPGPOptionType_CreationDate,
kPGPOptionType_EventHandler,
kPGPOptionType_KeyFlags,
kPGPOptionType_KeyGenFast,
kPGPOptionType_KeyGenUseExistingEntropy,
kPGPOptionType_KeyGenOnToken
};
PGPError
pgpGenerateSubKeyInternal(
PGPKeyDBObjRef *subkey,
PGPOptionListRef optionList
)
{
PGPKeyDB *keydb;
PGPContextRef context;
PGPUInt32 pkalg;
PGPUInt32 bits;
PGPTime creationDate;
PGPUInt32 expiration;
PGPByte *passphrase;
PGPUInt32 passphraseLength;
PGPBoolean passphraseIsKey = FALSE;
PGPUInt32 cacheTimeOut = 0;
PGPBoolean cacheGlobal;
PGPEventHandlerProcPtr progress;
PGPUserValue userValue;
PGPKeyDBObjRef masterkey;
PGPKeyDBObjRef newsubkey;
PGPEnv *pgpEnv;
PGPBoolean fastgenop;
PGPUInt32 fastgen;
PGPBoolean keyflagsop;
PGPUInt32 keyflags;
PGPUInt32 noentropy = FALSE;
PGPBoolean useToken;
PGPUInt32 tokenID;
PGPError err;
if (IsPGPError( err = pgpCheckOptionsInSet( optionList,
subkeygenOptionSet, elemsof( subkeygenOptionSet ) ) ) )
return err;
if( IsNull( subkey ) )
return kPGPError_BadParams;
/* First pick up mandatory options */
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_KeyGenMasterKey, TRUE,
"%p", &masterkey ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_KeyGenParams, TRUE,
"%d%d", &pkalg, &bits ) ) )
goto error;
keydb = PGPPeekKeyDBObjKeyDB( masterkey );
context = PGPPeekKeyDBContext( keydb );
pgpEnv = pgpContextGetEnvironment( context );
/* Now get optional parameters */
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_Passphrase, FALSE,
"%p%l", &passphrase, &passphraseLength ) ) )
goto error;
if (IsNull( passphrase )) {
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_Passkey, FALSE,
"%p%l", &passphrase, &passphraseLength ) ) )
goto error;
if( IsntNull( passphrase ) )
passphraseIsKey = TRUE;
}
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_CachePassphrase, FALSE,
"%d%b", &cacheTimeOut, &cacheGlobal ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_CreationDate, FALSE,
"%T", &creationDate ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_Expiration, FALSE,
"%d", &expiration ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_EventHandler, FALSE,
"%p%p", &progress, &userValue ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_KeyFlags, FALSE,
"%b%d", &keyflagsop, &keyflags ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_KeyGenOnToken, FALSE,
"%b%d", &useToken, &tokenID ) ) )
goto error;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_KeyGenFast, FALSE,
"%b%d", &fastgenop, &fastgen ) ) )
goto error;
if( !fastgenop ) {
fastgen = pgpenvGetInt (pgpEnv, PGPENV_FASTKEYGEN, NULL, NULL);
}
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_KeyGenUseExistingEntropy, FALSE,
"%d", &noentropy ) ) )
goto error;
err = pgpKeyDeadCheck(masterkey);
if ( IsPGPError( err ) )
return err;
*subkey = NULL;
if( pgpFrontEndKeyDB( keydb ) && useToken )
{
PGPUInt32 *newobjs;
PGPSize newobjslen;
PGPUInt32 newkeyid;
#if PGP_WIN32
PGPKeyDBRef olddb = NULL;
/* Win32 needs special callback handling */
if( IsntNull( progress ) )
{
/* Create temp keydb for insertion, copy to keydb */
olddb = keydb;
PGPNewKeyDB( context, &keydb );
PGPCopyKeyDBObj( masterkey, keydb, &masterkey );
}
#endif /* PGP_WIN32 */
err = pgpDoGenerateKey_back (context, keydb->id,
pgpKeyDBObjID(masterkey), (PGPByte)pkalg, bits,
creationDate, (PGPUInt16)expiration, NULL, 0,
(char const *)passphrase, passphraseLength,
passphraseIsKey, (char const *)passphrase,
passphraseLength, cacheTimeOut, cacheGlobal,
progress, userValue, (PGPBoolean)fastgen,
(PGPBoolean)!noentropy, useToken, tokenID, NULL, 0,
(PGPByte)0, NULL, 0, (PGPByte)0, NULL, 0, NULL, 0,
keyflags, keyflagsop, 0, (PGPBoolean)FALSE,
&newobjs, &newobjslen, &newkeyid);
if( IsntPGPError( err ) )
{
err = pgpAddFromKeyArray( keydb, masterkey, newobjs, 1, TRUE );
PGPFreeData( newobjs );
}
if( IsntPGPError( err ) )
{
err = PGPFindNode( keydb->idToObj, newkeyid,
(PGPUserValue *)&newsubkey );
}
#if PGP_WIN32
if( IsntPGPError( err ) && IsntNull( progress ) )
{
/* One last chance for an interruption */
PGPOptionListRef newOptionList = NULL;
err = pgpEventKeyGen (context, &newOptionList,
progress, userValue, (PGPUInt32)'.');
if (IsntNull (newOptionList))
pgpFreeOptionList (newOptionList);
if( IsntPGPError( err ) )
{
PGPCopyKeys( PGPPeekKeyDBRootKeySet( keydb ), olddb, NULL );
pgpKeyDBAddObject (olddb, newsubkey, &newsubkey );
}
}
if( IsntNull( progress ) )
{
PGPFreeKeyDB( keydb );
keydb = olddb;
}
#endif /* PGP_WIN32 */
} else {
err = pgpDoGenerateKey_internal (keydb, masterkey,
(PGPByte)pkalg, bits, creationDate,
(PGPUInt16)expiration,
NULL, 0, (char const *)passphrase,
passphraseLength, passphraseIsKey,
(char const *)passphrase, passphraseLength,
cacheTimeOut, cacheGlobal,
progress, userValue,
(PGPBoolean)fastgen, (PGPBoolean)!noentropy,
useToken, tokenID, NULL, (PGPByte)0,
NULL, (PGPByte)0, NULL, 0,
NULL, 0, keyflags, keyflagsop, 0,
(PGPBoolean)FALSE, &newsubkey);
}
if( IsntPGPError( err ) )
*subkey = newsubkey;
error:
return err;
}
/* Handle editing key properties which are held in self signatures */
static const PGPOptionType keyoptionOptionSet[] = {
kPGPOptionType_Passphrase,
kPGPOptionType_Passkey,
kPGPOptionType_CachePassphrase,
kPGPOptionType_RevocationKeySet,
kPGPOptionType_PreferredAlgorithms,
kPGPOptionType_PreferredKeyServer,
kPGPOptionType_KeyServerPreferences,
kPGPOptionType_KeyFlags,
#if 0
/* not yet implemented */
kPGPOptionType_Expiration,
kPGPOptionType_AdditionalRecipientRequestKeySet,
#endif
};
PGPError
pgpAddKeyOptions_internal (
PGPKeyDBObjRef key,
const char * passphrase,
PGPSize passphraseLength,
PGPBoolean hashedPhrase,
PGPUInt32 cacheTimeOut,
PGPBoolean cacheGlobal,
PGPKeySetRef rakset,
PGPUInt32 rakclass
)
{
PGPKeySetRef rak1set = NULL;
PGPSigSpec *sigspec;
PGPKeyIter *rakiter;
PGPKeyDB *keys;
PGPKeyDBObj *rakkey;
PGPContextRef context;
PGPError err = kPGPError_NoErr;
keys = PGPPeekKeyDBObjKeyDB( key );
context = PGPPeekKeyDBContext( keys );
err = PGPNewKeyIterFromKeySet( rakset, &rakiter );
if( IsPGPError( err ) )
goto error;
/* Add 1 RAK key at a time in separate self signatures */
while( IsntPGPError( PGPKeyIterNextKeyDBObj( rakiter, kPGPKeyDBObjType_Key,
&rakkey ) ) ) {
pgpAssert (pgpObjectType(rakkey) == RINGTYPE_KEY);
err = PGPNewOneKeySet( rakkey, &rak1set );
if( IsPGPError( err ) )
goto error;
err = sCreateSigSpec( context, key, PGP_SIGTYPE_KEY_PROPERTY,
passphrase, passphraseLength, hashedPhrase,
cacheTimeOut, cacheGlobal, &sigspec );
if( IsntPGPError( err ) )
err = sSigSpecSetExportability( sigspec, SIG_EXPORTABLE, 0 );
if( IsntPGPError( err ) )
err = sSigSpecAddRAK( sigspec, rak1set, rakclass );
if( IsntPGPError( err ) )
err = sCertifyObject( sigspec, key );
if( IsPGPError( err ) ) {
goto error;
}
PGPFreeKeySet (rak1set);
rak1set = NULL;
}
PGPFreeKeyIter( rakiter );
rakiter = NULL;
error:
if( IsntNull( rak1set ) )
PGPFreeKeySet( rak1set );
if( IsntNull( rakiter ) )
PGPFreeKeyIter (rakiter);
return err;
}
PGPError
pgpAddKeyOptionsInternal (
PGPKeyDBObjRef key,
PGPOptionListRef optionList
)
{
char * passphrase;
PGPSize passphraseLength;
PGPBoolean hashedPhrase = FALSE;
PGPUInt32 cacheTimeOut = 0;
PGPBoolean cacheGlobal;
PGPKeySetRef rakset = NULL;
PGPUInt32 rakclass = 0;
PGPError err = kPGPError_NoErr;
if (IsPGPError( err = pgpCheckOptionsInSet( optionList,
keyoptionOptionSet, elemsof( keyoptionOptionSet ) ) ) )
goto error;
/* Pick up passphrase options */
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_Passphrase, FALSE,
"%p%l", &passphrase, &passphraseLength ) ) )
goto error;
if (IsNull( passphrase )) {
hashedPhrase = TRUE;
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_Passkey, FALSE,
"%p%l", &passphrase, &passphraseLength ) ) )
goto error;
}
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_CachePassphrase, FALSE,
"%d%b", &cacheTimeOut, &cacheGlobal ) ) )
goto error;
/* Get data to add (require revocationkeyset for now) */
if( IsPGPError( err = pgpFindOptionArgs( optionList,
kPGPOptionType_RevocationKeySet, TRUE,
"%p%d", &rakset, &rakclass ) ) )
goto error;
pgpAssert( IsntNull( rakset ) );
/*
* This code is temporary and will be redesigned to support a wider
* set of key options.
*/
if ( IsPGPError( err = pgpKeyDeadCheck(key) ) ) {
goto error;
}
if( pgpFrontEndKey( key ) )
{
PGPUInt32 *raklist;
PGPSize raklistsize;
PGPUInt32 *newobjs;
PGPSize newobjslen;
PGPKeyDB *keydb = PGPPeekKeyDBObjKeyDB( key );
if( IsPGPError(err = pgpKeySetFlatten( rakset, &raklist,&raklistsize)))
goto error;
err = pgpAddKeyOptions_back( PGPPeekKeyDBContext(keydb),
pgpKeyDBObjID(key), passphrase,
passphraseLength, hashedPhrase,
cacheTimeOut, cacheGlobal,
raklist, raklistsize, rakclass,
&newobjs, &newobjslen);
if( IsPGPError( err ) )
goto error;
err = pgpAddFromKeyArray( keydb, NULL, newobjs, 1, FALSE );
PGPFreeData( newobjs );
} else {
err = pgpAddKeyOptions_internal( key, passphrase, passphraseLength,
hashedPhrase, cacheTimeOut,
cacheGlobal, rakset, rakclass );
if( IsPGPError( err ) )
goto error;
}
/* Calculate trust changes as a result */
if( err == kPGPError_NoErr )
(void)PGPCalculateTrust (PGPPeekKeyDBObjKeyDB(key)->rootSet, NULL);
error:
return err;
}
PGPError
pgpRemoveKeyOptionsInternal (
PGPKeyDBObjRef key,
PGPOptionListRef optionList
)
{
(void) key;
(void) optionList;
return kPGPError_FeatureNotAvailable;
}
PGPError
pgpUpdateKeyOptions_internal (
PGPKeyDBObjRef key,
const char * passphrase,
PGPSize passphraseLength,
PGPBoolean hashedPhrase,
PGPUInt32 cacheTimeOut,
PGPBoolean cacheGlobal,
const PGPCipherAlgorithm *prefalg,
PGPSize prefalgLength,
const PGPByte *prefkeyserv,
PGPSize prefkeyservLength,
PGPUInt32 keyflags,
PGPBoolean fkeyflags,
PGPUInt32 keyservprefs,
PGPBoolean fkeyservprefs
)
{
PGPKeyDB *keys;
PGPEnv *pgpEnv;
PGPSigSpec *sigspec = NULL;
int tzFix;
PGPTime timestamp;
PGPContextRef context;
PGPByte *prefalgByte = NULL;
PGPKeyDBObj *userid;
PGPKeyDBObj *latestsig;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -