Example #1
0
LPSTR __cdecl _pgp_decrypt_key(LPCSTR szEncMsg, LPCSTR pgpKey)
{
	#if defined(_WIN64)
		return 0;
	#else
		LPSTR szPlainMsg = 0;
		PGPSize dwPlainMsgLen;

		PGPUInt32 dwKeys;
		PGPKeyDBRef PrivateKeyDB;
		if (CheckPGPError(_pgp_import_key(&PrivateKeyDB,pgpKey)))
			return 0;
		PGPCountKeysInKeyDB(PrivateKeyDB, &dwKeys);

		if(dwKeys==0) {
			PGPFreeKeyDB(PrivateKeyDB);
			return 0;
		}

		int iTry = 0;

		do {
			if (!pszPassphrase &&
				PGPPassphraseDialog(pgpContext,
				PGPOUIOutputPassphrase(pgpContext, &pszPassphrase),
				PGPOLastOption(pgpContext)) == kPGPError_UserAbort) {
					iTry = 3;
					break;
			}

			PGPError err = PGPDecode(pgpContext,
				PGPOInputBuffer(pgpContext, szEncMsg, lstrlen(szEncMsg)),
				PGPOAllocatedOutputBuffer(pgpContext, (LPVOID *)&szPlainMsg, 16384, &dwPlainMsgLen),
				PGPOKeyDBRef(pgpContext, PrivateKeyDB),
				PGPOPassphrase(pgpContext, pszPassphrase),
				PGPOLastOption(pgpContext));

			if (CheckPGPError(err))
				iTry = 3;
			else
				if (!dwPlainMsgLen) {
					PGPFreeData(pszPassphrase);
					pszPassphrase = 0;
					iTry++;
				}

		} while(!dwPlainMsgLen && iTry<3);

		PGPFreeKeyDB(PrivateKeyDB);

		if(iTry == 3) return 0;

		LPSTR szMsg = (LPSTR) LocalAlloc(LPTR,dwPlainMsgLen+1);
		_pgp_memcpy(szMsg, szPlainMsg, dwPlainMsgLen);
		szMsg[dwPlainMsgLen] = 0;
		PGPFreeData((LPVOID)szPlainMsg);

		return szMsg;
	#endif
}
Example #2
0
LPSTR __cdecl _pgp_decrypt_keydb(LPCSTR szEncMsg)
{
    LPSTR szPlainMsg = 0;
    DWORD dwPlainMsgLen;

	ClearPGPError();
	if(!pgpKeyDB)
		return 0;

    int iTry = 0;

    do {
		if (!pszPassphrase && 
			PGPPassphraseDialog(pgpContext,
								PGPOUIOutputPassphrase(pgpContext, &pszPassphrase),
								PGPOLastOption(pgpContext)) == kPGPError_UserAbort) {
	    	iTry = 3;
	    	break;
		}

	    PGPError err = PGPDecode(pgpContext,
	       PGPOInputBuffer(pgpContext, szEncMsg, lstrlen(szEncMsg)),
	       PGPOAllocatedOutputBuffer(pgpContext, (LPVOID *)&szPlainMsg, 16384, (PGPUInt32 *)&dwPlainMsgLen),
#if (PGP_WIN32 < 0x700)
		   PGPOKeySetRef(pgpContext, pgpKeyDB),
#else
	       PGPOKeyDBRef(pgpContext, pgpKeyDB),
#endif
	       PGPOPassphrase(pgpContext, pszPassphrase),
	       PGPOLastOption(pgpContext));

	    if (CheckPGPError(err))
			iTry = 3;
		else
	    if (!dwPlainMsgLen) {
			PGPFreeData(pszPassphrase);
			pszPassphrase = 0;
			iTry++;
	    }

	} while(!dwPlainMsgLen && iTry<3);

	if(iTry == 3) return 0;

    LPSTR szMsg = (LPSTR) LocalAlloc(LPTR,dwPlainMsgLen+1);
    _pgp_memcpy(szMsg, szPlainMsg, dwPlainMsgLen);
    szMsg[dwPlainMsgLen] = 0;
    PGPFreeData((LPVOID)szPlainMsg);

    return szMsg;
}
Example #3
0
PGPError  
KMGetConventionalPhrase (
		PGPContextRef	context,
		HWND			hwnd, 
		LPSTR			pszPrompt,
		LPSTR*			ppszPhrase)
{
	PGPError			err			= kPGPError_BadParams;
	PGPOptionListRef	optionList	= kInvalidPGPOptionListRef;

	if (!ppszPhrase) return err;

	err = PGPBuildOptionList (context, &optionList,
			PGPOUIOutputPassphrase (context, ppszPhrase),
			PGPOUIParentWindowHandle (context, hwnd),
			PGPOLastOption (context));

	if (IsntPGPError (err))
	{
		// If we have a prompt, use it
		if (NULL!=(int) (pszPrompt))
		{
			err = PGPAppendOptionList (optionList,
				PGPOUIDialogPrompt (context, pszPrompt),
				PGPOLastOption (context));
		}

		if (IsntPGPError (err))
		{
			err = PGPConventionalDecryptionPassphraseDialog (context,
					optionList,
					PGPOLastOption (context));
		}
	}

	if (IsPGPError (err)) 
	{
		if (*ppszPhrase) 
		{
			PGPFreeData (*ppszPhrase);
			*ppszPhrase = NULL;
		}
	}

	if (PGPOptionListRefIsValid (optionList))
		PGPFreeOptionList (optionList);

	return err;
}
Example #4
0
LPSTR __cdecl _pgp_encrypt_keydb(LPCSTR szPlainMsg, PVOID pgpKeyID)
{
	#if defined(_WIN64)
		return 0;
	#else
		PGPKeyID *RemoteKeyID = (PGPKeyID *) pgpKeyID;
		LPSTR szEncMsg = 0;
		PGPSize dwEncMsgLen;

		ClearPGPError();
		if (!pgpKeyDB)
			return 0;

		PGPKeyDBObjRef PublicKey;
		PGPFindKeyByKeyID(pgpKeyDB, RemoteKeyID, &PublicKey);

		PGPError err = PGPEncode(pgpContext,
			PGPOInputBuffer(pgpContext, szPlainMsg, lstrlen(szPlainMsg)),
			PGPOArmorOutput(pgpContext, TRUE),
			PGPOAllocatedOutputBuffer(pgpContext, (LPVOID *)&szEncMsg, 16384, &dwEncMsgLen),
			PGPOEncryptToKeyDBObj(pgpContext, PublicKey),
			PGPOVersionString(pgpContext, szVersionStr),
			PGPOLastOption(pgpContext));

		if (CheckPGPError(err))
			return 0;

		LPSTR szMsg = (LPSTR) LocalAlloc(LPTR,dwEncMsgLen+1);
		_pgp_memcpy(szMsg, szEncMsg, dwEncMsgLen);
		szMsg[dwEncMsgLen] = 0;
		PGPFreeData((LPVOID)szEncMsg);

		return szMsg;
	#endif
}
Example #5
0
static PGPError 
sRevokeKeySplit (
		PGPContextRef	context,
		PGPKeySetRef	keyset,
		PGPKeyRef		key,
		PGPByte*		passkey,
		PGPSize			sizePasskey)
{
	UINT			u;
	PGPKeyListRef	keylist;
	PGPKeyIterRef	keyiter;
	PGPSubKeyRef	subkey;
	PGPError		err;

	err = PGPRevokeKey (key, 
				PGPOPasskeyBuffer (context, passkey, sizePasskey),
				PGPOLastOption (context));
	if (IsPGPError (err)) return err;

	PGPGetKeyNumber (key, kPGPKeyPropAlgID, &u);
	switch (u) {
	case kPGPPublicKeyAlgorithm_RSA :
		break;

	case kPGPPublicKeyAlgorithm_DSA :
		PGPOrderKeySet (keyset, kPGPAnyOrdering, &keylist);
		PGPNewKeyIter (keylist, &keyiter);
		PGPKeyIterSeek (keyiter, key);
		PGPKeyIterNextSubKey (keyiter, &subkey);
		while (subkey) {
			err = PGPRevokeSubKey (subkey, 
					PGPOPasskeyBuffer (context, passkey, sizePasskey),
					PGPOLastOption (context));
			PGPKeyIterNextSubKey (keyiter, &subkey);
		}
		PGPFreeKeyIter (keyiter);
		PGPFreeKeyList (keylist);
		break;

	default :
		break;
	}

	return err;
}
Example #6
0
PGPError _pgp_import_key(PGPKeyDBRef *keyDB, LPCSTR pgpKey)
{
    return PGPImport( pgpContext,
                     keyDB,
                     PGPOInputBuffer( pgpContext,
                                      pgpKey,
                                      lstrlen(pgpKey) ),
                     PGPOLastOption( pgpContext ) );
}
PGPError
pgpKeyPassphraseCL(
	PGPContextRef					context,
	CPGPKeyPassphraseDialogOptions	*options)
{
	PGPError err;
	GPP	gpp;
	
	memset(&gpp,0x00,sizeof(GPP));
	gpp.context=context;
	gpp.options=options;

	char szNameFinal[kPGPMaxUserIDSize];
	GetKeyString(options->mDefaultKey, szNameFinal);
	fprintf(stdout, "\n%s\n", szNameFinal);

	while (1) {
		FreePassphrases(&gpp);
		gpp.pszPassPhrase = (char *)secAlloc (gpp.context, KEYSIZE);
		if (gpp.pszPassPhrase) {
			PGPInt32 len = pgpCLGetPass(stdout, gpp.pszPassPhrase, KEYSIZE);
			if (len < 0) {
				err = kPGPError_UserAbort;
				break;
			}
			
			*(options->mPassphrasePtr) = gpp.pszPassPhrase;
			
			if (PassphraseLengthAndQualityOK(options,gpp.pszPassPhrase)) {
				PGPBoolean PassValid;
				PassValid = PGPPassphraseIsValid(options->mDefaultKey,
									PGPOPassphrase(context, gpp.pszPassPhrase),
									PGPOLastOption(context));
				if (PassValid) {
					err = kPGPError_NoErr;
					break;
				} else {
					fprintf(stdout, "Wrong passphrase, reenter\n");
				}
			} else {
				ClearPassphrases(&gpp);
				FreePassphrases(&gpp);
			}
		} else {
			err = kPGPError_OutOfMemory;
			break;
		}
	}

	ClearPassphrases(&gpp);
	if (err != kPGPError_NoErr)
		FreePassphrases(&gpp);
	return(err);
}
PGPError 
ValidateSigningPhrase (HWND hDlg, 
				GPP *gpp, 
				LPSTR pszPhrase, 
				PGPKeyRef key) 
{
	CHAR	szName[kPGPMaxUserIDSize];
	CHAR	sz[128];
	CHAR	sz2[kPGPMaxUserIDSize + 128];
	PGPSize	size;
	CPGPSigningPassphraseDialogOptions *options;

	options=(CPGPSigningPassphraseDialogOptions *)gpp->options;

	// does phrase match selected key ?
	if (PGPPassphraseIsValid (key, 
			PGPOPassphrase (gpp->context, pszPhrase),
			PGPOLastOption (gpp->context))) {
		*(options->mPassphraseKeyPtr) = key;
		return kPGPError_NoErr;
	}

	if(options->mFindMatchingKey)
	{
		// does phrase match any private key ?
		key=GetKeyForPassphrase(options->mKeySet,pszPhrase,TRUE);

		if (key!=NULL) 
		{
			// ask user to use other key
			LoadString (gPGPsdkUILibInst, IDS_FOUNDMATCHFORPHRASE, sz, sizeof(sz));
			PGPGetPrimaryUserIDNameBuffer (key, sizeof(szName), szName, &size);
			wsprintf (sz2, sz, szName);
			LoadString (gPGPsdkUILibInst, IDS_PGP, sz, sizeof(sz));
			if (MessageBox (hDlg, sz2, sz, MB_ICONQUESTION|MB_YESNO) == IDYES) 
			{
				*(options->mPassphraseKeyPtr) = key;
				return kPGPError_NoErr;
			}
			return kPGPError_BadPassphrase;
		}
	}

	// phrase doesn't match any key
	PGPsdkUIMessageBox (hDlg,
		IDS_PGPERROR,IDS_BADPASSREENTER,
		MB_OK|MB_ICONSTOP);

	LoadString (gPGPsdkUILibInst, IDS_WRONGPHRASE, sz, sizeof (sz));
	SetDlgItemText (hDlg, IDC_PROMPTSTRING, sz);
	
	return kPGPError_BadPassphrase;

}
Example #9
0
static PGPError
sSendToServerInternal (
		HWND					hwndParent,
		PGPContextRef			context,
		PGPtlsContextRef		tlsContext,
		UINT					uServer,
		PGPKeyServerEntry*		pkeyserver,
		LPSTR					pszUserID,
		PGPKeySetRef			keysetMain,
		PGPKeySetRef			keysetToSend)
{
	PGPError				err				= kPGPError_NoErr;
	PGPKeyServerEntry*		pentryList		= NULL;
	PGPKeyServerSpec*		pserverList		= NULL;
	PGPInt32				iNumEntries		= 0;
	PCLIENTSERVERSTRUCT		pcss			= NULL;
	PGPKeySetRef			keysetFailed	= kInvalidPGPKeySetRef;
	PGPMemoryMgrRef			memMgr;
	PGPPrefRef				clientPrefsRef;

	PGPValidatePtr (keysetToSend);
	PGPValidatePtr (context);
	PGPValidatePtr (pszUserID);
		
	memMgr=PGPGetContextMemoryMgr(context);
	err=PGPclOpenClientPrefs (memMgr,&clientPrefsRef);

	if(IsntPGPError(err))
	{
		err=CLInitKeyServerPrefs(uServer,pkeyserver,
			hwndParent,context,keysetMain,clientPrefsRef,pszUserID,
			&pcss,&pentryList,&pserverList,&iNumEntries);

		PGPclCloseClientPrefs (clientPrefsRef, FALSE);
	}

	if (IsntPGPError (err)) 
	{
		err = PGPSendToKeyServerDialog (context, &(pserverList[0]),
			tlsContext, keysetToSend, &keysetFailed, 
			PGPOUIParentWindowHandle (context, hwndParent),
			PGPOLastOption (context));

		if (PGPKeySetRefIsValid (keysetFailed))
			PGPFreeKeySet (keysetFailed);
	}

	CLUninitKeyServerPrefs(uServer,
		pcss,pentryList,pserverList,iNumEntries);
	
	return err;
}
Example #10
0
PGPError _pgp_import_key(PGPKeyDBRef *keyDB, LPCSTR pgpKey)
{
	#if defined(_WIN64)
		return 0;
	#else
		return PGPImport( pgpContext,
			keyDB,
			PGPOInputBuffer( pgpContext,
			pgpKey,
			lstrlen(pgpKey) ),
			PGPOLastOption(pgpContext ));
	#endif
}
Example #11
0
static PGPError
sQueryServerInternal (
	HWND					hwndParent,
	PGPContextRef			context,
	PGPtlsContextRef		tlsContext,
	PGPOptionListRef		optionSearch,
	UINT					uServer,
	LPSTR					pszUserID,
	PGPKeySetRef			keysetMain,
	PGPKeySetRef*			pkeysetResult)
{
	PGPError				err				= kPGPError_NoErr;
	PGPKeyServerEntry*		pentryList		= NULL;
	PGPKeyServerSpec*		pserverList		= NULL;
	PGPInt32				iNumEntries		= 0;
	PCLIENTSERVERSTRUCT		pcss			= NULL;
	PGPMemoryMgrRef			memMgr;
	PGPPrefRef				clientPrefsRef;

	PGPValidatePtr (pkeysetResult);
	PGPValidatePtr (context);
	PGPValidatePtr (pszUserID);
		
	memMgr=PGPGetContextMemoryMgr(context);
	err=PGPclOpenClientPrefs (memMgr,&clientPrefsRef);

	if(IsntPGPError(err))
	{
		err=CLInitKeyServerPrefs(uServer,NULL,
			hwndParent,context,keysetMain,clientPrefsRef,pszUserID,
			&pcss,&pentryList,&pserverList,&iNumEntries);

		PGPclCloseClientPrefs (clientPrefsRef, FALSE);
	}

	if (IsntPGPError (err)) 
	{
		err = PGPSearchKeyServerDialog (context, iNumEntries,
			pserverList, tlsContext, 
			FALSE, pkeysetResult, optionSearch,
			PGPOUIParentWindowHandle (context, hwndParent),
			PGPOLastOption (context));
	}

	CLUninitKeyServerPrefs(uServer,
		pcss,pentryList,pserverList,iNumEntries);
	
	return err;
}
Example #12
0
LPSTR __cdecl _pgp_encrypt_key(LPCSTR szPlainMsg, LPCSTR pgpKey)
{
	#if defined(_WIN64)
		return 0;
	#else
		LPSTR szEncMsg = 0;
		PGPSize dwEncMsgLen;

		PGPUInt32 dwKeys;
		PGPKeyDBRef PublicKeyDB;
		if (CheckPGPError(_pgp_import_key(&PublicKeyDB,pgpKey)))
			return 0;

		PGPKeyIterRef KeyIterRef;
		PGPNewKeyIterFromKeyDB(PublicKeyDB, &KeyIterRef);

		PGPKeyDBObjRef PublicKey;
		PGPKeyIterNextKeyDBObj(KeyIterRef, kPGPKeyDBObjType_Key, &PublicKey);

		PGPCountKeysInKeyDB(PublicKeyDB, &dwKeys);

		if(dwKeys==0) {
			PGPFreeKeyIter(KeyIterRef);
			PGPFreeKeyDB(PublicKeyDB);
			return 0;
		}

		PGPError err = PGPEncode(pgpContext,
			PGPOInputBuffer(pgpContext, szPlainMsg, lstrlen(szPlainMsg)),
			PGPOArmorOutput(pgpContext, TRUE),
			PGPOAllocatedOutputBuffer(pgpContext, (LPVOID *)&szEncMsg, 16384, &dwEncMsgLen),
			PGPOEncryptToKeyDBObj(pgpContext, PublicKey),
			PGPOVersionString(pgpContext, szVersionStr),
			PGPOLastOption(pgpContext));

		PGPFreeKeyIter(KeyIterRef);
		PGPFreeKeyDB(PublicKeyDB);

		if (CheckPGPError(err))
			return 0;

		LPSTR szMsg = (LPSTR) LocalAlloc(LPTR,dwEncMsgLen+1);
		_pgp_memcpy(szMsg, szEncMsg, dwEncMsgLen);
		szMsg[dwEncMsgLen] = 0;
		PGPFreeData((LPVOID)szEncMsg);

		return szMsg;
	#endif
}
Example #13
0
LPSTR __cdecl _pgp_encrypt_keydb(LPCSTR szPlainMsg, PVOID pgpKeyID)
{
   	PGPKeyID *RemoteKeyID = (PGPKeyID *) pgpKeyID;
    LPSTR szEncMsg = 0;
    DWORD dwEncMsgLen;

	ClearPGPError();
	if(!pgpKeyDB)
		return 0;

#if (PGP_WIN32 < 0x700)
    PGPFilterRef IDFilter;
    PGPNewKeyIDFilter(pgpContext, RemoteKeyID, &IDFilter);

    PGPKeySetRef PublicKey;
    PGPFilterKeySet(pgpKeyDB, IDFilter, &PublicKey);
#else
    PGPKeyDBObjRef PublicKey;
    PGPFindKeyByKeyID(pgpKeyDB, RemoteKeyID, &PublicKey);
#endif

    PGPError err = PGPEncode(pgpContext,
      PGPOInputBuffer(pgpContext, szPlainMsg, lstrlen(szPlainMsg)),
      PGPOArmorOutput(pgpContext, TRUE),
      PGPOAllocatedOutputBuffer(pgpContext, (LPVOID *)&szEncMsg, 16384, (PGPUInt32 *)&dwEncMsgLen),
#if (PGP_WIN32 < 0x700)
      PGPOEncryptToKeySet(pgpContext, PublicKey),
#else
      PGPOEncryptToKeyDBObj(pgpContext, PublicKey),
#endif
      PGPOVersionString(pgpContext, szVersionStr),
      PGPOLastOption(pgpContext));

#if (PGP_WIN32 < 0x700)
	PGPFreeKeySet(PublicKey);
	PGPFreeFilter(IDFilter);
#endif

    if (CheckPGPError(err))
       return 0;

    LPSTR szMsg = (LPSTR) LocalAlloc(LPTR,dwEncMsgLen+1);
    _pgp_memcpy(szMsg, szEncMsg, dwEncMsgLen);
    szMsg[dwEncMsgLen] = 0;
    PGPFreeData((LPVOID)szEncMsg);

    return szMsg;
}
Example #14
0
PGPError AddKeyFileListStub (MYSTATE *ms) 
{
	PGPContextRef context;
	PGPFileSpecRef inref;
	PGPOptionListRef opts;
	FILELIST *FileCurrent;
	PGPError err;

	err=kPGPError_NoErr;

	context=ms->context;

	FileCurrent=ms->ListHead;

	while(!(SCGetProgressCancel(ms->hPrgDlg))&&(FileCurrent!=0)&&(IsntPGPError(err)))
	{    
		if(FileCurrent->IsDirectory)
		{
			FileCurrent=FileCurrent->next;
			continue;
		}

		PGPNewFileSpecFromFullPath (context, 
			FileCurrent->name, &inref);

		PGPBuildOptionList(context,&opts,
			PGPOInputFile(context,inref),
			PGPOLastOption(context));

		err=GenericAddKey(ms,opts,FileCurrent->name);

		PGPFreeOptionList(opts);

		PGPFreeFileSpec( inref );
	
		FileCurrent=FileCurrent->next;				
	}

	return err;
}
Example #15
0
PGPError GenericAddKey(MYSTATE *ms,
					PGPOptionListRef opts,
					char *OperationTarget)
{
	PGPKeySetRef AddKeySet;
	PGPContextRef	context;
	PGPError err;

	err=kPGPError_NoErr;

	context=ms->context;

	ms->fileName=OperationTarget;

	if(ms->Operation!=MS_ADDKEYCLIPBOARD)
		SCSetProgressNewFilename(ms->hPrgDlg,"From '%s'",ms->fileName,TRUE);

	err=PGPImportKeySet(context,&AddKeySet,
		opts,
		PGPOSendNullEvents(context,75),
		PGPOEventHandler(context,AddEvents,ms),
		PGPOLastOption(context));

	SCSetProgressBar(ms->hPrgDlg,100,TRUE);

	if(IsntPGPError(err)) 
	{
		PGPUInt32	numKeys;

		PGPCountKeys( AddKeySet, &numKeys);
		if ( numKeys > 0) 
		{	
			err=PGPclQueryAddKeys (context, 
					ms->tlsContext,ms->hwndWorking,AddKeySet,NULL);
		}
		PGPFreeKeySet (AddKeySet);
	}

	return err;
}
Example #16
0
PVOID __cdecl _pgp_select_keyid(HWND hDlg,LPSTR szKeyID)
{
	#if defined(_WIN64)
		return 0;
	#else
		PGPKeyDBRef ContactKeyDB;
		PGPError err;
		err = PGPRecipientDialog(pgpContext, pgpKeyDB, TRUE, &ContactKeyDB,
			PGPOUIParentWindowHandle(pgpContext, hDlg),
			PGPOUIWindowTitle(pgpContext, "Select Contact's Key"),
			PGPOLastOption(pgpContext));
		if (err == kPGPError_UserAbort)
			return 0;

		PGPUInt32 dwKeys;
		PGPCountKeysInKeyDB(ContactKeyDB, &dwKeys);
		if (!dwKeys)
			return 0;
		if (dwKeys > 1)
			MessageBox(hDlg, "You selected more than one key. Only the first key will be used.", szModuleName, MB_ICONINFORMATION);

		static PGPKeyID KeyID;

		PGPKeyIterRef KeyIterRef;
		PGPNewKeyIterFromKeyDB(ContactKeyDB, &KeyIterRef);

		PGPKeyDBObjRef KeyDBObjRef;
		PGPKeyIterNextKeyDBObj(KeyIterRef, kPGPKeyDBObjType_Key, &KeyDBObjRef);

		PGPSize dwFilled;
		PGPGetKeyDBObjDataProperty(KeyDBObjRef, kPGPKeyProperty_KeyID, &KeyID, sizeof(PGPKeyID), &dwFilled);
		PGPGetKeyIDString(&KeyID, kPGPKeyIDString_Abbreviated, szKeyID);

		PGPFreeKeyIter(KeyIterRef);
		PGPFreeKeyDB(ContactKeyDB);
		return (PVOID)&KeyID;
	#endif
}
Example #17
0
PGPError AddKeyClipboardStub (MYSTATE *ms) 
{
	PGPOptionListRef opts;
	PGPContextRef context;
	char StrRes[100];
	PGPError err;

	err=kPGPError_NoErr;

	context=ms->context;

	PGPBuildOptionList(context,&opts,
		PGPOInputBuffer(context,ms->pInput,ms->dwInputSize),
		PGPOLastOption(context));

	LoadString (g_hinst, IDS_CLIPBOARD, StrRes, sizeof(StrRes));

	err=GenericAddKey(ms,opts,StrRes);

	PGPFreeOptionList(opts);

	return err;
}
PGPError 
ValidateSigningPhrase (GPP *gpp, char * pszPhrase, PGPKeyRef key) 
{
	char	szName[kPGPMaxUserIDSize];
	char	sz[128];
	char	sz2[kPGPMaxUserIDSize + 128];
	PGPSize	size;
	CPGPSigningPassphraseDialogOptions *options;

	options = (CPGPSigningPassphraseDialogOptions *)gpp->options;

	// does phrase match selected key ?
	if (PGPPassphraseIsValid (key, 
			PGPOPassphrase (gpp->context, pszPhrase),
			PGPOLastOption (gpp->context))) {
		*(options->mPassphraseKeyPtr) = key;
		return kPGPError_NoErr;
	}

	if (options->mFindMatchingKey) {
		// does phrase match any private key ?
		key=GetKeyForPassphrase(options->mKeySet,pszPhrase,TRUE);

		if (key != NULL) {
			// ask user to use other key
			PGPGetPrimaryUserIDNameBuffer (key, sizeof(szName), szName, &size);
			sprintf (sz2, sz, szName);
			return kPGPError_BadPassphrase;
		}
	}

	// phrase doesn't match any key
	printf("Bad Passphrase: Please re-enter\n");
	
	return kPGPError_BadPassphrase;

}
Example #19
0
LPSTR __cdecl _pgp_decrypt_key(LPCSTR szEncMsg, LPCSTR pgpKey)
{
    LPSTR szPlainMsg = 0;
    DWORD dwPlainMsgLen;

    PGPUInt32 dwKeys;
#if (PGP_WIN32 < 0x700)
	PGPKeySetRef PrivateKeyDB;
    if (CheckPGPError(_pgp_import_key(&PrivateKeyDB,pgpKey)))
       return 0;
	PGPCountKeys(PrivateKeyDB, &dwKeys);
#else
	PGPKeyDBRef PrivateKeyDB;
    if (CheckPGPError(_pgp_import_key(&PrivateKeyDB,pgpKey)))
       return 0;
	PGPCountKeysInKeyDB(PrivateKeyDB, &dwKeys);
#endif
	if(dwKeys==0) {
#if (PGP_WIN32 < 0x700)
		PGPFreeKeySet(PrivateKeyDB);
#else
		PGPFreeKeyDB(PrivateKeyDB);
#endif
		return 0;
	}

	int iTry = 0;

    do {
   	   	if (!pszPassphrase &&
			PGPPassphraseDialog(pgpContext,
								PGPOUIOutputPassphrase(pgpContext, &pszPassphrase),
								PGPOLastOption(pgpContext)) == kPGPError_UserAbort) {
			iTry = 3;
			break;
    	}

/*
#if (PGP_WIN32 < 0x700)
	    PGPKeyListRef PrivateKeyList;
	    PGPOrderKeySet(PrivateKeyDB, kPGPKeyIDOrdering, &PrivateKeyList);

	    PGPKeyIterRef KeyIterRef;
	    PGPNewKeyIter(PrivateKeyList, &KeyIterRef);

		PGPKeyRef PrivateKey;
	    for(int i=0;i<dwKeys;i++) {
			PGPKeyIterNext(KeyIterRef, &PrivateKey);
			PGPOPassphraseIsValid(PrivateKey,
							      PGPOPassphrase(pgpContext, pszPassphrase),
							      PGPOLastOption(pgpContext));
		}

	    PGPFreeKeyList(PrivateKeyList);
	    PGPFreeKeyIter(KeyIterRef);
#else
	    PGPKeyIterRef KeyIterRef;
	    PGPNewKeyIterFromKeyDB(PrivateKeyDB, &KeyIterRef);

		PGPKeyDBObjRef KeyDBObjRef;
	    for(int i=0;i<dwKeys;i++) {
			PGPKeyIterNextKeyDBObj(KeyIterRef, kPGPKeyDBObjType_Key, &KeyDBObjRef);
			PGPOPassphraseIsValid(PrivateKey,
							      PGPOPassphrase(pgpContext, pszPassphrase),
							      PGPOLastOption(pgpContext));
		}

	    PGPFreeKeyIter(KeyIterRef);
#endif
*/
		PGPError err = PGPDecode(pgpContext,
	       PGPOInputBuffer(pgpContext, szEncMsg, lstrlen(szEncMsg)),
	       PGPOAllocatedOutputBuffer(pgpContext, (LPVOID *)&szPlainMsg, 16384, (PGPUInt32 *)&dwPlainMsgLen),
#if (PGP_WIN32 < 0x700)
		   PGPOKeySetRef(pgpContext, PrivateKeyDB),
#else
	       PGPOKeyDBRef(pgpContext, PrivateKeyDB),
#endif
	       PGPOPassphrase(pgpContext, pszPassphrase),
	       PGPOLastOption(pgpContext));

	    if (CheckPGPError(err))
			iTry = 3;
		else
	    if (!dwPlainMsgLen) {
			PGPFreeData(pszPassphrase);
			pszPassphrase = 0;
			iTry++;
		}

    } while(!dwPlainMsgLen && iTry<3);
    
#if (PGP_WIN32 < 0x700)
	PGPFreeKeySet(PrivateKeyDB);
#else
	PGPFreeKeyDB(PrivateKeyDB);
#endif

	if(iTry == 3) return 0;

    LPSTR szMsg = (LPSTR) LocalAlloc(LPTR,dwPlainMsgLen+1);
    _pgp_memcpy(szMsg, szPlainMsg, dwPlainMsgLen);
    szMsg[dwPlainMsgLen] = 0;
    PGPFreeData((LPVOID)szPlainMsg);

    return szMsg;
}
Example #20
0
int
pkcs7DecryptCallback (
        unsigned char           **msg,          /* [OUT] decrypted data */
        size_t                  *msgLen,        /* [OUT] decrypted data len */
        const char              *contentEncAlg, /* [IN] data encrypted alg */
        PKIANY			*param,     	/* [IN] data encryption
						   parameter (e.g.,
						   initialization vector) */
        PKIEncryptedContent     *content,       /* [IN] encrypted data */
        const char              *keyEncAlg,     /* [IN] key encryption alg */
        PKIEncryptedKey         *enckey,        /* [IN] encrypted key */
        PKICertificate          *cert,          /* [IN] key to decrypt with */
        void                    *data,          /* [IN] callback data
						   (optional) */
	PKICONTEXT		*asnmem
)
{
    X509CMSCallbackData			*pgpData = (X509CMSCallbackData *) data;
    PGPError				err;
    PGPSize				decmax;
    PGPByte				*encKeyData;
    PGPMemoryMgrRef			mem;
    PGPCipherAlgorithm			symKeyAlg;
    PGPSymmetricCipherContextRef	cipherRef;
    PGPCBCContextRef			cbcRef;
    PGPPrivateKeyContextRef		privKey;
    PGPSize				keySize;
    PGPSize				blockSize;
    PGPOptionListRef			pass;

    PKIOCTET_STRING *iv;
    int e = 0;
    size_t pad;

	(void) keyEncAlg;
	(void) cert;
	
    *msg = NULL;
    *msgLen = 0;

    if (!strcmp (contentEncAlg, SM_OID_ALG_3DES))
	symKeyAlg = kPGPCipherAlgorithm_3DES;
    else
    {
	/* unsupported algorithm */
	return PKCS7_ERROR_CALLBACK;
    }

    /* decrypt the encrypted session key with our private key */
    PGPCopyOptionList (pgpData->passphrase, &pass);
    err = PGPNewPrivateKeyContext (pgpData->key,
	    kPGPPublicKeyMessageFormat_PKCS1,
	    &privKey,
	    pass,
	    PGPOLastOption (pgpData->context));
    if (IsPGPError (err))
	return PKCS7_ERROR_CALLBACK;

    err = PGPGetPrivateKeyOperationSizes (privKey, &decmax, NULL, NULL);
    if (IsPGPError (err))
    {
	err = PGPFreePrivateKeyContext (privKey);
	return PKCS7_ERROR_CALLBACK;
    }

    mem = PGPGetContextMemoryMgr (pgpData->context);

    encKeyData = PGPNewSecureData (mem, decmax, 0);

    err = PGPPrivateKeyDecrypt (privKey,
	    enckey->val,
	    enckey->len,
	    encKeyData,
	    &decmax);
    if (IsPGPError (err))
    {
	PGPFreeData (encKeyData);
	err = PGPFreePrivateKeyContext (privKey);
	return PKCS7_ERROR_CALLBACK;
    }

    err = PGPFreePrivateKeyContext (privKey);

    /* unpack the parameters for the decryption (IV) */
    PKIUnpackOCTET_STRING (asnmem, &iv, param->val, param->len, &e);
    if (e)
    {
	PGPFreeData (encKeyData);
	return PKCS7_ERROR_CALLBACK;
    }

    /* now decrypt the message data with the extracted key */
    err = PGPNewSymmetricCipherContext (mem, symKeyAlg, decmax, &cipherRef);
    if (IsPGPError (err))
    {
	PGPFreeData (encKeyData);
	PKIFreeOCTET_STRING (asnmem, iv);
	return PKCS7_ERROR_CALLBACK;
    }

    err = PGPGetSymmetricCipherSizes (cipherRef, &keySize, &blockSize);
    if (IsPGPError (err))
    {
	PGPFreeData (encKeyData);
	PKIFreeOCTET_STRING (asnmem, iv);
	err = PGPFreeSymmetricCipherContext (cipherRef);
	return PKCS7_ERROR_CALLBACK;
    }

    err = PGPNewCBCContext (cipherRef, &cbcRef);
    if (IsPGPError (err))
    {
	PGPFreeData (encKeyData);
	err = PGPFreeSymmetricCipherContext (cipherRef);
	PKIFreeOCTET_STRING (asnmem, iv);
	return PKCS7_ERROR_CALLBACK;
    }

    err = PGPInitCBC (cbcRef, encKeyData, iv->val);
    if (IsPGPError (err))
    {
	err = PGPFreeCBCContext (cbcRef);
	PKIFreeOCTET_STRING (asnmem, iv);
	PGPFreeData (encKeyData);
	return PKCS7_ERROR_CALLBACK;
    }
    PKIFreeOCTET_STRING (asnmem, iv);
    PGPFreeData (encKeyData);

    *msgLen = content->len;
    *msg = PKIAlloc (asnmem->memMgr, content->len);
    err = PGPCBCDecrypt (cbcRef, content->val, content->len, *msg);
    if (IsPGPError (err))
    {
	PKIFree (asnmem->memMgr, *msg);
	*msg = NULL;
	*msgLen = 0;
	err = PGPFreeCBCContext (cbcRef);
	return PKCS7_ERROR_CALLBACK;
    }

    /* remove PKCS7 padding in last block */
    pad = *(*msg + *msgLen - 1);
    if (pad < 1 || pad > blockSize)
	return PKCS7_ERROR_CALLBACK; /* invalid pad, decryption failed */
    *msgLen -= pad;

    return PKCS7_OK;
}
Example #21
0
int
pkcs7SignCallback (
	PKIOCTET_STRING *sigValue,		/* OUT */
	const char	*hashAlgorithm,
	const char	*signatureAlgorithm,
	PKICertificate	*signerCertificate,
	unsigned char	*tbs,
	size_t		tbsLen,
	void		*data,
	PKICONTEXT	*asnmem)
{
    PGPError err;
    PGPHashContextRef hash;
    PGPHashAlgorithm algid;
    PGPPrivateKeyContextRef privkey;
    X509CMSCallbackData *pgpData = (X509CMSCallbackData *) data;
    PGPMemoryMgrRef	mem;
    PGPOptionListRef	pass;

	(void) signatureAlgorithm;
	(void) signerCertificate;
	
    if (!strcmp (SM_OID_ALG_MD5, hashAlgorithm))
	algid = kPGPHashAlgorithm_MD5;
    else if (!strcmp (SM_OID_ALG_SHA, hashAlgorithm))
	algid = kPGPHashAlgorithm_SHA;
    else
	return PKCS7_ERROR_HASH_ALG;

    mem = PGPGetContextMemoryMgr (pgpData->context);

    err = PGPNewHashContext (mem, algid, &hash);
    if (IsPGPError (err))
	return PKCS7_ERROR_SIGN_CALLBACK;
    
    err = PGPContinueHash (hash, tbs, tbsLen);
    if (IsPGPError (err))
    {
	err = PGPFreeHashContext (hash);
	return PKCS7_ERROR_SIGN_CALLBACK;
    }

    PGPCopyOptionList (pgpData->passphrase, &pass);
    err = PGPNewPrivateKeyContext (pgpData->key,
	    kPGPPublicKeyMessageFormat_X509,
	    &privkey,
	    pass,
	    PGPOLastOption (pgpData->context));
    if (IsPGPError (err))
    {
	err = PGPFreeHashContext (hash);
	return PKCS7_ERROR_SIGN_CALLBACK;
    }
    
    err = PGPGetPrivateKeyOperationSizes (privkey, NULL, NULL, &sigValue->len);
    if (IsPGPError (err))
    {
	err = PGPFreeHashContext (hash);
	err = PGPFreePrivateKeyContext (privkey);
	return PKCS7_ERROR_SIGN_CALLBACK;
    }

    sigValue->val = PKIAlloc (asnmem->memMgr, sigValue->len);

    err = PGPPrivateKeySign (privkey, hash, sigValue->val, &sigValue->len);
    if (IsPGPError (err))
    {
	PKIFree (asnmem->memMgr, sigValue->val);
	sigValue->val = NULL;
	sigValue->len = 0;
	err = PGPFreeHashContext (hash);
	err = PGPFreePrivateKeyContext (privkey);
	return PKCS7_ERROR_HASH_CALLBACK;
    }
    
    err = PGPFreePrivateKeyContext (privkey);
    
    return PKCS7_OK;
}
BOOL CALLBACK 
pgpKeyPassphraseDlgProc (
		HWND	hDlg, 
		UINT	uMsg, 
		WPARAM	wParam,
		LPARAM	lParam) 
{
	CPGPKeyPassphraseDialogOptions *options;
	GPP				*gpp;
	INT				i;
	DWORD			Common;

	Common=DoCommonCalls (hDlg,uMsg,wParam,lParam); 

	if(Common)
		return Common;

	switch (uMsg) 
	{
		case WM_INITDIALOG:
		{
			RECT rc;
			int iTextWidth;
			HDC hdc;
			char szNameFinal[kPGPMaxUserIDSize];

			gpp=(GPP *)GetWindowLong (hDlg, GWL_USERDATA);
			options = (CPGPKeyPassphraseDialogOptions *)
				gpp->options;

			gpp->iNextTabControl = IDOK;

			gpp->wpOrigPhrase1Proc = (WNDPROC) SetWindowLong(
				GetDlgItem(hDlg, IDC_PHRASE1), 
				GWL_WNDPROC, 
				(LONG) PhraseSubclassProc); 

			GetClientRect(GetDlgItem(hDlg,IDC_KEYNAME), &rc);

			iTextWidth = rc.right-rc.left;
			hdc = GetDC (GetDlgItem(hDlg,IDC_KEYNAME));
			GetKeyString(hdc,iTextWidth,options->mDefaultKey,szNameFinal);
			SetWindowText(GetDlgItem(hDlg,IDC_KEYNAME),szNameFinal);
			ReleaseDC (GetDlgItem (hDlg, IDC_KEYNAME), hdc);

			gpp->hwndOptionsControl=DisplayOptions(hDlg,options->mDialogOptions,130);

			return FALSE;
		}

		case WM_COMMAND:
		{
			gpp=(GPP *)GetWindowLong (hDlg, GWL_USERDATA);
			options = (CPGPKeyPassphraseDialogOptions *)
				gpp->options;

			switch (LOWORD (wParam)) 
			{
				case IDOK:
				{
					PGPBoolean PassValid;

					FreePassphrases(gpp);

					i = SendDlgItemMessage (hDlg, IDC_PHRASE1, 
						WM_GETTEXTLENGTH, 0, 0) +1;

					gpp->szDummy = (char *)secAlloc (gpp->context, i);

					if(gpp->szDummy)
					{
						gpp->pszPassPhrase = (char *)secAlloc (gpp->context, i);

						if (gpp->pszPassPhrase) 
						{
							GetDlgItemText (hDlg, IDC_PHRASE1, gpp->szDummy, i);
			
							if(PassphraseLengthAndQualityOK(hDlg,options,gpp->pszPassPhrase))
							{
								if(!options->mVerifyPassphrase)
								{
									ClearPassphrases(hDlg,gpp);
									SaveOptionSettings(gpp->hwndOptionsControl);
									EndDialog (hDlg, kPGPError_NoErr);
									break;
								}

								PassValid=PGPPassphraseIsValid (options->mDefaultKey, 
									PGPOPassphrase (gpp->context, gpp->pszPassPhrase),
									PGPOLastOption (gpp->context));

								if(PassValid)
								{
									ClearPassphrases(hDlg,gpp);
									SaveOptionSettings(gpp->hwndOptionsControl);
									EndDialog (hDlg, kPGPError_NoErr);
									break;
								}
								else
								{
									PGPsdkUIMessageBox (hDlg,
										IDS_PGPERROR,IDS_BADPASSREENTER,
										MB_OK|MB_ICONSTOP);
								}
							}
							// Bad passphrase/quality
							ClearPassphrases(hDlg,gpp);
							FreePassphrases(gpp);
							break;
						}
					}

					// Couldn't allocate passphrases
					ClearPassphrases(hDlg,gpp);
					FreePassphrases(gpp);
					EndDialog (hDlg, kPGPError_OutOfMemory);
					break;
				}
			}
		}
		break;
	}
	return FALSE;
}
Example #23
0
PluginError PerformTranslation(
	short trans_id, 
	char* in_file, 
	char* out_file, 
	char** addresses, 
	emsMIMEtypeP  in_mime,
	emsMIMEtypeP* out_mime
)
{
	PluginError pluginReturn			= EMSR_UNKNOWN_FAIL;
	BOOL		bSign					= FALSE;
	PGPError	error					= 0;
	PGPSize		mimeBodyOffset			= 0;
	char		szExe[256];
	char		szDll[256];

	assert(in_file);
	assert(out_file);

	LoadString(g_hinst, IDS_EXE, szExe, sizeof(szExe));
	LoadString(g_hinst, IDS_DLL, szDll, sizeof(szDll));

	switch( trans_id )
	{
		case kEncryptTranslatorID:
		case kSignTranslatorID:
		case kEncryptAndSignTranslatorID:
		{
			char** RecipientList = NULL;
			unsigned long numRecipients = 0;
			PGPOptionListRef pgpOptions = NULL;
			PGPOptionListRef signOptions = NULL;
			char mimeSeparator[kPGPMimeSeparatorSize];
			PRECIPIENTDIALOGSTRUCT prds = NULL;	
		
			// allocate a recipient dialog structure
			prds = (PRECIPIENTDIALOGSTRUCT) 
					calloc(sizeof(RECIPIENTDIALOGSTRUCT), 1);

			if(prds)
			{
				char szTitle[256] = {0x00};		// title for recipient dialog
				UINT recipientReturn = FALSE;	// recipient dialog result

				error = PGPsdkLoadDefaultPrefs(g_pgpContext);
				if (IsPGPError(error))
				{
					PGPclEncDecErrorBox(g_hwndEudoraMainWindow, error);
					return EMSR_UNKNOWN_FAIL;
				}

				error = PGPOpenDefaultKeyRings(g_pgpContext, 
							(PGPKeyRingOpenFlags)0, 
							&(prds->OriginalKeySetRef));

				if (IsPGPError(error))
				{
					PGPclEncDecErrorBox(g_hwndEudoraMainWindow, error);
					return EMSR_UNKNOWN_FAIL;
				}

				if ((trans_id == kEncryptTranslatorID) ||
					(trans_id == kEncryptAndSignTranslatorID))
				{
					if(addresses) // do we have addresses to pass along
					{
						numRecipients = CreateRecipientList(addresses, 
															&RecipientList);
					}

					LoadString(GetModuleHandle("PGPplugin.dll"), 
						IDS_TITLE_RECIPIENTDIALOG, szTitle, sizeof(szTitle));

					prds->Context			= g_pgpContext;
					prds->tlsContext		= g_tlsContext;
					prds->Version			= CurrentPGPrecipVersion;
					prds->hwndParent		= g_hwndEudoraMainWindow;			
					prds->szTitle			= szTitle;
					prds->dwOptions			= PGPCL_ASCIIARMOR;	
			
					prds->dwDisableFlags	= PGPCL_DISABLE_WIPEORIG |
											  PGPCL_DISABLE_ASCIIARMOR |
											  PGPCL_DISABLE_SDA;

					prds->dwNumRecipients	= numRecipients;	
					prds->szRecipientArray	= RecipientList;

					/* Disable FYEO if there's an attachment or HTML */

					if (in_mime && !match_mime_type(in_mime, "text", "plain"))
						prds->dwDisableFlags |= PGPCL_DISABLE_FYEO;

					// If shift is pressed, force the dialog to pop.
					if (GetAsyncKeyState( VK_CONTROL) & 0x8000)
						prds->dwDisableFlags|=PGPCL_DISABLE_AUTOMODE;

					// See who we wish to encrypt this to
					recipientReturn = PGPclRecipientDialog( prds );
				
					if (prds->AddedKeys != NULL)
					{
						PGPUInt32 numKeys;
					
						PGPCountKeys(prds->AddedKeys, &numKeys);
						if (numKeys > 0)
							PGPclQueryAddKeys(g_pgpContext, g_tlsContext, 
								g_hwndEudoraMainWindow, prds->AddedKeys, 
								NULL);
					
						PGPFreeKeySet(prds->AddedKeys);
						prds->AddedKeys = NULL;
					}

					if (!recipientReturn)
					{
						if (RecipientList)
							FreeRecipientList(RecipientList, numRecipients);
						if (prds->SelectedKeySetRef != NULL)
							PGPFreeKeySet(prds->SelectedKeySetRef);
						PGPFreeKeySet(prds->OriginalKeySetRef);
						free(prds);
						return EMSR_UNKNOWN_FAIL;
					}
				}

				if( IsntPGPError(error) )
				{
					error = PGPBuildOptionList(g_pgpContext, &pgpOptions,
								PGPOOutputLineEndType(g_pgpContext, 
									kPGPLineEnd_CRLF),
								PGPOPGPMIMEEncoding(g_pgpContext, 
									TRUE, 
									&mimeBodyOffset, 
									mimeSeparator),     
								PGPOLastOption(g_pgpContext) );
				}

				if(IsntPGPError( error))
				{
					error = EncryptSignFile(g_hinst, g_hwndEudoraMainWindow, 
								g_pgpContext, g_tlsContext, szExe, 
								szDll, in_file, prds, pgpOptions, 
								&signOptions, out_file, 
								((trans_id == 
									kSignTranslatorID) ? FALSE : TRUE ),
								((trans_id == 
									kEncryptTranslatorID) ? FALSE : TRUE ),
								FALSE);

					PGPFreeOptionList(pgpOptions);
					PGPFreeOptionList(signOptions);
				}
				else
				{
					PGPclEncDecErrorBox (NULL, error);
				}

				if (RecipientList)
					FreeRecipientList(RecipientList, numRecipients);
				if (prds->SelectedKeySetRef != NULL)
					PGPFreeKeySet(prds->SelectedKeySetRef);
				PGPFreeKeySet(prds->OriginalKeySetRef);
				free(prds);

				if( IsntPGPError(error) )
				{
					if( out_mime )
					{
						pluginReturn = BuildEncryptedPGPMIMEType( 
													out_mime, 
													mimeSeparator );

						if(EMSR_OK == pluginReturn)
						{
							pluginReturn = AddMIMEParam(*out_mime, 
														"PGPFormat", 
														"PGPMIME-encrypted" );
						}
					}
				}
			}

			break;
		}

		case kDecryptTranslatorID:
		case kVerifyTranslatorID:
		{
			char *szTempFile = NULL;
			BOOL bFYEO = FALSE;
			void *pOutput = NULL;
			PGPSize outSize = 0;

			error = DecryptVerifyFile(g_hinst, g_hwndEudoraMainWindow, 
						g_pgpContext, g_tlsContext, szExe, szDll, in_file, 
						TRUE, FALSE, &szTempFile, &pOutput, &outSize, &bFYEO);

			if( IsntPGPError(error) ) 
			{
				if ((bFYEO)||(GetSecureViewerPref((void *)g_pgpContext)))
					TempestViewer((void *)g_pgpContext,NULL,pOutput,outSize,
						bFYEO);

				CopyFile(szTempFile, out_file, FALSE);
				DeleteFile(szTempFile);

				if( out_mime )
				{
					ParseFileForMIMEType( out_file, out_mime );
				}

				if ((bFYEO)||(GetSecureViewerPref((void *)g_pgpContext)))
					pluginReturn = EMSR_UNKNOWN_FAIL;
				else
					pluginReturn = EMSR_OK;
			}

			if (szTempFile != NULL)
				PGPFreeData(szTempFile);
			if (pOutput != NULL)
				PGPFreeData(pOutput);
			break;
		}

	}

	return pluginReturn;
}
/*****
*
* sign_certificate
*
* Call-out routine used by the CMS library for signing provided data
* (a certificate).
*
* Parameters and return values defined in CMS docs.  This uses the
* PGP SDK.  See "PGP Software Developer's Kit, Reference Manual"
* for details on calls used here.
*
*****/
int
x509CMSSignCallback (unsigned char **sig,
	size_t *siglen,
	unsigned char *ber,
	size_t berlen,
	const unsigned char *alg,
	size_t algLen,
	void *data,
	TC_CONTEXT *ctx)
{
    X509CMSCallbackData *pgpData = (X509CMSCallbackData *) data;

    PGPPrivateKeyContextRef privKey = NULL;
    PGPHashContextRef hash;
    PGPMemoryMgrRef mgrRef;
    PGPError err;
    int ret = -1;
    PGPOptionListRef	pass;
    PGPHashAlgorithm	hashAlg;

    (void) alg;
    (void) algLen;

    if (!pgpData || !pgpData->passphrase || !pgpData->context)
	return -1;

    do {
	/* create and calculate the hash, do not finalize hash
	   for PGPPrivateKeySign() call */
	mgrRef = PGPGetContextMemoryMgr (pgpData->context);

	hashAlg = x509HashAlgorithm (alg, algLen);

	err = PGPNewHashContext (mgrRef, hashAlg, &hash);
	if (IsPGPError (err))
	    break;
	err = PGPContinueHash (hash, ber, berlen);
	if (IsPGPError (err))
	    break;

	/* create the private key context */
	PGPCopyOptionList (pgpData->passphrase, &pass);
	err = PGPNewPrivateKeyContext (pgpData->key,
		kPGPPublicKeyMessageFormat_X509,
		&privKey,
		pass,
		PGPOLastOption (pgpData->context));
	if (IsPGPError (err))
	    break;

	/* figure out signature size */
	err = PGPGetPrivateKeyOperationSizes (privKey, NULL, NULL, siglen);
	if (IsPGPError (err))
	    break;
	if (*siglen == 0) /* can't use key to sign */
	    break;
	*sig = TC_Alloc (ctx->memMgr, *siglen);
	if (*sig == NULL)
	    break;
	memset (*sig, 0, *siglen);

	/* calculate signature */
	err = PGPPrivateKeySign (privKey, hash, *sig, siglen);
	hash = NULL; /* dont attempt to free it later */
	if (IsPGPError (err))
	    break;

	ret = 0;
    }
    while (0);

    /* clean-up */
    if (hash)
	err = PGPFreeHashContext (hash);
    err = PGPFreePrivateKeyContext (privKey);

    return ret;

} /* sign */
/*****
*
* verify_signature
*
* Call-out routine used by the CMS library for verifying a signature.
* Parameters and return values defined in CMS docs.  This uses the
* PGP SDK.  See "PGP Software Developer's Kit, Reference Manual"
* for details on calls used here.
*
*****/
int
x509CMSVerifyCallback (
	unsigned char *data,
	size_t dataLen,
	unsigned char *sigalg,
	size_t algLen,
	unsigned char *params,
	size_t paramLen,
	unsigned char *signature,
	size_t sigLen,
	unsigned char *pubkey,
	size_t pubkeyLen,
	TC_CERT *issuer,
	void *verData,
	TC_CONTEXT *ctx)
{    
    X509CMSCallbackData		*pgpData = (X509CMSCallbackData *) verData;
    PGPMemoryMgrRef		mgrRef;
    PGPPublicKeyContextRef	publicKey;
    PGPHashContextRef		hash;
    PGPKeySetRef		keySet;
    PGPKeyListRef		klist;
    PGPKeyIterRef		kiter;
    PGPKeyRef			mykey;
    PGPError			err;
    PGPByte			*certData;
    PGPSize			certDataLen;
    int				rtn = -1;
    PGPHashAlgorithm		hashAlg;
    
    (void) params;
    (void) paramLen;
    (void) pubkey;
    (void) pubkeyLen;
    
    do {
        /* check that the algorithm ID is allowed */
         /* TODO... */

	/* if we dont have the issuer's certificate, we can't verify the
	   signature. */
	/* PGPsdk needs to have a function that takes raw ASN.1 encoded
	   key material and returns a KeyRef in order to support
	   verification of PKCS10 requests */
	if (!issuer)
	    break;

	/* import the certificate into pgp */
	tc_pack_cert (&certData, &certDataLen, issuer, ctx);

        /* import the key into a PGP key set */
	err = PGPImportKeySet (pgpData->context,
		&keySet,
		PGPOX509Encoding (pgpData->context, 1),
		PGPOInputBuffer (pgpData->context, certData, certDataLen),
		PGPOLastOption (pgpData->context));

	TC_Free (ctx->memMgr, certData);

	if (IsPGPError (err))
	    break;

        /* extract the key into a PGPKeyRef */
        err = PGPOrderKeySet (keySet, kPGPAnyOrdering, &klist);
	if (IsPGPError (err))
	    break;
        err = PGPNewKeyIter (klist, &kiter);
	if (IsPGPError (err))
	    break;
        err = PGPKeyIterNext (kiter, &mykey);
	if (IsPGPError (err))
	    break;

	/* create the public key context */
	err = PGPNewPublicKeyContext (mykey,
		kPGPPublicKeyMessageFormat_X509,
		&publicKey);
	if (IsPGPError (err))
	    break;

	hashAlg = x509HashAlgorithm (sigalg, algLen);

        /* create and calculate the hash, do not finalize hash
           for PGPPublicKeyVerify() call */
        mgrRef = PGPGetContextMemoryMgr (pgpData->context);
	err = PGPNewHashContext (mgrRef, hashAlg, &hash);
	if (IsPGPError (err))
	    break;

	err = PGPContinueHash (hash, data, dataLen);
        if (IsPGPError (err))
            break;

        err = PGPPublicKeyVerifySignature (
            publicKey, hash, (void *)signature, sigLen);
	hash = NULL;
        if ( IsPGPError(err) )
            break;

        rtn = 0;
    } while (0);

    /* clean-up */
    PGPFreeKeyIter(kiter);
    PGPFreeKeyList(klist);
    PGPFreeKeySet(keySet);
    if (hash)
	PGPFreeHashContext(hash);
    PGPFreePublicKeyContext (publicKey);

    return rtn;

} /* verify_signature */
Example #26
0
int revokeOrDisableKey(struct pgpmainBones *mainbPtr, char *keyguffin,
        PGPFileSpecRef keyfilespec)
{
    PGPContextRef context = mainbPtr->pgpContext;
    struct pgpfileBones *filebPtr = mainbPtr->filebPtr;
    PGPEnv *env = mainbPtr->envbPtr->m_env;
    PGPBoolean compatible = mainbPtr->envbPtr->compatible;
    PGPKeySetRef ringset = NULL;
    PGPKeyListRef keylist = NULL;
    PGPKeyIterRef keyiter = NULL;
    PGPKeyRef key;
    PGPBoolean propData = FALSE;
    PGPError err, er2;
    PGPUInt32 pri;
    PGPBoolean needsfree = FALSE;
    char* passphrase = 0;
    int nkeysrevoked = 0;

    err = pgpOpenKeyringsFromPubringSpec( mainbPtr, keyfilespec, &ringset, kPGPKeyRingOpenFlags_Mutable );
    if ( IsPGPError(err)) goto done;

    mainbPtr->workingRingSet=ringset;
    /*mainbPtr->workingGroupSet=NULL;*/
    err = pgpGetMatchingKeyList( mainbPtr, keyguffin, kMatch_NotKeyServer,
            &keylist );

    pgpAssertNoErr(err);

    err = PGPNewKeyIter( keylist, &keyiter );
    pgpAssertNoErr(err);
    err = PGPKeyIterRewind( keyiter );
    pgpAssertNoErr(err);
    err = PGPKeyIterNext( keyiter, &key );

    while( key != NULL ) {

        pgpShowKeyBrief( filebPtr, key );
        pgpShowKeyFingerprint( filebPtr, key );

        /* XXX the old version used to ask for your password here... now
           is different a bit*/

        err = PGPGetKeyBoolean( key, kPGPKeyPropIsSecret, &propData );
        if( propData ) {
            PGPUserIDRef alias;
            PGPSize actual;
            char useridstr[ kPGPMaxUserIDSize ];
            err = PGPGetPrimaryUserID( key, &alias );
            pgpAssertNoErr(err);
            err = PGPGetUserIDStringBuffer( alias, kPGPUserIDPropName,
                    kPGPMaxUserIDSize, useridstr, &actual );

            pgpAssertNoErr(err);
            fprintf(filebPtr->pgpout,
                LANG("\nDo you want to permanently revoke your public key\n"
                "by issuing a secret key compromise certificate\n"
                "for \"%s\" (y/N)? "), useridstr );
            if( getyesno( filebPtr, 'n', 0 ) ) {
                 err = pgpGetValidPassphrase( mainbPtr, key, &passphrase,
                         &needsfree);

                 if( err == 0 ) {
                     nkeysrevoked++;
                     err = PGPRevokeKey( key,
                         PGPOPassphrase( context, passphrase ),
                         PGPOLastOption( context )
                         );
                     pgpAssertNoErr( err );
                 }
                 goto tail;
            }
        }

        err = PGPGetKeyBoolean( key, kPGPKeyPropIsDisabled, &propData );
        pgpAssertNoErr( err );

        if( propData ) {
            fprintf( filebPtr->pgpout,
                LANG("\nKey is already disabled.\n"
                     "Do you want to enable this key again (y/N)? "));
            if( getyesno( filebPtr,'n',0) ) {
                err = PGPEnableKey( key );
                pgpAssertNoErr( err );
            }
        } else {
            fprintf( filebPtr->pgpout,
                LANG("\nDisable this key (y/N)? "));
            if( getyesno( filebPtr,'n',0) ) {
                err = PGPDisableKey( key );
                pgpAssertNoErr( err );
            }
        }
tail:
        err = PGPKeyIterNext( keyiter, &key );
    }

    /*if( nkeysrevoked > 0 ) {
          err = PGPPropagateTrust( ringset );
          pgpAssertNoErr( err );
      }*/

    if( PGPKeySetNeedsCommit( ringset ) ) {
        err = PGPCommitKeyRingChanges( ringset );
    }

 done:
    if( needsfree ) {
        PGPFreeData( passphrase );
        pgpRemoveFromPointerList( mainbPtr->leaks, passphrase );
    }
    if (ringset)
        er2 = PGPFreeKeySet( ringset );
    mainbPtr->workingRingSet = NULL;
    if (keyiter)
        er2 = PGPFreeKeyIter( keyiter );
    if (keylist)
        er2 = PGPFreeKeyList( keylist );

    if ( !compatible && IsPGPError(err) &&
       pgpenvGetInt( env, PGPENV_VERBOSE, &pri, &er2) )
       pgpShowError(filebPtr, err,__FILE__,__LINE__);

    return err;
}
Example #27
0
static PGPError 
sChangeKeyPhrase (
		PGPContextRef	context,
		PGPKeySetRef	keyset,
		PGPKeyRef		key, 
		LPSTR			szOld, 
		PGPByte*		pPasskeyOld,
		PGPSize			sizePasskeyOld,
		PGPByte*		pPasskey,
		PGPSize			sizePasskey) 
{
	UINT			u;
	PGPKeyListRef	keylist;
	PGPKeyIterRef	keyiter;
	PGPSubKeyRef	subkey;
	PGPError		err;

	if (szOld) {
		err = PGPChangePassphrase (key, 
				PGPOPassphrase (context, szOld), 
				PGPOPasskeyBuffer (context, pPasskey, sizePasskey),
				PGPOLastOption (context));
	}
	else if (sizePasskeyOld > 0) {
		err = PGPChangePassphrase (key, 
				PGPOPasskeyBuffer (context, pPasskeyOld, sizePasskeyOld), 
				PGPOPasskeyBuffer (context, pPasskey, sizePasskey),
				PGPOLastOption (context));
	}
	else {
		err = PGPChangePassphrase (key, 
				PGPOPassphrase (context, ""), 
				PGPOPasskeyBuffer (context, pPasskey, sizePasskey),
				PGPOLastOption (context));
	}
	if (IsPGPError (err)) return err;

	PGPGetKeyNumber (key, kPGPKeyPropAlgID, &u);
	switch (u) {
	case kPGPPublicKeyAlgorithm_RSA :
		break;

	case kPGPPublicKeyAlgorithm_DSA :
		PGPOrderKeySet (keyset, kPGPAnyOrdering, &keylist);
		PGPNewKeyIter (keylist, &keyiter);
		PGPKeyIterSeek (keyiter, key);
		PGPKeyIterNextSubKey (keyiter, &subkey);
		while (subkey) {
			if (szOld) {
				err = PGPChangeSubKeyPassphrase (subkey, 
						PGPOPassphrase (context, szOld),
						PGPOPasskeyBuffer (context, pPasskey, sizePasskey),
						PGPOLastOption (context));
			}
			else if (sizePasskeyOld > 0) {
				err = PGPChangeSubKeyPassphrase (subkey, 
						PGPOPasskeyBuffer (context, 
											pPasskeyOld, sizePasskeyOld),
						PGPOPasskeyBuffer (context, pPasskey, sizePasskey),
						PGPOLastOption (context));
			}
			else {
				err = PGPChangeSubKeyPassphrase (subkey, 
						PGPOPassphrase (context, ""),
						PGPOPasskeyBuffer (context, pPasskey, sizePasskey),
						PGPOLastOption (context));
			}
			PGPKeyIterNextSubKey (keyiter, &subkey);
		}
		PGPFreeKeyIter (keyiter);
		PGPFreeKeyList (keylist);
		break;

	default :
		break;
	}

	return err;
}
Example #28
0
static PGPError 
sSaveSharesToFile (
		PSHAREHOLDERSTRUCT	pshs, 
		PGPContextRef		context,
		PGPShareRef			sharesTotal,
		PGPKeySetRef		keyset,
		LPSTR				pszFolder)
{
	PFLFileSpecRef		filespec		= NULL;
	PGPShareFileRef		sharefile		= NULL;
	PGPShareRef			sharesHolder	= NULL;
	PGPOptionListRef	encodeOptions	= NULL;
	PGPError			err				= kPGPError_NoErr;
	INT					iModifier		= 0;

	CHAR				szPath[MAX_PATH];
	CHAR				szModifier[MAX_SHARES_LEN+1];
	CHAR				sz1[32];
	CHAR				sz2[kPGPMaxUserIDSize + 32];
	PGPKeyRef			key;

	// create file name and filespec
	err = sCreateFilePathFromUserName (pszFolder, pshs->szUserID, 
						pshs->uShares, NULL, szPath, sizeof(szPath));
	if (IsPGPError (err)) goto SaveFileCleanup;

	// check for pre-existence of file
	while (GetFileAttributes (szPath) != 0xFFFFFFFF) {
		iModifier++;
		if (iModifier > MAX_SHARES) {
			err = kPGPError_CantOpenFile;
			goto SaveFileCleanup;
		}
		wsprintf (szModifier, " %i", iModifier);
		err = sCreateFilePathFromUserName (pszFolder, pshs->szUserID,
						pshs->uShares, szModifier, szPath, sizeof(szPath));
		if (IsPGPError (err)) goto SaveFileCleanup;
	}	

	err = PFLNewFileSpecFromFullPath (PGPGetContextMemoryMgr (context), 
		szPath, &filespec);
	if (IsPGPError (err)) goto SaveFileCleanup;
	
	err = PFLFileSpecCreate (filespec);
	if (IsPGPError (err)) goto SaveFileCleanup;

	err = PGPNewShareFile (filespec, &sharefile);
	if (IsPGPError (err)) goto SaveFileCleanup;

	err = PGPSetShareFileUserID (sharefile, pshs->szUserID);
	if (IsPGPError (err)) goto SaveFileCleanup;

	err = PGPSplitShares (sharesTotal, pshs->uShares, &sharesHolder);
	if (IsPGPError (err)) goto SaveFileCleanup;

	// if this shareholder has public key, use it
	if (pshs->bPublicKey) {
		err = PGPSetShareFileOwnerKeyID (sharefile, pshs->keyid);
		if (IsPGPError (err)) goto SaveFileCleanup;

		err = PGPGetKeyByKeyID (keyset, &(pshs->keyid), pshs->keyalg, &key);
		if (IsPGPError (err)) {
			LoadString (g_hInst, IDS_CAPTIONERROR, sz1, sizeof(sz1));
			LoadString (g_hInst, IDS_SHAREKEYGONE, sz2, sizeof(sz2));
			lstrcat (sz2, pshs->szUserID);
			MessageBox (NULL, sz2, sz1, MB_OK|MB_ICONERROR);
			err = kPGPError_UserAbort;
			goto SaveFileCleanup;
		}

		err = PGPBuildOptionList (context, &encodeOptions,
			PGPOEncryptToKey (context, key),
			PGPOLastOption (context));
		if (IsPGPError (err)) goto SaveFileCleanup;
	}

	// there is no public key for this shareholder
	else {
		err = PGPBuildOptionList (context, &encodeOptions,
			PGPOConventionalEncrypt (context,
				PGPOPassphrase (context, pshs->pszPassphrase),
				PGPOLastOption (context)),
			PGPOLastOption (context));
		if (IsPGPError (err)) goto SaveFileCleanup;
	}

	err = PGPCopySharesToFile (context, sharefile, 
									encodeOptions, sharesHolder);
	if (IsPGPError (err)) goto SaveFileCleanup;

	err = PGPSaveShareFile (sharefile);

SaveFileCleanup:

	if (encodeOptions != NULL)
		PGPFreeOptionList (encodeOptions);

	if (sharesHolder != NULL)
		PGPFreeShares (sharesHolder);

	if (sharefile != NULL)
		PGPFreeShareFile (sharefile);

	if (filespec != NULL)
		PFLFreeFileSpec (filespec);

	return err;
}
Example #29
0
BOOL 
KMSplitDropKeys (
		PSPLITKEYSTRUCT psks, 
		HANDLE	hMem) 
{
	PGPKeySetRef			keyset		= NULL;
	PGPKeyListRef			keylist		= NULL;
	PGPKeyIterRef			keyiter		= NULL;
	LPSTR					pMem		= NULL;

	PGPError				err;
	PGPKeyRef				key;
	PGPKeyID				keyid;
	BOOL					bKeys;
	PGPBoolean				bKeyIsUsable;
	size_t					sLen;
	PSHAREHOLDERSTRUCT		pshs;
	PGPPublicKeyAlgorithm	alg;

	bKeys = FALSE;

	if (hMem) {
		pMem = GlobalLock (hMem);
		if (pMem) {

			sLen = lstrlen (pMem);
			err = PGPImportKeySet (psks->pKM->Context, &keyset, 
							PGPOInputBuffer (psks->pKM->Context, pMem, sLen),
							PGPOLastOption (psks->pKM->Context));
			if (IsPGPError (err)) goto SplitDropCleanup;

			err = PGPOrderKeySet (keyset, kPGPAnyOrdering, &keylist);
			if (IsPGPError (err)) goto SplitDropCleanup;

			err = PGPNewKeyIter (keylist, &keyiter);
			if (IsPGPError (err)) goto SplitDropCleanup;

			PGPKeyIterNext (keyiter, &key);

			while (key) {
				bKeyIsUsable = FALSE;
				PGPGetKeyNumber (key, kPGPKeyPropAlgID, &alg);
				PGPGetKeyIDFromKey (key, &keyid);
				
				// key must either not be RSA or RSA ops must be enabled
				PGPGetKeyBoolean (key, kPGPKeyPropCanEncrypt, &bKeyIsUsable);

				// key must not be the same one that is being split
				if (alg == psks->keyalgToSplit) {
					if (PGPCompareKeyIDs (&keyid, &(psks->keyidToSplit))==0)
						bKeyIsUsable = FALSE;
				}

				// key must not already be in list
				if (sIsKeyIDAlreadyInList (&keyid, alg, psks))
					bKeyIsUsable = FALSE;

				if (bKeyIsUsable) {

					bKeys = TRUE;
					pshs = KMAlloc (sizeof(SHAREHOLDERSTRUCT));
					if (pshs) {
						PGPSize		size;

						pshs->bPublicKey = TRUE;
						pshs->pszPassphrase = NULL;
						pshs->uShares = 1;

						PGPGetPrimaryUserIDNameBuffer (key, 
							sizeof(pshs->szUserID), pshs->szUserID, &size);
						PGPGetKeyIDFromKey (key, &(pshs->keyid));
						PGPGetKeyNumber (key, 
							kPGPKeyPropAlgID, &(pshs->keyalg));

						if (sAddShareHolder (psks, pshs, 
								KMDetermineUserIDIcon (key, NULL, NULL), 
								psks->hwndList)) {
							psks->uTotalShares += pshs->uShares;
							SetDlgItemInt (psks->hwndDlg, IDC_TOTALSHARES, 
									psks->uTotalShares, FALSE);
							SendMessage (psks->hwndDlg, WM_COMMAND, 
									MAKEWPARAM(IDC_THRESHOLD, EN_CHANGE), 0);
						}
						else {
							KMFree (pshs);
						}
					}
				}

				PGPKeyIterNext (keyiter, &key);
			}

SplitDropCleanup :
			if (keyiter)
				PGPFreeKeyIter (keyiter);

			if (keylist)
				PGPFreeKeyList (keylist);

			if (keyset)
				PGPFreeKeySet (keyset);

			if (pMem)
				GlobalUnlock (hMem);
		}
	}
	
	return bKeys;
}
PGPUInt32
CHTTPXcertServer::DigestKey(
    PGPKeyRef	inKey,
    char *		inOutputBuffer)
{
    StPGPKeySetRef		singleKeySet;
    StPGPHashContextRef	hashContext;
    StPGPDataRef		buffer;
    PGPSize				bufSize;
    StPGPDataRef		encodedBuffer;
    PGPError			pgpErr;

    pgpErr = PGPNewSingletonKeySet(inKey, &singleKeySet);
    ThrowIfPGPError_(pgpErr);

    pgpErr = PGPExportKeySet(	singleKeySet,
                                PGPOExportFormat(mContext, kPGPExportFormat_X509Cert),
                                PGPOAllocatedOutputBuffer(	mContext,
                                        (void **) &buffer,
                                        MAX_PGPSize,
                                        &bufSize),
                                PGPOLastOption(mContext));
    ThrowIfPGPError_(pgpErr);
    singleKeySet.Free();
    encodedBuffer = static_cast<PGPByte *>(
                        PGPNewData(	PGPGetContextMemoryMgr(mContext),
                                    GetMaxBase64EncodedBufferSize(bufSize),
                                    kPGPMemoryMgrFlags_None));
    if (encodedBuffer == 0) {
        ThrowPGPError_(kPGPError_OutOfMemory);
    };
    bufSize = Base64Encode(	static_cast<const PGPByte *>(buffer),
                            bufSize,
                            encodedBuffer);
    buffer.Free();
    pgpErr = PGPNewHashContext(	PGPGetContextMemoryMgr(mContext),
                                kPGPHashAlgorithm_MD5,
                                &hashContext);
    ThrowIfPGPError_(pgpErr);

    // We have to skip the CRs in order to match XCert's hash
    char *	cur = encodedBuffer;
    char *	next;

    while ((next = strchr(cur, '\r')) != 0) {
        pgpErr = PGPContinueHash(hashContext, cur, next - cur);
        ThrowIfPGPError_(pgpErr);
        cur = next + 1;
    }
    pgpErr = PGPContinueHash(hashContext, cur, strlen(cur));
    ThrowIfPGPError_(pgpErr);
    encodedBuffer.Free();
    pgpErr = PGPGetHashSize(hashContext, &bufSize);
    buffer = static_cast<PGPByte *>(PGPNewData(	PGPGetContextMemoryMgr(mContext),
                                    bufSize,
                                    kPGPMemoryMgrFlags_None));
    if (buffer == 0) {
        ThrowPGPError_(kPGPError_OutOfMemory);
    };
    pgpErr = PGPFinalizeHash(hashContext, static_cast<char *>(buffer));
    ThrowIfPGPError_(pgpErr);
    return HexEncode(buffer, bufSize, inOutputBuffer);
}