static PGPError
sTestGroupValidity( PGPKeySetRef keySet )
{
PGPValidity validity;
PGPUInt32 numNotFound;
PGPError err = kPGPError_NoErr;
PGPGroupSetRef set;
PGPContextRef memoryMgr = NULL;
err = PGPNewContext( kPGPsdkAPIVersion, &memoryMgr );
if ( IsntPGPError( err ) )
{
err = PGPNewGroupSet( memoryMgr, &set );
if ( IsntPGPError( err ) )
{
PGPGroupID id;
err = PGPNewGroup( set, "test group", "", &id );
if ( IsntPGPError( err ) )
err = sAddAllKeysToGroup( set, id, keySet );
if ( IsntPGPError( err ) )
{
err = PGPGetGroupLowestValidity( set, id,
keySet, &validity, &numNotFound );
}
PGPFreeGroupSet( set );
}
PGPFreeContext( memoryMgr );
}
return( err );
}
DualErr
CreateGlobalPGPContext()
{
DualErr derr;
if (!PGPContextRefIsValid(GlobalContext))
derr = PGPNewContext(kPGPsdkAPIVersion, &GlobalContext);
return derr;
}
int __cdecl _pgp_init()
{
if(!pgpErrMsg)
pgpErrMsg = (LPSTR) LocalAlloc(LPTR,pgpErrMsgLen);
pgpVer = 0;
__try {
#if (PGP_WIN32 < 0x700)
if (CheckPGPError(PGPsdkInit()) || CheckPGPError(PGPsdkUILibInit())) return 0;
PGPNewContext(kPGPsdkAPIVersion, &pgpContext);
#else
if (CheckPGPError(PGPsdkInit(0)) || CheckPGPError(PGPsdkUILibInit(0))) return 0;
PGPNewContext(kPGPsdk20APIVersion, &pgpContext);
#endif
}
__except ( EXCEPTION_EXECUTE_HANDLER ) {
return 0;
}
#if (PGP_WIN32 < 0x700)
PGPGetSDKVersion(&pgpVer);
int minor = (pgpVer & 0x000FF000 ) >> 12;
switch(PGPMajorVersion(pgpVer)) {
case 2:
pgpVer = 1<<24 | ((minor+1)<<16) | (PGPRevVersion(pgpVer)<<8);
break;
case 3:
pgpVer = 1<<24 | ((minor+5)<<16) | (PGPRevVersion(pgpVer)<<8);
break;
default:
pgpVer = 1<<24 | (minor<<16) | (PGPRevVersion(pgpVer)<<8);
break;
}
#else
pgpVer = PGPGetPGPsdkVersion();
#endif
return 1;
}
int __cdecl _pgp_init()
{
if (!pgpErrMsg)
pgpErrMsg = (LPSTR) LocalAlloc(LPTR,pgpErrMsgLen);
pgpVer = 0;
#if defined(_WIN64)
return 0;
#else
__try {
if (CheckPGPError(PGPsdkInit(0)) || CheckPGPError(PGPsdkUILibInit(0))) return 0;
PGPNewContext(kPGPsdk20APIVersion, &pgpContext);
}
__except ( EXCEPTION_EXECUTE_HANDLER ) {
return 0;
}
pgpVer = PGPGetPGPsdkVersion();
return 1;
#endif
}
PGPError
TestGroupsUtil()
{
PGPContextRef context;
PGPError err = kPGPError_NoErr;
err = PGPNewContext( kPGPsdkAPIVersion, &context );
if ( IsntPGPError( err ) )
{
PGPKeySetRef keySet;
err = PGPOpenDefaultKeyRings( context, 0, &keySet );
if ( IsntPGPError( err ) )
{
err = sTestGroupValidity( keySet );
PGPFreeKeySet( keySet );
}
PGPFreeContext( context );
}
pgpAssertNoErr( err );
return( err );
}
BOOL InitPGPsc(HWND hwnd,void **PGPsc,void **PGPtls)
{
PGPError err;
PGPContextRef context;
PGPtlsContextRef tls;
DWORD OLERetVal;
err=PGPNewContext( kPGPsdkAPIVersion, &context );
if( IsPGPError(err) )
{
if(err == kPGPError_IncompatibleAPI)
{
PGPscMessageBox (hwnd,IDS_PGPERROR,IDS_WRONGSDK,
MB_OK|MB_ICONSTOP);
}
else
if(err == kPGPError_FeatureNotAvailable)
{
PGPscMessageBox (hwnd,IDS_PGPERROR,IDS_EVALEXPIRED,
MB_OK|MB_ICONSTOP);
}
else
PGPclErrorBox(hwnd,err);
return FALSE;
}
if(IsPGPError(PGPclIsExpired(hwnd)))
return FALSE;
err=PGPNewTLSContext (context, &tls);
if( IsPGPError(err) )
{
PGPclErrorBox(hwnd,err);
return FALSE;
}
err=PGPclInitLibrary(context);
if(err==kPGPError_UserAbort)
return FALSE;
if( IsPGPError(err) )
{
PGPclErrorBox(hwnd,err);
return FALSE;
}
OLERetVal=OleInitialize (NULL);
switch(OLERetVal)
{
case S_OK:
// The COM library and additional functionality were
// initialized successfully on this apartment.
break;
case S_FALSE:
{
// The COM library is already initialized on this
// apartment.
break;
}
case OLE_E_WRONGCOMPOBJ:
{
MessageBox(hwnd,
"The versions of COMPOBJ.DLL and OLE2.DLL on\n"
"your machine are incompatible with each other.",
"OLE Error",MB_OK);
return FALSE;
}
default:
{
MessageBox(hwnd,
"Error initializing OLE.",
"OLE Error",MB_OK);
return FALSE;
}
}
*PGPsc=(void *)context;
*PGPtls=(void *)tls;
g_uPurgePassphraseCacheMessage =
RegisterWindowMessage (PURGEPASSPHRASECACEHMSG);
return TRUE;
}
int main(int argc,char *argv[])
{
struct pgpmainBones *mainbPtr = &_pgp_mainBones;
struct pgpargsBones *argsbPtr;
struct pgpfileBones *filebPtr;
struct pgpenvBones *envbPtr;
PGPContextRef mainContext;
int errorLvl = 0, status;
PGPError err = PGPsdkInit();
pgpAssertNoErr(err);
err = PGPsdkNetworkLibInit();
pgpAssertNoErr(err);
err = PGPNewContext( kPGPsdkAPIVersion, &mainContext );
pgpAssertNoErr(err);
err = pgpInitSDKPrefsDir( mainContext );
pgpAssertNoErr(err);
initMainBones( mainbPtr, mainContext );
signonMsg(mainbPtr);
/* link the context and initialize what used to be the global
variables. */
argsbPtr = mainbPtr->argsbPtr;
filebPtr = mainbPtr->filebPtr;
envbPtr = mainbPtr->envbPtr;
err = pgpParseArgs( mainbPtr, argc, argv, &errorLvl);
/* parse the arguments */
if(err != 0)
goto ex;
if (argsbPtr->keyFlag && argsbPtr->keyChar == '\0') {
keyUsage(filebPtr,&errorLvl);
goto ex;
}
if (argsbPtr->groupFlag && argsbPtr->groupChar == '\0') {
groupUsage(filebPtr,&errorLvl);
goto ex;
}
/*
* Write to stdout if explicitly asked to, or in filter mode and
* no explicit file name was given.
*/
mainbPtr->outputStdout = argsbPtr->outputFileName ?
strcmp(argsbPtr->outputFileName, "-") == 0 : envbPtr->filterMode;
#if 1
/* At request of Peter Simons, use stderr always. Sounds reasonable. */
/* JIS: Put this code back in... removing it broke too many things */
if (!mainbPtr->outputStdout)
filebPtr->pgpout = stdout;
#endif
#if defined(PGP_UNIX) || defined(VMS)
umask(077); /* Make files default to private */
#endif
initSignals(); /* Catch signals */
/* get our groups...*/
err = pgpInitializeWorkingGroupSet( mainbPtr );
if (argsbPtr->keyFlag) {
status = doKeyOpt( mainbPtr, argsbPtr->keyChar, &errorLvl );
if (status < 0) {
userError(filebPtr,&errorLvl);
goto ex;
}
errorLvl=status;
goto ex;
}
if(argsbPtr->groupFlag) {
status = doGroupOpt( mainbPtr, argsbPtr->groupChar, &errorLvl );
if( status < 0 ) {
userError(filebPtr,&errorLvl);
goto ex;
}
errorLvl=status;
goto ex;
}
err = pgpProcessArgs(mainbPtr, &errorLvl);
ex:
err = pgpFinalizeWorkingGroupSet( mainbPtr );
pgpTearDown( mainbPtr, &errorLvl );
exit(errorLvl);
/*NOTREACHED*/
return errorLvl;
}
int
main(int argc, char *argv)
{
PGPnetKernelHost *result = 0;
PGPError err;
PGPInt32 i = 0;
PGPikeSA ikeSA[100];
PGPikeSA *sa = 0, ikeSATemplate;
PGPnetKernelSA *transportSA = 0;
PGPnetKernelSA *tunnelSA = 0;
PGPnetKernelHost *kernelHost = 0;
PGPnetKernelHost *kernelGateway = 0;
PGPUInt32 spi = 0;
PGPByte encryptedPacket[32768];
PGPByte decryptedPacket[32768];
PGPnetPacket netPacketSrc, netPacketDest;
PGPikeDOIParams doiParamsTemplate;
PNCONFIG pnConfig;
PGPnetKernelConfig tmpConfig;
PGPnetPMContext *pContext;
// Initialize the sdk library
err = PGPNewContext(kPGPsdkAPIVersion, &g_Context);
if (IsPGPError(err)) {
if (err == kPGPError_FeatureNotAvailable) {
fprintf(stderr, "Fatal Error: This version of the PGP SDK has expired");
g_Context = 0;
goto end;
} else {
fprintf(stderr, "Fatal Error: Couldn't get a context from the PGP SDK");
g_Context = 0;
goto end;
}
}
// read in the PGPnet configuration
memset(&pnConfig, '\0', sizeof(pnConfig));
err = PGPnetLoadConfiguration(g_Context, &pnConfig);
if (IsPGPError(err)) {
fprintf(stderr, "Fatal Error: Unable to load configuration");
goto end;
}
///>>> 04jan99 pbj
tmpConfig.bPGPnetEnabled = pnConfig.bPGPnetEnabled;
///<<<
tmpConfig.bAllowUnconfigHost = pnConfig.bAllowUnconfigHost;
tmpConfig.bAttemptUnconfigHost = pnConfig.bAttemptUnconfigHost;
pContext = malloc(sizeof(PGPnetPMContext));
memset(pContext, '\0', sizeof(PGPnetPMContext));
(void) PMAddConfig(pContext, &tmpConfig);
for (i = 0; i < pnConfig.uHostCount; i++) {
result = PMAddHost(pContext, &(pnConfig.pHostList[i]));
}
for (i = pnConfig.uHostCount-1; i >= 0; i--) {
result = PMFindHost(pContext, PGPStorageToUInt32(pnConfig.pHostList[i].ipAddress));
}
/*
typedef struct PGPikeSA
{
PGPUInt32 ipAddress;
PGPUInt32 kbLifeTime;
PGPUInt32 secLifeTime;
PGPTime birthTime;
PGPikeDOI doi;
PGPUInt16 numTransforms;
PGPikeDOIParams transform[kPGPike_MaxTransforms];
} PGPikeSA;
typedef struct PGPipsecESPTransform
{
PGPipsecESPTransformID cipher;
PGPipsecAuthAttribute authAttr;
PGPipsecEncapsulation mode;
} PGPipsecESPTransform;
typedef struct PGPipsecDOIParams
{
PGPipsecSPI inSPI;
PGPipsecSPI outSPI;
PGPipsecProtocol protocol;
union
{
struct
{
PGPipsecAHTransform t;
PGPByte inAuthKey[kPGPike_AuthMaximumKeySize];
PGPByte outAuthKey[kPGPike_AuthMaximumKeySize];
} ah;
struct
{
PGPipsecESPTransform t;
PGPByte inESPKey[kPGPike_ESPMaximumKeySize];
PGPByte outESPKey[kPGPike_ESPMaximumKeySize];
PGPByte inAuthKey[kPGPike_AuthMaximumKeySize];
PGPByte outAuthKey[kPGPike_AuthMaximumKeySize];
} esp;
struct
{
PGPipsecIPCOMPTransform t;
} ipcomp;
} u;
} PGPipsecDOIParams;
*/
memmove(&(doiParamsTemplate.u.ipsec.u.esp.inESPKey),
"This is an ESP Key",
kPGPike_ESPMaximumKeySize);
memmove(&(doiParamsTemplate.u.ipsec.u.esp.outESPKey),
"This is an ESP Key",
kPGPike_ESPMaximumKeySize);
memmove(&(doiParamsTemplate.u.ipsec.u.esp.inAuthKey),
"This is an Auth Key",
kPGPike_ESPMaximumKeySize);
memmove(&(doiParamsTemplate.u.ipsec.u.esp.outAuthKey),
"This is an Auth Key",
kPGPike_AuthMaximumKeySize);
doiParamsTemplate.u.ipsec.u.esp.t.cipher = kPGPike_ET_CAST;
doiParamsTemplate.u.ipsec.u.esp.t.authAttr = kPGPike_AA_HMAC_SHA;
doiParamsTemplate.u.ipsec.u.esp.t.mode = kPGPike_PM_Transport;
doiParamsTemplate.u.ipsec.protocol = kPGPike_PR_ESP;
ikeSATemplate.ipAddress = 0;
ikeSATemplate.kbLifeTime = 1024;
ikeSATemplate.secLifeTime = 0;
ikeSATemplate.birthTime = PGPGetTime();
ikeSATemplate.doi = kPGPike_DOI_IPSEC;
ikeSATemplate.numTransforms = 1;
memmove(&(ikeSATemplate.transform[0]), &doiParamsTemplate, sizeof(PGPikeDOIParams));
for (i = 0; i < pnConfig.uHostCount; i++) {
sa = &ikeSA[i];
memset(sa, '\0', sizeof(sa));
memmove(sa, &ikeSATemplate, sizeof(PGPikeSA));
sa->ipAddress = PGPStorageToUInt32(pnConfig.pHostList[i].ipAddress);
PGPUInt32ToStorage(spi++, sa->transform[0].u.ipsec.inSPI);
PGPUInt32ToStorage(spi++, sa->transform[0].u.ipsec.outSPI);
PMAddSA(pContext, (unsigned char*)sa);
}
for (i = pnConfig.uHostCount-1; i >= 0; i--) {
transportSA = NULL;
tunnelSA = NULL;
kernelHost = NULL;
kernelGateway = NULL;
kernelHost = PMFindHost(pContext, PGPStorageToUInt32(pnConfig.pHostList[i].ipAddress));
if (kernelHost->childOf >= 0)
kernelGateway = PMFindHost(pContext, PMParentHostIP(pContext, kernelHost));
if ((kernelHost->hostType == kPGPnetInsecureHost) ||
(kernelHost->hostType == kPGPnetSecureGateway))
kernelHost = NULL;
if (kernelHost != NULL)
transportSA = PMFindSA(pContext, kernelHost->ipAddress);
if (kernelGateway != NULL)
tunnelSA = PMFindSA(pContext, kernelGateway->ipAddress);
netPacketSrc.allocatedSize = sizeof(originalPacket);
netPacketSrc.actualSize = sizeof(originalPacket);
netPacketSrc.data = originalPacket;
netPacketDest.allocatedSize = 32768;
netPacketDest.actualSize = 0;
netPacketDest.data = encryptedPacket;
err = PGPnetIPsecApplySA(&netPacketSrc, &netPacketDest, transportSA, tunnelSA, FALSE);
if (IsPGPError(err)) {
fprintf(stderr, "Error applying SA to outgoing packet: %d\n", err);
goto end;
}
netPacketSrc.allocatedSize = 32768;
netPacketSrc.actualSize = netPacketDest.actualSize;
netPacketSrc.data = encryptedPacket;
netPacketDest.allocatedSize = 32768;
netPacketDest.actualSize = 0;
netPacketDest.data = decryptedPacket;
err = PGPnetIPsecApplySA(&netPacketSrc, &netPacketDest, transportSA, tunnelSA, TRUE);
if (IsPGPError(err)) {
fprintf(stderr, "Error applying SA to incoming packet: %d\n", err);
goto end;
}
}
end:
free(pContext);
return 0;
}
static VOID
sSetHotKeys (HWND hwnd)
{
PGPInt32 ids = 0;
PGPHotKeys hotkeys;
PGPHotKeys* phks;
PGPPrefRef prefref;
PGPSize size;
PGPError err;
PGPContextRef context;
err = PGPNewContext (kPGPsdkAPIVersion, &context);
if (IsPGPError (err))
return;
err = PGPclOpenClientPrefs (PGPGetContextMemoryMgr (context), &prefref);
if (IsPGPError (err))
return;
memcpy (&hotkeys, &sDefaultHotKeys, sizeof(hotkeys));
err = PGPGetPrefData (prefref, kPGPPrefHotKeyData, &size, &phks);
if (IsntPGPError (err))
{
if (size == sizeof (hotkeys))
memcpy (&hotkeys, phks, size);
PGPDisposePrefData (prefref, phks);
}
if (!sSetSingleHotKey (hwnd, kPurgePassphraseCache,
hotkeys.hotkeyPurgePassphraseCache))
{
hotkeys.hotkeyPurgePassphraseCache &= ~kPGPHotKeyEnabled;
ids = IDS_CANNOTSETPURGEHOTKEY;
goto done;
}
if (!sSetSingleHotKey (hwnd, kEncryptCurrentWindow,
hotkeys.hotkeyEncrypt))
{
hotkeys.hotkeyEncrypt &= ~kPGPHotKeyEnabled;
ids = IDS_CANNOTSETENCRYPTHOTKEY;
goto done;
}
if (!sSetSingleHotKey (hwnd, kSignCurrentWindow,
hotkeys.hotkeySign))
{
hotkeys.hotkeySign &= ~kPGPHotKeyEnabled;
ids = IDS_CANNOTSETSIGNHOTKEY;
goto done;
}
if (!sSetSingleHotKey (hwnd, kEncryptSignCurrentWindow,
hotkeys.hotkeyEncryptSign))
{
hotkeys.hotkeyEncryptSign &= ~kPGPHotKeyEnabled;
ids = IDS_CANNOTSETENCRYPTSIGNHOTKEY;
goto done;
}
if (!sSetSingleHotKey (hwnd, kDecryptCurrentWindow,
hotkeys.hotkeyDecrypt))
{
hotkeys.hotkeyDecrypt &= ~kPGPHotKeyEnabled;
ids = IDS_CANNOTSETDECRYPTHOTKEY;
goto done;
}
/// if (!sSetSingleHotKey (hwnd, kUnmountPGPDisks,
/// hotkeys.hotkeyDiskUnmount))
/// {
/// ids = IDS_CANNOTSETUNMOUNTHOTKEY;
/// goto done;
/// }
done:
if (ids)
{
PGPSetPrefData (
prefref, kPGPPrefHotKeyData, sizeof(hotkeys), &hotkeys);
PGPclCloseClientPrefs (prefref, TRUE);
PTMessageBox (hwnd, IDS_CAPTION, ids, MB_ICONEXCLAMATION|MB_OK);
PGPclPreferences (context, hwnd, PGPCL_HOTKEYPREFS, NULL);
}
else
PGPclCloseClientPrefs (prefref, FALSE);
PGPFreeContext (context);
}
