+ int sha1chk:1; /* SHA1 is used instead of a 16 bit checksum */
+ u16 csum; /* Checksum for old protection modes. */
+ byte algo; /* Cipher used to protect the secret information. */
+ STRING2KEY s2k; /* S2K parameter. */
+ byte ivlen; /* Used length of the IV. */
+ byte iv[16]; /* Initialization vector for CFB mode. */
+};
+
+
+/****************
+ * We assume that secret keys have the same number of parameters as
+ * the public key and that the public parameters are the first items
+ * in the PKEY array. Thus NPKEY is always less than NSKEY and it is
+ * possible to compare the secret and public keys by comparing the
+ * first NPKEY elements of the PKEY array. Note that since GnuPG 2.1
+ * we don't use secret keys anymore directly because they are managed
+ * by gpg-agent. However for parsing OpenPGP key files we need a way
+ * to temporary store those secret keys. We do this by putting them
+ * into the public key structure and extending the PKEY field to NSKEY
+ * elements; the extra secret key information are stored in the
+ * SECKEY_INFO field.
+ */
+typedef struct
+{
+ u32 timestamp; /* key made */
+ u32 expiredate; /* expires at this date or 0 if not at all */
+ u32 max_expiredate; /* must not expire past this date */
+ struct revoke_info revoked;
+ byte hdrbytes; /* number of header bytes */
+ byte version;
+ byte selfsigversion; /* highest version of all of the self-sigs */
+ byte pubkey_algo; /* algorithm used for public key scheme */
+ byte pubkey_usage; /* for now only used to pass it to getkey() */
+ byte req_usage; /* hack to pass a request to getkey() */
+ byte req_algo; /* Ditto */
+ u32 has_expired; /* set to the expiration date if expired */
+ u32 main_keyid[2]; /* keyid of the primary key */
+ u32 keyid[2]; /* calculated by keyid_from_pk() */
+ prefitem_t *prefs; /* list of preferences (may be NULL) */
+ struct
+ {
+ unsigned int mdc:1; /* MDC feature set. */
+ unsigned int disabled_valid:1;/* The next flag is valid. */
+ unsigned int disabled:1; /* The key has been disabled. */
+ unsigned int primary:1; /* This is a primary key. */
+ unsigned int revoked:2; /* Key has been revoked.
+ 1 = revoked by the owner
+ 2 = revoked by designated revoker. */
+ unsigned int maybe_revoked:1; /* A designated revocation is
+ present, but without the key to
+ check it. */
+ unsigned int valid:1; /* Key (especially subkey) is valid. */
+ unsigned int dont_cache:1; /* Do not cache this key. */
+ unsigned int backsig:2; /* 0=none, 1=bad, 2=good. */
+ unsigned int serialno_valid:1;/* SERIALNO below is valid. */
+ } flags;
+ PKT_user_id *user_id; /* If != NULL: found by that uid. */
+ struct revocation_key *revkey;
+ int numrevkeys;
+ u32 trust_timestamp;
+ byte trust_depth;
+ byte trust_value;
+ const byte *trust_regexp;
+ char *serialno; /* Malloced hex string or NULL if it is
+ likely not on a card. See also
+ flags.serialno_valid. */
+ struct seckey_info *seckey_info; /* If not NULL this malloced
+ structure describes a secret
+ key. */
+ gcry_mpi_t pkey[PUBKEY_MAX_NSKEY]; /* Right, NSKEY elements. */
+} PKT_public_key;
+
+/* Evaluates as true if the pk is disabled, and false if it isn't. If
+ there is no disable value cached, fill one in. */
+#define pk_is_disabled(a) \
+ (((a)->flags.disabled_valid)? \
+ ((a)->flags.disabled):(cache_disabled_value((a))))
projects / gnupg.git / blobdiff