repos/pEpEngine: src/keymanagement.c@10a56596be7d (annotated)

vb@130	1	#include "platform.h"
vb@0	2
vb@0	3	#include <string.h>
vb@0	4	#include <stdio.h>
vb@0	5	#include <stdlib.h>
vb@0	6	#include <assert.h>
Edouard@512	7	#include <ctype.h>
vb@0	8
vb@217	9	#include "pEp_internal.h"
vb@0	10	#include "keymanagement.h"
vb@0	11
Edouard@439	12	#ifndef EMPTYSTR
roker@500	13	#define EMPTYSTR(STR) ((STR) == NULL \|\| (STR)[0] == '\0')
vb@8	14	#endif
vb@8	15
vb@214	16	#define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)
vb@214	17
Edouard@512	18	// Space tolerant and case insensitive fingerprint string compare
Edouard@512	19	static int _same_fpr(
Edouard@512	20	const char* fpra,
Edouard@512	21	size_t fpras,
Edouard@512	22	const char* fprb,
Edouard@512	23	size_t fprbs
Edouard@512	24	)
Edouard@512	25	{
Edouard@512	26	size_t ai = 0;
Edouard@512	27	size_t bi = 0;
Edouard@512	28
Edouard@544	29	do
Edouard@544	30	{
Edouard@544	31	if(fpra[ai] == 0 \|\| fprb[bi] == 0)
Edouard@544	32	{
Edouard@512	33	return 0;
Edouard@544	34	}
Edouard@544	35	else if(fpra[ai] == ' ')
Edouard@544	36	{
Edouard@512	37	ai++;
Edouard@544	38	}
Edouard@544	39	else if(fprb[bi] == ' ')
Edouard@544	40	{
Edouard@512	41	bi++;
Edouard@544	42	}
Edouard@544	43	else if(toupper(fpra[ai]) == toupper(fprb[bi]))
Edouard@544	44	{
Edouard@512	45	ai++;
Edouard@512	46	bi++;
Edouard@512	47	}
Edouard@544	48	else
Edouard@544	49	{
Edouard@544	50	return 0;
Edouard@544	51	}
Edouard@544	52
Edouard@544	53	}
Edouard@544	54	while(ai < fpras && bi < fprbs);
Edouard@512	55
Edouard@512	56	return ai == fpras && bi == fprbs;
Edouard@512	57	}
Edouard@512	58
Edouard@774	59	PEP_STATUS elect_pubkey(
Edouard@755	60	PEP_SESSION session, pEp_identity * identity
Edouard@755	61	)
Edouard@755	62	{
Edouard@755	63	PEP_STATUS status;
Edouard@755	64	stringlist_t *keylist;
Edouard@755	65	char *_fpr = NULL;
Edouard@755	66	identity->comm_type = PEP_ct_unknown;
Edouard@755	67
Edouard@755	68	status = find_keys(session, identity->address, &keylist);
Edouard@755	69	assert(status != PEP_OUT_OF_MEMORY);
Edouard@755	70	if (status == PEP_OUT_OF_MEMORY)
Edouard@755	71	return PEP_OUT_OF_MEMORY;
Edouard@755	72
Edouard@755	73	stringlist_t *_keylist;
Edouard@755	74	for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
Edouard@755	75	PEP_comm_type _comm_type_key;
Edouard@755	76
Edouard@755	77	status = get_key_rating(session, _keylist->value, &_comm_type_key);
Edouard@755	78	assert(status != PEP_OUT_OF_MEMORY);
Edouard@755	79	if (status == PEP_OUT_OF_MEMORY) {
Edouard@755	80	free_stringlist(keylist);
Edouard@755	81	return PEP_OUT_OF_MEMORY;
Edouard@755	82	}
Edouard@755	83
Edouard@755	84	if (_comm_type_key != PEP_ct_compromized &&
Edouard@755	85	_comm_type_key != PEP_ct_unknown)
Edouard@755	86	{
Edouard@755	87	if (identity->comm_type == PEP_ct_unknown \|\|
Edouard@755	88	_comm_type_key > identity->comm_type)
Edouard@755	89	{
Edouard@755	90	identity->comm_type = _comm_type_key;
Edouard@755	91	_fpr = _keylist->value;
Edouard@755	92	}
Edouard@755	93	}
Edouard@755	94	}
Edouard@755	95
Edouard@755	96	if (_fpr) {
Edouard@755	97	free(identity->fpr);
Edouard@755	98
Edouard@755	99	identity->fpr = strdup(_fpr);
Edouard@755	100	if (identity->fpr == NULL) {
Edouard@755	101	free_stringlist(keylist);
Edouard@755	102	return PEP_OUT_OF_MEMORY;
Edouard@755	103	}
Edouard@755	104	}
Edouard@755	105	free_stringlist(keylist);
Edouard@755	106	return PEP_STATUS_OK;
Edouard@755	107	}
Edouard@755	108
vb@0	109	DYNAMIC_API PEP_STATUS update_identity(
vb@0	110	PEP_SESSION session, pEp_identity * identity
vb@0	111	)
vb@0	112	{
vb@0	113	pEp_identity *stored_identity;
vb@0	114	PEP_STATUS status;
vb@0	115
vb@0	116	assert(session);
vb@0	117	assert(identity);
Edouard@439	118	assert(!EMPTYSTR(identity->address));
vb@0	119
Edouard@439	120	if (!(session && identity && !EMPTYSTR(identity->address)))
vb@191	121	return PEP_ILLEGAL_VALUE;
vb@191	122
Edouard@559	123	int _no_user_id = EMPTYSTR(identity->user_id);
Edouard@559	124
Edouard@559	125	if (_no_user_id)
Edouard@559	126	{
vb@1015	127	status = get_identity(session, identity->address, PEP_OWN_USERID,
vb@1015	128	&stored_identity);
vb@1015	129	if (status == PEP_STATUS_OK) {
vb@1015	130	free_identity(stored_identity);
vb@1015	131	return myself(session, identity);
vb@1015	132	}
vb@1015	133
Edouard@559	134	free(identity->user_id);
Edouard@559	135
vb@591	136	identity->user_id = calloc(1, strlen(identity->address) + 6);
Edouard@562	137	if (!identity->user_id)
Edouard@559	138	{
Edouard@562	139	return PEP_OUT_OF_MEMORY;
Edouard@559	140	}
vb@983	141	snprintf(identity->user_id, strlen(identity->address) + 6,
Edouard@562	142	"TOFU_%s", identity->address);
Edouard@559	143	}
vb@934	144
Edouard@559	145	status = get_identity(session,
Edouard@559	146	identity->address,
Edouard@559	147	identity->user_id,
Edouard@559	148	&stored_identity);
Edouard@559	149
vb@0	150	assert(status != PEP_OUT_OF_MEMORY);
vb@0	151	if (status == PEP_OUT_OF_MEMORY)
Edouard@829	152	goto exit_free;
vb@0	153
vb@14	154	if (stored_identity) {
vb@14	155	PEP_comm_type _comm_type_key;
vb@14	156	status = get_key_rating(session, stored_identity->fpr, &_comm_type_key);
vb@14	157	assert(status != PEP_OUT_OF_MEMORY);
vb@14	158	if (status == PEP_OUT_OF_MEMORY)
Edouard@829	159	goto exit_free;
vb@10	160
Edouard@439	161	if (EMPTYSTR(identity->username)) {
vb@22	162	free(identity->username);
vb@591	163	identity->username = strdup(stored_identity->username);
Edouard@498	164	assert(identity->username);
Edouard@829	165	if (identity->username == NULL){
Edouard@829	166	status = PEP_OUT_OF_MEMORY;
Edouard@829	167	goto exit_free;
Edouard@829	168	}
vb@22	169	}
vb@22	170
Edouard@439	171	if (EMPTYSTR(identity->fpr)) {
vb@591	172	identity->fpr = strdup(stored_identity->fpr);
vb@8	173	assert(identity->fpr);
vb@8	174	if (identity->fpr == NULL)
vb@8	175	return PEP_OUT_OF_MEMORY;
vb@14	176	if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
Edouard@774	177	PEP_STATUS status = elect_pubkey(session, identity);
Edouard@755	178	if (status != PEP_STATUS_OK)
Edouard@829	179	goto exit_free;
vb@14	180	}
vb@14	181	else {
vb@14	182	identity->comm_type = stored_identity->comm_type;
vb@14	183	}
vb@8	184	}
Edouard@439	185	else /* !EMPTYSTR(identity->fpr) */ {
Edouard@512	186	if (_same_fpr(identity->fpr,
vb@591	187	strlen(identity->fpr),
Edouard@512	188	stored_identity->fpr,
vb@591	189	strlen(stored_identity->fpr))) {
vb@14	190	if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
vb@14	191	identity->comm_type = _comm_type_key;
Edouard@488	192	}else{
Edouard@488	193	identity->comm_type = stored_identity->comm_type;
Edouard@488	194	if (identity->comm_type == PEP_ct_unknown) {
Edouard@488	195	identity->comm_type = _comm_type_key;
vb@8	196	}
vb@8	197	}
vb@496	198	} else {
Edouard@488	199	status = get_trust(session, identity);
Edouard@488	200	assert(status != PEP_OUT_OF_MEMORY);
Edouard@488	201	if (status == PEP_OUT_OF_MEMORY)
Edouard@829	202	goto exit_free;
vb@496	203	if (identity->comm_type < stored_identity->comm_type)
vb@496	204	identity->comm_type = PEP_ct_unknown;
vb@8	205	}
vb@8	206	}
vb@8	207
vb@21	208	if (identity->lang[0] == 0) {
vb@21	209	identity->lang[0] = stored_identity->lang[0];
vb@21	210	identity->lang[1] = stored_identity->lang[1];
vb@21	211	identity->lang[2] = 0;
vb@21	212	}
vb@932	213
vb@932	214	identity->flags = stored_identity->flags;
vb@21	215	}
vb@21	216	else /* stored_identity == NULL */ {
vb@934	217	identity->flags = 0;
vb@934	218
Edouard@439	219	if (!EMPTYSTR(identity->fpr)) {
vb@21	220	PEP_comm_type _comm_type_key;
vb@21	221
vb@21	222	status = get_key_rating(session, identity->fpr, &_comm_type_key);
vb@21	223	assert(status != PEP_OUT_OF_MEMORY);
vb@21	224	if (status == PEP_OUT_OF_MEMORY)
Edouard@829	225	goto exit_free;
vb@21	226
vb@21	227	identity->comm_type = _comm_type_key;
vb@21	228	}
Edouard@439	229	else /* EMPTYSTR(identity->fpr) */ {
Edouard@774	230	PEP_STATUS status = elect_pubkey(session, identity);
Edouard@755	231	if (status != PEP_STATUS_OK)
Edouard@829	232	goto exit_free;
vb@21	233	}
vb@21	234	}
vb@21	235
vb@21	236	status = PEP_STATUS_OK;
vb@21	237
Edouard@439	238	if (identity->comm_type != PEP_ct_unknown && !EMPTYSTR(identity->user_id)) {
Edouard@439	239	assert(!EMPTYSTR(identity->username)); // this should not happen
vb@22	240
Edouard@439	241	if (EMPTYSTR(identity->username)) { // mitigate
vb@0	242	free(identity->username);
vb@22	243	identity->username = strdup("anonymous");
vb@931	244	assert(identity->username);
Edouard@829	245	if (identity->username == NULL){
Edouard@829	246	status = PEP_OUT_OF_MEMORY;
Edouard@829	247	goto exit_free;
Edouard@829	248	}
vb@0	249	}
vb@8	250
Edouard@755	251	// Identity doesn't get stored if call was just about checking existing
Edouard@755	252	// user by address (i.e. no user id given but already stored)
Edouard@559	253	if (!(_no_user_id && stored_identity))
Edouard@559	254	{
Edouard@559	255	status = set_identity(session, identity);
Edouard@559	256	assert(status == PEP_STATUS_OK);
Edouard@559	257	if (status != PEP_STATUS_OK) {
Edouard@829	258	goto exit_free;
Edouard@559	259	}
Edouard@499	260	}
vb@8	261	}
vb@8	262
vb@297	263	if (identity->comm_type != PEP_ct_compromized &&
vb@297	264	identity->comm_type < PEP_ct_strong_but_unconfirmed)
vb@297	265	if (session->examine_identity)
vb@297	266	session->examine_identity(identity, session->examine_management);
vb@297	267
Edouard@829	268	exit_free :
Edouard@829	269
Edouard@829	270	if (stored_identity){
Edouard@829	271	free_identity(stored_identity);
Edouard@829	272	}
Edouard@829	273
vb@8	274	return status;
vb@0	275	}
vb@0	276
Edouard@774	277	PEP_STATUS elect_ownkey(
Edouard@774	278	PEP_SESSION session, pEp_identity * identity
Edouard@774	279	)
Edouard@774	280	{
Edouard@774	281	PEP_STATUS status;
Edouard@774	282	stringlist_t *keylist = NULL;
Edouard@774	283
Edouard@774	284	free(identity->fpr);
Edouard@774	285	identity->fpr = NULL;
Edouard@774	286
Edouard@774	287	status = find_keys(session, identity->address, &keylist);
Edouard@774	288	assert(status != PEP_OUT_OF_MEMORY);
Edouard@774	289	if (status == PEP_OUT_OF_MEMORY)
Edouard@774	290	return PEP_OUT_OF_MEMORY;
Edouard@774	291
Edouard@774	292	if (keylist != NULL && keylist->value != NULL)
Edouard@774	293	{
Edouard@774	294	char *_fpr = NULL;
Edouard@774	295	identity->comm_type = PEP_ct_unknown;
Edouard@774	296
Edouard@774	297	stringlist_t *_keylist;
Edouard@774	298	for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
Edouard@774	299	bool is_own = false;
Edouard@774	300
Edouard@774	301	if (session->use_only_own_private_keys)
Edouard@774	302	{
Edouard@774	303	status = own_key_is_listed(session, _keylist->value, &is_own);
Edouard@774	304	assert(status == PEP_STATUS_OK);
Edouard@774	305	if (status != PEP_STATUS_OK) {
Edouard@774	306	free_stringlist(keylist);
Edouard@774	307	return status;
Edouard@774	308	}
Edouard@774	309	}
Edouard@774	310
Edouard@774	311	// TODO : also accept synchronized device group keys ?
Edouard@774	312
Edouard@774	313	if (!session->use_only_own_private_keys \|\| is_own)
Edouard@774	314	{
Edouard@774	315	PEP_comm_type _comm_type_key;
Edouard@774	316
Edouard@774	317	status = get_key_rating(session, _keylist->value, &_comm_type_key);
Edouard@774	318	assert(status != PEP_OUT_OF_MEMORY);
Edouard@774	319	if (status == PEP_OUT_OF_MEMORY) {
Edouard@774	320	free_stringlist(keylist);
Edouard@774	321	return PEP_OUT_OF_MEMORY;
Edouard@774	322	}
Edouard@774	323
Edouard@774	324	if (_comm_type_key != PEP_ct_compromized &&
Edouard@774	325	_comm_type_key != PEP_ct_unknown)
Edouard@774	326	{
Edouard@774	327	if (identity->comm_type == PEP_ct_unknown \|\|
Edouard@774	328	_comm_type_key > identity->comm_type)
Edouard@774	329	{
Edouard@774	330	identity->comm_type = _comm_type_key;
Edouard@774	331	_fpr = _keylist->value;
Edouard@774	332	}
Edouard@774	333	}
Edouard@774	334	}
Edouard@774	335	}
Edouard@774	336
Edouard@774	337	if (_fpr)
Edouard@774	338	{
Edouard@774	339	identity->fpr = strdup(_fpr);
Edouard@774	340	assert(identity->fpr);
Edouard@774	341	if (identity->fpr == NULL)
Edouard@774	342	{
Edouard@774	343	free_stringlist(keylist);
Edouard@774	344	return PEP_OUT_OF_MEMORY;
Edouard@774	345	}
Edouard@774	346	}
Edouard@774	347	free_stringlist(keylist);
Edouard@774	348	}
Edouard@774	349	return PEP_STATUS_OK;
Edouard@774	350	}
Edouard@774	351
vb@0	352	DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
vb@0	353	{
Edouard@560	354	pEp_identity *stored_identity;
vb@0	355	PEP_STATUS status;
vb@0	356
vb@0	357	assert(session);
vb@0	358	assert(identity);
vb@1044	359	assert(!EMPTYSTR(identity->address));
vb@1043	360
Edouard@658	361	assert(EMPTYSTR(identity->user_id) \|\|
Edouard@658	362	strcmp(identity->user_id, PEP_OWN_USERID) == 0);
vb@0	363
vb@1044	364	if (!(session && identity && !EMPTYSTR(identity->address) &&
vb@1043	365	(EMPTYSTR(identity->user_id) \|\|
vb@1043	366	strcmp(identity->user_id, PEP_OWN_USERID) == 0)))
vb@191	367	return PEP_ILLEGAL_VALUE;
vb@191	368
vb@0	369	identity->comm_type = PEP_ct_pEp;
vb@0	370	identity->me = true;
Edouard@658	371
vb@1043	372	if (EMPTYSTR(identity->user_id))
Edouard@658	373	{
Edouard@658	374	free(identity->user_id);
Edouard@658	375	identity->user_id = strdup(PEP_OWN_USERID);
Edouard@658	376	assert(identity->user_id);
Edouard@658	377	if (identity->user_id == NULL)
Edouard@658	378	return PEP_OUT_OF_MEMORY;
Edouard@658	379	}
vb@0	380
vb@1044	381	DEBUG_LOG("myself", "debug", identity->address);
vb@1044	382
Edouard@560	383	status = get_identity(session,
Edouard@560	384	identity->address,
Edouard@560	385	identity->user_id,
Edouard@560	386	&stored_identity);
Edouard@560	387
vb@0	388	assert(status != PEP_OUT_OF_MEMORY);
vb@0	389	if (status == PEP_OUT_OF_MEMORY)
vb@0	390	return PEP_OUT_OF_MEMORY;
Edouard@560	391
Edouard@560	392	if (stored_identity)
Edouard@560	393	{
Edouard@560	394	if (EMPTYSTR(identity->fpr)) {
vb@591	395	identity->fpr = strdup(stored_identity->fpr);
Edouard@560	396	assert(identity->fpr);
Edouard@560	397	if (identity->fpr == NULL)
Edouard@560	398	{
Edouard@560	399	return PEP_OUT_OF_MEMORY;
Edouard@560	400	}
Edouard@560	401	}
vb@932	402
vb@932	403	identity->flags = stored_identity->flags;
Edouard@588	404	}
Edouard@588	405	else if (!EMPTYSTR(identity->fpr))
Edouard@588	406	{
Edouard@588	407	// App must have a good reason to give fpr, such as explicit
Edouard@588	408	// import of private key, or similar.
Edouard@588	409
Edouard@658	410	// Take given fpr as-is.
vb@934	411
vb@934	412	identity->flags = 0;
Edouard@560	413	}
Edouard@560	414	else
Edouard@560	415	{
Edouard@774	416	status = elect_ownkey(session, identity);
Edouard@774	417	assert(status == PEP_STATUS_OK);
Edouard@774	418	if (status != PEP_STATUS_OK) {
Edouard@774	419	return status;
Edouard@560	420	}
vb@934	421
vb@934	422	identity->flags = 0;
Edouard@560	423	}
Edouard@695	424
Edouard@695	425	bool revoked = false;
Edouard@695	426	char *r_fpr = NULL;
Edouard@695	427	if (!EMPTYSTR(identity->fpr))
Edouard@695	428	{
Edouard@695	429	status = key_revoked(session, identity->fpr, &revoked);
Edouard@775	430
Edouard@775	431	// Forces re-election if key is missing and own-key-only not forced
Edouard@775	432	if (!session->use_only_own_private_keys && status == PEP_KEY_NOT_FOUND)
Edouard@775	433	{
Edouard@775	434	status = elect_ownkey(session, identity);
Edouard@775	435	assert(status == PEP_STATUS_OK);
Edouard@775	436	if (status != PEP_STATUS_OK) {
Edouard@775	437	return status;
Edouard@775	438	}
Edouard@775	439	}
Edouard@775	440	else if (status != PEP_STATUS_OK)
Edouard@775	441	{
Edouard@695	442	return status;
Edouard@695	443	}
Edouard@695	444	}
Edouard@560	445
Edouard@695	446	if (EMPTYSTR(identity->fpr) \|\| revoked)
Edouard@695	447	{
Edouard@695	448	if(revoked)
Edouard@695	449	{
Edouard@697	450	r_fpr = identity->fpr;
Edouard@697	451	identity->fpr = NULL;
Edouard@695	452	}
Edouard@560	453
vb@215	454	DEBUG_LOG("generating key pair", "debug", identity->address);
vb@0	455	status = generate_keypair(session, identity);
vb@0	456	assert(status != PEP_OUT_OF_MEMORY);
vb@0	457	if (status != PEP_STATUS_OK) {
vb@0	458	char buf[11];
vb@0	459	snprintf(buf, 11, "%d", status);
vb@215	460	DEBUG_LOG("generating key pair failed", "debug", buf);
Edouard@695	461	if(revoked && r_fpr)
Edouard@695	462	free(r_fpr);
vb@0	463	return status;
vb@0	464	}
Edouard@560	465
Edouard@695	466	if(revoked)
Edouard@695	467	{
Edouard@695	468	status = set_revoked(session, r_fpr,
Edouard@695	469	identity->fpr, time(NULL));
Edouard@695	470	free(r_fpr);
Edouard@695	471	if (status != PEP_STATUS_OK) {
Edouard@695	472	return status;
Edouard@695	473	}
Edouard@371	474	}
vb@0	475	}
Edouard@560	476	else
Edouard@560	477	{
vb@214	478	bool expired;
Edouard@701	479	status = key_expired(session, identity->fpr,
Edouard@701	480	time(NULL) + (7243600), // In a week
Edouard@701	481	&expired);
Edouard@701	482
vb@214	483	assert(status == PEP_STATUS_OK);
Edouard@499	484	if (status != PEP_STATUS_OK) {
Edouard@588	485	return status;
Edouard@499	486	}
vb@214	487
vb@214	488	if (status == PEP_STATUS_OK && expired) {
vb@214	489	timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
Edouard@560	490	renew_key(session, identity->fpr, ts);
vb@214	491	free_timestamp(ts);
vb@214	492	}
vb@214	493	}
vb@0	494
vb@0	495	status = set_identity(session, identity);
vb@0	496	assert(status == PEP_STATUS_OK);
Edouard@499	497	if (status != PEP_STATUS_OK) {
Edouard@588	498	return status;
Edouard@499	499	}
vb@0	500
vb@0	501	return PEP_STATUS_OK;
Edouard@499	502
vb@0	503	}
vb@0	504
vb@296	505	DYNAMIC_API PEP_STATUS register_examine_function(
vb@292	506	PEP_SESSION session,
vb@292	507	examine_identity_t examine_identity,
vb@292	508	void *management
vb@292	509	)
vb@292	510	{
vb@292	511	assert(session);
vb@292	512	if (!session)
vb@292	513	return PEP_ILLEGAL_VALUE;
vb@292	514
vb@292	515	session->examine_management = management;
vb@292	516	session->examine_identity = examine_identity;
vb@292	517
vb@292	518	return PEP_STATUS_OK;
vb@292	519	}
vb@292	520
vb@0	521	DYNAMIC_API PEP_STATUS do_keymanagement(
vb@0	522	retrieve_next_identity_t retrieve_next_identity,
vb@0	523	void *management
vb@0	524	)
vb@0	525	{
vb@0	526	PEP_SESSION session;
vb@0	527	pEp_identity *identity;
Edouard@499	528	PEP_STATUS status;
vb@0	529
vb@24	530	assert(retrieve_next_identity);
vb@24	531	assert(management);
vb@24	532
Edouard@499	533	if (!retrieve_next_identity \|\| !management)
Edouard@499	534	return PEP_ILLEGAL_VALUE;
Edouard@499	535
Edouard@499	536	status = init(&session);
Edouard@499	537	assert(status == PEP_STATUS_OK);
Edouard@499	538	if (status != PEP_STATUS_OK)
Edouard@499	539	return status;
Edouard@499	540
vb@0	541	log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
vb@0	542
Edouard@499	543	while ((identity = retrieve_next_identity(management)))
Edouard@499	544	{
vb@0	545	assert(identity->address);
Edouard@499	546	if(identity->address)
Edouard@499	547	{
Edouard@499	548	DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
Edouard@499	549
Edouard@499	550	if (identity->me) {
Edouard@499	551	status = myself(session, identity);
Edouard@499	552	} else {
Edouard@499	553	status = recv_key(session, identity->address);
Edouard@499	554	}
Edouard@499	555
vb@0	556	assert(status != PEP_OUT_OF_MEMORY);
Edouard@499	557	if(status == PEP_OUT_OF_MEMORY)
Edouard@499	558	return PEP_OUT_OF_MEMORY;
vb@0	559	}
vb@0	560	free_identity(identity);
vb@0	561	}
vb@0	562
vb@0	563	log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
vb@0	564
vb@0	565	release(session);
vb@0	566	return PEP_STATUS_OK;
vb@0	567	}
vb@0	568
vb@357	569	DYNAMIC_API PEP_STATUS key_compromized(
vb@357	570	PEP_SESSION session,
vb@357	571	pEp_identity *ident
vb@357	572	)
vb@215	573	{
vb@218	574	PEP_STATUS status = PEP_STATUS_OK;
vb@218	575
vb@215	576	assert(session);
vb@357	577	assert(ident);
Edouard@439	578	assert(!EMPTYSTR(ident->fpr));
vb@215	579
vb@357	580	if (!(session && ident && ident->fpr))
vb@215	581	return PEP_ILLEGAL_VALUE;
vb@215	582
vb@357	583	if (ident->me)
Edouard@697	584	{
vb@357	585	revoke_key(session, ident->fpr, NULL);
Edouard@697	586	myself(session, ident);
Edouard@697	587	}
Edouard@697	588	else
Edouard@697	589	{
Edouard@697	590	status = mark_as_compromized(session, ident->fpr);
Edouard@697	591	}
vb@218	592
vb@218	593	return status;
vb@215	594	}
vb@215	595
Edouard@410	596	DYNAMIC_API PEP_STATUS key_reset_trust(
Edouard@410	597	PEP_SESSION session,
Edouard@410	598	pEp_identity *ident
Edouard@410	599	)
Edouard@410	600	{
Edouard@410	601	PEP_STATUS status = PEP_STATUS_OK;
Edouard@410	602
Edouard@410	603	assert(session);
Edouard@410	604	assert(ident);
vb@420	605	assert(!ident->me);
Edouard@439	606	assert(!EMPTYSTR(ident->fpr));
Edouard@439	607	assert(!EMPTYSTR(ident->address));
Edouard@439	608	assert(!EMPTYSTR(ident->user_id));
Edouard@410	609
vb@420	610	if (!(session && ident && !ident->me && ident->fpr && ident->address &&
vb@420	611	ident->user_id))
Edouard@410	612	return PEP_ILLEGAL_VALUE;
Edouard@410	613
vb@420	614	status = update_identity(session, ident);
vb@420	615	if (status != PEP_STATUS_OK)
vb@420	616	return status;
Edouard@410	617
Edouard@442	618	if (ident->comm_type == PEP_ct_mistrusted)
vb@421	619	ident->comm_type = PEP_ct_unknown;
vb@421	620	else
vb@421	621	ident->comm_type &= ~PEP_ct_confirmed;
vb@421	622
vb@420	623	status = set_identity(session, ident);
vb@421	624	if (status != PEP_STATUS_OK)
vb@421	625	return status;
vb@421	626
vb@422	627	if (ident->comm_type == PEP_ct_unknown)
vb@422	628	status = update_identity(session, ident);
Edouard@410	629	return status;
Edouard@410	630	}
Edouard@410	631
vb@354	632	DYNAMIC_API PEP_STATUS trust_personal_key(
vb@354	633	PEP_SESSION session,
vb@354	634	pEp_identity *ident
vb@354	635	)
vb@354	636	{
vb@354	637	PEP_STATUS status = PEP_STATUS_OK;
vb@354	638
vb@354	639	assert(session);
vb@354	640	assert(ident);
Edouard@439	641	assert(!EMPTYSTR(ident->address));
Edouard@439	642	assert(!EMPTYSTR(ident->user_id));
Edouard@439	643	assert(!EMPTYSTR(ident->fpr));
vb@354	644	assert(!ident->me);
vb@354	645
Edouard@439	646	if (!ident \|\| EMPTYSTR(ident->address) \|\| EMPTYSTR(ident->user_id) \|\|
Edouard@439	647	EMPTYSTR(ident->fpr) \|\| ident->me)
vb@354	648	return PEP_ILLEGAL_VALUE;
vb@354	649
vb@354	650	status = update_identity(session, ident);
vb@354	651	if (status != PEP_STATUS_OK)
vb@354	652	return status;
vb@354	653
vb@356	654	if (ident->comm_type > PEP_ct_strong_but_unconfirmed) {
vb@356	655	ident->comm_type \|= PEP_ct_confirmed;
Edouard@488	656	status = set_identity(session, ident);
vb@356	657	}
vb@356	658	else {
vb@356	659	// MISSING: S/MIME has to be handled depending on trusted CAs
vb@370	660	status = PEP_CANNOT_SET_TRUST;
vb@356	661	}
vb@354	662
vb@354	663	return status;
vb@354	664	}
vb@354	665
Edouard@584	666	DYNAMIC_API PEP_STATUS own_key_is_listed(
vb@955	667	PEP_SESSION session,
vb@955	668	const char *fpr,
vb@955	669	bool *listed
vb@955	670	)
Edouard@584	671	{
Edouard@584	672	PEP_STATUS status = PEP_STATUS_OK;
Edouard@584	673	int count;
Edouard@584	674
Edouard@584	675	assert(session && fpr && fpr[0] && listed);
Edouard@584	676
Edouard@584	677	if (!(session && fpr && fpr[0] && listed))
Edouard@584	678	return PEP_ILLEGAL_VALUE;
Edouard@584	679
Edouard@584	680	*listed = false;
Edouard@584	681
Edouard@584	682	sqlite3_reset(session->own_key_is_listed);
Edouard@584	683	sqlite3_bind_text(session->own_key_is_listed, 1, fpr, -1, SQLITE_STATIC);
Edouard@584	684
Edouard@584	685	int result;
Edouard@584	686
Edouard@584	687	result = sqlite3_step(session->own_key_is_listed);
Edouard@584	688	switch (result) {
Edouard@584	689	case SQLITE_ROW:
Edouard@584	690	count = sqlite3_column_int(session->own_key_is_listed, 0);
Edouard@584	691	*listed = count > 0;
Edouard@584	692	status = PEP_STATUS_OK;
Edouard@584	693	break;
Edouard@584	694
Edouard@584	695	default:
Edouard@584	696	status = PEP_UNKNOWN_ERROR;
Edouard@584	697	}
Edouard@584	698
Edouard@584	699	sqlite3_reset(session->own_key_is_listed);
Edouard@584	700	return status;
Edouard@584	701	}
Edouard@584	702
vb@955	703	DYNAMIC_API PEP_STATUS own_identities_retrieve(
vb@955	704	PEP_SESSION session,
vb@955	705	identity_list **own_identities
vb@955	706	)
Edouard@584	707	{
Edouard@584	708	PEP_STATUS status = PEP_STATUS_OK;
Edouard@584	709
vb@955	710	assert(session && own_identities);
vb@955	711	if (!(session && own_identities))
Edouard@584	712	return PEP_ILLEGAL_VALUE;
Edouard@584	713
vb@955	714	*own_identities = NULL;
vb@955	715	identity_list *_own_identities = new_identity_list(NULL);
vb@955	716	if (_own_identities == NULL)
Edouard@584	717	goto enomem;
Edouard@584	718
vb@955	719	sqlite3_reset(session->own_identities_retrieve);
Edouard@584	720
Edouard@584	721	int result;
vb@955	722	// address, fpr, username, user_id, comm_type, lang, flags
vb@955	723	const char *address = NULL;
Edouard@584	724	const char *fpr = NULL;
vb@955	725	const char *username = NULL;
vb@955	726	const char *user_id = NULL;
vb@955	727	PEP_comm_type comm_type = PEP_ct_unknown;
vb@955	728	const char *lang = NULL;
vb@955	729	unsigned int flags = 0;
Edouard@584	730
vb@955	731	identity_list *_bl = _own_identities;
Edouard@584	732	do {
vb@955	733	result = sqlite3_step(session->own_identities_retrieve);
Edouard@584	734	switch (result) {
Edouard@584	735	case SQLITE_ROW:
vb@955	736	address = (const char *)
vb@955	737	sqlite3_column_text(session->own_identities_retrieve, 0);
vb@955	738	fpr = (const char *)
vb@955	739	sqlite3_column_text(session->own_identities_retrieve, 1);
vb@955	740	username = (const char *)
vb@955	741	sqlite3_column_text(session->own_identities_retrieve, 2);
vb@955	742	user_id = (const char *)
vb@955	743	sqlite3_column_text(session->own_identities_retrieve, 3);
vb@955	744	comm_type = (PEP_comm_type)
vb@955	745	sqlite3_column_int(session->own_key_is_listed, 4);
vb@955	746	lang = (const char *)
vb@955	747	sqlite3_column_text(session->own_identities_retrieve, 5);
vb@955	748	flags = (unsigned int)
vb@955	749	sqlite3_column_int(session->own_key_is_listed, 6);
vb@955	750
vb@955	751	pEp_identity *ident = new_identity(address, fpr, username, user_id);
vb@955	752	ident->comm_type = comm_type;
vb@955	753	if (lang && lang[0]) {
vb@955	754	ident->lang[0] = lang[0];
vb@955	755	ident->lang[1] = lang[1];
vb@955	756	}
vb@955	757	ident->flags = flags;
vb@955	758
vb@955	759	_bl = identity_list_add(_bl, ident);
Edouard@584	760	if (_bl == NULL)
Edouard@584	761	goto enomem;
Edouard@584	762
Edouard@584	763	break;
Edouard@584	764
Edouard@584	765	case SQLITE_DONE:
Edouard@584	766	break;
Edouard@584	767
Edouard@584	768	default:
Edouard@584	769	status = PEP_UNKNOWN_ERROR;
Edouard@584	770	result = SQLITE_DONE;
Edouard@584	771	}
Edouard@584	772	} while (result != SQLITE_DONE);
Edouard@584	773
vb@955	774	sqlite3_reset(session->own_identities_retrieve);
Edouard@584	775	if (status == PEP_STATUS_OK)
vb@955	776	*own_identities = _own_identities;
Edouard@584	777	else
vb@955	778	free_identity_list(_own_identities);
Edouard@584	779
Edouard@584	780	goto the_end;
Edouard@584	781
Edouard@584	782	enomem:
vb@955	783	free_identity_list(_own_identities);
Edouard@584	784	status = PEP_OUT_OF_MEMORY;
Edouard@584	785
Edouard@584	786	the_end:
Edouard@584	787	return status;
Edouard@584	788	}
vb@955	789

author	Volker Birk <vb@pep.foundation>
	Sat, 20 Aug 2016 15:29:43 +0200
branch	keysync
changeset 1044	10a56596be7d
parent 1043	f786ee22e281
child 1068	594c1498a4fb
permissions	-rw-r--r--