repos/pEpEngine: src/pgp_netpgp.c@112fadcf74b9 (annotated)

Edouard@174	1	#include "pEp_internal.h"
Edouard@174	2	#include "pgp_netpgp.h"
Edouard@174	3
Edouard@174	4	#include <limits.h>
Edouard@174	5
Edouard@174	6	#include "wrappers.h"
Edouard@174	7
Edouard@174	8	#include <netpgp.h>
Edouard@179	9	#include <netpgp/config.h>
Edouard@179	10	#include <netpgp/memory.h>
Edouard@179	11	#include <netpgp/crypto.h>
Edouard@179	12
Edouard@174	13	PEP_STATUS pgp_init(PEP_SESSION session, bool in_first)
Edouard@174	14	{
Edouard@179	15	netpgp_t *netpgp;
Edouard@174	16	PEP_STATUS status = PEP_STATUS_OK;
Edouard@175	17	const char *home = NULL;
Edouard@179	18
Edouard@179	19	assert(session);
Edouard@179	20	if(!session) return PEP_UNKNOWN_ERROR;
Edouard@179	21
Edouard@179	22	netpgp = &session->ctx;
Edouard@174	23
Edouard@174	24	if (in_first) {
Edouard@175	25	if (strcmp(setlocale(LC_ALL, NULL), "C") == 0)
Edouard@175	26	setlocale(LC_ALL, "");
Edouard@174	27	}
Edouard@174	28
Edouard@179	29	memset(netpgp, 0x0, sizeof(session->ctx));
Edouard@174	30
Edouard@175	31	// NetPGP shares home with GPG
Edouard@175	32	home = gpg_home();
Edouard@175	33	if(home){
Edouard@179	34	netpgp_set_homedir(netpgp,(char*)home, NULL, 0);
Edouard@175	35	}else{
Edouard@175	36	status = PEP_INIT_NO_GPG_HOME;
Edouard@175	37	goto pep_error;
Edouard@174	38	}
Edouard@174	39
Edouard@175	40	// pair with gpg's cert-digest-algo
Edouard@179	41	netpgp_setvar(netpgp, "hash", "SHA256");
Edouard@175	42
Edouard@175	43	// subset of gpg's personal-cipher-preferences
Edouard@175	44	// here only one cipher can be selected
Edouard@179	45	netpgp_setvar(netpgp, "cipher", "AES256");
Edouard@175	46
Edouard@179	47	if (!netpgp_init(netpgp)) {
Edouard@175	48	status = PEP_INIT_NETPGP_INIT_FAILED;
Edouard@174	49	goto pep_error;
Edouard@174	50	}
Edouard@174	51
Edouard@174	52	return PEP_STATUS_OK;
Edouard@174	53
Edouard@174	54	pep_error:
Edouard@174	55	pgp_release(session, in_first);
Edouard@174	56	return status;
Edouard@174	57	}
Edouard@174	58
Edouard@174	59	void pgp_release(PEP_SESSION session, bool out_last)
Edouard@174	60	{
Edouard@179	61	netpgp_t *netpgp;
Edouard@179	62
Edouard@179	63	assert(session);
Edouard@179	64	if(!session) return;
Edouard@179	65
Edouard@179	66	netpgp = &session->ctx;
Edouard@179	67
Edouard@179	68	netpgp_end(netpgp);
Edouard@179	69	memset(netpgp, 0x0, sizeof(session->ctx));
Edouard@174	70
Edouard@175	71	// out_last unused here
Edouard@174	72	}
Edouard@174	73
Edouard@174	74	PEP_STATUS pgp_decrypt_and_verify(
Edouard@174	75	PEP_SESSION session, const char *ctext, size_t csize,
Edouard@174	76	char *ptext, size_t psize, stringlist_t **keylist
Edouard@174	77	)
Edouard@174	78	{
Edouard@179	79	netpgp_t *netpgp;
Edouard@179	80	pgp_memory_t *mem;
Edouard@179	81	pgp_io_t *io;
Edouard@179	82
Edouard@174	83	PEP_STATUS result;
Edouard@174	84	stringlist_t *_keylist = NULL;
Edouard@174	85	int i_key = 0;
Edouard@174	86
Edouard@174	87	assert(session);
Edouard@174	88	assert(ctext);
Edouard@174	89	assert(csize);
Edouard@174	90	assert(ptext);
Edouard@174	91	assert(psize);
Edouard@174	92	assert(keylist);
Edouard@174	93
Edouard@179	94	if(!session \|\| !ctext \|\| !csize \|\| !ptext \|\| !psize \|\| !keylist)
Edouard@179	95	return PEP_UNKNOWN_ERROR;
Edouard@179	96
Edouard@179	97	netpgp = &session->ctx;
Edouard@179	98	io = netpgp->io;
Edouard@179	99
Edouard@174	100	*ptext = NULL;
Edouard@174	101	*psize = 0;
Edouard@174	102	*keylist = NULL;
Edouard@174	103
Edouard@179	104	mem = pgp_decrypt_buf(netpgp->io, ctext, csize,
Edouard@179	105	netpgp->secring, netpgp->pubring,
Edouard@179	106	1 /* armoured */,
Edouard@179	107	0 /* sshkeys */,
Edouard@179	108	NULL, 0, NULL /* pass fp,attempts,cb */);
Edouard@179	109	if (mem == NULL) {
Edouard@179	110	return PEP_OUT_OF_MEMORY;
Edouard@179	111	}
Edouard@179	112
Edouard@179	113	*psize = pgp_mem_len(mem);
Edouard@179	114	if ((ptext = calloc(1, *psize)) == NULL) {
Edouard@179	115	return PEP_OUT_OF_MEMORY;
Edouard@179	116	}
Edouard@179	117	memcpy(ptext, pgp_mem_data(mem), psize);
Edouard@179	118	pgp_memory_free(mem);
Edouard@179	119
Edouard@179	120	result = PEP_DECRYPTED;
Edouard@179	121
Edouard@174	122	/* if recognized */
Edouard@174	123	/* decrypt */
Edouard@174	124	/* if OK, verify */
Edouard@174	125	/*
Edouard@174	126	result = PEP_DECRYPTED_AND_VERIFIED;
Edouard@174	127	result = PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH;
Edouard@174	128	result = PEP_DECRYPTED;
Edouard@174	129	result = PEP_DECRYPT_WRONG_FORMAT;
Edouard@174	130	result = PEP_DECRYPT_NO_KEY;
Edouard@174	131	return PEP_OUT_OF_MEMORY;
Edouard@174	132	*/
Edouard@179	133	//result = PEP_UNKNOWN_ERROR;
Edouard@179	134	// stringlist_t *k;
Edouard@179	135	// _keylist = new_stringlist(NULL);
Edouard@179	136	// assert(_keylist);
Edouard@179	137	// if (_keylist == NULL) {
Edouard@179	138	// /* TODO */
Edouard@179	139	// return PEP_OUT_OF_MEMORY;
Edouard@179	140	// }
Edouard@179	141	// k = _keylist;
Edouard@179	142	// do {
Edouard@179	143	// k = stringlist_add(k, "SIGNATURE FPR"/TODO/);
Edouard@179	144	// } while (0 /* TODO sign next*/);
Edouard@174	145
Edouard@174	146	return result;
Edouard@174	147	}
Edouard@174	148
Edouard@174	149	PEP_STATUS pgp_verify_text(
Edouard@174	150	PEP_SESSION session, const char *text, size_t size,
Edouard@174	151	const char signature, size_t sig_size, stringlist_t *keylist
Edouard@174	152	)
Edouard@174	153	{
Edouard@174	154	PEP_STATUS result;
Edouard@174	155	stringlist_t *_keylist;
Edouard@174	156
Edouard@174	157	assert(session);
Edouard@174	158	assert(text);
Edouard@174	159	assert(size);
Edouard@174	160	assert(signature);
Edouard@174	161	assert(sig_size);
Edouard@174	162	assert(keylist);
Edouard@174	163
Edouard@174	164	*keylist = NULL;
Edouard@174	165	/* if OK, verify */
Edouard@174	166	stringlist_t *k;
Edouard@174	167	k = _keylist;
Edouard@174	168	result = PEP_VERIFIED;
Edouard@174	169	do {
Edouard@174	170	k = stringlist_add(k, "TODO");
Edouard@174	171	if (k == NULL) {
Edouard@174	172	free_stringlist(_keylist);
Edouard@174	173	/* TODO */
Edouard@174	174	return PEP_OUT_OF_MEMORY;
Edouard@174	175	}
Edouard@174	176	} while (0 /TODO/);
Edouard@174	177	*keylist = _keylist;
Edouard@174	178	/*
Edouard@174	179	result = PEP_UNENCRYPTED;
Edouard@174	180	result = PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH;
Edouard@174	181	result = PEP_VERIFIED_AND_TRUSTED;
Edouard@174	182	result = PEP_VERIFY_NO_KEY;
Edouard@174	183	result = PEP_UNENCRYPTED;
Edouard@174	184	result = PEP_DECRYPT_WRONG_FORMAT;
Edouard@174	185	return PEP_OUT_OF_MEMORY;
Edouard@174	186	*/
Edouard@174	187	result = PEP_UNKNOWN_ERROR;
Edouard@174	188
Edouard@174	189	return result;
Edouard@174	190	}
Edouard@174	191
Edouard@174	192	PEP_STATUS pgp_encrypt_and_sign(
Edouard@174	193	PEP_SESSION session, const stringlist_t keylist, const char ptext,
Edouard@174	194	size_t psize, char *ctext, size_t csize
Edouard@174	195	)
Edouard@174	196	{
Edouard@174	197	PEP_STATUS result;
Edouard@174	198	const stringlist_t *_keylist;
Edouard@174	199	int i, j;
Edouard@174	200
Edouard@174	201	assert(session);
Edouard@174	202	assert(keylist);
Edouard@174	203	assert(ptext);
Edouard@174	204	assert(psize);
Edouard@174	205	assert(ctext);
Edouard@174	206	assert(csize);
Edouard@174	207
Edouard@174	208	*ctext = NULL;
Edouard@174	209	*csize = 0;
Edouard@174	210
Edouard@174	211	for (_keylist = keylist, i = 0; _keylist != NULL; _keylist = _keylist->next, i++) {
Edouard@174	212	assert(_keylist->value);
Edouard@174	213	/* TODO */
Edouard@174	214	/* get key from _keylist->value */
Edouard@174	215	/* add key to recipients/signers */
Edouard@174	216	}
Edouard@174	217
Edouard@174	218	/* Do encrypt and sign */
Edouard@175	219	char *_buffer = NULL;
Edouard@175	220	size_t length = /* TODO length*/ 0;
Edouard@175	221	assert(length != -1);
Edouard@174	222
Edouard@175	223	/* Allocate transferable buffer */
Edouard@175	224	_buffer = malloc(length + 1);
Edouard@175	225	assert(_buffer);
Edouard@175	226	if (_buffer == NULL) {
Edouard@175	227	/* TODO clean */
Edouard@175	228	return PEP_OUT_OF_MEMORY;
Edouard@174	229	}
Edouard@174	230
Edouard@175	231	*ctext = _buffer;
Edouard@175	232	*csize = length;
Edouard@175	233	(ctext)[csize] = 0; // safeguard for naive users
Edouard@175	234	result = PEP_STATUS_OK;
Edouard@175	235
Edouard@174	236
Edouard@175	237	result = PEP_UNKNOWN_ERROR;
Edouard@174	238	return result;
Edouard@174	239	}
Edouard@174	240
Edouard@174	241	PEP_STATUS pgp_generate_keypair(
Edouard@174	242	PEP_SESSION session, pEp_identity *identity
Edouard@174	243	)
Edouard@174	244	{
Edouard@174	245	char *parms;
Edouard@174	246	const char *template =
Edouard@174	247	"Key-Type: RSA\n"
Edouard@174	248	"Key-Length: 4096\n"
Edouard@174	249	"Name-Real: %s\n"
Edouard@174	250	"Name-Email: %s\n"
Edouard@174	251	/* "Passphrase: %s\n" */
Edouard@174	252	"Expire-Date: 1y\n";
Edouard@174	253	int result;
Edouard@174	254
Edouard@174	255	assert(session);
Edouard@174	256	assert(identity);
Edouard@174	257	assert(identity->address);
Edouard@174	258	assert(identity->fpr == NULL);
Edouard@174	259	assert(identity->username);
Edouard@174	260
Edouard@174	261	parms = calloc(1, PARMS_MAX);
Edouard@174	262	assert(parms);
Edouard@174	263	if (parms == NULL)
Edouard@174	264	return PEP_OUT_OF_MEMORY;
Edouard@174	265
Edouard@174	266	result = snprintf(parms, PARMS_MAX, template, identity->username,
Edouard@174	267	identity->address);
Edouard@174	268	assert(result < PARMS_MAX);
Edouard@174	269	if (result >= PARMS_MAX) {
Edouard@174	270	free(parms);
Edouard@174	271	return PEP_BUFFER_TOO_SMALL;
Edouard@174	272	}
Edouard@174	273
Edouard@174	274	/* TODO generate key */
Edouard@174	275
Edouard@174	276	free(parms);
Edouard@174	277
Edouard@174	278	return PEP_UNKNOWN_ERROR;
Edouard@174	279	return PEP_ILLEGAL_VALUE;
Edouard@174	280	return PEP_CANNOT_CREATE_KEY;
Edouard@174	281
Edouard@174	282	identity->fpr = strdup("TODO generated key fpr");
Edouard@174	283
Edouard@174	284	return PEP_STATUS_OK;
Edouard@174	285	}
Edouard@174	286
Edouard@174	287	PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr)
Edouard@174	288	{
Edouard@174	289	assert(session);
Edouard@174	290	assert(fpr);
Edouard@174	291
Edouard@174	292	/* TODO get key with given fpr */
Edouard@174	293	return PEP_KEY_NOT_FOUND;
Edouard@174	294	return PEP_ILLEGAL_VALUE;
Edouard@174	295	return PEP_KEY_HAS_AMBIG_NAME;
Edouard@174	296	return PEP_OUT_OF_MEMORY;
Edouard@174	297	return PEP_UNKNOWN_ERROR;
Edouard@174	298
Edouard@174	299	/* TODO delete that key */
Edouard@174	300	return PEP_UNKNOWN_ERROR;
Edouard@174	301	return PEP_KEY_NOT_FOUND;
Edouard@174	302	return PEP_KEY_HAS_AMBIG_NAME;
Edouard@174	303	return PEP_UNKNOWN_ERROR;
Edouard@174	304
Edouard@174	305	return PEP_STATUS_OK;
Edouard@174	306	}
Edouard@174	307
Edouard@179	308	PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data, size_t size)
Edouard@174	309	{
Edouard@174	310	assert(session);
Edouard@174	311	assert(key_data);
Edouard@174	312
Edouard@174	313	/* TODO import */
Edouard@174	314	return PEP_UNKNOWN_ERROR;
Edouard@174	315	return PEP_ILLEGAL_VALUE;
Edouard@174	316	return PEP_UNKNOWN_ERROR;
Edouard@174	317	return PEP_STATUS_OK;
Edouard@174	318	}
Edouard@174	319
Edouard@179	320	PEP_STATUS pgp_export_keydata(
Edouard@174	321	PEP_SESSION session, const char fpr, char key_data, size_t size
Edouard@174	322	)
Edouard@174	323	{
Edouard@174	324	size_t _size;
Edouard@174	325	char *buffer;
Edouard@174	326	int reading;
Edouard@174	327
Edouard@174	328	assert(session);
Edouard@174	329	assert(fpr);
Edouard@174	330	assert(key_data);
Edouard@174	331	assert(size);
Edouard@174	332
Edouard@174	333
Edouard@174	334	/* TODO export */
Edouard@174	335	return PEP_KEY_NOT_FOUND;
Edouard@174	336	return PEP_UNKNOWN_ERROR;
Edouard@174	337	return PEP_UNKNOWN_ERROR;
Edouard@174	338
Edouard@174	339	_size = /* TODO */ 0;
Edouard@174	340	assert(_size != -1);
Edouard@174	341
Edouard@174	342	buffer = malloc(_size + 1);
Edouard@174	343	assert(buffer);
Edouard@174	344	if (buffer == NULL) {
Edouard@174	345	/* TODO clean */
Edouard@174	346	return PEP_OUT_OF_MEMORY;
Edouard@174	347	}
Edouard@174	348
Edouard@174	349	// safeguard for the naive user
Edouard@174	350	buffer[_size] = 0;
Edouard@174	351
Edouard@174	352	*key_data = buffer;
Edouard@174	353	*size = _size;
Edouard@174	354
Edouard@174	355	return PEP_STATUS_OK;
Edouard@174	356	}
Edouard@174	357
Edouard@175	358	// "keyserver"
Edouard@175	359	// "hkp://keys.gnupg.net"
Edouard@174	360	PEP_STATUS pgp_recv_key(PEP_SESSION session, const char *pattern)
Edouard@174	361	{
Edouard@174	362	assert(session);
Edouard@174	363	assert(pattern);
Edouard@174	364
Edouard@174	365	/* TODO ask for key */
Edouard@174	366	return PEP_UNKNOWN_ERROR;
Edouard@174	367	return PEP_GET_KEY_FAILED;
Edouard@174	368
Edouard@174	369	do {
Edouard@174	370
Edouard@174	371	/* For each key */
Edouard@174	372	/* import key */
Edouard@174	373	} while (0);
Edouard@174	374
Edouard@174	375	return PEP_STATUS_OK;
Edouard@174	376	}
Edouard@174	377
Edouard@174	378	PEP_STATUS pgp_find_keys(
Edouard@174	379	PEP_SESSION session, const char pattern, stringlist_t *keylist
Edouard@174	380	)
Edouard@174	381	{
Edouard@174	382	stringlist_t *_keylist;
Edouard@174	383	char *fpr;
Edouard@174	384
Edouard@174	385	assert(session);
Edouard@174	386	assert(pattern);
Edouard@174	387	assert(keylist);
Edouard@174	388
Edouard@174	389	*keylist = NULL;
Edouard@174	390
Edouard@174	391	/* Ask for key */
Edouard@174	392	return PEP_UNKNOWN_ERROR;
Edouard@174	393	return PEP_GET_KEY_FAILED;
Edouard@174	394
Edouard@174	395	_keylist = new_stringlist(NULL);
Edouard@174	396	stringlist_t *_k = _keylist;
Edouard@174	397
Edouard@174	398	do {
Edouard@174	399	fpr = "TODO key->subkeys->fpr";
Edouard@174	400	assert(fpr);
Edouard@174	401	_k = stringlist_add(_k, fpr);
Edouard@174	402	assert(_k);
Edouard@174	403	if (_k == NULL){
Edouard@174	404	free_stringlist(_keylist);
Edouard@174	405	return PEP_OUT_OF_MEMORY;
Edouard@174	406	}
Edouard@174	407	} while (0);
Edouard@174	408
Edouard@174	409	*keylist = _keylist;
Edouard@174	410	return PEP_STATUS_OK;
Edouard@174	411	}
Edouard@174	412
Edouard@174	413	PEP_STATUS pgp_send_key(PEP_SESSION session, const char *pattern)
Edouard@174	414	{
Edouard@174	415	assert(session);
Edouard@174	416	assert(pattern);
Edouard@174	417
Edouard@174	418	/* TODO send key */
Edouard@174	419
Edouard@174	420	return PEP_CANNOT_SEND_KEY;
Edouard@174	421	return PEP_STATUS_OK;
Edouard@174	422	}
Edouard@174	423
Edouard@174	424
Edouard@174	425	PEP_STATUS pgp_get_key_rating(
Edouard@174	426	PEP_SESSION session,
Edouard@174	427	const char *fpr,
Edouard@174	428	PEP_comm_type *comm_type
Edouard@174	429	)
Edouard@174	430	{
Edouard@174	431	PEP_STATUS status = PEP_STATUS_OK;
Edouard@174	432
Edouard@174	433	assert(session);
Edouard@174	434	assert(fpr);
Edouard@174	435	assert(comm_type);
Edouard@174	436
Edouard@174	437	*comm_type = PEP_ct_unknown;
Edouard@174	438
Edouard@174	439	/* TODO get key from fpr */
Edouard@174	440	return PEP_UNKNOWN_ERROR;
Edouard@174	441	return PEP_GET_KEY_FAILED;
Edouard@174	442
Edouard@174	443	switch (/TODO key->protocol/ 4) {
Edouard@174	444	case /* TODO OpenPGP */0:
Edouard@174	445	case /* TODO DEFAULT */1:
Edouard@174	446	*comm_type = PEP_ct_OpenPGP_unconfirmed;
Edouard@174	447	break;
Edouard@174	448	case /* TODO CMS */2:
Edouard@174	449	*comm_type = PEP_ct_CMS_unconfirmed;
Edouard@174	450	break;
Edouard@174	451	default:
Edouard@174	452	*comm_type = PEP_ct_unknown;
Edouard@174	453	return PEP_STATUS_OK;
Edouard@174	454	}
Edouard@174	455
Edouard@174	456	for (; 1 == 0; /* Each subkeys */ ) {
Edouard@174	457	if (/* TODO length */0 < 1024)
Edouard@174	458	*comm_type = PEP_ct_key_too_short;
Edouard@174	459	else if (
Edouard@174	460	(
Edouard@174	461	( /* TODO pubkey_algo == RSA */ 0)
Edouard@174	462	\|\| (/* TODO pubkey_algo == RSA_E*/ 0)
Edouard@174	463	\|\| (/* TODO pubkey_algo == RSA_S*/ 0)
Edouard@174	464	)
Edouard@174	465	&& /* sk->length */0 == 1024
Edouard@174	466	)
Edouard@174	467	*comm_type = PEP_ct_OpenPGP_weak_unconfirmed;
Edouard@174	468
Edouard@174	469	if (/* TODO invalid */ 1) {
Edouard@174	470	*comm_type = PEP_ct_key_b0rken;
Edouard@174	471	break;
Edouard@174	472	}
Edouard@174	473	if (/* TODO expired */ 1) {
Edouard@174	474	*comm_type = PEP_ct_key_expired;
Edouard@174	475	break;
Edouard@174	476	}
Edouard@175	477	if (/* TODO revoked*/ 1) {
Edouard@174	478	*comm_type = PEP_ct_key_revoked;
Edouard@174	479	break;
Edouard@174	480	}
Edouard@174	481	}
Edouard@174	482	*comm_type = PEP_ct_unknown;
Edouard@174	483	return PEP_OUT_OF_MEMORY;
Edouard@174	484	return PEP_UNKNOWN_ERROR;
Edouard@174	485
Edouard@174	486
Edouard@174	487	return status;
Edouard@174	488	}

author	Edouard Tisserant
	Fri, 03 Apr 2015 15:41:59 +0200
changeset 179	112fadcf74b9
parent 175	59c8eabab690
child 180	6008e35e7735
permissions	-rw-r--r--