src/pEp_internal.h
author Damiano Boppart <damiano@pep-security.net>
Thu, 24 Aug 2017 15:05:08 +0200
branchENGINE-229
changeset 1997 2c10033e2ade
parent 1945 9503c962f746
child 2045 162803eb47e0
child 2047 a4d4320b09bc
permissions -rw-r--r--
Add make variable to select os-provided sqlite3 library
vb@1517
     1
// This file is under GNU General Public License 3.0
vb@1517
     2
// see LICENSE.txt
vb@1517
     3
vb@928
     4
#define PEP_ENGINE_VERSION "0.8.0"
vb@908
     5
vb@908
     6
// maximum attachment size to import as key 1MB, maximum of 20 attachments
vb@908
     7
vb@908
     8
#define MAX_KEY_SIZE (1024 * 1024)
vb@908
     9
#define MAX_KEYS_TO_IMPORT  20
vb@24
    10
vb@233
    11
// this is 20 trustwords with 79 chars max
vb@251
    12
#define MAX_TRUSTWORDS_SPACE (20 * 80)
vb@24
    13
vb@24
    14
// XML parameters string
vb@24
    15
#define PARMS_MAX 32768
vb@24
    16
vb@24
    17
// maximum busy wait time in ms
vb@24
    18
#define BUSY_WAIT_TIME 5000
vb@24
    19
vb@24
    20
// maximum line length for reading gpg.conf
vb@24
    21
#define MAX_LINELENGTH 1024
vb@24
    22
vb@24
    23
// default keyserver
vb@450
    24
#ifndef DEFAULT_KEYSERVER
vb@24
    25
#define DEFAULT_KEYSERVER "hkp://keys.gnupg.net"
vb@450
    26
#endif
vb@450
    27
vb@450
    28
// crashdump constants
vb@450
    29
#ifndef CRASHDUMP_DEFAULT_LINES
vb@450
    30
#define CRASHDUMP_DEFAULT_LINES 100
vb@450
    31
#endif
vb@450
    32
#define CRASHDUMP_MAX_LINES 32767
vb@24
    33
vb@130
    34
#include "platform.h"
vb@130
    35
vb@24
    36
#ifdef WIN32
vb@24
    37
#define LOCAL_DB windoze_local_db()
vb@24
    38
#define SYSTEM_DB windoze_system_db()
vb@24
    39
#define LIBGPGME "libgpgme-11.dll"
vb@24
    40
#else // UNIX
vb@24
    41
#define _POSIX_C_SOURCE 200809L
vb@24
    42
#include <dlfcn.h>
vb@24
    43
#define LOCAL_DB unix_local_db()
vb@24
    44
#ifndef SYSTEM_DB
vb@24
    45
#define SYSTEM_DB "/usr/share/pEp/system.db"
vb@24
    46
#endif
vb@24
    47
#ifndef LIBGPGME
vb@24
    48
#define LIBGPGME "libgpgme-pthread.so"
vb@24
    49
#endif
vb@24
    50
#endif
vb@24
    51
vb@24
    52
#include <locale.h>
vb@24
    53
#include <stdlib.h>
vb@24
    54
#include <string.h>
vb@24
    55
#include <assert.h>
vb@24
    56
#include <stdio.h>
edouard@1521
    57
#include <ctype.h>
vb@24
    58
damiano@1997
    59
#ifdef SQLITE3_FROM_OS
damiano@1997
    60
#include <sqlite3.h>
damiano@1997
    61
#else
vb@24
    62
#include "sqlite3.h"
damiano@1997
    63
#endif
vb@24
    64
vb@24
    65
#define _EXPORT_PEP_ENGINE_DLL
vb@24
    66
#include "pEpEngine.h"
Edouard@168
    67
Edouard@168
    68
// If not specified, build for GPG
Edouard@168
    69
#ifndef USE_NETPGP
Edouard@168
    70
#ifndef USE_GPG
Edouard@168
    71
#define USE_GPG
Edouard@168
    72
#endif
Edouard@168
    73
#endif
Edouard@168
    74
Edouard@168
    75
#ifdef USE_GPG
vb@24
    76
#include "pgp_gpg_internal.h"
vb@229
    77
#elif defined(USE_NETPGP)
Edouard@168
    78
#include "pgp_netpgp_internal.h"
vb@24
    79
#endif
vb@24
    80
vb@292
    81
#include "keymanagement.h"
vb@28
    82
#include "cryptotech.h"
vb@28
    83
#include "transport.h"
vb@604
    84
#include "sync.h"
vb@28
    85
vb@125
    86
#define NOT_IMPLEMENTED assert(0); return PEP_UNKNOWN_ERROR;
vb@24
    87
edouard@1603
    88
struct _pEpSession;
edouard@1603
    89
typedef struct _pEpSession pEpSession;
edouard@1603
    90
struct _pEpSession {
vb@24
    91
    const char *version;
Edouard@168
    92
#ifdef USE_GPG
vb@24
    93
    gpgme_ctx_t ctx;
vb@229
    94
#elif defined(USE_NETPGP)
Edouard@252
    95
    pEpNetPGPSession ctx;
vb@24
    96
#endif
vb@24
    97
vb@62
    98
    PEP_cryptotech_t *cryptotech;
vb@62
    99
    PEP_transport_t *transports;
vb@28
   100
vb@24
   101
    sqlite3 *db;
vb@24
   102
    sqlite3 *system_db;
vb@24
   103
vb@24
   104
    sqlite3_stmt *log;
vb@233
   105
    sqlite3_stmt *trustword;
vb@24
   106
    sqlite3_stmt *get_identity;
krista@1799
   107
    sqlite3_stmt *replace_identities_fpr;
vb@24
   108
    sqlite3_stmt *set_person;
edouard@1234
   109
    sqlite3_stmt *set_device_group;
edouard@1235
   110
    sqlite3_stmt *get_device_group;
vb@24
   111
    sqlite3_stmt *set_pgp_keypair;
vb@24
   112
    sqlite3_stmt *set_identity;
vb@932
   113
    sqlite3_stmt *set_identity_flags;
edouard@1394
   114
    sqlite3_stmt *unset_identity_flags;
vb@24
   115
    sqlite3_stmt *set_trust;
krista@1799
   116
    sqlite3_stmt *update_trust_for_fpr;
vb@24
   117
    sqlite3_stmt *get_trust;
vb@251
   118
    sqlite3_stmt *least_trust;
vb@357
   119
    sqlite3_stmt *mark_compromized;
Edouard@409
   120
    sqlite3_stmt *reset_trust;
vb@450
   121
    sqlite3_stmt *crashdump;
vb@458
   122
    sqlite3_stmt *languagelist;
vb@458
   123
    sqlite3_stmt *i18n_token;
fdik@494
   124
fdik@494
   125
    // blacklist
fdik@494
   126
    sqlite3_stmt *blacklist_add;
fdik@494
   127
    sqlite3_stmt *blacklist_delete;
fdik@494
   128
    sqlite3_stmt *blacklist_is_listed;
fdik@494
   129
    sqlite3_stmt *blacklist_retrieve;
Edouard@584
   130
    
Edouard@584
   131
    // Own keys
Edouard@584
   132
    sqlite3_stmt *own_key_is_listed;
vb@955
   133
    sqlite3_stmt *own_identities_retrieve;
edouard@1394
   134
    sqlite3_stmt *own_keys_retrieve;
edouard@1394
   135
    sqlite3_stmt *set_own_key;
vb@292
   136
vb@632
   137
    // sequence value
vb@633
   138
    sqlite3_stmt *sequence_value1;
vb@633
   139
    sqlite3_stmt *sequence_value2;
vb@1085
   140
    sqlite3_stmt *sequence_value3;
vb@632
   141
edouard@1236
   142
    // revoked keys
Edouard@693
   143
    sqlite3_stmt *set_revoked;
Edouard@693
   144
    sqlite3_stmt *get_revoked;
Edouard@693
   145
Edouard@693
   146
    // callbacks
vb@292
   147
    examine_identity_t examine_identity;
vb@292
   148
    void *examine_management;
edouard@1462
   149
    void *sync_management;
vb@599
   150
    void *sync_obj;
vb@604
   151
    messageToSend_t messageToSend;
edouard@1459
   152
    notifyHandshake_t notifyHandshake;
vb@1043
   153
    inject_sync_msg_t inject_sync_msg;
vb@1043
   154
    retrieve_next_sync_msg_t retrieve_next_sync_msg;
vb@464
   155
edouard@1236
   156
    // key sync
edouard@1603
   157
    pEpSession* sync_session;
vb@690
   158
    DeviceState_state sync_state;
edouard@1460
   159
    void* sync_state_payload;
edouard@1236
   160
    char sync_uuid[37];
edouard@1316
   161
    time_t LastCannotDecrypt;
edouard@1316
   162
    time_t LastUpdateRequest;
vb@690
   163
vb@464
   164
    // runtime config
vb@464
   165
vb@464
   166
    bool passive_mode;
vb@464
   167
    bool unencrypted_subject;
vb@1110
   168
    bool keep_sync_msg;
vb@1819
   169
    bool service_log;
Edouard@720
   170
    
roker@1722
   171
#ifdef DEBUG_ERRORSTACK
roker@1722
   172
    stringlist_t* errorstack;
roker@1722
   173
#endif
edouard@1603
   174
};
vb@48
   175
roker@1722
   176
vb@62
   177
PEP_STATUS init_transport_system(PEP_SESSION session, bool in_first);
vb@62
   178
void release_transport_system(PEP_SESSION session, bool out_last);
vb@48
   179
krista@1639
   180
/* NOT to be exposed to the outside!!! */
krista@1639
   181
PEP_STATUS encrypt_only(
krista@1639
   182
        PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
krista@1639
   183
        size_t psize, char **ctext, size_t *csize
krista@1639
   184
);
krista@1639
   185
vb@216
   186
#ifdef NDEBUG
vb@216
   187
#define DEBUG_LOG(TITLE, ENTITY, DESC)
vb@216
   188
#else
huss@1571
   189
#ifdef ANDROID
huss@1571
   190
#include <android/log.h>
vb@1819
   191
#define  LOG_MORE(...)  __android_log_print(ANDROID_LOG_DEBUG, "pEpEngine", " %s :: %s :: %s :: %s ", __VA_ARGS__);
edouard@1630
   192
#else
edouard@1630
   193
#include <stdio.h>
vb@1819
   194
#define  LOG_MORE(...)  fprintf(stderr, "pEpEngine DEBUG_LOG('%s','%s','%s','%s')\n", __VA_ARGS__);
huss@1571
   195
#endif
edouard@1630
   196
#define DEBUG_LOG(TITLE, ENTITY, DESC) {\
vb@1819
   197
    log_event(session, (TITLE), (ENTITY), (DESC), "debug " __FILE__ ":" S_LINE);\
vb@1819
   198
    LOG_MORE((TITLE), (ENTITY), (DESC), __FILE__ ":" S_LINE)\
edouard@1630
   199
}
vb@216
   200
#endif
vb@216
   201
edouard@1746
   202
typedef enum _normalize_hex_rest_t {
edouard@1746
   203
    accept_hex,
edouard@1746
   204
    ignore_hex,
edouard@1746
   205
    reject_hex
edouard@1746
   206
} normalize_hex_res_t;
edouard@1746
   207
edouard@1746
   208
static inline normalize_hex_res_t _normalize_hex(char *hex) 
edouard@1746
   209
{
edouard@1746
   210
    if (*hex >= '0' && *hex <= '9')
edouard@1746
   211
        return accept_hex;
edouard@1746
   212
edouard@1746
   213
    if (*hex >= 'A' && *hex <= 'F') {
edouard@1746
   214
        *hex += 'a' - 'A';
edouard@1746
   215
        return accept_hex;
edouard@1746
   216
    }
edouard@1746
   217
edouard@1746
   218
    if (*hex >= 'a' && *hex <= 'f') 
edouard@1746
   219
        return accept_hex;
edouard@1746
   220
edouard@1746
   221
    if (*hex == ' ') 
edouard@1746
   222
        return ignore_hex;
edouard@1746
   223
edouard@1746
   224
    return reject_hex;
edouard@1746
   225
}
edouard@1746
   226
edouard@1521
   227
// Space tolerant and case insensitive fingerprint string compare
edouard@1746
   228
static inline PEP_STATUS _compare_fprs(
edouard@1746
   229
        const char* fpra,
edouard@1746
   230
        size_t fpras,
edouard@1746
   231
        const char* fprb,
edouard@1746
   232
        size_t fprbs,
edouard@1746
   233
        int* comparison)
edouard@1746
   234
{
edouard@1746
   235
edouard@1746
   236
    size_t ai = 0;
edouard@1746
   237
    size_t bi = 0;
edouard@1746
   238
    size_t significant = 0;
edouard@1746
   239
    int _comparison = 0;
edouard@1746
   240
    const int _FULL_FINGERPRINT_LENGTH = 40;
edouard@1746
   241
   
edouard@1746
   242
    // First compare every non-ignored chars until an end is reached
edouard@1746
   243
    while(ai < fpras && bi < fprbs)
edouard@1746
   244
    {
edouard@1746
   245
        char fprac = fpra[ai];
edouard@1746
   246
        char fprbc = fprb[bi];
edouard@1746
   247
        normalize_hex_res_t fprah = _normalize_hex(&fprac);
edouard@1746
   248
        normalize_hex_res_t fprbh = _normalize_hex(&fprbc);
edouard@1746
   249
edouard@1746
   250
        if(fprah == reject_hex || fprbh == reject_hex)
edouard@1746
   251
            return PEP_ILLEGAL_VALUE;
edouard@1746
   252
edouard@1746
   253
        if ( fprah == ignore_hex )
edouard@1746
   254
        {
edouard@1746
   255
            ai++;
edouard@1746
   256
        }
edouard@1746
   257
        else if ( fprbh == ignore_hex )
edouard@1746
   258
        {
edouard@1746
   259
            bi++;
edouard@1746
   260
        }
edouard@1746
   261
        else
edouard@1746
   262
        {
edouard@1746
   263
            if(fprac != fprbc && _comparison == 0 )
edouard@1746
   264
            {
edouard@1746
   265
                _comparison = fprac > fprbc ? 1 : -1;
edouard@1746
   266
            }
edouard@1746
   267
edouard@1746
   268
            significant++;
edouard@1746
   269
            ai++;
edouard@1746
   270
            bi++;
edouard@1746
   271
edouard@1746
   272
        } 
edouard@1746
   273
    }
edouard@1746
   274
edouard@1746
   275
    // Bail out if we didn't got enough significnt chars
edouard@1746
   276
    if (significant != _FULL_FINGERPRINT_LENGTH )
edouard@1746
   277
        return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
edouard@1746
   278
edouard@1746
   279
    // Then purge remaining chars, all must be ignored chars
edouard@1746
   280
    while ( ai < fpras )
edouard@1746
   281
    {
edouard@1746
   282
        char fprac = fpra[ai];
edouard@1746
   283
        normalize_hex_res_t fprah = _normalize_hex(&fprac);
edouard@1746
   284
        if( fprah == reject_hex )
edouard@1746
   285
            return PEP_ILLEGAL_VALUE;
edouard@1746
   286
        if ( fprah != ignore_hex )
edouard@1746
   287
            return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
edouard@1746
   288
        ai++;
edouard@1746
   289
    }
edouard@1746
   290
    while ( bi < fprbs )
edouard@1746
   291
    {
edouard@1746
   292
        char fprbc = fprb[bi];
edouard@1746
   293
        normalize_hex_res_t fprbh = _normalize_hex(&fprbc);
edouard@1746
   294
        if( fprbh == reject_hex )
edouard@1746
   295
            return PEP_ILLEGAL_VALUE;
edouard@1746
   296
        if ( fprbh != ignore_hex )
edouard@1746
   297
            return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
edouard@1746
   298
        bi++;
edouard@1746
   299
    }
edouard@1746
   300
edouard@1746
   301
    *comparison = _comparison;
edouard@1746
   302
    return PEP_STATUS_OK;
edouard@1746
   303
}
edouard@1746
   304
edouard@1521
   305
static inline int _same_fpr(
edouard@1521
   306
        const char* fpra,
edouard@1521
   307
        size_t fpras,
edouard@1521
   308
        const char* fprb,
edouard@1521
   309
        size_t fprbs
edouard@1521
   310
    )
edouard@1521
   311
{
edouard@1746
   312
    // illegal values are ignored, and considered not same.
edouard@1746
   313
    int comparison = 1;
edouard@1746
   314
edouard@1746
   315
    _compare_fprs(fpra, fpras, fprb, fprbs, &comparison);
edouard@1746
   316
edouard@1746
   317
    return comparison == 0;
edouard@1521
   318
}
roker@1722
   319
edouard@1945
   320
static inline bool _identity_me(
edouard@1945
   321
        pEp_identity * identity
edouard@1945
   322
    )
edouard@1945
   323
{
edouard@1945
   324
    return identity->user_id && strcmp(identity->user_id, PEP_OWN_USERID) == 0;
edouard@1945
   325
}
roker@1722
   326
roker@1722
   327
#ifdef DEBUG_ERRORSTACK
roker@1722
   328
    PEP_STATUS session_add_error(PEP_SESSION session, const char* file, unsigned line, PEP_STATUS status);
roker@1853
   329
    #define ADD_TO_LOG(status)   session_add_error(session, __FILE__, __LINE__, (status))
roker@1853
   330
    #define GOTO(label)          do{ (void)session_add_error(session, __FILE__, __LINE__, status); goto label; }while(0)
roker@1722
   331
#else
roker@1853
   332
    #define ADD_TO_LOG(status)   (status)
roker@1853
   333
    #define GOTO(label)          goto label
roker@1722
   334
#endif