repos/pEpEngine: src/keymanagement.c@de5b5578fc16 (annotated)

vb@1517	1	// This file is under GNU General Public License 3.0
vb@1517	2	// see LICENSE.txt
vb@1517	3
vb@130	4	#include "platform.h"
vb@0	5
vb@0	6	#include <string.h>
vb@0	7	#include <stdio.h>
vb@0	8	#include <stdlib.h>
vb@0	9	#include <assert.h>
Edouard@512	10	#include <ctype.h>
vb@0	11
vb@217	12	#include "pEp_internal.h"
vb@0	13	#include "keymanagement.h"
vb@0	14
krista@2288	15	#include "sync_fsm.h"
krista@1253	16	#include "blacklist.h"
edouard@1195	17
Edouard@439	18	#ifndef EMPTYSTR
roker@500	19	#define EMPTYSTR(STR) ((STR) == NULL \|\| (STR)[0] == '\0')
vb@8	20	#endif
vb@8	21
vb@214	22	#define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)
vb@214	23
krista@2311	24
krista@2324	25	static bool key_matches_address(PEP_SESSION session, const char* address,
krista@2324	26	const char* fpr) {
krista@2324	27	if (!session \|\| !address \|\| !fpr)
krista@2324	28	return false;
krista@2324	29
krista@2324	30	bool retval = false;
krista@2324	31	stringlist_t *keylist = NULL;
krista@2324	32	PEP_STATUS status = find_keys(session, address, &keylist);
krista@2324	33	if (status == PEP_STATUS_OK && keylist) {
krista@2324	34	stringlist_t* curr = keylist;
krista@2324	35	if (curr->value) {
krista@2324	36	if (strcasecmp(curr->value, fpr)) {
krista@2324	37	retval = true;
krista@2324	38	break;
krista@2324	39	}
krista@2324	40	}
krista@2324	41	curr = curr->next;
krista@2324	42	}
krista@2324	43
krista@2324	44	free_stringlist(keylist);
krista@2324	45	return retval;
krista@2324	46	}
krista@2324	47
Edouard@774	48	PEP_STATUS elect_pubkey(
Edouard@755	49	PEP_SESSION session, pEp_identity * identity
Edouard@755	50	)
Edouard@755	51	{
Edouard@755	52	PEP_STATUS status;
roker@1559	53	stringlist_t *keylist = NULL;
krista@1342	54	char *_fpr = "";
Edouard@755	55	identity->comm_type = PEP_ct_unknown;
Edouard@755	56
Edouard@755	57	status = find_keys(session, identity->address, &keylist);
Edouard@755	58	assert(status != PEP_OUT_OF_MEMORY);
Edouard@755	59	if (status == PEP_OUT_OF_MEMORY)
Edouard@755	60	return PEP_OUT_OF_MEMORY;
Edouard@755	61
Edouard@755	62	stringlist_t *_keylist;
Edouard@755	63	for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
Edouard@755	64	PEP_comm_type _comm_type_key;
Edouard@755	65
Edouard@755	66	status = get_key_rating(session, _keylist->value, &_comm_type_key);
Edouard@755	67	assert(status != PEP_OUT_OF_MEMORY);
Edouard@755	68	if (status == PEP_OUT_OF_MEMORY) {
Edouard@755	69	free_stringlist(keylist);
Edouard@755	70	return PEP_OUT_OF_MEMORY;
Edouard@755	71	}
Edouard@755	72
Edouard@755	73	if (_comm_type_key != PEP_ct_compromized &&
Edouard@755	74	_comm_type_key != PEP_ct_unknown)
Edouard@755	75	{
Edouard@755	76	if (identity->comm_type == PEP_ct_unknown \|\|
Edouard@755	77	_comm_type_key > identity->comm_type)
Edouard@755	78	{
krista@1275	79	bool blacklisted;
krista@1275	80	status = blacklist_is_listed(session, _keylist->value, &blacklisted);
krista@1275	81	if (status == PEP_STATUS_OK && !blacklisted) {
krista@1275	82	identity->comm_type = _comm_type_key;
krista@1275	83	_fpr = _keylist->value;
krista@1275	84	}
Edouard@755	85	}
Edouard@755	86	}
Edouard@755	87	}
krista@1342	88
krista@1342	89	// if (_fpr) {
krista@1342	90	free(identity->fpr);
Edouard@755	91
krista@1342	92	identity->fpr = strdup(_fpr);
krista@1342	93	if (identity->fpr == NULL) {
krista@1342	94	free_stringlist(keylist);
krista@1342	95	return PEP_OUT_OF_MEMORY;
Edouard@755	96	}
krista@1342	97	// }
Edouard@755	98	free_stringlist(keylist);
Edouard@755	99	return PEP_STATUS_OK;
Edouard@755	100	}
Edouard@755	101
krista@2311	102	static PEP_STATUS validate_fpr(PEP_SESSION session, pEp_identity* ident) {
krista@2311	103
krista@2324	104	if (!session \|\| !ident \|\| !ident->fpr)
krista@2324	105	return PEP_ILLEGAL_VALUE;
krista@2324	106
krista@2311	107	char* fpr = ident->fpr;
krista@2324	108
krista@2324	109	PEP_STATUS status = get_trust(session, ident);
krista@2324	110	if (status != PEP_STATUS_OK)
krista@2324	111	return ADD_TO_LOG(status);
krista@2324	112
krista@2311	113	bool done = false;
krista@2311	114
krista@2311	115	bool revoked, expired;
krista@2311	116	status = key_revoked(session, fpr, &revoked);
krista@2311	117
krista@2311	118	assert(status == PEP_STATUS_OK);
krista@2319	119	// switch (status) {
krista@2319	120	// case PEP_STATUS_OK:
krista@2319	121	// break;
krista@2319	122	// case PEP_KEY_NOT_FOUND:
krista@2319	123	// // Key not found in keyring
krista@2319	124	// case PEP_GET_KEY_FAILED:
krista@2319	125	// // other GPG error
krista@2319	126	// default:
krista@2319	127	// return status;
krista@2319	128	// }
krista@2319	129
krista@2311	130	if (status != PEP_STATUS_OK) {
krista@2319	131	return ADD_TO_LOG(status);
krista@2311	132	}
krista@2311	133
krista@2319	134	status = key_expired(session, fpr,
krista@2319	135	time(NULL), // NOW. For _myself, this is different.
krista@2311	136	&expired);
krista@2311	137
krista@2311	138	assert(status == PEP_STATUS_OK);
krista@2311	139	if (status != PEP_STATUS_OK)
krista@2319	140	return ADD_TO_LOG(status);
krista@2311	141
krista@2311	142	char* retval = fpr;
krista@2311	143
krista@2311	144	// FIXME: bits for pEp
krista@2311	145	if (ident->me && (ct == PEP_ct_pEp) && !revoked && expired) {
krista@2311	146	// extend key
krista@2311	147	timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
krista@2311	148	status = renew_key(session, fpr, ts);
krista@2311	149	free_timestamp(ts);
krista@2311	150
krista@2311	151	if (status == PEP_STATUS_OK) {
krista@2311	152	// if key is valid (second check because pEp key might be extended above)
krista@2311	153	// Return fpr
krista@2311	154	status = key_expired(session, fpr, &expired);
krista@2319	155	if (status != PEP_STATUS_OK)
krista@2319	156	return ADD_TO_LOG(status);
krista@2311	157	// communicate key(?)
krista@2311	158	done = true;
krista@2311	159	}
krista@2311	160	}
krista@2311	161
krista@2311	162	if (revoked)
krista@2311	163	ct = PEP_ct_revoked; // not to be stored. To be used here.
krista@2311	164	else if (expired)
krista@2311	165	ct = PEP_ct_expired;
krista@2311	166
krista@2311	167	switch (ct) {
krista@2311	168	case PEP_ct_key_expired:
krista@2311	169	case PEP_ct_key_revoked
krista@2311	170	case PEP_ct_key_b0rken:
krista@2311	171	// delete key from being default key for all users/identities
krista@2319	172	status = remove_fpr_as_default(session, fpr);
krista@2311	173	ident->fpr = NULL;
krista@2311	174	default:
krista@2311	175	break;
krista@2311	176	}
krista@2311	177
krista@2311	178	if (!(revoked \|\| expired \|\| !done))
krista@2311	179	return PEP_STATUS_OK;
krista@2311	180
krista@2311	181	return PEP_UNKNOWN_ERROR; // FIXME - better error
krista@2311	182	}
krista@2311	183
krista@2311	184	// Only call on retrieval of previously stored identity!
krista@2311	185	// Also, we presume that if the stored_identity was sent in
krista@2311	186	// without an fpr, there wasn't one in the trust DB for this
krista@2311	187	// identity.
krista@2311	188	PEP_STATUS get_valid_pubkey(PEP_STATUS session,
krista@2324	189	PEP_STATUS stored_identity,
krista@2324	190	bool* is_identity_default,
krista@2324	191	bool* is_user_default,
krista@2324	192	bool* is_address_default) {
krista@2311	193
krista@2311	194	PEP_STATUS status = PEP_STATUS_OK;
krista@2311	195
krista@2324	196	if (!stored_identity \|\| !stored_identity->user_id
krista@2324	197	\|\| !is_identity_default \|\| !is_user_default \|\| !is_address_default)
krista@2311	198	return PEP_ILLEGAL_VALUE;
krista@2311	199
krista@2324	200	is_identity_default = is_user_default = *is_address_default = false;
krista@2324	201
krista@2311	202	char* stored_fpr = stored_identity->fpr;
krista@2311	203	// Input: stored identity retrieved from database
krista@2311	204	// if stored identity contains a default key
krista@2311	205	if (stored_fpr) {
krista@2311	206	status = validate_fpr(session, stored_identity);
krista@2324	207	if (status == PEP_STATUS_OK && stored_identity->fpr) {
krista@2324	208	is_identity_default = is_address_default = true;
krista@2311	209	return status;
krista@2324	210	}
krista@2311	211	}
krista@2311	212	// if no valid default stored identity key found
krista@2324	213	free(stored_identity->fpr);
krista@2324	214	stored_identity->fpr = NULL;
krista@2324	215
krista@2311	216	// try to get default key for user_data
krista@2311	217	sqlite3_reset(session->get_user_default_key);
krista@2311	218	sqlite3_bind_text(session->get_user_default_key, 1, stored_identity->user_id,
krista@2311	219	-1, SQLITE_STATIC);
krista@2311	220
krista@2311	221	const int result = sqlite3_step(session->get_user_default_key);
krista@2324	222	const char* user_fpr = NULL;
krista@2311	223	if (result == SQLITE_ROW) {
krista@2311	224	user_fpr =
krista@2311	225	(const char *) sqlite3_column_text(session->get_user_default_key, 0);
krista@2311	226	}
krista@2324	227	sqlite3_reset(session->get_user_default_key);
krista@2311	228
krista@2324	229	if (user_fpr) {
krista@2324	230	// There exists a default key for user, so validate
krista@2324	231	stored_identity->fpr = user_fpr;
krista@2324	232	status = validate_fpr(session, stored_identity);
krista@2324	233	if (status == PEP_STATUS_OK && stored_identity->fpr) {
krista@2324	234	*is_user_default = true;
krista@2324	235	*is_address_default = key_matches_address(session,
krista@2324	236	stored_identity->address,
krista@2324	237	stored_identity->fpr);
krista@2324	238	return status;
krista@2324	239	}
krista@2311	240	}
krista@2324	241
krista@2324	242	return elect_pubkey(session, stored_identity);
krista@2311	243	}
krista@2311	244
edouard@1406	245	PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
edouard@1385	246
edouard@1385	247	DYNAMIC_API PEP_STATUS update_identity(
edouard@1385	248	PEP_SESSION session, pEp_identity * identity
vb@0	249	)
vb@0	250	{
roker@1559	251	pEp_identity *stored_identity = NULL;
roker@1559	252	pEp_identity *temp_id = NULL;
vb@0	253	PEP_STATUS status;
vb@0	254
vb@0	255	assert(session);
vb@0	256	assert(identity);
Edouard@439	257	assert(!EMPTYSTR(identity->address));
vb@0	258
Edouard@439	259	if (!(session && identity && !EMPTYSTR(identity->address)))
roker@1853	260	return ADD_TO_LOG(PEP_ILLEGAL_VALUE);
vb@191	261
krista@2311	262	char* own_id = NULL;
krista@2311	263	status = get_own_userid(session, &own_id);
krista@2311	264
krista@2311	265	// Is this me, temporary or not? If so, _myself() is the right call.
krista@2311	266	if (identity->me \|\|
krista@2311	267	(own_id && identity->user_id && (strcmp(own_id, identity->user_id) == 0)))
krista@2311	268	{
krista@2311	269	status = _myself(session, identity, false, true);
krista@2311	270	free(own_id);
krista@2311	271	return status;
vb@1078	272	}
vb@1078	273
krista@2311	274	// We have, at least, an address.
krista@2311	275	// Retrieve stored identity information!
krista@2311	276	pEp_identity* stored_ident = NULL;
krista@2324	277	char* identity_default_fpr = NULL;
krista@2324	278	char* user_default_fpr = NULL;
krista@2324	279	char* passed_in_fpr = identity->fpr;
krista@2324	280
krista@2311	281	if (identity->user_id) {
krista@2324	282	// (we're gonna update the trust/fpr anyway, so we user the no-fpr-from-trust-db variant)
krista@2311	283	// * do get_identity() to retrieve stored identity information
krista@2324	284	status = get_identity_without_trust_check(session, identity->address, identity->user_id, &stored_ident);
krista@2317	285
krista@2317	286	// Before we start - if there was no stored identity, we should check to make sure we don't
krista@2317	287	// have a stored identity with a temporary user_id that differs from the input user_id. This
krista@2317	288	// happens in multithreaded environments sometimes.
krista@2317	289	if (!stored_ident) {
krista@2317	290	identity_list* id_list = NULL;
krista@2317	291	status = get_identities_by_address(session, identity->address, &id_list);
krista@2317	292
krista@2317	293	if (id_list) {
krista@2317	294	identity_list* id_curr = id_list;
krista@2317	295	while (id_curr) {
krista@2317	296	pEp_identity* this_id = id_curr->ident;
krista@2317	297	if (this_id) {
krista@2317	298	char* this_uid = this_id->user_id;
krista@2317	299	if (this_uid && (strstr(this_uid, "TOFU_") == this_uid)) {
krista@2317	300	// FIXME: should we also be fixing pEp_own_userId in this
krista@2317	301	// function here?
krista@2317	302
krista@2324	303	// if usernames match, we replace the userid. Or if the temp username
krista@2324	304	// is anonymous.
krista@2324	305	if (!this_id->username \|\|
krista@2324	306	strcasecmp(this_id->username, "anonymous") == 0 \|\|
krista@2324	307	(identity->username &&
krista@2324	308	strcasecmp(identity->username,
krista@2324	309	this_id->username) == 0)) {
krista@2317	310
krista@2324	311	// Ok, we have a temp ID. We have to replace this
krista@2324	312	// with the real ID.
krista@2324	313	status = replace_userid(this_uid, identity->user_id);
krista@2324	314	if (status != PEP_STATUS_OK) {
krista@2324	315	free_identity_list(id_list);
krista@2324	316	return status;
krista@2324	317	}
krista@2324	318
krista@2324	319	free(this_uid);
krista@2324	320
krista@2324	321	// Reflect the change we just made to the DB
krista@2324	322	this_id->user_id = strdup(identity->user_id);
krista@2324	323	stored_ident = this_id;
krista@2324	324	// FIXME: free list.
krista@2324	325	break;
krista@2324	326	}
krista@2317	327	}
krista@2317	328	}
krista@2317	329	id_curr = id_curr->next;
krista@2317	330	}
krista@2317	331	}
krista@2317	332	}
krista@2311	333
krista@2324	334	if (stored_ident && stored_ident->fpr)
krista@2324	335	identity_default_fpr = strdup(stored_ident->fpr);
krista@2324	336
krista@2317	337	// Ok, now we start the real algorithm:
krista@2324	338	if (status == PEP_STATUS_OK && stored_ident) {
krista@2324	339	// * if identity available
krista@2324	340	// * patch it with username
krista@2324	341	// (note: this will happen when
krista@2324	342	// setting automatically below...)
krista@2324	343	// * elect valid key for identity
krista@2324	344	// * if valid key exists
krista@2324	345	// * set return value's fpr
krista@2324	346	bool fpr_changed = false;
krista@2324	347	bool is_identity_default, is_user_default, is_address_default;
krista@2324	348	status = get_valid_pubkey(session, stored_ident,
krista@2324	349	&is_identity_default,
krista@2324	350	&is_user_default,
krista@2324	351	&is_address_default);
krista@2324	352
krista@2324	353	if (status == PEP_STATUS_OK && stored_ident->fpr) {
krista@2324	354	// * set identity comm_type from trust db (user_id, FPR)
krista@2324	355	status = get_trust(session, stored_ident);
krista@2324	356	if (status != PEP_STATUS_OK)
krista@2324	357	return status; // FIXME - free mem
krista@2324	358	if (identity->fpr &&
krista@2324	359	strcasecmp(stored_ident->fpr, identity->fpr) != 0) {
krista@2324	360	free(identity->fpr);
krista@2324	361	strdup(identity->fpr, stored_ident->fpr);
krista@2324	362
krista@2324	363	// We have to call this because we didn't get it during
krista@2324	364	// get identity above
krista@2317	365	status = get_trust(session, stored_ident);
krista@2324	366	identity->comm_type = stored_ident->comm_type;
krista@2317	367	}
krista@2324	368	}
krista@2324	369	else {
krista@2324	370	return status; // Couldn't find a key.
krista@2324	371	}
krista@2324	372
krista@2324	373	// We patch the DB with the input username, but if we didn't have
krista@2324	374	// one, we pull it out of storage if available.
krista@2324	375	// (also, if the input username is "anonymous" and there exists
krista@2324	376	// a DB username, we replace)
krista@2324	377	if (stored_ident->username) {
krista@2324	378	if (identity->username &&
krista@2324	379	(strcasecmp(identity->username, "anonymous") == 0)) {
krista@2324	380	free(identity->username);
krista@2324	381	identity->username = NULL;
krista@2317	382	}
krista@2324	383	if (!identity->username)
krista@2324	384	identity->username = strdup(stored_ident->username);
krista@2317	385	}
krista@2324	386
krista@2324	387	// Call set_identity() to store
krista@2324	388	if ((is_identity_default \|\| is_user_default) &&
krista@2324	389	is_address_default) {
krista@2324	390	// if we got an fpr which is default for either user
krista@2324	391	// or identity AND is valid for this address, set in DB
krista@2324	392	// as default
krista@2324	393	status = set_identity(identity);
krista@2324	394	}
krista@2317	395	else {
krista@2324	396	// Store without default fpr/ct, but return the fpr and ct
krista@2324	397	// for current use
krista@2324	398	char* save_fpr = identity->fpr;
krista@2324	399	PEP_comm_type save_ct = identity->comm_type;
krista@2324	400	identity->fpr = NULL;
krista@2324	401	identity->comm_type = PEP_ct_unknown;
krista@2324	402	status = set_identity(identity);
krista@2324	403	identity->fpr = save_fpr;
krista@2324	404	identity->comm_type = save_ct;
krista@2317	405	}
krista@2311	406	}
krista@2324	407	// * else (identity unavailable)
krista@2311	408	else {
krista@2324	409	// if we only have user_id and address and identity not available
krista@2311	410	// * return error status (identity not found)
krista@2324	411	if (!identity->username)
krista@2324	412	status PEP_CANNOT_FIND_IDENTITY;
krista@2324	413
krista@2324	414	// Otherwise, if we had user_id, address, and username:
krista@2324	415	// * create identity with user_id, address, username
krista@2324	416	// (this is the input id without the fpr + comm type!)
krista@2324	417	free(identity->fpr);
krista@2324	418	identity->fpr = NULL;
krista@2324	419	identity->comm_type = PEP_ct_unknown;
krista@2311	420
krista@2324	421	// * We've already checked and retrieved
krista@2324	422	// any applicable temporary identities above. If we're
krista@2324	423	// here, none of them fit.
krista@2324	424	// * call set_identity() to store
krista@2324	425	if (status == PEP_STATUS_OK) {
krista@2324	426	status = set_identity(session, identity);
krista@2324	427	}
krista@2324	428	// * Return: created identity
krista@2324	429	}
krista@2311	430	}
krista@2311	431	else if (identity->username) {
krista@2311	432	/*
krista@2311	433	* Temporary identity information with username supplied
krista@2311	434	* Input: address, username (no others)
krista@2311	435	*/
krista@2324	436	identity_list* id_list = NULL;
krista@2324	437	status = get_identities_by_address(session, identity->address, &id_list);
krista@2324	438
krista@2311	439	// * Search for an identity with non-temporary user_id with that mapping
krista@2324	440	if (id_list) {
krista@2324	441	identity_list* id_curr = id_list;
krista@2324	442	while (id_curr) {
krista@2324	443	pEp_identity* this_id = id_curr->ident;
krista@2324	444	if (this_id) {
krista@2324	445	char* this_uid = this_id->user_id;
krista@2324	446	if (this_uid && (strstr(this_uid, "TOFU_") == NULL)) {
krista@2324	447	// FIXME: should we also be fixing pEp_own_userId in this
krista@2324	448	// function here?
krista@2324	449
krista@2324	450	// if usernames match, we replace the userid.
krista@2324	451	if (identity->username &&
krista@2324	452	strcasecmp(identity->username,
krista@2324	453	this_id->username) == 0) {
krista@2324	454
krista@2324	455	// Ok, we have a real ID. Copy it!
krista@2324	456	identity->user_id = strdup(this_uid);
krista@2324	457
krista@2324	458	if (!identity->user_id)
krista@2324	459	status = PEP_OUT_OF_MEMORY;
krista@2324	460	stored_ident = this_id;
krista@2324	461
krista@2324	462	break;
krista@2324	463	}
krista@2324	464	}
krista@2324	465	}
krista@2324	466	id_curr = id_curr->next;
krista@2324	467	}
krista@2324	468	}
krista@2324	469
krista@2324	470	if (stored_ident) {
krista@2324	471
krista@2324	472	}
krista@2324	473	else {
krista@2324	474	// * create temporary identity, store it, and Return this
krista@2324	475	}
krista@2311	476	}
krista@2311	477	else {
krista@2311	478	/*
krista@2311	479	* Temporary identity information without username suplied
krista@2311	480	* Input: address (no others)
krista@2311	481	*/
krista@2311	482
krista@2311	483	// * Search for identity with this address
krista@2311	484	// * If exactly one found
krista@2311	485	// * elect valid key for identity (see below)
krista@2311	486	// * if valid key exists
krista@2311	487	// * set identity comm_type from trust db (user_id, FPR)
krista@2311	488	// * set return value's fpr
krista@2311	489	// * ...? (do we also set the stored fpr?)
krista@2311	490	// * Return this identity
krista@2311	491	// * else
krista@2311	492	// * return error status (too little information)
krista@2311	493	}
krista@2311	494
krista@2311	495
Edouard@559	496	int _no_user_id = EMPTYSTR(identity->user_id);
edouard@1164	497	int _did_elect_new_key = 0;
Edouard@559	498
Edouard@559	499	if (_no_user_id)
Edouard@559	500	{
krista@2303	501	char* own_id = NULL;
krista@2303	502	status = get_own_userid(session, &own_id);
krista@2303	503	if (status == PEP_STATUS_OK && own_id) {
krista@2303	504	status = get_identity(session, identity->address, own_id,
krista@2303	505	&stored_identity);
krista@2303	506	if (status == PEP_STATUS_OK) {
krista@2303	507	free_identity(stored_identity);
krista@2303	508	identity->user_id = own_id;
krista@2303	509	return _myself(session, identity, false, true);
krista@2303	510	}
vb@1015	511	}
krista@2303	512
Edouard@559	513	free(identity->user_id);
Edouard@559	514
vb@591	515	identity->user_id = calloc(1, strlen(identity->address) + 6);
Edouard@562	516	if (!identity->user_id)
Edouard@559	517	{
Edouard@562	518	return PEP_OUT_OF_MEMORY;
Edouard@559	519	}
vb@983	520	snprintf(identity->user_id, strlen(identity->address) + 6,
Edouard@562	521	"TOFU_%s", identity->address);
Edouard@559	522	}
vb@934	523
Edouard@559	524	status = get_identity(session,
Edouard@559	525	identity->address,
Edouard@559	526	identity->user_id,
Edouard@559	527	&stored_identity);
Edouard@559	528
vb@0	529	assert(status != PEP_OUT_OF_MEMORY);
vb@0	530	if (status == PEP_OUT_OF_MEMORY)
Edouard@829	531	goto exit_free;
vb@0	532
krista@1224	533	temp_id = identity_dup(identity);
krista@1220	534
edouard@1501	535	/* We don't take given fpr.
edouard@1501	536	In case there's no acceptable stored fpr, it will be elected. */
edouard@1501	537	free(temp_id->fpr);
edouard@1501	538	temp_id->fpr = NULL;
edouard@1501	539	temp_id->comm_type = PEP_ct_unknown;
edouard@1501	540
edouard@1501	541	if (stored_identity) {
krista@1188	542
edouard@1501	543	bool dont_use_stored_fpr = true;
krista@1220	544
krista@1220	545	/* if we have a stored_identity fpr */
edouard@1501	546	if (!EMPTYSTR(stored_identity->fpr)) {
krista@1791	547	bool revoked = false;
krista@1791	548	status = key_revoked(session, stored_identity->fpr, &revoked);
krista@1791	549
krista@1791	550	if (status != PEP_STATUS_OK \|\| revoked)
krista@1791	551	dont_use_stored_fpr = true;
krista@1791	552
krista@1791	553	if (revoked) {
krista@1791	554	// Do stuff
krista@1799	555	status = update_trust_for_fpr(session, stored_identity->fpr, PEP_ct_key_revoked);
krista@1791	556	// What to do on failure? FIXME
krista@1799	557	status = replace_identities_fpr(session, stored_identity->fpr, "");
krista@1791	558	}
krista@1797	559	else {
krista@1797	560	status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
krista@1797	561	if (status != PEP_STATUS_OK)
krista@1797	562	dont_use_stored_fpr = true;
krista@1797	563	}
krista@1220	564	}
krista@1188	565
krista@1220	566
edouard@1501	567	if (!dont_use_stored_fpr) {
edouard@1501	568	/* Check stored comm_type */
edouard@1501	569	PEP_comm_type _comm_type_key;
edouard@1522	570	status = get_key_rating(session, stored_identity->fpr, &_comm_type_key);
edouard@1501	571	assert(status != PEP_OUT_OF_MEMORY);
edouard@1522	572	if (status == PEP_OUT_OF_MEMORY) {
edouard@1501	573	goto exit_free;
edouard@1522	574	}
edouard@1522	575	if (status == PEP_KEY_NOT_FOUND){
edouard@1522	576	/* stored key was deleted from keyring. any other candidate ?*/
edouard@1522	577	status = elect_pubkey(session, temp_id);
edouard@1522	578	if (status != PEP_STATUS_OK) {
edouard@1522	579	goto exit_free;
edouard@1522	580	} else {
edouard@1522	581	_did_elect_new_key = 1;
edouard@1522	582	}
edouard@1501	583	} else {
edouard@1522	584	temp_id->fpr = strdup(stored_identity->fpr);
edouard@1522	585	assert(temp_id->fpr);
edouard@1522	586	if (temp_id->fpr == NULL) {
edouard@1522	587	status = PEP_OUT_OF_MEMORY;
edouard@1522	588	goto exit_free;
edouard@1522	589	}
edouard@1522	590
edouard@1522	591	if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
edouard@1522	592	/* if key not good anymore,
edouard@1522	593	downgrade eventually trusted comm_type */
edouard@1501	594	temp_id->comm_type = _comm_type_key;
edouard@1522	595	} else {
edouard@1738	596	/* otherwise take stored comm_type as-is except if
edouard@1738	597	is unknown or is expired (but key not expired anymore) */
edouard@1522	598	temp_id->comm_type = stored_identity->comm_type;
edouard@1738	599	if (temp_id->comm_type == PEP_ct_unknown \|\|
edouard@1738	600	temp_id->comm_type == PEP_ct_key_expired) {
edouard@1522	601	temp_id->comm_type = _comm_type_key;
edouard@1522	602	}
edouard@1501	603	}
edouard@1501	604	}
krista@1220	605	}
edouard@1501	606	else {
edouard@1501	607	status = elect_pubkey(session, temp_id);
edouard@1522	608	if (status != PEP_STATUS_OK){
edouard@1501	609	goto exit_free;
edouard@1522	610	} else {
krista@1188	611	_did_elect_new_key = 1;
krista@1188	612	}
krista@1188	613	}
krista@1188	614
krista@1220	615	/* ok, from here on out, use temp_id */
krista@1220	616
krista@1220	617
krista@1220	618	/* At this point, we either have a non-blacklisted fpr we can work */
roker@1559	619	/* with, or we've got nada. */
edouard@1501	620
edouard@1501	621	if (EMPTYSTR(temp_id->fpr)) {
edouard@1501	622	/* nada : set comm_type accordingly */
krista@1243	623	temp_id->comm_type = PEP_ct_key_not_found;
krista@1243	624	}
krista@1243	625
krista@1220	626	if (EMPTYSTR(temp_id->username)) {
krista@1220	627	free(temp_id->username);
krista@1220	628	temp_id->username = strdup(stored_identity->username);
krista@1220	629	assert(temp_id->username);
krista@1220	630	if (temp_id->username == NULL){
Edouard@829	631	status = PEP_OUT_OF_MEMORY;
Edouard@829	632	goto exit_free;
Edouard@829	633	}
vb@22	634	}
vb@22	635
krista@1220	636	if (temp_id->lang[0] == 0) {
krista@1220	637	temp_id->lang[0] = stored_identity->lang[0];
krista@1220	638	temp_id->lang[1] = stored_identity->lang[1];
krista@1220	639	temp_id->lang[2] = 0;
vb@21	640	}
vb@932	641
krista@1220	642	temp_id->flags = stored_identity->flags;
vb@21	643	}
vb@21	644	else /* stored_identity == NULL */ {
krista@1220	645	temp_id->flags = 0;
vb@934	646
edouard@1501	647	/* We elect a pubkey */
edouard@1501	648	status = elect_pubkey(session, temp_id);
edouard@1501	649	if (status != PEP_STATUS_OK)
edouard@1501	650	goto exit_free;
edouard@1501	651
edouard@1501	652	/* Work with the elected key */
krista@1220	653	if (!EMPTYSTR(temp_id->fpr)) {
krista@1196	654
edouard@1502	655	PEP_comm_type _comm_type_key = temp_id->comm_type;
edouard@1502	656
edouard@1502	657	_did_elect_new_key = 1;
edouard@1501	658
edouard@1502	659	// We don't want to lose a previous trust entry!!!
edouard@1502	660	status = get_trust(session, temp_id);
vb@21	661
edouard@1502	662	bool has_trust_status = (status == PEP_STATUS_OK);
edouard@1502	663
edouard@1502	664	if (!has_trust_status)
edouard@1502	665	temp_id->comm_type = _comm_type_key;
vb@21	666	}
vb@21	667	}
vb@21	668
edouard@1501	669	if (temp_id->fpr == NULL) {
krista@1220	670	temp_id->fpr = strdup("");
edouard@1501	671	if (temp_id->fpr == NULL) {
edouard@1501	672	status = PEP_OUT_OF_MEMORY;
edouard@1501	673	goto exit_free;
edouard@1501	674	}
edouard@1501	675	}
krista@1193	676
krista@1193	677
vb@21	678	status = PEP_STATUS_OK;
vb@21	679
krista@1220	680	if (temp_id->comm_type != PEP_ct_unknown && !EMPTYSTR(temp_id->user_id)) {
vb@22	681
krista@1220	682	if (EMPTYSTR(temp_id->username)) { // mitigate
krista@1220	683	free(temp_id->username);
krista@2288	684	temp_id->username = strdup("Anonymous");
krista@1220	685	assert(temp_id->username);
krista@1220	686	if (temp_id->username == NULL){
Edouard@829	687	status = PEP_OUT_OF_MEMORY;
Edouard@829	688	goto exit_free;
Edouard@829	689	}
vb@0	690	}
vb@8	691
Edouard@755	692	// Identity doesn't get stored if call was just about checking existing
Edouard@755	693	// user by address (i.e. no user id given but already stored)
krista@1223	694	if (!(_no_user_id && stored_identity) \|\| _did_elect_new_key)
Edouard@559	695	{
krista@1220	696	status = set_identity(session, temp_id);
Edouard@559	697	assert(status == PEP_STATUS_OK);
Edouard@559	698	if (status != PEP_STATUS_OK) {
Edouard@829	699	goto exit_free;
Edouard@559	700	}
Edouard@499	701	}
vb@8	702	}
vb@8	703
krista@1220	704	if (temp_id->comm_type != PEP_ct_compromized &&
krista@1220	705	temp_id->comm_type < PEP_ct_strong_but_unconfirmed)
vb@297	706	if (session->examine_identity)
krista@1220	707	session->examine_identity(temp_id, session->examine_management);
krista@1220	708
krista@1220	709	/* ok, we got to the end. So we can assign the output identity */
krista@1220	710	free(identity->address);
krista@1220	711	identity->address = strdup(temp_id->address);
krista@1220	712	free(identity->fpr);
krista@1220	713	identity->fpr = strdup(temp_id->fpr);
krista@1220	714	free(identity->user_id);
krista@1220	715	identity->user_id = strdup(temp_id->user_id);
krista@1220	716	free(identity->username);
krista@2288	717	identity->username = strdup(temp_id->username ? temp_id->username : "Anonymous");
krista@1220	718	identity->comm_type = temp_id->comm_type;
krista@1220	719	identity->lang[0] = temp_id->lang[0];
krista@1220	720	identity->lang[1] = temp_id->lang[1];
krista@1220	721	identity->lang[2] = 0;
krista@2288	722	identity->me = temp_id->me;
krista@1220	723	identity->flags = temp_id->flags;
vb@297	724
Edouard@829	725	exit_free :
roker@1559	726	free_identity(stored_identity);
roker@1559	727	free_identity(temp_id);
krista@1220	728
roker@1853	729	return ADD_TO_LOG(status);
vb@0	730	}
vb@0	731
Edouard@774	732	PEP_STATUS elect_ownkey(
krista@1194	733	PEP_SESSION session, pEp_identity * identity
Edouard@774	734	)
Edouard@774	735	{
Edouard@774	736	PEP_STATUS status;
Edouard@774	737	stringlist_t *keylist = NULL;
Edouard@774	738
Edouard@774	739	free(identity->fpr);
Edouard@774	740	identity->fpr = NULL;
Edouard@774	741
krista@1357	742	status = find_private_keys(session, identity->address, &keylist);
Edouard@774	743	assert(status != PEP_OUT_OF_MEMORY);
Edouard@774	744	if (status == PEP_OUT_OF_MEMORY)
Edouard@774	745	return PEP_OUT_OF_MEMORY;
Edouard@774	746
Edouard@774	747	if (keylist != NULL && keylist->value != NULL)
Edouard@774	748	{
Edouard@774	749	char *_fpr = NULL;
Edouard@774	750	identity->comm_type = PEP_ct_unknown;
Edouard@774	751
Edouard@774	752	stringlist_t *_keylist;
Edouard@774	753	for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
Edouard@774	754	bool is_own = false;
Edouard@774	755
edouard@1752	756	status = own_key_is_listed(session, _keylist->value, &is_own);
edouard@1752	757	assert(status == PEP_STATUS_OK);
edouard@1752	758	if (status != PEP_STATUS_OK) {
edouard@1752	759	free_stringlist(keylist);
edouard@1752	760	return status;
Edouard@774	761	}
Edouard@774	762
edouard@1752	763	if (is_own)
Edouard@774	764	{
Edouard@774	765	PEP_comm_type _comm_type_key;
Edouard@774	766
Edouard@774	767	status = get_key_rating(session, _keylist->value, &_comm_type_key);
Edouard@774	768	assert(status != PEP_OUT_OF_MEMORY);
Edouard@774	769	if (status == PEP_OUT_OF_MEMORY) {
Edouard@774	770	free_stringlist(keylist);
Edouard@774	771	return PEP_OUT_OF_MEMORY;
Edouard@774	772	}
Edouard@774	773
Edouard@774	774	if (_comm_type_key != PEP_ct_compromized &&
Edouard@774	775	_comm_type_key != PEP_ct_unknown)
Edouard@774	776	{
Edouard@774	777	if (identity->comm_type == PEP_ct_unknown \|\|
Edouard@774	778	_comm_type_key > identity->comm_type)
Edouard@774	779	{
Edouard@774	780	identity->comm_type = _comm_type_key;
Edouard@774	781	_fpr = _keylist->value;
Edouard@774	782	}
Edouard@774	783	}
Edouard@774	784	}
Edouard@774	785	}
Edouard@774	786
Edouard@774	787	if (_fpr)
Edouard@774	788	{
Edouard@774	789	identity->fpr = strdup(_fpr);
Edouard@774	790	assert(identity->fpr);
Edouard@774	791	if (identity->fpr == NULL)
Edouard@774	792	{
Edouard@774	793	free_stringlist(keylist);
Edouard@774	794	return PEP_OUT_OF_MEMORY;
Edouard@774	795	}
Edouard@774	796	}
Edouard@774	797	free_stringlist(keylist);
Edouard@774	798	}
Edouard@774	799	return PEP_STATUS_OK;
Edouard@774	800	}
Edouard@774	801
krista@1357	802	PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
krista@1357	803	bool* is_usable) {
krista@1357	804
krista@1357	805	bool dont_use_fpr = true;
krista@1357	806
krista@1357	807	PEP_STATUS status = blacklist_is_listed(session, fpr, &dont_use_fpr);
krista@1371	808	if (status == PEP_STATUS_OK && !dont_use_fpr) {
krista@1357	809	// Make sure there is a private key associated with this fpr
krista@1357	810	bool has_private = false;
krista@1357	811	status = contains_priv_key(session, fpr, &has_private);
krista@1371	812
krista@1371	813	if (status == PEP_STATUS_OK)
krista@1371	814	dont_use_fpr = !has_private;
krista@1357	815	}
krista@1357	816
krista@1357	817	*is_usable = !dont_use_fpr;
krista@1357	818
roker@1853	819	return ADD_TO_LOG(status);
krista@1357	820	}
krista@1357	821
edouard@1406	822	PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
vb@0	823	{
roker@1559	824	pEp_identity *stored_identity = NULL;
vb@0	825	PEP_STATUS status;
vb@0	826
vb@0	827	assert(session);
vb@0	828	assert(identity);
vb@1044	829	assert(!EMPTYSTR(identity->address));
vb@1043	830
krista@2303	831	char* own_id = NULL;
krista@2303	832	status = get_own_userid(session, &own_id);
krista@2303	833
krista@2308	834
Edouard@658	835	assert(EMPTYSTR(identity->user_id) \|\|
krista@2305	836	(own_id && strcmp(identity->user_id, own_id) == 0) \|\|
krista@2305	837	!own_id);
vb@0	838
vb@1044	839	if (!(session && identity && !EMPTYSTR(identity->address) &&
vb@1043	840	(EMPTYSTR(identity->user_id) \|\|
krista@2305	841	(own_id && strcmp(identity->user_id, own_id) == 0) \|\|
krista@2305	842	!own_id)))
roker@1853	843	return ADD_TO_LOG(PEP_ILLEGAL_VALUE);
vb@191	844
krista@2308	845	if (!own_id) {
krista@2308	846	// check to see if we have ANY identity for this address... could have
krista@2308	847	// happened due to race condition
krista@2308	848	}
krista@2308	849
vb@0	850	identity->comm_type = PEP_ct_pEp;
krista@2288	851	identity->me = true;
edouard@1406	852	if(ignore_flags)
edouard@1406	853	identity->flags = 0;
Edouard@658	854
vb@1043	855	if (EMPTYSTR(identity->user_id))
Edouard@658	856	{
Edouard@658	857	free(identity->user_id);
krista@2303	858	identity->user_id = (own_id ? own_id : strdup(PEP_OWN_USERID));
Edouard@658	859	assert(identity->user_id);
Edouard@658	860	if (identity->user_id == NULL)
Edouard@658	861	return PEP_OUT_OF_MEMORY;
Edouard@658	862	}
vb@0	863
edouard@1488	864	if (EMPTYSTR(identity->username))
edouard@1488	865	{
edouard@1488	866	free(identity->username);
krista@2219	867	identity->username = strdup("Anonymous");
edouard@1488	868	assert(identity->username);
edouard@1488	869	if (identity->username == NULL)
edouard@1488	870	return PEP_OUT_OF_MEMORY;
edouard@1488	871	}
edouard@1488	872
vb@215	873	DEBUG_LOG("myself", "debug", identity->address);
vb@1044	874
Edouard@560	875	status = get_identity(session,
Edouard@560	876	identity->address,
Edouard@560	877	identity->user_id,
Edouard@560	878	&stored_identity);
Edouard@560	879
vb@0	880	assert(status != PEP_OUT_OF_MEMORY);
vb@0	881	if (status == PEP_OUT_OF_MEMORY)
vb@0	882	return PEP_OUT_OF_MEMORY;
krista@1357	883
krista@1357	884	bool dont_use_stored_fpr = true;
krista@1357	885	bool dont_use_input_fpr = true;
krista@1359	886
Edouard@560	887	if (stored_identity)
Edouard@560	888	{
Edouard@560	889	if (EMPTYSTR(identity->fpr)) {
krista@1352	890
krista@1357	891	bool has_private = false;
krista@1352	892
krista@1357	893	status = _has_usable_priv_key(session, stored_identity->fpr, &has_private);
krista@1352	894
krista@1371	895	// N.B. has_private is never true if the returned status is not PEP_STATUS_OK
krista@1357	896	if (has_private) {
krista@1357	897	identity->fpr = strdup(stored_identity->fpr);
krista@1357	898	assert(identity->fpr);
krista@1357	899	if (identity->fpr == NULL)
krista@1357	900	{
krista@1357	901	return PEP_OUT_OF_MEMORY;
krista@1357	902	}
krista@1357	903	dont_use_stored_fpr = false;
Edouard@560	904	}
Edouard@560	905	}
krista@1357	906
edouard@1406	907	identity->flags = (identity->flags & 255) \| stored_identity->flags;
edouard@1367	908	free_identity(stored_identity);
Edouard@588	909	}
krista@1357	910
krista@1357	911	if (dont_use_stored_fpr && !EMPTYSTR(identity->fpr))
Edouard@588	912	{
Edouard@588	913	// App must have a good reason to give fpr, such as explicit
Edouard@588	914	// import of private key, or similar.
Edouard@588	915
Edouard@658	916	// Take given fpr as-is.
vb@934	917
krista@1357	918	// BUT:
krista@1357	919	// First check to see if it's blacklisted or private part is missing?
krista@1357	920	bool has_private = false;
krista@1357	921
krista@1357	922	status = _has_usable_priv_key(session, identity->fpr, &has_private);
krista@1357	923
krista@1371	924	// N.B. has_private is never true if the returned status is not PEP_STATUS_OK
krista@1357	925	if (has_private) {
krista@1357	926	dont_use_input_fpr = false;
krista@1357	927	}
Edouard@560	928	}
krista@1357	929
krista@1357	930	// Ok, we failed to get keys either way, so let's elect one.
krista@1357	931	if (dont_use_input_fpr && dont_use_stored_fpr)
Edouard@560	932	{
Edouard@774	933	status = elect_ownkey(session, identity);
Edouard@774	934	assert(status == PEP_STATUS_OK);
Edouard@774	935	if (status != PEP_STATUS_OK) {
roker@1853	936	return ADD_TO_LOG(status);
Edouard@560	937	}
vb@934	938
krista@1357	939	bool has_private = false;
krista@1359	940	if (identity->fpr) {
krista@1359	941	// ok, we elected something.
krista@1359	942	// elect_ownkey only returns private keys, so we don't check again.
krista@1359	943	// Check to see if it's blacklisted
krista@1359	944	bool listed;
krista@1359	945	status = blacklist_is_listed(session, identity->fpr, &listed);
krista@1371	946
krista@1371	947	if (status == PEP_STATUS_OK)
krista@1371	948	has_private = !listed;
krista@1359	949	}
krista@1357	950
krista@1357	951	if (has_private) {
krista@1357	952	dont_use_input_fpr = false;
krista@1357	953	}
krista@1357	954	else { // OK, we've tried everything. Time to generate new keys.
krista@1359	955	free(identity->fpr); // It can stay in this state (unallocated) because we'll generate a new key
krista@1359	956	identity->fpr = NULL;
krista@1357	957	}
Edouard@560	958	}
Edouard@695	959
Edouard@695	960	bool revoked = false;
Edouard@695	961	char *r_fpr = NULL;
Edouard@695	962	if (!EMPTYSTR(identity->fpr))
Edouard@695	963	{
Edouard@695	964	status = key_revoked(session, identity->fpr, &revoked);
Edouard@775	965
edouard@1752	966	if (status != PEP_STATUS_OK)
Edouard@775	967	{
roker@1853	968	return ADD_TO_LOG(status);
Edouard@695	969	}
Edouard@695	970	}
edouard@1140	971
Edouard@695	972	if (EMPTYSTR(identity->fpr) \|\| revoked)
roker@1734	973	{
edouard@1385	974	if(!do_keygen){
roker@1853	975	return ADD_TO_LOG(PEP_GET_KEY_FAILED);
edouard@1385	976	}
edouard@1385	977
Edouard@695	978	if(revoked)
Edouard@695	979	{
Edouard@697	980	r_fpr = identity->fpr;
Edouard@697	981	identity->fpr = NULL;
Edouard@695	982	}
Edouard@560	983
vb@215	984	DEBUG_LOG("generating key pair", "debug", identity->address);
vb@0	985	status = generate_keypair(session, identity);
vb@0	986	assert(status != PEP_OUT_OF_MEMORY);
vb@0	987	if (status != PEP_STATUS_OK) {
vb@0	988	char buf[11];
vb@0	989	snprintf(buf, 11, "%d", status);
vb@215	990	DEBUG_LOG("generating key pair failed", "debug", buf);
Edouard@695	991	if(revoked && r_fpr)
Edouard@695	992	free(r_fpr);
roker@1853	993	return ADD_TO_LOG(status);
vb@0	994	}
edouard@1140	995
Edouard@560	996
Edouard@695	997	if(revoked)
Edouard@695	998	{
Edouard@695	999	status = set_revoked(session, r_fpr,
Edouard@695	1000	identity->fpr, time(NULL));
Edouard@695	1001	free(r_fpr);
Edouard@695	1002	if (status != PEP_STATUS_OK) {
roker@1853	1003	return ADD_TO_LOG(status);
Edouard@695	1004	}
Edouard@371	1005	}
vb@0	1006	}
Edouard@560	1007	else
Edouard@560	1008	{
vb@214	1009	bool expired;
Edouard@701	1010	status = key_expired(session, identity->fpr,
Edouard@701	1011	time(NULL) + (7243600), // In a week
Edouard@701	1012	&expired);
Edouard@701	1013
vb@214	1014	assert(status == PEP_STATUS_OK);
Edouard@499	1015	if (status != PEP_STATUS_OK) {
roker@1853	1016	return ADD_TO_LOG(status);
Edouard@499	1017	}
vb@214	1018
vb@214	1019	if (status == PEP_STATUS_OK && expired) {
vb@214	1020	timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
Edouard@560	1021	renew_key(session, identity->fpr, ts);
vb@214	1022	free_timestamp(ts);
vb@214	1023	}
vb@214	1024	}
vb@0	1025
krista@1353	1026	if (!identity->username)
krista@1353	1027	identity->username = strdup("");
krista@1353	1028
vb@0	1029	status = set_identity(session, identity);
vb@0	1030	assert(status == PEP_STATUS_OK);
Edouard@499	1031	if (status != PEP_STATUS_OK) {
Edouard@588	1032	return status;
Edouard@499	1033	}
vb@0	1034
roker@1853	1035	return ADD_TO_LOG(PEP_STATUS_OK);
vb@0	1036	}
vb@0	1037
krista@2308	1038	DYNAMIC_API PEP_STATUS initialise_own_identities(PEP_SESSION session,
krista@2308	1039	identity_list* my_idents) {
krista@2308	1040	PEP_STATUS status = PEP_STATUS_OK;
krista@2308	1041	if (!session)
krista@2308	1042	return PEP_ILLEGAL_VALUE;
krista@2308	1043
krista@2308	1044	char* stored_own_userid = NULL;
krista@2308	1045	get_own_userid(session, &stored_own_userid);
krista@2308	1046
krista@2308	1047	identity_list* ident_curr = my_idents;
krista@2308	1048	while (ident_curr) {
krista@2308	1049	pEp_identity* ident = ident_curr->ident;
krista@2308	1050	if (!ident)
krista@2308	1051	return PEP_ILLEGAL_VALUE;
krista@2308	1052
krista@2308	1053	if (stored_own_userid) {
krista@2308	1054	if (!ident->user_id)
krista@2308	1055	ident->user_id = strdup(stored_own_userid);
krista@2308	1056	else if (strcmp(stored_own_userid, ident->user_id) != 0)
krista@2308	1057	return PEP_ILLEGAL_VALUE;
krista@2308	1058	}
krista@2308	1059	else if (!ident->user_id) {
krista@2308	1060	stored_own_userid = PEP_OWN_USERID;
krista@2308	1061	ident->user_id = strdup(PEP_OWN_USERID);
krista@2308	1062	}
krista@2308	1063
krista@2308	1064	ident->me = true; // Just in case.
krista@2308	1065
krista@2308	1066	// Ok, do it...
krista@2308	1067	status = set_identity(session, ident);
krista@2308	1068	if (status != PEP_STATUS_OK)
krista@2308	1069	return status;
krista@2308	1070
krista@2308	1071	ident_curr = ident_curr->next;
krista@2308	1072	}
krista@2308	1073
krista@2308	1074	return status;
krista@2308	1075	}
krista@2308	1076
edouard@1385	1077	DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
edouard@1385	1078	{
roker@1853	1079	return ADD_TO_LOG(_myself(session, identity, true, false));
edouard@1385	1080	}
edouard@1385	1081
vb@296	1082	DYNAMIC_API PEP_STATUS register_examine_function(
vb@292	1083	PEP_SESSION session,
vb@292	1084	examine_identity_t examine_identity,
vb@292	1085	void *management
vb@292	1086	)
vb@292	1087	{
vb@292	1088	assert(session);
vb@292	1089	if (!session)
vb@292	1090	return PEP_ILLEGAL_VALUE;
vb@292	1091
vb@292	1092	session->examine_management = management;
vb@292	1093	session->examine_identity = examine_identity;
vb@292	1094
vb@292	1095	return PEP_STATUS_OK;
vb@292	1096	}
vb@292	1097
vb@0	1098	DYNAMIC_API PEP_STATUS do_keymanagement(
vb@0	1099	retrieve_next_identity_t retrieve_next_identity,
vb@0	1100	void *management
vb@0	1101	)
vb@0	1102	{
vb@0	1103	PEP_SESSION session;
vb@0	1104	pEp_identity *identity;
Edouard@499	1105	PEP_STATUS status;
vb@0	1106
vb@24	1107	assert(retrieve_next_identity);
vb@24	1108	assert(management);
vb@24	1109
Edouard@499	1110	if (!retrieve_next_identity \|\| !management)
Edouard@499	1111	return PEP_ILLEGAL_VALUE;
Edouard@499	1112
Edouard@499	1113	status = init(&session);
Edouard@499	1114	assert(status == PEP_STATUS_OK);
Edouard@499	1115	if (status != PEP_STATUS_OK)
Edouard@499	1116	return status;
Edouard@499	1117
vb@0	1118	log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
vb@0	1119
Edouard@499	1120	while ((identity = retrieve_next_identity(management)))
Edouard@499	1121	{
vb@0	1122	assert(identity->address);
Edouard@499	1123	if(identity->address)
Edouard@499	1124	{
Edouard@499	1125	DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
Edouard@499	1126
edouard@1945	1127	if (_identity_me(identity)) {
Edouard@499	1128	status = myself(session, identity);
Edouard@499	1129	} else {
Edouard@499	1130	status = recv_key(session, identity->address);
Edouard@499	1131	}
Edouard@499	1132
vb@0	1133	assert(status != PEP_OUT_OF_MEMORY);
Edouard@499	1134	if(status == PEP_OUT_OF_MEMORY)
Edouard@499	1135	return PEP_OUT_OF_MEMORY;
vb@0	1136	}
vb@0	1137	free_identity(identity);
vb@0	1138	}
vb@0	1139
vb@0	1140	log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
vb@0	1141
vb@0	1142	release(session);
vb@0	1143	return PEP_STATUS_OK;
vb@0	1144	}
vb@0	1145
krista@1213	1146	DYNAMIC_API PEP_STATUS key_mistrusted(
vb@357	1147	PEP_SESSION session,
vb@357	1148	pEp_identity *ident
vb@357	1149	)
vb@215	1150	{
vb@218	1151	PEP_STATUS status = PEP_STATUS_OK;
vb@218	1152
vb@215	1153	assert(session);
vb@357	1154	assert(ident);
Edouard@439	1155	assert(!EMPTYSTR(ident->fpr));
vb@215	1156
vb@357	1157	if (!(session && ident && ident->fpr))
vb@215	1158	return PEP_ILLEGAL_VALUE;
vb@215	1159
edouard@1945	1160	if (_identity_me(ident))
Edouard@697	1161	{
vb@357	1162	revoke_key(session, ident->fpr, NULL);
Edouard@697	1163	myself(session, ident);
Edouard@697	1164	}
Edouard@697	1165	else
Edouard@697	1166	{
krista@2129	1167	// for undo
krista@2129	1168	if (session->cached_mistrusted)
krista@2129	1169	free(session->cached_mistrusted);
krista@2129	1170	session->cached_mistrusted = identity_dup(ident);
Edouard@697	1171	status = mark_as_compromized(session, ident->fpr);
Edouard@697	1172	}
vb@218	1173
vb@218	1174	return status;
vb@215	1175	}
vb@215	1176
krista@2129	1177	DYNAMIC_API PEP_STATUS undo_last_mistrust(PEP_SESSION session) {
krista@2129	1178	assert(session);
krista@2129	1179
krista@2129	1180	if (!session)
krista@2129	1181	return PEP_ILLEGAL_VALUE;
krista@2129	1182
krista@2129	1183	PEP_STATUS status = PEP_STATUS_OK;
krista@2129	1184
krista@2129	1185	pEp_identity* cached_ident = session->cached_mistrusted;
krista@2129	1186
krista@2129	1187	if (!cached_ident)
krista@2129	1188	status = PEP_CANNOT_FIND_IDENTITY;
krista@2129	1189	else {
krista@2129	1190	status = set_identity(session, cached_ident);
krista@2129	1191	free_identity(session->cached_mistrusted);
krista@2129	1192	}
krista@2129	1193
krista@2129	1194	session->cached_mistrusted = NULL;
krista@2129	1195
krista@2129	1196	return status;
krista@2129	1197	}
krista@2129	1198
Edouard@410	1199	DYNAMIC_API PEP_STATUS key_reset_trust(
Edouard@410	1200	PEP_SESSION session,
Edouard@410	1201	pEp_identity *ident
Edouard@410	1202	)
Edouard@410	1203	{
Edouard@410	1204	PEP_STATUS status = PEP_STATUS_OK;
Edouard@410	1205
Edouard@410	1206	assert(session);
Edouard@410	1207	assert(ident);
edouard@1945	1208	assert(!_identity_me(ident));
Edouard@439	1209	assert(!EMPTYSTR(ident->fpr));
Edouard@439	1210	assert(!EMPTYSTR(ident->address));
Edouard@439	1211	assert(!EMPTYSTR(ident->user_id));
Edouard@410	1212
edouard@1945	1213	if (!(session && ident && !_identity_me(ident) && ident->fpr && ident->address &&
vb@420	1214	ident->user_id))
Edouard@410	1215	return PEP_ILLEGAL_VALUE;
Edouard@410	1216
vb@420	1217	status = update_identity(session, ident);
vb@420	1218	if (status != PEP_STATUS_OK)
vb@420	1219	return status;
Edouard@410	1220
Edouard@442	1221	if (ident->comm_type == PEP_ct_mistrusted)
vb@421	1222	ident->comm_type = PEP_ct_unknown;
vb@421	1223	else
vb@421	1224	ident->comm_type &= ~PEP_ct_confirmed;
vb@421	1225
vb@420	1226	status = set_identity(session, ident);
vb@421	1227	if (status != PEP_STATUS_OK)
vb@421	1228	return status;
vb@421	1229
vb@422	1230	if (ident->comm_type == PEP_ct_unknown)
vb@422	1231	status = update_identity(session, ident);
Edouard@410	1232	return status;
Edouard@410	1233	}
Edouard@410	1234
vb@354	1235	DYNAMIC_API PEP_STATUS trust_personal_key(
vb@354	1236	PEP_SESSION session,
vb@354	1237	pEp_identity *ident
vb@354	1238	)
vb@354	1239	{
vb@354	1240	PEP_STATUS status = PEP_STATUS_OK;
vb@354	1241
vb@354	1242	assert(session);
vb@354	1243	assert(ident);
Edouard@439	1244	assert(!EMPTYSTR(ident->address));
Edouard@439	1245	assert(!EMPTYSTR(ident->user_id));
Edouard@439	1246	assert(!EMPTYSTR(ident->fpr));
vb@354	1247
Edouard@439	1248	if (!ident \|\| EMPTYSTR(ident->address) \|\| EMPTYSTR(ident->user_id) \|\|
edouard@1945	1249	EMPTYSTR(ident->fpr))
vb@354	1250	return PEP_ILLEGAL_VALUE;
vb@354	1251
vb@354	1252	status = update_identity(session, ident);
vb@354	1253	if (status != PEP_STATUS_OK)
vb@354	1254	return status;
vb@354	1255
vb@356	1256	if (ident->comm_type > PEP_ct_strong_but_unconfirmed) {
vb@356	1257	ident->comm_type \|= PEP_ct_confirmed;
Edouard@488	1258	status = set_identity(session, ident);
vb@356	1259	}
vb@356	1260	else {
vb@356	1261	// MISSING: S/MIME has to be handled depending on trusted CAs
vb@370	1262	status = PEP_CANNOT_SET_TRUST;
vb@356	1263	}
vb@354	1264
vb@354	1265	return status;
vb@354	1266	}
vb@354	1267
Edouard@584	1268	DYNAMIC_API PEP_STATUS own_key_is_listed(
vb@955	1269	PEP_SESSION session,
vb@955	1270	const char *fpr,
vb@955	1271	bool *listed
vb@955	1272	)
Edouard@584	1273	{
Edouard@584	1274	PEP_STATUS status = PEP_STATUS_OK;
Edouard@584	1275	int count;
Edouard@584	1276
Edouard@584	1277	assert(session && fpr && fpr[0] && listed);
Edouard@584	1278
Edouard@584	1279	if (!(session && fpr && fpr[0] && listed))
Edouard@584	1280	return PEP_ILLEGAL_VALUE;
Edouard@584	1281
Edouard@584	1282	*listed = false;
Edouard@584	1283
Edouard@584	1284	sqlite3_reset(session->own_key_is_listed);
Edouard@584	1285	sqlite3_bind_text(session->own_key_is_listed, 1, fpr, -1, SQLITE_STATIC);
Edouard@584	1286
Edouard@584	1287	int result;
Edouard@584	1288
Edouard@584	1289	result = sqlite3_step(session->own_key_is_listed);
Edouard@584	1290	switch (result) {
Edouard@584	1291	case SQLITE_ROW:
Edouard@584	1292	count = sqlite3_column_int(session->own_key_is_listed, 0);
Edouard@584	1293	*listed = count > 0;
krista@2288	1294	status = PEP_STATUS_OK;
Edouard@584	1295	break;
Edouard@584	1296
Edouard@584	1297	default:
Edouard@584	1298	status = PEP_UNKNOWN_ERROR;
Edouard@584	1299	}
Edouard@584	1300
Edouard@584	1301	sqlite3_reset(session->own_key_is_listed);
Edouard@584	1302	return status;
Edouard@584	1303	}
Edouard@584	1304
edouard@1412	1305	PEP_STATUS _own_identities_retrieve(
vb@955	1306	PEP_SESSION session,
edouard@1412	1307	identity_list **own_identities,
edouard@1412	1308	identity_flags_t excluded_flags
vb@955	1309	)
Edouard@584	1310	{
Edouard@584	1311	PEP_STATUS status = PEP_STATUS_OK;
Edouard@584	1312
vb@955	1313	assert(session && own_identities);
vb@955	1314	if (!(session && own_identities))
Edouard@584	1315	return PEP_ILLEGAL_VALUE;
Edouard@584	1316
vb@955	1317	*own_identities = NULL;
vb@955	1318	identity_list *_own_identities = new_identity_list(NULL);
vb@955	1319	if (_own_identities == NULL)
Edouard@584	1320	goto enomem;
Edouard@584	1321
vb@955	1322	sqlite3_reset(session->own_identities_retrieve);
Edouard@584	1323
Edouard@584	1324	int result;
vb@955	1325	// address, fpr, username, user_id, comm_type, lang, flags
vb@955	1326	const char *address = NULL;
Edouard@584	1327	const char *fpr = NULL;
vb@955	1328	const char *username = NULL;
vb@955	1329	const char *user_id = NULL;
vb@955	1330	PEP_comm_type comm_type = PEP_ct_unknown;
vb@955	1331	const char *lang = NULL;
vb@955	1332	unsigned int flags = 0;
Edouard@584	1333
vb@955	1334	identity_list *_bl = _own_identities;
Edouard@584	1335	do {
edouard@1412	1336	sqlite3_bind_int(session->own_identities_retrieve, 1, excluded_flags);
vb@955	1337	result = sqlite3_step(session->own_identities_retrieve);
Edouard@584	1338	switch (result) {
Edouard@584	1339	case SQLITE_ROW:
vb@955	1340	address = (const char *)
vb@955	1341	sqlite3_column_text(session->own_identities_retrieve, 0);
vb@955	1342	fpr = (const char *)
vb@955	1343	sqlite3_column_text(session->own_identities_retrieve, 1);
krista@2301	1344	user_id = (const char *)
krista@2301	1345	sqlite3_column_text(session->own_identities_retrieve, 2);
vb@1071	1346	username = (const char *)
krista@2301	1347	sqlite3_column_text(session->own_identities_retrieve, 3);
vb@1071	1348	comm_type = PEP_ct_pEp;
vb@1071	1349	lang = (const char *)
krista@2301	1350	sqlite3_column_text(session->own_identities_retrieve, 4);
vb@1071	1351	flags = (unsigned int)
krista@2301	1352	sqlite3_column_int(session->own_identities_retrieve, 5);
vb@955	1353
vb@1078	1354	pEp_identity *ident = new_identity(address, fpr, user_id, username);
vb@1079	1355	if (!ident)
Edouard@584	1356	goto enomem;
vb@955	1357	ident->comm_type = comm_type;
vb@955	1358	if (lang && lang[0]) {
vb@955	1359	ident->lang[0] = lang[0];
vb@955	1360	ident->lang[1] = lang[1];
vb@1078	1361	ident->lang[2] = 0;
vb@955	1362	}
krista@2288	1363	ident->me = true;
vb@955	1364	ident->flags = flags;
vb@955	1365
vb@955	1366	_bl = identity_list_add(_bl, ident);
vb@1080	1367	if (_bl == NULL) {
vb@1080	1368	free_identity(ident);
Edouard@584	1369	goto enomem;
vb@1080	1370	}
Edouard@584	1371
Edouard@584	1372	break;
Edouard@584	1373
Edouard@584	1374	case SQLITE_DONE:
Edouard@584	1375	break;
Edouard@584	1376
Edouard@584	1377	default:
Edouard@584	1378	status = PEP_UNKNOWN_ERROR;
Edouard@584	1379	result = SQLITE_DONE;
Edouard@584	1380	}
Edouard@584	1381	} while (result != SQLITE_DONE);
Edouard@584	1382
vb@955	1383	sqlite3_reset(session->own_identities_retrieve);
Edouard@584	1384	if (status == PEP_STATUS_OK)
vb@955	1385	*own_identities = _own_identities;
Edouard@584	1386	else
vb@955	1387	free_identity_list(_own_identities);
Edouard@584	1388
Edouard@584	1389	goto the_end;
Edouard@584	1390
Edouard@584	1391	enomem:
vb@955	1392	free_identity_list(_own_identities);
Edouard@584	1393	status = PEP_OUT_OF_MEMORY;
Edouard@584	1394
Edouard@584	1395	the_end:
Edouard@584	1396	return status;
Edouard@584	1397	}
vb@955	1398
edouard@1412	1399	DYNAMIC_API PEP_STATUS own_identities_retrieve(
edouard@1364	1400	PEP_SESSION session,
edouard@1412	1401	identity_list **own_identities
edouard@1412	1402	)
edouard@1412	1403	{
edouard@1412	1404	return _own_identities_retrieve(session, own_identities, 0);
edouard@1412	1405	}
edouard@1412	1406
edouard@1412	1407	PEP_STATUS _own_keys_retrieve(
edouard@1412	1408	PEP_SESSION session,
edouard@1412	1409	stringlist_t **keylist,
edouard@1412	1410	identity_flags_t excluded_flags
edouard@1364	1411	)
edouard@1364	1412	{
edouard@1364	1413	PEP_STATUS status = PEP_STATUS_OK;
edouard@1364	1414
edouard@1364	1415	assert(session && keylist);
edouard@1364	1416	if (!(session && keylist))
edouard@1364	1417	return PEP_ILLEGAL_VALUE;
edouard@1364	1418
edouard@1364	1419	*keylist = NULL;
edouard@1364	1420	stringlist_t *_keylist = NULL;
edouard@1364	1421
edouard@1394	1422	sqlite3_reset(session->own_keys_retrieve);
edouard@1364	1423
edouard@1364	1424	int result;
edouard@1364	1425	char *fpr = NULL;
edouard@1364	1426
edouard@1364	1427	stringlist_t *_bl = _keylist;
edouard@1364	1428	do {
edouard@1412	1429	sqlite3_bind_int(session->own_keys_retrieve, 1, excluded_flags);
edouard@1394	1430	result = sqlite3_step(session->own_keys_retrieve);
edouard@1364	1431	switch (result) {
edouard@1364	1432	case SQLITE_ROW:
edouard@1394	1433	fpr = strdup((const char *) sqlite3_column_text(session->own_keys_retrieve, 0));
edouard@1364	1434	if(fpr == NULL)
edouard@1364	1435	goto enomem;
edouard@1364	1436
edouard@1364	1437	_bl = stringlist_add(_bl, fpr);
edouard@1364	1438	if (_bl == NULL) {
edouard@1364	1439	free(fpr);
edouard@1364	1440	goto enomem;
edouard@1364	1441	}
edouard@1364	1442	if (_keylist == NULL)
edouard@1364	1443	_keylist = _bl;
edouard@1364	1444
edouard@1364	1445	break;
edouard@1364	1446
edouard@1364	1447	case SQLITE_DONE:
edouard@1364	1448	break;
edouard@1364	1449
edouard@1364	1450	default:
edouard@1364	1451	status = PEP_UNKNOWN_ERROR;
edouard@1364	1452	result = SQLITE_DONE;
edouard@1364	1453	}
edouard@1364	1454	} while (result != SQLITE_DONE);
edouard@1364	1455
edouard@1394	1456	sqlite3_reset(session->own_keys_retrieve);
edouard@1364	1457	if (status == PEP_STATUS_OK)
edouard@1364	1458	*keylist = _keylist;
edouard@1364	1459	else
edouard@1364	1460	free_stringlist(_keylist);
edouard@1364	1461
edouard@1364	1462	goto the_end;
edouard@1364	1463
edouard@1364	1464	enomem:
edouard@1364	1465	free_stringlist(_keylist);
edouard@1364	1466	status = PEP_OUT_OF_MEMORY;
edouard@1364	1467
edouard@1364	1468	the_end:
edouard@1364	1469	return status;
edouard@1364	1470	}
edouard@1364	1471
edouard@1412	1472	DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **keylist)
edouard@1412	1473	{
edouard@1412	1474	return _own_keys_retrieve(session, keylist, 0);
edouard@1412	1475	}
edouard@1412	1476
edouard@1760	1477	// FIXME: should it be be used when sync receive old keys ? (ENGINE-145)
edouard@1394	1478	DYNAMIC_API PEP_STATUS set_own_key(
edouard@1394	1479	PEP_SESSION session,
edouard@1394	1480	const char *address,
edouard@1394	1481	const char *fpr
edouard@1394	1482	)
edouard@1394	1483	{
edouard@1394	1484	PEP_STATUS status = PEP_STATUS_OK;
edouard@1394	1485
edouard@1394	1486	assert(session &&
edouard@1760	1487	address &&
edouard@1394	1488	fpr && fpr[0]
edouard@1394	1489	);
edouard@1394	1490
edouard@1394	1491	if (!(session &&
edouard@1760	1492	address &&
edouard@1394	1493	fpr && fpr[0]
edouard@1394	1494	))
edouard@1394	1495	return PEP_ILLEGAL_VALUE;
krista@2301	1496
krista@2301	1497
krista@2301	1498	// First see if we have it in own identities already, AND we retrieve
krista@2301	1499	// our own user_id
krista@2301	1500	pEp_identity* my_id = NULL;
krista@2301	1501	identity_list* my_identities = NULL;
krista@2301	1502	char* my_user_id = NULL;
krista@2301	1503	status = own_identities_retrieve(session, &my_identities);
edouard@1394	1504
krista@2301	1505	if (status == PEP_STATUS_OK) {
krista@2301	1506	if (my_identities) {
krista@2301	1507	if (!(my_identities->ident && my_identities->ident->user_id))
krista@2301	1508	return PEP_ILLEGAL_VALUE;
krista@2301	1509
krista@2301	1510	my_user_id = strdup(my_identities->ident->user_id);
krista@2301	1511
krista@2301	1512	if (!my_user_id)
krista@2301	1513	return PEP_OUT_OF_MEMORY;
krista@2301	1514
krista@2301	1515	// Probably cheaper than all the strcmps if there are many,
krista@2301	1516	// plus this avoids the capitalisation and . problems:
krista@2301	1517
krista@2301	1518	status = get_identity(session, my_user_id, address, &my_id);
krista@2301	1519
krista@2301	1520	if (status == PEP_STATUS_OK && my_id) {
krista@2304	1521	if (my_id->fpr && strcasecmp(my_id->fpr, fpr) == 0) {
krista@2301	1522	// We're done. It was already here.
krista@2301	1523	// FIXME: Do we check trust/revocation/?
krista@2301	1524	goto pep_free;
krista@2301	1525	}
krista@2301	1526	}
krista@2301	1527
krista@2301	1528	// Otherwise, we see if there's a binding for this user_id/key
krista@2301	1529	// in the trust DB
edouard@1394	1530
krista@2301	1531	// If there's an id w/ user_id + address
krista@2301	1532	if (my_id) {
krista@2301	1533	free(my_id->fpr);
krista@2301	1534	my_id->fpr = my_user_id;
krista@2304	1535	my_id->comm_type = PEP_ct_pEp;
krista@2304	1536	my_id->me = true; // just in case?
krista@2301	1537	}
krista@2301	1538	else { // Else, we need a new identity
krista@2304	1539	my_id = new_identity(address, fpr, my_user_id, NULL);
krista@2301	1540	if (status != PEP_STATUS_OK)
krista@2301	1541	goto pep_free;
krista@2304	1542	my_id->me = true;
krista@2304	1543	my_id->comm_type = PEP_ct_pEp;
krista@2301	1544	}
krista@2301	1545	}
krista@2301	1546	else {
krista@2301	1547	// I think the prerequisite should be that at least one own identity
krista@2301	1548	// already in the DB, so REALLY look at this.
krista@2301	1549	return PEP_CANNOT_FIND_IDENTITY;
krista@2301	1550	}
krista@2301	1551
krista@2301	1552	status = set_identity(session, my_id);
krista@2301	1553	}
edouard@1394	1554
krista@2301	1555	pep_free:
krista@2301	1556	free(my_id);
krista@2301	1557	free(my_user_id);
edouard@1394	1558	return status;
edouard@1394	1559	}
krista@1357	1560
krista@1357	1561	PEP_STATUS contains_priv_key(PEP_SESSION session, const char *fpr,
krista@1357	1562	bool *has_private) {
krista@1357	1563
krista@1357	1564	assert(session);
krista@1357	1565	assert(fpr);
krista@1357	1566	assert(has_private);
krista@1357	1567
krista@1357	1568	if (!(session && fpr && has_private))
krista@1357	1569	return PEP_ILLEGAL_VALUE;
krista@1357	1570
krista@1357	1571	return session->cryptotech[PEP_crypt_OpenPGP].contains_priv_key(session, fpr, has_private);
edouard@1385	1572	}

author	Krista Bennett <krista@pep-project.org>
	Mon, 18 Dec 2017 13:27:42 +0100
branch	ENGINE-289
changeset 2324	de5b5578fc16
parent 2319	93c84d8281d2
child 2325	781d887c83f4
permissions	-rw-r--r--