src/pEpEngine.c
changeset 0 16f27efbef98
child 8 26cc9f0228f4
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/src/pEpEngine.c	Wed Jun 25 18:44:58 2014 +0200
     1.3 @@ -0,0 +1,1869 @@
     1.4 +#define PEP_ENGINE_VERSION "0.4.0"
     1.5 +
     1.6 +// this is 20 safewords with 79 chars max
     1.7 +#define MAX_SAFEWORDS_SPACE (20 * 80)
     1.8 +
     1.9 +// XML parameters string
    1.10 +#define PARMS_MAX 32768
    1.11 +
    1.12 +// maximum busy wait time in ms
    1.13 +#define BUSY_WAIT_TIME 5000
    1.14 +
    1.15 +// maximum line length for reading gpg.conf
    1.16 +#define MAX_LINELENGTH 1024
    1.17 +
    1.18 +// default keyserver
    1.19 +#define DEFAULT_KEYSERVER "hkp://keys.gnupg.net"
    1.20 +
    1.21 +#ifdef WIN32
    1.22 +#include "platform_windows.h"
    1.23 +#define LOCAL_DB windoze_local_db()
    1.24 +#define SYSTEM_DB windoze_system_db()
    1.25 +#define LIBGPGME "libgpgme-11.dll"
    1.26 +#else // UNIX
    1.27 +#define _POSIX_C_SOURCE 200809L
    1.28 +#include <dlfcn.h>
    1.29 +#include "platform_unix.h"
    1.30 +#define LOCAL_DB unix_local_db()
    1.31 +#ifndef SYSTEM_DB
    1.32 +#define SYSTEM_DB "/usr/share/pEp/system.db"
    1.33 +#endif
    1.34 +#ifndef LIBGPGME
    1.35 +#define LIBGPGME "libgpgme-pthread.so"
    1.36 +#endif
    1.37 +#endif
    1.38 +
    1.39 +#include <locale.h>
    1.40 +#include <stdlib.h>
    1.41 +#include <string.h>
    1.42 +#include <assert.h>
    1.43 +#include <stdio.h>
    1.44 +
    1.45 +#ifndef NDEBUG
    1.46 +#include <stdio.h>
    1.47 +#endif
    1.48 +
    1.49 +#include <gpgme.h>
    1.50 +#include "sqlite3.h"
    1.51 +
    1.52 +#define _EXPORT_PEP_ENGINE_DLL
    1.53 +#include "pEpEngine.h"
    1.54 +
    1.55 +#define NOT_IMPLEMENTED assert(0)
    1.56 +
    1.57 +// init
    1.58 +
    1.59 +typedef const char * (*gpgme_check_version_t)(const char*);
    1.60 +typedef gpgme_error_t (*gpgme_set_locale_t)(gpgme_ctx_t CTX, int CATEGORY,
    1.61 +        const char *VALUE);
    1.62 +typedef gpgme_error_t (*gpgme_new_t)(gpgme_ctx_t *CTX);
    1.63 +typedef void (*gpgme_release_t)(gpgme_ctx_t CTX);
    1.64 +typedef gpgme_error_t (*gpgme_set_protocol_t)(gpgme_ctx_t CTX,
    1.65 +        gpgme_protocol_t PROTO);
    1.66 +typedef void (*gpgme_set_armor_t)(gpgme_ctx_t CTX, int YES);
    1.67 +
    1.68 +// data
    1.69 +
    1.70 +typedef gpgme_error_t (*gpgme_data_new_t)(gpgme_data_t *DH);
    1.71 +typedef gpgme_error_t (*gpgme_data_new_from_mem_t)(gpgme_data_t *DH,
    1.72 +        const char *BUFFER, size_t SIZE, int COPY);
    1.73 +typedef void (*gpgme_data_release_t)(gpgme_data_t DH);
    1.74 +typedef gpgme_data_type_t (*gpgme_data_identify_t)(gpgme_data_t DH);
    1.75 +typedef size_t (*gpgme_data_seek_t)(gpgme_data_t DH, size_t OFFSET,
    1.76 +        int WHENCE);
    1.77 +typedef size_t (*gpgme_data_read_t)(gpgme_data_t DH, void *BUFFER,
    1.78 +        size_t LENGTH);
    1.79 +
    1.80 +// encrypt and decrypt
    1.81 +
    1.82 +typedef gpgme_error_t (*gpgme_op_decrypt_t)(gpgme_ctx_t CTX,
    1.83 +        gpgme_data_t CIPHER, gpgme_data_t PLAIN);
    1.84 +typedef gpgme_error_t (*gpgme_op_verify_t)(gpgme_ctx_t CTX, gpgme_data_t SIG,
    1.85 +        gpgme_data_t SIGNED_TEXT, gpgme_data_t PLAIN);
    1.86 +typedef gpgme_error_t (*gpgme_op_decrypt_verify_t)(gpgme_ctx_t CTX,
    1.87 +        gpgme_data_t CIPHER, gpgme_data_t PLAIN);
    1.88 +typedef gpgme_decrypt_result_t (*gpgme_op_decrypt_result_t)(gpgme_ctx_t CTX);
    1.89 +typedef gpgme_error_t (*gpgme_op_encrypt_sign_t)(gpgme_ctx_t CTX,
    1.90 +        gpgme_key_t RECP[], gpgme_encrypt_flags_t FLAGS, gpgme_data_t PLAIN,
    1.91 +        gpgme_data_t CIPHER);
    1.92 +typedef gpgme_verify_result_t (*gpgme_op_verify_result_t)(gpgme_ctx_t CTX);
    1.93 +
    1.94 +// keys
    1.95 +
    1.96 +typedef gpgme_error_t (*gpgme_get_key_t)(gpgme_ctx_t CTX, const char *FPR,
    1.97 +        gpgme_key_t *R_KEY, int SECRET);
    1.98 +typedef gpgme_error_t (*gpgme_op_genkey_t)(gpgme_ctx_t CTX, const char *PARMS,
    1.99 +        gpgme_data_t PUBLIC, gpgme_data_t SECRET);
   1.100 +typedef gpgme_genkey_result_t (*gpgme_op_genkey_result_t)(gpgme_ctx_t CTX);
   1.101 +typedef gpgme_error_t (*gpgme_op_delete_t)(gpgme_ctx_t CTX,
   1.102 +        const gpgme_key_t KEY, int ALLOW_SECRET);
   1.103 +typedef gpgme_error_t (*gpgme_op_import_t)(gpgme_ctx_t CTX,
   1.104 +        gpgme_data_t KEYDATA);
   1.105 +typedef gpgme_error_t (*gpgme_op_export_t)(gpgme_ctx_t CTX,
   1.106 +        const char *PATTERN, gpgme_export_mode_t MODE, gpgme_data_t KEYDATA);
   1.107 +typedef gpgme_error_t (*gpgme_set_keylist_mode_t)(gpgme_ctx_t CTX,
   1.108 +        gpgme_keylist_mode_t MODE);
   1.109 +typedef gpgme_keylist_mode_t (*gpgme_get_keylist_mode_t)(gpgme_ctx_t CTX);
   1.110 +typedef gpgme_error_t (*gpgme_op_keylist_start_t)(gpgme_ctx_t CTX,
   1.111 +        const char *PATTERN, int SECRET_ONLY);
   1.112 +typedef gpgme_error_t (*gpgme_op_keylist_next_t)(gpgme_ctx_t CTX,
   1.113 +        gpgme_key_t *R_KEY);
   1.114 +typedef gpgme_error_t (*gpgme_op_keylist_end_t)(gpgme_ctx_t CTX);
   1.115 +typedef gpgme_error_t (*gpgme_op_import_keys_t)(gpgme_ctx_t CTX,
   1.116 +        gpgme_key_t *KEYS);
   1.117 +typedef void (*gpgme_key_ref_t)(gpgme_key_t KEY);
   1.118 +typedef void (*gpgme_key_unref_t)(gpgme_key_t KEY);
   1.119 +
   1.120 +typedef struct {
   1.121 +	const char *version;
   1.122 +    const char *passphrase;
   1.123 +	void * gpgme;
   1.124 +	gpgme_ctx_t ctx;
   1.125 +
   1.126 +	sqlite3 *db;
   1.127 +	sqlite3 *system_db;
   1.128 +
   1.129 +	sqlite3_stmt *log;
   1.130 +	sqlite3_stmt *safeword;
   1.131 +	sqlite3_stmt *get_identity;
   1.132 +	sqlite3_stmt *set_person;
   1.133 +	sqlite3_stmt *set_pgp_keypair;
   1.134 +	sqlite3_stmt *set_identity;
   1.135 +	sqlite3_stmt *set_trust;
   1.136 +
   1.137 +	gpgme_check_version_t gpgme_check;
   1.138 +	gpgme_set_locale_t gpgme_set_locale;
   1.139 +	gpgme_new_t gpgme_new;
   1.140 +	gpgme_release_t gpgme_release;
   1.141 +	gpgme_set_protocol_t gpgme_set_protocol;
   1.142 +	gpgme_set_armor_t gpgme_set_armor;
   1.143 +
   1.144 +	gpgme_data_new_t gpgme_data_new;
   1.145 +	gpgme_data_new_from_mem_t gpgme_data_new_from_mem;
   1.146 +	gpgme_data_release_t gpgme_data_release;
   1.147 +	gpgme_data_identify_t gpgme_data_identify;
   1.148 +	gpgme_data_seek_t gpgme_data_seek;
   1.149 +	gpgme_data_read_t gpgme_data_read;
   1.150 +
   1.151 +	gpgme_op_decrypt_t gpgme_op_decrypt;
   1.152 +	gpgme_op_verify_t gpgme_op_verify;
   1.153 +	gpgme_op_decrypt_verify_t gpgme_op_decrypt_verify;
   1.154 +	gpgme_op_decrypt_result_t gpgme_op_decrypt_result;
   1.155 +	gpgme_op_encrypt_sign_t gpgme_op_encrypt_sign;
   1.156 +	gpgme_op_verify_result_t gpgme_op_verify_result;
   1.157 +
   1.158 +	gpgme_get_key_t gpgme_get_key;
   1.159 +	gpgme_op_genkey_t gpgme_op_genkey;
   1.160 +    gpgme_op_genkey_result_t gpgme_op_genkey_result;
   1.161 +    gpgme_op_delete_t gpgme_op_delete;
   1.162 +    gpgme_op_import_t gpgme_op_import;
   1.163 +    gpgme_op_export_t gpgme_op_export;
   1.164 +    gpgme_set_keylist_mode_t gpgme_set_keylist_mode;
   1.165 +    gpgme_get_keylist_mode_t gpgme_get_keylist_mode;
   1.166 +    gpgme_op_keylist_start_t gpgme_op_keylist_start;
   1.167 +    gpgme_op_keylist_next_t gpgme_op_keylist_next;
   1.168 +    gpgme_op_keylist_end_t gpgme_op_keylist_end;
   1.169 +    gpgme_op_import_keys_t gpgme_op_import_keys;
   1.170 +    gpgme_key_ref_t gpgme_key_ref;
   1.171 +    gpgme_key_unref_t gpgme_key_unref;
   1.172 +} pEpSession;
   1.173 +
   1.174 +static bool ensure_keyserver()
   1.175 +{
   1.176 +    static char buf[MAX_LINELENGTH];
   1.177 +    int n;
   1.178 +    FILE *f = fopen(gpg_conf(), "r");
   1.179 +
   1.180 +    if (f != NULL) {
   1.181 +        while (!feof(f)) {
   1.182 +            char * s = fgets(buf, MAX_LINELENGTH, f);
   1.183 +            if (s && !feof(f)) {
   1.184 +                char * t = strtok(s, " ");
   1.185 +                if (t && strcmp(t, "keyserver") == 0)
   1.186 +                {
   1.187 +                    fclose(f);
   1.188 +                    return true;
   1.189 +                }
   1.190 +            }
   1.191 +        }
   1.192 +        f = freopen(gpg_conf(), "a", f);
   1.193 +    }
   1.194 +    else {
   1.195 +        f = fopen(gpg_conf(), "w");
   1.196 +    }
   1.197 +
   1.198 +    assert(f);
   1.199 +    if (f == NULL)
   1.200 +        return false;
   1.201 +
   1.202 +    n = fprintf(f, "keyserver %s\n", DEFAULT_KEYSERVER);
   1.203 +    assert(n >= 0);
   1.204 +    fclose(f);
   1.205 +
   1.206 +    return true;
   1.207 +}
   1.208 +
   1.209 +DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
   1.210 +{
   1.211 +	gpgme_error_t gpgme_error;
   1.212 +	int int_result;
   1.213 +	const char *sql_log;
   1.214 +	const char *sql_safeword;
   1.215 +	const char *sql_get_identity;
   1.216 +	const char *sql_set_person;
   1.217 +	const char *sql_set_pgp_keypair;
   1.218 +	const char *sql_set_identity;
   1.219 +	const char *sql_set_trust;
   1.220 +    bool bResult;
   1.221 +
   1.222 +	assert(sqlite3_threadsafe());
   1.223 +	if (!sqlite3_threadsafe())
   1.224 +		return PEP_INIT_SQLITE3_WITHOUT_MUTEX;
   1.225 +
   1.226 +	assert(session);
   1.227 +	*session = NULL;
   1.228 +
   1.229 +    pEpSession *_session = (pEpSession *) calloc(1, sizeof(pEpSession));
   1.230 +	assert(_session);
   1.231 +	if (_session == NULL)
   1.232 +		return PEP_OUT_OF_MEMORY;
   1.233 +	
   1.234 +	_session->version = PEP_ENGINE_VERSION;
   1.235 +
   1.236 +    bResult = ensure_keyserver();
   1.237 +    assert(bResult);
   1.238 +
   1.239 +    // to do: implement something useful
   1.240 +    _session->passphrase = "";
   1.241 +
   1.242 +	_session->gpgme = dlopen(LIBGPGME, RTLD_LAZY);
   1.243 +	if (_session->gpgme == NULL) {
   1.244 +		free(_session);
   1.245 +		return PEP_INIT_CANNOT_LOAD_GPGME;
   1.246 +	}
   1.247 +
   1.248 +	_session->gpgme_set_locale
   1.249 +        = (gpgme_set_locale_t) (intptr_t) dlsym(_session->gpgme,
   1.250 +                "gpgme_set_locale");
   1.251 +	assert(_session->gpgme_set_locale);
   1.252 +
   1.253 +	_session->gpgme_check
   1.254 +        = (gpgme_check_version_t) (intptr_t) dlsym(_session->gpgme,
   1.255 +                "gpgme_check_version");
   1.256 +	assert(_session->gpgme_check);
   1.257 +
   1.258 +	_session->gpgme_new
   1.259 +        = (gpgme_new_t) (intptr_t) dlsym(_session->gpgme, "gpgme_new");
   1.260 +	assert(_session->gpgme_new);
   1.261 +
   1.262 +	_session->gpgme_release
   1.263 +        = (gpgme_release_t) (intptr_t) dlsym(_session->gpgme, "gpgme_release");
   1.264 +	assert(_session->gpgme_release);
   1.265 +
   1.266 +	_session->gpgme_set_protocol
   1.267 +        = (gpgme_set_protocol_t) (intptr_t) dlsym(_session->gpgme,
   1.268 +                "gpgme_set_protocol");
   1.269 +	assert(_session->gpgme_set_protocol);
   1.270 +
   1.271 +	_session->gpgme_set_armor
   1.272 +        = (gpgme_set_armor_t) (intptr_t) dlsym(_session->gpgme,
   1.273 +                "gpgme_set_armor");
   1.274 +	assert(_session->gpgme_set_armor);
   1.275 +
   1.276 +	_session->gpgme_data_new
   1.277 +        = (gpgme_data_new_t) (intptr_t) dlsym(_session->gpgme,
   1.278 +                "gpgme_data_new");
   1.279 +	assert(_session->gpgme_data_new);
   1.280 +
   1.281 +	_session->gpgme_data_new_from_mem
   1.282 +        = (gpgme_data_new_from_mem_t) (intptr_t) dlsym(_session->gpgme,
   1.283 +                "gpgme_data_new_from_mem");
   1.284 +	assert(_session->gpgme_data_new_from_mem);
   1.285 +
   1.286 +	_session->gpgme_data_release
   1.287 +        = (gpgme_data_release_t) (intptr_t) dlsym(_session->gpgme,
   1.288 +                "gpgme_data_release");
   1.289 +	assert(_session->gpgme_data_release);
   1.290 +
   1.291 +	_session->gpgme_data_identify
   1.292 +        = (gpgme_data_identify_t) (intptr_t) dlsym(_session->gpgme,
   1.293 +                "gpgme_data_identify");
   1.294 +	assert(_session->gpgme_data_identify);
   1.295 +
   1.296 +	_session->gpgme_data_seek
   1.297 +        = (gpgme_data_seek_t) (intptr_t) dlsym(_session->gpgme,
   1.298 +                "gpgme_data_seek");
   1.299 +	assert(_session->gpgme_data_seek);
   1.300 +
   1.301 +	_session->gpgme_data_read
   1.302 +        = (gpgme_data_read_t) (intptr_t) dlsym(_session->gpgme,
   1.303 +                "gpgme_data_read");
   1.304 +	assert(_session->gpgme_data_read);
   1.305 +
   1.306 +	_session->gpgme_op_decrypt
   1.307 +        = (gpgme_op_decrypt_t) (intptr_t) dlsym(_session->gpgme,
   1.308 +                "gpgme_op_decrypt");
   1.309 +	assert(_session->gpgme_op_decrypt);
   1.310 +
   1.311 +	_session->gpgme_op_verify
   1.312 +        = (gpgme_op_verify_t) (intptr_t) dlsym(_session->gpgme,
   1.313 +                "gpgme_op_verify");
   1.314 +	assert(_session->gpgme_op_verify);
   1.315 +
   1.316 +	_session->gpgme_op_decrypt_verify
   1.317 +        = (gpgme_op_decrypt_verify_t) (intptr_t) dlsym(_session->gpgme,
   1.318 +                "gpgme_op_decrypt_verify");
   1.319 +	assert(_session->gpgme_op_decrypt_verify);
   1.320 +
   1.321 +	_session->gpgme_op_decrypt_result
   1.322 +        = (gpgme_op_decrypt_result_t) (intptr_t) dlsym(_session->gpgme,
   1.323 +                "gpgme_op_decrypt_result");
   1.324 +	assert(_session->gpgme_op_decrypt_result);
   1.325 +
   1.326 +	_session->gpgme_op_encrypt_sign
   1.327 +        = (gpgme_op_encrypt_sign_t) (intptr_t) dlsym(_session->gpgme,
   1.328 +                "gpgme_op_encrypt_sign");
   1.329 +	assert(_session->gpgme_op_encrypt_sign);
   1.330 +
   1.331 +	_session->gpgme_op_verify_result
   1.332 +        = (gpgme_op_verify_result_t) (intptr_t) dlsym(_session->gpgme,
   1.333 +                "gpgme_op_verify_result");
   1.334 +	assert(_session->gpgme_op_verify_result);
   1.335 +	
   1.336 +	_session->gpgme_get_key
   1.337 +        = (gpgme_get_key_t) (intptr_t) dlsym(_session->gpgme, "gpgme_get_key");
   1.338 +	assert(_session->gpgme_get_key);
   1.339 +
   1.340 +	_session->gpgme_op_genkey
   1.341 +        = (gpgme_op_genkey_t) (intptr_t) dlsym(_session->gpgme,
   1.342 +                "gpgme_op_genkey");
   1.343 +	assert(_session->gpgme_op_genkey);
   1.344 +
   1.345 +	_session->gpgme_op_genkey_result
   1.346 +        = (gpgme_op_genkey_result_t) (intptr_t) dlsym(_session->gpgme,
   1.347 +                "gpgme_op_genkey_result");
   1.348 +	assert(_session->gpgme_op_genkey_result);
   1.349 +
   1.350 +    _session->gpgme_op_delete = (gpgme_op_delete_t) (intptr_t)
   1.351 +        dlsym(_session->gpgme, "gpgme_op_delete");
   1.352 +	assert(_session->gpgme_op_delete);
   1.353 +
   1.354 +    _session->gpgme_op_import = (gpgme_op_import_t) (intptr_t)
   1.355 +        dlsym(_session->gpgme, "gpgme_op_import");
   1.356 +	assert(_session->gpgme_op_import);
   1.357 +
   1.358 +    _session->gpgme_op_export = (gpgme_op_export_t) (intptr_t)
   1.359 +        dlsym(_session->gpgme, "gpgme_op_export");
   1.360 +	assert(_session->gpgme_op_export);
   1.361 +
   1.362 +    _session->gpgme_set_keylist_mode = (gpgme_set_keylist_mode_t) (intptr_t)
   1.363 +        dlsym(_session->gpgme, "gpgme_set_keylist_mode");
   1.364 +	assert(_session->gpgme_set_keylist_mode);
   1.365 +
   1.366 +    _session->gpgme_get_keylist_mode = (gpgme_get_keylist_mode_t) (intptr_t)
   1.367 +        dlsym(_session->gpgme, "gpgme_get_keylist_mode");
   1.368 +	assert(_session->gpgme_get_keylist_mode);
   1.369 +
   1.370 +    _session->gpgme_op_keylist_start = (gpgme_op_keylist_start_t) (intptr_t)
   1.371 +        dlsym(_session->gpgme, "gpgme_op_keylist_start");
   1.372 +	assert(_session->gpgme_op_keylist_start);
   1.373 +
   1.374 +    _session->gpgme_op_keylist_next = (gpgme_op_keylist_next_t) (intptr_t)
   1.375 +        dlsym(_session->gpgme, "gpgme_op_keylist_next");
   1.376 +	assert(_session->gpgme_op_keylist_next);
   1.377 +
   1.378 +    _session->gpgme_op_keylist_end = (gpgme_op_keylist_end_t) (intptr_t)
   1.379 +        dlsym(_session->gpgme, "gpgme_op_keylist_end");
   1.380 +	assert(_session->gpgme_op_keylist_end);
   1.381 +
   1.382 +    _session->gpgme_op_import_keys = (gpgme_op_import_keys_t) (intptr_t)
   1.383 +        dlsym(_session->gpgme, "gpgme_op_import_keys");
   1.384 +	assert(_session->gpgme_op_import_keys);
   1.385 +
   1.386 +    _session->gpgme_key_ref = (gpgme_key_ref_t) (intptr_t)
   1.387 +        dlsym(_session->gpgme, "gpgme_key_ref");
   1.388 +	assert(_session->gpgme_key_ref);
   1.389 +
   1.390 +    _session->gpgme_key_unref = (gpgme_key_unref_t) (intptr_t)
   1.391 +        dlsym(_session->gpgme, "gpgme_key_unref");
   1.392 +	assert(_session->gpgme_key_unref);
   1.393 +
   1.394 +	setlocale(LC_ALL, "");
   1.395 +	_session->version = _session->gpgme_check(NULL);
   1.396 +	_session->gpgme_set_locale(NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));
   1.397 +
   1.398 +	gpgme_error = _session->gpgme_new(&_session->ctx);
   1.399 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
   1.400 +		dlclose(_session->gpgme);
   1.401 +		free(_session);
   1.402 +		return PEP_INIT_GPGME_INIT_FAILED;
   1.403 +	}
   1.404 +
   1.405 +    gpgme_error = _session->gpgme_set_protocol(_session->ctx,
   1.406 +            GPGME_PROTOCOL_OpenPGP);
   1.407 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
   1.408 +
   1.409 +	_session->gpgme_set_armor(_session->ctx, 1);
   1.410 +
   1.411 +    assert(LOCAL_DB);
   1.412 +    if (LOCAL_DB == NULL) {
   1.413 +		_session->gpgme_release(_session->ctx);
   1.414 +		dlclose(_session->gpgme);
   1.415 +        free(_session);
   1.416 +        return PEP_INIT_CANNOT_OPEN_DB;
   1.417 +    }
   1.418 +
   1.419 +	int_result = sqlite3_open_v2(
   1.420 +			LOCAL_DB,
   1.421 +			&_session->db,
   1.422 +			SQLITE_OPEN_READWRITE
   1.423 +				| SQLITE_OPEN_CREATE
   1.424 +				| SQLITE_OPEN_FULLMUTEX
   1.425 +				| SQLITE_OPEN_PRIVATECACHE,
   1.426 +			NULL 
   1.427 +		);
   1.428 +
   1.429 +	if (int_result != SQLITE_OK) {
   1.430 +		sqlite3_close_v2(_session->db);
   1.431 +		_session->gpgme_release(_session->ctx);
   1.432 +		dlclose(_session->gpgme);
   1.433 +		free(_session);
   1.434 +		return PEP_INIT_CANNOT_OPEN_DB;
   1.435 +	}
   1.436 +
   1.437 +	sqlite3_busy_timeout(_session->db, BUSY_WAIT_TIME);
   1.438 +
   1.439 +    assert(SYSTEM_DB);
   1.440 +    if (SYSTEM_DB == NULL) {
   1.441 +		sqlite3_close_v2(_session->db);
   1.442 +		_session->gpgme_release(_session->ctx);
   1.443 +		dlclose(_session->gpgme);
   1.444 +		free(_session);
   1.445 +		return PEP_INIT_CANNOT_OPEN_SYSTEM_DB;
   1.446 +    }
   1.447 +
   1.448 +	int_result = sqlite3_open_v2(
   1.449 +			SYSTEM_DB, &_session->system_db,
   1.450 +			SQLITE_OPEN_READONLY
   1.451 +				| SQLITE_OPEN_FULLMUTEX
   1.452 +				| SQLITE_OPEN_SHAREDCACHE,
   1.453 +			NULL
   1.454 +		);
   1.455 +
   1.456 +	if (int_result != SQLITE_OK) {
   1.457 +		sqlite3_close_v2(_session->system_db);
   1.458 +		sqlite3_close_v2(_session->db);
   1.459 +		_session->gpgme_release(_session->ctx);
   1.460 +		dlclose(_session->gpgme);
   1.461 +		free(_session);
   1.462 +		return PEP_INIT_CANNOT_OPEN_SYSTEM_DB;
   1.463 +	}
   1.464 +
   1.465 +	sqlite3_busy_timeout(_session->system_db, 1000);
   1.466 +
   1.467 +	int_result = sqlite3_exec(
   1.468 +		_session->db,
   1.469 +			"create table if not exists version_info ("
   1.470 +			"	id integer primary key,"
   1.471 +			"	timestamp integer default (datetime('now')) ,"
   1.472 +			"	version text,"
   1.473 +			"	comment text"
   1.474 +			");"
   1.475 +			"create table if not exists log ("
   1.476 +			"	timestamp integer default (datetime('now')) ,"
   1.477 +			"	title text not null,"
   1.478 +			"	entity text not null,"
   1.479 +			"	description text,"
   1.480 +			"	comment text"
   1.481 +			");"
   1.482 +			"create index if not exists log_timestamp on log ("
   1.483 +			"	timestamp"
   1.484 +			");"
   1.485 +			"create table if not exists pgp_keypair ("
   1.486 +			"	fpr text primary key,"
   1.487 +			"	public_id text unique,"
   1.488 +			"   private_id text,"
   1.489 +			"	created integer,"
   1.490 +			"	expires integer,"
   1.491 +			"	comment text"
   1.492 +			");"
   1.493 +            "create index if not exists pgp_keypair_expires on pgp_keypair ("
   1.494 +			"	expires"
   1.495 +			");"
   1.496 +			"create table if not exists person ("
   1.497 +			"	id text primary key,"
   1.498 +			"	username text not null,"
   1.499 +			"	main_key_id text"
   1.500 +			"		references pgp_keypair (fpr)"
   1.501 +			"		on delete set null,"
   1.502 +			"   lang text,"
   1.503 +			"	comment text"
   1.504 +			");"
   1.505 +			"create table if not exists identity ("
   1.506 +			"	address text primary key,"
   1.507 +			"	user_id text"
   1.508 +			"		references person (id)"
   1.509 +			"		on delete cascade,"
   1.510 +			"	main_key_id text"
   1.511 +			"		references pgp_keypair (fpr)"
   1.512 +			"		on delete set null,"
   1.513 +			"	comment text"
   1.514 +			");"
   1.515 +            "create table if not exists trust ("
   1.516 +            "   user_id text not null"
   1.517 +            "       references person (id)"
   1.518 +			"		on delete cascade,"
   1.519 +            "   pgp_keypair_fpr text not null"
   1.520 +            "       references pgp_keypair (fpr)"
   1.521 +            "       on delete cascade,"
   1.522 +            "   comm_type integer not null,"
   1.523 +			"	comment text"
   1.524 +            ");"
   1.525 +            "create unique index if not exists trust_index on trust ("
   1.526 +            "   user_id,"
   1.527 +            "   pgp_keypair_fpr"
   1.528 +            ");",
   1.529 +		NULL,
   1.530 +		NULL,
   1.531 +		NULL
   1.532 +	);
   1.533 +	assert(int_result == SQLITE_OK);
   1.534 +
   1.535 +	int_result = sqlite3_exec(
   1.536 +		_session->db,
   1.537 +        "insert or replace into version_info (id, version) values (1, '1.0');",
   1.538 +		NULL,
   1.539 +		NULL,
   1.540 +		NULL
   1.541 +	);
   1.542 +	assert(int_result == SQLITE_OK);
   1.543 +
   1.544 +	sql_log = "insert into log (title, entity, description, comment)"
   1.545 +			  "values (?1, ?2, ?3, ?4);";
   1.546 +    int_result = sqlite3_prepare_v2(_session->db, sql_log, strlen(sql_log),
   1.547 +            &_session->log, NULL);
   1.548 +	assert(int_result == SQLITE_OK);
   1.549 +
   1.550 +	sql_safeword = "select id, word from wordlist where lang = lower(?1)"
   1.551 +                   "and id = ?2 ;";
   1.552 +    int_result = sqlite3_prepare_v2(_session->system_db, sql_safeword,
   1.553 +            strlen(sql_safeword), &_session->safeword, NULL);
   1.554 +	assert(int_result == SQLITE_OK);
   1.555 +
   1.556 +	sql_get_identity =	"select fpr, identity.user_id, username, comm_type, lang"
   1.557 +                        "   from identity"
   1.558 +						"   join person on id = identity.user_id"
   1.559 +						"   join pgp_keypair on fpr = identity.main_key_id"
   1.560 +                        "   join trust on id = trust.user_id"
   1.561 +                        "       and pgp_keypair_fpr = identity.main_key_id"
   1.562 +						"   where address = ?1 ;";
   1.563 +
   1.564 +    int_result = sqlite3_prepare_v2(_session->db, sql_get_identity,
   1.565 +            strlen(sql_get_identity), &_session->get_identity, NULL);
   1.566 +	assert(int_result == SQLITE_OK);
   1.567 +
   1.568 +	sql_set_person = "insert or replace into person (id, username, lang)"
   1.569 +                     "values (?1, ?2, ?3) ;";
   1.570 +	sql_set_pgp_keypair = "insert or replace into pgp_keypair (fpr)"
   1.571 +                          "values (?1) ;";
   1.572 +    sql_set_identity = "insert or replace into identity (address, main_key_id,"
   1.573 +                       "user_id) values (?1, ?2, ?3) ;";
   1.574 +    sql_set_trust = "insert or replace into trust (user_id, pgp_keypair_fpr, comm_type)"
   1.575 +                        "values (?1, ?2, ?3) ;";
   1.576 +	
   1.577 +    int_result = sqlite3_prepare_v2(_session->db, sql_set_person,
   1.578 +            strlen(sql_set_person), &_session->set_person, NULL);
   1.579 +    assert(int_result == SQLITE_OK);
   1.580 +    int_result = sqlite3_prepare_v2(_session->db, sql_set_pgp_keypair,
   1.581 +            strlen(sql_set_pgp_keypair), &_session->set_pgp_keypair, NULL);
   1.582 +	assert(int_result == SQLITE_OK);
   1.583 +    int_result = sqlite3_prepare_v2(_session->db, sql_set_identity,
   1.584 +            strlen(sql_set_identity), &_session->set_identity, NULL);
   1.585 +	assert(int_result == SQLITE_OK);
   1.586 +    int_result = sqlite3_prepare_v2(_session->db, sql_set_trust,
   1.587 +            strlen(sql_set_trust), &_session->set_trust, NULL);
   1.588 +	assert(int_result == SQLITE_OK);
   1.589 +
   1.590 +	sqlite3_reset(_session->log);
   1.591 +    sqlite3_bind_text(_session->log, 1, "init", -1, SQLITE_STATIC);
   1.592 +    sqlite3_bind_text(_session->log, 2, "pEp " PEP_ENGINE_VERSION, -1,
   1.593 +            SQLITE_STATIC);
   1.594 +	do {
   1.595 +		int_result = sqlite3_step(_session->log);
   1.596 +		assert(int_result == SQLITE_DONE || int_result == SQLITE_BUSY);
   1.597 +	} while (int_result == SQLITE_BUSY);
   1.598 +    sqlite3_reset(_session->log);
   1.599 +
   1.600 +	*session = (void *) _session;
   1.601 +	return PEP_STATUS_OK;
   1.602 +}
   1.603 +
   1.604 +DYNAMIC_API void release(PEP_SESSION session)
   1.605 +{
   1.606 +	assert(session);
   1.607 +	pEpSession *_session = (pEpSession *) session;
   1.608 +
   1.609 +	if (_session) {
   1.610 +		if (_session->db) {
   1.611 +			sqlite3_finalize(_session->safeword);
   1.612 +			sqlite3_finalize(_session->log);
   1.613 +			sqlite3_finalize(_session->get_identity);
   1.614 +			sqlite3_finalize(_session->set_identity);
   1.615 +			sqlite3_close_v2(_session->db);
   1.616 +			sqlite3_close_v2(_session->system_db);
   1.617 +		}
   1.618 +		if (_session->ctx)
   1.619 +			_session->gpgme_release(_session->ctx);
   1.620 +		dlclose(_session->gpgme);
   1.621 +	}
   1.622 +	free(_session);
   1.623 +}
   1.624 +
   1.625 +stringlist_t *new_stringlist(const char *value)
   1.626 +{
   1.627 +    stringlist_t *result = (stringlist_t *) calloc(1, sizeof(stringlist_t));
   1.628 +    if (result && value) {
   1.629 +        result->value = strdup(value);
   1.630 +        assert(result->value);
   1.631 +        if (result->value == 0) {
   1.632 +            free(result);
   1.633 +            return NULL;
   1.634 +        }
   1.635 +    }
   1.636 +    return result;
   1.637 +}
   1.638 +
   1.639 +stringlist_t *stringlist_add(stringlist_t *stringlist, const char *value)
   1.640 +{
   1.641 +    assert(value);
   1.642 +
   1.643 +    if (stringlist == NULL)
   1.644 +        return new_stringlist(value);
   1.645 +
   1.646 +    if (stringlist->next != NULL)
   1.647 +        return stringlist_add(stringlist->next, value);
   1.648 +
   1.649 +    if (stringlist->value == NULL) {
   1.650 +        stringlist->value = strdup(value);
   1.651 +        assert(stringlist->value);
   1.652 +        if (stringlist->value == NULL)
   1.653 +            return NULL;
   1.654 +        return stringlist;
   1.655 +    }
   1.656 +
   1.657 +    stringlist->next = new_stringlist(value);
   1.658 +    assert(stringlist->next);
   1.659 +    if (stringlist->next == NULL)
   1.660 +        return NULL;
   1.661 +
   1.662 +    return stringlist->next;
   1.663 +}
   1.664 +
   1.665 +int stringlist_length(const stringlist_t *stringlist)
   1.666 +{
   1.667 +    int len = 1;
   1.668 +    stringlist_t *_stringlist;
   1.669 +
   1.670 +    assert(stringlist);
   1.671 +
   1.672 +    if (stringlist->value == NULL)
   1.673 +        return 0;
   1.674 +
   1.675 +    for (_stringlist=stringlist->next; _stringlist!=NULL; _stringlist=_stringlist->next)
   1.676 +        len += 1;
   1.677 +
   1.678 +    return len;
   1.679 +}
   1.680 +
   1.681 +void free_stringlist(stringlist_t *stringlist)
   1.682 +{
   1.683 +    if (stringlist) {
   1.684 +        free_stringlist(stringlist->next);
   1.685 +        free(stringlist->value);
   1.686 +        free(stringlist);
   1.687 +    }
   1.688 +}
   1.689 +
   1.690 +DYNAMIC_API PEP_STATUS decrypt_and_verify(
   1.691 +        PEP_SESSION session, const char *ctext, size_t csize,
   1.692 +        char **ptext, size_t *psize, stringlist_t **keylist
   1.693 +    )
   1.694 +{
   1.695 +	pEpSession *_session = (pEpSession *) session;
   1.696 +
   1.697 +	PEP_STATUS result;
   1.698 +	gpgme_error_t gpgme_error;
   1.699 +	gpgme_data_t cipher, plain;
   1.700 +	gpgme_data_type_t dt;
   1.701 +
   1.702 +	stringlist_t *_keylist = NULL;
   1.703 +	int i_key = 0;
   1.704 +
   1.705 +	assert(_session);
   1.706 +	assert(ctext);
   1.707 +	assert(csize);
   1.708 +	assert(ptext);
   1.709 +	assert(psize);
   1.710 +	assert(keylist);
   1.711 +
   1.712 +	*ptext = NULL;
   1.713 +	*psize = 0;
   1.714 +	*keylist = NULL;
   1.715 +
   1.716 +    gpgme_error = _session->gpgme_data_new_from_mem(&cipher, ctext, csize, 0);
   1.717 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
   1.718 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
   1.719 +		if (gpgme_error == GPG_ERR_ENOMEM)
   1.720 +			return PEP_OUT_OF_MEMORY;
   1.721 +		else
   1.722 +			return PEP_UNKNOWN_ERROR;
   1.723 +	}
   1.724 +
   1.725 +	gpgme_error = _session->gpgme_data_new(&plain);
   1.726 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
   1.727 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
   1.728 +		_session->gpgme_data_release(cipher);
   1.729 +		if (gpgme_error == GPG_ERR_ENOMEM)
   1.730 +			return PEP_OUT_OF_MEMORY;
   1.731 +		else
   1.732 +			return PEP_UNKNOWN_ERROR;
   1.733 +	}
   1.734 +
   1.735 +	dt = _session->gpgme_data_identify(cipher);
   1.736 +	switch (dt) {
   1.737 +	case GPGME_DATA_TYPE_PGP_SIGNED:
   1.738 +	case GPGME_DATA_TYPE_PGP_OTHER:
   1.739 +        gpgme_error = _session->gpgme_op_decrypt_verify(_session->ctx, cipher,
   1.740 +                plain);
   1.741 +		assert(gpgme_error != GPG_ERR_INV_VALUE);
   1.742 +		assert(gpgme_error != GPG_ERR_NO_DATA);
   1.743 +
   1.744 +		switch (gpgme_error) {
   1.745 +		case GPG_ERR_NO_ERROR:
   1.746 +			{
   1.747 +				gpgme_verify_result_t gpgme_verify_result;
   1.748 +                char *_buffer = NULL;
   1.749 +				size_t reading;
   1.750 +                size_t length = _session->gpgme_data_seek(plain, 0, SEEK_END);
   1.751 +                gpgme_signature_t gpgme_signature;
   1.752 +
   1.753 +				assert(length != -1);
   1.754 +				_session->gpgme_data_seek(plain, 0, SEEK_SET);
   1.755 +
   1.756 +				// TODO: make things less memory consuming
   1.757 +                // the following algorithm allocates memory for the complete
   1.758 +                // text
   1.759 +
   1.760 +                _buffer = malloc(length + 1);
   1.761 +                assert(_buffer);
   1.762 +                if (_buffer == NULL) {
   1.763 +                    _session->gpgme_data_release(plain);
   1.764 +                    _session->gpgme_data_release(cipher);
   1.765 +                    return PEP_OUT_OF_MEMORY;
   1.766 +                }
   1.767 +
   1.768 +                reading = _session->gpgme_data_read(plain, _buffer, length);
   1.769 +				assert(length == reading);
   1.770 +
   1.771 +                gpgme_verify_result =
   1.772 +                    _session->gpgme_op_verify_result(_session->ctx);
   1.773 +				assert(gpgme_verify_result);
   1.774 +                gpgme_signature = gpgme_verify_result->signatures;
   1.775 +
   1.776 +				if (gpgme_signature) {
   1.777 +                    stringlist_t *k;
   1.778 +                    _keylist = new_stringlist(NULL);
   1.779 +                    assert(_keylist);
   1.780 +                    if (_keylist == NULL) {
   1.781 +						_session->gpgme_data_release(plain);
   1.782 +						_session->gpgme_data_release(cipher);
   1.783 +                        free(_buffer);
   1.784 +                        return PEP_OUT_OF_MEMORY;
   1.785 +                    }
   1.786 +                    k = _keylist;
   1.787 +
   1.788 +                    result = PEP_DECRYPTED_AND_VERIFIED;
   1.789 +					do {
   1.790 +                        switch (gpgme_signature->status) {
   1.791 +                        case GPG_ERR_NO_ERROR:
   1.792 +                            k = stringlist_add(k, gpgme_signature->fpr);
   1.793 +                            break;
   1.794 +                        case GPG_ERR_CERT_REVOKED:
   1.795 +                        case GPG_ERR_BAD_SIGNATURE:
   1.796 +                            result = PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH;
   1.797 +                            break;
   1.798 +                        case GPG_ERR_SIG_EXPIRED:
   1.799 +                        case GPG_ERR_KEY_EXPIRED:
   1.800 +                        case GPG_ERR_NO_PUBKEY:
   1.801 +                            k = stringlist_add(k, gpgme_signature->fpr);
   1.802 +                            if (result == PEP_DECRYPTED_AND_VERIFIED)
   1.803 +                                result = PEP_DECRYPTED;
   1.804 +                            break;
   1.805 +                        case GPG_ERR_GENERAL:
   1.806 +                            break;
   1.807 +                        default:
   1.808 +                            if (result == PEP_DECRYPTED_AND_VERIFIED)
   1.809 +                                result = PEP_DECRYPTED;
   1.810 +                            break;
   1.811 +                        }
   1.812 +					} while ((gpgme_signature = gpgme_signature->next));
   1.813 +				} else {
   1.814 +					result = PEP_DECRYPTED;
   1.815 +				}
   1.816 +
   1.817 +				if (result == PEP_DECRYPTED_AND_VERIFIED
   1.818 +                        || result == PEP_DECRYPTED) {
   1.819 +					*ptext = _buffer;
   1.820 +					*psize = reading;
   1.821 +                    (*ptext)[*psize] = 0; // safeguard for naive users
   1.822 +					*keylist = _keylist;
   1.823 +				}
   1.824 +                else {
   1.825 +                    free_stringlist(_keylist);
   1.826 +                    free(_buffer);
   1.827 +	            }
   1.828 +				break;
   1.829 +			}
   1.830 +		case GPG_ERR_DECRYPT_FAILED:
   1.831 +			result = PEP_DECRYPT_WRONG_FORMAT;
   1.832 +			break;
   1.833 +		case GPG_ERR_BAD_PASSPHRASE:
   1.834 +			NOT_IMPLEMENTED;
   1.835 +		default:
   1.836 +			result = PEP_CANNOT_DECRYPT_UNKNOWN;
   1.837 +		}
   1.838 +		break;
   1.839 +
   1.840 +	default:
   1.841 +		result = PEP_DECRYPT_WRONG_FORMAT;
   1.842 +	}
   1.843 +
   1.844 +	_session->gpgme_data_release(plain);
   1.845 +	_session->gpgme_data_release(cipher);
   1.846 +	return result;
   1.847 +}
   1.848 +
   1.849 +DYNAMIC_API PEP_STATUS verify_text(
   1.850 +        PEP_SESSION session, const char *text, size_t size,
   1.851 +        const char *signature, size_t sig_size, stringlist_t **keylist
   1.852 +    )
   1.853 +{
   1.854 +	pEpSession *_session = (pEpSession *) session;
   1.855 +
   1.856 +	PEP_STATUS result;
   1.857 +	gpgme_error_t gpgme_error;
   1.858 +	gpgme_data_t d_text, d_sig;
   1.859 +    stringlist_t *_keylist;
   1.860 +
   1.861 +    assert(session);
   1.862 +    assert(text);
   1.863 +    assert(size);
   1.864 +    assert(signature);
   1.865 +    assert(sig_size);
   1.866 +    assert(keylist);
   1.867 +
   1.868 +    *keylist = NULL;
   1.869 +
   1.870 +    gpgme_error = _session->gpgme_data_new_from_mem(&d_text, text, size, 0);
   1.871 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
   1.872 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
   1.873 +		if (gpgme_error == GPG_ERR_ENOMEM)
   1.874 +			return PEP_OUT_OF_MEMORY;
   1.875 +		else
   1.876 +			return PEP_UNKNOWN_ERROR;
   1.877 +	}
   1.878 +
   1.879 +    gpgme_error = _session->gpgme_data_new_from_mem(&d_sig, signature, sig_size, 0);
   1.880 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
   1.881 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
   1.882 +		_session->gpgme_data_release(d_text);
   1.883 +		if (gpgme_error == GPG_ERR_ENOMEM)
   1.884 +			return PEP_OUT_OF_MEMORY;
   1.885 +		else
   1.886 +			return PEP_UNKNOWN_ERROR;
   1.887 +	}
   1.888 +
   1.889 +    gpgme_error = _session->gpgme_op_verify(_session->ctx, d_sig, d_text, NULL);
   1.890 +    assert(gpgme_error != GPG_ERR_INV_VALUE);
   1.891 +
   1.892 +    switch (gpgme_error) {
   1.893 +    case GPG_ERR_NO_ERROR:
   1.894 +        {
   1.895 +            gpgme_verify_result_t gpgme_verify_result;
   1.896 +            gpgme_signature_t gpgme_signature;
   1.897 +
   1.898 +            gpgme_verify_result =
   1.899 +                _session->gpgme_op_verify_result(_session->ctx);
   1.900 +            assert(gpgme_verify_result);
   1.901 +            gpgme_signature = gpgme_verify_result->signatures;
   1.902 +
   1.903 +            if (gpgme_signature) {
   1.904 +                stringlist_t *k;
   1.905 +                _keylist = new_stringlist(NULL);
   1.906 +                assert(_keylist);
   1.907 +                if (_keylist == NULL) {
   1.908 +                    _session->gpgme_data_release(d_text);
   1.909 +                    _session->gpgme_data_release(d_sig);
   1.910 +                    return PEP_OUT_OF_MEMORY;
   1.911 +                }
   1.912 +                k = _keylist;
   1.913 +
   1.914 +                result = PEP_VERIFIED;
   1.915 +                do {
   1.916 +                    k = stringlist_add(k, gpgme_signature->fpr);
   1.917 +                    if (k == NULL) {
   1.918 +                        free_stringlist(_keylist);
   1.919 +                        _session->gpgme_data_release(d_text);
   1.920 +                        _session->gpgme_data_release(d_sig);
   1.921 +                        return PEP_OUT_OF_MEMORY;
   1.922 +                    }
   1.923 +                    if (gpgme_signature->summary & GPGME_SIGSUM_RED) {
   1.924 +                        if (gpgme_signature->summary & GPGME_SIGSUM_KEY_EXPIRED
   1.925 +                                || gpgme_signature->summary & GPGME_SIGSUM_SIG_EXPIRED) {
   1.926 +                            if (result == PEP_VERIFIED
   1.927 +                                    || result == PEP_VERIFIED_AND_TRUSTED)
   1.928 +                                result = PEP_UNENCRYPTED;
   1.929 +                        }
   1.930 +                        else {
   1.931 +                            result = PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH;
   1.932 +                            break;
   1.933 +                        }
   1.934 +                    }
   1.935 +                    else {
   1.936 +                        if (gpgme_signature->summary & GPGME_SIGSUM_VALID) {
   1.937 +                            if (result == PEP_VERIFIED)
   1.938 +                                result = PEP_VERIFIED_AND_TRUSTED;
   1.939 +                        }
   1.940 +                        if (gpgme_signature->summary & GPGME_SIGSUM_GREEN) {
   1.941 +                            // good
   1.942 +                        }
   1.943 +                        else if (gpgme_signature->summary & GPGME_SIGSUM_KEY_MISSING) {
   1.944 +                            result = PEP_VERIFY_NO_KEY;
   1.945 +                        }
   1.946 +                        else if (gpgme_signature->summary & GPGME_SIGSUM_SYS_ERROR) {
   1.947 +                            if (result == PEP_VERIFIED
   1.948 +                                    || result == PEP_VERIFIED_AND_TRUSTED)
   1.949 +                                result = PEP_UNENCRYPTED;
   1.950 +                        }
   1.951 +                        else {
   1.952 +                            // do nothing
   1.953 +                        }
   1.954 +                    }
   1.955 +                } while ((gpgme_signature = gpgme_signature->next));
   1.956 +                *keylist = _keylist;
   1.957 +            } else {
   1.958 +                result = PEP_UNENCRYPTED;
   1.959 +            }
   1.960 +            break;
   1.961 +        }
   1.962 +        break;
   1.963 +    case GPG_ERR_NO_DATA:
   1.964 +        result = PEP_DECRYPT_WRONG_FORMAT;
   1.965 +        break;
   1.966 +    case GPG_ERR_INV_VALUE:
   1.967 +    default:
   1.968 +        result = PEP_UNKNOWN_ERROR;
   1.969 +        break;
   1.970 +    }
   1.971 +
   1.972 +    _session->gpgme_data_release(d_text);
   1.973 +    _session->gpgme_data_release(d_sig);
   1.974 +
   1.975 +    return result;
   1.976 +}
   1.977 +
   1.978 +DYNAMIC_API PEP_STATUS encrypt_and_sign(
   1.979 +        PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   1.980 +        size_t psize, char **ctext, size_t *csize
   1.981 +    )
   1.982 +{
   1.983 +	pEpSession *_session = (pEpSession *) session;
   1.984 +
   1.985 +	PEP_STATUS result;
   1.986 +	gpgme_error_t gpgme_error;
   1.987 +	gpgme_data_t plain, cipher;
   1.988 +	gpgme_key_t *rcpt;
   1.989 +	gpgme_encrypt_flags_t flags;
   1.990 +	const stringlist_t *_keylist;
   1.991 +    int i, j;
   1.992 +
   1.993 +	assert(_session);
   1.994 +	assert(keylist);
   1.995 +	assert(ptext);
   1.996 +	assert(psize);
   1.997 +	assert(ctext);
   1.998 +	assert(csize);
   1.999 +
  1.1000 +	*ctext = NULL;
  1.1001 +	*csize = 0;
  1.1002 +
  1.1003 +    gpgme_error = _session->gpgme_data_new_from_mem(&plain, ptext, psize, 0);
  1.1004 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
  1.1005 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
  1.1006 +		if (gpgme_error == GPG_ERR_ENOMEM)
  1.1007 +			return PEP_OUT_OF_MEMORY;
  1.1008 +		else
  1.1009 +			return PEP_UNKNOWN_ERROR;
  1.1010 +	}
  1.1011 +
  1.1012 +	gpgme_error = _session->gpgme_data_new(&cipher);
  1.1013 +	assert(gpgme_error == GPG_ERR_NO_ERROR);
  1.1014 +	if (gpgme_error != GPG_ERR_NO_ERROR) {
  1.1015 +		_session->gpgme_data_release(plain);
  1.1016 +		if (gpgme_error == GPG_ERR_ENOMEM)
  1.1017 +			return PEP_OUT_OF_MEMORY;
  1.1018 +		else
  1.1019 +			return PEP_UNKNOWN_ERROR;
  1.1020 +	}
  1.1021 +
  1.1022 +    rcpt = (gpgme_key_t *) calloc(stringlist_length(keylist) + 1,
  1.1023 +            sizeof(gpgme_key_t));
  1.1024 +	assert(rcpt);
  1.1025 +	if (rcpt == NULL) {
  1.1026 +		_session->gpgme_data_release(plain);
  1.1027 +		_session->gpgme_data_release(cipher);
  1.1028 +		return PEP_OUT_OF_MEMORY;
  1.1029 +	}
  1.1030 +
  1.1031 +    for (_keylist=keylist, i=0; _keylist!=NULL; _keylist=_keylist->next, i++) {
  1.1032 +		assert(_keylist->value);
  1.1033 +        gpgme_error = _session->gpgme_get_key(_session->ctx, _keylist->value,
  1.1034 +                &rcpt[i], 0);
  1.1035 +		assert(gpgme_error != GPG_ERR_ENOMEM);
  1.1036 +
  1.1037 +		switch (gpgme_error) {
  1.1038 +		case GPG_ERR_ENOMEM:
  1.1039 +            for (j=0; j<i; j++)
  1.1040 +                _session->gpgme_key_unref(rcpt[j]);
  1.1041 +			free(rcpt);
  1.1042 +			_session->gpgme_data_release(plain);
  1.1043 +			_session->gpgme_data_release(cipher);
  1.1044 +			return PEP_OUT_OF_MEMORY;
  1.1045 +		case GPG_ERR_NO_ERROR:
  1.1046 +			break;
  1.1047 +		case GPG_ERR_EOF:
  1.1048 +            for (j=0; j<i; j++)
  1.1049 +                _session->gpgme_key_unref(rcpt[j]);
  1.1050 +			free(rcpt);
  1.1051 +			_session->gpgme_data_release(plain);
  1.1052 +			_session->gpgme_data_release(cipher);
  1.1053 +			return PEP_KEY_NOT_FOUND;
  1.1054 +		case GPG_ERR_AMBIGUOUS_NAME:
  1.1055 +            for (j=0; j<i; j++)
  1.1056 +                _session->gpgme_key_unref(rcpt[j]);
  1.1057 +			free(rcpt);
  1.1058 +			_session->gpgme_data_release(plain);
  1.1059 +			_session->gpgme_data_release(cipher);
  1.1060 +			return PEP_KEY_HAS_AMBIG_NAME;
  1.1061 +        default: // GPG_ERR_INV_VALUE if CTX or R_KEY is not a valid pointer or
  1.1062 +                 // FPR is not a fingerprint or key ID
  1.1063 +            for (j=0; j<i; j++)
  1.1064 +                _session->gpgme_key_unref(rcpt[j]);
  1.1065 +			free(rcpt);
  1.1066 +			_session->gpgme_data_release(plain);
  1.1067 +			_session->gpgme_data_release(cipher);
  1.1068 +			return PEP_GET_KEY_FAILED;
  1.1069 +		}
  1.1070 +	}
  1.1071 +
  1.1072 +	// TODO: remove that and replace with proper key management
  1.1073 +	flags  = GPGME_ENCRYPT_ALWAYS_TRUST;
  1.1074 +
  1.1075 +    gpgme_error = _session->gpgme_op_encrypt_sign(_session->ctx, rcpt, flags,
  1.1076 +            plain, cipher);
  1.1077 +	switch (gpgme_error) {
  1.1078 +	case GPG_ERR_NO_ERROR:
  1.1079 +		{
  1.1080 +            char *_buffer = NULL;
  1.1081 +			size_t reading;
  1.1082 +            size_t length = _session->gpgme_data_seek(cipher, 0, SEEK_END);
  1.1083 +            assert(length != -1);
  1.1084 +			_session->gpgme_data_seek(cipher, 0, SEEK_SET);
  1.1085 +
  1.1086 +			// TODO: make things less memory consuming
  1.1087 +            // the following algorithm allocates a buffer for the complete text
  1.1088 +
  1.1089 +            _buffer = (char *) malloc(length + 1);
  1.1090 +            assert(_buffer);
  1.1091 +            if (_buffer == NULL) {
  1.1092 +                for (j=0; j<stringlist_length(keylist); j++)
  1.1093 +                    _session->gpgme_key_unref(rcpt[j]);
  1.1094 +                free(rcpt);
  1.1095 +                _session->gpgme_data_release(plain);
  1.1096 +                _session->gpgme_data_release(cipher);
  1.1097 +                return PEP_OUT_OF_MEMORY;
  1.1098 +            }
  1.1099 +
  1.1100 +            reading = _session->gpgme_data_read(cipher, _buffer, length);
  1.1101 +			assert(length == reading);
  1.1102 +
  1.1103 +			*ctext = _buffer;
  1.1104 +			*csize = reading;
  1.1105 +			(*ctext)[*csize] = 0; // safeguard for naive users
  1.1106 +			result = PEP_STATUS_OK;
  1.1107 +			break;
  1.1108 +		}
  1.1109 +	default:
  1.1110 +		result = PEP_UNKNOWN_ERROR;
  1.1111 +	}
  1.1112 +
  1.1113 +    for (j=0; j<stringlist_length(keylist); j++)
  1.1114 +        _session->gpgme_key_unref(rcpt[j]);
  1.1115 +	free(rcpt);
  1.1116 +	_session->gpgme_data_release(plain);
  1.1117 +	_session->gpgme_data_release(cipher);
  1.1118 +	return result;
  1.1119 +}
  1.1120 +
  1.1121 +DYNAMIC_API PEP_STATUS log_event(
  1.1122 +        PEP_SESSION session, const char *title, const char *entity,
  1.1123 +        const char *description, const char *comment
  1.1124 +    )
  1.1125 +{
  1.1126 +	pEpSession *_session = (pEpSession *) session;
  1.1127 +	PEP_STATUS status = PEP_STATUS_OK;
  1.1128 +	int result;
  1.1129 +
  1.1130 +	assert(_session);
  1.1131 +	assert(title);
  1.1132 +	assert(entity);
  1.1133 +
  1.1134 +	sqlite3_reset(_session->log);
  1.1135 +	sqlite3_bind_text(_session->log, 1, title, -1, SQLITE_STATIC);
  1.1136 +	sqlite3_bind_text(_session->log, 2, entity, -1, SQLITE_STATIC);
  1.1137 +	if (description)
  1.1138 +        sqlite3_bind_text(_session->log, 3, description, -1, SQLITE_STATIC);
  1.1139 +	else
  1.1140 +		sqlite3_bind_null(_session->log, 3);
  1.1141 +	if (comment)
  1.1142 +		sqlite3_bind_text(_session->log, 4, comment, -1, SQLITE_STATIC);
  1.1143 +	else
  1.1144 +		sqlite3_bind_null(_session->log, 4);
  1.1145 +	do {
  1.1146 +		result = sqlite3_step(_session->log);
  1.1147 +		assert(result == SQLITE_DONE || result == SQLITE_BUSY);
  1.1148 +		if (result != SQLITE_DONE && result != SQLITE_BUSY)
  1.1149 +			status = PEP_UNKNOWN_ERROR;
  1.1150 +	} while (result == SQLITE_BUSY);
  1.1151 +	sqlite3_reset(_session->log);
  1.1152 +
  1.1153 +	return status;
  1.1154 +}
  1.1155 +
  1.1156 +DYNAMIC_API PEP_STATUS safeword(
  1.1157 +            PEP_SESSION session, uint16_t value, const char *lang,
  1.1158 +            char **word, size_t *wsize
  1.1159 +        )
  1.1160 +{
  1.1161 +	pEpSession *_session = (pEpSession *) session;
  1.1162 +	PEP_STATUS status = PEP_STATUS_OK;
  1.1163 +	int result;
  1.1164 +
  1.1165 +	assert(_session);
  1.1166 +	assert(word);
  1.1167 +	assert(wsize);
  1.1168 +
  1.1169 +	*word = NULL;
  1.1170 +	*wsize = 0;
  1.1171 +
  1.1172 +	if (lang == NULL)
  1.1173 +		lang = "en";
  1.1174 +
  1.1175 +	assert((lang[0] >= 'A' && lang[0] <= 'Z')
  1.1176 +            || (lang[0] >= 'a' && lang[0] <= 'z'));
  1.1177 +	assert((lang[1] >= 'A' && lang[1] <= 'Z')
  1.1178 +            || (lang[1] >= 'a' && lang[1] <= 'z'));
  1.1179 +	assert(lang[2] == 0);
  1.1180 +
  1.1181 +	sqlite3_reset(_session->safeword);
  1.1182 +    sqlite3_bind_text(_session->safeword, 1, lang, -1, SQLITE_STATIC);
  1.1183 +	sqlite3_bind_int(_session->safeword, 2, value);
  1.1184 +
  1.1185 +	result = sqlite3_step(_session->safeword);
  1.1186 +	if (result == SQLITE_ROW) {
  1.1187 +        *word = strdup((const char *) sqlite3_column_text(_session->safeword,
  1.1188 +                    1));
  1.1189 +		if (*word)
  1.1190 +            *wsize = sqlite3_column_bytes(_session->safeword, 1);
  1.1191 +		else
  1.1192 +			status = PEP_SAFEWORD_NOT_FOUND;
  1.1193 +	} else
  1.1194 +		status = PEP_SAFEWORD_NOT_FOUND;
  1.1195 +
  1.1196 +	sqlite3_reset(_session->safeword);
  1.1197 +	return status;
  1.1198 +}
  1.1199 +
  1.1200 +DYNAMIC_API PEP_STATUS safewords(
  1.1201 +        PEP_SESSION session, const char *fingerprint, const char *lang,
  1.1202 +        char **words, size_t *wsize, int max_words
  1.1203 +    )
  1.1204 +{
  1.1205 +	const char *source = fingerprint;
  1.1206 +	char *buffer = calloc(1, MAX_SAFEWORDS_SPACE);
  1.1207 +	char *dest = buffer;
  1.1208 +	size_t fsize;
  1.1209 +    PEP_STATUS _status;
  1.1210 +
  1.1211 +	assert(session);
  1.1212 +	assert(fingerprint);
  1.1213 +	assert(words);
  1.1214 +	assert(wsize);
  1.1215 +	assert(max_words >= 0);
  1.1216 +
  1.1217 +	*words = NULL;
  1.1218 +	*wsize = 0;
  1.1219 +
  1.1220 +    assert(buffer);
  1.1221 +    if (buffer == NULL)
  1.1222 +        return PEP_OUT_OF_MEMORY;
  1.1223 +
  1.1224 +	fsize = strlen(fingerprint);
  1.1225 +
  1.1226 +	if (lang == NULL)
  1.1227 +		lang = "en";
  1.1228 +
  1.1229 +	assert((lang[0] >= 'A' && lang[0] <= 'Z')
  1.1230 +            || (lang[0] >= 'a' && lang[0] <= 'z'));
  1.1231 +	assert((lang[1] >= 'A' && lang[1] <= 'Z')
  1.1232 +            || (lang[1] >= 'a' && lang[1] <= 'z'));
  1.1233 +	assert(lang[2] == 0);
  1.1234 +
  1.1235 +	int n_words = 0;
  1.1236 +	while (source < fingerprint + fsize) {
  1.1237 +		uint16_t value;
  1.1238 +		char *word;
  1.1239 +		size_t _wsize;
  1.1240 +		int j;
  1.1241 +
  1.1242 +        for (value=0, j=0; j < 4 && source < fingerprint + fsize; ) {
  1.1243 +			if (*source >= 'a' && *source <= 'f')
  1.1244 +				value += (*source - 'a' + 10) << (3 - j++) * 4;
  1.1245 +			else if (*source >= 'A' && *source <= 'F')
  1.1246 +				value += (*source - 'A' + 10) << (3 - j++) * 4;
  1.1247 +			else if (*source >= '0' && *source <= '9')
  1.1248 +				value += (*source - '0') << (3 - j++) * 4;
  1.1249 +			
  1.1250 +			source++;
  1.1251 +		}
  1.1252 +
  1.1253 +		_status = safeword(session, value, lang, &word, &_wsize);
  1.1254 +        if (_status == PEP_OUT_OF_MEMORY) {
  1.1255 +            free(buffer);
  1.1256 +            return PEP_OUT_OF_MEMORY;
  1.1257 +        }
  1.1258 +		if (word == NULL) {
  1.1259 +            free(buffer);
  1.1260 +			return PEP_SAFEWORD_NOT_FOUND;
  1.1261 +        }
  1.1262 +
  1.1263 +		if (dest + _wsize < buffer + MAX_SAFEWORDS_SPACE - 1) {
  1.1264 +			strncpy(dest, word, _wsize);
  1.1265 +            free(word);
  1.1266 +			dest += _wsize;
  1.1267 +		}
  1.1268 +		else {
  1.1269 +            free(word);
  1.1270 +			break; // buffer full
  1.1271 +        }
  1.1272 +
  1.1273 +		if (source < fingerprint + fsize
  1.1274 +                && dest + _wsize < buffer + MAX_SAFEWORDS_SPACE - 1)
  1.1275 +			*dest++ = ' ';
  1.1276 +
  1.1277 +		++n_words;
  1.1278 +		if (max_words && n_words >= max_words)
  1.1279 +			break;
  1.1280 +	}
  1.1281 +
  1.1282 +	*words = buffer;
  1.1283 +	*wsize = dest - buffer;
  1.1284 +	return PEP_STATUS_OK;
  1.1285 +}
  1.1286 +
  1.1287 +pEp_identity *new_identity(
  1.1288 +        const char *address, const char *fpr, const char *user_id,
  1.1289 +        const char *username
  1.1290 +    )
  1.1291 +{
  1.1292 +    pEp_identity *result = calloc(1, sizeof(pEp_identity));
  1.1293 +    assert(result);
  1.1294 +    if (result) {
  1.1295 +        if (address) {
  1.1296 +            result->address = strdup(address);
  1.1297 +            assert(result->address);
  1.1298 +            if (result->address == NULL) {
  1.1299 +                free(result);
  1.1300 +                return NULL;
  1.1301 +            }
  1.1302 +            result->address_size = strlen(address);
  1.1303 +        }
  1.1304 +        if (fpr) {
  1.1305 +            result->fpr = strdup(fpr);
  1.1306 +            assert(result->fpr);
  1.1307 +            if (result->fpr == NULL) {
  1.1308 +                free_identity(result);
  1.1309 +                return NULL;
  1.1310 +            }
  1.1311 +            result->fpr_size = strlen(fpr);
  1.1312 +        }
  1.1313 +        if (user_id) {
  1.1314 +            result->user_id = strdup(user_id);
  1.1315 +            assert(result->user_id);
  1.1316 +            if (result->user_id == NULL) {
  1.1317 +                free_identity(result);
  1.1318 +                return NULL;
  1.1319 +            }
  1.1320 +            result->user_id_size = strlen(user_id);
  1.1321 +        }
  1.1322 +        if (username) {
  1.1323 +            result->username = strdup(username);
  1.1324 +            assert(result->username);
  1.1325 +            if (result->username == NULL) {
  1.1326 +                free_identity(result);
  1.1327 +                return NULL;
  1.1328 +            }
  1.1329 +            result->username_size = strlen(username);
  1.1330 +        }
  1.1331 +        result->struct_size = sizeof(pEp_identity);
  1.1332 +    }
  1.1333 +    return result;
  1.1334 +}
  1.1335 +
  1.1336 +void free_identity(pEp_identity *identity)
  1.1337 +{
  1.1338 +    if (identity) {
  1.1339 +        free(identity->address);
  1.1340 +        free(identity->fpr);
  1.1341 +        free(identity->user_id);
  1.1342 +        free(identity->username);
  1.1343 +        free(identity);
  1.1344 +    }
  1.1345 +}
  1.1346 +
  1.1347 +DYNAMIC_API PEP_STATUS get_identity(
  1.1348 +        PEP_SESSION session, const char *address,
  1.1349 +        pEp_identity **identity
  1.1350 +    )
  1.1351 +{
  1.1352 +	pEpSession *_session = (pEpSession *) session;
  1.1353 +	PEP_STATUS status = PEP_STATUS_OK;
  1.1354 +	static pEp_identity *_identity;
  1.1355 +	int result;
  1.1356 +	const char *_lang;
  1.1357 +
  1.1358 +	assert(session);
  1.1359 +	assert(address);
  1.1360 +
  1.1361 +    sqlite3_reset(_session->get_identity);
  1.1362 +    sqlite3_bind_text(_session->get_identity, 1, address, -1, SQLITE_STATIC);
  1.1363 +
  1.1364 +    result = sqlite3_step(_session->get_identity);
  1.1365 +	switch (result) {
  1.1366 +	case SQLITE_ROW:
  1.1367 +        _identity = new_identity(
  1.1368 +                address,
  1.1369 +                (const char *) sqlite3_column_text(_session->get_identity, 0),
  1.1370 +                (const char *) sqlite3_column_text(_session->get_identity, 1),
  1.1371 +                (const char *) sqlite3_column_text(_session->get_identity, 2)
  1.1372 +                );
  1.1373 +        assert(_identity);
  1.1374 +        if (_identity == NULL)
  1.1375 +            return PEP_OUT_OF_MEMORY;
  1.1376 +
  1.1377 +        _identity->comm_type = (PEP_comm_type) sqlite3_column_int(_session->get_identity, 3);
  1.1378 +        _lang = (const char *) sqlite3_column_text(_session->get_identity, 4);
  1.1379 +        if (_lang && _lang[0]) {
  1.1380 +			assert(_lang[0] >= 'a' && _lang[0] <= 'z');
  1.1381 +			assert(_lang[1] >= 'a' && _lang[1] <= 'z');
  1.1382 +			assert(_lang[2] == 0);
  1.1383 +			_identity->lang[0] = _lang[0];
  1.1384 +			_identity->lang[1] = _lang[1];
  1.1385 +            _identity->lang[2] = 0;
  1.1386 +		}
  1.1387 +		*identity = _identity;
  1.1388 +		break;
  1.1389 +	default:
  1.1390 +        status = PEP_CANNOT_FIND_IDENTITY;
  1.1391 +		*identity = NULL;
  1.1392 +	}
  1.1393 +
  1.1394 +    sqlite3_reset(_session->get_identity);
  1.1395 +	return status;
  1.1396 +}
  1.1397 +
  1.1398 +DYNAMIC_API PEP_STATUS set_identity(
  1.1399 +        PEP_SESSION session, const pEp_identity *identity
  1.1400 +    )
  1.1401 +{
  1.1402 +	pEpSession *_session = (pEpSession *) session;
  1.1403 +	int result;
  1.1404 +
  1.1405 +	assert(session);
  1.1406 +	assert(identity);
  1.1407 +	assert(identity->address);
  1.1408 +	assert(identity->fpr);
  1.1409 +	assert(identity->user_id);
  1.1410 +	assert(identity->username);
  1.1411 +
  1.1412 +	sqlite3_exec(_session->db, "BEGIN ;", NULL, NULL, NULL);
  1.1413 +
  1.1414 +	sqlite3_reset(_session->set_person);
  1.1415 +    sqlite3_bind_text(_session->set_person, 1, identity->user_id, -1,
  1.1416 +            SQLITE_STATIC);
  1.1417 +    sqlite3_bind_text(_session->set_person, 2, identity->username, -1,
  1.1418 +            SQLITE_STATIC);
  1.1419 +	if (identity->lang[0])
  1.1420 +        sqlite3_bind_text(_session->set_person, 3, identity->lang, 1,
  1.1421 +                SQLITE_STATIC);
  1.1422 +	else
  1.1423 +		sqlite3_bind_null(_session->set_person, 3);
  1.1424 +	result = sqlite3_step(_session->set_person);
  1.1425 +	sqlite3_reset(_session->set_person);
  1.1426 +	if (result != SQLITE_DONE) {
  1.1427 +		sqlite3_exec(_session->db, "ROLLBACK ;", NULL, NULL, NULL);
  1.1428 +		return PEP_CANNOT_SET_PERSON;
  1.1429 +	}
  1.1430 +
  1.1431 +	sqlite3_reset(_session->set_pgp_keypair);
  1.1432 +    sqlite3_bind_text(_session->set_pgp_keypair, 1, identity->fpr, -1,
  1.1433 +            SQLITE_STATIC);
  1.1434 +	result = sqlite3_step(_session->set_pgp_keypair);
  1.1435 +	sqlite3_reset(_session->set_pgp_keypair);
  1.1436 +	if (result != SQLITE_DONE) {
  1.1437 +		sqlite3_exec(_session->db, "ROLLBACK ;", NULL, NULL, NULL);
  1.1438 +		return PEP_CANNOT_SET_PGP_KEYPAIR;
  1.1439 +	}
  1.1440 +
  1.1441 +	sqlite3_reset(_session->set_identity);
  1.1442 +    sqlite3_bind_text(_session->set_identity, 1, identity->address, -1,
  1.1443 +            SQLITE_STATIC);
  1.1444 +    sqlite3_bind_text(_session->set_identity, 2, identity->fpr, -1,
  1.1445 +            SQLITE_STATIC);
  1.1446 +    sqlite3_bind_text(_session->set_identity, 3, identity->user_id, -1,
  1.1447 +            SQLITE_STATIC);
  1.1448 +	result = sqlite3_step(_session->set_identity);
  1.1449 +	sqlite3_reset(_session->set_identity);
  1.1450 +	if (result != SQLITE_DONE) {
  1.1451 +		sqlite3_exec(_session->db, "ROLLBACK ;", NULL, NULL, NULL);
  1.1452 +		return PEP_CANNOT_SET_IDENTITY;
  1.1453 +	}
  1.1454 +
  1.1455 +	sqlite3_reset(_session->set_trust);
  1.1456 +    sqlite3_bind_text(_session->set_trust, 1, identity->user_id, -1,
  1.1457 +            SQLITE_STATIC);
  1.1458 +    sqlite3_bind_text(_session->set_trust, 2, identity->fpr, -1,
  1.1459 +            SQLITE_STATIC);
  1.1460 +	sqlite3_bind_int(_session->set_trust, 3, identity->comm_type);
  1.1461 +	result = sqlite3_step(_session->set_trust);
  1.1462 +	sqlite3_reset(_session->set_trust);
  1.1463 +	if (result != SQLITE_DONE) {
  1.1464 +		sqlite3_exec(_session->db, "ROLLBACK ;", NULL, NULL, NULL);
  1.1465 +		return PEP_CANNOT_SET_IDENTITY;
  1.1466 +	}
  1.1467 +
  1.1468 +    result = sqlite3_exec(_session->db, "COMMIT ;", NULL, NULL, NULL);
  1.1469 +	if (result == SQLITE_OK)
  1.1470 +		return PEP_STATUS_OK;
  1.1471 +	else
  1.1472 +		return PEP_COMMIT_FAILED;
  1.1473 +}
  1.1474 +
  1.1475 +DYNAMIC_API PEP_STATUS generate_keypair(
  1.1476 +        PEP_SESSION session, pEp_identity *identity
  1.1477 +    )
  1.1478 +{
  1.1479 +	pEpSession *_session = (pEpSession *) session;
  1.1480 +	gpgme_error_t gpgme_error;
  1.1481 +    char *parms;
  1.1482 +    const char *template =
  1.1483 +        "<GnupgKeyParms format=\"internal\">\n"
  1.1484 +        "Key-Type: RSA\n"
  1.1485 +        "Key-Length: 4096\n"
  1.1486 +        "Name-Real: %s\n"
  1.1487 +        "Name-Email: %s\n"
  1.1488 +        /* "Passphrase: %s\n" */
  1.1489 +        "Expire-Date: 1y\n"
  1.1490 +        "</GnupgKeyParms>\n";
  1.1491 +    int result;
  1.1492 +    gpgme_genkey_result_t gpgme_genkey_result;
  1.1493 +
  1.1494 +    assert(session);
  1.1495 +    assert(identity);
  1.1496 +    assert(identity->address);
  1.1497 +    assert(identity->fpr == NULL);
  1.1498 +    assert(identity->username);
  1.1499 +    
  1.1500 +    parms = calloc(1, PARMS_MAX);
  1.1501 +    assert(parms);
  1.1502 +    if (parms == NULL)
  1.1503 +        return PEP_OUT_OF_MEMORY;
  1.1504 +
  1.1505 +    result = snprintf(parms, PARMS_MAX, template, identity->username,
  1.1506 +            identity->address); // , _session->passphrase);
  1.1507 +    assert(result < PARMS_MAX);
  1.1508 +    if (result >= PARMS_MAX) {
  1.1509 +        free(parms);
  1.1510 +        return PEP_BUFFER_TOO_SMALL;
  1.1511 +    }
  1.1512 +
  1.1513 +    gpgme_error = _session->gpgme_op_genkey(_session->ctx, parms, NULL, NULL);
  1.1514 +    free(parms);
  1.1515 +
  1.1516 +    switch (gpgme_error) {
  1.1517 +    case GPG_ERR_NO_ERROR:
  1.1518 +        break;
  1.1519 +    case GPG_ERR_INV_VALUE:
  1.1520 +        return PEP_ILLEGAL_VALUE;
  1.1521 +    case GPG_ERR_GENERAL:
  1.1522 +        return PEP_CANNOT_CREATE_KEY;
  1.1523 +    default:
  1.1524 +        assert(0);
  1.1525 +        return PEP_UNKNOWN_ERROR;
  1.1526 +    }
  1.1527 +
  1.1528 +    gpgme_genkey_result = _session->gpgme_op_genkey_result(_session->ctx);
  1.1529 +    assert(gpgme_genkey_result);
  1.1530 +    assert(gpgme_genkey_result->fpr);
  1.1531 +
  1.1532 +    identity->fpr = strdup(gpgme_genkey_result->fpr);
  1.1533 +
  1.1534 +    return PEP_STATUS_OK;
  1.1535 +}
  1.1536 +
  1.1537 +PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr)
  1.1538 +{
  1.1539 +	pEpSession *_session = (pEpSession *) session;
  1.1540 +	gpgme_error_t gpgme_error;
  1.1541 +    gpgme_key_t key;
  1.1542 +
  1.1543 +    assert(session);
  1.1544 +    assert(fpr);
  1.1545 +
  1.1546 +    gpgme_error = _session->gpgme_get_key(_session->ctx, fpr, &key, 0);
  1.1547 +    assert(gpgme_error != GPG_ERR_ENOMEM);
  1.1548 +    switch (gpgme_error) {
  1.1549 +    case GPG_ERR_NO_ERROR:
  1.1550 +        break;
  1.1551 +    case GPG_ERR_EOF:
  1.1552 +        return PEP_KEY_NOT_FOUND;
  1.1553 +    case GPG_ERR_INV_VALUE:
  1.1554 +        return PEP_ILLEGAL_VALUE;
  1.1555 +    case GPG_ERR_AMBIGUOUS_NAME:
  1.1556 +        return PEP_KEY_HAS_AMBIG_NAME;
  1.1557 +    case GPG_ERR_ENOMEM:
  1.1558 +        return PEP_OUT_OF_MEMORY;
  1.1559 +    default:
  1.1560 +        assert(0);
  1.1561 +        return PEP_UNKNOWN_ERROR;
  1.1562 +    }
  1.1563 +
  1.1564 +    gpgme_error = _session->gpgme_op_delete(_session->ctx, key, 1);
  1.1565 +    _session->gpgme_key_unref(key);
  1.1566 +    switch (gpgme_error) {
  1.1567 +    case GPG_ERR_NO_ERROR:
  1.1568 +        break;
  1.1569 +    case GPG_ERR_INV_VALUE:
  1.1570 +        assert(0);
  1.1571 +        return PEP_UNKNOWN_ERROR;
  1.1572 +    case GPG_ERR_NO_PUBKEY:
  1.1573 +        assert(0);
  1.1574 +        return PEP_KEY_NOT_FOUND;
  1.1575 +    case GPG_ERR_AMBIGUOUS_NAME:
  1.1576 +        assert(0);
  1.1577 +        return PEP_KEY_HAS_AMBIG_NAME;
  1.1578 +    default:
  1.1579 +        assert(0);
  1.1580 +        return PEP_UNKNOWN_ERROR;
  1.1581 +    }
  1.1582 +
  1.1583 +    return PEP_STATUS_OK;
  1.1584 +}
  1.1585 +
  1.1586 +PEP_STATUS import_key(PEP_SESSION session, const char *key_data, size_t size)
  1.1587 +{
  1.1588 +	pEpSession *_session = (pEpSession *) session;
  1.1589 +	gpgme_error_t gpgme_error;
  1.1590 +    gpgme_data_t dh;
  1.1591 +
  1.1592 +    assert(session);
  1.1593 +    assert(key_data);
  1.1594 +
  1.1595 +    gpgme_error = _session->gpgme_data_new_from_mem(&dh, key_data, size, 0);
  1.1596 +    assert(gpgme_error != GPG_ERR_ENOMEM);
  1.1597 +    switch (gpgme_error) {
  1.1598 +    case GPG_ERR_NO_ERROR:
  1.1599 +        break;
  1.1600 +    case GPG_ERR_ENOMEM:
  1.1601 +        return PEP_OUT_OF_MEMORY;
  1.1602 +    case GPG_ERR_INV_VALUE:
  1.1603 +        assert(0);
  1.1604 +        return PEP_UNKNOWN_ERROR;
  1.1605 +    default:
  1.1606 +        assert(0);
  1.1607 +        return PEP_UNKNOWN_ERROR;
  1.1608 +    }
  1.1609 +
  1.1610 +    gpgme_error = _session->gpgme_op_import(_session->ctx, dh);
  1.1611 +    switch (gpgme_error) {
  1.1612 +    case GPG_ERR_NO_ERROR:
  1.1613 +        break;
  1.1614 +    case GPG_ERR_INV_VALUE:
  1.1615 +        assert(0);
  1.1616 +        _session->gpgme_data_release(dh);
  1.1617 +        return PEP_UNKNOWN_ERROR;
  1.1618 +    case GPG_ERR_NO_DATA:
  1.1619 +        _session->gpgme_data_release(dh);
  1.1620 +        return PEP_ILLEGAL_VALUE;
  1.1621 +    default:
  1.1622 +        assert(0);
  1.1623 +        _session->gpgme_data_release(dh);
  1.1624 +        return PEP_UNKNOWN_ERROR;
  1.1625 +    }
  1.1626 +
  1.1627 +    _session->gpgme_data_release(dh);
  1.1628 +    return PEP_STATUS_OK;
  1.1629 +}
  1.1630 +
  1.1631 +PEP_STATUS export_key(
  1.1632 +        PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1.1633 +    )
  1.1634 +{
  1.1635 +	pEpSession *_session = (pEpSession *) session;
  1.1636 +	gpgme_error_t gpgme_error;
  1.1637 +    gpgme_data_t dh;
  1.1638 +    size_t _size;
  1.1639 +    char *buffer;
  1.1640 +    int reading;
  1.1641 +
  1.1642 +    assert(session);
  1.1643 +    assert(fpr);
  1.1644 +    assert(key_data);
  1.1645 +    assert(size);
  1.1646 +
  1.1647 +    gpgme_error = _session->gpgme_data_new(&dh);
  1.1648 +    assert(gpgme_error != GPG_ERR_ENOMEM);
  1.1649 +    switch (gpgme_error) {
  1.1650 +    case GPG_ERR_NO_ERROR:
  1.1651 +        break;
  1.1652 +    case GPG_ERR_ENOMEM:
  1.1653 +        return PEP_OUT_OF_MEMORY;
  1.1654 +    case GPG_ERR_INV_VALUE:
  1.1655 +        assert(0);
  1.1656 +        return PEP_UNKNOWN_ERROR;
  1.1657 +    default:
  1.1658 +        assert(0);
  1.1659 +        return PEP_UNKNOWN_ERROR;
  1.1660 +    }
  1.1661 +
  1.1662 +    gpgme_error = _session->gpgme_op_export(_session->ctx, fpr,
  1.1663 +            GPGME_EXPORT_MODE_MINIMAL, dh);
  1.1664 +    switch (gpgme_error) {
  1.1665 +    case GPG_ERR_NO_ERROR:
  1.1666 +        break;
  1.1667 +    case GPG_ERR_EOF:
  1.1668 +        _session->gpgme_data_release(dh);
  1.1669 +        return PEP_KEY_NOT_FOUND;
  1.1670 +    case GPG_ERR_INV_VALUE:
  1.1671 +        assert(0);
  1.1672 +        _session->gpgme_data_release(dh);
  1.1673 +        return PEP_UNKNOWN_ERROR;
  1.1674 +    default:
  1.1675 +        assert(0);
  1.1676 +        _session->gpgme_data_release(dh);
  1.1677 +        return PEP_UNKNOWN_ERROR;
  1.1678 +    };
  1.1679 +
  1.1680 +    _size = _session->gpgme_data_seek(dh, 0, SEEK_END);
  1.1681 +    assert(_size != -1);
  1.1682 +    _session->gpgme_data_seek(dh, 0, SEEK_SET);
  1.1683 +
  1.1684 +    buffer = malloc(_size + 1);
  1.1685 +    assert(buffer);
  1.1686 +    if (buffer == NULL) {
  1.1687 +        _session->gpgme_data_release(dh);
  1.1688 +        return PEP_OUT_OF_MEMORY;
  1.1689 +    }
  1.1690 +
  1.1691 +    reading = _session->gpgme_data_read(dh, buffer, _size);
  1.1692 +    assert(_size == reading);
  1.1693 +
  1.1694 +    // safeguard for the naive user
  1.1695 +    buffer[_size] = 0;
  1.1696 +
  1.1697 +    *key_data = buffer;
  1.1698 +    *size = _size;
  1.1699 +
  1.1700 +    _session->gpgme_data_release(dh);
  1.1701 +    return PEP_STATUS_OK;
  1.1702 +}
  1.1703 +
  1.1704 +static void _switch_mode(pEpSession *_session, gpgme_keylist_mode_t remove_mode,
  1.1705 +        gpgme_keylist_mode_t add_mode)
  1.1706 +{
  1.1707 +	gpgme_error_t gpgme_error;
  1.1708 +    gpgme_keylist_mode_t mode;
  1.1709 +
  1.1710 +    mode = _session->gpgme_get_keylist_mode(_session->ctx);
  1.1711 +
  1.1712 +    mode &= ~remove_mode;
  1.1713 +    mode |= add_mode;
  1.1714 +
  1.1715 +    gpgme_error = _session->gpgme_set_keylist_mode(_session->ctx, mode);
  1.1716 +    assert(gpgme_error == GPG_ERR_NO_ERROR);
  1.1717 +}
  1.1718 +
  1.1719 +PEP_STATUS recv_key(PEP_SESSION session, const char *pattern)
  1.1720 +{
  1.1721 +	pEpSession *_session = (pEpSession *) session;
  1.1722 +	gpgme_error_t gpgme_error;
  1.1723 +    gpgme_key_t key;
  1.1724 +
  1.1725 +    assert(session);
  1.1726 +    assert(pattern);
  1.1727 +
  1.1728 +    _switch_mode(_session, GPGME_KEYLIST_MODE_LOCAL, GPGME_KEYLIST_MODE_EXTERN);
  1.1729 +
  1.1730 +    gpgme_error = _session->gpgme_op_keylist_start(_session->ctx, pattern, 0);
  1.1731 +    switch (gpgme_error) {
  1.1732 +    case GPG_ERR_NO_ERROR:
  1.1733 +        break;
  1.1734 +    case GPG_ERR_INV_VALUE:
  1.1735 +        assert(0);
  1.1736 +        _switch_mode(_session, GPGME_KEYLIST_MODE_EXTERN,
  1.1737 +                GPGME_KEYLIST_MODE_LOCAL);
  1.1738 +        return PEP_UNKNOWN_ERROR;
  1.1739 +    default:
  1.1740 +        _switch_mode(_session, GPGME_KEYLIST_MODE_EXTERN,
  1.1741 +                GPGME_KEYLIST_MODE_LOCAL);
  1.1742 +        return PEP_GET_KEY_FAILED;
  1.1743 +    };
  1.1744 +
  1.1745 +    do {
  1.1746 +        gpgme_error = _session->gpgme_op_keylist_next(_session->ctx, &key);
  1.1747 +        assert(gpgme_error != GPG_ERR_INV_VALUE);
  1.1748 +        switch (gpgme_error) {
  1.1749 +        case GPG_ERR_EOF:
  1.1750 +            break;
  1.1751 +        case GPG_ERR_NO_ERROR:
  1.1752 +            {
  1.1753 +                gpgme_error_t gpgme_error;
  1.1754 +                gpgme_key_t keys[2];
  1.1755 +
  1.1756 +                keys[0] = key;
  1.1757 +                keys[1] = NULL;
  1.1758 +
  1.1759 +                gpgme_error = _session->gpgme_op_import_keys(_session->ctx, keys);
  1.1760 +                _session->gpgme_key_unref(key);
  1.1761 +                assert(gpgme_error != GPG_ERR_INV_VALUE);
  1.1762 +                assert(gpgme_error != GPG_ERR_CONFLICT);
  1.1763 +            }
  1.1764 +            break;
  1.1765 +        case GPG_ERR_ENOMEM:
  1.1766 +            _switch_mode(_session, GPGME_KEYLIST_MODE_EXTERN,
  1.1767 +                    GPGME_KEYLIST_MODE_LOCAL);
  1.1768 +            _session->gpgme_op_keylist_end(_session->ctx);
  1.1769 +            return PEP_OUT_OF_MEMORY;
  1.1770 +        default:
  1.1771 +            // BUG: GPGME returns an illegal value instead of GPG_ERR_EOF after
  1.1772 +            // reading first key
  1.1773 +#ifndef NDEBUG
  1.1774 +            fprintf(stderr, "warning: unknown result 0x%x of"
  1.1775 +                    " gpgme_op_keylist_next()\n", gpgme_error);
  1.1776 +#endif
  1.1777 +            gpgme_error = GPG_ERR_EOF;
  1.1778 +            break;
  1.1779 +        };
  1.1780 +    } while (gpgme_error != GPG_ERR_EOF);
  1.1781 +
  1.1782 +    _session->gpgme_op_keylist_end(_session->ctx);
  1.1783 +    _switch_mode(_session, GPGME_KEYLIST_MODE_EXTERN,
  1.1784 +            GPGME_KEYLIST_MODE_LOCAL);
  1.1785 +    return PEP_STATUS_OK;
  1.1786 +}
  1.1787 +
  1.1788 +DYNAMIC_API PEP_STATUS find_keys(
  1.1789 +        PEP_SESSION session, const char *pattern, stringlist_t **keylist
  1.1790 +    )
  1.1791 +{
  1.1792 +	pEpSession *_session = (pEpSession *) session;
  1.1793 +	gpgme_error_t gpgme_error;
  1.1794 +    gpgme_key_t key;
  1.1795 +    stringlist_t *_keylist;
  1.1796 +    char *fpr;
  1.1797 +
  1.1798 +    assert(session);
  1.1799 +    assert(pattern);
  1.1800 +    assert(keylist);
  1.1801 +
  1.1802 +    *keylist = NULL;
  1.1803 +
  1.1804 +    gpgme_error = _session->gpgme_op_keylist_start(_session->ctx, pattern, 0);
  1.1805 +    switch (gpgme_error) {
  1.1806 +    case GPG_ERR_NO_ERROR:
  1.1807 +        break;
  1.1808 +    case GPG_ERR_INV_VALUE:
  1.1809 +        assert(0);
  1.1810 +        return PEP_UNKNOWN_ERROR;
  1.1811 +    default:
  1.1812 +        return PEP_GET_KEY_FAILED;
  1.1813 +    };
  1.1814 +
  1.1815 +    _keylist = new_stringlist(NULL);
  1.1816 +    stringlist_t *_k = _keylist;
  1.1817 +
  1.1818 +    do {
  1.1819 +        gpgme_error = _session->gpgme_op_keylist_next(_session->ctx, &key);
  1.1820 +        assert(gpgme_error != GPG_ERR_INV_VALUE);
  1.1821 +        switch (gpgme_error) {
  1.1822 +        case GPG_ERR_EOF:
  1.1823 +            break;
  1.1824 +        case GPG_ERR_NO_ERROR:
  1.1825 +            assert(key);
  1.1826 +            assert(key->subkeys);
  1.1827 +            fpr = key->subkeys->fpr;
  1.1828 +            assert(fpr);
  1.1829 +            _k = stringlist_add(_k, fpr);
  1.1830 +            assert(_k);
  1.1831 +            if (_k != NULL)
  1.1832 +                break;
  1.1833 +        case GPG_ERR_ENOMEM:
  1.1834 +            free_stringlist(_keylist);
  1.1835 +            _session->gpgme_op_keylist_end(_session->ctx);
  1.1836 +            return PEP_OUT_OF_MEMORY;
  1.1837 +        default:
  1.1838 +            // BUG: GPGME returns an illegal value instead of GPG_ERR_EOF after
  1.1839 +            // reading first key
  1.1840 +#ifndef NDEBUG
  1.1841 +            fprintf(stderr, "warning: unknown result 0x%x of"
  1.1842 +                    " gpgme_op_keylist_next()\n", gpgme_error);
  1.1843 +#endif
  1.1844 +            gpgme_error = GPG_ERR_EOF;
  1.1845 +            break;
  1.1846 +        };
  1.1847 +    } while (gpgme_error != GPG_ERR_EOF);
  1.1848 +
  1.1849 +    _session->gpgme_op_keylist_end(_session->ctx);
  1.1850 +    *keylist = _keylist;
  1.1851 +    return PEP_STATUS_OK;
  1.1852 +}
  1.1853 +
  1.1854 +PEP_STATUS send_key(PEP_SESSION session, const char *pattern)
  1.1855 +{
  1.1856 +	pEpSession *_session = (pEpSession *) session;
  1.1857 +	gpgme_error_t gpgme_error;
  1.1858 +
  1.1859 +    gpgme_error = _session->gpgme_op_export(_session->ctx, pattern,
  1.1860 +            GPGME_EXPORT_MODE_EXTERN, NULL);
  1.1861 +    assert(gpgme_error != GPG_ERR_INV_VALUE);
  1.1862 +    if (gpgme_error == GPG_ERR_NO_ERROR)
  1.1863 +        return PEP_STATUS_OK;
  1.1864 +    else
  1.1865 +        return PEP_CANNOT_SEND_KEY;
  1.1866 +}
  1.1867 +
  1.1868 +void pEp_free(void *p)
  1.1869 +{
  1.1870 +    free(p);
  1.1871 +}
  1.1872 +