1 // This file is under GNU General Public License 3.0
12 #include "pEp_internal.h"
13 #include "keymanagement.h"
16 #include "blacklist.h"
19 #define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
22 #define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)
24 PEP_STATUS elect_pubkey(
25 PEP_SESSION session, pEp_identity * identity
29 stringlist_t *keylist = NULL;
31 identity->comm_type = PEP_ct_unknown;
33 status = find_keys(session, identity->address, &keylist);
34 assert(status != PEP_OUT_OF_MEMORY);
35 if (status == PEP_OUT_OF_MEMORY)
36 return PEP_OUT_OF_MEMORY;
38 stringlist_t *_keylist;
39 for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
40 PEP_comm_type _comm_type_key;
42 status = get_key_rating(session, _keylist->value, &_comm_type_key);
43 assert(status != PEP_OUT_OF_MEMORY);
44 if (status == PEP_OUT_OF_MEMORY) {
45 free_stringlist(keylist);
46 return PEP_OUT_OF_MEMORY;
49 if (_comm_type_key != PEP_ct_compromized &&
50 _comm_type_key != PEP_ct_unknown)
52 if (identity->comm_type == PEP_ct_unknown ||
53 _comm_type_key > identity->comm_type)
56 status = blacklist_is_listed(session, _keylist->value, &blacklisted);
57 if (status == PEP_STATUS_OK && !blacklisted) {
58 identity->comm_type = _comm_type_key;
59 _fpr = _keylist->value;
69 identity->fpr = strdup(_fpr);
70 if (identity->fpr == NULL) {
71 free_stringlist(keylist);
72 return PEP_OUT_OF_MEMORY;
75 free_stringlist(keylist);
79 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
81 DYNAMIC_API PEP_STATUS update_identity(
82 PEP_SESSION session, pEp_identity * identity
85 pEp_identity *stored_identity = NULL;
86 pEp_identity *temp_id = NULL;
91 assert(!EMPTYSTR(identity->address));
93 if (!(session && identity && !EMPTYSTR(identity->address)))
94 return ADD_TO_LOG(PEP_ILLEGAL_VALUE);
96 if (_identity_me(identity)) {
97 return _myself(session, identity, false, true);
100 int _no_user_id = EMPTYSTR(identity->user_id);
101 int _did_elect_new_key = 0;
105 status = get_identity(session, identity->address, PEP_OWN_USERID,
107 if (status == PEP_STATUS_OK) {
108 free_identity(stored_identity);
109 return _myself(session, identity, false, true);
112 free(identity->user_id);
114 identity->user_id = calloc(1, strlen(identity->address) + 6);
115 if (!identity->user_id)
117 return PEP_OUT_OF_MEMORY;
119 snprintf(identity->user_id, strlen(identity->address) + 6,
120 "TOFU_%s", identity->address);
123 status = get_identity(session,
128 assert(status != PEP_OUT_OF_MEMORY);
129 if (status == PEP_OUT_OF_MEMORY)
132 temp_id = identity_dup(identity);
134 /* We don't take given fpr.
135 In case there's no acceptable stored fpr, it will be elected. */
138 temp_id->comm_type = PEP_ct_unknown;
140 if (stored_identity) {
142 bool dont_use_stored_fpr = true;
144 /* if we have a stored_identity fpr */
145 if (!EMPTYSTR(stored_identity->fpr)) {
146 bool revoked = false;
147 status = key_revoked(session, stored_identity->fpr, &revoked);
149 if (status != PEP_STATUS_OK || revoked)
150 dont_use_stored_fpr = true;
154 status = update_trust_for_fpr(session, stored_identity->fpr, PEP_ct_key_revoked);
155 // What to do on failure? FIXME
156 status = replace_identities_fpr(session, stored_identity->fpr, "");
159 status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
160 if (status != PEP_STATUS_OK)
161 dont_use_stored_fpr = true;
166 if (!dont_use_stored_fpr) {
167 /* Check stored comm_type */
168 PEP_comm_type _comm_type_key;
169 status = get_key_rating(session, stored_identity->fpr, &_comm_type_key);
170 assert(status != PEP_OUT_OF_MEMORY);
171 if (status == PEP_OUT_OF_MEMORY) {
174 if (status == PEP_KEY_NOT_FOUND){
175 /* stored key was deleted from keyring. any other candidate ?*/
176 status = elect_pubkey(session, temp_id);
177 if (status != PEP_STATUS_OK) {
180 _did_elect_new_key = 1;
183 temp_id->fpr = strdup(stored_identity->fpr);
184 assert(temp_id->fpr);
185 if (temp_id->fpr == NULL) {
186 status = PEP_OUT_OF_MEMORY;
190 if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
191 /* if key not good anymore,
192 downgrade eventually trusted comm_type */
193 temp_id->comm_type = _comm_type_key;
195 /* otherwise take stored comm_type as-is except if
196 is unknown or is expired (but key not expired anymore) */
197 temp_id->comm_type = stored_identity->comm_type;
198 if (temp_id->comm_type == PEP_ct_unknown ||
199 temp_id->comm_type == PEP_ct_key_expired) {
200 temp_id->comm_type = _comm_type_key;
206 status = elect_pubkey(session, temp_id);
207 if (status != PEP_STATUS_OK){
210 _did_elect_new_key = 1;
214 /* ok, from here on out, use temp_id */
217 /* At this point, we either have a non-blacklisted fpr we can work */
218 /* with, or we've got nada. */
220 if (EMPTYSTR(temp_id->fpr)) {
221 /* nada : set comm_type accordingly */
222 temp_id->comm_type = PEP_ct_key_not_found;
225 if (EMPTYSTR(temp_id->username)) {
226 free(temp_id->username);
227 temp_id->username = strdup(stored_identity->username);
228 assert(temp_id->username);
229 if (temp_id->username == NULL){
230 status = PEP_OUT_OF_MEMORY;
235 if (temp_id->lang[0] == 0) {
236 temp_id->lang[0] = stored_identity->lang[0];
237 temp_id->lang[1] = stored_identity->lang[1];
238 temp_id->lang[2] = 0;
241 temp_id->flags = stored_identity->flags;
243 else /* stored_identity == NULL */ {
246 /* We elect a pubkey */
247 status = elect_pubkey(session, temp_id);
248 if (status != PEP_STATUS_OK)
251 /* Work with the elected key */
252 if (!EMPTYSTR(temp_id->fpr)) {
254 PEP_comm_type _comm_type_key = temp_id->comm_type;
256 _did_elect_new_key = 1;
258 // We don't want to lose a previous trust entry!!!
259 status = get_trust(session, temp_id);
261 bool has_trust_status = (status == PEP_STATUS_OK);
263 if (!has_trust_status)
264 temp_id->comm_type = _comm_type_key;
268 if (temp_id->fpr == NULL) {
269 temp_id->fpr = strdup("");
270 if (temp_id->fpr == NULL) {
271 status = PEP_OUT_OF_MEMORY;
277 status = PEP_STATUS_OK;
279 if (temp_id->comm_type != PEP_ct_unknown && !EMPTYSTR(temp_id->user_id)) {
281 if (EMPTYSTR(temp_id->username)) { // mitigate
282 free(temp_id->username);
283 temp_id->username = strdup("anonymous");
284 assert(temp_id->username);
285 if (temp_id->username == NULL){
286 status = PEP_OUT_OF_MEMORY;
291 // Identity doesn't get stored if call was just about checking existing
292 // user by address (i.e. no user id given but already stored)
293 if (!(_no_user_id && stored_identity) || _did_elect_new_key)
295 status = set_identity(session, temp_id);
296 assert(status == PEP_STATUS_OK);
297 if (status != PEP_STATUS_OK) {
303 if (temp_id->comm_type != PEP_ct_compromized &&
304 temp_id->comm_type < PEP_ct_strong_but_unconfirmed)
305 if (session->examine_identity)
306 session->examine_identity(temp_id, session->examine_management);
308 /* ok, we got to the end. So we can assign the output identity */
309 free(identity->address);
310 identity->address = strdup(temp_id->address);
312 identity->fpr = strdup(temp_id->fpr);
313 free(identity->user_id);
314 identity->user_id = strdup(temp_id->user_id);
315 free(identity->username);
316 identity->username = strdup(temp_id->username ? temp_id->username : "anonymous");
317 identity->comm_type = temp_id->comm_type;
318 identity->lang[0] = temp_id->lang[0];
319 identity->lang[1] = temp_id->lang[1];
320 identity->lang[2] = 0;
321 identity->flags = temp_id->flags;
324 free_identity(stored_identity);
325 free_identity(temp_id);
327 return ADD_TO_LOG(status);
330 PEP_STATUS elect_ownkey(
331 PEP_SESSION session, pEp_identity * identity
335 stringlist_t *keylist = NULL;
338 identity->fpr = NULL;
340 status = find_private_keys(session, identity->address, &keylist);
341 assert(status != PEP_OUT_OF_MEMORY);
342 if (status == PEP_OUT_OF_MEMORY)
343 return PEP_OUT_OF_MEMORY;
345 if (keylist != NULL && keylist->value != NULL)
348 identity->comm_type = PEP_ct_unknown;
350 stringlist_t *_keylist;
351 for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
354 status = own_key_is_listed(session, _keylist->value, &is_own);
355 assert(status == PEP_STATUS_OK);
356 if (status != PEP_STATUS_OK) {
357 free_stringlist(keylist);
363 PEP_comm_type _comm_type_key;
365 status = get_key_rating(session, _keylist->value, &_comm_type_key);
366 assert(status != PEP_OUT_OF_MEMORY);
367 if (status == PEP_OUT_OF_MEMORY) {
368 free_stringlist(keylist);
369 return PEP_OUT_OF_MEMORY;
372 if (_comm_type_key != PEP_ct_compromized &&
373 _comm_type_key != PEP_ct_unknown)
375 if (identity->comm_type == PEP_ct_unknown ||
376 _comm_type_key > identity->comm_type)
378 identity->comm_type = _comm_type_key;
379 _fpr = _keylist->value;
387 identity->fpr = strdup(_fpr);
388 assert(identity->fpr);
389 if (identity->fpr == NULL)
391 free_stringlist(keylist);
392 return PEP_OUT_OF_MEMORY;
395 free_stringlist(keylist);
397 return PEP_STATUS_OK;
400 PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
403 bool dont_use_fpr = true;
405 PEP_STATUS status = blacklist_is_listed(session, fpr, &dont_use_fpr);
406 if (status == PEP_STATUS_OK && !dont_use_fpr) {
407 // Make sure there is a *private* key associated with this fpr
408 bool has_private = false;
409 status = contains_priv_key(session, fpr, &has_private);
411 if (status == PEP_STATUS_OK)
412 dont_use_fpr = !has_private;
415 *is_usable = !dont_use_fpr;
417 return ADD_TO_LOG(status);
420 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
422 pEp_identity *stored_identity = NULL;
427 assert(!EMPTYSTR(identity->address));
429 assert(EMPTYSTR(identity->user_id) ||
430 strcmp(identity->user_id, PEP_OWN_USERID) == 0);
432 if (!(session && identity && !EMPTYSTR(identity->address) &&
433 (EMPTYSTR(identity->user_id) ||
434 strcmp(identity->user_id, PEP_OWN_USERID) == 0)))
435 return ADD_TO_LOG(PEP_ILLEGAL_VALUE);
437 identity->comm_type = PEP_ct_pEp;
441 // test_diphoton : dirty hack to prevent more than one sync enabled account
442 identity_list *own_identities = NULL;
443 if (_own_identities_retrieve(session, &own_identities, PEP_idf_not_for_sync) == PEP_STATUS_OK)
444 // if at least one _other_ own address is sync enabled, set exclusion flag
445 for (identity_list *_i = own_identities; _i && _i->ident; _i = _i->next) {
446 pEp_identity *me = _i->ident;
447 if(me->address && strcmp(me->address, identity->address) != 0)
448 identity->flags |= PEP_idf_not_for_sync;
451 free_identity_list(own_identities);
454 if (EMPTYSTR(identity->user_id))
456 free(identity->user_id);
457 identity->user_id = strdup(PEP_OWN_USERID);
458 assert(identity->user_id);
459 if (identity->user_id == NULL)
460 return PEP_OUT_OF_MEMORY;
463 if (EMPTYSTR(identity->username))
465 free(identity->username);
466 identity->username = strdup("anonymous");
467 assert(identity->username);
468 if (identity->username == NULL)
469 return PEP_OUT_OF_MEMORY;
472 DEBUG_LOG("myself", "debug", identity->address);
474 status = get_identity(session,
479 assert(status != PEP_OUT_OF_MEMORY);
480 if (status == PEP_OUT_OF_MEMORY)
481 return PEP_OUT_OF_MEMORY;
483 bool dont_use_stored_fpr = true;
484 bool dont_use_input_fpr = true;
488 if (EMPTYSTR(identity->fpr)) {
490 bool has_private = false;
492 status = _has_usable_priv_key(session, stored_identity->fpr, &has_private);
494 // N.B. has_private is never true if the returned status is not PEP_STATUS_OK
496 identity->fpr = strdup(stored_identity->fpr);
497 assert(identity->fpr);
498 if (identity->fpr == NULL)
500 return PEP_OUT_OF_MEMORY;
502 dont_use_stored_fpr = false;
506 identity->flags = (identity->flags & 255) | stored_identity->flags;
507 free_identity(stored_identity);
510 if (dont_use_stored_fpr && !EMPTYSTR(identity->fpr))
512 // App must have a good reason to give fpr, such as explicit
513 // import of private key, or similar.
515 // Take given fpr as-is.
518 // First check to see if it's blacklisted or private part is missing?
519 bool has_private = false;
521 status = _has_usable_priv_key(session, identity->fpr, &has_private);
523 // N.B. has_private is never true if the returned status is not PEP_STATUS_OK
525 dont_use_input_fpr = false;
529 // Ok, we failed to get keys either way, so let's elect one.
530 if (dont_use_input_fpr && dont_use_stored_fpr)
532 status = elect_ownkey(session, identity);
533 assert(status == PEP_STATUS_OK);
534 if (status != PEP_STATUS_OK) {
535 return ADD_TO_LOG(status);
538 bool has_private = false;
540 // ok, we elected something.
541 // elect_ownkey only returns private keys, so we don't check again.
542 // Check to see if it's blacklisted
544 status = blacklist_is_listed(session, identity->fpr, &listed);
546 if (status == PEP_STATUS_OK)
547 has_private = !listed;
551 dont_use_input_fpr = false;
553 else { // OK, we've tried everything. Time to generate new keys.
554 free(identity->fpr); // It can stay in this state (unallocated) because we'll generate a new key
555 identity->fpr = NULL;
559 bool revoked = false;
561 if (!EMPTYSTR(identity->fpr))
563 status = key_revoked(session, identity->fpr, &revoked);
565 if (status != PEP_STATUS_OK)
567 return ADD_TO_LOG(status);
571 bool new_key_generated = false;
573 if (EMPTYSTR(identity->fpr) || revoked)
576 return ADD_TO_LOG(PEP_GET_KEY_FAILED);
581 r_fpr = identity->fpr;
582 identity->fpr = NULL;
585 DEBUG_LOG("generating key pair", "debug", identity->address);
586 status = generate_keypair(session, identity);
587 assert(status != PEP_OUT_OF_MEMORY);
588 if (status != PEP_STATUS_OK) {
590 snprintf(buf, 11, "%d", status);
591 DEBUG_LOG("generating key pair failed", "debug", buf);
594 return ADD_TO_LOG(status);
597 new_key_generated = true;
601 status = set_revoked(session, r_fpr,
602 identity->fpr, time(NULL));
604 if (status != PEP_STATUS_OK) {
605 return ADD_TO_LOG(status);
612 status = key_expired(session, identity->fpr,
613 time(NULL) + (7*24*3600), // In a week
616 assert(status == PEP_STATUS_OK);
617 if (status != PEP_STATUS_OK) {
618 return ADD_TO_LOG(status);
621 if (status == PEP_STATUS_OK && expired) {
622 timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
623 renew_key(session, identity->fpr, ts);
628 if (!identity->username)
629 identity->username = strdup("");
631 status = set_identity(session, identity);
632 assert(status == PEP_STATUS_OK);
633 if (status != PEP_STATUS_OK) {
637 if(new_key_generated)
639 // if a state machine for keysync is in place, inject notify
640 status = inject_DeviceState_event(session, KeyGen, NULL, NULL);
641 if (status == PEP_OUT_OF_MEMORY){
642 return PEP_OUT_OF_MEMORY;
646 return ADD_TO_LOG(PEP_STATUS_OK);
649 DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
651 return ADD_TO_LOG(_myself(session, identity, true, false));
654 DYNAMIC_API PEP_STATUS register_examine_function(
656 examine_identity_t examine_identity,
662 return PEP_ILLEGAL_VALUE;
664 session->examine_management = management;
665 session->examine_identity = examine_identity;
667 return PEP_STATUS_OK;
670 DYNAMIC_API PEP_STATUS do_keymanagement(
671 retrieve_next_identity_t retrieve_next_identity,
676 pEp_identity *identity;
679 assert(retrieve_next_identity);
682 if (!retrieve_next_identity || !management)
683 return PEP_ILLEGAL_VALUE;
685 status = init(&session);
686 assert(status == PEP_STATUS_OK);
687 if (status != PEP_STATUS_OK)
690 log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
692 while ((identity = retrieve_next_identity(management)))
694 assert(identity->address);
695 if(identity->address)
697 DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
699 if (_identity_me(identity)) {
700 status = myself(session, identity);
702 status = recv_key(session, identity->address);
705 assert(status != PEP_OUT_OF_MEMORY);
706 if(status == PEP_OUT_OF_MEMORY)
707 return PEP_OUT_OF_MEMORY;
709 free_identity(identity);
712 log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
715 return PEP_STATUS_OK;
718 DYNAMIC_API PEP_STATUS key_mistrusted(
723 PEP_STATUS status = PEP_STATUS_OK;
727 assert(!EMPTYSTR(ident->fpr));
729 if (!(session && ident && ident->fpr))
730 return PEP_ILLEGAL_VALUE;
732 if (_identity_me(ident))
734 revoke_key(session, ident->fpr, NULL);
735 myself(session, ident);
740 if (session->cached_mistrusted)
741 free(session->cached_mistrusted);
742 session->cached_mistrusted = identity_dup(ident);
743 status = mark_as_compromized(session, ident->fpr);
749 DYNAMIC_API PEP_STATUS undo_last_mistrust(PEP_SESSION session) {
753 return PEP_ILLEGAL_VALUE;
755 PEP_STATUS status = PEP_STATUS_OK;
757 pEp_identity* cached_ident = session->cached_mistrusted;
760 status = PEP_CANNOT_FIND_IDENTITY;
762 status = set_identity(session, cached_ident);
763 free_identity(session->cached_mistrusted);
766 session->cached_mistrusted = NULL;
771 DYNAMIC_API PEP_STATUS key_reset_trust(
776 PEP_STATUS status = PEP_STATUS_OK;
780 assert(!_identity_me(ident));
781 assert(!EMPTYSTR(ident->fpr));
782 assert(!EMPTYSTR(ident->address));
783 assert(!EMPTYSTR(ident->user_id));
785 if (!(session && ident && !_identity_me(ident) && ident->fpr && ident->address &&
787 return PEP_ILLEGAL_VALUE;
789 status = update_identity(session, ident);
790 if (status != PEP_STATUS_OK)
793 if (ident->comm_type == PEP_ct_mistrusted)
794 ident->comm_type = PEP_ct_unknown;
796 ident->comm_type &= ~PEP_ct_confirmed;
798 status = set_identity(session, ident);
799 if (status != PEP_STATUS_OK)
802 if (ident->comm_type == PEP_ct_unknown)
803 status = update_identity(session, ident);
807 DYNAMIC_API PEP_STATUS trust_personal_key(
812 PEP_STATUS status = PEP_STATUS_OK;
816 assert(!EMPTYSTR(ident->address));
817 assert(!EMPTYSTR(ident->user_id));
818 assert(!EMPTYSTR(ident->fpr));
820 if (!ident || EMPTYSTR(ident->address) || EMPTYSTR(ident->user_id) ||
821 EMPTYSTR(ident->fpr))
822 return PEP_ILLEGAL_VALUE;
824 status = update_identity(session, ident);
825 if (status != PEP_STATUS_OK)
828 if (ident->comm_type > PEP_ct_strong_but_unconfirmed) {
829 ident->comm_type |= PEP_ct_confirmed;
830 status = set_identity(session, ident);
833 // MISSING: S/MIME has to be handled depending on trusted CAs
834 status = PEP_CANNOT_SET_TRUST;
840 DYNAMIC_API PEP_STATUS own_key_is_listed(
846 PEP_STATUS status = PEP_STATUS_OK;
849 assert(session && fpr && fpr[0] && listed);
851 if (!(session && fpr && fpr[0] && listed))
852 return PEP_ILLEGAL_VALUE;
856 sqlite3_reset(session->own_key_is_listed);
857 sqlite3_bind_text(session->own_key_is_listed, 1, fpr, -1, SQLITE_STATIC);
861 result = sqlite3_step(session->own_key_is_listed);
864 count = sqlite3_column_int(session->own_key_is_listed, 0);
866 status = PEP_STATUS_OK;
870 status = PEP_UNKNOWN_ERROR;
873 sqlite3_reset(session->own_key_is_listed);
877 PEP_STATUS _own_identities_retrieve(
879 identity_list **own_identities,
880 identity_flags_t excluded_flags
883 PEP_STATUS status = PEP_STATUS_OK;
885 assert(session && own_identities);
886 if (!(session && own_identities))
887 return PEP_ILLEGAL_VALUE;
889 *own_identities = NULL;
890 identity_list *_own_identities = new_identity_list(NULL);
891 if (_own_identities == NULL)
894 sqlite3_reset(session->own_identities_retrieve);
897 // address, fpr, username, user_id, comm_type, lang, flags
898 const char *address = NULL;
899 const char *fpr = NULL;
900 const char *username = NULL;
901 const char *user_id = NULL;
902 PEP_comm_type comm_type = PEP_ct_unknown;
903 const char *lang = NULL;
904 unsigned int flags = 0;
906 identity_list *_bl = _own_identities;
908 sqlite3_bind_int(session->own_identities_retrieve, 1, excluded_flags);
909 result = sqlite3_step(session->own_identities_retrieve);
912 address = (const char *)
913 sqlite3_column_text(session->own_identities_retrieve, 0);
915 sqlite3_column_text(session->own_identities_retrieve, 1);
916 user_id = PEP_OWN_USERID;
917 username = (const char *)
918 sqlite3_column_text(session->own_identities_retrieve, 2);
919 comm_type = PEP_ct_pEp;
920 lang = (const char *)
921 sqlite3_column_text(session->own_identities_retrieve, 3);
922 flags = (unsigned int)
923 sqlite3_column_int(session->own_identities_retrieve, 4);
925 pEp_identity *ident = new_identity(address, fpr, user_id, username);
928 ident->comm_type = comm_type;
929 if (lang && lang[0]) {
930 ident->lang[0] = lang[0];
931 ident->lang[1] = lang[1];
934 ident->flags = flags;
936 _bl = identity_list_add(_bl, ident);
938 free_identity(ident);
948 status = PEP_UNKNOWN_ERROR;
949 result = SQLITE_DONE;
951 } while (result != SQLITE_DONE);
953 sqlite3_reset(session->own_identities_retrieve);
954 if (status == PEP_STATUS_OK)
955 *own_identities = _own_identities;
957 free_identity_list(_own_identities);
962 free_identity_list(_own_identities);
963 status = PEP_OUT_OF_MEMORY;
969 DYNAMIC_API PEP_STATUS own_identities_retrieve(
971 identity_list **own_identities
974 return _own_identities_retrieve(session, own_identities, 0);
977 PEP_STATUS _own_keys_retrieve(
979 stringlist_t **keylist,
980 identity_flags_t excluded_flags
983 PEP_STATUS status = PEP_STATUS_OK;
985 assert(session && keylist);
986 if (!(session && keylist))
987 return PEP_ILLEGAL_VALUE;
990 stringlist_t *_keylist = NULL;
992 sqlite3_reset(session->own_keys_retrieve);
997 stringlist_t *_bl = _keylist;
999 sqlite3_bind_int(session->own_keys_retrieve, 1, excluded_flags);
1000 result = sqlite3_step(session->own_keys_retrieve);
1003 fpr = strdup((const char *) sqlite3_column_text(session->own_keys_retrieve, 0));
1007 _bl = stringlist_add(_bl, fpr);
1012 if (_keylist == NULL)
1021 status = PEP_UNKNOWN_ERROR;
1022 result = SQLITE_DONE;
1024 } while (result != SQLITE_DONE);
1026 sqlite3_reset(session->own_keys_retrieve);
1027 if (status == PEP_STATUS_OK)
1028 *keylist = _keylist;
1030 free_stringlist(_keylist);
1035 free_stringlist(_keylist);
1036 status = PEP_OUT_OF_MEMORY;
1042 DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **keylist)
1044 return _own_keys_retrieve(session, keylist, 0);
1047 // FIXME: should it be be used when sync receive old keys ? (ENGINE-145)
1048 DYNAMIC_API PEP_STATUS set_own_key(
1049 PEP_SESSION session,
1050 const char *address,
1054 PEP_STATUS status = PEP_STATUS_OK;
1065 return PEP_ILLEGAL_VALUE;
1067 sqlite3_reset(session->set_own_key);
1068 sqlite3_bind_text(session->set_own_key, 1, address, -1, SQLITE_STATIC);
1069 sqlite3_bind_text(session->set_own_key, 2, fpr, -1, SQLITE_STATIC);
1073 result = sqlite3_step(session->set_own_key);
1076 status = PEP_STATUS_OK;
1080 status = PEP_UNKNOWN_ERROR;
1083 sqlite3_reset(session->set_own_key);
1087 PEP_STATUS contains_priv_key(PEP_SESSION session, const char *fpr,
1088 bool *has_private) {
1092 assert(has_private);
1094 if (!(session && fpr && has_private))
1095 return PEP_ILLEGAL_VALUE;
1097 return session->cryptotech[PEP_crypt_OpenPGP].contains_priv_key(session, fpr, has_private);