src/pEpEngine.h
author Krista 'DarthMama' Bennett <krista@pep.foundation>
Wed, 06 Feb 2019 14:34:19 +0100
branchsync
changeset 3272 4d6c07372e3e
parent 3270 d8aea79654c3
child 3278 98f201d173cf
permissions -rw-r--r--
updated sequoia for ENGINE-448 fixes
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #pragma once
     5 
     6 #ifdef __cplusplus
     7 extern "C" {
     8 #endif
     9 
    10 #include <stddef.h>
    11 #include <stdint.h>
    12 #include <stdbool.h>
    13 
    14 #include "dynamic_api.h"
    15 #include "stringlist.h"
    16 #include "stringpair.h"
    17 #include "labeled_int_list.h"    
    18 #include "timestamp.h"
    19 
    20 #define PEP_VERSION "2.0" // protocol version
    21 
    22 #define PEP_OWN_USERID "pEp_own_userId"
    23     
    24 // pEp Engine API
    25 
    26 //  caveat:
    27 //      Unicode data has to be normalized to NFC before calling
    28 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    29 
    30 
    31 struct _pEpSession;
    32 typedef struct _pEpSession * PEP_SESSION;
    33 
    34 typedef enum {
    35     PEP_STATUS_OK                                   = 0,
    36 
    37     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    38     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    39     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    40     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    41     PEP_INIT_CANNOT_DETERMINE_GPG_VERSION           = 0x0114,
    42     PEP_INIT_UNSUPPORTED_GPG_VERSION                = 0x0115,
    43     PEP_INIT_CANNOT_CONFIG_GPG_AGENT                = 0x0116,
    44 
    45     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    46     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    47     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    48     PEP_UNKNOWN_DB_ERROR                            = 0x01ff,
    49     
    50     PEP_KEY_NOT_FOUND                               = 0x0201,
    51     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    52     PEP_GET_KEY_FAILED                              = 0x0203,
    53     PEP_CANNOT_EXPORT_KEY                           = 0x0204,
    54     PEP_CANNOT_EDIT_KEY                             = 0x0205,
    55     PEP_KEY_UNSUITABLE                              = 0x0206,
    56     PEP_MALFORMED_KEY_RESET_MSG                     = 0x0210,
    57     PEP_KEY_NOT_RESET                               = 0x0211,
    58 
    59     PEP_KEY_IMPORTED                                = 0x0220,
    60     PEP_NO_KEY_IMPORTED                             = 0x0221,
    61     PEP_KEY_IMPORT_STATUS_UNKNOWN                   = 0x0222,
    62     
    63     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    64     PEP_CANNOT_SET_PERSON                           = 0x0381,
    65     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    66     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    67     PEP_CANNOT_SET_TRUST                            = 0x0384,
    68     PEP_KEY_BLACKLISTED                             = 0x0385,
    69     PEP_CANNOT_FIND_PERSON                          = 0x0386,
    70     
    71     PEP_CANNOT_FIND_ALIAS                           = 0x0391,
    72     PEP_CANNOT_SET_ALIAS                            = 0x0392,
    73     
    74     PEP_UNENCRYPTED                                 = 0x0400,
    75     PEP_VERIFIED                                    = 0x0401,
    76     PEP_DECRYPTED                                   = 0x0402,
    77     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    78     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    79     PEP_DECRYPT_NO_KEY                              = 0x0405,
    80     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    81     PEP_VERIFY_NO_KEY                               = 0x0407,
    82     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    83     PEP_CANNOT_REENCRYPT                            = 0x0409,
    84     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    85 
    86     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    87     PEP_TRUSTWORDS_FPR_WRONG_LENGTH                 = 0x0502,
    88     PEP_TRUSTWORDS_DUPLICATE_FPR                    = 0x0503,
    89 
    90     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    91     PEP_CANNOT_SEND_KEY                             = 0x0602,
    92 
    93     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    94 
    95     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    96     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    97     PEP_CANNOT_ENCODE                               = 0x0803,
    98 
    99     PEP_SYNC_NO_NOTIFY_CALLBACK                     = 0x0901,
   100     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
   101     PEP_SYNC_NO_INJECT_CALLBACK                     = 0x0903,
   102     PEP_SYNC_NO_CHANNEL                             = 0x0904,
   103     PEP_SYNC_CANNOT_ENCRYPT                         = 0x0905,
   104     PEP_SYNC_NO_MESSAGE_SEND_CALLBACK               = 0x0906,
   105 
   106     PEP_CANNOT_INCREASE_SEQUENCE                    = 0x0971,
   107 
   108     PEP_STATEMACHINE_ERROR                          = 0x0980,
   109     PEP_NO_TRUST                                    = 0x0981,
   110     PEP_STATEMACHINE_INVALID_STATE                  = 0x0982,
   111     PEP_STATEMACHINE_INVALID_EVENT                  = 0x0983,
   112     PEP_STATEMACHINE_INVALID_CONDITION              = 0x0984,
   113     PEP_STATEMACHINE_INVALID_ACTION                 = 0x0985,
   114     PEP_STATEMACHINE_INHIBITED_EVENT                = 0x0986,
   115     PEP_STATEMACHINE_CANNOT_SEND                    = 0x0987,
   116 
   117     PEP_COMMIT_FAILED                               = 0xff01,
   118     PEP_MESSAGE_CONSUME                             = 0xff02,
   119     PEP_MESSAGE_IGNORE                              = 0xff03,
   120 
   121     PEP_RECORD_NOT_FOUND                            = -6,
   122     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
   123     PEP_ILLEGAL_VALUE                               = -4,
   124     PEP_BUFFER_TOO_SMALL                            = -3,
   125     PEP_OUT_OF_MEMORY                               = -2,
   126     PEP_UNKNOWN_ERROR                               = -1,
   127     
   128     PEP_VERSION_MISMATCH                            = -7,
   129 } PEP_STATUS;
   130 
   131 
   132 // messageToSend() - a message needs to be delivered by application
   133 //
   134 //  parameters:
   135 //      msg (in)        message struct with message to send
   136 //
   137 //  return value:
   138 //      PEP_STATUS_OK or any other value on error
   139 //
   140 //  caveat:
   141 //      the ownership of msg goes to the callee
   142 
   143 struct _message;
   144 typedef PEP_STATUS (*messageToSend_t)(struct _message *msg);
   145 
   146 
   147 struct Sync_event;
   148 typedef struct Sync_event *SYNC_EVENT;
   149 
   150 // free_Sync_event() - free memory occupied by sync protocol message
   151 //
   152 //  parameters:
   153 //      ev (in)         event to free
   154 
   155 void free_Sync_event(SYNC_EVENT ev);
   156 
   157 
   158 // inject_sync_event - inject sync protocol message
   159 //
   160 //  parameters:
   161 //      ev (in)             event to inject
   162 //      management (in)     application defined; usually a locked queue
   163 //
   164 //  return value:
   165 //      0 if event could be stored successfully or nonzero otherwise
   166 
   167 typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management);
   168 
   169 static inline const char *pep_status_to_string(PEP_STATUS status) {
   170     switch (status) {
   171     case PEP_STATUS_OK: return "PEP_STATUS_OK";
   172 
   173     case PEP_INIT_CANNOT_LOAD_GPGME: return "PEP_INIT_CANNOT_LOAD_GPGME";
   174     case PEP_INIT_GPGME_INIT_FAILED: return "PEP_INIT_GPGME_INIT_FAILED";
   175     case PEP_INIT_NO_GPG_HOME: return "PEP_INIT_NO_GPG_HOME";
   176     case PEP_INIT_NETPGP_INIT_FAILED: return "PEP_INIT_NETPGP_INIT_FAILED";
   177     case PEP_INIT_CANNOT_DETERMINE_GPG_VERSION: return "PEP_INIT_CANNOT_DETERMINE_GPG_VERSION";
   178     case PEP_INIT_UNSUPPORTED_GPG_VERSION: return "PEP_INIT_UNSUPPORTED_GPG_VERSION";
   179     case PEP_INIT_CANNOT_CONFIG_GPG_AGENT: return "PEP_INIT_CANNOT_CONFIG_GPG_AGENT";
   180     case PEP_INIT_SQLITE3_WITHOUT_MUTEX: return "PEP_INIT_SQLITE3_WITHOUT_MUTEX";
   181     case PEP_INIT_CANNOT_OPEN_DB: return "PEP_INIT_CANNOT_OPEN_DB";
   182     case PEP_INIT_CANNOT_OPEN_SYSTEM_DB: return "PEP_INIT_CANNOT_OPEN_SYSTEM_DB";
   183     case PEP_UNKNOWN_DB_ERROR: return "PEP_UNKNOWN_DB_ERROR";
   184     case PEP_KEY_NOT_FOUND: return "PEP_KEY_NOT_FOUND";
   185     case PEP_KEY_HAS_AMBIG_NAME: return "PEP_KEY_HAS_AMBIG_NAME";
   186     case PEP_GET_KEY_FAILED: return "PEP_GET_KEY_FAILED";
   187     case PEP_CANNOT_EXPORT_KEY: return "PEP_CANNOT_EXPORT_KEY";
   188     case PEP_CANNOT_EDIT_KEY: return "PEP_CANNOT_EDIT_KEY";
   189     case PEP_KEY_UNSUITABLE: return "PEP_KEY_UNSUITABLE";
   190     case PEP_MALFORMED_KEY_RESET_MSG: return "PEP_MALFORMED_KEY_RESET_MSG";
   191     case PEP_KEY_NOT_RESET: return "PEP_KEY_NOT_RESET";
   192 
   193     case PEP_KEY_IMPORTED: return "PEP_KEY_IMPORTED";
   194     case PEP_NO_KEY_IMPORTED: return "PEP_NO_KEY_IMPORTED";
   195     case PEP_KEY_IMPORT_STATUS_UNKNOWN: return "PEP_KEY_IMPORT_STATUS_UNKNOWN";
   196     
   197     case PEP_CANNOT_FIND_IDENTITY: return "PEP_CANNOT_FIND_IDENTITY";
   198     case PEP_CANNOT_SET_PERSON: return "PEP_CANNOT_SET_PERSON";
   199     case PEP_CANNOT_SET_PGP_KEYPAIR: return "PEP_CANNOT_SET_PGP_KEYPAIR";
   200     case PEP_CANNOT_SET_IDENTITY: return "PEP_CANNOT_SET_IDENTITY";
   201     case PEP_CANNOT_SET_TRUST: return "PEP_CANNOT_SET_TRUST";
   202     case PEP_KEY_BLACKLISTED: return "PEP_KEY_BLACKLISTED";
   203     case PEP_CANNOT_FIND_PERSON: return "PEP_CANNOT_FIND_PERSON";
   204 
   205     case PEP_CANNOT_FIND_ALIAS: return "PEP_CANNOT_FIND_ALIAS";
   206     case PEP_CANNOT_SET_ALIAS: return "PEP_CANNOT_SET_ALIAS";
   207 
   208     case PEP_UNENCRYPTED: return "PEP_UNENCRYPTED";
   209     case PEP_VERIFIED: return "PEP_VERIFIED";
   210     case PEP_DECRYPTED: return "PEP_DECRYPTED";
   211     case PEP_DECRYPTED_AND_VERIFIED: return "PEP_DECRYPTED_AND_VERIFIED";
   212     case PEP_DECRYPT_WRONG_FORMAT: return "PEP_DECRYPT_WRONG_FORMAT";
   213     case PEP_DECRYPT_NO_KEY: return "PEP_DECRYPT_NO_KEY";
   214     case PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH: return "PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH";
   215     case PEP_VERIFY_NO_KEY: return "PEP_VERIFY_NO_KEY";
   216     case PEP_VERIFIED_AND_TRUSTED: return "PEP_VERIFIED_AND_TRUSTED";
   217     case PEP_CANNOT_REENCRYPT: return "PEP_CANNOT_REENCRYPT";
   218     case PEP_CANNOT_DECRYPT_UNKNOWN: return "PEP_CANNOT_DECRYPT_UNKNOWN";
   219 
   220     case PEP_TRUSTWORD_NOT_FOUND: return "PEP_TRUSTWORD_NOT_FOUND";
   221     case PEP_TRUSTWORDS_FPR_WRONG_LENGTH: return "PEP_TRUSTWORDS_FPR_WRONG_LENGTH";
   222     case PEP_TRUSTWORDS_DUPLICATE_FPR: return "PEP_TRUSTWORDS_DUPLICATE_FPR";
   223 
   224     case PEP_CANNOT_CREATE_KEY: return "PEP_CANNOT_CREATE_KEY";
   225     case PEP_CANNOT_SEND_KEY: return "PEP_CANNOT_SEND_KEY";
   226 
   227     case PEP_PHRASE_NOT_FOUND: return "PEP_PHRASE_NOT_FOUND";
   228 
   229     case PEP_SEND_FUNCTION_NOT_REGISTERED: return "PEP_SEND_FUNCTION_NOT_REGISTERED";
   230     case PEP_CONTRAINTS_VIOLATED: return "PEP_CONTRAINTS_VIOLATED";
   231     case PEP_CANNOT_ENCODE: return "PEP_CANNOT_ENCODE";
   232 
   233     case PEP_SYNC_NO_NOTIFY_CALLBACK: return "PEP_SYNC_NO_NOTIFY_CALLBACK";
   234     case PEP_SYNC_ILLEGAL_MESSAGE: return "PEP_SYNC_ILLEGAL_MESSAGE";
   235     case PEP_SYNC_NO_INJECT_CALLBACK: return "PEP_SYNC_NO_INJECT_CALLBACK";
   236     case PEP_SYNC_NO_CHANNEL: return "PEP_SYNC_NO_CHANNEL";
   237     case PEP_SYNC_CANNOT_ENCRYPT: return "PEP_SYNC_CANNOT_ENCRYPT";
   238     case PEP_SYNC_NO_MESSAGE_SEND_CALLBACK: return "PEP_SYNC_NO_MESSAGE_SEND_CALLBACK";
   239 
   240     case PEP_CANNOT_INCREASE_SEQUENCE: return "PEP_CANNOT_INCREASE_SEQUENCE";
   241 
   242     case PEP_STATEMACHINE_ERROR: return "PEP_STATEMACHINE_ERROR";
   243     case PEP_NO_TRUST: return "PEP_NO_TRUST";
   244     case PEP_STATEMACHINE_INVALID_STATE: return "PEP_STATEMACHINE_INVALID_STATE";
   245     case PEP_STATEMACHINE_INVALID_EVENT: return "PEP_STATEMACHINE_INVALID_EVENT";
   246     case PEP_STATEMACHINE_INVALID_CONDITION: return "PEP_STATEMACHINE_INVALID_CONDITION";
   247     case PEP_STATEMACHINE_INVALID_ACTION: return "PEP_STATEMACHINE_INVALID_ACTION";
   248     case PEP_STATEMACHINE_INHIBITED_EVENT: return "PEP_STATEMACHINE_INHIBITED_EVENT";
   249     case PEP_STATEMACHINE_CANNOT_SEND: return "PEP_STATEMACHINE_CANNOT_SEND";
   250 
   251     case PEP_COMMIT_FAILED: return "PEP_COMMIT_FAILED";
   252     case PEP_MESSAGE_CONSUME: return "PEP_MESSAGE_CONSUME";
   253     case PEP_MESSAGE_IGNORE: return "PEP_MESSAGE_IGNORE";
   254 
   255     case PEP_RECORD_NOT_FOUND: return "PEP_RECORD_NOT_FOUND";
   256     case PEP_CANNOT_CREATE_TEMP_FILE: return "PEP_CANNOT_CREATE_TEMP_FILE";
   257     case PEP_ILLEGAL_VALUE: return "PEP_ILLEGAL_VALUE";
   258     case PEP_BUFFER_TOO_SMALL: return "PEP_BUFFER_TOO_SMALL";
   259     case PEP_OUT_OF_MEMORY: return "PEP_OUT_OF_MEMORY";
   260     case PEP_UNKNOWN_ERROR: return "PEP_UNKNOWN_ERROR";
   261 
   262     case PEP_VERSION_MISMATCH: return "PEP_VERSION_MISMATCH";
   263 
   264     default: return "unknown status code";
   265     }
   266 }
   267 
   268 // INIT_STATUS init() - initialize pEpEngine for a thread
   269 //
   270 //  parameters:
   271 //      session (out)                       init() allocates session memory and
   272 //                                          returns a pointer as a handle
   273 //      messageToSend (in)                  callback for sending message by the
   274 //                                          application
   275 //      inject_sync_event (in)              callback for injecting a sync event
   276 //
   277 //  return value:
   278 //      PEP_STATUS_OK = 0                   if init() succeeds
   279 //      PEP_INIT_SQLITE3_WITHOUT_MUTEX      if SQLite3 was compiled with
   280 //                                          SQLITE_THREADSAFE 0
   281 //      PEP_INIT_CANNOT_LOAD_GPGME          if libgpgme.dll cannot be found
   282 //      PEP_INIT_GPGME_INIT_FAILED          if GPGME init fails
   283 //      PEP_INIT_CANNOT_OPEN_DB             if user's management db cannot be
   284 //                                          opened
   285 //      PEP_INIT_CANNOT_OPEN_SYSTEM_DB      if system's management db cannot be
   286 //                                          opened
   287 //
   288 //  caveat:
   289 //      THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. release()
   290 //      should be similarly guarded.
   291 //
   292 //      the pointer is valid only if the return value is PEP_STATUS_OK
   293 //      in other case a NULL pointer will be returned; a valid handle must
   294 //      be released using release() when it's no longer needed
   295 //
   296 //      the caller has to guarantee that the first call to this function
   297 //      will succeed before further calls can be done
   298 //
   299 //      messageToSend can only be null if no transport is application based
   300 //      if transport system is not used it must not be NULL
   301 
   302 DYNAMIC_API PEP_STATUS init(
   303         PEP_SESSION *session,
   304         messageToSend_t messageToSend,
   305         inject_sync_event_t inject_sync_event
   306     );
   307 
   308 
   309 // void release() - release thread session handle
   310 //
   311 //  parameters:
   312 //        session (in)    session handle to release
   313 //
   314 //    caveat:
   315 //        THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. init() should
   316 //        be similarly guarded.
   317 //       
   318 //        the last release() can be called only when all other release() calls
   319 //        are done
   320 
   321 DYNAMIC_API void release(PEP_SESSION session);
   322 
   323 
   324 // const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any
   325 //
   326 //  parameters:
   327 //        session (in)    session handle
   328 //
   329 //    caveat:
   330 //        To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK
   331 //        The error stack belongs to the session. Do no not change it!
   332 DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session);
   333 
   334 
   335 // void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any
   336 //
   337 //  parameters:
   338 //        session (in)    session handle
   339 //
   340 DYNAMIC_API void clear_errorstack(PEP_SESSION session);
   341 
   342 
   343 // config_passive_mode() - enable passive mode
   344 //
   345 //  parameters:
   346 //      session (in)    session handle
   347 //      enable (in)     flag if enabled or disabled
   348 
   349 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   350 
   351 
   352 // config_unencrypted_subject() - disable subject encryption
   353 //
   354 //  parameters:
   355 //      session (in)    session handle
   356 //      enable (in)     flag if enabled or disabled
   357 
   358 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   359 
   360 
   361 // config_use_only_own_private_keys() - enable passive mode
   362 //
   363 //  parameters:
   364 //      session (in)    session handle
   365 //      enable (in)     flag if enabled or disabled
   366 
   367 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   368 
   369 
   370 // config_keep_sync_msg() - do not remove sync messages (for debugging purposes)
   371 //
   372 //      session (in)    session handle
   373 //      enable (in)     flag if enabled or disabled
   374 
   375 DYNAMIC_API void config_keep_sync_msg(PEP_SESSION session, bool enable);
   376 
   377 
   378 // config_service_log() - log more for service purposes
   379 //
   380 //      session (in)    session handle
   381 //      enable (in)     flag if enabled or disabled
   382 
   383 DYNAMIC_API void config_service_log(PEP_SESSION session, bool enable);
   384 
   385 
   386 // decrypt_and_verify() - decrypt and/or verify a message
   387 //
   388 //    parameters:
   389 //        session (in)          session handle
   390 //        ctext (in)            cipher text to decrypt and/or verify
   391 //        csize (in)            size of cipher text
   392 //        dsigtext (in)         if extant, *detached* signature text for this
   393 //                              message (or NULL if not)
   394 //        dsize (in)            size of *detached* signature text for this
   395 //                              message (0, if no detached sig exists)
   396 //        ptext (out)           pointer to internal buffer with plain text
   397 //        psize (out)           size of plain text
   398 //        keylist (out)         list of key ids which where used to encrypt
   399 //        filename_ptr (out)    mails produced by certain PGP implementations 
   400 //                              may return a decrypted filename here for attachments. 
   401 //                              Externally, this can generally be NULL, and is an optional
   402 //                              parameter.
   403 //
   404 //    return value:
   405 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   406 //        PEP_VERIFIED                  message was unencrypted, signature matches
   407 //        PEP_DECRYPTED                 message is decrypted now, no signature
   408 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   409 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   410 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   411 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   412 //
   413 //    caveat:
   414 //        the ownerships of ptext as well as keylist are going to the caller
   415 //        the caller must use free() (or an Windoze pEp_free()) and
   416 //        free_stringlist() to free them
   417 //
   418 //      if this function failes an error message may be the first element of
   419 //      keylist and the other elements may be the keys used for encryption
   420 
   421 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   422         PEP_SESSION session, const char *ctext, size_t csize,
   423         const char *dsigtext, size_t dsigsize,
   424         char **ptext, size_t *psize, stringlist_t **keylist,
   425         char ** filename_ptr
   426     );
   427 
   428 
   429 // verify_text() - verfy plain text with a digital signature
   430 //
   431 //  parameters:
   432 //      session (in)    session handle
   433 //      text (in)       text to verify
   434 //      size (in)       size of text
   435 //      signature (in)  signature text
   436 //      sig_size (in)   size of signature
   437 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   438 //                        error
   439 //
   440 //  return value:
   441 //        PEP_VERIFIED                message was unencrypted, signature matches
   442 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   443 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   444 
   445 DYNAMIC_API PEP_STATUS verify_text(
   446         PEP_SESSION session, const char *text, size_t size,
   447         const char *signature, size_t sig_size, stringlist_t **keylist
   448     );
   449 
   450 
   451 // encrypt_and_sign() - encrypt and sign a message
   452 //
   453 //    parameters:
   454 //        session (in)    session handle
   455 //        keylist (in)    list of key ids to encrypt with as C strings
   456 //        ptext (in)      plain text to decrypt and/or verify
   457 //        psize (in)      size of plain text
   458 //        ctext (out)     pointer to internal buffer with cipher text
   459 //        csize (out)     size of cipher text
   460 //
   461 //    return value:
   462 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   463 //        PEP_KEY_NOT_FOUND            at least one of the recipient keys
   464 //                                     could not be found
   465 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the recipient keys has
   466 //                                     an ambiguous name
   467 //        PEP_GET_KEY_FAILED           cannot retrieve key
   468 //
   469 //    caveat:
   470 //      the ownership of ctext is going to the caller
   471 //      the caller is responsible to free() it (on Windoze use pEp_free())
   472 //      the first key in keylist is being used to sign the message
   473 //      this implies there has to be a private key for that keypair
   474 
   475 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   476         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   477         size_t psize, char **ctext, size_t *csize
   478     );
   479 
   480 
   481 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   482 // management log
   483 //
   484 //    parameters:
   485 //        session (in)        session handle
   486 //        title (in)          C string with event name
   487 //        entity (in)         C string with name of entity which is logging
   488 //        description (in)    C string with long description for event or NULL if
   489 //                            omitted
   490 //        comment (in)        C string with user defined comment or NULL if
   491 //                            omitted
   492 //
   493 //    return value:
   494 //        PEP_STATUS_OK       log entry created
   495 
   496 DYNAMIC_API PEP_STATUS log_event(
   497         PEP_SESSION session,
   498         const char *title,
   499         const char *entity,
   500         const char *description,
   501         const char *comment
   502     );
   503 
   504 
   505 DYNAMIC_API PEP_STATUS log_service(PEP_SESSION session, const char *title,
   506         const char *entity, const char *description, const char *comment);
   507 
   508 #define _STR_(x) #x
   509 #define _D_STR_(x) _STR_(x)
   510 #define S_LINE _D_STR_(__LINE__)
   511 
   512 #define SERVICE_LOG(session, title, entity, desc) \
   513     log_service((session), (title), (entity), (desc), "service " __FILE__ ":" S_LINE)
   514 
   515 
   516 // trustword() - get the corresponding trustword for a 16 bit value
   517 //
   518 //    parameters:
   519 //        session (in)            session handle
   520 //        value (in)              value to find a trustword for
   521 //        lang (in)               C string with ISO 639-1 language code
   522 //        word (out)              pointer to C string with trustword UTF-8 encoded
   523 //                                NULL if language is not supported or trustword
   524 //                                wordlist is damaged or unavailable
   525 //        wsize (out)             length of trustword
   526 //
   527 //    return value:
   528 //        PEP_STATUS_OK            trustword retrieved
   529 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   530 //
   531 //    caveat:
   532 //        the word pointer goes to the ownership of the caller
   533 //      the caller is responsible to free() it (on Windoze use pEp_free())
   534 
   535 DYNAMIC_API PEP_STATUS trustword(
   536             PEP_SESSION session, uint16_t value, const char *lang,
   537             char **word, size_t *wsize
   538         );
   539 
   540 
   541 // trustwords() - get trustwords for a string of hex values of a fingerprint
   542 //
   543 //    parameters:
   544 //        session (in)        session handle
   545 //        fingerprint (in)    C string with hex values to find trustwords for
   546 //        lang (in)           C string with ISO 639-1 language code
   547 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   548 //                            separated by a blank each
   549 //                            NULL if language is not supported or trustword
   550 //                            wordlist is damaged or unavailable
   551 //        wsize (out)         length of trustwords string
   552 //        max_words (in)      only generate a string with max_words;
   553 //                            if max_words == 0 there is no such limit
   554 //
   555 //    return value:
   556 //        PEP_STATUS_OK            trustwords retrieved
   557 //        PEP_OUT_OF_MEMORY        out of memory
   558 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   559 //
   560 //    caveat:
   561 //        the word pointer goes to the ownership of the caller
   562 //      the caller is responsible to free() it (on Windoze use pEp_free())
   563 //
   564 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   565 //
   566 //  Better implement a simple one in the adapter yourself using trustword(), and
   567 //  return a list of trustwords.
   568 //  This function is provided for being used by C and C++ programs only.
   569 
   570 DYNAMIC_API PEP_STATUS trustwords(
   571         PEP_SESSION session, const char *fingerprint, const char *lang,
   572         char **words, size_t *wsize, int max_words
   573     );
   574 
   575 
   576 // TODO: increase versions in pEp.asn1 if rating changes
   577 
   578 typedef enum _PEP_comm_type {
   579     PEP_ct_unknown = 0,
   580 
   581     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   582 
   583     PEP_ct_no_encryption = 0x01,                // generic
   584     PEP_ct_no_encrypted_channel = 0x02,
   585     PEP_ct_key_not_found = 0x03,
   586     PEP_ct_key_expired = 0x04,
   587     PEP_ct_key_revoked = 0x05,
   588     PEP_ct_key_b0rken = 0x06,
   589     PEP_ct_key_expired_but_confirmed = 0x07, // NOT with confirmed bit. Just retaining info here in case of renewal.
   590     PEP_ct_my_key_not_included = 0x09,
   591 
   592     PEP_ct_security_by_obscurity = 0x0a,
   593     PEP_ct_b0rken_crypto = 0x0b,
   594     PEP_ct_key_too_short = 0x0c,
   595 
   596     PEP_ct_compromised = 0x0e,                  // known compromised connection
   597     PEP_ct_compromized = 0x0e,                  // deprecated misspelling
   598     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   599 
   600     // range 0x10 to 0x3f: unconfirmed encryption
   601 
   602     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   603     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   604 
   605     PEP_ct_to_be_checked = 0x20,                // generic
   606     PEP_ct_SMIME_unconfirmed = 0x21,
   607     PEP_ct_CMS_unconfirmed = 0x22,
   608 
   609     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   610     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   611     PEP_ct_OTR_unconfirmed = 0x3a,
   612 
   613     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   614 
   615     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   616     PEP_ct_pEp_unconfirmed = 0x7f,
   617 
   618     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   619 
   620     // range 0x81 to 0x8f: reserved
   621     // range 0x90 to 0xbf: confirmed encryption
   622 
   623     PEP_ct_confirmed_encryption = 0x90,         // generic
   624     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak (unused)
   625 
   626     PEP_ct_to_be_checked_confirmed = 0xa0,      // generic
   627     PEP_ct_SMIME = 0xa1,
   628     PEP_ct_CMS = 0xa2,
   629 
   630     PEP_ct_strong_encryption = 0xb0,            // generic
   631     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   632     PEP_ct_OTR = 0xba,
   633 
   634     // range 0xc0 to 0xff: confirmed encryption and anonymization
   635 
   636     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   637     PEP_ct_pEp = 0xff
   638 } PEP_comm_type;
   639 
   640 static inline const char *pep_comm_type_to_string(PEP_comm_type ct) {
   641     switch (ct) {
   642     case PEP_ct_unknown: return "unknown";
   643     case PEP_ct_no_encryption: return "no_encryption";
   644     case PEP_ct_no_encrypted_channel: return "no_encrypted_channel";
   645     case PEP_ct_key_not_found: return "key_not_found";
   646     case PEP_ct_key_expired: return "key_expired";
   647     case PEP_ct_key_revoked: return "key_revoked";
   648     case PEP_ct_key_b0rken: return "key_b0rken";
   649     case PEP_ct_my_key_not_included: return "my_key_not_included";
   650     case PEP_ct_security_by_obscurity: return "security_by_obscurity";
   651     case PEP_ct_b0rken_crypto: return "b0rken_crypto";
   652     case PEP_ct_key_too_short: return "key_too_short";
   653     case PEP_ct_compromised: return "compromised";
   654     case PEP_ct_mistrusted: return "mistrusted";
   655     case PEP_ct_unconfirmed_encryption: return "unconfirmed_encryption";
   656     case PEP_ct_OpenPGP_weak_unconfirmed: return "OpenPGP_weak_unconfirmed";
   657     case PEP_ct_to_be_checked: return "to_be_checked";
   658     case PEP_ct_SMIME_unconfirmed: return "SMIME_unconfirmed";
   659     case PEP_ct_CMS_unconfirmed: return "CMS_unconfirmed";
   660     case PEP_ct_strong_but_unconfirmed: return "strong_but_unconfirmed";
   661     case PEP_ct_OpenPGP_unconfirmed: return "OpenPGP_unconfirmed";
   662     case PEP_ct_OTR_unconfirmed: return "OTR_unconfirmed";
   663     case PEP_ct_unconfirmed_enc_anon: return "unconfirmed_enc_anon";
   664     case PEP_ct_pEp_unconfirmed: return "pEp_unconfirmed";
   665     case PEP_ct_confirmed: return "confirmed";
   666     case PEP_ct_confirmed_encryption: return "confirmed_encryption";
   667     case PEP_ct_OpenPGP_weak: return "OpenPGP_weak";
   668     case PEP_ct_to_be_checked_confirmed: return "to_be_checked_confirmed";
   669     case PEP_ct_SMIME: return "SMIME";
   670     case PEP_ct_CMS: return "CMS";
   671     case PEP_ct_strong_encryption: return "strong_encryption";
   672     case PEP_ct_OpenPGP: return "OpenPGP";
   673     case PEP_ct_OTR: return "OTR";
   674     case PEP_ct_confirmed_enc_anon: return "confirmed_enc_anon";
   675     case PEP_ct_pEp: return "pEp";
   676     default: return "invalid comm type";
   677     }
   678 }
   679 
   680 
   681 typedef enum _identity_flags {
   682     // the first octet flags are app defined settings
   683     PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
   684     PEP_idf_list = 0x0002,           // identity of list of persons
   685     // the second octet flags are calculated
   686     PEP_idf_devicegroup = 0x0100     // identity of a device group member
   687 } identity_flags;
   688 
   689 typedef unsigned int identity_flags_t;
   690 
   691 // typedef enum _keypair_flags {
   692 // } keypair_flags;
   693 
   694 typedef unsigned int keypair_flags_t;
   695 
   696 typedef struct _pEp_identity {
   697     char *address;              // C string with address UTF-8 encoded
   698     char *fpr;                  // C string with fingerprint UTF-8 encoded
   699     char *user_id;              // C string with user ID UTF-8 encoded
   700                                 // user_id MIGHT be set to "pEp_own_userId"
   701                                 // (use PEP_OWN_USERID preprocessor define)
   702                                 // if this is own user's identity.
   703                                 // But it is not REQUIRED to be.
   704     char *username;             // C string with user name UTF-8 encoded
   705     PEP_comm_type comm_type;    // type of communication with this ID
   706     char lang[3];               // language of conversation
   707                                 // ISO 639-1 ALPHA-2, last byte is 0
   708     bool me;                    // if this is the local user herself/himself
   709     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   710 } pEp_identity;
   711 
   712 typedef struct _identity_list {
   713     pEp_identity *ident;
   714     struct _identity_list *next;
   715 } identity_list;
   716 
   717 
   718 // new_identity() - allocate memory and set the string and size fields
   719 //
   720 //  parameters:
   721 //      address (in)        UTF-8 string or NULL 
   722 //      fpr (in)            UTF-8 string or NULL 
   723 //      user_id (in)        UTF-8 string or NULL 
   724 //      username (in)       UTF-8 string or NULL 
   725 //
   726 //  return value:
   727 //      pEp_identity struct or NULL if out of memory
   728 //
   729 //  caveat:
   730 //      the strings are copied; the original strings are still being owned by
   731 //      the caller
   732 
   733 DYNAMIC_API pEp_identity *new_identity(
   734         const char *address, const char *fpr, const char *user_id,
   735         const char *username
   736     );
   737 
   738 
   739 // identity_dup() - allocate memory and duplicate
   740 //
   741 //  parameters:
   742 //      src (in)            identity to duplicate
   743 //
   744 //  return value:
   745 //      pEp_identity struct or NULL if out of memory
   746 //
   747 //  caveat:
   748 //      the strings are copied; the original strings are still being owned by
   749 //      the caller
   750 
   751 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   752 
   753 
   754 // free_identity() - free all memory being occupied by a pEp_identity struct
   755 //
   756 //  parameters:
   757 //      identity (in)       struct to release
   758 //
   759 //  caveat:
   760 //      not only the struct but also all string memory referenced by the
   761 //      struct is being freed; all pointers inside are invalid afterwards
   762 
   763 DYNAMIC_API void free_identity(pEp_identity *identity);
   764 
   765 
   766 // get_identity() - get identity information
   767 //
   768 //    parameters:
   769 //        session (in)        session handle
   770 //        address (in)        C string with communication address, UTF-8 encoded
   771 //        user_id (in)        unique C string to identify person that identity
   772 //                            is refering to
   773 //        identity (out)      pointer to pEp_identity structure with results or
   774 //                            NULL if failure
   775 //
   776 //    caveat:
   777 //        address and user_id are being copied; the original strings remains in
   778 //        the ownership of the caller
   779 //        the resulting pEp_identity structure goes to the ownership of the
   780 //        caller and has to be freed with free_identity() when not in use any
   781 //        more
   782 
   783 DYNAMIC_API PEP_STATUS get_identity(
   784         PEP_SESSION session,
   785         const char *address,
   786         const char *user_id,
   787         pEp_identity **identity
   788     );
   789 
   790 PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
   791                                  const char* old_fpr, 
   792                                  const char* new_fpr); 
   793 
   794 
   795 // set_identity() - set identity information
   796 //
   797 //    parameters:
   798 //        session (in)        session handle
   799 //        identity (in)       pointer to pEp_identity structure
   800 //
   801 //    return value:
   802 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   803 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   804 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   805 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   806 //        PEP_COMMIT_FAILED             SQL commit failed
   807 //
   808 //    caveat:
   809 //        address, fpr, user_id and username must be given
   810 
   811 DYNAMIC_API PEP_STATUS set_identity(
   812         PEP_SESSION session, const pEp_identity *identity
   813     );
   814 
   815 // get_default own_userid() - get the user_id of the own user
   816 //
   817 //    parameters:
   818 //        session (in)        session handle
   819 //        userid  (out)       own user id (if it exists)
   820 //
   821 //    return value:
   822 //        PEP_STATUS_OK = 0             userid was found
   823 //        PEP_CANNOT_FIND_IDENTITY      no own_user found in the DB
   824 //        PEP_UNKNOWN_ERROR             results were returned, but no ID
   825 //                                      found (no reason this should ever occur)
   826 //    caveat:
   827 //        userid will be NULL if not found; otherwise, returned string
   828 //        belongs to the caller.
   829 
   830 DYNAMIC_API PEP_STATUS get_default_own_userid(
   831         PEP_SESSION session, 
   832         char** userid
   833     );
   834 
   835 // get_userid_alias_default() - get the default user_id which corresponds
   836 //                              to an alias
   837 //    parameters:
   838 //        session (in)        session handle
   839 //        alias_id (in)       the user_id which may be an alias for a default id
   840 //        default_id (out)    the default id for this alias, if the alias
   841 //                            is in the DB as an alias, else NULL
   842 //    return value:
   843 //        PEP_STATUS_OK = 0             userid was found
   844 //        PEP_CANNOT_FIND_ALIAS         this userid is not listed as an 
   845 //                                      alias in the DB
   846 //        PEP_UNKNOWN_ERROR             results were returned, but no ID
   847 //                                      found (no reason this should ever occur)
   848 //    caveat:
   849 //        default_id will be NULL if not found; otherwise, returned string
   850 //        belongs to the caller.
   851 //        also, current implementation does NOT check to see if this userid
   852 //        IS a default.
   853 
   854 DYNAMIC_API PEP_STATUS get_userid_alias_default(
   855         PEP_SESSION session, 
   856         const char* alias_id,
   857         char** default_id);
   858 
   859 // set_userid_alias() - set an alias to correspond to a default id
   860 //    parameters:
   861 //        session (in)        session handle
   862 //        default_id (in)     the default id for this alias. This must
   863 //                            correspond to the default user_id for an
   864 //                            entry in the person (user) table.
   865 //        alias_id (in)       the alias to be set for this default id
   866 //    return value:
   867 //        PEP_STATUS_OK = 0             userid was found
   868 //        PEP_CANNOT_SET_ALIAS          there was an error setting this
   869 
   870 DYNAMIC_API PEP_STATUS set_userid_alias (
   871         PEP_SESSION session, 
   872         const char* default_id,
   873         const char* alias_id);
   874 
   875 
   876 // set_device_group() - update own person's device group
   877 //
   878 //    parameters:
   879 //        session (in)        session handle
   880 //        group_name (in)     new group name
   881 //
   882 //    return value:
   883 //        PEP_STATUS_OK = 0             device group was updated
   884 //        PEP_CANNOT_SET_PERSON         update failed
   885 
   886 DYNAMIC_API PEP_STATUS set_device_group(
   887         PEP_SESSION session,
   888         const char *group_name
   889     );
   890 
   891 // get_device_group() - get own person's device group
   892 //
   893 //    parameters:
   894 //        session (in)        session handle
   895 //        group_name (in)     new group name
   896 //
   897 //    return value:
   898 //        PEP_STATUS_OK = 0             couldn't get device group
   899 //        PEP_RECORD_NOT_FOUND          update failed
   900 //
   901 //    caveat:
   902 //        the ownerships of group_name is going to the caller
   903 
   904 DYNAMIC_API PEP_STATUS get_device_group(
   905         PEP_SESSION session, 
   906         char **group_name
   907     );
   908 
   909 // set_identity_flags() - update identity flags on existing identity
   910 //
   911 //    parameters:
   912 //        session (in)        session handle
   913 //        identity (in,out)   pointer to pEp_identity structure
   914 //        flags (in)          new value for flags
   915 //
   916 //    return value:
   917 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   918 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   919 //
   920 //    caveat:
   921 //        address and user_id must be given in identity
   922 
   923 DYNAMIC_API PEP_STATUS set_identity_flags(
   924         PEP_SESSION session,
   925         pEp_identity *identity,
   926         identity_flags_t flags
   927     );
   928 
   929 // unset_identity_flags() - update identity flags on existing identity
   930 //
   931 //    parameters:
   932 //        session (in)        session handle
   933 //        identity (in,out)   pointer to pEp_identity structure
   934 //        flags (in)          new value for flags
   935 //
   936 //    return value:
   937 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   938 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   939 //
   940 //    caveat:
   941 //        address and user_id must be given in identity
   942 
   943 DYNAMIC_API PEP_STATUS unset_identity_flags(
   944         PEP_SESSION session,
   945         pEp_identity *identity,
   946         identity_flags_t flags
   947     );
   948 
   949 // mark_as_compromised() - mark key in trust db as compromised
   950 //
   951 //    parameters:
   952 //        session (in)        session handle
   953 //        fpr (in)            fingerprint of key to mark
   954 
   955 DYNAMIC_API PEP_STATUS mark_as_compromised(
   956         PEP_SESSION session,
   957         const char *fpr
   958     );
   959 
   960 
   961 // mark_as_compromized() - deprecated to fix misspelling. Please move to
   962 //                         mark_as_compromised();
   963 
   964 DYNAMIC_API PEP_STATUS mark_as_compromized(
   965         PEP_SESSION session,
   966         const char *fpr
   967     );
   968 
   969 
   970 // generate_keypair() - generate a new key pair and add it to the key ring
   971 //
   972 //  parameters:
   973 //      session (in)            session handle
   974 //        identity (inout)      pointer to pEp_identity structure
   975 //
   976 //    return value:
   977 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   978 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   979 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   980 //
   981 //  caveat:
   982 //      address and username fields must be set to UTF-8 strings
   983 //      the fpr field must be set to NULL
   984 //
   985 //      this function allocates a string and sets set fpr field of identity
   986 //      the caller is responsible to call free() for that string or use
   987 //      free_identity() on the struct
   988 
   989 DYNAMIC_API PEP_STATUS generate_keypair(
   990         PEP_SESSION session, pEp_identity *identity
   991     );
   992 
   993 
   994 // delete_keypair() - delete a public key or a key pair from the key ring
   995 //
   996 //  parameters:
   997 //      session (in)            session handle
   998 //      fpr (in)                C string with key id or fingerprint of the
   999 //                              public key
  1000 //
  1001 //  return value:
  1002 //      PEP_STATUS_OK = 0       key was successfully deleted
  1003 //      PEP_KEY_NOT_FOUND       key not found
  1004 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
  1005 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
  1006 //      PEP_OUT_OF_MEMORY       out of memory
  1007 
  1008 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
  1009 
  1010 
  1011 // import_key() - import key from data
  1012 //
  1013 //  parameters:
  1014 //      session (in)            session handle
  1015 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
  1016 //      size (in)               amount of data to handle
  1017 //      private_keys (out)      list of private keys that have been imported
  1018 //
  1019 //  return value:
  1020 //      PEP_STATUS_OK = 0       key was successfully imported
  1021 //      PEP_OUT_OF_MEMORY       out of memory
  1022 //      PEP_ILLEGAL_VALUE       there is no key data to import
  1023 //
  1024 //  caveat:
  1025 //      private_keys goes to the ownership of the caller
  1026 //      private_keys can be left NULL, it is then ignored
  1027 
  1028 DYNAMIC_API PEP_STATUS import_key(
  1029         PEP_SESSION session,
  1030         const char *key_data,
  1031         size_t size,
  1032         identity_list **private_keys
  1033     );
  1034 
  1035 
  1036 // export_key() - export ascii armored key
  1037 //
  1038 //  parameters:
  1039 //      session (in)            session handle
  1040 //      fpr (in)                key id or fingerprint of key
  1041 //      key_data (out)          ASCII armored OpenPGP key
  1042 //      size (out)              amount of data to handle
  1043 //
  1044 //  return value:
  1045 //      PEP_STATUS_OK = 0       key was successfully exported
  1046 //      PEP_OUT_OF_MEMORY       out of memory
  1047 //      PEP_KEY_NOT_FOUND       key not found
  1048 //
  1049 //  caveat:
  1050 //      the key_data goes to the ownership of the caller
  1051 //      the caller is responsible to free() it (on Windoze use pEp_free())
  1052 
  1053 DYNAMIC_API PEP_STATUS export_key(
  1054         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1055     );
  1056 
  1057 
  1058 // export_secret_key() - export secret key ascii armored
  1059 //
  1060 //  parameters:
  1061 //      session (in)            session handle
  1062 //      fpr (in)                fingerprint of key, at least 16 hex digits
  1063 //      key_data (out)          ASCII armored OpenPGP secret key
  1064 //      size (out)              amount of data to handle
  1065 //
  1066 //  return value:
  1067 //      PEP_STATUS_OK = 0       key was successfully exported
  1068 //      PEP_OUT_OF_MEMORY       out of memory
  1069 //      PEP_KEY_NOT_FOUND       key not found
  1070 //      PEP_CANNOT_EXPORT_KEY   cannot export secret key (i.e. it's on an HKS)
  1071 //
  1072 //  caveat:
  1073 //      the key_data goes to the ownership of the caller
  1074 //      the caller is responsible to free() it (on Windoze use pEp_free())
  1075 //      beware of leaking secret key data - overwrite it in memory after use
  1076 
  1077 DYNAMIC_API PEP_STATUS export_secret_key(
  1078         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1079     );
  1080 
  1081 
  1082 // export_secrect_key() - deprecated misspelled function. Please replace with
  1083 //                        export_secret_key
  1084 
  1085 DYNAMIC_API PEP_STATUS export_secrect_key(
  1086         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1087     );
  1088 
  1089 
  1090 // recv_key() - update key(s) from keyserver
  1091 //
  1092 //  parameters:
  1093 //      session (in)            session handle
  1094 //      pattern (in)            key id, user id or address to search for as
  1095 //                              UTF-8 string
  1096 
  1097 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
  1098 
  1099 
  1100 // find_keys() - find keys in keyring
  1101 //
  1102 //  parameters:
  1103 //      session (in)            session handle
  1104 //      pattern (in)            key id, user id or address to search for as
  1105 //                              UTF-8 string
  1106 //      keylist (out)           list of fingerprints found or NULL on error
  1107 //
  1108 //  caveat:
  1109 //        the ownerships of keylist isgoing to the caller
  1110 //        the caller must use free_stringlist() to free it
  1111 
  1112 
  1113 DYNAMIC_API PEP_STATUS find_keys(
  1114         PEP_SESSION session, const char *pattern, stringlist_t **keylist
  1115     );
  1116 
  1117 // send_key() - send key(s) to keyserver
  1118 //
  1119 //  parameters:
  1120 //      session (in)            session handle
  1121 //      pattern (in)            key id, user id or address to search for as
  1122 //                              UTF-8 string
  1123 
  1124 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
  1125 
  1126 
  1127 // pEp_free() - free memory allocated by pEp engine
  1128 //
  1129 //  parameters:
  1130 //      p (in)                  pointer to free
  1131 //
  1132 //  The reason for this function is that heap management can be a pretty
  1133 //  complex task with Windoze. This free() version calls the free()
  1134 //  implementation of the C runtime library which was used to build pEp engine,
  1135 //  so you're using the correct heap. For more information, see:
  1136 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
  1137 
  1138 DYNAMIC_API void pEp_free(void *p);
  1139 
  1140 
  1141 // get_trust() - get the trust level a key has for a person
  1142 //
  1143 //  parameters:
  1144 //      session (in)            session handle
  1145 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
  1146 //                              comm_type as result (out)
  1147 //
  1148 //  this function modifies the given identity struct; the struct remains in
  1149 //  the ownership of the caller
  1150 //  if the trust level cannot be determined identity->comm_type is set
  1151 //  to PEP_ct_unknown
  1152 
  1153 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
  1154 
  1155 
  1156 PEP_STATUS set_trust(PEP_SESSION session, 
  1157                      pEp_identity* identity);
  1158                             
  1159 PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
  1160                                 const char* fpr, 
  1161                                 PEP_comm_type comm_type);
  1162 
  1163 // least_trust() - get the least known trust level for a key in the database
  1164 //
  1165 //  parameters:
  1166 //      session (in)            session handle
  1167 //      fpr (in)                fingerprint of key to check
  1168 //      comm_type (out)         least comm_type as result (out)
  1169 //
  1170 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
  1171 
  1172 DYNAMIC_API PEP_STATUS least_trust(
  1173         PEP_SESSION session,
  1174         const char *fpr,
  1175         PEP_comm_type *comm_type
  1176     );
  1177 
  1178 
  1179 // get_key_rating() - get the rating a bare key has
  1180 //
  1181 //  parameters:
  1182 //      session (in)            session handle
  1183 //      fpr (in)                unique identifyer for key as UTF-8 string
  1184 //      comm_type (out)         key rating
  1185 //
  1186 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
  1187 //  is returned
  1188 
  1189 DYNAMIC_API PEP_STATUS get_key_rating(
  1190         PEP_SESSION session,
  1191         const char *fpr,
  1192         PEP_comm_type *comm_type
  1193     );
  1194 
  1195 
  1196 // renew_key() - renew an expired key
  1197 //
  1198 //  parameters:
  1199 //      session (in)            session handle
  1200 //      fpr (in)                ID of key to renew as UTF-8 string
  1201 //      ts (in)                 timestamp when key should expire or NULL for
  1202 //                              default
  1203 
  1204 DYNAMIC_API PEP_STATUS renew_key(
  1205         PEP_SESSION session,
  1206         const char *fpr,
  1207         const timestamp *ts
  1208     );
  1209 
  1210 
  1211 // revoke_key() - revoke a key
  1212 //
  1213 //  parameters:
  1214 //      session (in)            session handle
  1215 //      fpr (in)                ID of key to revoke as UTF-8 string
  1216 //      reason (in)             text with reason for revoke as UTF-8 string
  1217 //                              or NULL if reason unknown
  1218 //
  1219 //  caveat:
  1220 //      reason text must not include empty lines
  1221 //      this function is meant for internal use only; better use
  1222 //      key_mistrusted() of keymanagement API
  1223 
  1224 DYNAMIC_API PEP_STATUS revoke_key(
  1225         PEP_SESSION session,
  1226         const char *fpr,
  1227         const char *reason
  1228     );
  1229 
  1230 
  1231 // key_expired() - flags if a key is already expired
  1232 //
  1233 //  parameters:
  1234 //      session (in)            session handle
  1235 //      fpr (in)                ID of key to check as UTF-8 string
  1236 //      when (in)               UTC time of when should expiry be considered
  1237 //      expired (out)           flag if key expired
  1238 
  1239 DYNAMIC_API PEP_STATUS key_expired(
  1240         PEP_SESSION session,
  1241         const char *fpr,
  1242         const time_t when,
  1243         bool *expired
  1244     );
  1245 
  1246     
  1247 // key_revoked() - flags if a key is already revoked
  1248 //
  1249 //  parameters:
  1250 //      session (in)            session handle
  1251 //      fpr (in)                ID of key to check as UTF-8 string
  1252 //      revoked (out)           flag if key revoked
  1253 
  1254 DYNAMIC_API PEP_STATUS key_revoked(
  1255         PEP_SESSION session,
  1256         const char *fpr,
  1257         bool *revoked
  1258     );
  1259 
  1260 PEP_STATUS get_key_userids(
  1261         PEP_SESSION session,
  1262         const char* fpr,
  1263         stringlist_t** keylist
  1264     );
  1265 
  1266 
  1267 // get_crashdump_log() - get the last log messages out
  1268 //
  1269 //  parameters:
  1270 //      session (in)            session handle
  1271 //      maxlines (in)           maximum number of lines (0 for default)
  1272 //      logdata (out)           logdata as string in double quoted CSV format
  1273 //                              column1 is title
  1274 //                              column2 is entity
  1275 //                              column3 is description
  1276 //                              column4 is comment
  1277 //
  1278 //  caveat:
  1279 //      the ownership of logdata goes to the caller
  1280 
  1281 DYNAMIC_API PEP_STATUS get_crashdump_log(
  1282         PEP_SESSION session,
  1283         int maxlines,
  1284         char **logdata
  1285     );
  1286 
  1287 
  1288 // get_languagelist() - get the list of languages
  1289 //
  1290 //  parameters:
  1291 //      session (in)            session handle
  1292 //      languages (out)         languages as string in double quoted CSV format
  1293 //                              column 1 is the ISO 639-1 language code
  1294 //                              column 2 is the name of the language
  1295 //
  1296 //  caveat:
  1297 //      the ownership of languages goes to the caller
  1298 
  1299 DYNAMIC_API PEP_STATUS get_languagelist(
  1300         PEP_SESSION session,
  1301         char **languages
  1302     );
  1303 
  1304 
  1305 // get_phrase() - get phrase in a dedicated language through i18n
  1306 //
  1307 //  parameters:
  1308 //      session (in)            session handle
  1309 //      lang (in)               C string with ISO 639-1 language code
  1310 //      phrase_id (in)          id of phrase in i18n
  1311 //      phrase (out)            phrase as UTF-8 string
  1312 //
  1313 //  caveat:
  1314 //      the ownership of phrase goes to the caller
  1315 
  1316 DYNAMIC_API PEP_STATUS get_phrase(
  1317         PEP_SESSION session,
  1318         const char *lang,
  1319         int phrase_id,
  1320         char **phrase
  1321     );
  1322 
  1323 
  1324 // sequence_value() - raise the value of a named sequence and retrieve it
  1325 //
  1326 //  parameters:
  1327 //      session (in)            session handle
  1328 //      name (in)               name of sequence
  1329 //      value (out)             value of sequence
  1330 //
  1331 //  returns:
  1332 //      PEP_STATUS_OK                   no error, not own sequence
  1333 //      PEP_SEQUENCE_VIOLATED           if sequence violated
  1334 //      PEP_CANNOT_INCREASE_SEQUENCE    if sequence cannot be increased
  1335 //      PEP_OWN_SEQUENCE                if own sequence
  1336 
  1337 DYNAMIC_API PEP_STATUS sequence_value(
  1338         PEP_SESSION session,
  1339         const char *name,
  1340         int32_t *value
  1341     );
  1342 
  1343 
  1344 // set_revoked() - records relation between a revoked key and its replacement
  1345 //
  1346 //  parameters:
  1347 //      session (in)            session handle
  1348 //      revoked_fpr (in)        revoked fingerprint
  1349 //      replacement_fpr (in)    replacement key fingerprint
  1350 //      revocation_date (in)    revocation date
  1351 
  1352 DYNAMIC_API PEP_STATUS set_revoked(
  1353        PEP_SESSION session,
  1354        const char *revoked_fpr,
  1355        const char *replacement_fpr,
  1356        const uint64_t revocation_date
  1357     );
  1358 
  1359 
  1360 // get_revoked() - find revoked key that may have been replaced by given key, if any
  1361 //
  1362 //  parameters:
  1363 //      session (in)            session handle
  1364 //      fpr (in)                given fingerprint
  1365 //      revoked_fpr (out)       revoked fingerprint
  1366 //      revocation_date (out)   revocation date
  1367     
  1368 DYNAMIC_API PEP_STATUS get_revoked(
  1369         PEP_SESSION session,
  1370         const char *fpr,
  1371         char **revoked_fpr,
  1372         uint64_t *revocation_date
  1373     );
  1374 
  1375 // key_created() - get creation date of a key
  1376 //
  1377 //  parameters:
  1378 //      session (in)            session handle
  1379 //      fpr (in)                fingerprint of key
  1380 //      created (out)           date of creation
  1381 
  1382 PEP_STATUS key_created(
  1383         PEP_SESSION session,
  1384         const char *fpr,
  1385         time_t *created
  1386     );
  1387 
  1388 
  1389 // find_private_keys() - find keys in keyring
  1390 //
  1391 //  parameters:
  1392 //      session (in)            session handle
  1393 //      pattern (in)            key id, user id or address to search for as
  1394 //                              UTF-8 string
  1395 //      keylist (out)           list of fingerprints found or NULL on error
  1396 //
  1397 //  caveat:
  1398 //        the ownerships of keylist isgoing to the caller
  1399 //        the caller must use free_stringlist() to free it
  1400 PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
  1401                              stringlist_t **keylist);
  1402 
  1403 // get_engine_version() - returns the current version of pEpEngine (this is different
  1404 //                        from the pEp protocol version!)
  1405 //
  1406 //  parameters: none
  1407 //
  1408 //  return_value: const char* to the engine version string constant
  1409 //
  1410 DYNAMIC_API const char* get_engine_version();
  1411 
  1412 // is_pEp_user() - returns true if the USER corresponding to this identity 
  1413 //                 has been listed in the *person* table as a pEp user. 
  1414 //
  1415 //  parameters:
  1416 //      identity (in) - identity containing the user_id to check (this is
  1417 //                      the only part of the struct we require to be set)
  1418 //      is_pEp (out)  - boolean pointer - will return true or false by
  1419 //                      reference with respect to whether or not user is
  1420 //                      a known pEp user
  1421 //
  1422 //  return_value: PEP_STATUS_OK if user found in person table
  1423 //                PEP_ILLEGAL_VALUE if no user_id in input
  1424 //                PEP_CANNOT_FIND_PERSON if user_id doesn't exist
  1425 //
  1426 //  caveat: This *does not check comm_type*
  1427 //                         
  1428 DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, 
  1429                                    pEp_identity *identity, 
  1430                                    bool* is_pEp);
  1431 
  1432 
  1433 
  1434 DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session);
  1435 
  1436 // This is used internally when there is a temporary identity to be retrieved
  1437 // that may not yet have an FPR attached. See get_identity() for functionality,
  1438 // params and caveats.
  1439 PEP_STATUS get_identity_without_trust_check(
  1440         PEP_SESSION session,
  1441         const char *address,
  1442         const char *user_id,
  1443         pEp_identity **identity
  1444     );
  1445     
  1446 PEP_STATUS get_identities_by_address(
  1447         PEP_SESSION session,
  1448         const char *address,
  1449         identity_list** id_list
  1450     );
  1451     
  1452 PEP_STATUS get_identities_by_userid(
  1453         PEP_SESSION session,
  1454         const char *user_id,
  1455         identity_list **identities
  1456     );    
  1457         
  1458 PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid,
  1459                               const char* new_uid);
  1460                               
  1461 PEP_STATUS remove_key(PEP_SESSION session, const char* fpr);
  1462                               
  1463 PEP_STATUS remove_fpr_as_default(PEP_SESSION session, 
  1464                                     const char* fpr);
  1465                               
  1466                                     
  1467 PEP_STATUS get_main_user_fpr(PEP_SESSION session, 
  1468                              const char* user_id,
  1469                              char** main_fpr);
  1470 
  1471 PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id,
  1472                               const char* new_fpr);
  1473     
  1474 DYNAMIC_API PEP_STATUS get_replacement_fpr(
  1475         PEP_SESSION session,
  1476         const char *fpr,
  1477         char **revoked_fpr,
  1478         uint64_t *revocation_date
  1479     );
  1480     
  1481 PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id);
  1482 
  1483 // This ONLY sets the *user* flag, and creates a shell identity if necessary.
  1484 DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user);
  1485 
  1486 // returns true (by reference) if a person with this user_id exists; 
  1487 // Also replaces aliased user_ids by defaults in identity.
  1488 PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity, bool* exists);
  1489 
  1490 PEP_STATUS set_pgp_keypair(PEP_SESSION session, const char* fpr);
  1491 
  1492 // exposed for testing
  1493 PEP_STATUS set_person(PEP_SESSION session, pEp_identity* identity,
  1494                       bool guard_transaction);
  1495 PEP_STATUS bind_own_ident_with_contact_ident(PEP_SESSION session,
  1496                                              pEp_identity* own_ident, 
  1497                                              pEp_identity* contact_ident);
  1498 
  1499 PEP_STATUS get_last_contacted(
  1500         PEP_SESSION session,
  1501         identity_list** id_list
  1502     );
  1503 
  1504 PEP_STATUS get_own_ident_for_contact_id(PEP_SESSION session,
  1505                                           const pEp_identity* contact,
  1506                                           pEp_identity** own_ident);
  1507 
  1508 PEP_STATUS exists_trust_entry(PEP_SESSION session, pEp_identity* identity,
  1509                               bool* exists);
  1510 
  1511 PEP_STATUS is_own_key(PEP_SESSION session, const char* fpr, bool* own_key);
  1512 
  1513 PEP_STATUS get_identities_by_main_key_id(
  1514         PEP_SESSION session,
  1515         const char *fpr,
  1516         identity_list **identities);
  1517         
  1518 PEP_STATUS sign_only(PEP_SESSION session, 
  1519                      const char *data, 
  1520                      size_t data_size, 
  1521                      const char *fpr, 
  1522                      char **sign, 
  1523                      size_t *sign_size);
  1524                      
  1525 #ifdef __cplusplus
  1526 }
  1527 #endif