src/pEpEngine.h
author Krista Grothoff <krista@pep-project.org>
Wed, 23 Nov 2016 20:54:28 +0100
branchENGINE-74
changeset 1429 86c0e9def29c
parent 1397 0a64816a6e37
parent 1406 8d8ae9657388
child 1430 c4d6e7afbc57
permissions -rw-r--r--
Merged from default
     1 #pragma once
     2 
     3 #ifdef __cplusplus
     4 extern "C" {
     5 #endif
     6 
     7 #include <stddef.h>
     8 #include <stdint.h>
     9 #include <stdbool.h>
    10 
    11 #include "dynamic_api.h"
    12 #include "stringlist.h"
    13 #include "stringpair.h"    
    14 #include "timestamp.h"
    15 
    16 #define PEP_VERSION "1.0" // protocol version
    17 
    18 #define PEP_OWN_USERID "pEp_own_userId"
    19     
    20 // pEp Engine API
    21 
    22 //  caveat:
    23 //      Unicode data has to be normalized to NFC before calling
    24 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    25 
    26 
    27 struct _pEpSession;
    28 typedef struct _pEpSession * PEP_SESSION;
    29 
    30 typedef enum {
    31     PEP_STATUS_OK                                   = 0,
    32 
    33     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    34     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    35     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    36     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    37 
    38     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    39     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    40     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    41     
    42     PEP_KEY_NOT_FOUND                               = 0x0201,
    43     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    44     PEP_GET_KEY_FAILED                              = 0x0203,
    45     PEP_CANNOT_EXPORT_KEY                           = 0x0204,
    46     
    47     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    48     PEP_CANNOT_SET_PERSON                           = 0x0381,
    49     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    50     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    51     PEP_CANNOT_SET_TRUST                            = 0x0384,
    52     PEP_KEY_BLACKLISTED                             = 0x0385,
    53     
    54     PEP_UNENCRYPTED                                 = 0x0400,
    55     PEP_VERIFIED                                    = 0x0401,
    56     PEP_DECRYPTED                                   = 0x0402,
    57     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    58     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    59     PEP_DECRYPT_NO_KEY                              = 0x0405,
    60     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    61     PEP_VERIFY_NO_KEY                               = 0x0407,
    62     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    63     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    64 
    65     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    66     PEP_TRUSTWORDS_FPR_WRONG_LENGTH                 = 0x0502,
    67 
    68     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    69     PEP_CANNOT_SEND_KEY                             = 0x0602,
    70 
    71     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    72 
    73     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    74     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    75     PEP_CANNOT_ENCODE                               = 0x0803,
    76 
    77     PEP_SYNC_NO_TRUSTWORDS_CALLBACK                 = 0x0901,
    78     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
    79     PEP_SYNC_NO_INJECT_CALLBACK                     = 0x0903,
    80 
    81     PEP_SEQUENCE_VIOLATED                           = 0x0970,
    82     PEP_CANNOT_INCREASE_SEQUENCE                    = 0x0971,
    83     PEP_CANNOT_SET_SEQUENCE_VALUE                   = 0x0972,
    84     PEP_OWN_SEQUENCE                                = 0x097f,
    85 
    86     PEP_SYNC_STATEMACHINE_ERROR                     = 0x0980,
    87     PEP_SYNC_NO_TRUST                               = 0x0981,
    88     PEP_STATEMACHINE_INVALID_STATE                  = 0x0982,
    89     PEP_STATEMACHINE_INVALID_EVENT                  = 0x0983,
    90     PEP_STATEMACHINE_INVALID_CONDITION              = 0x0984,
    91     PEP_STATEMACHINE_INVALID_ACTION                 = 0x0985,
    92     PEP_STATEMACHINE_INHIBITED_EVENT                = 0x0986,
    93 
    94     PEP_COMMIT_FAILED                               = 0xff01,
    95     PEP_MESSAGE_CONSUME                             = 0xff02,
    96     PEP_MESSAGE_IGNORE                              = 0xff03,
    97 
    98     PEP_RECORD_NOT_FOUND                            = -6,
    99     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
   100     PEP_ILLEGAL_VALUE                               = -4,
   101     PEP_BUFFER_TOO_SMALL                            = -3,
   102     PEP_OUT_OF_MEMORY                               = -2,
   103     PEP_UNKNOWN_ERROR                               = -1
   104 } PEP_STATUS;
   105 
   106 
   107 // INIT_STATUS init() - initialize pEpEngine for a thread
   108 //
   109 //  parameters:
   110 //        session (out)   init() allocates session memory and returns a pointer
   111 //                        as a handle
   112 //
   113 //  return value:
   114 //        PEP_STATUS_OK = 0                 if init() succeeds
   115 //        PEP_INIT_SQLITE3_WITHOUT_MUTEX    if SQLite3 was compiled with
   116 //                                            SQLITE_THREADSAFE 0
   117 //        PEP_INIT_CANNOT_LOAD_GPGME        if libgpgme.dll cannot be found
   118 //        PEP_INIT_GPGME_INIT_FAILED        if GPGME init fails
   119 //        PEP_INIT_CANNOT_OPEN_DB           if user's management db cannot be
   120 //                                            opened
   121 //        PEP_INIT_CANNOT_OPEN_SYSTEM_DB    if system's management db cannot be
   122 //                                            opened
   123 //
   124 //  caveat:
   125 //      the pointer is valid only if the return value is PEP_STATUS_OK
   126 //      in other case a NULL pointer will be returned; a valid handle must
   127 //      be released using release() when it's no longer needed
   128 //
   129 //      the caller has to guarantee that the first call to this function
   130 //      will succeed before further calls can be done
   131 
   132 DYNAMIC_API PEP_STATUS init(PEP_SESSION *session);
   133 
   134 
   135 // void release() - release thread session handle
   136 //
   137 //  parameters:
   138 //        session (in)    session handle to release
   139 //
   140 //    caveat:
   141 //        the last release() can be called only when all other release() calls
   142 //        are done
   143 
   144 DYNAMIC_API void release(PEP_SESSION session);
   145 
   146 
   147 // config_passive_mode() - enable passive mode
   148 //
   149 //  parameters:
   150 //      session (in)    session handle
   151 //      enable (in)     flag if enabled or disabled
   152 
   153 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   154 
   155 
   156 // config_unencrypted_subject() - disable subject encryption
   157 //
   158 //  parameters:
   159 //      session (in)    session handle
   160 //      enable (in)     flag if enabled or disabled
   161 
   162 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   163 
   164 
   165 // config_use_only_own_private_keys() - enable passive mode
   166 //
   167 //  parameters:
   168 //      session (in)    session handle
   169 //      enable (in)     flag if enabled or disabled
   170 
   171 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   172 
   173 
   174 // config_keep_sync_msg() - do not remove sync messages (for debugging purposes)
   175 //
   176 //      session (in)    session handle
   177 //      enable (in)     flag if enabled or disabled
   178 
   179 DYNAMIC_API void config_keep_sync_msg(PEP_SESSION session, bool enable);
   180 
   181 
   182 // decrypt_and_verify() - decrypt and/or verify a message
   183 //
   184 //    parameters:
   185 //        session (in)    session handle
   186 //        ctext (in)      cipher text to decrypt and/or verify
   187 //        csize (in)      size of cipher text
   188 //        dsigtext (in)   if extant, *detached* signature text for this
   189 //                        message (or NULL if not)
   190 //        dsize (in)      size of *detached* signature text for this
   191 //                        message (0, if no detached sig exists)
   192 //        ptext (out)     pointer to internal buffer with plain text
   193 //        psize (out)     size of plain text
   194 //        keylist (out)   list of key ids which where used to encrypt
   195 //
   196 //    return value:
   197 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   198 //        PEP_VERIFIED                  message was unencrypted, signature matches
   199 //        PEP_DECRYPTED                 message is decrypted now, no signature
   200 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   201 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   202 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   203 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   204 //
   205 //    caveat:
   206 //        the ownerships of ptext as well as keylist are going to the caller
   207 //        the caller must use free() (or an Windoze pEp_free()) and
   208 //        free_stringlist() to free them
   209 //
   210 //      if this function failes an error message may be the first element of
   211 //      keylist and the other elements may be the keys used for encryption
   212 
   213 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   214         PEP_SESSION session, const char *ctext, size_t csize,
   215         const char *dsigtext, size_t dsigsize,
   216         char **ptext, size_t *psize, stringlist_t **keylist
   217     );
   218 
   219 
   220 // verify_text() - verfy plain text with a digital signature
   221 //
   222 //  parameters:
   223 //      session (in)    session handle
   224 //      text (in)       text to verify
   225 //      size (in)       size of text
   226 //      signature (in)  signature text
   227 //      sig_size (in)   size of signature
   228 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   229 //                        error
   230 //
   231 //  return value:
   232 //        PEP_VERIFIED                message was unencrypted, signature matches
   233 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   234 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   235 
   236 DYNAMIC_API PEP_STATUS verify_text(
   237         PEP_SESSION session, const char *text, size_t size,
   238         const char *signature, size_t sig_size, stringlist_t **keylist
   239     );
   240 
   241 
   242 // encrypt_and_sign() - encrypt and sign a message
   243 //
   244 //    parameters:
   245 //        session (in)    session handle
   246 //        keylist (in)    list of key ids to encrypt with as C strings
   247 //        ptext (in)      plain text to decrypt and/or verify
   248 //        psize (in)      size of plain text
   249 //        ctext (out)     pointer to internal buffer with cipher text
   250 //        csize (out)     size of cipher text
   251 //
   252 //    return value:
   253 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   254 //        PEP_KEY_NOT_FOUND            at least one of the receipient keys
   255 //                                     could not be found
   256 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the receipient keys has
   257 //                                     an ambiguous name
   258 //        PEP_GET_KEY_FAILED           cannot retrieve key
   259 //
   260 //    caveat:
   261 //      the ownership of ctext is going to the caller
   262 //      the caller is responsible to free() it (on Windoze use pEp_free())
   263 //      the first key in keylist is being used to sign the message
   264 //      this implies there has to be a private key for that keypair
   265 
   266 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   267         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   268         size_t psize, char **ctext, size_t *csize
   269     );
   270 
   271 
   272 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   273 // management log
   274 //
   275 //    parameters:
   276 //        session (in)        session handle
   277 //        title (in)          C string with event name
   278 //        entity (in)         C string with name of entity which is logging
   279 //        description (in)    C string with long description for event or NULL if
   280 //                            omitted
   281 //        comment (in)        C string with user defined comment or NULL if
   282 //                            omitted
   283 //
   284 //    return value:
   285 //        PEP_STATUS_OK       log entry created
   286 
   287 DYNAMIC_API PEP_STATUS log_event(
   288         PEP_SESSION session,
   289         const char *title,
   290         const char *entity,
   291         const char *description,
   292         const char *comment
   293     );
   294 
   295 
   296 // trustword() - get the corresponding trustword for a 16 bit value
   297 //
   298 //    parameters:
   299 //        session (in)            session handle
   300 //        value (in)              value to find a trustword for
   301 //        lang (in)               C string with ISO 639-1 language code
   302 //        word (out)              pointer to C string with trustword UTF-8 encoded
   303 //                                NULL if language is not supported or trustword
   304 //                                wordlist is damaged or unavailable
   305 //        wsize (out)             length of trustword
   306 //
   307 //    return value:
   308 //        PEP_STATUS_OK            trustword retrieved
   309 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   310 //
   311 //    caveat:
   312 //        the word pointer goes to the ownership of the caller
   313 //      the caller is responsible to free() it (on Windoze use pEp_free())
   314 
   315 DYNAMIC_API PEP_STATUS trustword(
   316             PEP_SESSION session, uint16_t value, const char *lang,
   317             char **word, size_t *wsize
   318         );
   319 
   320 
   321 // trustwords() - get trustwords for a string of hex values of a fingerprint
   322 //
   323 //    parameters:
   324 //        session (in)        session handle
   325 //        fingerprint (in)    C string with hex values to find trustwords for
   326 //        lang (in)           C string with ISO 639-1 language code
   327 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   328 //                            separated by a blank each
   329 //                            NULL if language is not supported or trustword
   330 //                            wordlist is damaged or unavailable
   331 //        wsize (out)         length of trustwords string
   332 //        max_words (in)      only generate a string with max_words;
   333 //                            if max_words == 0 there is no such limit
   334 //
   335 //    return value:
   336 //        PEP_STATUS_OK            trustwords retrieved
   337 //        PEP_OUT_OF_MEMORY        out of memory
   338 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   339 //
   340 //    caveat:
   341 //        the word pointer goes to the ownership of the caller
   342 //      the caller is responsible to free() it (on Windoze use pEp_free())
   343 //
   344 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   345 //
   346 //  Better implement a simple one in the adapter yourself using trustword(), and
   347 //  return a list of trustwords.
   348 //  This function is provided for being used by C and C++ programs only.
   349 
   350 DYNAMIC_API PEP_STATUS trustwords(
   351         PEP_SESSION session, const char *fingerprint, const char *lang,
   352         char **words, size_t *wsize, int max_words
   353     );
   354 
   355 
   356 // TODO: increase versions in pEp.asn1 if rating changes
   357 
   358 typedef enum _PEP_comm_type {
   359     PEP_ct_unknown = 0,
   360 
   361     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   362 
   363     PEP_ct_no_encryption = 0x01,                // generic
   364     PEP_ct_no_encrypted_channel = 0x02,
   365     PEP_ct_key_not_found = 0x03,
   366     PEP_ct_key_expired = 0x04,
   367     PEP_ct_key_revoked = 0x05,
   368     PEP_ct_key_b0rken = 0x06,
   369     PEP_ct_my_key_not_included = 0x09,
   370 
   371     PEP_ct_security_by_obscurity = 0x0a,
   372     PEP_ct_b0rken_crypto = 0x0b,
   373     PEP_ct_key_too_short = 0x0c,
   374 
   375     PEP_ct_compromized = 0x0e,                  // known compromized connection
   376     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   377 
   378     // range 0x10 to 0x3f: unconfirmed encryption
   379 
   380     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   381     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   382 
   383     PEP_ct_to_be_checked = 0x20,                // generic
   384     PEP_ct_SMIME_unconfirmed = 0x21,
   385     PEP_ct_CMS_unconfirmed = 0x22,
   386 
   387     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   388     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   389     PEP_ct_OTR_unconfirmed = 0x3a,
   390 
   391     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   392 
   393     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   394     PEP_ct_pEp_unconfirmed = 0x7f,
   395 
   396     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   397 
   398     // range 0x81 to 0x8f: reserved
   399     // range 0x90 to 0xbf: confirmed encryption
   400 
   401     PEP_ct_confirmed_encryption = 0x90,         // generic
   402     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak
   403 
   404     PEP_ct_to_be_checked_confirmed = 0xa0,      //generic
   405     PEP_ct_SMIME = 0xa1,
   406     PEP_ct_CMS = 0xa2,
   407 
   408     PEP_ct_strong_encryption = 0xb0,            // generic
   409     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   410     PEP_ct_OTR = 0xba,
   411 
   412     // range 0xc0 to 0xff: confirmed encryption and anonymization
   413 
   414     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   415     PEP_ct_pEp = 0xff
   416 } PEP_comm_type;
   417 
   418 typedef enum _identity_flags {
   419     // the first octet flags are app defined settings
   420     PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
   421     PEP_idf_list = 0x0002,           // identity of list of persons
   422 
   423     // the second octet flags are calculated
   424     PEP_idf_devicegroup = 0x0100     // identity of a device group member
   425 } identity_flags;
   426 
   427 typedef unsigned int identity_flags_t;
   428 
   429 // typedef enum _keypair_flags {
   430 // } keypair_flags;
   431 
   432 typedef unsigned int keypair_flags_t;
   433 
   434 typedef struct _pEp_identity {
   435     char *address;              // C string with address UTF-8 encoded
   436     char *fpr;                  // C string with fingerprint UTF-8 encoded
   437     char *user_id;              // C string with user ID UTF-8 encoded
   438     char *username;             // C string with user name UTF-8 encoded
   439     PEP_comm_type comm_type;    // type of communication with this ID
   440     char lang[3];               // language of conversation
   441                                 // ISO 639-1 ALPHA-2, last byte is 0
   442     bool me;                    // if this is the local user herself/himself
   443     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   444 } pEp_identity;
   445 
   446 typedef struct _identity_list {
   447     pEp_identity *ident;
   448     struct _identity_list *next;
   449 } identity_list;
   450 
   451 
   452 // new_identity() - allocate memory and set the string and size fields
   453 //
   454 //  parameters:
   455 //      address (in)        UTF-8 string or NULL 
   456 //      fpr (in)            UTF-8 string or NULL 
   457 //      user_id (in)        UTF-8 string or NULL 
   458 //      username (in)       UTF-8 string or NULL 
   459 //
   460 //  return value:
   461 //      pEp_identity struct or NULL if out of memory
   462 //
   463 //  caveat:
   464 //      the strings are copied; the original strings are still being owned by
   465 //      the caller
   466 
   467 DYNAMIC_API pEp_identity *new_identity(
   468         const char *address, const char *fpr, const char *user_id,
   469         const char *username
   470     );
   471 
   472 
   473 // identity_dup() - allocate memory and duplicate
   474 //
   475 //  parameters:
   476 //      src (in)            identity to duplicate
   477 //
   478 //  return value:
   479 //      pEp_identity struct or NULL if out of memory
   480 //
   481 //  caveat:
   482 //      the strings are copied; the original strings are still being owned by
   483 //      the caller
   484 
   485 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   486 
   487 
   488 // free_identity() - free all memory being occupied by a pEp_identity struct
   489 //
   490 //  parameters:
   491 //      identity (in)       struct to release
   492 //
   493 //  caveat:
   494 //      not only the struct but also all string memory referenced by the
   495 //      struct is being freed; all pointers inside are invalid afterwards
   496 
   497 DYNAMIC_API void free_identity(pEp_identity *identity);
   498 
   499 
   500 // get_identity() - get identity information
   501 //
   502 //    parameters:
   503 //        session (in)        session handle
   504 //        address (in)        C string with communication address, UTF-8 encoded
   505 //        user_id (in)        unique C string to identify person that identity
   506 //                            is refering to
   507 //        identity (out)      pointer to pEp_identity structure with results or
   508 //                            NULL if failure
   509 //
   510 //    caveat:
   511 //        address and user_id are being copied; the original strings remains in
   512 //        the ownership of the caller
   513 //        the resulting pEp_identity structure goes to the ownership of the
   514 //        caller and has to be freed with free_identity() when not in use any
   515 //        more
   516 
   517 DYNAMIC_API PEP_STATUS get_identity(
   518         PEP_SESSION session,
   519         const char *address,
   520         const char *user_id,
   521         pEp_identity **identity
   522     );
   523 
   524 // set_identity() - set identity information
   525 //
   526 //    parameters:
   527 //        session (in)        session handle
   528 //        identity (in)       pointer to pEp_identity structure
   529 //
   530 //    return value:
   531 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   532 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   533 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   534 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   535 //        PEP_COMMIT_FAILED             SQL commit failed
   536 //        PEP_KEY_BLACKLISTED           Key blacklisted, cannot set identity
   537 //
   538 //    caveat:
   539 //        address, fpr, user_id and username must be given
   540 
   541 DYNAMIC_API PEP_STATUS set_identity(
   542         PEP_SESSION session, const pEp_identity *identity
   543     );
   544 
   545 // set_device_group() - update own person's device group
   546 //
   547 //    parameters:
   548 //        session (in)        session handle
   549 //        group_name (in)     new group name
   550 //
   551 //    return value:
   552 //        PEP_STATUS_OK = 0             device group was updated
   553 //        PEP_CANNOT_SET_PERSON         update failed
   554 
   555 DYNAMIC_API PEP_STATUS set_device_group(
   556         PEP_SESSION session,
   557         const char *group_name
   558     );
   559 
   560 // get_device_group() - get own person's device group
   561 //
   562 //    parameters:
   563 //        session (in)        session handle
   564 //        group_name (in)     new group name
   565 //
   566 //    return value:
   567 //        PEP_STATUS_OK = 0             couldn't get device group
   568 //        PEP_RECORD_NOT_FOUND          update failed
   569 //
   570 //    caveat:
   571 //        the ownerships of group_name is going to the caller
   572 
   573 DYNAMIC_API PEP_STATUS get_device_group(
   574         PEP_SESSION session, 
   575         char **group_name
   576     );
   577 
   578 // set_identity_flags() - update identity flags on existing identity
   579 //
   580 //    parameters:
   581 //        session (in)        session handle
   582 //        identity (in,out)   pointer to pEp_identity structure
   583 //        flags (in)          new value for flags
   584 //
   585 //    return value:
   586 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   587 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   588 //
   589 //    caveat:
   590 //        address and user_id must be given in identity
   591 
   592 DYNAMIC_API PEP_STATUS set_identity_flags(
   593         PEP_SESSION session,
   594         pEp_identity *identity,
   595         unsigned int flags
   596     );
   597 
   598 // unset_identity_flags() - update identity flags on existing identity
   599 //
   600 //    parameters:
   601 //        session (in)        session handle
   602 //        identity (in,out)   pointer to pEp_identity structure
   603 //        flags (in)          new value for flags
   604 //
   605 //    return value:
   606 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   607 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   608 //
   609 //    caveat:
   610 //        address and user_id must be given in identity
   611 
   612 DYNAMIC_API PEP_STATUS unset_identity_flags(
   613         PEP_SESSION session,
   614         pEp_identity *identity,
   615         unsigned int flags
   616     );
   617 
   618 // mark_as_compromized() - mark key in trust db as compromized
   619 //
   620 //    parameters:
   621 //        session (in)        session handle
   622 //        fpr (in)            fingerprint of key to mark
   623 
   624 DYNAMIC_API PEP_STATUS mark_as_compromized(
   625         PEP_SESSION session,
   626         const char *fpr
   627     );
   628 
   629 
   630 // generate_keypair() - generate a new key pair and add it to the key ring
   631 //
   632 //  parameters:
   633 //      session (in)            session handle
   634 //        identity (inout)      pointer to pEp_identity structure
   635 //
   636 //    return value:
   637 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   638 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   639 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   640 //
   641 //  caveat:
   642 //      address and username fields must be set to UTF-8 strings
   643 //      the fpr field must be set to NULL
   644 //
   645 //      this function allocates a string and sets set fpr field of identity
   646 //      the caller is responsible to call free() for that string or use
   647 //      free_identity() on the struct
   648 
   649 DYNAMIC_API PEP_STATUS generate_keypair(
   650         PEP_SESSION session, pEp_identity *identity
   651     );
   652 
   653 
   654 // delete_keypair() - delete a public key or a key pair from the key ring
   655 //
   656 //  parameters:
   657 //      session (in)            session handle
   658 //      fpr (in)                C string with key id or fingerprint of the
   659 //                              public key
   660 //
   661 //  return value:
   662 //      PEP_STATUS_OK = 0       key was successfully deleted
   663 //      PEP_KEY_NOT_FOUND       key not found
   664 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
   665 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
   666 //      PEP_OUT_OF_MEMORY       out of memory
   667 
   668 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
   669 
   670 
   671 // import_key() - import key from data
   672 //
   673 //  parameters:
   674 //      session (in)            session handle
   675 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
   676 //      size (in)               amount of data to handle
   677 //      private_keys (out)      list of private keys that have been imported
   678 //
   679 //  return value:
   680 //      PEP_STATUS_OK = 0       key was successfully imported
   681 //      PEP_OUT_OF_MEMORY       out of memory
   682 //      PEP_ILLEGAL_VALUE       there is no key data to import
   683 //
   684 //  caveat:
   685 //      private_keys goes to the ownership of the caller
   686 //      private_keys can be left NULL, it is then ignored
   687 
   688 DYNAMIC_API PEP_STATUS import_key(
   689         PEP_SESSION session,
   690         const char *key_data,
   691         size_t size,
   692         identity_list **private_keys
   693     );
   694 
   695 
   696 // export_key() - export ascii armored key
   697 //
   698 //  parameters:
   699 //      session (in)            session handle
   700 //      fpr (in)                key id or fingerprint of key
   701 //      key_data (out)          ASCII armored OpenPGP key
   702 //      size (out)              amount of data to handle
   703 //
   704 //  return value:
   705 //      PEP_STATUS_OK = 0       key was successfully exported
   706 //      PEP_OUT_OF_MEMORY       out of memory
   707 //      PEP_KEY_NOT_FOUND       key not found
   708 //
   709 //  caveat:
   710 //      the key_data goes to the ownership of the caller
   711 //      the caller is responsible to free() it (on Windoze use pEp_free())
   712 
   713 DYNAMIC_API PEP_STATUS export_key(
   714         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   715     );
   716 
   717 
   718 // export_secret_key() - export secret key ascii armored
   719 //
   720 //  parameters:
   721 //      session (in)            session handle
   722 //      fpr (in)                fingerprint of key, at least 16 hex digits
   723 //      key_data (out)          ASCII armored OpenPGP secret key
   724 //      size (out)              amount of data to handle
   725 //
   726 //  return value:
   727 //      PEP_STATUS_OK = 0       key was successfully exported
   728 //      PEP_OUT_OF_MEMORY       out of memory
   729 //      PEP_KEY_NOT_FOUND       key not found
   730 //      PEP_CANNOT_EXPORT_KEY   cannot export secret key (i.e. it's on an HKS)
   731 //
   732 //  caveat:
   733 //      the key_data goes to the ownership of the caller
   734 //      the caller is responsible to free() it (on Windoze use pEp_free())
   735 //      beware of leaking secret key data - overwrite it in memory after use
   736 
   737 DYNAMIC_API PEP_STATUS export_secrect_key(
   738         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   739     );
   740 
   741 
   742 // recv_key() - update key(s) from keyserver
   743 //
   744 //  parameters:
   745 //      session (in)            session handle
   746 //      pattern (in)            key id, user id or address to search for as
   747 //                              UTF-8 string
   748 
   749 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
   750 
   751 
   752 // find_keys() - find keys in keyring
   753 //
   754 //  parameters:
   755 //      session (in)            session handle
   756 //      pattern (in)            key id, user id or address to search for as
   757 //                              UTF-8 string
   758 //      keylist (out)           list of fingerprints found or NULL on error
   759 //
   760 //  caveat:
   761 //        the ownerships of keylist isgoing to the caller
   762 //        the caller must use free_stringlist() to free it
   763 
   764 
   765 DYNAMIC_API PEP_STATUS find_keys(
   766         PEP_SESSION session, const char *pattern, stringlist_t **keylist
   767     );
   768 
   769 // send_key() - send key(s) to keyserver
   770 //
   771 //  parameters:
   772 //      session (in)            session handle
   773 //      pattern (in)            key id, user id or address to search for as
   774 //                              UTF-8 string
   775 
   776 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
   777 
   778 
   779 // pEp_free() - free memory allocated by pEp engine
   780 //
   781 //  parameters:
   782 //      p (in)                  pointer to free
   783 //
   784 //  The reason for this function is that heap management can be a pretty
   785 //  complex task with Windoze. This free() version calls the free()
   786 //  implementation of the C runtime library which was used to build pEp engine,
   787 //  so you're using the correct heap. For more information, see:
   788 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
   789 
   790 DYNAMIC_API void pEp_free(void *p);
   791 
   792 
   793 // get_trust() - get the trust level a key has for a person
   794 //
   795 //  parameters:
   796 //      session (in)            session handle
   797 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
   798 //                              user_id and comm_type as result (out)
   799 //
   800 //  this function modifies the given identity struct; the struct remains in
   801 //  the ownership of the caller
   802 //  if the trust level cannot be determined identity->comm_type is set
   803 //  to PEP_ct_unknown
   804 
   805 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
   806 
   807 
   808 // least_trust() - get the least known trust level for a key in the database
   809 //
   810 //  parameters:
   811 //      session (in)            session handle
   812 //      fpr (in)                fingerprint of key to check
   813 //      comm_type (out)         least comm_type as result (out)
   814 //
   815 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
   816 
   817 DYNAMIC_API PEP_STATUS least_trust(
   818         PEP_SESSION session,
   819         const char *fpr,
   820         PEP_comm_type *comm_type
   821     );
   822 
   823 
   824 // get_key_rating() - get the rating a bare key has
   825 //
   826 //  parameters:
   827 //      session (in)            session handle
   828 //      fpr (in)                unique identifyer for key as UTF-8 string
   829 //      comm_type (out)         key rating
   830 //
   831 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
   832 //  is returned
   833 
   834 DYNAMIC_API PEP_STATUS get_key_rating(
   835         PEP_SESSION session,
   836         const char *fpr,
   837         PEP_comm_type *comm_type
   838     );
   839 
   840 
   841 // renew_key() - renew an expired key
   842 //
   843 //  parameters:
   844 //      session (in)            session handle
   845 //      fpr (in)                ID of key to renew as UTF-8 string
   846 //      ts (in)                 timestamp when key should expire or NULL for
   847 //                              default
   848 
   849 DYNAMIC_API PEP_STATUS renew_key(
   850         PEP_SESSION session,
   851         const char *fpr,
   852         const timestamp *ts
   853     );
   854 
   855 
   856 // revoke_key() - revoke a key
   857 //
   858 //  parameters:
   859 //      session (in)            session handle
   860 //      fpr (in)                ID of key to revoke as UTF-8 string
   861 //      reason (in)             text with reason for revoke as UTF-8 string
   862 //                              or NULL if reason unknown
   863 //
   864 //  caveat:
   865 //      reason text must not include empty lines
   866 //      this function is meant for internal use only; better use
   867 //      key_mistrusted() of keymanagement API
   868 
   869 DYNAMIC_API PEP_STATUS revoke_key(
   870         PEP_SESSION session,
   871         const char *fpr,
   872         const char *reason
   873     );
   874 
   875 
   876 // key_expired() - flags if a key is already expired
   877 //
   878 //  parameters:
   879 //      session (in)            session handle
   880 //      fpr (in)                ID of key to check as UTF-8 string
   881 //      when (in)               UTC time of when should expiry be considered
   882 //      expired (out)           flag if key expired
   883 
   884 DYNAMIC_API PEP_STATUS key_expired(
   885         PEP_SESSION session,
   886         const char *fpr,
   887         const time_t when,
   888         bool *expired
   889     );
   890 
   891     
   892 // key_revoked() - flags if a key is already revoked
   893 //
   894 //  parameters:
   895 //      session (in)            session handle
   896 //      fpr (in)                ID of key to check as UTF-8 string
   897 //      revoked (out)           flag if key revoked
   898 
   899 DYNAMIC_API PEP_STATUS key_revoked(
   900         PEP_SESSION session,
   901         const char *fpr,
   902         bool *revoked
   903     );
   904 
   905 
   906 // get_crashdump_log() - get the last log messages out
   907 //
   908 //  parameters:
   909 //      session (in)            session handle
   910 //      maxlines (in)           maximum number of lines (0 for default)
   911 //      logdata (out)           logdata as string in double quoted CSV format
   912 //                              column1 is title
   913 //                              column2 is entity
   914 //                              column3 is description
   915 //                              column4 is comment
   916 //
   917 //  caveat:
   918 //      the ownership of logdata goes to the caller
   919 
   920 DYNAMIC_API PEP_STATUS get_crashdump_log(
   921         PEP_SESSION session,
   922         int maxlines,
   923         char **logdata
   924     );
   925 
   926 
   927 // get_languagelist() - get the list of languages
   928 //
   929 //  parameters:
   930 //      session (in)            session handle
   931 //      languages (out)         languages as string in double quoted CSV format
   932 //                              column 1 is the ISO 639-1 language code
   933 //                              column 2 is the name of the language
   934 //
   935 //  caveat:
   936 //      the ownership of languages goes to the caller
   937 
   938 DYNAMIC_API PEP_STATUS get_languagelist(
   939         PEP_SESSION session,
   940         char **languages
   941     );
   942 
   943 
   944 // get_phrase() - get phrase in a dedicated language through i18n
   945 //
   946 //  parameters:
   947 //      session (in)            session handle
   948 //      lang (in)               C string with ISO 639-1 language code
   949 //      phrase_id (in)          id of phrase in i18n
   950 //      phrase (out)            phrase as UTF-8 string
   951 //
   952 //  caveat:
   953 //      the ownership of phrase goes to the caller
   954 
   955 DYNAMIC_API PEP_STATUS get_phrase(
   956         PEP_SESSION session,
   957         const char *lang,
   958         int phrase_id,
   959         char **phrase
   960     );
   961 
   962 
   963 // sequence_value() - raise the value of a named sequence and retrieve it
   964 //
   965 //  parameters:
   966 //      session (in)            session handle
   967 //      name (inout)            name of sequence or char[37] set to {0, }
   968 //                              for new own sequence named as UUID
   969 //      value (inout)           value of sequence value to test or 0 for
   970 //                              getting next value
   971 //
   972 //  returns:
   973 //      PEP_STATUS_OK                   no error, not own sequence
   974 //      PEP_SEQUENCE_VIOLATED           if sequence violated
   975 //      PEP_CANNOT_INCREASE_SEQUENCE    if sequence cannot be increased
   976 //      PEP_OWN_SEQUENCE                if own sequence
   977 
   978 DYNAMIC_API PEP_STATUS sequence_value(
   979         PEP_SESSION session,
   980         char *name,
   981         int32_t *value
   982     );
   983 
   984 
   985 // set_revoked() - records relation between a revoked key and its replacement
   986 //
   987 //  parameters:
   988 //      session (in)            session handle
   989 //      revoked_fpr (in)        revoked fingerprint
   990 //      replacement_fpr (in)    replacement key fingerprint
   991 //      revocation_date (in)    revocation date
   992 
   993 DYNAMIC_API PEP_STATUS set_revoked(
   994        PEP_SESSION session,
   995        const char *revoked_fpr,
   996        const char *replacement_fpr,
   997        const uint64_t revocation_date
   998     );
   999 
  1000 
  1001 // get_revoked() - find revoked key that may have been replaced by given key, if any
  1002 //
  1003 //  parameters:
  1004 //      session (in)            session handle
  1005 //      fpr (in)                given fingerprint
  1006 //      revoked_fpr (out)       revoked fingerprint
  1007 //      revocation_date (out)   revocation date
  1008     
  1009 DYNAMIC_API PEP_STATUS get_revoked(
  1010         PEP_SESSION session,
  1011         const char *fpr,
  1012         char **revoked_fpr,
  1013         uint64_t *revocation_date
  1014     );
  1015 
  1016 
  1017 // key_created() - get creation date of a key
  1018 //
  1019 //  parameters:
  1020 //      session (in)            session handle
  1021 //      fpr (in)                fingerprint of key
  1022 //      created (out)           date of creation
  1023 
  1024 PEP_STATUS key_created(
  1025         PEP_SESSION session,
  1026         const char *fpr,
  1027         time_t *created
  1028     );
  1029 
  1030 
  1031 // find_private_keys() - find keys in keyring
  1032 //
  1033 //  parameters:
  1034 //      session (in)            session handle
  1035 //      pattern (in)            key id, user id or address to search for as
  1036 //                              UTF-8 string
  1037 //      keylist (out)           list of fingerprints found or NULL on error
  1038 //
  1039 //  caveat:
  1040 //        the ownerships of keylist isgoing to the caller
  1041 //        the caller must use free_stringlist() to free it
  1042 PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
  1043                              stringlist_t **keylist);
  1044 
  1045 // get_engine_version() - returns the current version of pEpEngine (this is different
  1046 //                        from the pEp protocol version!)
  1047 //
  1048 //  parameters: none
  1049 //
  1050 //  return_value: const char* to the engine version string constant
  1051 //
  1052 DYNAMIC_API const char* get_engine_version();
  1053 
  1054 
  1055 DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session);
  1056 
  1057 #ifdef __cplusplus
  1058 }
  1059 #endif