src/pEpEngine.h
author Krista Bennett <krista@pep-project.org>
Fri, 27 Oct 2017 20:02:41 +0200
branchENGINE-293
changeset 2219 99b05a2f117e
parent 2152 771f8f862d51
child 2302 3fbe4956dd34
permissions -rw-r--r--
shelving changes
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #pragma once
     5 
     6 #ifdef __cplusplus
     7 extern "C" {
     8 #endif
     9 
    10 #include <stddef.h>
    11 #include <stdint.h>
    12 #include <stdbool.h>
    13 
    14 #include "dynamic_api.h"
    15 #include "stringlist.h"
    16 #include "stringpair.h"    
    17 #include "timestamp.h"
    18 
    19 #define PEP_VERSION "2.0" // protocol version
    20 
    21 #define PEP_OWN_USERID "pEp_own_userId"
    22     
    23 // pEp Engine API
    24 
    25 //  caveat:
    26 //      Unicode data has to be normalized to NFC before calling
    27 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    28 
    29 
    30 struct _pEpSession;
    31 typedef struct _pEpSession * PEP_SESSION;
    32 
    33 typedef enum {
    34     PEP_STATUS_OK                                   = 0,
    35 
    36     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    37     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    38     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    39     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    40 
    41     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    42     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    43     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    44     
    45     PEP_KEY_NOT_FOUND                               = 0x0201,
    46     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    47     PEP_GET_KEY_FAILED                              = 0x0203,
    48     PEP_CANNOT_EXPORT_KEY                           = 0x0204,
    49     PEP_CANNOT_EDIT_KEY                             = 0x0205,
    50     
    51     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    52     PEP_CANNOT_SET_PERSON                           = 0x0381,
    53     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    54     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    55     PEP_CANNOT_SET_TRUST                            = 0x0384,
    56     PEP_KEY_BLACKLISTED                             = 0x0385,
    57     
    58     PEP_UNENCRYPTED                                 = 0x0400,
    59     PEP_VERIFIED                                    = 0x0401,
    60     PEP_DECRYPTED                                   = 0x0402,
    61     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    62     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    63     PEP_DECRYPT_NO_KEY                              = 0x0405,
    64     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    65     PEP_VERIFY_NO_KEY                               = 0x0407,
    66     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    67     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    68 
    69     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    70     PEP_TRUSTWORDS_FPR_WRONG_LENGTH                 = 0x0502,
    71     PEP_TRUSTWORDS_DUPLICATE_FPR                    = 0x0503,
    72 
    73     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    74     PEP_CANNOT_SEND_KEY                             = 0x0602,
    75 
    76     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    77 
    78     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    79     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    80     PEP_CANNOT_ENCODE                               = 0x0803,
    81 
    82     PEP_SYNC_NO_NOTIFY_CALLBACK                     = 0x0901,
    83     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
    84     PEP_SYNC_NO_INJECT_CALLBACK                     = 0x0903,
    85 
    86     PEP_SEQUENCE_VIOLATED                           = 0x0970,
    87     PEP_CANNOT_INCREASE_SEQUENCE                    = 0x0971,
    88     PEP_CANNOT_SET_SEQUENCE_VALUE                   = 0x0972,
    89     PEP_OWN_SEQUENCE                                = 0x097f,
    90 
    91     PEP_SYNC_STATEMACHINE_ERROR                     = 0x0980,
    92     PEP_SYNC_NO_TRUST                               = 0x0981,
    93     PEP_STATEMACHINE_INVALID_STATE                  = 0x0982,
    94     PEP_STATEMACHINE_INVALID_EVENT                  = 0x0983,
    95     PEP_STATEMACHINE_INVALID_CONDITION              = 0x0984,
    96     PEP_STATEMACHINE_INVALID_ACTION                 = 0x0985,
    97     PEP_STATEMACHINE_INHIBITED_EVENT                = 0x0986,
    98 
    99     PEP_COMMIT_FAILED                               = 0xff01,
   100     PEP_MESSAGE_CONSUME                             = 0xff02,
   101     PEP_MESSAGE_IGNORE                              = 0xff03,
   102 
   103     PEP_RECORD_NOT_FOUND                            = -6,
   104     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
   105     PEP_ILLEGAL_VALUE                               = -4,
   106     PEP_BUFFER_TOO_SMALL                            = -3,
   107     PEP_OUT_OF_MEMORY                               = -2,
   108     PEP_UNKNOWN_ERROR                               = -1,
   109     
   110     PEP_VERSION_MISMATCH                            = -7,
   111 } PEP_STATUS;
   112 
   113 
   114 // INIT_STATUS init() - initialize pEpEngine for a thread
   115 //
   116 //  parameters:
   117 //        session (out)   init() allocates session memory and returns a pointer
   118 //                        as a handle
   119 //
   120 //  return value:
   121 //        PEP_STATUS_OK = 0                 if init() succeeds
   122 //        PEP_INIT_SQLITE3_WITHOUT_MUTEX    if SQLite3 was compiled with
   123 //                                            SQLITE_THREADSAFE 0
   124 //        PEP_INIT_CANNOT_LOAD_GPGME        if libgpgme.dll cannot be found
   125 //        PEP_INIT_GPGME_INIT_FAILED        if GPGME init fails
   126 //        PEP_INIT_CANNOT_OPEN_DB           if user's management db cannot be
   127 //                                            opened
   128 //        PEP_INIT_CANNOT_OPEN_SYSTEM_DB    if system's management db cannot be
   129 //                                            opened
   130 //
   131 //  caveat:
   132 //      THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. release() should
   133 //      be similarly guarded.
   134 //
   135 //      the pointer is valid only if the return value is PEP_STATUS_OK
   136 //      in other case a NULL pointer will be returned; a valid handle must
   137 //      be released using release() when it's no longer needed
   138 //
   139 //      the caller has to guarantee that the first call to this function
   140 //      will succeed before further calls can be done
   141 
   142 DYNAMIC_API PEP_STATUS init(PEP_SESSION *session);
   143 
   144 
   145 // void release() - release thread session handle
   146 //
   147 //  parameters:
   148 //        session (in)    session handle to release
   149 //
   150 //    caveat:
   151 //        THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. init() should
   152 //        be similarly guarded.
   153 //       
   154 //        the last release() can be called only when all other release() calls
   155 //        are done
   156 
   157 DYNAMIC_API void release(PEP_SESSION session);
   158 
   159 
   160 // const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any
   161 //
   162 //  parameters:
   163 //        session (in)    session handle
   164 //
   165 //    caveat:
   166 //        To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK
   167 //        The error stack belongs to the session. Do no not change it!
   168 DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session);
   169 
   170 
   171 // void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any
   172 //
   173 //  parameters:
   174 //        session (in)    session handle
   175 //
   176 DYNAMIC_API void clear_errorstack(PEP_SESSION session);
   177 
   178 
   179 // config_passive_mode() - enable passive mode
   180 //
   181 //  parameters:
   182 //      session (in)    session handle
   183 //      enable (in)     flag if enabled or disabled
   184 
   185 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   186 
   187 
   188 // config_unencrypted_subject() - disable subject encryption
   189 //
   190 //  parameters:
   191 //      session (in)    session handle
   192 //      enable (in)     flag if enabled or disabled
   193 
   194 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   195 
   196 
   197 // config_use_only_own_private_keys() - enable passive mode
   198 //
   199 //  parameters:
   200 //      session (in)    session handle
   201 //      enable (in)     flag if enabled or disabled
   202 
   203 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   204 
   205 
   206 // config_keep_sync_msg() - do not remove sync messages (for debugging purposes)
   207 //
   208 //      session (in)    session handle
   209 //      enable (in)     flag if enabled or disabled
   210 
   211 DYNAMIC_API void config_keep_sync_msg(PEP_SESSION session, bool enable);
   212 
   213 
   214 // config_service_log() - log more for service purposes
   215 //
   216 //      session (in)    session handle
   217 //      enable (in)     flag if enabled or disabled
   218 
   219 DYNAMIC_API void config_service_log(PEP_SESSION session, bool enable);
   220 
   221 
   222 // decrypt_and_verify() - decrypt and/or verify a message
   223 //
   224 //    parameters:
   225 //        session (in)    session handle
   226 //        ctext (in)      cipher text to decrypt and/or verify
   227 //        csize (in)      size of cipher text
   228 //        dsigtext (in)   if extant, *detached* signature text for this
   229 //                        message (or NULL if not)
   230 //        dsize (in)      size of *detached* signature text for this
   231 //                        message (0, if no detached sig exists)
   232 //        ptext (out)     pointer to internal buffer with plain text
   233 //        psize (out)     size of plain text
   234 //        keylist (out)   list of key ids which where used to encrypt
   235 //
   236 //    return value:
   237 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   238 //        PEP_VERIFIED                  message was unencrypted, signature matches
   239 //        PEP_DECRYPTED                 message is decrypted now, no signature
   240 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   241 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   242 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   243 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   244 //
   245 //    caveat:
   246 //        the ownerships of ptext as well as keylist are going to the caller
   247 //        the caller must use free() (or an Windoze pEp_free()) and
   248 //        free_stringlist() to free them
   249 //
   250 //      if this function failes an error message may be the first element of
   251 //      keylist and the other elements may be the keys used for encryption
   252 
   253 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   254         PEP_SESSION session, const char *ctext, size_t csize,
   255         const char *dsigtext, size_t dsigsize,
   256         char **ptext, size_t *psize, stringlist_t **keylist
   257     );
   258 
   259 
   260 // verify_text() - verfy plain text with a digital signature
   261 //
   262 //  parameters:
   263 //      session (in)    session handle
   264 //      text (in)       text to verify
   265 //      size (in)       size of text
   266 //      signature (in)  signature text
   267 //      sig_size (in)   size of signature
   268 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   269 //                        error
   270 //
   271 //  return value:
   272 //        PEP_VERIFIED                message was unencrypted, signature matches
   273 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   274 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   275 
   276 DYNAMIC_API PEP_STATUS verify_text(
   277         PEP_SESSION session, const char *text, size_t size,
   278         const char *signature, size_t sig_size, stringlist_t **keylist
   279     );
   280 
   281 
   282 // encrypt_and_sign() - encrypt and sign a message
   283 //
   284 //    parameters:
   285 //        session (in)    session handle
   286 //        keylist (in)    list of key ids to encrypt with as C strings
   287 //        ptext (in)      plain text to decrypt and/or verify
   288 //        psize (in)      size of plain text
   289 //        ctext (out)     pointer to internal buffer with cipher text
   290 //        csize (out)     size of cipher text
   291 //
   292 //    return value:
   293 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   294 //        PEP_KEY_NOT_FOUND            at least one of the receipient keys
   295 //                                     could not be found
   296 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the receipient keys has
   297 //                                     an ambiguous name
   298 //        PEP_GET_KEY_FAILED           cannot retrieve key
   299 //
   300 //    caveat:
   301 //      the ownership of ctext is going to the caller
   302 //      the caller is responsible to free() it (on Windoze use pEp_free())
   303 //      the first key in keylist is being used to sign the message
   304 //      this implies there has to be a private key for that keypair
   305 
   306 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   307         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   308         size_t psize, char **ctext, size_t *csize
   309     );
   310 
   311 
   312 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   313 // management log
   314 //
   315 //    parameters:
   316 //        session (in)        session handle
   317 //        title (in)          C string with event name
   318 //        entity (in)         C string with name of entity which is logging
   319 //        description (in)    C string with long description for event or NULL if
   320 //                            omitted
   321 //        comment (in)        C string with user defined comment or NULL if
   322 //                            omitted
   323 //
   324 //    return value:
   325 //        PEP_STATUS_OK       log entry created
   326 
   327 DYNAMIC_API PEP_STATUS log_event(
   328         PEP_SESSION session,
   329         const char *title,
   330         const char *entity,
   331         const char *description,
   332         const char *comment
   333     );
   334 
   335 
   336 DYNAMIC_API PEP_STATUS log_service(PEP_SESSION session, const char *title,
   337         const char *entity, const char *description, const char *comment);
   338 
   339 #define _STR_(x) #x
   340 #define _D_STR_(x) _STR_(x)
   341 #define S_LINE _D_STR_(__LINE__)
   342 
   343 #define SERVICE_LOG(session, title, entity, desc) \
   344     log_service((session), (title), (entity), (desc), "service " __FILE__ ":" S_LINE)
   345 
   346 
   347 // trustword() - get the corresponding trustword for a 16 bit value
   348 //
   349 //    parameters:
   350 //        session (in)            session handle
   351 //        value (in)              value to find a trustword for
   352 //        lang (in)               C string with ISO 639-1 language code
   353 //        word (out)              pointer to C string with trustword UTF-8 encoded
   354 //                                NULL if language is not supported or trustword
   355 //                                wordlist is damaged or unavailable
   356 //        wsize (out)             length of trustword
   357 //
   358 //    return value:
   359 //        PEP_STATUS_OK            trustword retrieved
   360 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   361 //
   362 //    caveat:
   363 //        the word pointer goes to the ownership of the caller
   364 //      the caller is responsible to free() it (on Windoze use pEp_free())
   365 
   366 DYNAMIC_API PEP_STATUS trustword(
   367             PEP_SESSION session, uint16_t value, const char *lang,
   368             char **word, size_t *wsize
   369         );
   370 
   371 
   372 // trustwords() - get trustwords for a string of hex values of a fingerprint
   373 //
   374 //    parameters:
   375 //        session (in)        session handle
   376 //        fingerprint (in)    C string with hex values to find trustwords for
   377 //        lang (in)           C string with ISO 639-1 language code
   378 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   379 //                            separated by a blank each
   380 //                            NULL if language is not supported or trustword
   381 //                            wordlist is damaged or unavailable
   382 //        wsize (out)         length of trustwords string
   383 //        max_words (in)      only generate a string with max_words;
   384 //                            if max_words == 0 there is no such limit
   385 //
   386 //    return value:
   387 //        PEP_STATUS_OK            trustwords retrieved
   388 //        PEP_OUT_OF_MEMORY        out of memory
   389 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   390 //
   391 //    caveat:
   392 //        the word pointer goes to the ownership of the caller
   393 //      the caller is responsible to free() it (on Windoze use pEp_free())
   394 //
   395 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   396 //
   397 //  Better implement a simple one in the adapter yourself using trustword(), and
   398 //  return a list of trustwords.
   399 //  This function is provided for being used by C and C++ programs only.
   400 
   401 DYNAMIC_API PEP_STATUS trustwords(
   402         PEP_SESSION session, const char *fingerprint, const char *lang,
   403         char **words, size_t *wsize, int max_words
   404     );
   405 
   406 
   407 // TODO: increase versions in pEp.asn1 if rating changes
   408 
   409 typedef enum _PEP_comm_type {
   410     PEP_ct_unknown = 0,
   411 
   412     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   413 
   414     PEP_ct_no_encryption = 0x01,                // generic
   415     PEP_ct_no_encrypted_channel = 0x02,
   416     PEP_ct_key_not_found = 0x03,
   417     PEP_ct_key_expired = 0x04,
   418     PEP_ct_key_revoked = 0x05,
   419     PEP_ct_key_b0rken = 0x06,
   420     PEP_ct_my_key_not_included = 0x09,
   421 
   422     PEP_ct_security_by_obscurity = 0x0a,
   423     PEP_ct_b0rken_crypto = 0x0b,
   424     PEP_ct_key_too_short = 0x0c,
   425 
   426     PEP_ct_compromized = 0x0e,                  // known compromized connection
   427     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   428 
   429     // range 0x10 to 0x3f: unconfirmed encryption
   430 
   431     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   432     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   433 
   434     PEP_ct_to_be_checked = 0x20,                // generic
   435     PEP_ct_SMIME_unconfirmed = 0x21,
   436     PEP_ct_CMS_unconfirmed = 0x22,
   437 
   438     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   439     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   440     PEP_ct_OTR_unconfirmed = 0x3a,
   441 
   442     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   443 
   444     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   445     PEP_ct_pEp_unconfirmed = 0x7f,
   446 
   447     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   448 
   449     // range 0x81 to 0x8f: reserved
   450     // range 0x90 to 0xbf: confirmed encryption
   451 
   452     PEP_ct_confirmed_encryption = 0x90,         // generic
   453     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak (unused)
   454 
   455     PEP_ct_to_be_checked_confirmed = 0xa0,      //generic
   456     PEP_ct_SMIME = 0xa1,
   457     PEP_ct_CMS = 0xa2,
   458 
   459     PEP_ct_strong_encryption = 0xb0,            // generic
   460     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   461     PEP_ct_OTR = 0xba,
   462 
   463     // range 0xc0 to 0xff: confirmed encryption and anonymization
   464 
   465     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   466     PEP_ct_pEp = 0xff
   467 } PEP_comm_type;
   468 
   469 typedef enum _identity_flags {
   470     // the first octet flags are app defined settings
   471     PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
   472     PEP_idf_list = 0x0002,           // identity of list of persons
   473     PEP_idf_me = 0x0004,             // This identity is connected to own user_id
   474     // the second octet flags are calculated
   475     PEP_idf_devicegroup = 0x0100     // identity of a device group member
   476 } identity_flags;
   477 
   478 typedef unsigned int identity_flags_t;
   479 
   480 // typedef enum _keypair_flags {
   481 // } keypair_flags;
   482 
   483 typedef unsigned int keypair_flags_t;
   484 
   485 typedef struct _pEp_identity {
   486     char *address;              // C string with address UTF-8 encoded
   487     char *fpr;                  // C string with fingerprint UTF-8 encoded
   488     char *user_id;              // C string with user ID UTF-8 encoded
   489                                 // user_id must be set to "pEp_own_userId"
   490                                 // (use PEP_OWN_USERID preprocessor define)
   491                                 // if this is own user's identity.
   492     char *username;             // C string with user name UTF-8 encoded
   493     PEP_comm_type comm_type;    // type of communication with this ID
   494     char lang[3];               // language of conversation
   495                                 // ISO 639-1 ALPHA-2, last byte is 0
   496     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   497 } pEp_identity;
   498 
   499 typedef struct _identity_list {
   500     pEp_identity *ident;
   501     struct _identity_list *next;
   502 } identity_list;
   503 
   504 
   505 // new_identity() - allocate memory and set the string and size fields
   506 //
   507 //  parameters:
   508 //      address (in)        UTF-8 string or NULL 
   509 //      fpr (in)            UTF-8 string or NULL 
   510 //      user_id (in)        UTF-8 string or NULL 
   511 //      username (in)       UTF-8 string or NULL 
   512 //
   513 //  return value:
   514 //      pEp_identity struct or NULL if out of memory
   515 //
   516 //  caveat:
   517 //      the strings are copied; the original strings are still being owned by
   518 //      the caller
   519 
   520 DYNAMIC_API pEp_identity *new_identity(
   521         const char *address, const char *fpr, const char *user_id,
   522         const char *username
   523     );
   524 
   525 
   526 // identity_dup() - allocate memory and duplicate
   527 //
   528 //  parameters:
   529 //      src (in)            identity to duplicate
   530 //
   531 //  return value:
   532 //      pEp_identity struct or NULL if out of memory
   533 //
   534 //  caveat:
   535 //      the strings are copied; the original strings are still being owned by
   536 //      the caller
   537 
   538 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   539 
   540 
   541 // free_identity() - free all memory being occupied by a pEp_identity struct
   542 //
   543 //  parameters:
   544 //      identity (in)       struct to release
   545 //
   546 //  caveat:
   547 //      not only the struct but also all string memory referenced by the
   548 //      struct is being freed; all pointers inside are invalid afterwards
   549 
   550 DYNAMIC_API void free_identity(pEp_identity *identity);
   551 
   552 
   553 // get_identity() - get identity information
   554 //
   555 //    parameters:
   556 //        session (in)        session handle
   557 //        address (in)        C string with communication address, UTF-8 encoded
   558 //        user_id (in)        unique C string to identify person that identity
   559 //                            is refering to
   560 //        identity (out)      pointer to pEp_identity structure with results or
   561 //                            NULL if failure
   562 //
   563 //    caveat:
   564 //        address and user_id are being copied; the original strings remains in
   565 //        the ownership of the caller
   566 //        the resulting pEp_identity structure goes to the ownership of the
   567 //        caller and has to be freed with free_identity() when not in use any
   568 //        more
   569 
   570 DYNAMIC_API PEP_STATUS get_identity(
   571         PEP_SESSION session,
   572         const char *address,
   573         const char *user_id,
   574         pEp_identity **identity
   575     );
   576 
   577 PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
   578                                  const char* old_fpr, 
   579                                  const char* new_fpr); 
   580 
   581 
   582 // set_identity() - set identity information
   583 //
   584 //    parameters:
   585 //        session (in)        session handle
   586 //        identity (in)       pointer to pEp_identity structure
   587 //
   588 //    return value:
   589 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   590 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   591 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   592 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   593 //        PEP_COMMIT_FAILED             SQL commit failed
   594 //        PEP_KEY_BLACKLISTED           Key blacklisted, cannot set identity
   595 //
   596 //    caveat:
   597 //        address, fpr, user_id and username must be given
   598 
   599 DYNAMIC_API PEP_STATUS set_identity(
   600         PEP_SESSION session, const pEp_identity *identity
   601     );
   602 
   603 // set_device_group() - update own person's device group
   604 //
   605 //    parameters:
   606 //        session (in)        session handle
   607 //        group_name (in)     new group name
   608 //
   609 //    return value:
   610 //        PEP_STATUS_OK = 0             device group was updated
   611 //        PEP_CANNOT_SET_PERSON         update failed
   612 
   613 DYNAMIC_API PEP_STATUS set_device_group(
   614         PEP_SESSION session,
   615         const char *group_name
   616     );
   617 
   618 // get_device_group() - get own person's device group
   619 //
   620 //    parameters:
   621 //        session (in)        session handle
   622 //        group_name (in)     new group name
   623 //
   624 //    return value:
   625 //        PEP_STATUS_OK = 0             couldn't get device group
   626 //        PEP_RECORD_NOT_FOUND          update failed
   627 //
   628 //    caveat:
   629 //        the ownerships of group_name is going to the caller
   630 
   631 DYNAMIC_API PEP_STATUS get_device_group(
   632         PEP_SESSION session, 
   633         char **group_name
   634     );
   635 
   636 // set_identity_flags() - update identity flags on existing identity
   637 //
   638 //    parameters:
   639 //        session (in)        session handle
   640 //        identity (in,out)   pointer to pEp_identity structure
   641 //        flags (in)          new value for flags
   642 //
   643 //    return value:
   644 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   645 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   646 //
   647 //    caveat:
   648 //        address and user_id must be given in identity
   649 
   650 DYNAMIC_API PEP_STATUS set_identity_flags(
   651         PEP_SESSION session,
   652         pEp_identity *identity,
   653         identity_flags_t flags
   654     );
   655 
   656 // unset_identity_flags() - update identity flags on existing identity
   657 //
   658 //    parameters:
   659 //        session (in)        session handle
   660 //        identity (in,out)   pointer to pEp_identity structure
   661 //        flags (in)          new value for flags
   662 //
   663 //    return value:
   664 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   665 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   666 //
   667 //    caveat:
   668 //        address and user_id must be given in identity
   669 
   670 DYNAMIC_API PEP_STATUS unset_identity_flags(
   671         PEP_SESSION session,
   672         pEp_identity *identity,
   673         identity_flags_t flags
   674     );
   675 
   676 // mark_as_compromized() - mark key in trust db as compromized
   677 //
   678 //    parameters:
   679 //        session (in)        session handle
   680 //        fpr (in)            fingerprint of key to mark
   681 
   682 DYNAMIC_API PEP_STATUS mark_as_compromized(
   683         PEP_SESSION session,
   684         const char *fpr
   685     );
   686 
   687 
   688 // generate_keypair() - generate a new key pair and add it to the key ring
   689 //
   690 //  parameters:
   691 //      session (in)            session handle
   692 //        identity (inout)      pointer to pEp_identity structure
   693 //
   694 //    return value:
   695 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   696 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   697 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   698 //
   699 //  caveat:
   700 //      address and username fields must be set to UTF-8 strings
   701 //      the fpr field must be set to NULL
   702 //
   703 //      this function allocates a string and sets set fpr field of identity
   704 //      the caller is responsible to call free() for that string or use
   705 //      free_identity() on the struct
   706 
   707 DYNAMIC_API PEP_STATUS generate_keypair(
   708         PEP_SESSION session, pEp_identity *identity
   709     );
   710 
   711 
   712 // delete_keypair() - delete a public key or a key pair from the key ring
   713 //
   714 //  parameters:
   715 //      session (in)            session handle
   716 //      fpr (in)                C string with key id or fingerprint of the
   717 //                              public key
   718 //
   719 //  return value:
   720 //      PEP_STATUS_OK = 0       key was successfully deleted
   721 //      PEP_KEY_NOT_FOUND       key not found
   722 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
   723 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
   724 //      PEP_OUT_OF_MEMORY       out of memory
   725 
   726 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
   727 
   728 
   729 // import_key() - import key from data
   730 //
   731 //  parameters:
   732 //      session (in)            session handle
   733 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
   734 //      size (in)               amount of data to handle
   735 //      private_keys (out)      list of private keys that have been imported
   736 //
   737 //  return value:
   738 //      PEP_STATUS_OK = 0       key was successfully imported
   739 //      PEP_OUT_OF_MEMORY       out of memory
   740 //      PEP_ILLEGAL_VALUE       there is no key data to import
   741 //
   742 //  caveat:
   743 //      private_keys goes to the ownership of the caller
   744 //      private_keys can be left NULL, it is then ignored
   745 
   746 DYNAMIC_API PEP_STATUS import_key(
   747         PEP_SESSION session,
   748         const char *key_data,
   749         size_t size,
   750         identity_list **private_keys
   751     );
   752 
   753 
   754 // export_key() - export ascii armored key
   755 //
   756 //  parameters:
   757 //      session (in)            session handle
   758 //      fpr (in)                key id or fingerprint of key
   759 //      key_data (out)          ASCII armored OpenPGP key
   760 //      size (out)              amount of data to handle
   761 //
   762 //  return value:
   763 //      PEP_STATUS_OK = 0       key was successfully exported
   764 //      PEP_OUT_OF_MEMORY       out of memory
   765 //      PEP_KEY_NOT_FOUND       key not found
   766 //
   767 //  caveat:
   768 //      the key_data goes to the ownership of the caller
   769 //      the caller is responsible to free() it (on Windoze use pEp_free())
   770 
   771 DYNAMIC_API PEP_STATUS export_key(
   772         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   773     );
   774 
   775 
   776 // export_secret_key() - export secret key ascii armored
   777 //
   778 //  parameters:
   779 //      session (in)            session handle
   780 //      fpr (in)                fingerprint of key, at least 16 hex digits
   781 //      key_data (out)          ASCII armored OpenPGP secret key
   782 //      size (out)              amount of data to handle
   783 //
   784 //  return value:
   785 //      PEP_STATUS_OK = 0       key was successfully exported
   786 //      PEP_OUT_OF_MEMORY       out of memory
   787 //      PEP_KEY_NOT_FOUND       key not found
   788 //      PEP_CANNOT_EXPORT_KEY   cannot export secret key (i.e. it's on an HKS)
   789 //
   790 //  caveat:
   791 //      the key_data goes to the ownership of the caller
   792 //      the caller is responsible to free() it (on Windoze use pEp_free())
   793 //      beware of leaking secret key data - overwrite it in memory after use
   794 
   795 DYNAMIC_API PEP_STATUS export_secrect_key(
   796         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   797     );
   798 
   799 
   800 // recv_key() - update key(s) from keyserver
   801 //
   802 //  parameters:
   803 //      session (in)            session handle
   804 //      pattern (in)            key id, user id or address to search for as
   805 //                              UTF-8 string
   806 
   807 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
   808 
   809 
   810 // find_keys() - find keys in keyring
   811 //
   812 //  parameters:
   813 //      session (in)            session handle
   814 //      pattern (in)            key id, user id or address to search for as
   815 //                              UTF-8 string
   816 //      keylist (out)           list of fingerprints found or NULL on error
   817 //
   818 //  caveat:
   819 //        the ownerships of keylist isgoing to the caller
   820 //        the caller must use free_stringlist() to free it
   821 
   822 
   823 DYNAMIC_API PEP_STATUS find_keys(
   824         PEP_SESSION session, const char *pattern, stringlist_t **keylist
   825     );
   826 
   827 // send_key() - send key(s) to keyserver
   828 //
   829 //  parameters:
   830 //      session (in)            session handle
   831 //      pattern (in)            key id, user id or address to search for as
   832 //                              UTF-8 string
   833 
   834 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
   835 
   836 
   837 // pEp_free() - free memory allocated by pEp engine
   838 //
   839 //  parameters:
   840 //      p (in)                  pointer to free
   841 //
   842 //  The reason for this function is that heap management can be a pretty
   843 //  complex task with Windoze. This free() version calls the free()
   844 //  implementation of the C runtime library which was used to build pEp engine,
   845 //  so you're using the correct heap. For more information, see:
   846 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
   847 
   848 DYNAMIC_API void pEp_free(void *p);
   849 
   850 
   851 // get_trust() - get the trust level a key has for a person
   852 //
   853 //  parameters:
   854 //      session (in)            session handle
   855 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
   856 //                              user_id and comm_type as result (out)
   857 //
   858 //  this function modifies the given identity struct; the struct remains in
   859 //  the ownership of the caller
   860 //  if the trust level cannot be determined identity->comm_type is set
   861 //  to PEP_ct_unknown
   862 
   863 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
   864 
   865 
   866 PEP_STATUS set_trust(PEP_SESSION session, 
   867                             const char* user_id,
   868                             const char* fpr, 
   869                             PEP_comm_type comm_type);
   870                             
   871 PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
   872                                 const char* fpr, 
   873                                 PEP_comm_type comm_type);
   874 
   875 // least_trust() - get the least known trust level for a key in the database
   876 //
   877 //  parameters:
   878 //      session (in)            session handle
   879 //      fpr (in)                fingerprint of key to check
   880 //      comm_type (out)         least comm_type as result (out)
   881 //
   882 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
   883 
   884 DYNAMIC_API PEP_STATUS least_trust(
   885         PEP_SESSION session,
   886         const char *fpr,
   887         PEP_comm_type *comm_type
   888     );
   889 
   890 
   891 // get_key_rating() - get the rating a bare key has
   892 //
   893 //  parameters:
   894 //      session (in)            session handle
   895 //      fpr (in)                unique identifyer for key as UTF-8 string
   896 //      comm_type (out)         key rating
   897 //
   898 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
   899 //  is returned
   900 
   901 DYNAMIC_API PEP_STATUS get_key_rating(
   902         PEP_SESSION session,
   903         const char *fpr,
   904         PEP_comm_type *comm_type
   905     );
   906 
   907 
   908 // renew_key() - renew an expired key
   909 //
   910 //  parameters:
   911 //      session (in)            session handle
   912 //      fpr (in)                ID of key to renew as UTF-8 string
   913 //      ts (in)                 timestamp when key should expire or NULL for
   914 //                              default
   915 
   916 DYNAMIC_API PEP_STATUS renew_key(
   917         PEP_SESSION session,
   918         const char *fpr,
   919         const timestamp *ts
   920     );
   921 
   922 
   923 // revoke_key() - revoke a key
   924 //
   925 //  parameters:
   926 //      session (in)            session handle
   927 //      fpr (in)                ID of key to revoke as UTF-8 string
   928 //      reason (in)             text with reason for revoke as UTF-8 string
   929 //                              or NULL if reason unknown
   930 //
   931 //  caveat:
   932 //      reason text must not include empty lines
   933 //      this function is meant for internal use only; better use
   934 //      key_mistrusted() of keymanagement API
   935 
   936 DYNAMIC_API PEP_STATUS revoke_key(
   937         PEP_SESSION session,
   938         const char *fpr,
   939         const char *reason
   940     );
   941 
   942 
   943 // key_expired() - flags if a key is already expired
   944 //
   945 //  parameters:
   946 //      session (in)            session handle
   947 //      fpr (in)                ID of key to check as UTF-8 string
   948 //      when (in)               UTC time of when should expiry be considered
   949 //      expired (out)           flag if key expired
   950 
   951 DYNAMIC_API PEP_STATUS key_expired(
   952         PEP_SESSION session,
   953         const char *fpr,
   954         const time_t when,
   955         bool *expired
   956     );
   957 
   958     
   959 // key_revoked() - flags if a key is already revoked
   960 //
   961 //  parameters:
   962 //      session (in)            session handle
   963 //      fpr (in)                ID of key to check as UTF-8 string
   964 //      revoked (out)           flag if key revoked
   965 
   966 DYNAMIC_API PEP_STATUS key_revoked(
   967         PEP_SESSION session,
   968         const char *fpr,
   969         bool *revoked
   970     );
   971 
   972 PEP_STATUS get_key_userids(
   973         PEP_SESSION session,
   974         const char* fpr,
   975         stringlist_t** keylist
   976     );
   977 
   978 
   979 // get_crashdump_log() - get the last log messages out
   980 //
   981 //  parameters:
   982 //      session (in)            session handle
   983 //      maxlines (in)           maximum number of lines (0 for default)
   984 //      logdata (out)           logdata as string in double quoted CSV format
   985 //                              column1 is title
   986 //                              column2 is entity
   987 //                              column3 is description
   988 //                              column4 is comment
   989 //
   990 //  caveat:
   991 //      the ownership of logdata goes to the caller
   992 
   993 DYNAMIC_API PEP_STATUS get_crashdump_log(
   994         PEP_SESSION session,
   995         int maxlines,
   996         char **logdata
   997     );
   998 
   999 
  1000 // get_languagelist() - get the list of languages
  1001 //
  1002 //  parameters:
  1003 //      session (in)            session handle
  1004 //      languages (out)         languages as string in double quoted CSV format
  1005 //                              column 1 is the ISO 639-1 language code
  1006 //                              column 2 is the name of the language
  1007 //
  1008 //  caveat:
  1009 //      the ownership of languages goes to the caller
  1010 
  1011 DYNAMIC_API PEP_STATUS get_languagelist(
  1012         PEP_SESSION session,
  1013         char **languages
  1014     );
  1015 
  1016 
  1017 // get_phrase() - get phrase in a dedicated language through i18n
  1018 //
  1019 //  parameters:
  1020 //      session (in)            session handle
  1021 //      lang (in)               C string with ISO 639-1 language code
  1022 //      phrase_id (in)          id of phrase in i18n
  1023 //      phrase (out)            phrase as UTF-8 string
  1024 //
  1025 //  caveat:
  1026 //      the ownership of phrase goes to the caller
  1027 
  1028 DYNAMIC_API PEP_STATUS get_phrase(
  1029         PEP_SESSION session,
  1030         const char *lang,
  1031         int phrase_id,
  1032         char **phrase
  1033     );
  1034 
  1035 
  1036 // sequence_value() - raise the value of a named sequence and retrieve it
  1037 //
  1038 //  parameters:
  1039 //      session (in)            session handle
  1040 //      name (inout)            name of sequence or char[37] set to {0, }
  1041 //                              for new own sequence named as UUID
  1042 //      value (inout)           value of sequence value to test or 0 for
  1043 //                              getting next value
  1044 //
  1045 //  returns:
  1046 //      PEP_STATUS_OK                   no error, not own sequence
  1047 //      PEP_SEQUENCE_VIOLATED           if sequence violated
  1048 //      PEP_CANNOT_INCREASE_SEQUENCE    if sequence cannot be increased
  1049 //      PEP_OWN_SEQUENCE                if own sequence
  1050 
  1051 DYNAMIC_API PEP_STATUS sequence_value(
  1052         PEP_SESSION session,
  1053         char *name,
  1054         int32_t *value
  1055     );
  1056 
  1057 
  1058 // set_revoked() - records relation between a revoked key and its replacement
  1059 //
  1060 //  parameters:
  1061 //      session (in)            session handle
  1062 //      revoked_fpr (in)        revoked fingerprint
  1063 //      replacement_fpr (in)    replacement key fingerprint
  1064 //      revocation_date (in)    revocation date
  1065 
  1066 DYNAMIC_API PEP_STATUS set_revoked(
  1067        PEP_SESSION session,
  1068        const char *revoked_fpr,
  1069        const char *replacement_fpr,
  1070        const uint64_t revocation_date
  1071     );
  1072 
  1073 
  1074 // get_revoked() - find revoked key that may have been replaced by given key, if any
  1075 //
  1076 //  parameters:
  1077 //      session (in)            session handle
  1078 //      fpr (in)                given fingerprint
  1079 //      revoked_fpr (out)       revoked fingerprint
  1080 //      revocation_date (out)   revocation date
  1081     
  1082 DYNAMIC_API PEP_STATUS get_revoked(
  1083         PEP_SESSION session,
  1084         const char *fpr,
  1085         char **revoked_fpr,
  1086         uint64_t *revocation_date
  1087     );
  1088 
  1089 
  1090 // key_created() - get creation date of a key
  1091 //
  1092 //  parameters:
  1093 //      session (in)            session handle
  1094 //      fpr (in)                fingerprint of key
  1095 //      created (out)           date of creation
  1096 
  1097 PEP_STATUS key_created(
  1098         PEP_SESSION session,
  1099         const char *fpr,
  1100         time_t *created
  1101     );
  1102 
  1103 
  1104 // find_private_keys() - find keys in keyring
  1105 //
  1106 //  parameters:
  1107 //      session (in)            session handle
  1108 //      pattern (in)            key id, user id or address to search for as
  1109 //                              UTF-8 string
  1110 //      keylist (out)           list of fingerprints found or NULL on error
  1111 //
  1112 //  caveat:
  1113 //        the ownerships of keylist isgoing to the caller
  1114 //        the caller must use free_stringlist() to free it
  1115 PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
  1116                              stringlist_t **keylist);
  1117 
  1118 // get_engine_version() - returns the current version of pEpEngine (this is different
  1119 //                        from the pEp protocol version!)
  1120 //
  1121 //  parameters: none
  1122 //
  1123 //  return_value: const char* to the engine version string constant
  1124 //
  1125 DYNAMIC_API const char* get_engine_version();
  1126 
  1127 
  1128 DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session);
  1129 
  1130 #ifdef __cplusplus
  1131 }
  1132 #endif