src/pEpEngine.h
author Volker Birk <vb@pep-project.org>
Fri, 22 Mar 2019 19:30:52 +0100
branchsync
changeset 3382 a2f4732e8d76
parent 3375 4f64652fb80d
child 3420 60ed7ce30858
permissions -rw-r--r--
remove this option
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #pragma once
     5 
     6 #ifdef __cplusplus
     7 extern "C" {
     8 #endif
     9 
    10 #include <stddef.h>
    11 #include <stdint.h>
    12 #include <stdbool.h>
    13 
    14 #include "dynamic_api.h"
    15 #include "stringlist.h"
    16 #include "stringpair.h"
    17 #include "labeled_int_list.h"    
    18 #include "timestamp.h"
    19 
    20 #define PEP_VERSION "2.0" // protocol version
    21 
    22 #define PEP_OWN_USERID "pEp_own_userId"
    23     
    24 // pEp Engine API
    25 
    26 //  caveat:
    27 //      Unicode data has to be normalized to NFC before calling
    28 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    29 
    30 
    31 struct _pEpSession;
    32 typedef struct _pEpSession * PEP_SESSION;
    33 
    34 typedef enum {
    35     PEP_STATUS_OK                                   = 0,
    36 
    37     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    38     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    39     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    40     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    41     PEP_INIT_CANNOT_DETERMINE_GPG_VERSION           = 0x0114,
    42     PEP_INIT_UNSUPPORTED_GPG_VERSION                = 0x0115,
    43     PEP_INIT_CANNOT_CONFIG_GPG_AGENT                = 0x0116,
    44 
    45     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    46     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    47     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    48     PEP_UNKNOWN_DB_ERROR                            = 0x01ff,
    49     
    50     PEP_KEY_NOT_FOUND                               = 0x0201,
    51     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    52     PEP_GET_KEY_FAILED                              = 0x0203,
    53     PEP_CANNOT_EXPORT_KEY                           = 0x0204,
    54     PEP_CANNOT_EDIT_KEY                             = 0x0205,
    55     PEP_KEY_UNSUITABLE                              = 0x0206,
    56     PEP_MALFORMED_KEY_RESET_MSG                     = 0x0210,
    57     PEP_KEY_NOT_RESET                               = 0x0211,
    58 
    59     PEP_KEY_IMPORTED                                = 0x0220,
    60     PEP_NO_KEY_IMPORTED                             = 0x0221,
    61     PEP_KEY_IMPORT_STATUS_UNKNOWN                   = 0x0222,
    62     
    63     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    64     PEP_CANNOT_SET_PERSON                           = 0x0381,
    65     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    66     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    67     PEP_CANNOT_SET_TRUST                            = 0x0384,
    68     PEP_KEY_BLACKLISTED                             = 0x0385,
    69     PEP_CANNOT_FIND_PERSON                          = 0x0386,
    70     
    71     PEP_CANNOT_FIND_ALIAS                           = 0x0391,
    72     PEP_CANNOT_SET_ALIAS                            = 0x0392,
    73     
    74     PEP_UNENCRYPTED                                 = 0x0400,
    75     PEP_VERIFIED                                    = 0x0401,
    76     PEP_DECRYPTED                                   = 0x0402,
    77     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    78     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    79     PEP_DECRYPT_NO_KEY                              = 0x0405,
    80     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    81     PEP_VERIFY_NO_KEY                               = 0x0407,
    82     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    83     PEP_CANNOT_REENCRYPT                            = 0x0409,
    84     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    85 
    86     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    87     PEP_TRUSTWORDS_FPR_WRONG_LENGTH                 = 0x0502,
    88     PEP_TRUSTWORDS_DUPLICATE_FPR                    = 0x0503,
    89 
    90     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    91     PEP_CANNOT_SEND_KEY                             = 0x0602,
    92 
    93     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    94 
    95     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    96     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    97     PEP_CANNOT_ENCODE                               = 0x0803,
    98 
    99     PEP_SYNC_NO_NOTIFY_CALLBACK                     = 0x0901,
   100     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
   101     PEP_SYNC_NO_INJECT_CALLBACK                     = 0x0903,
   102     PEP_SYNC_NO_CHANNEL                             = 0x0904,
   103     PEP_SYNC_CANNOT_ENCRYPT                         = 0x0905,
   104     PEP_SYNC_NO_MESSAGE_SEND_CALLBACK               = 0x0906,
   105 
   106     PEP_CANNOT_INCREASE_SEQUENCE                    = 0x0971,
   107 
   108     PEP_STATEMACHINE_ERROR                          = 0x0980,
   109     PEP_NO_TRUST                                    = 0x0981,
   110     PEP_STATEMACHINE_INVALID_STATE                  = 0x0982,
   111     PEP_STATEMACHINE_INVALID_EVENT                  = 0x0983,
   112     PEP_STATEMACHINE_INVALID_CONDITION              = 0x0984,
   113     PEP_STATEMACHINE_INVALID_ACTION                 = 0x0985,
   114     PEP_STATEMACHINE_INHIBITED_EVENT                = 0x0986,
   115     PEP_STATEMACHINE_CANNOT_SEND                    = 0x0987,
   116 
   117     PEP_COMMIT_FAILED                               = 0xff01,
   118     PEP_MESSAGE_CONSUME                             = 0xff02,
   119     PEP_MESSAGE_IGNORE                              = 0xff03,
   120 
   121     PEP_RECORD_NOT_FOUND                            = -6,
   122     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
   123     PEP_ILLEGAL_VALUE                               = -4,
   124     PEP_BUFFER_TOO_SMALL                            = -3,
   125     PEP_OUT_OF_MEMORY                               = -2,
   126     PEP_UNKNOWN_ERROR                               = -1,
   127     
   128     PEP_VERSION_MISMATCH                            = -7,
   129 } PEP_STATUS;
   130 
   131 
   132 // messageToSend() - a message needs to be delivered by application
   133 //
   134 //  parameters:
   135 //      msg (in)        message struct with message to send
   136 //
   137 //  return value:
   138 //      PEP_STATUS_OK or any other value on error
   139 //
   140 //  caveat:
   141 //      the ownership of msg goes to the callee
   142 
   143 struct _message;
   144 typedef PEP_STATUS (*messageToSend_t)(struct _message *msg);
   145 
   146 
   147 struct Sync_event;
   148 typedef struct Sync_event *SYNC_EVENT;
   149 
   150 // free_Sync_event() - free memory occupied by sync protocol message
   151 //
   152 //  parameters:
   153 //      ev (in)         event to free
   154 
   155 void free_Sync_event(SYNC_EVENT ev);
   156 
   157 
   158 // inject_sync_event - inject sync protocol message
   159 //
   160 //  parameters:
   161 //      ev (in)             event to inject
   162 //      management (in)     application defined; usually a locked queue
   163 //
   164 //  return value:
   165 //      0 if event could be stored successfully or nonzero otherwise
   166 
   167 typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management);
   168 
   169 static inline const char *pep_status_to_string(PEP_STATUS status) {
   170     switch (status) {
   171     case PEP_STATUS_OK: return "PEP_STATUS_OK";
   172 
   173     case PEP_INIT_CANNOT_LOAD_GPGME: return "PEP_INIT_CANNOT_LOAD_GPGME";
   174     case PEP_INIT_GPGME_INIT_FAILED: return "PEP_INIT_GPGME_INIT_FAILED";
   175     case PEP_INIT_NO_GPG_HOME: return "PEP_INIT_NO_GPG_HOME";
   176     case PEP_INIT_NETPGP_INIT_FAILED: return "PEP_INIT_NETPGP_INIT_FAILED";
   177     case PEP_INIT_CANNOT_DETERMINE_GPG_VERSION: return "PEP_INIT_CANNOT_DETERMINE_GPG_VERSION";
   178     case PEP_INIT_UNSUPPORTED_GPG_VERSION: return "PEP_INIT_UNSUPPORTED_GPG_VERSION";
   179     case PEP_INIT_CANNOT_CONFIG_GPG_AGENT: return "PEP_INIT_CANNOT_CONFIG_GPG_AGENT";
   180     case PEP_INIT_SQLITE3_WITHOUT_MUTEX: return "PEP_INIT_SQLITE3_WITHOUT_MUTEX";
   181     case PEP_INIT_CANNOT_OPEN_DB: return "PEP_INIT_CANNOT_OPEN_DB";
   182     case PEP_INIT_CANNOT_OPEN_SYSTEM_DB: return "PEP_INIT_CANNOT_OPEN_SYSTEM_DB";
   183     case PEP_UNKNOWN_DB_ERROR: return "PEP_UNKNOWN_DB_ERROR";
   184     case PEP_KEY_NOT_FOUND: return "PEP_KEY_NOT_FOUND";
   185     case PEP_KEY_HAS_AMBIG_NAME: return "PEP_KEY_HAS_AMBIG_NAME";
   186     case PEP_GET_KEY_FAILED: return "PEP_GET_KEY_FAILED";
   187     case PEP_CANNOT_EXPORT_KEY: return "PEP_CANNOT_EXPORT_KEY";
   188     case PEP_CANNOT_EDIT_KEY: return "PEP_CANNOT_EDIT_KEY";
   189     case PEP_KEY_UNSUITABLE: return "PEP_KEY_UNSUITABLE";
   190     case PEP_MALFORMED_KEY_RESET_MSG: return "PEP_MALFORMED_KEY_RESET_MSG";
   191     case PEP_KEY_NOT_RESET: return "PEP_KEY_NOT_RESET";
   192 
   193     case PEP_KEY_IMPORTED: return "PEP_KEY_IMPORTED";
   194     case PEP_NO_KEY_IMPORTED: return "PEP_NO_KEY_IMPORTED";
   195     case PEP_KEY_IMPORT_STATUS_UNKNOWN: return "PEP_KEY_IMPORT_STATUS_UNKNOWN";
   196     
   197     case PEP_CANNOT_FIND_IDENTITY: return "PEP_CANNOT_FIND_IDENTITY";
   198     case PEP_CANNOT_SET_PERSON: return "PEP_CANNOT_SET_PERSON";
   199     case PEP_CANNOT_SET_PGP_KEYPAIR: return "PEP_CANNOT_SET_PGP_KEYPAIR";
   200     case PEP_CANNOT_SET_IDENTITY: return "PEP_CANNOT_SET_IDENTITY";
   201     case PEP_CANNOT_SET_TRUST: return "PEP_CANNOT_SET_TRUST";
   202     case PEP_KEY_BLACKLISTED: return "PEP_KEY_BLACKLISTED";
   203     case PEP_CANNOT_FIND_PERSON: return "PEP_CANNOT_FIND_PERSON";
   204 
   205     case PEP_CANNOT_FIND_ALIAS: return "PEP_CANNOT_FIND_ALIAS";
   206     case PEP_CANNOT_SET_ALIAS: return "PEP_CANNOT_SET_ALIAS";
   207 
   208     case PEP_UNENCRYPTED: return "PEP_UNENCRYPTED";
   209     case PEP_VERIFIED: return "PEP_VERIFIED";
   210     case PEP_DECRYPTED: return "PEP_DECRYPTED";
   211     case PEP_DECRYPTED_AND_VERIFIED: return "PEP_DECRYPTED_AND_VERIFIED";
   212     case PEP_DECRYPT_WRONG_FORMAT: return "PEP_DECRYPT_WRONG_FORMAT";
   213     case PEP_DECRYPT_NO_KEY: return "PEP_DECRYPT_NO_KEY";
   214     case PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH: return "PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH";
   215     case PEP_VERIFY_NO_KEY: return "PEP_VERIFY_NO_KEY";
   216     case PEP_VERIFIED_AND_TRUSTED: return "PEP_VERIFIED_AND_TRUSTED";
   217     case PEP_CANNOT_REENCRYPT: return "PEP_CANNOT_REENCRYPT";
   218     case PEP_CANNOT_DECRYPT_UNKNOWN: return "PEP_CANNOT_DECRYPT_UNKNOWN";
   219 
   220     case PEP_TRUSTWORD_NOT_FOUND: return "PEP_TRUSTWORD_NOT_FOUND";
   221     case PEP_TRUSTWORDS_FPR_WRONG_LENGTH: return "PEP_TRUSTWORDS_FPR_WRONG_LENGTH";
   222     case PEP_TRUSTWORDS_DUPLICATE_FPR: return "PEP_TRUSTWORDS_DUPLICATE_FPR";
   223 
   224     case PEP_CANNOT_CREATE_KEY: return "PEP_CANNOT_CREATE_KEY";
   225     case PEP_CANNOT_SEND_KEY: return "PEP_CANNOT_SEND_KEY";
   226 
   227     case PEP_PHRASE_NOT_FOUND: return "PEP_PHRASE_NOT_FOUND";
   228 
   229     case PEP_SEND_FUNCTION_NOT_REGISTERED: return "PEP_SEND_FUNCTION_NOT_REGISTERED";
   230     case PEP_CONTRAINTS_VIOLATED: return "PEP_CONTRAINTS_VIOLATED";
   231     case PEP_CANNOT_ENCODE: return "PEP_CANNOT_ENCODE";
   232 
   233     case PEP_SYNC_NO_NOTIFY_CALLBACK: return "PEP_SYNC_NO_NOTIFY_CALLBACK";
   234     case PEP_SYNC_ILLEGAL_MESSAGE: return "PEP_SYNC_ILLEGAL_MESSAGE";
   235     case PEP_SYNC_NO_INJECT_CALLBACK: return "PEP_SYNC_NO_INJECT_CALLBACK";
   236     case PEP_SYNC_NO_CHANNEL: return "PEP_SYNC_NO_CHANNEL";
   237     case PEP_SYNC_CANNOT_ENCRYPT: return "PEP_SYNC_CANNOT_ENCRYPT";
   238     case PEP_SYNC_NO_MESSAGE_SEND_CALLBACK: return "PEP_SYNC_NO_MESSAGE_SEND_CALLBACK";
   239 
   240     case PEP_CANNOT_INCREASE_SEQUENCE: return "PEP_CANNOT_INCREASE_SEQUENCE";
   241 
   242     case PEP_STATEMACHINE_ERROR: return "PEP_STATEMACHINE_ERROR";
   243     case PEP_NO_TRUST: return "PEP_NO_TRUST";
   244     case PEP_STATEMACHINE_INVALID_STATE: return "PEP_STATEMACHINE_INVALID_STATE";
   245     case PEP_STATEMACHINE_INVALID_EVENT: return "PEP_STATEMACHINE_INVALID_EVENT";
   246     case PEP_STATEMACHINE_INVALID_CONDITION: return "PEP_STATEMACHINE_INVALID_CONDITION";
   247     case PEP_STATEMACHINE_INVALID_ACTION: return "PEP_STATEMACHINE_INVALID_ACTION";
   248     case PEP_STATEMACHINE_INHIBITED_EVENT: return "PEP_STATEMACHINE_INHIBITED_EVENT";
   249     case PEP_STATEMACHINE_CANNOT_SEND: return "PEP_STATEMACHINE_CANNOT_SEND";
   250 
   251     case PEP_COMMIT_FAILED: return "PEP_COMMIT_FAILED";
   252     case PEP_MESSAGE_CONSUME: return "PEP_MESSAGE_CONSUME";
   253     case PEP_MESSAGE_IGNORE: return "PEP_MESSAGE_IGNORE";
   254 
   255     case PEP_RECORD_NOT_FOUND: return "PEP_RECORD_NOT_FOUND";
   256     case PEP_CANNOT_CREATE_TEMP_FILE: return "PEP_CANNOT_CREATE_TEMP_FILE";
   257     case PEP_ILLEGAL_VALUE: return "PEP_ILLEGAL_VALUE";
   258     case PEP_BUFFER_TOO_SMALL: return "PEP_BUFFER_TOO_SMALL";
   259     case PEP_OUT_OF_MEMORY: return "PEP_OUT_OF_MEMORY";
   260     case PEP_UNKNOWN_ERROR: return "PEP_UNKNOWN_ERROR";
   261 
   262     case PEP_VERSION_MISMATCH: return "PEP_VERSION_MISMATCH";
   263 
   264     default: return "unknown status code";
   265     }
   266 }
   267 
   268 // INIT_STATUS init() - initialize pEpEngine for a thread
   269 //
   270 //  parameters:
   271 //      session (out)                       init() allocates session memory and
   272 //                                          returns a pointer as a handle
   273 //      messageToSend (in)                  callback for sending message by the
   274 //                                          application
   275 //      inject_sync_event (in)              callback for injecting a sync event
   276 //
   277 //  return value:
   278 //      PEP_STATUS_OK = 0                   if init() succeeds
   279 //      PEP_INIT_SQLITE3_WITHOUT_MUTEX      if SQLite3 was compiled with
   280 //                                          SQLITE_THREADSAFE 0
   281 //      PEP_INIT_CANNOT_LOAD_GPGME          if libgpgme.dll cannot be found
   282 //      PEP_INIT_GPGME_INIT_FAILED          if GPGME init fails
   283 //      PEP_INIT_CANNOT_OPEN_DB             if user's management db cannot be
   284 //                                          opened
   285 //      PEP_INIT_CANNOT_OPEN_SYSTEM_DB      if system's management db cannot be
   286 //                                          opened
   287 //
   288 //  caveat:
   289 //      THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. release()
   290 //      should be similarly guarded.
   291 //
   292 //      the pointer is valid only if the return value is PEP_STATUS_OK
   293 //      in other case a NULL pointer will be returned; a valid handle must
   294 //      be released using release() when it's no longer needed
   295 //
   296 //      the caller has to guarantee that the first call to this function
   297 //      will succeed before further calls can be done
   298 //
   299 //      messageToSend can only be null if no transport is application based
   300 //      if transport system is not used it must not be NULL
   301 
   302 DYNAMIC_API PEP_STATUS init(
   303         PEP_SESSION *session,
   304         messageToSend_t messageToSend,
   305         inject_sync_event_t inject_sync_event
   306     );
   307 
   308 
   309 // void release() - release thread session handle
   310 //
   311 //  parameters:
   312 //        session (in)    session handle to release
   313 //
   314 //    caveat:
   315 //        THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. init() should
   316 //        be similarly guarded.
   317 //       
   318 //        the last release() can be called only when all other release() calls
   319 //        are done
   320 
   321 DYNAMIC_API void release(PEP_SESSION session);
   322 
   323 
   324 // const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any
   325 //
   326 //  parameters:
   327 //        session (in)    session handle
   328 //
   329 //    caveat:
   330 //        To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK
   331 //        The error stack belongs to the session. Do no not change it!
   332 DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session);
   333 
   334 
   335 // void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any
   336 //
   337 //  parameters:
   338 //        session (in)    session handle
   339 //
   340 DYNAMIC_API void clear_errorstack(PEP_SESSION session);
   341 
   342 
   343 // config_passive_mode() - enable passive mode
   344 //
   345 //  parameters:
   346 //      session (in)    session handle
   347 //      enable (in)     flag if enabled or disabled
   348 
   349 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   350 
   351 
   352 // config_unencrypted_subject() - disable subject encryption
   353 //
   354 //  parameters:
   355 //      session (in)    session handle
   356 //      enable (in)     flag if enabled or disabled
   357 
   358 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   359 
   360 
   361 // config_use_only_own_private_keys() - enable passive mode
   362 //
   363 //  parameters:
   364 //      session (in)    session handle
   365 //      enable (in)     flag if enabled or disabled
   366 
   367 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   368 
   369 
   370 // config_service_log() - log more for service purposes
   371 //
   372 //      session (in)    session handle
   373 //      enable (in)     flag if enabled or disabled
   374 
   375 DYNAMIC_API void config_service_log(PEP_SESSION session, bool enable);
   376 
   377 
   378 // decrypt_and_verify() - decrypt and/or verify a message
   379 //
   380 //    parameters:
   381 //        session (in)          session handle
   382 //        ctext (in)            cipher text to decrypt and/or verify
   383 //        csize (in)            size of cipher text
   384 //        dsigtext (in)         if extant, *detached* signature text for this
   385 //                              message (or NULL if not)
   386 //        dsize (in)            size of *detached* signature text for this
   387 //                              message (0, if no detached sig exists)
   388 //        ptext (out)           pointer to internal buffer with plain text
   389 //        psize (out)           size of plain text
   390 //        keylist (out)         list of key ids which where used to encrypt
   391 //        filename_ptr (out)    mails produced by certain PGP implementations 
   392 //                              may return a decrypted filename here for attachments. 
   393 //                              Externally, this can generally be NULL, and is an optional
   394 //                              parameter.
   395 //
   396 //    return value:
   397 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   398 //        PEP_VERIFIED                  message was unencrypted, signature matches
   399 //        PEP_DECRYPTED                 message is decrypted now, no signature
   400 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   401 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   402 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   403 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   404 //
   405 //    caveat:
   406 //        the ownerships of ptext as well as keylist are going to the caller
   407 //        the caller must use free() (or an Windoze pEp_free()) and
   408 //        free_stringlist() to free them
   409 //
   410 //      if this function failes an error message may be the first element of
   411 //      keylist and the other elements may be the keys used for encryption
   412 
   413 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   414         PEP_SESSION session, const char *ctext, size_t csize,
   415         const char *dsigtext, size_t dsigsize,
   416         char **ptext, size_t *psize, stringlist_t **keylist,
   417         char ** filename_ptr
   418     );
   419 
   420 
   421 // verify_text() - verfy plain text with a digital signature
   422 //
   423 //  parameters:
   424 //      session (in)    session handle
   425 //      text (in)       text to verify
   426 //      size (in)       size of text
   427 //      signature (in)  signature text
   428 //      sig_size (in)   size of signature
   429 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   430 //                        error
   431 //
   432 //  return value:
   433 //        PEP_VERIFIED                message was unencrypted, signature matches
   434 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   435 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   436 
   437 DYNAMIC_API PEP_STATUS verify_text(
   438         PEP_SESSION session, const char *text, size_t size,
   439         const char *signature, size_t sig_size, stringlist_t **keylist
   440     );
   441 
   442 
   443 // encrypt_and_sign() - encrypt and sign a message
   444 //
   445 //    parameters:
   446 //        session (in)    session handle
   447 //        keylist (in)    list of key ids to encrypt with as C strings
   448 //        ptext (in)      plain text to decrypt and/or verify
   449 //        psize (in)      size of plain text
   450 //        ctext (out)     pointer to internal buffer with cipher text
   451 //        csize (out)     size of cipher text
   452 //
   453 //    return value:
   454 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   455 //        PEP_KEY_NOT_FOUND            at least one of the recipient keys
   456 //                                     could not be found
   457 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the recipient keys has
   458 //                                     an ambiguous name
   459 //        PEP_GET_KEY_FAILED           cannot retrieve key
   460 //
   461 //    caveat:
   462 //      the ownership of ctext is going to the caller
   463 //      the caller is responsible to free() it (on Windoze use pEp_free())
   464 //      the first key in keylist is being used to sign the message
   465 //      this implies there has to be a private key for that keypair
   466 
   467 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   468         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   469         size_t psize, char **ctext, size_t *csize
   470     );
   471 
   472 
   473 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   474 // management log
   475 //
   476 //    parameters:
   477 //        session (in)        session handle
   478 //        title (in)          C string with event name
   479 //        entity (in)         C string with name of entity which is logging
   480 //        description (in)    C string with long description for event or NULL if
   481 //                            omitted
   482 //        comment (in)        C string with user defined comment or NULL if
   483 //                            omitted
   484 //
   485 //    return value:
   486 //        PEP_STATUS_OK       log entry created
   487 
   488 DYNAMIC_API PEP_STATUS log_event(
   489         PEP_SESSION session,
   490         const char *title,
   491         const char *entity,
   492         const char *description,
   493         const char *comment
   494     );
   495 
   496 
   497 DYNAMIC_API PEP_STATUS log_service(PEP_SESSION session, const char *title,
   498         const char *entity, const char *description, const char *comment);
   499 
   500 #define _STR_(x) #x
   501 #define _D_STR_(x) _STR_(x)
   502 #define S_LINE _D_STR_(__LINE__)
   503 
   504 #define SERVICE_LOG(session, title, entity, desc) \
   505     log_service((session), (title), (entity), (desc), "service " __FILE__ ":" S_LINE)
   506 
   507 
   508 // trustword() - get the corresponding trustword for a 16 bit value
   509 //
   510 //    parameters:
   511 //        session (in)            session handle
   512 //        value (in)              value to find a trustword for
   513 //        lang (in)               C string with ISO 639-1 language code
   514 //        word (out)              pointer to C string with trustword UTF-8 encoded
   515 //                                NULL if language is not supported or trustword
   516 //                                wordlist is damaged or unavailable
   517 //        wsize (out)             length of trustword
   518 //
   519 //    return value:
   520 //        PEP_STATUS_OK            trustword retrieved
   521 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   522 //
   523 //    caveat:
   524 //        the word pointer goes to the ownership of the caller
   525 //      the caller is responsible to free() it (on Windoze use pEp_free())
   526 
   527 DYNAMIC_API PEP_STATUS trustword(
   528             PEP_SESSION session, uint16_t value, const char *lang,
   529             char **word, size_t *wsize
   530         );
   531 
   532 
   533 // trustwords() - get trustwords for a string of hex values of a fingerprint
   534 //
   535 //    parameters:
   536 //        session (in)        session handle
   537 //        fingerprint (in)    C string with hex values to find trustwords for
   538 //        lang (in)           C string with ISO 639-1 language code
   539 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   540 //                            separated by a blank each
   541 //                            NULL if language is not supported or trustword
   542 //                            wordlist is damaged or unavailable
   543 //        wsize (out)         length of trustwords string
   544 //        max_words (in)      only generate a string with max_words;
   545 //                            if max_words == 0 there is no such limit
   546 //
   547 //    return value:
   548 //        PEP_STATUS_OK            trustwords retrieved
   549 //        PEP_OUT_OF_MEMORY        out of memory
   550 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   551 //
   552 //    caveat:
   553 //        the word pointer goes to the ownership of the caller
   554 //      the caller is responsible to free() it (on Windoze use pEp_free())
   555 //
   556 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   557 //
   558 //  Better implement a simple one in the adapter yourself using trustword(), and
   559 //  return a list of trustwords.
   560 //  This function is provided for being used by C and C++ programs only.
   561 
   562 DYNAMIC_API PEP_STATUS trustwords(
   563         PEP_SESSION session, const char *fingerprint, const char *lang,
   564         char **words, size_t *wsize, int max_words
   565     );
   566 
   567 
   568 // TODO: increase versions in pEp.asn1 if rating changes
   569 
   570 typedef enum _PEP_comm_type {
   571     PEP_ct_unknown = 0,
   572 
   573     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   574 
   575     PEP_ct_no_encryption = 0x01,                // generic
   576     PEP_ct_no_encrypted_channel = 0x02,
   577     PEP_ct_key_not_found = 0x03,
   578     PEP_ct_key_expired = 0x04,
   579     PEP_ct_key_revoked = 0x05,
   580     PEP_ct_key_b0rken = 0x06,
   581     PEP_ct_key_expired_but_confirmed = 0x07, // NOT with confirmed bit. Just retaining info here in case of renewal.
   582     PEP_ct_my_key_not_included = 0x09,
   583 
   584     PEP_ct_security_by_obscurity = 0x0a,
   585     PEP_ct_b0rken_crypto = 0x0b,
   586     PEP_ct_key_too_short = 0x0c,
   587 
   588     PEP_ct_compromised = 0x0e,                  // known compromised connection
   589     PEP_ct_compromized = 0x0e,                  // deprecated misspelling
   590     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   591 
   592     // range 0x10 to 0x3f: unconfirmed encryption
   593 
   594     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   595     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   596 
   597     PEP_ct_to_be_checked = 0x20,                // generic
   598     PEP_ct_SMIME_unconfirmed = 0x21,
   599     PEP_ct_CMS_unconfirmed = 0x22,
   600 
   601     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   602     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   603     PEP_ct_OTR_unconfirmed = 0x3a,
   604 
   605     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   606 
   607     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   608     PEP_ct_pEp_unconfirmed = 0x7f,
   609 
   610     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   611 
   612     // range 0x81 to 0x8f: reserved
   613     // range 0x90 to 0xbf: confirmed encryption
   614 
   615     PEP_ct_confirmed_encryption = 0x90,         // generic
   616     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak (unused)
   617 
   618     PEP_ct_to_be_checked_confirmed = 0xa0,      // generic
   619     PEP_ct_SMIME = 0xa1,
   620     PEP_ct_CMS = 0xa2,
   621 
   622     PEP_ct_strong_encryption = 0xb0,            // generic
   623     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   624     PEP_ct_OTR = 0xba,
   625 
   626     // range 0xc0 to 0xff: confirmed encryption and anonymization
   627 
   628     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   629     PEP_ct_pEp = 0xff
   630 } PEP_comm_type;
   631 
   632 static inline const char *pep_comm_type_to_string(PEP_comm_type ct) {
   633     switch (ct) {
   634     case PEP_ct_unknown: return "unknown";
   635     case PEP_ct_no_encryption: return "no_encryption";
   636     case PEP_ct_no_encrypted_channel: return "no_encrypted_channel";
   637     case PEP_ct_key_not_found: return "key_not_found";
   638     case PEP_ct_key_expired: return "key_expired";
   639     case PEP_ct_key_revoked: return "key_revoked";
   640     case PEP_ct_key_b0rken: return "key_b0rken";
   641     case PEP_ct_my_key_not_included: return "my_key_not_included";
   642     case PEP_ct_security_by_obscurity: return "security_by_obscurity";
   643     case PEP_ct_b0rken_crypto: return "b0rken_crypto";
   644     case PEP_ct_key_too_short: return "key_too_short";
   645     case PEP_ct_compromised: return "compromised";
   646     case PEP_ct_mistrusted: return "mistrusted";
   647     case PEP_ct_unconfirmed_encryption: return "unconfirmed_encryption";
   648     case PEP_ct_OpenPGP_weak_unconfirmed: return "OpenPGP_weak_unconfirmed";
   649     case PEP_ct_to_be_checked: return "to_be_checked";
   650     case PEP_ct_SMIME_unconfirmed: return "SMIME_unconfirmed";
   651     case PEP_ct_CMS_unconfirmed: return "CMS_unconfirmed";
   652     case PEP_ct_strong_but_unconfirmed: return "strong_but_unconfirmed";
   653     case PEP_ct_OpenPGP_unconfirmed: return "OpenPGP_unconfirmed";
   654     case PEP_ct_OTR_unconfirmed: return "OTR_unconfirmed";
   655     case PEP_ct_unconfirmed_enc_anon: return "unconfirmed_enc_anon";
   656     case PEP_ct_pEp_unconfirmed: return "pEp_unconfirmed";
   657     case PEP_ct_confirmed: return "confirmed";
   658     case PEP_ct_confirmed_encryption: return "confirmed_encryption";
   659     case PEP_ct_OpenPGP_weak: return "OpenPGP_weak";
   660     case PEP_ct_to_be_checked_confirmed: return "to_be_checked_confirmed";
   661     case PEP_ct_SMIME: return "SMIME";
   662     case PEP_ct_CMS: return "CMS";
   663     case PEP_ct_strong_encryption: return "strong_encryption";
   664     case PEP_ct_OpenPGP: return "OpenPGP";
   665     case PEP_ct_OTR: return "OTR";
   666     case PEP_ct_confirmed_enc_anon: return "confirmed_enc_anon";
   667     case PEP_ct_pEp: return "pEp";
   668     default: return "invalid comm type";
   669     }
   670 }
   671 
   672 
   673 typedef enum _identity_flags {
   674     // the first octet flags are app defined settings
   675     PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
   676     PEP_idf_list = 0x0002,           // identity of list of persons
   677     // the second octet flags are calculated
   678     PEP_idf_devicegroup = 0x0100     // identity of a device group member
   679 } identity_flags;
   680 
   681 typedef unsigned int identity_flags_t;
   682 
   683 // typedef enum _keypair_flags {
   684 // } keypair_flags;
   685 
   686 typedef unsigned int keypair_flags_t;
   687 
   688 typedef struct _pEp_identity {
   689     char *address;              // C string with address UTF-8 encoded
   690     char *fpr;                  // C string with fingerprint UTF-8 encoded
   691     char *user_id;              // C string with user ID UTF-8 encoded
   692                                 // user_id MIGHT be set to "pEp_own_userId"
   693                                 // (use PEP_OWN_USERID preprocessor define)
   694                                 // if this is own user's identity.
   695                                 // But it is not REQUIRED to be.
   696     char *username;             // C string with user name UTF-8 encoded
   697     PEP_comm_type comm_type;    // type of communication with this ID
   698     char lang[3];               // language of conversation
   699                                 // ISO 639-1 ALPHA-2, last byte is 0
   700     bool me;                    // if this is the local user herself/himself
   701     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   702 } pEp_identity;
   703 
   704 typedef struct _identity_list {
   705     pEp_identity *ident;
   706     struct _identity_list *next;
   707 } identity_list;
   708 
   709 
   710 // new_identity() - allocate memory and set the string and size fields
   711 //
   712 //  parameters:
   713 //      address (in)        UTF-8 string or NULL 
   714 //      fpr (in)            UTF-8 string or NULL 
   715 //      user_id (in)        UTF-8 string or NULL 
   716 //      username (in)       UTF-8 string or NULL 
   717 //
   718 //  return value:
   719 //      pEp_identity struct or NULL if out of memory
   720 //
   721 //  caveat:
   722 //      the strings are copied; the original strings are still being owned by
   723 //      the caller
   724 
   725 DYNAMIC_API pEp_identity *new_identity(
   726         const char *address, const char *fpr, const char *user_id,
   727         const char *username
   728     );
   729 
   730 
   731 // identity_dup() - allocate memory and duplicate
   732 //
   733 //  parameters:
   734 //      src (in)            identity to duplicate
   735 //
   736 //  return value:
   737 //      pEp_identity struct or NULL if out of memory
   738 //
   739 //  caveat:
   740 //      the strings are copied; the original strings are still being owned by
   741 //      the caller
   742 
   743 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   744 
   745 
   746 // free_identity() - free all memory being occupied by a pEp_identity struct
   747 //
   748 //  parameters:
   749 //      identity (in)       struct to release
   750 //
   751 //  caveat:
   752 //      not only the struct but also all string memory referenced by the
   753 //      struct is being freed; all pointers inside are invalid afterwards
   754 
   755 DYNAMIC_API void free_identity(pEp_identity *identity);
   756 
   757 
   758 // get_identity() - get identity information
   759 //
   760 //    parameters:
   761 //        session (in)        session handle
   762 //        address (in)        C string with communication address, UTF-8 encoded
   763 //        user_id (in)        unique C string to identify person that identity
   764 //                            is refering to
   765 //        identity (out)      pointer to pEp_identity structure with results or
   766 //                            NULL if failure
   767 //
   768 //    caveat:
   769 //        address and user_id are being copied; the original strings remains in
   770 //        the ownership of the caller
   771 //        the resulting pEp_identity structure goes to the ownership of the
   772 //        caller and has to be freed with free_identity() when not in use any
   773 //        more
   774 
   775 DYNAMIC_API PEP_STATUS get_identity(
   776         PEP_SESSION session,
   777         const char *address,
   778         const char *user_id,
   779         pEp_identity **identity
   780     );
   781 
   782 PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
   783                                  const char* old_fpr, 
   784                                  const char* new_fpr); 
   785 
   786 
   787 // set_identity() - set identity information
   788 //
   789 //    parameters:
   790 //        session (in)        session handle
   791 //        identity (in)       pointer to pEp_identity structure
   792 //
   793 //    return value:
   794 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   795 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   796 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   797 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   798 //        PEP_COMMIT_FAILED             SQL commit failed
   799 //
   800 //    caveat:
   801 //        address, fpr, user_id and username must be given
   802 
   803 DYNAMIC_API PEP_STATUS set_identity(
   804         PEP_SESSION session, const pEp_identity *identity
   805     );
   806 
   807 // get_default own_userid() - get the user_id of the own user
   808 //
   809 //    parameters:
   810 //        session (in)        session handle
   811 //        userid  (out)       own user id (if it exists)
   812 //
   813 //    return value:
   814 //        PEP_STATUS_OK = 0             userid was found
   815 //        PEP_CANNOT_FIND_IDENTITY      no own_user found in the DB
   816 //        PEP_UNKNOWN_ERROR             results were returned, but no ID
   817 //                                      found (no reason this should ever occur)
   818 //    caveat:
   819 //        userid will be NULL if not found; otherwise, returned string
   820 //        belongs to the caller.
   821 
   822 DYNAMIC_API PEP_STATUS get_default_own_userid(
   823         PEP_SESSION session, 
   824         char** userid
   825     );
   826 
   827 // get_userid_alias_default() - get the default user_id which corresponds
   828 //                              to an alias
   829 //    parameters:
   830 //        session (in)        session handle
   831 //        alias_id (in)       the user_id which may be an alias for a default id
   832 //        default_id (out)    the default id for this alias, if the alias
   833 //                            is in the DB as an alias, else NULL
   834 //    return value:
   835 //        PEP_STATUS_OK = 0             userid was found
   836 //        PEP_CANNOT_FIND_ALIAS         this userid is not listed as an 
   837 //                                      alias in the DB
   838 //        PEP_UNKNOWN_ERROR             results were returned, but no ID
   839 //                                      found (no reason this should ever occur)
   840 //    caveat:
   841 //        default_id will be NULL if not found; otherwise, returned string
   842 //        belongs to the caller.
   843 //        also, current implementation does NOT check to see if this userid
   844 //        IS a default.
   845 
   846 DYNAMIC_API PEP_STATUS get_userid_alias_default(
   847         PEP_SESSION session, 
   848         const char* alias_id,
   849         char** default_id);
   850 
   851 // set_userid_alias() - set an alias to correspond to a default id
   852 //    parameters:
   853 //        session (in)        session handle
   854 //        default_id (in)     the default id for this alias. This must
   855 //                            correspond to the default user_id for an
   856 //                            entry in the person (user) table.
   857 //        alias_id (in)       the alias to be set for this default id
   858 //    return value:
   859 //        PEP_STATUS_OK = 0             userid was found
   860 //        PEP_CANNOT_SET_ALIAS          there was an error setting this
   861 
   862 DYNAMIC_API PEP_STATUS set_userid_alias (
   863         PEP_SESSION session, 
   864         const char* default_id,
   865         const char* alias_id);
   866 
   867 
   868 // set_device_group() - update own person's device group
   869 //
   870 //    parameters:
   871 //        session (in)        session handle
   872 //        group_name (in)     new group name
   873 //
   874 //    return value:
   875 //        PEP_STATUS_OK = 0             device group was updated
   876 //        PEP_CANNOT_SET_PERSON         update failed
   877 
   878 DYNAMIC_API PEP_STATUS set_device_group(
   879         PEP_SESSION session,
   880         const char *group_name
   881     );
   882 
   883 // get_device_group() - get own person's device group
   884 //
   885 //    parameters:
   886 //        session (in)        session handle
   887 //        group_name (in)     new group name
   888 //
   889 //    return value:
   890 //        PEP_STATUS_OK = 0             couldn't get device group
   891 //        PEP_RECORD_NOT_FOUND          update failed
   892 //
   893 //    caveat:
   894 //        the ownerships of group_name is going to the caller
   895 
   896 DYNAMIC_API PEP_STATUS get_device_group(
   897         PEP_SESSION session, 
   898         char **group_name
   899     );
   900 
   901 // set_identity_flags() - update identity flags on existing identity
   902 //
   903 //    parameters:
   904 //        session (in)        session handle
   905 //        identity (in,out)   pointer to pEp_identity structure
   906 //        flags (in)          new value for flags
   907 //
   908 //    return value:
   909 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   910 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   911 //
   912 //    caveat:
   913 //        address and user_id must be given in identity
   914 
   915 DYNAMIC_API PEP_STATUS set_identity_flags(
   916         PEP_SESSION session,
   917         pEp_identity *identity,
   918         identity_flags_t flags
   919     );
   920 
   921 // unset_identity_flags() - update identity flags on existing identity
   922 //
   923 //    parameters:
   924 //        session (in)        session handle
   925 //        identity (in,out)   pointer to pEp_identity structure
   926 //        flags (in)          new value for flags
   927 //
   928 //    return value:
   929 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   930 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   931 //
   932 //    caveat:
   933 //        address and user_id must be given in identity
   934 
   935 DYNAMIC_API PEP_STATUS unset_identity_flags(
   936         PEP_SESSION session,
   937         pEp_identity *identity,
   938         identity_flags_t flags
   939     );
   940 
   941 // mark_as_compromised() - mark key in trust db as compromised
   942 //
   943 //    parameters:
   944 //        session (in)        session handle
   945 //        fpr (in)            fingerprint of key to mark
   946 
   947 DYNAMIC_API PEP_STATUS mark_as_compromised(
   948         PEP_SESSION session,
   949         const char *fpr
   950     );
   951 
   952 
   953 // mark_as_compromized() - deprecated to fix misspelling. Please move to
   954 //                         mark_as_compromised();
   955 
   956 DYNAMIC_API PEP_STATUS mark_as_compromized(
   957         PEP_SESSION session,
   958         const char *fpr
   959     );
   960 
   961 
   962 // generate_keypair() - generate a new key pair and add it to the key ring
   963 //
   964 //  parameters:
   965 //      session (in)            session handle
   966 //        identity (inout)      pointer to pEp_identity structure
   967 //
   968 //    return value:
   969 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   970 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   971 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   972 //
   973 //  caveat:
   974 //      address and username fields must be set to UTF-8 strings
   975 //      the fpr field must be set to NULL
   976 //
   977 //      this function allocates a string and sets set fpr field of identity
   978 //      the caller is responsible to call free() for that string or use
   979 //      free_identity() on the struct
   980 
   981 DYNAMIC_API PEP_STATUS generate_keypair(
   982         PEP_SESSION session, pEp_identity *identity
   983     );
   984 
   985 
   986 // delete_keypair() - delete a public key or a key pair from the key ring
   987 //
   988 //  parameters:
   989 //      session (in)            session handle
   990 //      fpr (in)                C string with key id or fingerprint of the
   991 //                              public key
   992 //
   993 //  return value:
   994 //      PEP_STATUS_OK = 0       key was successfully deleted
   995 //      PEP_KEY_NOT_FOUND       key not found
   996 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
   997 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
   998 //      PEP_OUT_OF_MEMORY       out of memory
   999 
  1000 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
  1001 
  1002 
  1003 // import_key() - import key from data
  1004 //
  1005 //  parameters:
  1006 //      session (in)            session handle
  1007 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
  1008 //      size (in)               amount of data to handle
  1009 //      private_keys (out)      list of private keys that have been imported
  1010 //
  1011 //  return value:
  1012 //      PEP_STATUS_OK = 0       key was successfully imported
  1013 //      PEP_OUT_OF_MEMORY       out of memory
  1014 //      PEP_ILLEGAL_VALUE       there is no key data to import
  1015 //
  1016 //  caveat:
  1017 //      private_keys goes to the ownership of the caller
  1018 //      private_keys can be left NULL, it is then ignored
  1019 
  1020 DYNAMIC_API PEP_STATUS import_key(
  1021         PEP_SESSION session,
  1022         const char *key_data,
  1023         size_t size,
  1024         identity_list **private_keys
  1025     );
  1026 
  1027 
  1028 // export_key() - export ascii armored key
  1029 //
  1030 //  parameters:
  1031 //      session (in)            session handle
  1032 //      fpr (in)                key id or fingerprint of key
  1033 //      key_data (out)          ASCII armored OpenPGP key
  1034 //      size (out)              amount of data to handle
  1035 //
  1036 //  return value:
  1037 //      PEP_STATUS_OK = 0       key was successfully exported
  1038 //      PEP_OUT_OF_MEMORY       out of memory
  1039 //      PEP_KEY_NOT_FOUND       key not found
  1040 //
  1041 //  caveat:
  1042 //      the key_data goes to the ownership of the caller
  1043 //      the caller is responsible to free() it (on Windoze use pEp_free())
  1044 
  1045 DYNAMIC_API PEP_STATUS export_key(
  1046         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1047     );
  1048 
  1049 
  1050 // export_secret_key() - export secret key ascii armored
  1051 //
  1052 //  parameters:
  1053 //      session (in)            session handle
  1054 //      fpr (in)                fingerprint of key, at least 16 hex digits
  1055 //      key_data (out)          ASCII armored OpenPGP secret key
  1056 //      size (out)              amount of data to handle
  1057 //
  1058 //  return value:
  1059 //      PEP_STATUS_OK = 0       key was successfully exported
  1060 //      PEP_OUT_OF_MEMORY       out of memory
  1061 //      PEP_KEY_NOT_FOUND       key not found
  1062 //      PEP_CANNOT_EXPORT_KEY   cannot export secret key (i.e. it's on an HKS)
  1063 //
  1064 //  caveat:
  1065 //      the key_data goes to the ownership of the caller
  1066 //      the caller is responsible to free() it (on Windoze use pEp_free())
  1067 //      beware of leaking secret key data - overwrite it in memory after use
  1068 
  1069 DYNAMIC_API PEP_STATUS export_secret_key(
  1070         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1071     );
  1072 
  1073 
  1074 // export_secrect_key() - deprecated misspelled function. Please replace with
  1075 //                        export_secret_key
  1076 
  1077 DYNAMIC_API PEP_STATUS export_secrect_key(
  1078         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
  1079     );
  1080 
  1081 
  1082 // recv_key() - update key(s) from keyserver
  1083 //
  1084 //  parameters:
  1085 //      session (in)            session handle
  1086 //      pattern (in)            key id, user id or address to search for as
  1087 //                              UTF-8 string
  1088 
  1089 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
  1090 
  1091 
  1092 // find_keys() - find keys in keyring
  1093 //
  1094 //  parameters:
  1095 //      session (in)            session handle
  1096 //      pattern (in)            key id, user id or address to search for as
  1097 //                              UTF-8 string
  1098 //      keylist (out)           list of fingerprints found or NULL on error
  1099 //
  1100 //  caveat:
  1101 //        the ownerships of keylist isgoing to the caller
  1102 //        the caller must use free_stringlist() to free it
  1103 
  1104 
  1105 DYNAMIC_API PEP_STATUS find_keys(
  1106         PEP_SESSION session, const char *pattern, stringlist_t **keylist
  1107     );
  1108 
  1109 // send_key() - send key(s) to keyserver
  1110 //
  1111 //  parameters:
  1112 //      session (in)            session handle
  1113 //      pattern (in)            key id, user id or address to search for as
  1114 //                              UTF-8 string
  1115 
  1116 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
  1117 
  1118 
  1119 // pEp_free() - free memory allocated by pEp engine
  1120 //
  1121 //  parameters:
  1122 //      p (in)                  pointer to free
  1123 //
  1124 //  The reason for this function is that heap management can be a pretty
  1125 //  complex task with Windoze. This free() version calls the free()
  1126 //  implementation of the C runtime library which was used to build pEp engine,
  1127 //  so you're using the correct heap. For more information, see:
  1128 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
  1129 
  1130 DYNAMIC_API void pEp_free(void *p);
  1131 
  1132 
  1133 // get_trust() - get the trust level a key has for a person
  1134 //
  1135 //  parameters:
  1136 //      session (in)            session handle
  1137 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
  1138 //                              comm_type as result (out)
  1139 //
  1140 //  this function modifies the given identity struct; the struct remains in
  1141 //  the ownership of the caller
  1142 //  if the trust level cannot be determined identity->comm_type is set
  1143 //  to PEP_ct_unknown
  1144 
  1145 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
  1146 
  1147 
  1148 PEP_STATUS set_trust(PEP_SESSION session, 
  1149                      pEp_identity* identity);
  1150                             
  1151 PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
  1152                                 const char* fpr, 
  1153                                 PEP_comm_type comm_type);
  1154 
  1155 // least_trust() - get the least known trust level for a key in the database
  1156 //
  1157 //  parameters:
  1158 //      session (in)            session handle
  1159 //      fpr (in)                fingerprint of key to check
  1160 //      comm_type (out)         least comm_type as result (out)
  1161 //
  1162 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
  1163 
  1164 DYNAMIC_API PEP_STATUS least_trust(
  1165         PEP_SESSION session,
  1166         const char *fpr,
  1167         PEP_comm_type *comm_type
  1168     );
  1169 
  1170 
  1171 // get_key_rating() - get the rating a bare key has
  1172 //
  1173 //  parameters:
  1174 //      session (in)            session handle
  1175 //      fpr (in)                unique identifyer for key as UTF-8 string
  1176 //      comm_type (out)         key rating
  1177 //
  1178 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
  1179 //  is returned
  1180 
  1181 DYNAMIC_API PEP_STATUS get_key_rating(
  1182         PEP_SESSION session,
  1183         const char *fpr,
  1184         PEP_comm_type *comm_type
  1185     );
  1186 
  1187 
  1188 // renew_key() - renew an expired key
  1189 //
  1190 //  parameters:
  1191 //      session (in)            session handle
  1192 //      fpr (in)                ID of key to renew as UTF-8 string
  1193 //      ts (in)                 timestamp when key should expire or NULL for
  1194 //                              default
  1195 
  1196 DYNAMIC_API PEP_STATUS renew_key(
  1197         PEP_SESSION session,
  1198         const char *fpr,
  1199         const timestamp *ts
  1200     );
  1201 
  1202 
  1203 // revoke_key() - revoke a key
  1204 //
  1205 //  parameters:
  1206 //      session (in)            session handle
  1207 //      fpr (in)                ID of key to revoke as UTF-8 string
  1208 //      reason (in)             text with reason for revoke as UTF-8 string
  1209 //                              or NULL if reason unknown
  1210 //
  1211 //  caveat:
  1212 //      reason text must not include empty lines
  1213 //      this function is meant for internal use only; better use
  1214 //      key_mistrusted() of keymanagement API
  1215 
  1216 DYNAMIC_API PEP_STATUS revoke_key(
  1217         PEP_SESSION session,
  1218         const char *fpr,
  1219         const char *reason
  1220     );
  1221 
  1222 
  1223 // key_expired() - flags if a key is already expired
  1224 //
  1225 //  parameters:
  1226 //      session (in)            session handle
  1227 //      fpr (in)                ID of key to check as UTF-8 string
  1228 //      when (in)               UTC time of when should expiry be considered
  1229 //      expired (out)           flag if key expired
  1230 
  1231 DYNAMIC_API PEP_STATUS key_expired(
  1232         PEP_SESSION session,
  1233         const char *fpr,
  1234         const time_t when,
  1235         bool *expired
  1236     );
  1237 
  1238     
  1239 // key_revoked() - flags if a key is already revoked
  1240 //
  1241 //  parameters:
  1242 //      session (in)            session handle
  1243 //      fpr (in)                ID of key to check as UTF-8 string
  1244 //      revoked (out)           flag if key revoked
  1245 
  1246 DYNAMIC_API PEP_STATUS key_revoked(
  1247         PEP_SESSION session,
  1248         const char *fpr,
  1249         bool *revoked
  1250     );
  1251 
  1252 PEP_STATUS get_key_userids(
  1253         PEP_SESSION session,
  1254         const char* fpr,
  1255         stringlist_t** keylist
  1256     );
  1257 
  1258 
  1259 // get_crashdump_log() - get the last log messages out
  1260 //
  1261 //  parameters:
  1262 //      session (in)            session handle
  1263 //      maxlines (in)           maximum number of lines (0 for default)
  1264 //      logdata (out)           logdata as string in double quoted CSV format
  1265 //                              column1 is title
  1266 //                              column2 is entity
  1267 //                              column3 is description
  1268 //                              column4 is comment
  1269 //
  1270 //  caveat:
  1271 //      the ownership of logdata goes to the caller
  1272 
  1273 DYNAMIC_API PEP_STATUS get_crashdump_log(
  1274         PEP_SESSION session,
  1275         int maxlines,
  1276         char **logdata
  1277     );
  1278 
  1279 
  1280 // get_languagelist() - get the list of languages
  1281 //
  1282 //  parameters:
  1283 //      session (in)            session handle
  1284 //      languages (out)         languages as string in double quoted CSV format
  1285 //                              column 1 is the ISO 639-1 language code
  1286 //                              column 2 is the name of the language
  1287 //
  1288 //  caveat:
  1289 //      the ownership of languages goes to the caller
  1290 
  1291 DYNAMIC_API PEP_STATUS get_languagelist(
  1292         PEP_SESSION session,
  1293         char **languages
  1294     );
  1295 
  1296 
  1297 // get_phrase() - get phrase in a dedicated language through i18n
  1298 //
  1299 //  parameters:
  1300 //      session (in)            session handle
  1301 //      lang (in)               C string with ISO 639-1 language code
  1302 //      phrase_id (in)          id of phrase in i18n
  1303 //      phrase (out)            phrase as UTF-8 string
  1304 //
  1305 //  caveat:
  1306 //      the ownership of phrase goes to the caller
  1307 
  1308 DYNAMIC_API PEP_STATUS get_phrase(
  1309         PEP_SESSION session,
  1310         const char *lang,
  1311         int phrase_id,
  1312         char **phrase
  1313     );
  1314 
  1315 
  1316 // sequence_value() - raise the value of a named sequence and retrieve it
  1317 //
  1318 //  parameters:
  1319 //      session (in)            session handle
  1320 //      name (in)               name of sequence
  1321 //      value (out)             value of sequence
  1322 //
  1323 //  returns:
  1324 //      PEP_STATUS_OK                   no error, not own sequence
  1325 //      PEP_SEQUENCE_VIOLATED           if sequence violated
  1326 //      PEP_CANNOT_INCREASE_SEQUENCE    if sequence cannot be increased
  1327 //      PEP_OWN_SEQUENCE                if own sequence
  1328 
  1329 DYNAMIC_API PEP_STATUS sequence_value(
  1330         PEP_SESSION session,
  1331         const char *name,
  1332         int32_t *value
  1333     );
  1334 
  1335 
  1336 // set_revoked() - records relation between a revoked key and its replacement
  1337 //
  1338 //  parameters:
  1339 //      session (in)            session handle
  1340 //      revoked_fpr (in)        revoked fingerprint
  1341 //      replacement_fpr (in)    replacement key fingerprint
  1342 //      revocation_date (in)    revocation date
  1343 
  1344 DYNAMIC_API PEP_STATUS set_revoked(
  1345        PEP_SESSION session,
  1346        const char *revoked_fpr,
  1347        const char *replacement_fpr,
  1348        const uint64_t revocation_date
  1349     );
  1350 
  1351 
  1352 // get_revoked() - find revoked key that may have been replaced by given key, if any
  1353 //
  1354 //  parameters:
  1355 //      session (in)            session handle
  1356 //      fpr (in)                given fingerprint
  1357 //      revoked_fpr (out)       revoked fingerprint
  1358 //      revocation_date (out)   revocation date
  1359     
  1360 DYNAMIC_API PEP_STATUS get_revoked(
  1361         PEP_SESSION session,
  1362         const char *fpr,
  1363         char **revoked_fpr,
  1364         uint64_t *revocation_date
  1365     );
  1366 
  1367 // key_created() - get creation date of a key
  1368 //
  1369 //  parameters:
  1370 //      session (in)            session handle
  1371 //      fpr (in)                fingerprint of key
  1372 //      created (out)           date of creation
  1373 
  1374 PEP_STATUS key_created(
  1375         PEP_SESSION session,
  1376         const char *fpr,
  1377         time_t *created
  1378     );
  1379 
  1380 
  1381 // find_private_keys() - find keys in keyring
  1382 //
  1383 //  parameters:
  1384 //      session (in)            session handle
  1385 //      pattern (in)            key id, user id or address to search for as
  1386 //                              UTF-8 string
  1387 //      keylist (out)           list of fingerprints found or NULL on error
  1388 //
  1389 //  caveat:
  1390 //        the ownerships of keylist isgoing to the caller
  1391 //        the caller must use free_stringlist() to free it
  1392 PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
  1393                              stringlist_t **keylist);
  1394 
  1395 // get_engine_version() - returns the current version of pEpEngine (this is different
  1396 //                        from the pEp protocol version!)
  1397 //
  1398 //  parameters: none
  1399 //
  1400 //  return_value: const char* to the engine version string constant
  1401 //
  1402 DYNAMIC_API const char* get_engine_version();
  1403 
  1404 // is_pEp_user() - returns true if the USER corresponding to this identity 
  1405 //                 has been listed in the *person* table as a pEp user. 
  1406 //
  1407 //  parameters:
  1408 //      identity (in) - identity containing the user_id to check (this is
  1409 //                      the only part of the struct we require to be set)
  1410 //      is_pEp (out)  - boolean pointer - will return true or false by
  1411 //                      reference with respect to whether or not user is
  1412 //                      a known pEp user
  1413 //
  1414 //  return_value: PEP_STATUS_OK if user found in person table
  1415 //                PEP_ILLEGAL_VALUE if no user_id in input
  1416 //                PEP_CANNOT_FIND_PERSON if user_id doesn't exist
  1417 //
  1418 //  caveat: This *does not check comm_type*
  1419 //                         
  1420 DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, 
  1421                                    pEp_identity *identity, 
  1422                                    bool* is_pEp);
  1423 
  1424 
  1425 
  1426 DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session);
  1427 
  1428 // This is used internally when there is a temporary identity to be retrieved
  1429 // that may not yet have an FPR attached. See get_identity() for functionality,
  1430 // params and caveats.
  1431 PEP_STATUS get_identity_without_trust_check(
  1432         PEP_SESSION session,
  1433         const char *address,
  1434         const char *user_id,
  1435         pEp_identity **identity
  1436     );
  1437     
  1438 PEP_STATUS get_identities_by_address(
  1439         PEP_SESSION session,
  1440         const char *address,
  1441         identity_list** id_list
  1442     );
  1443     
  1444 PEP_STATUS get_identities_by_userid(
  1445         PEP_SESSION session,
  1446         const char *user_id,
  1447         identity_list **identities
  1448     );    
  1449         
  1450 PEP_STATUS is_own_address(PEP_SESSION session, 
  1451                           const char* address, 
  1452                           bool* is_own_addr);
  1453 
  1454 PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid,
  1455                               const char* new_uid);
  1456                               
  1457 PEP_STATUS remove_key(PEP_SESSION session, const char* fpr);
  1458                               
  1459 PEP_STATUS remove_fpr_as_default(PEP_SESSION session, 
  1460                                     const char* fpr);
  1461                               
  1462                                     
  1463 PEP_STATUS get_main_user_fpr(PEP_SESSION session, 
  1464                              const char* user_id,
  1465                              char** main_fpr);
  1466 
  1467 PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id,
  1468                               const char* new_fpr);
  1469     
  1470 DYNAMIC_API PEP_STATUS get_replacement_fpr(
  1471         PEP_SESSION session,
  1472         const char *fpr,
  1473         char **revoked_fpr,
  1474         uint64_t *revocation_date
  1475     );
  1476     
  1477 PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id);
  1478 
  1479 // This ONLY sets the *user* flag, and creates a shell identity if necessary.
  1480 DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user);
  1481 
  1482 // returns true (by reference) if a person with this user_id exists; 
  1483 // Also replaces aliased user_ids by defaults in identity.
  1484 PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity, bool* exists);
  1485 
  1486 PEP_STATUS set_pgp_keypair(PEP_SESSION session, const char* fpr);
  1487 
  1488 // exposed for testing
  1489 PEP_STATUS set_person(PEP_SESSION session, pEp_identity* identity,
  1490                       bool guard_transaction);
  1491 PEP_STATUS bind_own_ident_with_contact_ident(PEP_SESSION session,
  1492                                              pEp_identity* own_ident, 
  1493                                              pEp_identity* contact_ident);
  1494 
  1495 PEP_STATUS get_last_contacted(
  1496         PEP_SESSION session,
  1497         identity_list** id_list
  1498     );
  1499 
  1500 PEP_STATUS get_own_ident_for_contact_id(PEP_SESSION session,
  1501                                           const pEp_identity* contact,
  1502                                           pEp_identity** own_ident);
  1503 
  1504 PEP_STATUS exists_trust_entry(PEP_SESSION session, pEp_identity* identity,
  1505                               bool* exists);
  1506 
  1507 PEP_STATUS is_own_key(PEP_SESSION session, const char* fpr, bool* own_key);
  1508 
  1509 PEP_STATUS get_identities_by_main_key_id(
  1510         PEP_SESSION session,
  1511         const char *fpr,
  1512         identity_list **identities);
  1513         
  1514 PEP_STATUS sign_only(PEP_SESSION session, 
  1515                      const char *data, 
  1516                      size_t data_size, 
  1517                      const char *fpr, 
  1518                      char **sign, 
  1519                      size_t *sign_size);
  1520 
  1521 const char *get_device_name(PEP_SESSION session);
  1522 
  1523 #ifdef __cplusplus
  1524 }
  1525 #endif