src/pEpEngine.h
author Roker <roker@pep-project.org>
Fri, 12 May 2017 10:59:31 +0200
changeset 1778 cc8e55efa24a
parent 1777 a537bef47d07
child 1797 32581fade44d
child 1802 88931f5dcf75
permissions -rw-r--r--
free line
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #pragma once
     5 
     6 #ifdef __cplusplus
     7 extern "C" {
     8 #endif
     9 
    10 #include <stddef.h>
    11 #include <stdint.h>
    12 #include <stdbool.h>
    13 
    14 #include "dynamic_api.h"
    15 #include "stringlist.h"
    16 #include "stringpair.h"    
    17 #include "timestamp.h"
    18 
    19 #define PEP_VERSION "1.0" // protocol version
    20 
    21 #define PEP_OWN_USERID "pEp_own_userId"
    22     
    23 // pEp Engine API
    24 
    25 //  caveat:
    26 //      Unicode data has to be normalized to NFC before calling
    27 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    28 
    29 
    30 struct _pEpSession;
    31 typedef struct _pEpSession * PEP_SESSION;
    32 
    33 typedef enum {
    34     PEP_STATUS_OK                                   = 0,
    35 
    36     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    37     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    38     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    39     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    40 
    41     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    42     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    43     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    44     
    45     PEP_KEY_NOT_FOUND                               = 0x0201,
    46     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    47     PEP_GET_KEY_FAILED                              = 0x0203,
    48     PEP_CANNOT_EXPORT_KEY                           = 0x0204,
    49     
    50     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    51     PEP_CANNOT_SET_PERSON                           = 0x0381,
    52     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    53     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    54     PEP_CANNOT_SET_TRUST                            = 0x0384,
    55     PEP_KEY_BLACKLISTED                             = 0x0385,
    56     
    57     PEP_UNENCRYPTED                                 = 0x0400,
    58     PEP_VERIFIED                                    = 0x0401,
    59     PEP_DECRYPTED                                   = 0x0402,
    60     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    61     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    62     PEP_DECRYPT_NO_KEY                              = 0x0405,
    63     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    64     PEP_VERIFY_NO_KEY                               = 0x0407,
    65     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    66     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    67 
    68     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    69     PEP_TRUSTWORDS_FPR_WRONG_LENGTH                 = 0x0502,
    70 
    71     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    72     PEP_CANNOT_SEND_KEY                             = 0x0602,
    73 
    74     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    75 
    76     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    77     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    78     PEP_CANNOT_ENCODE                               = 0x0803,
    79 
    80     PEP_SYNC_NO_NOTIFY_CALLBACK                     = 0x0901,
    81     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
    82     PEP_SYNC_NO_INJECT_CALLBACK                     = 0x0903,
    83 
    84     PEP_SEQUENCE_VIOLATED                           = 0x0970,
    85     PEP_CANNOT_INCREASE_SEQUENCE                    = 0x0971,
    86     PEP_CANNOT_SET_SEQUENCE_VALUE                   = 0x0972,
    87     PEP_OWN_SEQUENCE                                = 0x097f,
    88 
    89     PEP_SYNC_STATEMACHINE_ERROR                     = 0x0980,
    90     PEP_SYNC_NO_TRUST                               = 0x0981,
    91     PEP_STATEMACHINE_INVALID_STATE                  = 0x0982,
    92     PEP_STATEMACHINE_INVALID_EVENT                  = 0x0983,
    93     PEP_STATEMACHINE_INVALID_CONDITION              = 0x0984,
    94     PEP_STATEMACHINE_INVALID_ACTION                 = 0x0985,
    95     PEP_STATEMACHINE_INHIBITED_EVENT                = 0x0986,
    96 
    97     PEP_COMMIT_FAILED                               = 0xff01,
    98     PEP_MESSAGE_CONSUME                             = 0xff02,
    99     PEP_MESSAGE_IGNORE                              = 0xff03,
   100 
   101     PEP_RECORD_NOT_FOUND                            = -6,
   102     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
   103     PEP_ILLEGAL_VALUE                               = -4,
   104     PEP_BUFFER_TOO_SMALL                            = -3,
   105     PEP_OUT_OF_MEMORY                               = -2,
   106     PEP_UNKNOWN_ERROR                               = -1
   107 } PEP_STATUS;
   108 
   109 
   110 // INIT_STATUS init() - initialize pEpEngine for a thread
   111 //
   112 //  parameters:
   113 //        session (out)   init() allocates session memory and returns a pointer
   114 //                        as a handle
   115 //
   116 //  return value:
   117 //        PEP_STATUS_OK = 0                 if init() succeeds
   118 //        PEP_INIT_SQLITE3_WITHOUT_MUTEX    if SQLite3 was compiled with
   119 //                                            SQLITE_THREADSAFE 0
   120 //        PEP_INIT_CANNOT_LOAD_GPGME        if libgpgme.dll cannot be found
   121 //        PEP_INIT_GPGME_INIT_FAILED        if GPGME init fails
   122 //        PEP_INIT_CANNOT_OPEN_DB           if user's management db cannot be
   123 //                                            opened
   124 //        PEP_INIT_CANNOT_OPEN_SYSTEM_DB    if system's management db cannot be
   125 //                                            opened
   126 //
   127 //  caveat:
   128 //      the pointer is valid only if the return value is PEP_STATUS_OK
   129 //      in other case a NULL pointer will be returned; a valid handle must
   130 //      be released using release() when it's no longer needed
   131 //
   132 //      the caller has to guarantee that the first call to this function
   133 //      will succeed before further calls can be done
   134 
   135 DYNAMIC_API PEP_STATUS init(PEP_SESSION *session);
   136 
   137 
   138 // void release() - release thread session handle
   139 //
   140 //  parameters:
   141 //        session (in)    session handle to release
   142 //
   143 //    caveat:
   144 //        the last release() can be called only when all other release() calls
   145 //        are done
   146 
   147 DYNAMIC_API void release(PEP_SESSION session);
   148 
   149 
   150 // const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any
   151 //
   152 //  parameters:
   153 //        session (in)    session handle
   154 //
   155 //    caveat:
   156 //        To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK
   157 //        The error stack belongs to the session. Do no not change it!
   158 DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session);
   159 
   160 
   161 // void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any
   162 //
   163 //  parameters:
   164 //        session (in)    session handle
   165 //
   166 DYNAMIC_API void clear_errorstack(PEP_SESSION session);
   167 
   168 
   169 // config_passive_mode() - enable passive mode
   170 //
   171 //  parameters:
   172 //      session (in)    session handle
   173 //      enable (in)     flag if enabled or disabled
   174 
   175 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   176 
   177 
   178 // config_unencrypted_subject() - disable subject encryption
   179 //
   180 //  parameters:
   181 //      session (in)    session handle
   182 //      enable (in)     flag if enabled or disabled
   183 
   184 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   185 
   186 
   187 // config_use_only_own_private_keys() - enable passive mode
   188 //
   189 //  parameters:
   190 //      session (in)    session handle
   191 //      enable (in)     flag if enabled or disabled
   192 
   193 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   194 
   195 
   196 // config_keep_sync_msg() - do not remove sync messages (for debugging purposes)
   197 //
   198 //      session (in)    session handle
   199 //      enable (in)     flag if enabled or disabled
   200 
   201 DYNAMIC_API void config_keep_sync_msg(PEP_SESSION session, bool enable);
   202 
   203 
   204 // decrypt_and_verify() - decrypt and/or verify a message
   205 //
   206 //    parameters:
   207 //        session (in)    session handle
   208 //        ctext (in)      cipher text to decrypt and/or verify
   209 //        csize (in)      size of cipher text
   210 //        dsigtext (in)   if extant, *detached* signature text for this
   211 //                        message (or NULL if not)
   212 //        dsize (in)      size of *detached* signature text for this
   213 //                        message (0, if no detached sig exists)
   214 //        ptext (out)     pointer to internal buffer with plain text
   215 //        psize (out)     size of plain text
   216 //        keylist (out)   list of key ids which where used to encrypt
   217 //
   218 //    return value:
   219 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   220 //        PEP_VERIFIED                  message was unencrypted, signature matches
   221 //        PEP_DECRYPTED                 message is decrypted now, no signature
   222 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   223 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   224 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   225 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   226 //
   227 //    caveat:
   228 //        the ownerships of ptext as well as keylist are going to the caller
   229 //        the caller must use free() (or an Windoze pEp_free()) and
   230 //        free_stringlist() to free them
   231 //
   232 //      if this function failes an error message may be the first element of
   233 //      keylist and the other elements may be the keys used for encryption
   234 
   235 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   236         PEP_SESSION session, const char *ctext, size_t csize,
   237         const char *dsigtext, size_t dsigsize,
   238         char **ptext, size_t *psize, stringlist_t **keylist
   239     );
   240 
   241 
   242 // verify_text() - verfy plain text with a digital signature
   243 //
   244 //  parameters:
   245 //      session (in)    session handle
   246 //      text (in)       text to verify
   247 //      size (in)       size of text
   248 //      signature (in)  signature text
   249 //      sig_size (in)   size of signature
   250 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   251 //                        error
   252 //
   253 //  return value:
   254 //        PEP_VERIFIED                message was unencrypted, signature matches
   255 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   256 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   257 
   258 DYNAMIC_API PEP_STATUS verify_text(
   259         PEP_SESSION session, const char *text, size_t size,
   260         const char *signature, size_t sig_size, stringlist_t **keylist
   261     );
   262 
   263 
   264 // encrypt_and_sign() - encrypt and sign a message
   265 //
   266 //    parameters:
   267 //        session (in)    session handle
   268 //        keylist (in)    list of key ids to encrypt with as C strings
   269 //        ptext (in)      plain text to decrypt and/or verify
   270 //        psize (in)      size of plain text
   271 //        ctext (out)     pointer to internal buffer with cipher text
   272 //        csize (out)     size of cipher text
   273 //
   274 //    return value:
   275 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   276 //        PEP_KEY_NOT_FOUND            at least one of the receipient keys
   277 //                                     could not be found
   278 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the receipient keys has
   279 //                                     an ambiguous name
   280 //        PEP_GET_KEY_FAILED           cannot retrieve key
   281 //
   282 //    caveat:
   283 //      the ownership of ctext is going to the caller
   284 //      the caller is responsible to free() it (on Windoze use pEp_free())
   285 //      the first key in keylist is being used to sign the message
   286 //      this implies there has to be a private key for that keypair
   287 
   288 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   289         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   290         size_t psize, char **ctext, size_t *csize
   291     );
   292 
   293 
   294 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   295 // management log
   296 //
   297 //    parameters:
   298 //        session (in)        session handle
   299 //        title (in)          C string with event name
   300 //        entity (in)         C string with name of entity which is logging
   301 //        description (in)    C string with long description for event or NULL if
   302 //                            omitted
   303 //        comment (in)        C string with user defined comment or NULL if
   304 //                            omitted
   305 //
   306 //    return value:
   307 //        PEP_STATUS_OK       log entry created
   308 
   309 DYNAMIC_API PEP_STATUS log_event(
   310         PEP_SESSION session,
   311         const char *title,
   312         const char *entity,
   313         const char *description,
   314         const char *comment
   315     );
   316 
   317 
   318 // trustword() - get the corresponding trustword for a 16 bit value
   319 //
   320 //    parameters:
   321 //        session (in)            session handle
   322 //        value (in)              value to find a trustword for
   323 //        lang (in)               C string with ISO 639-1 language code
   324 //        word (out)              pointer to C string with trustword UTF-8 encoded
   325 //                                NULL if language is not supported or trustword
   326 //                                wordlist is damaged or unavailable
   327 //        wsize (out)             length of trustword
   328 //
   329 //    return value:
   330 //        PEP_STATUS_OK            trustword retrieved
   331 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   332 //
   333 //    caveat:
   334 //        the word pointer goes to the ownership of the caller
   335 //      the caller is responsible to free() it (on Windoze use pEp_free())
   336 
   337 DYNAMIC_API PEP_STATUS trustword(
   338             PEP_SESSION session, uint16_t value, const char *lang,
   339             char **word, size_t *wsize
   340         );
   341 
   342 
   343 // trustwords() - get trustwords for a string of hex values of a fingerprint
   344 //
   345 //    parameters:
   346 //        session (in)        session handle
   347 //        fingerprint (in)    C string with hex values to find trustwords for
   348 //        lang (in)           C string with ISO 639-1 language code
   349 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   350 //                            separated by a blank each
   351 //                            NULL if language is not supported or trustword
   352 //                            wordlist is damaged or unavailable
   353 //        wsize (out)         length of trustwords string
   354 //        max_words (in)      only generate a string with max_words;
   355 //                            if max_words == 0 there is no such limit
   356 //
   357 //    return value:
   358 //        PEP_STATUS_OK            trustwords retrieved
   359 //        PEP_OUT_OF_MEMORY        out of memory
   360 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   361 //
   362 //    caveat:
   363 //        the word pointer goes to the ownership of the caller
   364 //      the caller is responsible to free() it (on Windoze use pEp_free())
   365 //
   366 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   367 //
   368 //  Better implement a simple one in the adapter yourself using trustword(), and
   369 //  return a list of trustwords.
   370 //  This function is provided for being used by C and C++ programs only.
   371 
   372 DYNAMIC_API PEP_STATUS trustwords(
   373         PEP_SESSION session, const char *fingerprint, const char *lang,
   374         char **words, size_t *wsize, int max_words
   375     );
   376 
   377 
   378 // TODO: increase versions in pEp.asn1 if rating changes
   379 
   380 typedef enum _PEP_comm_type {
   381     PEP_ct_unknown = 0,
   382 
   383     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   384 
   385     PEP_ct_no_encryption = 0x01,                // generic
   386     PEP_ct_no_encrypted_channel = 0x02,
   387     PEP_ct_key_not_found = 0x03,
   388     PEP_ct_key_expired = 0x04,
   389     PEP_ct_key_revoked = 0x05,
   390     PEP_ct_key_b0rken = 0x06,
   391     PEP_ct_my_key_not_included = 0x09,
   392 
   393     PEP_ct_security_by_obscurity = 0x0a,
   394     PEP_ct_b0rken_crypto = 0x0b,
   395     PEP_ct_key_too_short = 0x0c,
   396 
   397     PEP_ct_compromized = 0x0e,                  // known compromized connection
   398     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   399 
   400     // range 0x10 to 0x3f: unconfirmed encryption
   401 
   402     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   403     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   404 
   405     PEP_ct_to_be_checked = 0x20,                // generic
   406     PEP_ct_SMIME_unconfirmed = 0x21,
   407     PEP_ct_CMS_unconfirmed = 0x22,
   408 
   409     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   410     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   411     PEP_ct_OTR_unconfirmed = 0x3a,
   412 
   413     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   414 
   415     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   416     PEP_ct_pEp_unconfirmed = 0x7f,
   417 
   418     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   419 
   420     // range 0x81 to 0x8f: reserved
   421     // range 0x90 to 0xbf: confirmed encryption
   422 
   423     PEP_ct_confirmed_encryption = 0x90,         // generic
   424     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak (unused)
   425 
   426     PEP_ct_to_be_checked_confirmed = 0xa0,      //generic
   427     PEP_ct_SMIME = 0xa1,
   428     PEP_ct_CMS = 0xa2,
   429 
   430     PEP_ct_strong_encryption = 0xb0,            // generic
   431     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   432     PEP_ct_OTR = 0xba,
   433 
   434     // range 0xc0 to 0xff: confirmed encryption and anonymization
   435 
   436     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   437     PEP_ct_pEp = 0xff
   438 } PEP_comm_type;
   439 
   440 typedef enum _identity_flags {
   441     // the first octet flags are app defined settings
   442     PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
   443     PEP_idf_list = 0x0002,           // identity of list of persons
   444 
   445     // the second octet flags are calculated
   446     PEP_idf_devicegroup = 0x0100     // identity of a device group member
   447 } identity_flags;
   448 
   449 typedef unsigned int identity_flags_t;
   450 
   451 // typedef enum _keypair_flags {
   452 // } keypair_flags;
   453 
   454 typedef unsigned int keypair_flags_t;
   455 
   456 typedef struct _pEp_identity {
   457     char *address;              // C string with address UTF-8 encoded
   458     char *fpr;                  // C string with fingerprint UTF-8 encoded
   459     char *user_id;              // C string with user ID UTF-8 encoded
   460     char *username;             // C string with user name UTF-8 encoded
   461     PEP_comm_type comm_type;    // type of communication with this ID
   462     char lang[3];               // language of conversation
   463                                 // ISO 639-1 ALPHA-2, last byte is 0
   464     bool me;                    // if this is the local user herself/himself
   465     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   466 } pEp_identity;
   467 
   468 typedef struct _identity_list {
   469     pEp_identity *ident;
   470     struct _identity_list *next;
   471 } identity_list;
   472 
   473 
   474 // new_identity() - allocate memory and set the string and size fields
   475 //
   476 //  parameters:
   477 //      address (in)        UTF-8 string or NULL 
   478 //      fpr (in)            UTF-8 string or NULL 
   479 //      user_id (in)        UTF-8 string or NULL 
   480 //      username (in)       UTF-8 string or NULL 
   481 //
   482 //  return value:
   483 //      pEp_identity struct or NULL if out of memory
   484 //
   485 //  caveat:
   486 //      the strings are copied; the original strings are still being owned by
   487 //      the caller
   488 
   489 DYNAMIC_API pEp_identity *new_identity(
   490         const char *address, const char *fpr, const char *user_id,
   491         const char *username
   492     );
   493 
   494 
   495 // identity_dup() - allocate memory and duplicate
   496 //
   497 //  parameters:
   498 //      src (in)            identity to duplicate
   499 //
   500 //  return value:
   501 //      pEp_identity struct or NULL if out of memory
   502 //
   503 //  caveat:
   504 //      the strings are copied; the original strings are still being owned by
   505 //      the caller
   506 
   507 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   508 
   509 
   510 // free_identity() - free all memory being occupied by a pEp_identity struct
   511 //
   512 //  parameters:
   513 //      identity (in)       struct to release
   514 //
   515 //  caveat:
   516 //      not only the struct but also all string memory referenced by the
   517 //      struct is being freed; all pointers inside are invalid afterwards
   518 
   519 DYNAMIC_API void free_identity(pEp_identity *identity);
   520 
   521 
   522 // get_identity() - get identity information
   523 //
   524 //    parameters:
   525 //        session (in)        session handle
   526 //        address (in)        C string with communication address, UTF-8 encoded
   527 //        user_id (in)        unique C string to identify person that identity
   528 //                            is refering to
   529 //        identity (out)      pointer to pEp_identity structure with results or
   530 //                            NULL if failure
   531 //
   532 //    caveat:
   533 //        address and user_id are being copied; the original strings remains in
   534 //        the ownership of the caller
   535 //        the resulting pEp_identity structure goes to the ownership of the
   536 //        caller and has to be freed with free_identity() when not in use any
   537 //        more
   538 
   539 DYNAMIC_API PEP_STATUS get_identity(
   540         PEP_SESSION session,
   541         const char *address,
   542         const char *user_id,
   543         pEp_identity **identity
   544     );
   545 
   546 // set_identity() - set identity information
   547 //
   548 //    parameters:
   549 //        session (in)        session handle
   550 //        identity (in)       pointer to pEp_identity structure
   551 //
   552 //    return value:
   553 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   554 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   555 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   556 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   557 //        PEP_COMMIT_FAILED             SQL commit failed
   558 //        PEP_KEY_BLACKLISTED           Key blacklisted, cannot set identity
   559 //
   560 //    caveat:
   561 //        address, fpr, user_id and username must be given
   562 
   563 DYNAMIC_API PEP_STATUS set_identity(
   564         PEP_SESSION session, const pEp_identity *identity
   565     );
   566 
   567 // set_device_group() - update own person's device group
   568 //
   569 //    parameters:
   570 //        session (in)        session handle
   571 //        group_name (in)     new group name
   572 //
   573 //    return value:
   574 //        PEP_STATUS_OK = 0             device group was updated
   575 //        PEP_CANNOT_SET_PERSON         update failed
   576 
   577 DYNAMIC_API PEP_STATUS set_device_group(
   578         PEP_SESSION session,
   579         const char *group_name
   580     );
   581 
   582 // get_device_group() - get own person's device group
   583 //
   584 //    parameters:
   585 //        session (in)        session handle
   586 //        group_name (in)     new group name
   587 //
   588 //    return value:
   589 //        PEP_STATUS_OK = 0             couldn't get device group
   590 //        PEP_RECORD_NOT_FOUND          update failed
   591 //
   592 //    caveat:
   593 //        the ownerships of group_name is going to the caller
   594 
   595 DYNAMIC_API PEP_STATUS get_device_group(
   596         PEP_SESSION session, 
   597         char **group_name
   598     );
   599 
   600 // set_identity_flags() - update identity flags on existing identity
   601 //
   602 //    parameters:
   603 //        session (in)        session handle
   604 //        identity (in,out)   pointer to pEp_identity structure
   605 //        flags (in)          new value for flags
   606 //
   607 //    return value:
   608 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   609 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   610 //
   611 //    caveat:
   612 //        address and user_id must be given in identity
   613 
   614 DYNAMIC_API PEP_STATUS set_identity_flags(
   615         PEP_SESSION session,
   616         pEp_identity *identity,
   617         identity_flags_t flags
   618     );
   619 
   620 // unset_identity_flags() - update identity flags on existing identity
   621 //
   622 //    parameters:
   623 //        session (in)        session handle
   624 //        identity (in,out)   pointer to pEp_identity structure
   625 //        flags (in)          new value for flags
   626 //
   627 //    return value:
   628 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   629 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   630 //
   631 //    caveat:
   632 //        address and user_id must be given in identity
   633 
   634 DYNAMIC_API PEP_STATUS unset_identity_flags(
   635         PEP_SESSION session,
   636         pEp_identity *identity,
   637         identity_flags_t flags
   638     );
   639 
   640 // mark_as_compromized() - mark key in trust db as compromized
   641 //
   642 //    parameters:
   643 //        session (in)        session handle
   644 //        fpr (in)            fingerprint of key to mark
   645 
   646 DYNAMIC_API PEP_STATUS mark_as_compromized(
   647         PEP_SESSION session,
   648         const char *fpr
   649     );
   650 
   651 
   652 // generate_keypair() - generate a new key pair and add it to the key ring
   653 //
   654 //  parameters:
   655 //      session (in)            session handle
   656 //        identity (inout)      pointer to pEp_identity structure
   657 //
   658 //    return value:
   659 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   660 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   661 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   662 //
   663 //  caveat:
   664 //      address and username fields must be set to UTF-8 strings
   665 //      the fpr field must be set to NULL
   666 //
   667 //      this function allocates a string and sets set fpr field of identity
   668 //      the caller is responsible to call free() for that string or use
   669 //      free_identity() on the struct
   670 
   671 DYNAMIC_API PEP_STATUS generate_keypair(
   672         PEP_SESSION session, pEp_identity *identity
   673     );
   674 
   675 
   676 // delete_keypair() - delete a public key or a key pair from the key ring
   677 //
   678 //  parameters:
   679 //      session (in)            session handle
   680 //      fpr (in)                C string with key id or fingerprint of the
   681 //                              public key
   682 //
   683 //  return value:
   684 //      PEP_STATUS_OK = 0       key was successfully deleted
   685 //      PEP_KEY_NOT_FOUND       key not found
   686 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
   687 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
   688 //      PEP_OUT_OF_MEMORY       out of memory
   689 
   690 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
   691 
   692 
   693 // import_key() - import key from data
   694 //
   695 //  parameters:
   696 //      session (in)            session handle
   697 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
   698 //      size (in)               amount of data to handle
   699 //      private_keys (out)      list of private keys that have been imported
   700 //
   701 //  return value:
   702 //      PEP_STATUS_OK = 0       key was successfully imported
   703 //      PEP_OUT_OF_MEMORY       out of memory
   704 //      PEP_ILLEGAL_VALUE       there is no key data to import
   705 //
   706 //  caveat:
   707 //      private_keys goes to the ownership of the caller
   708 //      private_keys can be left NULL, it is then ignored
   709 
   710 DYNAMIC_API PEP_STATUS import_key(
   711         PEP_SESSION session,
   712         const char *key_data,
   713         size_t size,
   714         identity_list **private_keys
   715     );
   716 
   717 
   718 // export_key() - export ascii armored key
   719 //
   720 //  parameters:
   721 //      session (in)            session handle
   722 //      fpr (in)                key id or fingerprint of key
   723 //      key_data (out)          ASCII armored OpenPGP key
   724 //      size (out)              amount of data to handle
   725 //
   726 //  return value:
   727 //      PEP_STATUS_OK = 0       key was successfully exported
   728 //      PEP_OUT_OF_MEMORY       out of memory
   729 //      PEP_KEY_NOT_FOUND       key not found
   730 //
   731 //  caveat:
   732 //      the key_data goes to the ownership of the caller
   733 //      the caller is responsible to free() it (on Windoze use pEp_free())
   734 
   735 DYNAMIC_API PEP_STATUS export_key(
   736         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   737     );
   738 
   739 
   740 // export_secret_key() - export secret key ascii armored
   741 //
   742 //  parameters:
   743 //      session (in)            session handle
   744 //      fpr (in)                fingerprint of key, at least 16 hex digits
   745 //      key_data (out)          ASCII armored OpenPGP secret key
   746 //      size (out)              amount of data to handle
   747 //
   748 //  return value:
   749 //      PEP_STATUS_OK = 0       key was successfully exported
   750 //      PEP_OUT_OF_MEMORY       out of memory
   751 //      PEP_KEY_NOT_FOUND       key not found
   752 //      PEP_CANNOT_EXPORT_KEY   cannot export secret key (i.e. it's on an HKS)
   753 //
   754 //  caveat:
   755 //      the key_data goes to the ownership of the caller
   756 //      the caller is responsible to free() it (on Windoze use pEp_free())
   757 //      beware of leaking secret key data - overwrite it in memory after use
   758 
   759 DYNAMIC_API PEP_STATUS export_secrect_key(
   760         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   761     );
   762 
   763 
   764 // recv_key() - update key(s) from keyserver
   765 //
   766 //  parameters:
   767 //      session (in)            session handle
   768 //      pattern (in)            key id, user id or address to search for as
   769 //                              UTF-8 string
   770 
   771 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
   772 
   773 
   774 // find_keys() - find keys in keyring
   775 //
   776 //  parameters:
   777 //      session (in)            session handle
   778 //      pattern (in)            key id, user id or address to search for as
   779 //                              UTF-8 string
   780 //      keylist (out)           list of fingerprints found or NULL on error
   781 //
   782 //  caveat:
   783 //        the ownerships of keylist isgoing to the caller
   784 //        the caller must use free_stringlist() to free it
   785 
   786 
   787 DYNAMIC_API PEP_STATUS find_keys(
   788         PEP_SESSION session, const char *pattern, stringlist_t **keylist
   789     );
   790 
   791 // send_key() - send key(s) to keyserver
   792 //
   793 //  parameters:
   794 //      session (in)            session handle
   795 //      pattern (in)            key id, user id or address to search for as
   796 //                              UTF-8 string
   797 
   798 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
   799 
   800 
   801 // pEp_free() - free memory allocated by pEp engine
   802 //
   803 //  parameters:
   804 //      p (in)                  pointer to free
   805 //
   806 //  The reason for this function is that heap management can be a pretty
   807 //  complex task with Windoze. This free() version calls the free()
   808 //  implementation of the C runtime library which was used to build pEp engine,
   809 //  so you're using the correct heap. For more information, see:
   810 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
   811 
   812 DYNAMIC_API void pEp_free(void *p);
   813 
   814 
   815 // get_trust() - get the trust level a key has for a person
   816 //
   817 //  parameters:
   818 //      session (in)            session handle
   819 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
   820 //                              user_id and comm_type as result (out)
   821 //
   822 //  this function modifies the given identity struct; the struct remains in
   823 //  the ownership of the caller
   824 //  if the trust level cannot be determined identity->comm_type is set
   825 //  to PEP_ct_unknown
   826 
   827 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
   828 
   829 
   830 // least_trust() - get the least known trust level for a key in the database
   831 //
   832 //  parameters:
   833 //      session (in)            session handle
   834 //      fpr (in)                fingerprint of key to check
   835 //      comm_type (out)         least comm_type as result (out)
   836 //
   837 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
   838 
   839 DYNAMIC_API PEP_STATUS least_trust(
   840         PEP_SESSION session,
   841         const char *fpr,
   842         PEP_comm_type *comm_type
   843     );
   844 
   845 
   846 // get_key_rating() - get the rating a bare key has
   847 //
   848 //  parameters:
   849 //      session (in)            session handle
   850 //      fpr (in)                unique identifyer for key as UTF-8 string
   851 //      comm_type (out)         key rating
   852 //
   853 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
   854 //  is returned
   855 
   856 DYNAMIC_API PEP_STATUS get_key_rating(
   857         PEP_SESSION session,
   858         const char *fpr,
   859         PEP_comm_type *comm_type
   860     );
   861 
   862 
   863 // renew_key() - renew an expired key
   864 //
   865 //  parameters:
   866 //      session (in)            session handle
   867 //      fpr (in)                ID of key to renew as UTF-8 string
   868 //      ts (in)                 timestamp when key should expire or NULL for
   869 //                              default
   870 
   871 DYNAMIC_API PEP_STATUS renew_key(
   872         PEP_SESSION session,
   873         const char *fpr,
   874         const timestamp *ts
   875     );
   876 
   877 
   878 // revoke_key() - revoke a key
   879 //
   880 //  parameters:
   881 //      session (in)            session handle
   882 //      fpr (in)                ID of key to revoke as UTF-8 string
   883 //      reason (in)             text with reason for revoke as UTF-8 string
   884 //                              or NULL if reason unknown
   885 //
   886 //  caveat:
   887 //      reason text must not include empty lines
   888 //      this function is meant for internal use only; better use
   889 //      key_mistrusted() of keymanagement API
   890 
   891 DYNAMIC_API PEP_STATUS revoke_key(
   892         PEP_SESSION session,
   893         const char *fpr,
   894         const char *reason
   895     );
   896 
   897 
   898 // key_expired() - flags if a key is already expired
   899 //
   900 //  parameters:
   901 //      session (in)            session handle
   902 //      fpr (in)                ID of key to check as UTF-8 string
   903 //      when (in)               UTC time of when should expiry be considered
   904 //      expired (out)           flag if key expired
   905 
   906 DYNAMIC_API PEP_STATUS key_expired(
   907         PEP_SESSION session,
   908         const char *fpr,
   909         const time_t when,
   910         bool *expired
   911     );
   912 
   913     
   914 // key_revoked() - flags if a key is already revoked
   915 //
   916 //  parameters:
   917 //      session (in)            session handle
   918 //      fpr (in)                ID of key to check as UTF-8 string
   919 //      revoked (out)           flag if key revoked
   920 
   921 DYNAMIC_API PEP_STATUS key_revoked(
   922         PEP_SESSION session,
   923         const char *fpr,
   924         bool *revoked
   925     );
   926 
   927 
   928 // get_crashdump_log() - get the last log messages out
   929 //
   930 //  parameters:
   931 //      session (in)            session handle
   932 //      maxlines (in)           maximum number of lines (0 for default)
   933 //      logdata (out)           logdata as string in double quoted CSV format
   934 //                              column1 is title
   935 //                              column2 is entity
   936 //                              column3 is description
   937 //                              column4 is comment
   938 //
   939 //  caveat:
   940 //      the ownership of logdata goes to the caller
   941 
   942 DYNAMIC_API PEP_STATUS get_crashdump_log(
   943         PEP_SESSION session,
   944         int maxlines,
   945         char **logdata
   946     );
   947 
   948 
   949 // get_languagelist() - get the list of languages
   950 //
   951 //  parameters:
   952 //      session (in)            session handle
   953 //      languages (out)         languages as string in double quoted CSV format
   954 //                              column 1 is the ISO 639-1 language code
   955 //                              column 2 is the name of the language
   956 //
   957 //  caveat:
   958 //      the ownership of languages goes to the caller
   959 
   960 DYNAMIC_API PEP_STATUS get_languagelist(
   961         PEP_SESSION session,
   962         char **languages
   963     );
   964 
   965 
   966 // get_phrase() - get phrase in a dedicated language through i18n
   967 //
   968 //  parameters:
   969 //      session (in)            session handle
   970 //      lang (in)               C string with ISO 639-1 language code
   971 //      phrase_id (in)          id of phrase in i18n
   972 //      phrase (out)            phrase as UTF-8 string
   973 //
   974 //  caveat:
   975 //      the ownership of phrase goes to the caller
   976 
   977 DYNAMIC_API PEP_STATUS get_phrase(
   978         PEP_SESSION session,
   979         const char *lang,
   980         int phrase_id,
   981         char **phrase
   982     );
   983 
   984 
   985 // sequence_value() - raise the value of a named sequence and retrieve it
   986 //
   987 //  parameters:
   988 //      session (in)            session handle
   989 //      name (inout)            name of sequence or char[37] set to {0, }
   990 //                              for new own sequence named as UUID
   991 //      value (inout)           value of sequence value to test or 0 for
   992 //                              getting next value
   993 //
   994 //  returns:
   995 //      PEP_STATUS_OK                   no error, not own sequence
   996 //      PEP_SEQUENCE_VIOLATED           if sequence violated
   997 //      PEP_CANNOT_INCREASE_SEQUENCE    if sequence cannot be increased
   998 //      PEP_OWN_SEQUENCE                if own sequence
   999 
  1000 DYNAMIC_API PEP_STATUS sequence_value(
  1001         PEP_SESSION session,
  1002         char *name,
  1003         int32_t *value
  1004     );
  1005 
  1006 
  1007 // set_revoked() - records relation between a revoked key and its replacement
  1008 //
  1009 //  parameters:
  1010 //      session (in)            session handle
  1011 //      revoked_fpr (in)        revoked fingerprint
  1012 //      replacement_fpr (in)    replacement key fingerprint
  1013 //      revocation_date (in)    revocation date
  1014 
  1015 DYNAMIC_API PEP_STATUS set_revoked(
  1016        PEP_SESSION session,
  1017        const char *revoked_fpr,
  1018        const char *replacement_fpr,
  1019        const uint64_t revocation_date
  1020     );
  1021 
  1022 
  1023 // get_revoked() - find revoked key that may have been replaced by given key, if any
  1024 //
  1025 //  parameters:
  1026 //      session (in)            session handle
  1027 //      fpr (in)                given fingerprint
  1028 //      revoked_fpr (out)       revoked fingerprint
  1029 //      revocation_date (out)   revocation date
  1030     
  1031 DYNAMIC_API PEP_STATUS get_revoked(
  1032         PEP_SESSION session,
  1033         const char *fpr,
  1034         char **revoked_fpr,
  1035         uint64_t *revocation_date
  1036     );
  1037 
  1038 
  1039 // key_created() - get creation date of a key
  1040 //
  1041 //  parameters:
  1042 //      session (in)            session handle
  1043 //      fpr (in)                fingerprint of key
  1044 //      created (out)           date of creation
  1045 
  1046 PEP_STATUS key_created(
  1047         PEP_SESSION session,
  1048         const char *fpr,
  1049         time_t *created
  1050     );
  1051 
  1052 
  1053 // find_private_keys() - find keys in keyring
  1054 //
  1055 //  parameters:
  1056 //      session (in)            session handle
  1057 //      pattern (in)            key id, user id or address to search for as
  1058 //                              UTF-8 string
  1059 //      keylist (out)           list of fingerprints found or NULL on error
  1060 //
  1061 //  caveat:
  1062 //        the ownerships of keylist isgoing to the caller
  1063 //        the caller must use free_stringlist() to free it
  1064 PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
  1065                              stringlist_t **keylist);
  1066 
  1067 // get_engine_version() - returns the current version of pEpEngine (this is different
  1068 //                        from the pEp protocol version!)
  1069 //
  1070 //  parameters: none
  1071 //
  1072 //  return_value: const char* to the engine version string constant
  1073 //
  1074 DYNAMIC_API const char* get_engine_version();
  1075 
  1076 
  1077 DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session);
  1078 
  1079 #ifdef __cplusplus
  1080 }
  1081 #endif