src/pEpEngine.h
author Volker Birk <vb@pep.foundation>
Mon, 01 Aug 2016 12:03:00 +0200
branchkeysync
changeset 958 cef602982909
parent 952 986fd7b2eb8f
child 964 ef02296c41ca
permissions -rw-r--r--
key_created() added to determine creation date of a key
     1 #pragma once
     2 
     3 #ifdef __cplusplus
     4 extern "C" {
     5 #endif
     6 
     7 #include <stddef.h>
     8 #include <stdint.h>
     9 #include <stdbool.h>
    10 
    11 #include "dynamic_api.h"
    12 #include "stringlist.h"
    13 #include "timestamp.h"
    14 
    15 #define PEP_VERSION "1.0"
    16 
    17 #define PEP_OWN_USERID "pEp_own_userId"
    18     
    19 // pEp Engine API
    20 
    21 //  caveat:
    22 //      Unicode data has to be normalized to NFC before calling
    23 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    24 
    25 
    26 struct _pEpSession;
    27 typedef struct _pEpSession * PEP_SESSION;
    28 
    29 typedef enum {
    30     PEP_STATUS_OK                                   = 0,
    31 
    32     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    33     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    34     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    35     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    36 
    37     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    38     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    39     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    40     
    41     PEP_KEY_NOT_FOUND                               = 0x0201,
    42     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    43     PEP_GET_KEY_FAILED                              = 0x0203,
    44     
    45     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    46     PEP_CANNOT_SET_PERSON                           = 0x0381,
    47     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    48     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    49     PEP_CANNOT_SET_TRUST                            = 0x0384,
    50     PEP_KEY_BLACKLISTED                             = 0x0385,
    51     
    52     PEP_UNENCRYPTED                                 = 0x0400,
    53     PEP_VERIFIED                                    = 0x0401,
    54     PEP_DECRYPTED                                   = 0x0402,
    55     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    56     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    57     PEP_DECRYPT_NO_KEY                              = 0x0405,
    58     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    59     PEP_VERIFY_NO_KEY                               = 0x0407,
    60     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    61     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    62 
    63     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    64 
    65     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    66     PEP_CANNOT_SEND_KEY                             = 0x0602,
    67 
    68     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    69 
    70     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    71     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    72     PEP_CANNOT_ENCODE                               = 0x0803,
    73 
    74     PEP_SYNC_NO_TRUSTWORDS_CALLBACK                 = 0x0901,
    75     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
    76 
    77     PEP_COMMIT_FAILED                               = 0xff01,
    78     PEP_MESSAGE_CONSUMED                            = 0xff02,
    79 
    80     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
    81     PEP_ILLEGAL_VALUE                               = -4,
    82     PEP_BUFFER_TOO_SMALL                            = -3,
    83     PEP_OUT_OF_MEMORY                               = -2,
    84     PEP_UNKNOWN_ERROR                               = -1
    85 } PEP_STATUS;
    86 
    87 
    88 // INIT_STATUS init() - initialize pEpEngine for a thread
    89 //
    90 //  parameters:
    91 //        session (out)   init() allocates session memory and returns a pointer
    92 //                        as a handle
    93 //
    94 //  return value:
    95 //        PEP_STATUS_OK = 0                 if init() succeeds
    96 //        PEP_INIT_SQLITE3_WITHOUT_MUTEX    if SQLite3 was compiled with
    97 //                                            SQLITE_THREADSAFE 0
    98 //        PEP_INIT_CANNOT_LOAD_GPGME        if libgpgme.dll cannot be found
    99 //        PEP_INIT_GPGME_INIT_FAILED        if GPGME init fails
   100 //        PEP_INIT_CANNOT_OPEN_DB           if user's management db cannot be
   101 //                                            opened
   102 //        PEP_INIT_CANNOT_OPEN_SYSTEM_DB    if system's management db cannot be
   103 //                                            opened
   104 //
   105 //  caveat:
   106 //      the pointer is valid only if the return value is PEP_STATUS_OK
   107 //      in other case a NULL pointer will be returned; a valid handle must
   108 //      be released using release() when it's no longer needed
   109 //
   110 //      the caller has to guarantee that the first call to this function
   111 //      will succeed before further calls can be done
   112 
   113 DYNAMIC_API PEP_STATUS init(PEP_SESSION *session);
   114 
   115 
   116 // void release() - release thread session handle
   117 //
   118 //  parameters:
   119 //        session (in)    session handle to release
   120 //
   121 //    caveat:
   122 //        the last release() can be called only when all other release() calls
   123 //        are done
   124 
   125 DYNAMIC_API void release(PEP_SESSION session);
   126 
   127 
   128 // config_passive_mode() - enable passive mode
   129 //
   130 //  parameters:
   131 //      session (in)    session handle
   132 //      enable (in)     flag if enabled or disabled
   133 
   134 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   135 
   136 
   137 // config_unencrypted_subject() - disable subject encryption
   138 //
   139 //  parameters:
   140 //      session (in)    session handle
   141 //      enable (in)     flag if enabled or disabled
   142 
   143 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   144 
   145 
   146 // config_use_only_own_private_keys() - enable passive mode
   147 //
   148 //  parameters:
   149 //      session (in)    session handle
   150 //      enable (in)     flag if enabled or disabled
   151 
   152 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   153 
   154 
   155 // decrypt_and_verify() - decrypt and/or verify a message
   156 //
   157 //    parameters:
   158 //        session (in)    session handle
   159 //        ctext (in)      cipher text to decrypt and/or verify
   160 //        csize (in)      size of cipher text
   161 //        ptext (out)     pointer to internal buffer with plain text
   162 //        psize (out)     size of plain text
   163 //        keylist (out)   list of key ids which where used to encrypt
   164 //
   165 //    return value:
   166 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   167 //        PEP_VERIFIED                  message was unencrypted, signature matches
   168 //        PEP_DECRYPTED                 message is decrypted now, no signature
   169 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   170 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   171 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   172 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   173 //
   174 //    caveat:
   175 //        the ownerships of ptext as well as keylist are going to the caller
   176 //        the caller must use free() (or an Windoze pEp_free()) and
   177 //        free_stringlist() to free them
   178 //
   179 //      if this function failes an error message may be the first element of
   180 //      keylist and the other elements may be the keys used for encryption
   181 
   182 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   183         PEP_SESSION session, const char *ctext, size_t csize,
   184         char **ptext, size_t *psize, stringlist_t **keylist
   185     );
   186 
   187 
   188 // verify_text() - verfy plain text with a digital signature
   189 //
   190 //  parameters:
   191 //      session (in)    session handle
   192 //      text (in)       text to verify
   193 //      size (in)       size of text
   194 //      signature (in)  signature text
   195 //      sig_size (in)   size of signature
   196 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   197 //                        error
   198 //
   199 //  return value:
   200 //        PEP_VERIFIED                message was unencrypted, signature matches
   201 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   202 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   203 
   204 DYNAMIC_API PEP_STATUS verify_text(
   205         PEP_SESSION session, const char *text, size_t size,
   206         const char *signature, size_t sig_size, stringlist_t **keylist
   207     );
   208 
   209 
   210 // encrypt_and_sign() - encrypt and sign a message
   211 //
   212 //    parameters:
   213 //        session (in)    session handle
   214 //        keylist (in)    list of key ids to encrypt with as C strings
   215 //        ptext (in)      plain text to decrypt and/or verify
   216 //        psize (in)      size of plain text
   217 //        ctext (out)     pointer to internal buffer with cipher text
   218 //        csize (out)     size of cipher text
   219 //
   220 //    return value:
   221 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   222 //        PEP_KEY_NOT_FOUND            at least one of the receipient keys
   223 //                                     could not be found
   224 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the receipient keys has
   225 //                                     an ambiguous name
   226 //        PEP_GET_KEY_FAILED           cannot retrieve key
   227 //
   228 //    caveat:
   229 //      the ownership of ctext is going to the caller
   230 //      the caller is responsible to free() it (on Windoze use pEp_free())
   231 //      the first key in keylist is being used to sign the message
   232 //      this implies there has to be a private key for that keypair
   233 
   234 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   235         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   236         size_t psize, char **ctext, size_t *csize
   237     );
   238 
   239 
   240 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   241 // management log
   242 //
   243 //    parameters:
   244 //        session (in)        session handle
   245 //        title (in)          C string with event name
   246 //        entity (in)         C string with name of entity which is logging
   247 //        description (in)    C string with long description for event or NULL if
   248 //                            omitted
   249 //        comment (in)        C string with user defined comment or NULL if
   250 //                            omitted
   251 //
   252 //    return value:
   253 //        PEP_STATUS_OK       log entry created
   254 
   255 DYNAMIC_API PEP_STATUS log_event(
   256         PEP_SESSION session,
   257         const char *title,
   258         const char *entity,
   259         const char *description,
   260         const char *comment
   261     );
   262 
   263 
   264 // trustword() - get the corresponding trustword for a 16 bit value
   265 //
   266 //    parameters:
   267 //        session (in)            session handle
   268 //        value (in)              value to find a trustword for
   269 //        lang (in)               C string with ISO 639-1 language code
   270 //        word (out)              pointer to C string with trustword UTF-8 encoded
   271 //                                NULL if language is not supported or trustword
   272 //                                wordlist is damaged or unavailable
   273 //        wsize (out)             length of trustword
   274 //
   275 //    return value:
   276 //        PEP_STATUS_OK            trustword retrieved
   277 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   278 //
   279 //    caveat:
   280 //        the word pointer goes to the ownership of the caller
   281 //      the caller is responsible to free() it (on Windoze use pEp_free())
   282 
   283 DYNAMIC_API PEP_STATUS trustword(
   284             PEP_SESSION session, uint16_t value, const char *lang,
   285             char **word, size_t *wsize
   286         );
   287 
   288 
   289 // trustwords() - get trustwords for a string of hex values of a fingerprint
   290 //
   291 //    parameters:
   292 //        session (in)        session handle
   293 //        fingerprint (in)    C string with hex values to find trustwords for
   294 //        lang (in)           C string with ISO 639-1 language code
   295 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   296 //                            separated by a blank each
   297 //                            NULL if language is not supported or trustword
   298 //                            wordlist is damaged or unavailable
   299 //        wsize (out)         length of trustwords string
   300 //        max_words (in)      only generate a string with max_words;
   301 //                            if max_words == 0 there is no such limit
   302 //
   303 //    return value:
   304 //        PEP_STATUS_OK            trustwords retrieved
   305 //        PEP_OUT_OF_MEMORY        out of memory
   306 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   307 //
   308 //    caveat:
   309 //        the word pointer goes to the ownership of the caller
   310 //      the caller is responsible to free() it (on Windoze use pEp_free())
   311 //
   312 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   313 //
   314 //  Better implement a simple one in the adapter yourself using trustword(), and
   315 //  return a list of trustwords.
   316 //  This function is provided for being used by C and C++ programs only.
   317 
   318 DYNAMIC_API PEP_STATUS trustwords(
   319         PEP_SESSION session, const char *fingerprint, const char *lang,
   320         char **words, size_t *wsize, int max_words
   321     );
   322 
   323 
   324 // TODO: increase versions in pEp.asn1 if rating changes
   325 
   326 typedef enum _PEP_comm_type {
   327     PEP_ct_unknown = 0,
   328 
   329     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   330 
   331     PEP_ct_no_encryption = 0x01,                // generic
   332     PEP_ct_no_encrypted_channel = 0x02,
   333     PEP_ct_key_not_found = 0x03,
   334     PEP_ct_key_expired = 0x04,
   335     PEP_ct_key_revoked = 0x05,
   336     PEP_ct_key_b0rken = 0x06,
   337     PEP_ct_my_key_not_included = 0x09,
   338 
   339     PEP_ct_security_by_obscurity = 0x0a,
   340     PEP_ct_b0rken_crypto = 0x0b,
   341     PEP_ct_key_too_short = 0x0c,
   342 
   343     PEP_ct_compromized = 0x0e,                  // known compromized connection
   344     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   345 
   346     // range 0x10 to 0x3f: unconfirmed encryption
   347 
   348     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   349     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   350 
   351     PEP_ct_to_be_checked = 0x20,                // generic
   352     PEP_ct_SMIME_unconfirmed = 0x21,
   353     PEP_ct_CMS_unconfirmed = 0x22,
   354 
   355     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   356     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   357     PEP_ct_OTR_unconfirmed = 0x3a,
   358 
   359     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   360 
   361     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   362     PEP_ct_pEp_unconfirmed = 0x7f,
   363 
   364     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   365 
   366     // range 0x81 to 0x8f: reserved
   367     // range 0x90 to 0xbf: confirmed encryption
   368 
   369     PEP_ct_confirmed_encryption = 0x90,         // generic
   370     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak
   371 
   372     PEP_ct_to_be_checked_confirmed = 0xa0,      //generic
   373     PEP_ct_SMIME = 0xa1,
   374     PEP_ct_CMS = 0xa2,
   375 
   376     PEP_ct_strong_encryption = 0xb0,            // generic
   377     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   378     PEP_ct_OTR = 0xba,
   379 
   380     // range 0xc0 to 0xff: confirmed encryption and anonymization
   381 
   382     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   383     PEP_ct_pEp = 0xff
   384 } PEP_comm_type;
   385 
   386 typedef enum _identity_flags {
   387     // the first octet flags are app defined settings
   388     PEP_idf_not_for_sync = 1,   // don't use this identity for sync
   389     PEP_idf_list = 2,           // identity of list of persons
   390 
   391     // the second octet flags are calculated
   392     PEP_idf_devicegroup = 256   // identity of a device group member
   393 } identity_flags;
   394 
   395 typedef unsigned int identity_flags_t;
   396 
   397 typedef struct _pEp_identity {
   398     char *address;              // C string with address UTF-8 encoded
   399     char *fpr;                  // C string with fingerprint UTF-8 encoded
   400     char *user_id;              // C string with user ID UTF-8 encoded
   401     char *username;             // C string with user name UTF-8 encoded
   402     PEP_comm_type comm_type;    // type of communication with this ID
   403     char lang[3];               // language of conversation
   404                                 // ISO 639-1 ALPHA-2, last byte is 0
   405     bool me;                    // if this is the local user herself/himself
   406     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   407 } pEp_identity;
   408 
   409 typedef struct _identity_list {
   410     pEp_identity *ident;
   411     struct _identity_list *next;
   412 } identity_list;
   413 
   414 
   415 // new_identity() - allocate memory and set the string and size fields
   416 //
   417 //  parameters:
   418 //      address (in)        UTF-8 string or NULL 
   419 //      fpr (in)            UTF-8 string or NULL 
   420 //      user_id (in)        UTF-8 string or NULL 
   421 //      username (in)       UTF-8 string or NULL 
   422 //
   423 //  return value:
   424 //      pEp_identity struct or NULL if out of memory
   425 //
   426 //  caveat:
   427 //      the strings are copied; the original strings are still being owned by
   428 //      the caller
   429 
   430 DYNAMIC_API pEp_identity *new_identity(
   431         const char *address, const char *fpr, const char *user_id,
   432         const char *username
   433     );
   434 
   435 
   436 // identity_dup() - allocate memory and duplicate
   437 //
   438 //  parameters:
   439 //      src (in)            identity to duplicate
   440 //
   441 //  return value:
   442 //      pEp_identity struct or NULL if out of memory
   443 //
   444 //  caveat:
   445 //      the strings are copied; the original strings are still being owned by
   446 //      the caller
   447 
   448 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   449 
   450 
   451 // free_identity() - free all memory being occupied by a pEp_identity struct
   452 //
   453 //  parameters:
   454 //      identity (in)       struct to release
   455 //
   456 //  caveat:
   457 //      not only the struct but also all string memory referenced by the
   458 //      struct is being freed; all pointers inside are invalid afterwards
   459 
   460 DYNAMIC_API void free_identity(pEp_identity *identity);
   461 
   462 
   463 // get_identity() - get identity information
   464 //
   465 //    parameters:
   466 //        session (in)        session handle
   467 //        address (in)        C string with communication address, UTF-8 encoded
   468 //        user_id (in)        unique C string to identify person that identity
   469 //                            is refering to
   470 //        identity (out)      pointer to pEp_identity structure with results or
   471 //                            NULL if failure
   472 //
   473 //    caveat:
   474 //        address and user_id are being copied; the original strings remains in
   475 //        the ownership of the caller
   476 //        the resulting pEp_identity structure goes to the ownership of the
   477 //        caller and has to be freed with free_identity() when not in use any
   478 //        more
   479 
   480 DYNAMIC_API PEP_STATUS get_identity(
   481         PEP_SESSION session,
   482         const char *address,
   483         const char *user_id,
   484         pEp_identity **identity
   485     );
   486 
   487 // set_identity() - set identity information
   488 //
   489 //    parameters:
   490 //        session (in)        session handle
   491 //        identity (in)       pointer to pEp_identity structure
   492 //
   493 //    return value:
   494 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   495 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   496 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   497 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   498 //        PEP_COMMIT_FAILED             SQL commit failed
   499 //        PEP_KEY_BLACKLISTED           Key blacklisted, cannot set identity
   500 //
   501 //    caveat:
   502 //        address, fpr, user_id and username must be given
   503 
   504 DYNAMIC_API PEP_STATUS set_identity(
   505         PEP_SESSION session, const pEp_identity *identity
   506     );
   507 
   508 
   509 // set_identity_flags() - update identity flags on existing identity
   510 //
   511 //    parameters:
   512 //        session (in)        session handle
   513 //        identity (in,out)   pointer to pEp_identity structure
   514 //        flags (in)          new value for flags
   515 //
   516 //    return value:
   517 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   518 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   519 //
   520 //    caveat:
   521 //        address and user_id must be given in identity
   522 
   523 DYNAMIC_API PEP_STATUS set_identity_flags(
   524         PEP_SESSION session,
   525         pEp_identity *identity,
   526         unsigned int flags
   527     );
   528 
   529 
   530 // mark_as_compromized() - mark key in trust db as compromized
   531 //
   532 //    parameters:
   533 //        session (in)        session handle
   534 //        fpr (in)            fingerprint of key to mark
   535 
   536 DYNAMIC_API PEP_STATUS mark_as_compromized(
   537         PEP_SESSION session,
   538         const char *fpr
   539     );
   540 
   541 
   542 // generate_keypair() - generate a new key pair and add it to the key ring
   543 //
   544 //  parameters:
   545 //      session (in)            session handle
   546 //        identity (inout)      pointer to pEp_identity structure
   547 //
   548 //    return value:
   549 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   550 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   551 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   552 //
   553 //  caveat:
   554 //      address and username fields must be set to UTF-8 strings
   555 //      the fpr field must be set to NULL
   556 //
   557 //      this function allocates a string and sets set fpr field of identity
   558 //      the caller is responsible to call free() for that string or use
   559 //      free_identity() on the struct
   560 
   561 DYNAMIC_API PEP_STATUS generate_keypair(
   562         PEP_SESSION session, pEp_identity *identity
   563     );
   564 
   565 
   566 // delete_keypair() - delete a public key or a key pair from the key ring
   567 //
   568 //  parameters:
   569 //      session (in)            session handle
   570 //      fpr (in)                C string with key id or fingerprint of the
   571 //                              public key
   572 //
   573 //  return value:
   574 //      PEP_STATUS_OK = 0       key was successfully deleted
   575 //      PEP_KEY_NOT_FOUND       key not found
   576 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
   577 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
   578 //      PEP_OUT_OF_MEMORY       out of memory
   579 
   580 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
   581 
   582 
   583 // import_key() - import key from data
   584 //
   585 //  parameters:
   586 //      session (in)            session handle
   587 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
   588 //      size (in)               amount of data to handle
   589 //      private_keys (out)      list of private keys that have been imported
   590 //
   591 //  return value:
   592 //      PEP_STATUS_OK = 0       key was successfully imported
   593 //      PEP_OUT_OF_MEMORY       out of memory
   594 //      PEP_ILLEGAL_VALUE       there is no key data to import
   595 //
   596 //  caveat:
   597 //      private_keys goes to the ownership of the caller
   598 //      private_keys can be left NULL, it is then ignored
   599 
   600 DYNAMIC_API PEP_STATUS import_key(
   601         PEP_SESSION session,
   602         const char *key_data,
   603         size_t size,
   604         identity_list **private_keys
   605     );
   606 
   607 
   608 // export_key() - export ascii armored key
   609 //
   610 //  parameters:
   611 //      session (in)            session handle
   612 //      fpr (in)                key id or fingerprint of key
   613 //      key_data (out)          ASCII armored OpenPGP key
   614 //      size (out)              amount of data to handle
   615 //
   616 //  return value:
   617 //      PEP_STATUS_OK = 0       key was successfully exported
   618 //      PEP_OUT_OF_MEMORY       out of memory
   619 //      PEP_KEY_NOT_FOUND       key not found
   620 //
   621 //  caveat:
   622 //      the key_data goes to the ownership of the caller
   623 //      the caller is responsible to free() it (on Windoze use pEp_free())
   624 
   625 DYNAMIC_API PEP_STATUS export_key(
   626         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   627     );
   628 
   629 
   630 // recv_key() - update key(s) from keyserver
   631 //
   632 //  parameters:
   633 //      session (in)            session handle
   634 //      pattern (in)            key id, user id or address to search for as
   635 //                              UTF-8 string
   636 
   637 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
   638 
   639 
   640 // find_keys() - find keys in keyring
   641 //
   642 //  parameters:
   643 //      session (in)            session handle
   644 //      pattern (in)            key id, user id or address to search for as
   645 //                              UTF-8 string
   646 //      keylist (out)           list of fingerprints found or NULL on error
   647 //
   648 //  caveat:
   649 //        the ownerships of keylist isgoing to the caller
   650 //        the caller must use free_stringlist() to free it
   651 
   652 
   653 DYNAMIC_API PEP_STATUS find_keys(
   654         PEP_SESSION session, const char *pattern, stringlist_t **keylist
   655     );
   656 
   657 
   658 // send_key() - send key(s) to keyserver
   659 //
   660 //  parameters:
   661 //      session (in)            session handle
   662 //      pattern (in)            key id, user id or address to search for as
   663 //                              UTF-8 string
   664 
   665 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
   666 
   667 
   668 // pEp_free() - free memory allocated by pEp engine
   669 //
   670 //  parameters:
   671 //      p (in)                  pointer to free
   672 //
   673 //  The reason for this function is that heap management can be a pretty
   674 //  complex task with Windoze. This free() version calls the free()
   675 //  implementation of the C runtime library which was used to build pEp engine,
   676 //  so you're using the correct heap. For more information, see:
   677 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
   678 
   679 DYNAMIC_API void pEp_free(void *p);
   680 
   681 
   682 // get_trust() - get the trust level a key has for a person
   683 //
   684 //  parameters:
   685 //      session (in)            session handle
   686 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
   687 //                              user_id and comm_type as result (out)
   688 //
   689 //  this function modifies the given identity struct; the struct remains in
   690 //  the ownership of the caller
   691 //  if the trust level cannot be determined identity->comm_type is set
   692 //  to PEP_ct_unknown
   693 
   694 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
   695 
   696 
   697 // least_trust() - get the least known trust level for a key in the database
   698 //
   699 //  parameters:
   700 //      session (in)            session handle
   701 //      fpr (in)                fingerprint of key to check
   702 //      comm_type (out)         least comm_type as result (out)
   703 //
   704 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
   705 
   706 DYNAMIC_API PEP_STATUS least_trust(
   707         PEP_SESSION session,
   708         const char *fpr,
   709         PEP_comm_type *comm_type
   710     );
   711 
   712 
   713 // get_key_rating() - get the rating a bare key has
   714 //
   715 //  parameters:
   716 //      session (in)            session handle
   717 //      fpr (in)                unique identifyer for key as UTF-8 string
   718 //      comm_type (out)         key rating
   719 //
   720 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
   721 //  is returned
   722 
   723 DYNAMIC_API PEP_STATUS get_key_rating(
   724         PEP_SESSION session,
   725         const char *fpr,
   726         PEP_comm_type *comm_type
   727     );
   728 
   729 
   730 // renew_key() - renew an expired key
   731 //
   732 //  parameters:
   733 //      session (in)            session handle
   734 //      fpr (in)                ID of key to renew as UTF-8 string
   735 //      ts (in)                 timestamp when key should expire or NULL for
   736 //                              default
   737 
   738 DYNAMIC_API PEP_STATUS renew_key(
   739         PEP_SESSION session,
   740         const char *fpr,
   741         const timestamp *ts
   742     );
   743 
   744 
   745 // revoke_key() - revoke a key
   746 //
   747 //  parameters:
   748 //      session (in)            session handle
   749 //      fpr (in)                ID of key to revoke as UTF-8 string
   750 //      reason (in)             text with reason for revoke as UTF-8 string
   751 //                              or NULL if reason unknown
   752 //
   753 //  caveat:
   754 //      reason text must not include empty lines
   755 //      this function is meant for internal use only; better use
   756 //      key_compromized() of keymanagement API
   757 
   758 DYNAMIC_API PEP_STATUS revoke_key(
   759         PEP_SESSION session,
   760         const char *fpr,
   761         const char *reason
   762     );
   763 
   764 
   765 // key_expired() - flags if a key is already expired
   766 //
   767 //  parameters:
   768 //      session (in)            session handle
   769 //      fpr (in)                ID of key to check as UTF-8 string
   770 //      when (in)               UTC time of when should expiry be considered
   771 //      expired (out)           flag if key expired
   772 
   773 DYNAMIC_API PEP_STATUS key_expired(
   774         PEP_SESSION session,
   775         const char *fpr,
   776         const time_t when,
   777         bool *expired
   778     );
   779 
   780     
   781 // key_revoked() - flags if a key is already revoked
   782 //
   783 //  parameters:
   784 //      session (in)            session handle
   785 //      fpr (in)                ID of key to check as UTF-8 string
   786 //      revoked (out)           flag if key revoked
   787 
   788 DYNAMIC_API PEP_STATUS key_revoked(
   789         PEP_SESSION session,
   790         const char *fpr,
   791         bool *revoked
   792     );
   793 
   794 
   795 // get_crashdump_log() - get the last log messages out
   796 //
   797 //  parameters:
   798 //      session (in)            session handle
   799 //      maxlines (in)           maximum number of lines (0 for default)
   800 //      logdata (out)           logdata as string in double quoted CSV format
   801 //                              column1 is title
   802 //                              column2 is entity
   803 //                              column3 is description
   804 //                              column4 is comment
   805 //
   806 //  caveat:
   807 //      the ownership of logdata goes to the caller
   808 
   809 DYNAMIC_API PEP_STATUS get_crashdump_log(
   810         PEP_SESSION session,
   811         int maxlines,
   812         char **logdata
   813     );
   814 
   815 
   816 // get_languagelist() - get the list of languages
   817 //
   818 //  parameters:
   819 //      session (in)            session handle
   820 //      languages (out)         languages as string in double quoted CSV format
   821 //                              column 1 is the ISO 639-1 language code
   822 //                              column 2 is the name of the language
   823 //
   824 //  caveat:
   825 //      the ownership of languages goes to the caller
   826 
   827 DYNAMIC_API PEP_STATUS get_languagelist(
   828         PEP_SESSION session,
   829         char **languages
   830     );
   831 
   832 
   833 // get_phrase() - get phrase in a dedicated language through i18n
   834 //
   835 //  parameters:
   836 //      session (in)            session handle
   837 //      lang (in)               C string with ISO 639-1 language code
   838 //      phrase_id (in)          id of phrase in i18n
   839 //      phrase (out)            phrase as UTF-8 string
   840 //
   841 //  caveat:
   842 //      the ownership of phrase goes to the caller
   843 
   844 DYNAMIC_API PEP_STATUS get_phrase(
   845         PEP_SESSION session,
   846         const char *lang,
   847         int phrase_id,
   848         char **phrase
   849     );
   850 
   851 
   852 // sequence_value() - raise the value of a named sequence and retrieve it
   853 //
   854 //  parameters:
   855 //      session (in)            session handle
   856 //      name (in)               name of sequence
   857 //      value (out)             value of sequence
   858 
   859 DYNAMIC_API PEP_STATUS sequence_value(
   860         PEP_SESSION session,
   861         const char *name,
   862         int32_t *value
   863     );
   864 
   865     
   866 // set_revoked() - records relation between a revoked key and its replacement
   867 //
   868 //  parameters:
   869 //      session (in)            session handle
   870 //      revoked_fpr (in)        revoked fingerprint
   871 //      replacement_fpr (in)    replacement key fingerprint
   872 //      revocation_date (in)    revocation date
   873 
   874 DYNAMIC_API PEP_STATUS set_revoked(
   875        PEP_SESSION session,
   876        const char *revoked_fpr,
   877        const char *replacement_fpr,
   878        const uint64_t revocation_date
   879     );
   880 
   881 
   882 // get_revoked() - find revoked key that may have been replaced by given key, if any
   883 //
   884 //  parameters:
   885 //      session (in)            session handle
   886 //      fpr (in)                given fingerprint
   887 //      revoked_fpr (out)       revoked fingerprint
   888 //      revocation_date (out)   revocation date
   889     
   890 DYNAMIC_API PEP_STATUS get_revoked(
   891         PEP_SESSION session,
   892         const char *fpr,
   893         char **revoked_fpr,
   894         uint64_t *revocation_date
   895     );
   896 
   897 
   898 // key_created() - get creation date of a key
   899 //
   900 //  parameters:
   901 //      session (in)            session handle
   902 //      fpr (in)                fingerprint of key
   903 //      created (out)           date of creation
   904 
   905 PEP_STATUS key_created(
   906         PEP_SESSION session,
   907         const char *fpr,
   908         time_t *created
   909     );
   910 
   911 
   912 DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session);
   913 
   914 #ifdef __cplusplus
   915 }
   916 #endif