src/pEp_internal.h
author Claudio Luck <claudio.luck@pep.foundation>
Thu, 30 May 2019 02:16:49 +0200
branchENGINE-524
changeset 3839 f264464b1cfa
parent 3836 f7ec3ffc9487
parent 3772 f4d6efa63ee1
child 3840 bfef390b48e2
permissions -rw-r--r--
ENGINE-524: merge in sync
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #define PEP_ENGINE_VERSION "1.1.1"
     5 
     6 // maximum attachment size to import as key 1MB, maximum of 20 attachments
     7 
     8 #define MAX_KEY_SIZE (1024 * 1024)
     9 #define MAX_KEYS_TO_IMPORT  20
    10 
    11 #define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)
    12 
    13 // this is 20 trustwords with 79 chars max
    14 #define MAX_TRUSTWORDS_SPACE (20 * 80)
    15 
    16 // XML parameters string
    17 #define PARMS_MAX 32768
    18 
    19 // maximum busy wait time in ms
    20 #define BUSY_WAIT_TIME 5000
    21 
    22 // maximum line length for reading gpg.conf
    23 #define MAX_LINELENGTH 1024
    24 
    25 // default keyserver
    26 #ifndef DEFAULT_KEYSERVER
    27 #define DEFAULT_KEYSERVER "hkp://keys.gnupg.net"
    28 #endif
    29 
    30 // crashdump constants
    31 #ifndef CRASHDUMP_DEFAULT_LINES
    32 #define CRASHDUMP_DEFAULT_LINES 100
    33 #endif
    34 #define CRASHDUMP_MAX_LINES 32767
    35 
    36 // p≡p full string, NUL-terminated
    37 #ifndef PEP_SUBJ_STRING
    38 #define PEP_SUBJ_STRING {0x70,0xE2,0x89,0xA1,0x70,0x00}
    39 #define PEP_SUBJ_BYTELEN 5
    40 #endif
    41 
    42 #ifndef PEP_SUBJ_KEY
    43 #define PEP_SUBJ_KEY "Subject: "
    44 #define PEP_SUBJ_KEY_LC "subject: "
    45 #define PEP_SUBJ_KEY_LEN 9
    46 #endif
    47 
    48 #ifndef PEP_MSG_WRAP_KEY
    49 #define PEP_MSG_WRAP_KEY "pEp-Wrapped-Message-Info: "
    50 #define PEP_MSG_WRAP_KEY_LC "pep-wrapped-message-info: "
    51 #define PEP_MSG_WRAP_KEY_LEN 26
    52 #endif
    53 
    54 
    55 #include "platform.h"
    56 
    57 #ifndef LOCAL_DB_FILENAME
    58 #define LOCAL_DB_FILENAME "management.db"
    59 #endif
    60 #define SYSTEM_DB_FILENAME "system.db"
    61 #ifndef SYSTEM_DB_PREFIX
    62 #define SYSTEM_DB_PREFIX "/usr/local/share/pEp"     /* package maintainers please override this */
    63 #endif
    64 
    65 #ifdef WIN32
    66 #define LOCAL_DB windoze_local_db()
    67 #define LOCAL_KEYS_DB windoze_local_db()
    68 #define SYSTEM_DB windoze_system_db()
    69 #define LIBGPGME "libgpgme-11.dll"
    70 #else // UNIX
    71 #define _POSIX_C_SOURCE 200809L
    72 #include <dlfcn.h>
    73 #ifndef LIBGPGME
    74 #define LIBGPGME "libgpgme-pthread.so"
    75 #endif
    76 #endif
    77 
    78 #include <locale.h>
    79 #include <stdlib.h>
    80 #include <string.h>
    81 #include <assert.h>
    82 #include <stdio.h>
    83 #include <ctype.h>
    84 #include <math.h>
    85 
    86 #ifdef SQLITE3_FROM_OS
    87 #include <sqlite3.h>
    88 #else
    89 #include "sqlite3.h"
    90 #endif
    91 
    92 #include "pEpEngine.h"
    93 
    94 // If not specified, build for GPG
    95 #ifndef USE_SEQUOIA
    96 #ifndef USE_NETPGP
    97 #ifndef USE_GPG
    98 #define USE_GPG
    99 #endif
   100 #endif
   101 #endif
   102 
   103 #if defined(USE_SEQUOIA)
   104 #include "pgp_sequoia_internal.h"
   105 #elif defined(USE_NETPGP)
   106 #include "pgp_netpgp_internal.h"
   107 #elif defined(USE_GPG)
   108 #include "pgp_gpg_internal.h"
   109 #endif
   110 
   111 #include "keymanagement.h"
   112 #include "cryptotech.h"
   113 #include "transport.h"
   114 #include "sync_api.h"
   115 #include "Sync_func.h"
   116 
   117 #include "key_reset.h"
   118 
   119 #define NOT_IMPLEMENTED assert(0); return PEP_UNKNOWN_ERROR;
   120 
   121 struct _pEpSession;
   122 typedef struct _pEpSession pEpSession;
   123 struct _pEpSession {
   124     const char *version;
   125     messageToSend_t messageToSend;
   126 
   127 #ifdef USE_GPG
   128     gpgme_ctx_t ctx;
   129 #elif defined(USE_NETPGP)
   130     pEpNetPGPSession ctx;
   131 #elif defined(USE_SEQUOIA)
   132     sqlite3 *key_db;
   133     struct {
   134         sqlite3_stmt *begin_transaction;
   135         sqlite3_stmt *commit_transaction;
   136         sqlite3_stmt *rollback_transaction;
   137         sqlite3_stmt *tpk_find;
   138         sqlite3_stmt *tsk_find;
   139         sqlite3_stmt *tpk_find_by_keyid;
   140         sqlite3_stmt *tsk_find_by_keyid;
   141         sqlite3_stmt *tpk_find_by_email;
   142         sqlite3_stmt *tsk_find_by_email;
   143         sqlite3_stmt *tpk_all;
   144         sqlite3_stmt *tsk_all;
   145         sqlite3_stmt *tpk_save_insert_primary;
   146         sqlite3_stmt *tpk_save_insert_subkeys;
   147         sqlite3_stmt *tpk_save_insert_userids;
   148     } sq_sql;
   149 #endif
   150 
   151     PEP_cryptotech_t *cryptotech;
   152     PEP_CIPHER_SUITE cipher_suite;
   153 
   154     PEP_transport_t *transports;
   155 
   156     const char *user_directory;
   157     const char *machine_directory;
   158 
   159     sqlite3 *db;
   160     sqlite3 *system_db;
   161 
   162     sqlite3_stmt *log;
   163     sqlite3_stmt *trustword;
   164     sqlite3_stmt *get_identity;
   165     sqlite3_stmt *get_identity_without_trust_check;
   166     sqlite3_stmt *get_identities_by_address;
   167     sqlite3_stmt *get_identities_by_userid;
   168     sqlite3_stmt *get_identities_by_main_key_id;
   169     sqlite3_stmt *replace_identities_fpr;
   170     sqlite3_stmt *replace_main_user_fpr;
   171     sqlite3_stmt *get_main_user_fpr;
   172     sqlite3_stmt *refresh_userid_default_key;
   173     sqlite3_stmt *delete_key;
   174     sqlite3_stmt *remove_fpr_as_default;
   175     sqlite3_stmt *set_person;
   176     sqlite3_stmt *update_person;
   177     sqlite3_stmt *delete_person;
   178     sqlite3_stmt *exists_person;    
   179     sqlite3_stmt *set_as_pEp_user;
   180     sqlite3_stmt *is_pEp_user;
   181     sqlite3_stmt *add_into_social_graph;
   182     sqlite3_stmt *get_own_address_binding_from_contact;
   183     sqlite3_stmt *set_revoke_contact_as_notified;
   184     sqlite3_stmt *get_contacted_ids_from_revoke_fpr;
   185     sqlite3_stmt *was_id_for_revoke_contacted;
   186     sqlite3_stmt *get_last_contacted;
   187     // sqlite3_stmt *set_device_group;
   188     // sqlite3_stmt *get_device_group;
   189     sqlite3_stmt *set_pgp_keypair;
   190     sqlite3_stmt *set_identity_entry;
   191     sqlite3_stmt *update_identity_entry;
   192     sqlite3_stmt *exists_identity_entry;        
   193     sqlite3_stmt *set_identity_flags;
   194     sqlite3_stmt *unset_identity_flags;
   195     sqlite3_stmt *set_trust;
   196     sqlite3_stmt *update_trust;
   197     sqlite3_stmt *exists_trust_entry;
   198     sqlite3_stmt *update_trust_to_pEp;
   199     sqlite3_stmt *update_trust_for_fpr;
   200     sqlite3_stmt *get_trust;
   201     sqlite3_stmt *get_trust_by_userid;
   202     sqlite3_stmt *least_trust;
   203     sqlite3_stmt *mark_compromised;
   204     sqlite3_stmt *reset_trust;
   205     sqlite3_stmt *crashdump;
   206     sqlite3_stmt *languagelist;
   207     sqlite3_stmt *i18n_token;
   208     sqlite3_stmt *replace_userid;
   209 
   210     // blacklist
   211     sqlite3_stmt *blacklist_add;
   212     sqlite3_stmt *blacklist_delete;
   213     sqlite3_stmt *blacklist_is_listed;
   214     sqlite3_stmt *blacklist_retrieve;
   215     
   216     // Keys
   217     sqlite3_stmt *own_key_is_listed;
   218     sqlite3_stmt *is_own_address;
   219     sqlite3_stmt *own_identities_retrieve;
   220     sqlite3_stmt *own_keys_retrieve;
   221     sqlite3_stmt *get_user_default_key;
   222     sqlite3_stmt *get_all_keys_for_user;
   223         
   224     sqlite3_stmt *get_default_own_userid;
   225 
   226 
   227 //    sqlite3_stmt *set_own_key;
   228 
   229     // sequence value
   230     sqlite3_stmt *sequence_value1;
   231     sqlite3_stmt *sequence_value2;
   232 
   233     // revoked keys
   234     sqlite3_stmt *set_revoked;
   235     sqlite3_stmt *get_revoked;
   236     sqlite3_stmt *get_replacement_fpr;
   237 
   238     // mistrusted
   239     sqlite3_stmt* add_mistrusted_key;
   240     sqlite3_stmt* is_mistrusted_key;    
   241     sqlite3_stmt* delete_mistrusted_key;
   242     
   243     // aliases
   244     sqlite3_stmt *get_userid_alias_default;
   245     sqlite3_stmt *add_userid_alias;
   246 
   247     // callbacks
   248     examine_identity_t examine_identity;
   249     void *examine_management;
   250     notifyHandshake_t notifyHandshake;
   251     inject_sync_event_t inject_sync_event;
   252     retrieve_next_sync_event_t retrieve_next_sync_event;
   253 
   254     // pEp Sync
   255     void *sync_management;
   256     void *sync_obj;
   257     struct Sync_state_s sync_state;
   258 
   259 //     void* sync_state_payload;
   260 //     char sync_uuid[37];
   261 //     time_t LastCannotDecrypt;
   262 //     time_t LastUpdateRequest;
   263 
   264     // runtime config
   265 
   266     bool passive_mode;
   267     bool unencrypted_subject;
   268     bool service_log;
   269     
   270 #ifdef DEBUG_ERRORSTACK
   271     stringlist_t* errorstack;
   272 #endif
   273 };
   274 
   275 
   276 PEP_STATUS init_transport_system(PEP_SESSION session, bool in_first);
   277 void release_transport_system(PEP_SESSION session, bool out_last);
   278 
   279 /* NOT to be exposed to the outside!!! */
   280 PEP_STATUS encrypt_only(
   281         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   282         size_t psize, char **ctext, size_t *csize
   283 );
   284 
   285 #if defined(NDEBUG) || defined(NOLOG)
   286 #define DEBUG_LOG(TITLE, ENTITY, DESC)
   287 #else
   288 #ifdef ANDROID
   289 #include <android/log.h>
   290 #define  LOG_MORE(...)  __android_log_print(ANDROID_LOG_DEBUG, "pEpEngine", " %s :: %s :: %s :: %s ", __VA_ARGS__);
   291 #else
   292 #include <stdio.h>
   293 #define  LOG_MORE(...)  fprintf(stderr, "pEpEngine DEBUG_LOG('%s','%s','%s','%s')\n", __VA_ARGS__);
   294 #endif
   295 #define DEBUG_LOG(TITLE, ENTITY, DESC) {\
   296     log_event(session, (TITLE), (ENTITY), (DESC), "debug " __FILE__ ":" S_LINE);\
   297     LOG_MORE((TITLE), (ENTITY), (DESC), __FILE__ ":" S_LINE)\
   298 }
   299 #endif
   300 
   301 typedef enum _normalize_hex_rest_t {
   302     accept_hex,
   303     ignore_hex,
   304     reject_hex
   305 } normalize_hex_res_t;
   306 
   307 static inline normalize_hex_res_t _normalize_hex(char *hex) 
   308 {
   309     if (*hex >= '0' && *hex <= '9')
   310         return accept_hex;
   311 
   312     if (*hex >= 'A' && *hex <= 'F') {
   313         *hex += 'a' - 'A';
   314         return accept_hex;
   315     }
   316 
   317     if (*hex >= 'a' && *hex <= 'f') 
   318         return accept_hex;
   319 
   320     if (*hex == ' ') 
   321         return ignore_hex;
   322 
   323     return reject_hex;
   324 }
   325 
   326 // Space tolerant and case insensitive fingerprint string compare
   327 static inline PEP_STATUS _compare_fprs(
   328         const char* fpra,
   329         size_t fpras,
   330         const char* fprb,
   331         size_t fprbs,
   332         int* comparison)
   333 {
   334 
   335     size_t ai = 0;
   336     size_t bi = 0;
   337     size_t significant = 0;
   338     int _comparison = 0;
   339     const int _FULL_FINGERPRINT_LENGTH = 40;
   340    
   341     // First compare every non-ignored chars until an end is reached
   342     while(ai < fpras && bi < fprbs)
   343     {
   344         char fprac = fpra[ai];
   345         char fprbc = fprb[bi];
   346         normalize_hex_res_t fprah = _normalize_hex(&fprac);
   347         normalize_hex_res_t fprbh = _normalize_hex(&fprbc);
   348 
   349         if(fprah == reject_hex || fprbh == reject_hex)
   350             return PEP_ILLEGAL_VALUE;
   351 
   352         if ( fprah == ignore_hex )
   353         {
   354             ai++;
   355         }
   356         else if ( fprbh == ignore_hex )
   357         {
   358             bi++;
   359         }
   360         else
   361         {
   362             if(fprac != fprbc && _comparison == 0 )
   363             {
   364                 _comparison = fprac > fprbc ? 1 : -1;
   365             }
   366 
   367             significant++;
   368             ai++;
   369             bi++;
   370 
   371         } 
   372     }
   373 
   374     // Bail out if we didn't got enough significnt chars
   375     if (significant != _FULL_FINGERPRINT_LENGTH )
   376         return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
   377 
   378     // Then purge remaining chars, all must be ignored chars
   379     while ( ai < fpras )
   380     {
   381         char fprac = fpra[ai];
   382         normalize_hex_res_t fprah = _normalize_hex(&fprac);
   383         if( fprah == reject_hex )
   384             return PEP_ILLEGAL_VALUE;
   385         if ( fprah != ignore_hex )
   386             return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
   387         ai++;
   388     }
   389     while ( bi < fprbs )
   390     {
   391         char fprbc = fprb[bi];
   392         normalize_hex_res_t fprbh = _normalize_hex(&fprbc);
   393         if( fprbh == reject_hex )
   394             return PEP_ILLEGAL_VALUE;
   395         if ( fprbh != ignore_hex )
   396             return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
   397         bi++;
   398     }
   399 
   400     *comparison = _comparison;
   401     return PEP_STATUS_OK;
   402 }
   403 
   404 static inline int _same_fpr(
   405         const char* fpra,
   406         size_t fpras,
   407         const char* fprb,
   408         size_t fprbs
   409     )
   410 {
   411     // illegal values are ignored, and considered not same.
   412     int comparison = 1;
   413 
   414     _compare_fprs(fpra, fpras, fprb, fprbs, &comparison);
   415 
   416     return comparison == 0;
   417 }
   418 
   419 // size is the length of the bytestr that's coming in. This is really only intended
   420 // for comparing two full strings. If charstr's length is different from bytestr_size,
   421 // we'll return a non-zero value.
   422 static inline int _unsigned_signed_strcmp(const unsigned char* bytestr, const char* charstr, int bytestr_size) {
   423     int charstr_len = strlen(charstr);
   424     if (charstr_len != bytestr_size)
   425         return -1; // we don't actually care except that it's non-zero
   426     return memcmp(bytestr, charstr, bytestr_size);
   427 }
   428 
   429 // This is just a horrible example of C type madness. UTF-8 made me do it.
   430 static inline char* _pEp_subj_copy() {
   431 #ifndef WIN32
   432     unsigned char pEpstr[] = PEP_SUBJ_STRING;
   433     void* retval = calloc(1, sizeof(unsigned char)*PEP_SUBJ_BYTELEN + 1);
   434     memcpy(retval, pEpstr, PEP_SUBJ_BYTELEN);
   435     return (char*)retval;
   436 #else
   437     return strdup("pEp");
   438 #endif
   439 }
   440 
   441 static inline bool is_me(PEP_SESSION session, pEp_identity* test_ident) {
   442     bool retval = false;
   443     if (test_ident && test_ident->user_id) {
   444         char* def_id = NULL;
   445         get_default_own_userid(session, &def_id);
   446         if (test_ident->me || 
   447             (def_id && strcmp(def_id, test_ident->user_id) == 0)) {
   448             retval = true;
   449         }
   450         free(def_id);
   451     }
   452     return retval;
   453 }
   454 
   455 #ifndef EMPTYSTR
   456 #define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
   457 #endif
   458 
   459 #ifndef IS_PGP_CT
   460 #define IS_PGP_CT(CT) (((CT) | PEP_ct_confirmed) == PEP_ct_OpenPGP)
   461 #endif
   462 
   463 #ifndef _MIN
   464 #define _MIN(A, B) ((B) > (A) ? (A) : (B))
   465 #endif
   466 #ifndef _MAX
   467 #define _MAX(A, B) ((B) > (A) ? (B) : (A))
   468 #endif
   469 
   470 
   471 // These are globals used in generating message IDs and should only be
   472 // computed once, as they're either really constants or OS-dependent
   473 
   474 extern int _pEp_rand_max_bits;
   475 extern double _pEp_log2_36;
   476 
   477 static inline void _init_globals() {
   478     _pEp_rand_max_bits = (int) ceil(log2((double) RAND_MAX));
   479     _pEp_log2_36 = log2(36);
   480 }
   481 
   482 // spinlock implementation
   483 
   484 static inline int Sqlite3_step(sqlite3_stmt* stmt)
   485 {
   486     int rc;
   487     do {
   488         rc = sqlite3_step(stmt);
   489     } while (rc == SQLITE_BUSY || rc == SQLITE_LOCKED);
   490     return rc;
   491 }
   492