src/pEpEngine.h
author Krista Bennett <krista@pep-project.org>
Wed, 17 Jan 2018 12:23:44 +0100
branchENGINE-289
changeset 2401 f5aa974726e1
parent 2398 2365cdba8783
child 2421 0c03210e9071
permissions -rw-r--r--
ENGINE-289: added tests for myself() default user_id aliases, fixed consts in signature, fixed blacklist test issue
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #pragma once
     5 
     6 #ifdef __cplusplus
     7 extern "C" {
     8 #endif
     9 
    10 #include <stddef.h>
    11 #include <stdint.h>
    12 #include <stdbool.h>
    13 
    14 #include "dynamic_api.h"
    15 #include "stringlist.h"
    16 #include "stringpair.h"    
    17 #include "timestamp.h"
    18 
    19 #define PEP_VERSION "2.0" // protocol version
    20 
    21 #define PEP_OWN_USERID "pEp_own_userId"
    22     
    23 // pEp Engine API
    24 
    25 //  caveat:
    26 //      Unicode data has to be normalized to NFC before calling
    27 //      UTF-8 strings are UTF-8 encoded C strings (zero terminated)
    28 
    29 
    30 struct _pEpSession;
    31 typedef struct _pEpSession * PEP_SESSION;
    32 
    33 typedef enum {
    34     PEP_STATUS_OK                                   = 0,
    35 
    36     PEP_INIT_CANNOT_LOAD_GPGME                      = 0x0110,
    37     PEP_INIT_GPGME_INIT_FAILED                      = 0x0111,
    38     PEP_INIT_NO_GPG_HOME                            = 0x0112,
    39     PEP_INIT_NETPGP_INIT_FAILED                     = 0x0113,
    40 
    41     PEP_INIT_SQLITE3_WITHOUT_MUTEX                  = 0x0120,
    42     PEP_INIT_CANNOT_OPEN_DB                         = 0x0121,
    43     PEP_INIT_CANNOT_OPEN_SYSTEM_DB                  = 0x0122,
    44     
    45     PEP_KEY_NOT_FOUND                               = 0x0201,
    46     PEP_KEY_HAS_AMBIG_NAME                          = 0x0202,
    47     PEP_GET_KEY_FAILED                              = 0x0203,
    48     PEP_CANNOT_EXPORT_KEY                           = 0x0204,
    49     PEP_CANNOT_EDIT_KEY                             = 0x0205,
    50     PEP_KEY_UNSUITABLE                              = 0x0206,
    51     
    52     PEP_CANNOT_FIND_IDENTITY                        = 0x0301,
    53     PEP_CANNOT_SET_PERSON                           = 0x0381,
    54     PEP_CANNOT_SET_PGP_KEYPAIR                      = 0x0382,
    55     PEP_CANNOT_SET_IDENTITY                         = 0x0383,
    56     PEP_CANNOT_SET_TRUST                            = 0x0384,
    57     PEP_KEY_BLACKLISTED                             = 0x0385,
    58     
    59     PEP_CANNOT_FIND_ALIAS                           = 0x0391,
    60     PEP_CANNOT_SET_ALIAS                            = 0x0392,
    61     
    62     PEP_UNENCRYPTED                                 = 0x0400,
    63     PEP_VERIFIED                                    = 0x0401,
    64     PEP_DECRYPTED                                   = 0x0402,
    65     PEP_DECRYPTED_AND_VERIFIED                      = 0x0403,
    66     PEP_DECRYPT_WRONG_FORMAT                        = 0x0404,
    67     PEP_DECRYPT_NO_KEY                              = 0x0405,
    68     PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH            = 0x0406,
    69     PEP_VERIFY_NO_KEY                               = 0x0407,
    70     PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
    71     PEP_CANNOT_DECRYPT_UNKNOWN                      = 0x04ff,
    72 
    73     PEP_TRUSTWORD_NOT_FOUND                         = 0x0501,
    74     PEP_TRUSTWORDS_FPR_WRONG_LENGTH                 = 0x0502,
    75     PEP_TRUSTWORDS_DUPLICATE_FPR                    = 0x0503,
    76 
    77     PEP_CANNOT_CREATE_KEY                           = 0x0601,
    78     PEP_CANNOT_SEND_KEY                             = 0x0602,
    79 
    80     PEP_PHRASE_NOT_FOUND                            = 0x0701,
    81 
    82     PEP_SEND_FUNCTION_NOT_REGISTERED                = 0x0801,
    83     PEP_CONTRAINTS_VIOLATED                         = 0x0802,
    84     PEP_CANNOT_ENCODE                               = 0x0803,
    85 
    86     PEP_SYNC_NO_NOTIFY_CALLBACK                     = 0x0901,
    87     PEP_SYNC_ILLEGAL_MESSAGE                        = 0x0902,
    88     PEP_SYNC_NO_INJECT_CALLBACK                     = 0x0903,
    89 
    90     PEP_SEQUENCE_VIOLATED                           = 0x0970,
    91     PEP_CANNOT_INCREASE_SEQUENCE                    = 0x0971,
    92     PEP_CANNOT_SET_SEQUENCE_VALUE                   = 0x0972,
    93     PEP_OWN_SEQUENCE                                = 0x097f,
    94 
    95     PEP_SYNC_STATEMACHINE_ERROR                     = 0x0980,
    96     PEP_SYNC_NO_TRUST                               = 0x0981,
    97     PEP_STATEMACHINE_INVALID_STATE                  = 0x0982,
    98     PEP_STATEMACHINE_INVALID_EVENT                  = 0x0983,
    99     PEP_STATEMACHINE_INVALID_CONDITION              = 0x0984,
   100     PEP_STATEMACHINE_INVALID_ACTION                 = 0x0985,
   101     PEP_STATEMACHINE_INHIBITED_EVENT                = 0x0986,
   102 
   103     PEP_COMMIT_FAILED                               = 0xff01,
   104     PEP_MESSAGE_CONSUME                             = 0xff02,
   105     PEP_MESSAGE_IGNORE                              = 0xff03,
   106 
   107     PEP_RECORD_NOT_FOUND                            = -6,
   108     PEP_CANNOT_CREATE_TEMP_FILE                     = -5,
   109     PEP_ILLEGAL_VALUE                               = -4,
   110     PEP_BUFFER_TOO_SMALL                            = -3,
   111     PEP_OUT_OF_MEMORY                               = -2,
   112     PEP_UNKNOWN_ERROR                               = -1,
   113     
   114     PEP_VERSION_MISMATCH                            = -7,
   115 } PEP_STATUS;
   116 
   117 
   118 // INIT_STATUS init() - initialize pEpEngine for a thread
   119 //
   120 //  parameters:
   121 //        session (out)   init() allocates session memory and returns a pointer
   122 //                        as a handle
   123 //
   124 //  return value:
   125 //        PEP_STATUS_OK = 0                 if init() succeeds
   126 //        PEP_INIT_SQLITE3_WITHOUT_MUTEX    if SQLite3 was compiled with
   127 //                                            SQLITE_THREADSAFE 0
   128 //        PEP_INIT_CANNOT_LOAD_GPGME        if libgpgme.dll cannot be found
   129 //        PEP_INIT_GPGME_INIT_FAILED        if GPGME init fails
   130 //        PEP_INIT_CANNOT_OPEN_DB           if user's management db cannot be
   131 //                                            opened
   132 //        PEP_INIT_CANNOT_OPEN_SYSTEM_DB    if system's management db cannot be
   133 //                                            opened
   134 //
   135 //  caveat:
   136 //      THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. release() should
   137 //      be similarly guarded.
   138 //
   139 //      the pointer is valid only if the return value is PEP_STATUS_OK
   140 //      in other case a NULL pointer will be returned; a valid handle must
   141 //      be released using release() when it's no longer needed
   142 //
   143 //      the caller has to guarantee that the first call to this function
   144 //      will succeed before further calls can be done
   145 
   146 DYNAMIC_API PEP_STATUS init(PEP_SESSION *session);
   147 
   148 
   149 // void release() - release thread session handle
   150 //
   151 //  parameters:
   152 //        session (in)    session handle to release
   153 //
   154 //    caveat:
   155 //        THE CALLER MUST GUARD THIS CALL EXTERNALLY WITH A MUTEX. init() should
   156 //        be similarly guarded.
   157 //       
   158 //        the last release() can be called only when all other release() calls
   159 //        are done
   160 
   161 DYNAMIC_API void release(PEP_SESSION session);
   162 
   163 
   164 // const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any
   165 //
   166 //  parameters:
   167 //        session (in)    session handle
   168 //
   169 //    caveat:
   170 //        To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK
   171 //        The error stack belongs to the session. Do no not change it!
   172 DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session);
   173 
   174 
   175 // void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any
   176 //
   177 //  parameters:
   178 //        session (in)    session handle
   179 //
   180 DYNAMIC_API void clear_errorstack(PEP_SESSION session);
   181 
   182 
   183 // config_passive_mode() - enable passive mode
   184 //
   185 //  parameters:
   186 //      session (in)    session handle
   187 //      enable (in)     flag if enabled or disabled
   188 
   189 DYNAMIC_API void config_passive_mode(PEP_SESSION session, bool enable);
   190 
   191 
   192 // config_unencrypted_subject() - disable subject encryption
   193 //
   194 //  parameters:
   195 //      session (in)    session handle
   196 //      enable (in)     flag if enabled or disabled
   197 
   198 DYNAMIC_API void config_unencrypted_subject(PEP_SESSION session, bool enable);
   199 
   200 
   201 // config_use_only_own_private_keys() - enable passive mode
   202 //
   203 //  parameters:
   204 //      session (in)    session handle
   205 //      enable (in)     flag if enabled or disabled
   206 
   207 DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session, bool enable);
   208 
   209 
   210 // config_keep_sync_msg() - do not remove sync messages (for debugging purposes)
   211 //
   212 //      session (in)    session handle
   213 //      enable (in)     flag if enabled or disabled
   214 
   215 DYNAMIC_API void config_keep_sync_msg(PEP_SESSION session, bool enable);
   216 
   217 
   218 // config_service_log() - log more for service purposes
   219 //
   220 //      session (in)    session handle
   221 //      enable (in)     flag if enabled or disabled
   222 
   223 DYNAMIC_API void config_service_log(PEP_SESSION session, bool enable);
   224 
   225 
   226 // decrypt_and_verify() - decrypt and/or verify a message
   227 //
   228 //    parameters:
   229 //        session (in)    session handle
   230 //        ctext (in)      cipher text to decrypt and/or verify
   231 //        csize (in)      size of cipher text
   232 //        dsigtext (in)   if extant, *detached* signature text for this
   233 //                        message (or NULL if not)
   234 //        dsize (in)      size of *detached* signature text for this
   235 //                        message (0, if no detached sig exists)
   236 //        ptext (out)     pointer to internal buffer with plain text
   237 //        psize (out)     size of plain text
   238 //        keylist (out)   list of key ids which where used to encrypt
   239 //
   240 //    return value:
   241 //        PEP_UNENCRYPTED               message was unencrypted and not signed
   242 //        PEP_VERIFIED                  message was unencrypted, signature matches
   243 //        PEP_DECRYPTED                 message is decrypted now, no signature
   244 //        PEP_DECRYPTED_AND_VERIFIED    message is decrypted now and verified
   245 //        PEP_DECRYPT_WRONG_FORMAT      message has wrong format to handle
   246 //        PEP_DECRYPT_NO_KEY            key not available to decrypt and/or verify
   247 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   248 //
   249 //    caveat:
   250 //        the ownerships of ptext as well as keylist are going to the caller
   251 //        the caller must use free() (or an Windoze pEp_free()) and
   252 //        free_stringlist() to free them
   253 //
   254 //      if this function failes an error message may be the first element of
   255 //      keylist and the other elements may be the keys used for encryption
   256 
   257 DYNAMIC_API PEP_STATUS decrypt_and_verify(
   258         PEP_SESSION session, const char *ctext, size_t csize,
   259         const char *dsigtext, size_t dsigsize,
   260         char **ptext, size_t *psize, stringlist_t **keylist
   261     );
   262 
   263 
   264 // verify_text() - verfy plain text with a digital signature
   265 //
   266 //  parameters:
   267 //      session (in)    session handle
   268 //      text (in)       text to verify
   269 //      size (in)       size of text
   270 //      signature (in)  signature text
   271 //      sig_size (in)   size of signature
   272 //      keylist (out)   list of key ids which where used to encrypt or NULL on
   273 //                        error
   274 //
   275 //  return value:
   276 //        PEP_VERIFIED                message was unencrypted, signature matches
   277 //        PEP_DECRYPT_NO_KEY          key not available to decrypt and/or verify
   278 //        PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH    wrong signature
   279 
   280 DYNAMIC_API PEP_STATUS verify_text(
   281         PEP_SESSION session, const char *text, size_t size,
   282         const char *signature, size_t sig_size, stringlist_t **keylist
   283     );
   284 
   285 
   286 // encrypt_and_sign() - encrypt and sign a message
   287 //
   288 //    parameters:
   289 //        session (in)    session handle
   290 //        keylist (in)    list of key ids to encrypt with as C strings
   291 //        ptext (in)      plain text to decrypt and/or verify
   292 //        psize (in)      size of plain text
   293 //        ctext (out)     pointer to internal buffer with cipher text
   294 //        csize (out)     size of cipher text
   295 //
   296 //    return value:
   297 //        PEP_STATUS_OK = 0            encryption and signing succeeded
   298 //        PEP_KEY_NOT_FOUND            at least one of the receipient keys
   299 //                                     could not be found
   300 //        PEP_KEY_HAS_AMBIG_NAME       at least one of the receipient keys has
   301 //                                     an ambiguous name
   302 //        PEP_GET_KEY_FAILED           cannot retrieve key
   303 //
   304 //    caveat:
   305 //      the ownership of ctext is going to the caller
   306 //      the caller is responsible to free() it (on Windoze use pEp_free())
   307 //      the first key in keylist is being used to sign the message
   308 //      this implies there has to be a private key for that keypair
   309 
   310 DYNAMIC_API PEP_STATUS encrypt_and_sign(
   311         PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
   312         size_t psize, char **ctext, size_t *csize
   313     );
   314 
   315 
   316 // log_event() - log a user defined event defined by UTF-8 encoded strings into
   317 // management log
   318 //
   319 //    parameters:
   320 //        session (in)        session handle
   321 //        title (in)          C string with event name
   322 //        entity (in)         C string with name of entity which is logging
   323 //        description (in)    C string with long description for event or NULL if
   324 //                            omitted
   325 //        comment (in)        C string with user defined comment or NULL if
   326 //                            omitted
   327 //
   328 //    return value:
   329 //        PEP_STATUS_OK       log entry created
   330 
   331 DYNAMIC_API PEP_STATUS log_event(
   332         PEP_SESSION session,
   333         const char *title,
   334         const char *entity,
   335         const char *description,
   336         const char *comment
   337     );
   338 
   339 
   340 DYNAMIC_API PEP_STATUS log_service(PEP_SESSION session, const char *title,
   341         const char *entity, const char *description, const char *comment);
   342 
   343 #define _STR_(x) #x
   344 #define _D_STR_(x) _STR_(x)
   345 #define S_LINE _D_STR_(__LINE__)
   346 
   347 #define SERVICE_LOG(session, title, entity, desc) \
   348     log_service((session), (title), (entity), (desc), "service " __FILE__ ":" S_LINE)
   349 
   350 
   351 // trustword() - get the corresponding trustword for a 16 bit value
   352 //
   353 //    parameters:
   354 //        session (in)            session handle
   355 //        value (in)              value to find a trustword for
   356 //        lang (in)               C string with ISO 639-1 language code
   357 //        word (out)              pointer to C string with trustword UTF-8 encoded
   358 //                                NULL if language is not supported or trustword
   359 //                                wordlist is damaged or unavailable
   360 //        wsize (out)             length of trustword
   361 //
   362 //    return value:
   363 //        PEP_STATUS_OK            trustword retrieved
   364 //        PEP_TRUSTWORD_NOT_FOUND  trustword not found
   365 //
   366 //    caveat:
   367 //        the word pointer goes to the ownership of the caller
   368 //      the caller is responsible to free() it (on Windoze use pEp_free())
   369 
   370 DYNAMIC_API PEP_STATUS trustword(
   371             PEP_SESSION session, uint16_t value, const char *lang,
   372             char **word, size_t *wsize
   373         );
   374 
   375 
   376 // trustwords() - get trustwords for a string of hex values of a fingerprint
   377 //
   378 //    parameters:
   379 //        session (in)        session handle
   380 //        fingerprint (in)    C string with hex values to find trustwords for
   381 //        lang (in)           C string with ISO 639-1 language code
   382 //        words (out)         pointer to C string with trustwords UTF-8 encoded,
   383 //                            separated by a blank each
   384 //                            NULL if language is not supported or trustword
   385 //                            wordlist is damaged or unavailable
   386 //        wsize (out)         length of trustwords string
   387 //        max_words (in)      only generate a string with max_words;
   388 //                            if max_words == 0 there is no such limit
   389 //
   390 //    return value:
   391 //        PEP_STATUS_OK            trustwords retrieved
   392 //        PEP_OUT_OF_MEMORY        out of memory
   393 //        PEP_TRUSTWORD_NOT_FOUND  at least one trustword not found
   394 //
   395 //    caveat:
   396 //        the word pointer goes to the ownership of the caller
   397 //      the caller is responsible to free() it (on Windoze use pEp_free())
   398 //
   399 //  DON'T USE THIS FUNCTION FROM HIGH LEVEL LANGUAGES!
   400 //
   401 //  Better implement a simple one in the adapter yourself using trustword(), and
   402 //  return a list of trustwords.
   403 //  This function is provided for being used by C and C++ programs only.
   404 
   405 DYNAMIC_API PEP_STATUS trustwords(
   406         PEP_SESSION session, const char *fingerprint, const char *lang,
   407         char **words, size_t *wsize, int max_words
   408     );
   409 
   410 
   411 // TODO: increase versions in pEp.asn1 if rating changes
   412 
   413 typedef enum _PEP_comm_type {
   414     PEP_ct_unknown = 0,
   415 
   416     // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
   417 
   418     PEP_ct_no_encryption = 0x01,                // generic
   419     PEP_ct_no_encrypted_channel = 0x02,
   420     PEP_ct_key_not_found = 0x03,
   421     PEP_ct_key_expired = 0x04,
   422     PEP_ct_key_revoked = 0x05,
   423     PEP_ct_key_b0rken = 0x06,
   424     PEP_ct_my_key_not_included = 0x09,
   425 
   426     PEP_ct_security_by_obscurity = 0x0a,
   427     PEP_ct_b0rken_crypto = 0x0b,
   428     PEP_ct_key_too_short = 0x0c,
   429 
   430     PEP_ct_compromized = 0x0e,                  // known compromized connection
   431     PEP_ct_mistrusted = 0x0f,                   // known mistrusted key
   432 
   433     // range 0x10 to 0x3f: unconfirmed encryption
   434 
   435     PEP_ct_unconfirmed_encryption = 0x10,       // generic
   436     PEP_ct_OpenPGP_weak_unconfirmed = 0x11,     // RSA 1024 is weak
   437 
   438     PEP_ct_to_be_checked = 0x20,                // generic
   439     PEP_ct_SMIME_unconfirmed = 0x21,
   440     PEP_ct_CMS_unconfirmed = 0x22,
   441 
   442     PEP_ct_strong_but_unconfirmed = 0x30,       // generic
   443     PEP_ct_OpenPGP_unconfirmed = 0x38,          // key at least 2048 bit RSA or EC
   444     PEP_ct_OTR_unconfirmed = 0x3a,
   445 
   446     // range 0x40 to 0x7f: unconfirmed encryption and anonymization
   447 
   448     PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
   449     PEP_ct_pEp_unconfirmed = 0x7f,
   450 
   451     PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
   452 
   453     // range 0x81 to 0x8f: reserved
   454     // range 0x90 to 0xbf: confirmed encryption
   455 
   456     PEP_ct_confirmed_encryption = 0x90,         // generic
   457     PEP_ct_OpenPGP_weak = 0x91,                 // RSA 1024 is weak (unused)
   458 
   459     PEP_ct_to_be_checked_confirmed = 0xa0,      //generic
   460     PEP_ct_SMIME = 0xa1,
   461     PEP_ct_CMS = 0xa2,
   462 
   463     PEP_ct_strong_encryption = 0xb0,            // generic
   464     PEP_ct_OpenPGP = 0xb8,                      // key at least 2048 bit RSA or EC
   465     PEP_ct_OTR = 0xba,
   466 
   467     // range 0xc0 to 0xff: confirmed encryption and anonymization
   468 
   469     PEP_ct_confirmed_enc_anon = 0xc0,           // generic
   470     PEP_ct_pEp = 0xff
   471 } PEP_comm_type;
   472 
   473 typedef enum _identity_flags {
   474     // the first octet flags are app defined settings
   475     PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
   476     PEP_idf_list = 0x0002,           // identity of list of persons
   477     // the second octet flags are calculated
   478     PEP_idf_devicegroup = 0x0100     // identity of a device group member
   479 } identity_flags;
   480 
   481 typedef unsigned int identity_flags_t;
   482 
   483 // typedef enum _keypair_flags {
   484 // } keypair_flags;
   485 
   486 typedef unsigned int keypair_flags_t;
   487 
   488 typedef struct _pEp_identity {
   489     char *address;              // C string with address UTF-8 encoded
   490     char *fpr;                  // C string with fingerprint UTF-8 encoded
   491     char *user_id;              // C string with user ID UTF-8 encoded
   492                                 // user_id MIGHT be set to "pEp_own_userId"
   493                                 // (use PEP_OWN_USERID preprocessor define)
   494                                 // if this is own user's identity.
   495                                 // But it is not REQUIRED to be.
   496     char *username;             // C string with user name UTF-8 encoded
   497     PEP_comm_type comm_type;    // type of communication with this ID
   498     char lang[3];               // language of conversation
   499                                 // ISO 639-1 ALPHA-2, last byte is 0
   500     bool me;                    // if this is the local user herself/himself
   501     identity_flags_t flags;     // identity_flag1 | identity_flag2 | ...
   502 } pEp_identity;
   503 
   504 typedef struct _identity_list {
   505     pEp_identity *ident;
   506     struct _identity_list *next;
   507 } identity_list;
   508 
   509 
   510 // new_identity() - allocate memory and set the string and size fields
   511 //
   512 //  parameters:
   513 //      address (in)        UTF-8 string or NULL 
   514 //      fpr (in)            UTF-8 string or NULL 
   515 //      user_id (in)        UTF-8 string or NULL 
   516 //      username (in)       UTF-8 string or NULL 
   517 //
   518 //  return value:
   519 //      pEp_identity struct or NULL if out of memory
   520 //
   521 //  caveat:
   522 //      the strings are copied; the original strings are still being owned by
   523 //      the caller
   524 
   525 DYNAMIC_API pEp_identity *new_identity(
   526         const char *address, const char *fpr, const char *user_id,
   527         const char *username
   528     );
   529 
   530 
   531 // identity_dup() - allocate memory and duplicate
   532 //
   533 //  parameters:
   534 //      src (in)            identity to duplicate
   535 //
   536 //  return value:
   537 //      pEp_identity struct or NULL if out of memory
   538 //
   539 //  caveat:
   540 //      the strings are copied; the original strings are still being owned by
   541 //      the caller
   542 
   543 DYNAMIC_API pEp_identity *identity_dup(const pEp_identity *src);
   544 
   545 
   546 // free_identity() - free all memory being occupied by a pEp_identity struct
   547 //
   548 //  parameters:
   549 //      identity (in)       struct to release
   550 //
   551 //  caveat:
   552 //      not only the struct but also all string memory referenced by the
   553 //      struct is being freed; all pointers inside are invalid afterwards
   554 
   555 DYNAMIC_API void free_identity(pEp_identity *identity);
   556 
   557 
   558 // get_identity() - get identity information
   559 //
   560 //    parameters:
   561 //        session (in)        session handle
   562 //        address (in)        C string with communication address, UTF-8 encoded
   563 //        user_id (in)        unique C string to identify person that identity
   564 //                            is refering to
   565 //        identity (out)      pointer to pEp_identity structure with results or
   566 //                            NULL if failure
   567 //
   568 //    caveat:
   569 //        address and user_id are being copied; the original strings remains in
   570 //        the ownership of the caller
   571 //        the resulting pEp_identity structure goes to the ownership of the
   572 //        caller and has to be freed with free_identity() when not in use any
   573 //        more
   574 
   575 DYNAMIC_API PEP_STATUS get_identity(
   576         PEP_SESSION session,
   577         const char *address,
   578         const char *user_id,
   579         pEp_identity **identity
   580     );
   581 
   582 PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
   583                                  const char* old_fpr, 
   584                                  const char* new_fpr); 
   585 
   586 
   587 // set_identity() - set identity information
   588 //
   589 //    parameters:
   590 //        session (in)        session handle
   591 //        identity (in)       pointer to pEp_identity structure
   592 //
   593 //    return value:
   594 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   595 //        PEP_CANNOT_SET_PERSON         writing to table person failed
   596 //        PEP_CANNOT_SET_PGP_KEYPAIR    writing to table pgp_keypair failed
   597 //        PEP_CANNOT_SET_IDENTITY       writing to table identity failed
   598 //        PEP_COMMIT_FAILED             SQL commit failed
   599 //        PEP_KEY_BLACKLISTED           Key blacklisted, cannot set identity
   600 //
   601 //    caveat:
   602 //        address, fpr, user_id and username must be given
   603 
   604 DYNAMIC_API PEP_STATUS set_identity(
   605         PEP_SESSION session, const pEp_identity *identity
   606     );
   607 
   608 // get_default own_userid() - get the user_id of the own user
   609 //
   610 //    parameters:
   611 //        session (in)        session handle
   612 //        userid  (out)       own user id (if it exists)
   613 //
   614 //    return value:
   615 //        PEP_STATUS_OK = 0             userid was found
   616 //        PEP_CANNOT_FIND_IDENTITY      no own_user found in the DB
   617 //        PEP_UNKNOWN_ERROR             results were returned, but no ID
   618 //                                      found (no reason this should ever occur)
   619 //    caveat:
   620 //        userid will be NULL if not found; otherwise, returned string
   621 //        belongs to the caller.
   622 
   623 DYNAMIC_API PEP_STATUS get_default_own_userid(
   624         PEP_SESSION session, 
   625         char** userid
   626     );
   627 
   628 // get_userid_alias_default() - get the default user_id which corresponds
   629 //                              to an alias
   630 //    parameters:
   631 //        session (in)        session handle
   632 //        alias_id (in)       the user_id which may be an alias for a default id
   633 //        default_id (out)    the default id for this alias, if the alias
   634 //                            is in the DB as an alias, else NULL
   635 //    return value:
   636 //        PEP_STATUS_OK = 0             userid was found
   637 //        PEP_CANNOT_FIND_ALIAS         this userid is not listed as an 
   638 //                                      alias in the DB
   639 //        PEP_UNKNOWN_ERROR             results were returned, but no ID
   640 //                                      found (no reason this should ever occur)
   641 //    caveat:
   642 //        default_id will be NULL if not found; otherwise, returned string
   643 //        belongs to the caller.
   644 //        also, current implementation does NOT check to see if this userid
   645 //        IS a default.
   646 
   647 DYNAMIC_API PEP_STATUS get_userid_alias_default(
   648         PEP_SESSION session, 
   649         const char* alias_id,
   650         char** default_id);
   651 
   652 // set_userid_alias() - set an alias to correspond to a default id
   653 //    parameters:
   654 //        session (in)        session handle
   655 //        default_id (in)     the default id for this alias. This must
   656 //                            correspond to the default user_id for an
   657 //                            entry in the person (user) table.
   658 //        alias_id (in)       the alias to be set for this default id
   659 //    return value:
   660 //        PEP_STATUS_OK = 0             userid was found
   661 //        PEP_CANNOT_SET_ALIAS          there was an error setting this
   662 
   663 DYNAMIC_API PEP_STATUS set_userid_alias (
   664         PEP_SESSION session, 
   665         const char* default_id,
   666         const char* alias_id);
   667 
   668 // set_device_group() - update own person's device group
   669 //
   670 //    parameters:
   671 //        session (in)        session handle
   672 //        group_name (in)     new group name
   673 //
   674 //    return value:
   675 //        PEP_STATUS_OK = 0             device group was updated
   676 //        PEP_CANNOT_SET_PERSON         update failed
   677 
   678 DYNAMIC_API PEP_STATUS set_device_group(
   679         PEP_SESSION session,
   680         const char *group_name
   681     );
   682 
   683 // get_device_group() - get own person's device group
   684 //
   685 //    parameters:
   686 //        session (in)        session handle
   687 //        group_name (in)     new group name
   688 //
   689 //    return value:
   690 //        PEP_STATUS_OK = 0             couldn't get device group
   691 //        PEP_RECORD_NOT_FOUND          update failed
   692 //
   693 //    caveat:
   694 //        the ownerships of group_name is going to the caller
   695 
   696 DYNAMIC_API PEP_STATUS get_device_group(
   697         PEP_SESSION session, 
   698         char **group_name
   699     );
   700 
   701 // set_identity_flags() - update identity flags on existing identity
   702 //
   703 //    parameters:
   704 //        session (in)        session handle
   705 //        identity (in,out)   pointer to pEp_identity structure
   706 //        flags (in)          new value for flags
   707 //
   708 //    return value:
   709 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   710 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   711 //
   712 //    caveat:
   713 //        address and user_id must be given in identity
   714 
   715 DYNAMIC_API PEP_STATUS set_identity_flags(
   716         PEP_SESSION session,
   717         pEp_identity *identity,
   718         identity_flags_t flags
   719     );
   720 
   721 // unset_identity_flags() - update identity flags on existing identity
   722 //
   723 //    parameters:
   724 //        session (in)        session handle
   725 //        identity (in,out)   pointer to pEp_identity structure
   726 //        flags (in)          new value for flags
   727 //
   728 //    return value:
   729 //        PEP_STATUS_OK = 0             encryption and signing succeeded
   730 //        PEP_CANNOT_SET_IDENTITY       update of identity failed
   731 //
   732 //    caveat:
   733 //        address and user_id must be given in identity
   734 
   735 DYNAMIC_API PEP_STATUS unset_identity_flags(
   736         PEP_SESSION session,
   737         pEp_identity *identity,
   738         identity_flags_t flags
   739     );
   740 
   741 // mark_as_compromized() - mark key in trust db as compromized
   742 //
   743 //    parameters:
   744 //        session (in)        session handle
   745 //        fpr (in)            fingerprint of key to mark
   746 
   747 DYNAMIC_API PEP_STATUS mark_as_compromized(
   748         PEP_SESSION session,
   749         const char *fpr
   750     );
   751 
   752 
   753 // generate_keypair() - generate a new key pair and add it to the key ring
   754 //
   755 //  parameters:
   756 //      session (in)            session handle
   757 //        identity (inout)      pointer to pEp_identity structure
   758 //
   759 //    return value:
   760 //        PEP_STATUS_OK = 0       encryption and signing succeeded
   761 //        PEP_ILLEGAL_VALUE       illegal values for identity fields given
   762 //        PEP_CANNOT_CREATE_KEY   key engine is on strike
   763 //
   764 //  caveat:
   765 //      address and username fields must be set to UTF-8 strings
   766 //      the fpr field must be set to NULL
   767 //
   768 //      this function allocates a string and sets set fpr field of identity
   769 //      the caller is responsible to call free() for that string or use
   770 //      free_identity() on the struct
   771 
   772 DYNAMIC_API PEP_STATUS generate_keypair(
   773         PEP_SESSION session, pEp_identity *identity
   774     );
   775 
   776 
   777 // delete_keypair() - delete a public key or a key pair from the key ring
   778 //
   779 //  parameters:
   780 //      session (in)            session handle
   781 //      fpr (in)                C string with key id or fingerprint of the
   782 //                              public key
   783 //
   784 //  return value:
   785 //      PEP_STATUS_OK = 0       key was successfully deleted
   786 //      PEP_KEY_NOT_FOUND       key not found
   787 //      PEP_ILLEGAL_VALUE       not a valid key id or fingerprint
   788 //      PEP_KEY_HAS_AMBIG_NAME  fpr does not uniquely identify a key
   789 //      PEP_OUT_OF_MEMORY       out of memory
   790 
   791 DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr);
   792 
   793 
   794 // import_key() - import key from data
   795 //
   796 //  parameters:
   797 //      session (in)            session handle
   798 //      key_data (in)           key data, i.e. ASCII armored OpenPGP key
   799 //      size (in)               amount of data to handle
   800 //      private_keys (out)      list of private keys that have been imported
   801 //
   802 //  return value:
   803 //      PEP_STATUS_OK = 0       key was successfully imported
   804 //      PEP_OUT_OF_MEMORY       out of memory
   805 //      PEP_ILLEGAL_VALUE       there is no key data to import
   806 //
   807 //  caveat:
   808 //      private_keys goes to the ownership of the caller
   809 //      private_keys can be left NULL, it is then ignored
   810 
   811 DYNAMIC_API PEP_STATUS import_key(
   812         PEP_SESSION session,
   813         const char *key_data,
   814         size_t size,
   815         identity_list **private_keys
   816     );
   817 
   818 
   819 // export_key() - export ascii armored key
   820 //
   821 //  parameters:
   822 //      session (in)            session handle
   823 //      fpr (in)                key id or fingerprint of key
   824 //      key_data (out)          ASCII armored OpenPGP key
   825 //      size (out)              amount of data to handle
   826 //
   827 //  return value:
   828 //      PEP_STATUS_OK = 0       key was successfully exported
   829 //      PEP_OUT_OF_MEMORY       out of memory
   830 //      PEP_KEY_NOT_FOUND       key not found
   831 //
   832 //  caveat:
   833 //      the key_data goes to the ownership of the caller
   834 //      the caller is responsible to free() it (on Windoze use pEp_free())
   835 
   836 DYNAMIC_API PEP_STATUS export_key(
   837         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   838     );
   839 
   840 
   841 // export_secret_key() - export secret key ascii armored
   842 //
   843 //  parameters:
   844 //      session (in)            session handle
   845 //      fpr (in)                fingerprint of key, at least 16 hex digits
   846 //      key_data (out)          ASCII armored OpenPGP secret key
   847 //      size (out)              amount of data to handle
   848 //
   849 //  return value:
   850 //      PEP_STATUS_OK = 0       key was successfully exported
   851 //      PEP_OUT_OF_MEMORY       out of memory
   852 //      PEP_KEY_NOT_FOUND       key not found
   853 //      PEP_CANNOT_EXPORT_KEY   cannot export secret key (i.e. it's on an HKS)
   854 //
   855 //  caveat:
   856 //      the key_data goes to the ownership of the caller
   857 //      the caller is responsible to free() it (on Windoze use pEp_free())
   858 //      beware of leaking secret key data - overwrite it in memory after use
   859 
   860 DYNAMIC_API PEP_STATUS export_secrect_key(
   861         PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   862     );
   863 
   864 
   865 // recv_key() - update key(s) from keyserver
   866 //
   867 //  parameters:
   868 //      session (in)            session handle
   869 //      pattern (in)            key id, user id or address to search for as
   870 //                              UTF-8 string
   871 
   872 DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern);
   873 
   874 
   875 // find_keys() - find keys in keyring
   876 //
   877 //  parameters:
   878 //      session (in)            session handle
   879 //      pattern (in)            key id, user id or address to search for as
   880 //                              UTF-8 string
   881 //      keylist (out)           list of fingerprints found or NULL on error
   882 //
   883 //  caveat:
   884 //        the ownerships of keylist isgoing to the caller
   885 //        the caller must use free_stringlist() to free it
   886 
   887 
   888 DYNAMIC_API PEP_STATUS find_keys(
   889         PEP_SESSION session, const char *pattern, stringlist_t **keylist
   890     );
   891 
   892 // send_key() - send key(s) to keyserver
   893 //
   894 //  parameters:
   895 //      session (in)            session handle
   896 //      pattern (in)            key id, user id or address to search for as
   897 //                              UTF-8 string
   898 
   899 DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern);
   900 
   901 
   902 // pEp_free() - free memory allocated by pEp engine
   903 //
   904 //  parameters:
   905 //      p (in)                  pointer to free
   906 //
   907 //  The reason for this function is that heap management can be a pretty
   908 //  complex task with Windoze. This free() version calls the free()
   909 //  implementation of the C runtime library which was used to build pEp engine,
   910 //  so you're using the correct heap. For more information, see:
   911 //  <http://msdn.microsoft.com/en-us/library/windows/desktop/aa366711(v=vs.85).aspx>
   912 
   913 DYNAMIC_API void pEp_free(void *p);
   914 
   915 
   916 // get_trust() - get the trust level a key has for a person
   917 //
   918 //  parameters:
   919 //      session (in)            session handle
   920 //      identity (inout)        user_id and fpr to check as UTF-8 strings (in)
   921 //                              comm_type as result (out)
   922 //
   923 //  this function modifies the given identity struct; the struct remains in
   924 //  the ownership of the caller
   925 //  if the trust level cannot be determined identity->comm_type is set
   926 //  to PEP_ct_unknown
   927 
   928 DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
   929 
   930 
   931 PEP_STATUS set_trust(PEP_SESSION session, 
   932                             const char* user_id,
   933                             const char* fpr, 
   934                             PEP_comm_type comm_type);
   935                             
   936 PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
   937                                 const char* fpr, 
   938                                 PEP_comm_type comm_type);
   939 
   940 // least_trust() - get the least known trust level for a key in the database
   941 //
   942 //  parameters:
   943 //      session (in)            session handle
   944 //      fpr (in)                fingerprint of key to check
   945 //      comm_type (out)         least comm_type as result (out)
   946 //
   947 //  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
   948 
   949 DYNAMIC_API PEP_STATUS least_trust(
   950         PEP_SESSION session,
   951         const char *fpr,
   952         PEP_comm_type *comm_type
   953     );
   954 
   955 
   956 // get_key_rating() - get the rating a bare key has
   957 //
   958 //  parameters:
   959 //      session (in)            session handle
   960 //      fpr (in)                unique identifyer for key as UTF-8 string
   961 //      comm_type (out)         key rating
   962 //
   963 //  if an error occurs, *comm_type is set to PEP_ct_unknown and an error
   964 //  is returned
   965 
   966 DYNAMIC_API PEP_STATUS get_key_rating(
   967         PEP_SESSION session,
   968         const char *fpr,
   969         PEP_comm_type *comm_type
   970     );
   971 
   972 
   973 // renew_key() - renew an expired key
   974 //
   975 //  parameters:
   976 //      session (in)            session handle
   977 //      fpr (in)                ID of key to renew as UTF-8 string
   978 //      ts (in)                 timestamp when key should expire or NULL for
   979 //                              default
   980 
   981 DYNAMIC_API PEP_STATUS renew_key(
   982         PEP_SESSION session,
   983         const char *fpr,
   984         const timestamp *ts
   985     );
   986 
   987 
   988 // revoke_key() - revoke a key
   989 //
   990 //  parameters:
   991 //      session (in)            session handle
   992 //      fpr (in)                ID of key to revoke as UTF-8 string
   993 //      reason (in)             text with reason for revoke as UTF-8 string
   994 //                              or NULL if reason unknown
   995 //
   996 //  caveat:
   997 //      reason text must not include empty lines
   998 //      this function is meant for internal use only; better use
   999 //      key_mistrusted() of keymanagement API
  1000 
  1001 DYNAMIC_API PEP_STATUS revoke_key(
  1002         PEP_SESSION session,
  1003         const char *fpr,
  1004         const char *reason
  1005     );
  1006 
  1007 
  1008 // key_expired() - flags if a key is already expired
  1009 //
  1010 //  parameters:
  1011 //      session (in)            session handle
  1012 //      fpr (in)                ID of key to check as UTF-8 string
  1013 //      when (in)               UTC time of when should expiry be considered
  1014 //      expired (out)           flag if key expired
  1015 
  1016 DYNAMIC_API PEP_STATUS key_expired(
  1017         PEP_SESSION session,
  1018         const char *fpr,
  1019         const time_t when,
  1020         bool *expired
  1021     );
  1022 
  1023     
  1024 // key_revoked() - flags if a key is already revoked
  1025 //
  1026 //  parameters:
  1027 //      session (in)            session handle
  1028 //      fpr (in)                ID of key to check as UTF-8 string
  1029 //      revoked (out)           flag if key revoked
  1030 
  1031 DYNAMIC_API PEP_STATUS key_revoked(
  1032         PEP_SESSION session,
  1033         const char *fpr,
  1034         bool *revoked
  1035     );
  1036 
  1037 PEP_STATUS get_key_userids(
  1038         PEP_SESSION session,
  1039         const char* fpr,
  1040         stringlist_t** keylist
  1041     );
  1042 
  1043 
  1044 // get_crashdump_log() - get the last log messages out
  1045 //
  1046 //  parameters:
  1047 //      session (in)            session handle
  1048 //      maxlines (in)           maximum number of lines (0 for default)
  1049 //      logdata (out)           logdata as string in double quoted CSV format
  1050 //                              column1 is title
  1051 //                              column2 is entity
  1052 //                              column3 is description
  1053 //                              column4 is comment
  1054 //
  1055 //  caveat:
  1056 //      the ownership of logdata goes to the caller
  1057 
  1058 DYNAMIC_API PEP_STATUS get_crashdump_log(
  1059         PEP_SESSION session,
  1060         int maxlines,
  1061         char **logdata
  1062     );
  1063 
  1064 
  1065 // get_languagelist() - get the list of languages
  1066 //
  1067 //  parameters:
  1068 //      session (in)            session handle
  1069 //      languages (out)         languages as string in double quoted CSV format
  1070 //                              column 1 is the ISO 639-1 language code
  1071 //                              column 2 is the name of the language
  1072 //
  1073 //  caveat:
  1074 //      the ownership of languages goes to the caller
  1075 
  1076 DYNAMIC_API PEP_STATUS get_languagelist(
  1077         PEP_SESSION session,
  1078         char **languages
  1079     );
  1080 
  1081 
  1082 // get_phrase() - get phrase in a dedicated language through i18n
  1083 //
  1084 //  parameters:
  1085 //      session (in)            session handle
  1086 //      lang (in)               C string with ISO 639-1 language code
  1087 //      phrase_id (in)          id of phrase in i18n
  1088 //      phrase (out)            phrase as UTF-8 string
  1089 //
  1090 //  caveat:
  1091 //      the ownership of phrase goes to the caller
  1092 
  1093 DYNAMIC_API PEP_STATUS get_phrase(
  1094         PEP_SESSION session,
  1095         const char *lang,
  1096         int phrase_id,
  1097         char **phrase
  1098     );
  1099 
  1100 
  1101 // sequence_value() - raise the value of a named sequence and retrieve it
  1102 //
  1103 //  parameters:
  1104 //      session (in)            session handle
  1105 //      name (inout)            name of sequence or char[37] set to {0, }
  1106 //                              for new own sequence named as UUID
  1107 //      value (inout)           value of sequence value to test or 0 for
  1108 //                              getting next value
  1109 //
  1110 //  returns:
  1111 //      PEP_STATUS_OK                   no error, not own sequence
  1112 //      PEP_SEQUENCE_VIOLATED           if sequence violated
  1113 //      PEP_CANNOT_INCREASE_SEQUENCE    if sequence cannot be increased
  1114 //      PEP_OWN_SEQUENCE                if own sequence
  1115 
  1116 DYNAMIC_API PEP_STATUS sequence_value(
  1117         PEP_SESSION session,
  1118         char *name,
  1119         int32_t *value
  1120     );
  1121 
  1122 
  1123 // set_revoked() - records relation between a revoked key and its replacement
  1124 //
  1125 //  parameters:
  1126 //      session (in)            session handle
  1127 //      revoked_fpr (in)        revoked fingerprint
  1128 //      replacement_fpr (in)    replacement key fingerprint
  1129 //      revocation_date (in)    revocation date
  1130 
  1131 DYNAMIC_API PEP_STATUS set_revoked(
  1132        PEP_SESSION session,
  1133        const char *revoked_fpr,
  1134        const char *replacement_fpr,
  1135        const uint64_t revocation_date
  1136     );
  1137 
  1138 
  1139 // get_revoked() - find revoked key that may have been replaced by given key, if any
  1140 //
  1141 //  parameters:
  1142 //      session (in)            session handle
  1143 //      fpr (in)                given fingerprint
  1144 //      revoked_fpr (out)       revoked fingerprint
  1145 //      revocation_date (out)   revocation date
  1146     
  1147 DYNAMIC_API PEP_STATUS get_revoked(
  1148         PEP_SESSION session,
  1149         const char *fpr,
  1150         char **revoked_fpr,
  1151         uint64_t *revocation_date
  1152     );
  1153 
  1154 
  1155 // key_created() - get creation date of a key
  1156 //
  1157 //  parameters:
  1158 //      session (in)            session handle
  1159 //      fpr (in)                fingerprint of key
  1160 //      created (out)           date of creation
  1161 
  1162 PEP_STATUS key_created(
  1163         PEP_SESSION session,
  1164         const char *fpr,
  1165         time_t *created
  1166     );
  1167 
  1168 
  1169 // find_private_keys() - find keys in keyring
  1170 //
  1171 //  parameters:
  1172 //      session (in)            session handle
  1173 //      pattern (in)            key id, user id or address to search for as
  1174 //                              UTF-8 string
  1175 //      keylist (out)           list of fingerprints found or NULL on error
  1176 //
  1177 //  caveat:
  1178 //        the ownerships of keylist isgoing to the caller
  1179 //        the caller must use free_stringlist() to free it
  1180 PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
  1181                              stringlist_t **keylist);
  1182 
  1183 // get_engine_version() - returns the current version of pEpEngine (this is different
  1184 //                        from the pEp protocol version!)
  1185 //
  1186 //  parameters: none
  1187 //
  1188 //  return_value: const char* to the engine version string constant
  1189 //
  1190 DYNAMIC_API const char* get_engine_version();
  1191 
  1192 
  1193 DYNAMIC_API PEP_STATUS reset_peptest_hack(PEP_SESSION session);
  1194 
  1195 // This is used internally when there is a temporary identity to be retrieved
  1196 // that may not yet have an FPR attached. See get_identity() for functionality,
  1197 // params and caveats.
  1198 PEP_STATUS get_identity_without_trust_check(
  1199         PEP_SESSION session,
  1200         const char *address,
  1201         const char *user_id,
  1202         pEp_identity **identity
  1203     );
  1204     
  1205 PEP_STATUS get_identities_by_address(
  1206         PEP_SESSION session,
  1207         const char *address,
  1208         identity_list** id_list
  1209     );
  1210         
  1211 PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid,
  1212                               const char* new_uid);
  1213                               
  1214 PEP_STATUS remove_fpr_as_default(PEP_SESSION session, 
  1215                                     const char* fpr);
  1216                               
  1217     
  1218 #ifdef __cplusplus
  1219 }
  1220 #endif