src/keymanagement.c
author Krista 'DarthMama' Bennett <krista@pep.foundation>
Thu, 10 Jan 2019 18:57:53 +0100
changeset 3216 f7a5d25e60d5
parent 3182 32e3b6f20291
child 3221 47b815c5ba76
permissions -rw-r--r--
Myself was returning OK, even when it needed to and could not generate a key. Fixed.
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #include "platform.h"
     5 
     6 #include <string.h>
     7 #include <stdio.h>
     8 #include <stdlib.h>
     9 #include <assert.h>
    10 #include <ctype.h>
    11 
    12 #include "pEp_internal.h"
    13 #include "keymanagement.h"
    14 
    15 #include "sync_fsm.h"
    16 #include "blacklist.h"
    17 
    18 static bool key_matches_address(PEP_SESSION session, const char* address,
    19                                 const char* fpr) {
    20     if (!session || !address || !fpr)
    21         return false;
    22     
    23     bool retval = false;
    24     stringlist_t *keylist = NULL;
    25     PEP_STATUS status = find_keys(session, address, &keylist);
    26     if (status == PEP_STATUS_OK && keylist) {
    27         stringlist_t* curr = keylist;
    28         while (curr) {
    29             if (curr->value) {
    30                 if (strcasecmp(curr->value, fpr)) {
    31                     retval = true;
    32                     break;
    33                 }
    34             }
    35             curr = curr->next;
    36         }
    37     }
    38     
    39     free_stringlist(keylist);
    40     return retval;                             
    41 }
    42 
    43 PEP_STATUS elect_pubkey(
    44         PEP_SESSION session, pEp_identity * identity, bool check_blacklist
    45     )
    46 {
    47     PEP_STATUS status;
    48     stringlist_t *keylist = NULL;
    49     char *_fpr = "";
    50     identity->comm_type = PEP_ct_unknown;
    51 
    52     status = find_keys(session, identity->address, &keylist);
    53     assert(status != PEP_OUT_OF_MEMORY);
    54     if (status == PEP_OUT_OF_MEMORY)
    55         return PEP_OUT_OF_MEMORY;
    56     
    57     if (!keylist || !keylist->value)
    58         identity->comm_type = PEP_ct_key_not_found;    
    59     else {
    60         stringlist_t *_keylist;
    61         for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
    62             PEP_comm_type _comm_type_key;
    63 
    64             status = get_key_rating(session, _keylist->value, &_comm_type_key);
    65             assert(status != PEP_OUT_OF_MEMORY);
    66             if (status == PEP_OUT_OF_MEMORY) {
    67                 free_stringlist(keylist);
    68                 return PEP_OUT_OF_MEMORY;
    69             }
    70 
    71             if (_comm_type_key != PEP_ct_compromised &&
    72                 _comm_type_key != PEP_ct_unknown)
    73             {
    74                 if (identity->comm_type == PEP_ct_unknown ||
    75                     _comm_type_key > identity->comm_type)
    76                 {
    77                     bool blacklisted = false;
    78                     bool mistrusted = false;
    79                     status = is_mistrusted_key(session, _keylist->value, &mistrusted);
    80                     if (status == PEP_STATUS_OK && check_blacklist)
    81                         status = blacklist_is_listed(session, _keylist->value, &blacklisted);
    82                     if (status == PEP_STATUS_OK && !mistrusted && !blacklisted) {
    83                         identity->comm_type = _comm_type_key;
    84                         _fpr = _keylist->value;
    85                     }
    86                 }
    87             }
    88         }
    89     }
    90     free(identity->fpr);
    91 
    92     if (!_fpr || _fpr[0] == '\0')
    93         identity->fpr = NULL;
    94     else {    
    95         identity->fpr = strdup(_fpr);
    96         if (identity->fpr == NULL) {
    97             free_stringlist(keylist);
    98             return PEP_OUT_OF_MEMORY;
    99         }
   100     }
   101     
   102     free_stringlist(keylist);
   103     return PEP_STATUS_OK;
   104 }
   105 
   106 static PEP_STATUS validate_fpr(PEP_SESSION session, 
   107                                pEp_identity* ident,
   108                                bool check_blacklist) {
   109     
   110     PEP_STATUS status = PEP_STATUS_OK;
   111     
   112     if (!session || !ident || !ident->fpr || !ident->fpr[0])
   113         return PEP_ILLEGAL_VALUE;    
   114         
   115     char* fpr = ident->fpr;
   116     
   117     bool has_private = false;
   118     
   119     if (ident->me) {
   120         status = contains_priv_key(session, fpr, &has_private);
   121         if (status != PEP_STATUS_OK || !has_private)
   122             return PEP_KEY_UNSUITABLE;
   123     }
   124     
   125     status = get_trust(session, ident);
   126     if (status != PEP_STATUS_OK)
   127         ident->comm_type = PEP_ct_unknown;
   128             
   129     PEP_comm_type ct = ident->comm_type;
   130 
   131     if (ct == PEP_ct_unknown) {
   132         // If status is bad, it's ok, we get the rating
   133         // we should use then (PEP_ct_unknown)
   134         get_key_rating(session, fpr, &ct);
   135         ident->comm_type = ct;
   136     }
   137     else if (ct == PEP_ct_key_expired || ct == PEP_ct_key_expired_but_confirmed) {
   138         PEP_comm_type ct_expire_check = PEP_ct_unknown;
   139         get_key_rating(session, fpr, &ct_expire_check);
   140         if (ct_expire_check >= PEP_ct_strong_but_unconfirmed) {
   141             ident->comm_type = ct_expire_check;
   142             if (ct == PEP_ct_key_expired_but_confirmed)
   143                 ident->comm_type |= PEP_ct_confirmed;
   144             ct = ident->comm_type;
   145             // We need to fix this trust in the DB.
   146             status = set_trust(session, ident);
   147         }
   148     }
   149     
   150     
   151     bool pep_user = false;
   152     
   153     is_pep_user(session, ident, &pep_user);
   154 
   155     if (pep_user) {
   156         switch (ct) {
   157             case PEP_ct_OpenPGP:
   158             case PEP_ct_OpenPGP_unconfirmed:
   159                 ct += 0x47; // difference between PEP and OpenPGP values;
   160                 ident->comm_type = ct;
   161                 break;
   162             default:
   163                 break;
   164         }
   165     }
   166     
   167     bool revoked, expired;
   168     bool blacklisted = false;
   169     
   170     status = key_revoked(session, fpr, &revoked);    
   171         
   172     if (status != PEP_STATUS_OK) {
   173         return status;
   174     }
   175     
   176     if (!revoked) {
   177         time_t exp_time = (ident->me ? 
   178                            time(NULL) + (7*24*3600) : time(NULL));
   179                            
   180         status = key_expired(session, fpr, 
   181                              exp_time,
   182                              &expired);
   183                              
   184         assert(status == PEP_STATUS_OK);
   185         if (status != PEP_STATUS_OK)
   186             return status;
   187 
   188         if (check_blacklist && IS_PGP_CT(ct) &&
   189             !ident->me) {
   190             status = blacklist_is_listed(session, 
   191                                          fpr, 
   192                                          &blacklisted);
   193                                          
   194             if (status != PEP_STATUS_OK)
   195                 return status;
   196         }
   197     }
   198             
   199     if (ident->me && (ct >= PEP_ct_strong_but_unconfirmed) && !revoked && expired) {
   200         // extend key
   201         timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
   202         status = renew_key(session, fpr, ts);
   203         free_timestamp(ts);
   204 
   205         if (status == PEP_STATUS_OK) {
   206             // if key is valid (second check because pEp key might be extended above)
   207             //      Return fpr        
   208             status = key_expired(session, fpr, time(NULL), &expired);            
   209             if (status != PEP_STATUS_OK)
   210                 return status;
   211                 
   212             if (expired) {
   213                 if (ident->comm_type & PEP_ct_confirmed || (ident->comm_type == PEP_ct_key_expired_but_confirmed))
   214                     ident->comm_type = PEP_ct_key_expired_but_confirmed;
   215                 else
   216                     ident->comm_type = PEP_ct_key_expired;
   217                 return status;
   218             }
   219             // communicate key(?)
   220         }        
   221     }
   222      
   223     if (revoked) 
   224         ct = PEP_ct_key_revoked;
   225     else if (expired) {
   226         if (ident->comm_type & PEP_ct_confirmed || (ident->comm_type == PEP_ct_key_expired_but_confirmed))
   227             ct = PEP_ct_key_expired_but_confirmed;
   228         else
   229             ct = PEP_ct_key_expired;
   230     }
   231     else if (blacklisted) { // never true for .me
   232         ident->comm_type = ct = PEP_ct_key_not_found;
   233         free(ident->fpr);
   234             ident->fpr = strdup("");
   235         status = PEP_KEY_BLACKLISTED;
   236     }
   237     
   238     switch (ct) {
   239         case PEP_ct_key_expired:
   240         case PEP_ct_key_expired_but_confirmed:
   241         case PEP_ct_key_revoked:
   242         case PEP_ct_key_b0rken:
   243             // delete key from being default key for all users/identities
   244             status = remove_fpr_as_default(session, fpr);
   245             status = update_trust_for_fpr(session, 
   246                                           fpr, 
   247                                           ct);
   248         case PEP_ct_mistrusted:                                  
   249             free(ident->fpr);
   250             ident->fpr = NULL;
   251             ident->comm_type = ct;            
   252             status = PEP_KEY_UNSUITABLE;
   253         default:
   254             break;
   255     }            
   256 
   257     return status;
   258 }
   259 
   260 PEP_STATUS get_user_default_key(PEP_SESSION session, const char* user_id,
   261                                 char** default_key) {
   262     assert(session);
   263     assert(user_id);
   264     
   265     if (!session || !user_id)
   266         return PEP_ILLEGAL_VALUE;
   267 
   268     PEP_STATUS status = PEP_STATUS_OK;
   269             
   270     // try to get default key for user_data
   271     sqlite3_reset(session->get_user_default_key);
   272     sqlite3_bind_text(session->get_user_default_key, 1, user_id, 
   273                       -1, SQLITE_STATIC);
   274     
   275     const int result = sqlite3_step(session->get_user_default_key);
   276     char* user_fpr = NULL;
   277     if (result == SQLITE_ROW) {
   278         const char* u_fpr =
   279             (char *) sqlite3_column_text(session->get_user_default_key, 0);
   280         if (u_fpr)
   281             user_fpr = strdup(u_fpr);
   282     }
   283     else
   284         status = PEP_GET_KEY_FAILED;
   285         
   286     sqlite3_reset(session->get_user_default_key);
   287     
   288     *default_key = user_fpr;
   289     return status;     
   290 }
   291 
   292 // Only call on retrieval of previously stored identity!
   293 // Also, we presume that if the stored_identity was sent in
   294 // without an fpr, there wasn't one in the trust DB for this
   295 // identity.
   296 PEP_STATUS get_valid_pubkey(PEP_SESSION session,
   297                          pEp_identity* stored_identity,
   298                          bool* is_identity_default,
   299                          bool* is_user_default,
   300                          bool* is_address_default,
   301                          bool check_blacklist) {
   302     
   303     PEP_STATUS status = PEP_STATUS_OK;
   304 
   305     if (!stored_identity || EMPTYSTR(stored_identity->user_id)
   306         || !is_identity_default || !is_user_default || !is_address_default)
   307         return PEP_ILLEGAL_VALUE;
   308         
   309     *is_identity_default = *is_user_default = *is_address_default = false;
   310 
   311     PEP_comm_type first_reject_comm_type = PEP_ct_key_not_found;
   312     PEP_STATUS first_reject_status = PEP_KEY_NOT_FOUND;
   313     
   314     char* stored_fpr = stored_identity->fpr;
   315     // Input: stored identity retrieved from database
   316     // if stored identity contains a default key
   317     if (!EMPTYSTR(stored_fpr)) {
   318         status = validate_fpr(session, stored_identity, check_blacklist);    
   319         if (status == PEP_STATUS_OK && !EMPTYSTR(stored_identity->fpr)) {
   320             *is_identity_default = *is_address_default = true;
   321             return status;
   322         }
   323         else if (status != PEP_KEY_NOT_FOUND) {
   324             first_reject_status = status;
   325             first_reject_comm_type = stored_identity->comm_type;
   326         }
   327     }
   328     // if no valid default stored identity key found
   329     free(stored_identity->fpr);
   330     stored_identity->fpr = NULL;
   331     
   332     char* user_fpr = NULL;
   333     status = get_user_default_key(session, stored_identity->user_id, &user_fpr);
   334     
   335     if (!EMPTYSTR(user_fpr)) {             
   336         // There exists a default key for user, so validate
   337         stored_identity->fpr = user_fpr;
   338         status = validate_fpr(session, stored_identity, check_blacklist);
   339         if (status == PEP_STATUS_OK && stored_identity->fpr) {
   340             *is_user_default = true;
   341             *is_address_default = key_matches_address(session, 
   342                                                       stored_identity->address,
   343                                                       stored_identity->fpr);
   344             return status;
   345         }        
   346         else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
   347             first_reject_status = status;
   348             first_reject_comm_type = stored_identity->comm_type;
   349         }
   350     }
   351     
   352     status = elect_pubkey(session, stored_identity, check_blacklist);
   353     if (status == PEP_STATUS_OK) {
   354         if (!EMPTYSTR(stored_identity->fpr))
   355             validate_fpr(session, stored_identity, false); // blacklist already filtered of needed
   356     }    
   357     else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
   358         first_reject_status = status;
   359         first_reject_comm_type = stored_identity->comm_type;
   360     }
   361     
   362     switch (stored_identity->comm_type) {
   363         case PEP_ct_key_revoked:
   364         case PEP_ct_key_b0rken:
   365         case PEP_ct_key_expired:
   366         case PEP_ct_key_expired_but_confirmed:
   367         case PEP_ct_compromised:
   368         case PEP_ct_mistrusted:
   369             // this only happens when it's all there is
   370             status = first_reject_status;
   371             free(stored_identity->fpr);
   372             stored_identity->fpr = NULL;
   373             stored_identity->comm_type = first_reject_comm_type;
   374             break;    
   375         default:
   376             if (check_blacklist && status == PEP_KEY_BLACKLISTED) {
   377                 free(stored_identity->fpr);
   378                 stored_identity->fpr = NULL;
   379                 stored_identity->comm_type = PEP_ct_key_not_found;
   380             }
   381             break;
   382     }
   383     return status;
   384 }
   385 
   386 static void transfer_ident_lang_and_flags(pEp_identity* new_ident,
   387                                           pEp_identity* stored_ident) {
   388     if (new_ident->lang[0] == 0) {
   389       new_ident->lang[0] = stored_ident->lang[0];
   390       new_ident->lang[1] = stored_ident->lang[1];
   391       new_ident->lang[2] = 0;
   392     }
   393 
   394     new_ident->flags = stored_ident->flags;
   395     new_ident->me = new_ident->me || stored_ident->me;
   396 }
   397 
   398 static void adjust_pep_trust_status(PEP_SESSION session, pEp_identity* identity) {
   399     assert(session);
   400     assert(identity);
   401     
   402     if (identity->comm_type < PEP_ct_strong_but_unconfirmed ||
   403         (identity->comm_type | PEP_ct_confirmed) == PEP_ct_pEp)
   404         return;
   405     
   406     bool pep_user;
   407     
   408     is_pep_user(session, identity, &pep_user);
   409     
   410     if (pep_user) {
   411         PEP_comm_type confirmation_status = identity->comm_type & PEP_ct_confirmed;
   412         identity->comm_type = PEP_ct_pEp_unconfirmed | confirmation_status;    
   413     }
   414 }
   415 
   416 
   417 static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
   418                                                  pEp_identity* return_id,
   419                                                  pEp_identity* stored_ident,
   420                                                  bool store) {
   421     
   422     if (!session || !return_id || !stored_ident)
   423         return PEP_ILLEGAL_VALUE;
   424     
   425     PEP_STATUS status;
   426     
   427     bool is_identity_default, is_user_default, is_address_default;
   428     status = get_valid_pubkey(session, stored_ident,
   429                                 &is_identity_default,
   430                                 &is_user_default,
   431                                 &is_address_default,
   432                               false);
   433                                 
   434     if (status == PEP_STATUS_OK && stored_ident->fpr && *(stored_ident->fpr) != '\0') {
   435     // set identity comm_type from trust db (user_id, FPR)
   436         status = get_trust(session, stored_ident);
   437         if (status == PEP_CANNOT_FIND_IDENTITY || stored_ident->comm_type == PEP_ct_unknown) {
   438             // This is OK - there is no trust DB entry, but we
   439             // found a key. We won't store this, but we'll
   440             // use it.
   441             PEP_comm_type ct = PEP_ct_unknown;
   442             status = get_key_rating(session, stored_ident->fpr, &ct);
   443             stored_ident->comm_type = ct;
   444         }
   445     }
   446     else {
   447         if (stored_ident->comm_type == PEP_ct_unknown)
   448             stored_ident->comm_type = PEP_ct_key_not_found;
   449     }
   450     free(return_id->fpr);
   451     return_id->fpr = NULL;
   452     if (status == PEP_STATUS_OK && !EMPTYSTR(stored_ident->fpr))
   453         return_id->fpr = strdup(stored_ident->fpr);
   454         
   455     return_id->comm_type = stored_ident->comm_type;
   456                     
   457     // We patch the DB with the input username, but if we didn't have
   458     // one, we pull it out of storage if available.
   459     // (also, if the input username is "anonymous" and there exists
   460     //  a DB username, we replace)
   461     if (!EMPTYSTR(stored_ident->username)) {
   462         if (!EMPTYSTR(return_id->username) && 
   463             (strcasecmp(return_id->username, return_id->address) == 0)) {
   464             free(return_id->username);
   465             return_id->username = NULL;
   466         }
   467         if (EMPTYSTR(return_id->username)) {
   468             free(return_id->username);
   469             return_id->username = strdup(stored_ident->username);
   470         }
   471     }
   472     else {
   473         if (EMPTYSTR(return_id->username))
   474             return_id->username = strdup(return_id->address);
   475     }
   476     
   477     return_id->me = stored_ident->me;
   478     
   479     // FIXME: Do we ALWAYS do this? We probably should...
   480     if (EMPTYSTR(return_id->user_id)) {
   481         free(return_id->user_id);
   482         return_id->user_id = strdup(stored_ident->user_id);
   483     } 
   484     
   485     adjust_pep_trust_status(session, return_id);
   486    
   487     // Call set_identity() to store
   488     if ((is_identity_default || is_user_default) &&
   489          is_address_default) {                 
   490          // if we got an fpr which is default for either user
   491          // or identity AND is valid for this address, set in DB
   492          // as default
   493          status = set_identity(session, return_id);
   494     }
   495     else {
   496         // Store without default fpr/ct, but return the fpr and ct 
   497         // for current use
   498         char* save_fpr = return_id->fpr;
   499         PEP_comm_type save_ct = return_id->comm_type;
   500         return_id->fpr = NULL;
   501         return_id->comm_type = PEP_ct_unknown;
   502         PEP_STATUS save_status = status;
   503         status = set_identity(session, return_id);
   504         if (save_status != PEP_STATUS_OK)
   505             status = save_status;
   506         return_id->fpr = save_fpr;
   507         return_id->comm_type = save_ct;
   508     }
   509     
   510     transfer_ident_lang_and_flags(return_id, stored_ident);
   511     
   512     if (return_id->comm_type == PEP_ct_unknown)
   513         return_id->comm_type = PEP_ct_key_not_found;
   514     
   515     return status;
   516 }
   517 
   518 DYNAMIC_API PEP_STATUS update_identity(
   519         PEP_SESSION session, pEp_identity * identity
   520     )
   521 {
   522     PEP_STATUS status;
   523 
   524     assert(session);
   525     assert(identity);
   526     assert(!EMPTYSTR(identity->address));
   527 
   528     if (!(session && identity && !EMPTYSTR(identity->address)))
   529         return PEP_ILLEGAL_VALUE;
   530 
   531     char* default_own_id = NULL;
   532     status = get_default_own_userid(session, &default_own_id);    
   533 
   534     // Is this me, temporary or not? If so, BAIL.
   535     if (identity->me || 
   536        (default_own_id && identity->user_id && (strcmp(default_own_id, identity->user_id) == 0))) 
   537     {
   538         free(default_own_id);
   539         return PEP_ILLEGAL_VALUE;
   540     }
   541 
   542     // We have, at least, an address.
   543     // Retrieve stored identity information!    
   544     pEp_identity* stored_ident = NULL;
   545 
   546     if (!EMPTYSTR(identity->user_id)) {            
   547         // (we're gonna update the trust/fpr anyway, so we use the no-fpr-from-trust-db variant)
   548         //      * do get_identity() to retrieve stored identity information
   549         status = get_identity_without_trust_check(session, identity->address, identity->user_id, &stored_ident);
   550 
   551         // Before we start - if there was no stored identity, we should check to make sure we don't
   552         // have a stored identity with a temporary user_id that differs from the input user_id. This
   553         // happens in multithreaded environments sometimes.
   554         if (!stored_ident) {
   555             identity_list* id_list = NULL;
   556             status = get_identities_by_address(session, identity->address, &id_list);
   557 
   558             if (id_list) {
   559                 identity_list* id_curr = id_list;
   560                 bool input_is_TOFU = (strstr(identity->user_id, "TOFU_") == identity->user_id);
   561                 while (id_curr) {
   562                     pEp_identity* this_id = id_curr->ident;
   563                     if (this_id) {
   564                         char* this_uid = this_id->user_id;
   565                         bool curr_is_TOFU = false;
   566                         // this_uid should never be NULL, as this is half of the ident
   567                         // DB primary key
   568                         assert(!EMPTYSTR(this_uid));
   569 
   570                         curr_is_TOFU = (strstr(this_uid, "TOFU_") == this_uid);
   571                         if (curr_is_TOFU && !input_is_TOFU) {
   572                             // FIXME: should we also be fixing pEp_own_userId in this
   573                             // function here?
   574                             
   575                             // if usernames match, we replace the userid. Or if the temp username
   576                             // is anonymous.
   577                             // FIXME: do we need to create an address match function which
   578                             // matches the whole dot-and-case rigamarole from 
   579                             if (EMPTYSTR(this_id->username) ||
   580                                 strcasecmp(this_id->username, this_id->address) == 0 ||
   581                                 (identity->username && 
   582                                  strcasecmp(identity->username, 
   583                                             this_id->username) == 0)) {
   584                                 
   585                                 // Ok, we have a temp ID. We have to replace this
   586                                 // with the real ID.
   587                                 status = replace_userid(session, 
   588                                                         this_uid, 
   589                                                         identity->user_id);
   590                                 if (status != PEP_STATUS_OK) {
   591                                     free_identity_list(id_list);
   592                                     free(default_own_id);
   593                                     return status;
   594                                 }
   595                                     
   596                                 free(this_uid);
   597                                 this_uid = NULL;
   598                                 
   599                                 // Reflect the change we just made to the DB
   600                                 this_id->user_id = strdup(identity->user_id);
   601                                 stored_ident = this_id;
   602                                 // FIXME: free list.
   603                                 break;                                
   604                             }
   605                         }
   606                         else if (input_is_TOFU && !curr_is_TOFU) {
   607                             // Replace ruthlessly - this is NOT supposed to happen.
   608                             // BAD APP BEHAVIOUR.
   609                             free(identity->user_id);
   610                             identity->user_id = strdup(this_id->user_id);
   611                             stored_ident = this_id;
   612                             // FIXME: free list.
   613                             break;                                
   614                         }                            
   615                     }
   616                     id_curr = id_curr->next;
   617                 }
   618             }
   619         } 
   620                 
   621         if (status == PEP_STATUS_OK && stored_ident) { 
   622             //  * if identity available
   623             //      * patch it with username
   624             //          (note: this will happen when 
   625             //           setting automatically below...)
   626             //      * elect valid key for identity
   627             //    * if valid key exists
   628             //        * set return value's fpr
   629             status = prepare_updated_identity(session,
   630                                               identity,
   631                                               stored_ident, true);
   632         }
   633         //  * else (identity unavailable)
   634         else {
   635             status = PEP_STATUS_OK;
   636 
   637             // FIXME: We may need to roll this back.
   638             // FIXME: change docs if we don't
   639             //  if we only have user_id and address and identity not available
   640             //      * return error status (identity not found)
   641             if (EMPTYSTR(identity->username)) {
   642                 free(identity->username);
   643                 identity->username = strdup(identity->address);
   644             }
   645             
   646             // Otherwise, if we had user_id, address, and username:
   647             //    * create identity with user_id, address, username
   648             //      (this is the input id without the fpr + comm type!)
   649 
   650             elect_pubkey(session, identity, false);
   651                         
   652             //    * We've already checked and retrieved
   653             //      any applicable temporary identities above. If we're 
   654             //      here, none of them fit.
   655             //    * call set_identity() to store
   656             // FIXME: Do we set if we had to copy in the address?
   657                 adjust_pep_trust_status(session, identity);
   658             status = set_identity(session, identity);
   659             //  * Return: created identity
   660         }        
   661     }
   662     else if (!EMPTYSTR(identity->username)) {
   663         /*
   664          * Temporary identity information with username supplied
   665             * Input: address, username (no others)
   666          */
   667          
   668         //  * See if there is an own identity that uses this address. If so, we'll
   669         //    prefer that
   670         stored_ident = NULL;
   671         
   672         if (default_own_id) {
   673             status = get_identity(session, 
   674                                   identity->address, 
   675                                   default_own_id, 
   676                                   &stored_ident);
   677         }
   678         // If there isn't an own identity, search for a non-temp stored ident
   679         // with this address.                      
   680         if (status == PEP_CANNOT_FIND_IDENTITY || !stored_ident) { 
   681  
   682             identity_list* id_list = NULL;
   683             status = get_identities_by_address(session, identity->address, &id_list);
   684 
   685             if (id_list) {
   686                 identity_list* id_curr = id_list;
   687                 while (id_curr) {
   688                     pEp_identity* this_id = id_curr->ident;
   689                     if (this_id) {
   690                         char* this_uid = this_id->user_id;
   691                         assert(!EMPTYSTR(this_uid));
   692                         // Should never be NULL - DB primary key
   693                         
   694                         if (strstr(this_uid, "TOFU_") != this_uid) {
   695                             // if usernames match, we replace the userid.
   696                             if (identity->username && 
   697                                 strcasecmp(identity->username, 
   698                                            this_id->username) == 0) {
   699                                 
   700                                 // Ok, we have a real ID. Copy it!
   701                                 identity->user_id = strdup(this_uid);
   702                                 assert(identity->user_id);
   703                                 if (!identity->user_id)
   704                                     goto enomem;
   705 
   706                                 stored_ident = this_id;
   707                                 
   708                                 break;                                
   709                             }                            
   710                         } 
   711                     }
   712                     id_curr = id_curr->next;
   713                 }
   714             }
   715         }
   716         
   717         if (stored_ident) {
   718             status = prepare_updated_identity(session,
   719                                               identity,
   720                                               stored_ident, true);
   721         }
   722         else {
   723             identity->user_id = calloc(1, strlen(identity->address) + 6);
   724             if (!identity->user_id)
   725                 goto enomem;
   726 
   727             snprintf(identity->user_id, strlen(identity->address) + 6,
   728                      "TOFU_%s", identity->address);        
   729 
   730             status = get_identity(session, 
   731                                   identity->address, 
   732                                   identity->user_id, 
   733                                   &stored_ident);
   734 
   735             if (status == PEP_STATUS_OK && stored_ident) {
   736                 status = prepare_updated_identity(session,
   737                                                   identity,
   738                                                   stored_ident, true);
   739             }
   740             else {
   741                          
   742                 //    * We've already checked and retrieved
   743                 //      any applicable temporary identities above. If we're 
   744                 //      here, none of them fit.
   745                 
   746                 status = elect_pubkey(session, identity, false);
   747                              
   748                 //    * call set_identity() to store
   749                 if (identity->fpr) {
   750                     // it is still possible we have DB information on this key. Better check.
   751                     status = get_trust(session, identity);
   752                     PEP_comm_type db_ct = identity->comm_type;
   753                     status = get_key_rating(session, identity->fpr, &identity->comm_type);
   754                     PEP_comm_type key_ct = identity->comm_type;
   755                                         
   756                     if (status == PEP_STATUS_OK) {
   757                         switch (key_ct) {
   758                             case PEP_ct_key_expired:
   759                                 if (db_ct == PEP_ct_key_expired_but_confirmed)
   760                                     identity->comm_type = db_ct;
   761                                 break;    
   762                             default:
   763                                 switch(db_ct) {
   764                                     case PEP_ct_key_expired_but_confirmed:
   765                                         if (key_ct >= PEP_ct_strong_but_unconfirmed)
   766                                             identity->comm_type |= PEP_ct_confirmed;
   767                                         break;
   768                                     case PEP_ct_mistrusted:
   769                                     case PEP_ct_compromised:
   770                                     case PEP_ct_key_b0rken:
   771                                         identity->comm_type = db_ct;
   772                                     default:
   773                                         break;
   774                                 }    
   775                                 break;
   776                         }
   777                     }
   778                 }
   779                 //    * call set_identity() to store
   780                 adjust_pep_trust_status(session, identity);            
   781                 status = set_identity(session, identity);
   782             }
   783         }
   784     }
   785     else {
   786         /*
   787         * Input: address (no others)
   788          * Temporary identity information without username suplied
   789          */
   790          
   791         //  * Again, see if there is an own identity that uses this address. If so, we'll
   792         //    prefer that
   793         stored_ident = NULL;
   794          
   795         if (default_own_id) {
   796             status = get_identity(session, 
   797                                   identity->address, 
   798                                   default_own_id, 
   799                                   &stored_ident);
   800         }
   801         // If there isn't an own identity, search for a non-temp stored ident
   802         // with this address.                      
   803         if (status == PEP_CANNOT_FIND_IDENTITY || !stored_ident) { 
   804  
   805             identity_list* id_list = NULL;
   806             //    * Search for identity with this address
   807             status = get_identities_by_address(session, identity->address, &id_list);
   808 
   809             // Results are ordered by timestamp descending, so this covers
   810             // both the one-result and multi-result cases
   811             if (id_list) {
   812                 if (stored_ident) // unlikely
   813                     free_identity(stored_ident);
   814                 stored_ident = id_list->ident;
   815             }
   816         }
   817         if (stored_ident)
   818             status = prepare_updated_identity(session, identity,
   819                                               stored_ident, false);
   820         else  {            
   821             // too little info. BUT. We see if we can find a key; if so, we create a
   822             // temp identity, look for a key, and store.
   823                          
   824             // create temporary identity, store it, and Return this
   825             // This means TOFU_ user_id
   826             identity->user_id = calloc(1, strlen(identity->address) + 6);
   827             if (!identity->user_id)
   828                 goto enomem;
   829 
   830             snprintf(identity->user_id, strlen(identity->address) + 6,
   831                      "TOFU_%s", identity->address);        
   832         
   833             identity->username = strdup(identity->address);
   834             if (!identity->address)
   835                 goto enomem;
   836             
   837             free(identity->fpr);
   838             identity->fpr = NULL;
   839             identity->comm_type = PEP_ct_unknown;
   840 
   841             status = elect_pubkey(session, identity, false);
   842                          
   843             if (identity->fpr)
   844                 status = get_key_rating(session, identity->fpr, &identity->comm_type);
   845         
   846             //    * call set_identity() to store
   847             adjust_pep_trust_status(session, identity);            
   848             status = set_identity(session, identity);
   849 
   850         }
   851     }
   852     
   853     // FIXME: This is legacy. I presume it's a notification for the caller...
   854     // Revisit once I can talk to Volker
   855     if (identity->comm_type != PEP_ct_compromised &&
   856         identity->comm_type < PEP_ct_strong_but_unconfirmed)
   857         if (session->examine_identity)
   858             session->examine_identity(identity, session->examine_management);
   859 
   860     goto pep_free;
   861 
   862 enomem:
   863     status = PEP_OUT_OF_MEMORY;
   864 
   865 pep_free:
   866     free(default_own_id);
   867     free_identity(stored_ident);
   868     return status;
   869 }
   870 
   871 PEP_STATUS elect_ownkey(
   872         PEP_SESSION session, pEp_identity * identity
   873     )
   874 {
   875     PEP_STATUS status;
   876     stringlist_t *keylist = NULL;
   877 
   878     free(identity->fpr);
   879     identity->fpr = NULL;
   880 
   881     status = find_private_keys(session, identity->address, &keylist);
   882     assert(status != PEP_OUT_OF_MEMORY);
   883     if (status == PEP_OUT_OF_MEMORY)
   884         return PEP_OUT_OF_MEMORY;
   885     
   886     if (keylist != NULL && keylist->value != NULL)
   887     {
   888         char *_fpr = NULL;
   889         identity->comm_type = PEP_ct_unknown;
   890 
   891         stringlist_t *_keylist;
   892         for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
   893             bool is_own = false;
   894             
   895             status = own_key_is_listed(session, _keylist->value, &is_own);
   896             assert(status == PEP_STATUS_OK);
   897             if (status != PEP_STATUS_OK) {
   898                 free_stringlist(keylist);
   899                 return status;
   900             }
   901             
   902             if (is_own)
   903             {
   904                 PEP_comm_type _comm_type_key;
   905                 
   906                 status = get_key_rating(session, _keylist->value, &_comm_type_key);
   907                 assert(status != PEP_OUT_OF_MEMORY);
   908                 if (status == PEP_OUT_OF_MEMORY) {
   909                     free_stringlist(keylist);
   910                     return PEP_OUT_OF_MEMORY;
   911                 }
   912                 
   913                 if (_comm_type_key != PEP_ct_compromised &&
   914                     _comm_type_key != PEP_ct_unknown)
   915                 {
   916                     if (identity->comm_type == PEP_ct_unknown ||
   917                         _comm_type_key > identity->comm_type)
   918                     {
   919                         identity->comm_type = _comm_type_key;
   920                         _fpr = _keylist->value;
   921                     }
   922                 }
   923             }
   924         }
   925         
   926         if (_fpr)
   927         {
   928             identity->fpr = strdup(_fpr);
   929             assert(identity->fpr);
   930             if (identity->fpr == NULL)
   931             {
   932                 free_stringlist(keylist);
   933                 return PEP_OUT_OF_MEMORY;
   934             }
   935         }
   936         free_stringlist(keylist);
   937     }
   938     return PEP_STATUS_OK;
   939 }
   940 
   941 PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
   942                                 bool* is_usable) {
   943     
   944     bool has_private = false;
   945     PEP_STATUS status = contains_priv_key(session, fpr, &has_private);
   946     
   947     *is_usable = has_private;
   948     
   949     return status;
   950 }
   951 
   952 PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
   953 {
   954 
   955     PEP_STATUS status;
   956 
   957     assert(session);
   958     assert(identity);
   959     assert(!EMPTYSTR(identity->address));
   960     assert(!EMPTYSTR(identity->user_id));
   961 
   962     if (!session || !identity || EMPTYSTR(identity->address) ||
   963         EMPTYSTR(identity->user_id))
   964         return PEP_ILLEGAL_VALUE;
   965 
   966     pEp_identity *stored_identity = NULL;
   967     char* revoked_fpr = NULL; 
   968     bool valid_key_found = false;
   969         
   970     char* default_own_id = NULL;
   971     status = get_default_own_userid(session, &default_own_id);
   972 
   973     // Deal with non-default user_ids.
   974     if (default_own_id && strcmp(default_own_id, identity->user_id) != 0) {
   975         
   976         status = set_userid_alias(session, default_own_id, identity->user_id);
   977         // Do we want this to be fatal? For now, we'll do it...
   978         if (status != PEP_STATUS_OK)
   979             goto pep_free;
   980             
   981         free(identity->user_id);
   982         identity->user_id = strdup(default_own_id);
   983         if (identity->user_id == NULL) {
   984             status = PEP_OUT_OF_MEMORY;
   985             goto pep_free;
   986         }
   987     }
   988 
   989     // NOTE: IF WE DON'T YET HAVE AN OWN_ID, WE IGNORE REFERENCES TO THIS ADDRESS IN THE
   990     // DB (WHICH MAY HAVE BEEN SET BEFORE MYSELF WAS CALLED BY RECEIVING AN EMAIL FROM
   991     // THIS ADDRESS), AS IT IS NOT AN OWN_IDENTITY AND HAS NO INFORMATION WE NEED OR WHAT TO
   992     // SET FOR MYSELF
   993     
   994     // Ok, so now, set up the own_identity:
   995     identity->comm_type = PEP_ct_pEp;
   996     identity->me = true;
   997     if(ignore_flags)
   998         identity->flags = 0;
   999     
  1000     // Let's see if we have an identity record in the DB for 
  1001     // this user_id + address
  1002 //    DEBUG_LOG("myself", "debug", identity->address);
  1003  
  1004     status = get_identity(session,
  1005                           identity->address,
  1006                           identity->user_id,
  1007                           &stored_identity);
  1008 
  1009     assert(status != PEP_OUT_OF_MEMORY);
  1010     if (status == PEP_OUT_OF_MEMORY) {
  1011         status = PEP_OUT_OF_MEMORY;
  1012         goto pep_free;
  1013     }
  1014 
  1015     // Set usernames - priority is input username > stored name > address
  1016     // If there's an input username, we always patch the username with that
  1017     // input.
  1018     if (EMPTYSTR(identity->username)) {
  1019         bool stored_uname = (stored_identity && !EMPTYSTR(stored_identity->username));
  1020         char* uname = (stored_uname ? stored_identity->username : identity->address);
  1021         free(identity->username);
  1022         identity->username = strdup(uname);
  1023         if (identity->username == NULL) {
  1024             status = PEP_OUT_OF_MEMORY;
  1025             goto pep_free;
  1026         }
  1027     }
  1028 
  1029     // ignore input fpr
  1030 
  1031     if (identity->fpr) {
  1032         free(identity->fpr);
  1033         identity->fpr = NULL;
  1034     }
  1035 
  1036     // check stored identity
  1037     if (stored_identity && !EMPTYSTR(stored_identity->fpr)) {
  1038         // Fall back / retrieve
  1039         status = validate_fpr(session, stored_identity, false);
  1040         if (status == PEP_OUT_OF_MEMORY)
  1041             goto pep_free;
  1042         if (status == PEP_STATUS_OK) {
  1043             if (stored_identity->comm_type >= PEP_ct_strong_but_unconfirmed) {
  1044                 identity->fpr = strdup(stored_identity->fpr);
  1045                 assert(identity->fpr);
  1046                 if (!identity->fpr) {
  1047                     status = PEP_OUT_OF_MEMORY;
  1048                     goto pep_free;
  1049                 }
  1050                 valid_key_found = true;            
  1051             }
  1052             else {
  1053                 bool revoked = false;
  1054                 status = key_revoked(session, stored_identity->fpr, &revoked);
  1055                 if (status)
  1056                     goto pep_free;
  1057                 if (revoked) {
  1058                     revoked_fpr = strdup(stored_identity->fpr);
  1059                     assert(revoked_fpr);
  1060                     if (!revoked_fpr) {
  1061                         status = PEP_OUT_OF_MEMORY;
  1062                         goto pep_free;
  1063                     }
  1064                 }
  1065             }
  1066         }
  1067     }
  1068     
  1069     // Nothing left to do but generate a key
  1070     if (!valid_key_found) {
  1071         if (!do_keygen)
  1072             status = PEP_GET_KEY_FAILED;
  1073         else {
  1074 // /            DEBUG_LOG("Generating key pair", "debug", identity->address);
  1075 
  1076             free(identity->fpr);
  1077             identity->fpr = NULL;
  1078             status = generate_keypair(session, identity);
  1079             assert(status != PEP_OUT_OF_MEMORY);
  1080 
  1081             if (status != PEP_STATUS_OK) {
  1082                 char buf[11];
  1083                 snprintf(buf, 11, "%d", status); // uh, this is kludgey. FIXME
  1084 //                DEBUG_LOG("Generating key pair failed", "debug", buf);
  1085             }        
  1086             else {
  1087                 valid_key_found = true;
  1088                 if (revoked_fpr) {
  1089                     status = set_revoked(session, revoked_fpr,
  1090                                          stored_identity->fpr, time(NULL));
  1091                     assert(status == PEP_STATUS_OK);                     
  1092                 }
  1093             }
  1094         }
  1095     }
  1096 
  1097     if (valid_key_found) {
  1098         identity->comm_type = PEP_ct_pEp;
  1099         status = PEP_STATUS_OK;
  1100     }
  1101     else {
  1102         free(identity->fpr);
  1103         identity->fpr = NULL;
  1104         identity->comm_type = PEP_ct_unknown;
  1105     }
  1106     
  1107     // We want to set an identity in the DB even if a key isn't found, but we have to preserve the status if
  1108     // it's NOT ok
  1109     PEP_STATUS set_id_status = set_identity(session, identity);
  1110     if (set_id_status == PEP_STATUS_OK)
  1111         set_id_status = set_as_pep_user(session, identity);
  1112 
  1113     status = (status == PEP_STATUS_OK ? set_id_status : status);
  1114 
  1115 pep_free:    
  1116     free(default_own_id);
  1117     free(revoked_fpr);                     
  1118     free_identity(stored_identity);
  1119     return status;
  1120 }
  1121 
  1122 // DYNAMIC_API PEP_STATUS initialise_own_identities(PEP_SESSION session,
  1123 //                                                  identity_list* my_idents) {
  1124 //     PEP_STATUS status = PEP_STATUS_OK;
  1125 //     if (!session)
  1126 //         return PEP_ILLEGAL_VALUE;
  1127 //         
  1128 //     if (!my_idents)
  1129 //         return PEP_STATUS_OK;
  1130 //             
  1131 //     identity_list* ident_curr = my_idents;
  1132 //     while (ident_curr) {
  1133 //         pEp_identity* ident = ident_curr->ident;
  1134 //         if (!ident || !ident->address) {
  1135 //             status = PEP_ILLEGAL_VALUE;
  1136 //             goto pep_error;
  1137 //         }
  1138 // 
  1139 //         status = _myself(session, ident, false, false);
  1140 //         
  1141 //         ident_curr = ident_curr->next;
  1142 //     }
  1143 //     
  1144 // pep_error:
  1145 //     return status;
  1146 // }
  1147 
  1148 DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
  1149 {
  1150     return _myself(session, identity, true, false);
  1151 }
  1152 
  1153 DYNAMIC_API PEP_STATUS register_examine_function(
  1154         PEP_SESSION session, 
  1155         examine_identity_t examine_identity,
  1156         void *management
  1157     )
  1158 {
  1159     assert(session);
  1160     if (!session)
  1161         return PEP_ILLEGAL_VALUE;
  1162 
  1163     session->examine_management = management;
  1164     session->examine_identity = examine_identity;
  1165 
  1166     return PEP_STATUS_OK;
  1167 }
  1168 
  1169 DYNAMIC_API PEP_STATUS do_keymanagement(
  1170         retrieve_next_identity_t retrieve_next_identity,
  1171         void *management
  1172     )
  1173 {
  1174     PEP_SESSION session;
  1175     pEp_identity *identity;
  1176     PEP_STATUS status;
  1177 
  1178     assert(retrieve_next_identity);
  1179     assert(management);
  1180 
  1181     if (!retrieve_next_identity || !management)
  1182         return PEP_ILLEGAL_VALUE;
  1183 
  1184     status = init(&session);
  1185     assert(status == PEP_STATUS_OK);
  1186     if (status != PEP_STATUS_OK)
  1187         return status;
  1188 
  1189     log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
  1190 
  1191     while ((identity = retrieve_next_identity(management))) 
  1192     {
  1193         assert(identity->address);
  1194         if(identity->address)
  1195         {
  1196             DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
  1197 
  1198             if (identity->me) {
  1199                 status = myself(session, identity);
  1200             } else {
  1201                 status = recv_key(session, identity->address);
  1202             }
  1203 
  1204             assert(status != PEP_OUT_OF_MEMORY);
  1205             if(status == PEP_OUT_OF_MEMORY)
  1206                 return PEP_OUT_OF_MEMORY;
  1207         }
  1208         free_identity(identity);
  1209     }
  1210 
  1211     log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
  1212 
  1213     release(session);
  1214     return PEP_STATUS_OK;
  1215 }
  1216 
  1217 DYNAMIC_API PEP_STATUS key_mistrusted(
  1218         PEP_SESSION session,
  1219         pEp_identity *ident
  1220     )
  1221 {
  1222     PEP_STATUS status = PEP_STATUS_OK;
  1223 
  1224     assert(session);
  1225     assert(ident);
  1226     assert(!EMPTYSTR(ident->fpr));
  1227 
  1228     if (!(session && ident && ident->fpr))
  1229         return PEP_ILLEGAL_VALUE;
  1230 
  1231     if (ident->me)
  1232     {
  1233         // See if key is revoked already
  1234         bool revoked = false;
  1235         status = key_revoked(session, ident->fpr, &revoked);
  1236         if (!revoked)
  1237             revoke_key(session, ident->fpr, NULL);
  1238             
  1239         myself(session, ident);
  1240     }
  1241     else
  1242     {
  1243         // for undo
  1244         if (session->cached_mistrusted)
  1245             free(session->cached_mistrusted);
  1246         session->cached_mistrusted = identity_dup(ident);
  1247         
  1248         // set mistrust for this user_id/keypair (even if there's not an
  1249         // identity set yet, this is important, as we need to record the mistrust
  1250         // action)
  1251         
  1252         // double-check to be sure key is even in the DB
  1253         if (ident->fpr)
  1254             status = set_pgp_keypair(session, ident->fpr);
  1255 
  1256         // We set this temporarily but will grab it back from the cache afterwards
  1257         ident->comm_type = PEP_ct_mistrusted;
  1258         status = set_trust(session, ident);
  1259         ident->comm_type = session->cached_mistrusted->comm_type;
  1260         
  1261         if (status == PEP_STATUS_OK)
  1262             // cascade that mistrust for anyone using this key
  1263             status = mark_as_compromised(session, ident->fpr);
  1264         if (status == PEP_STATUS_OK)
  1265             status = remove_fpr_as_default(session, ident->fpr);
  1266         if (status == PEP_STATUS_OK)
  1267             status = add_mistrusted_key(session, ident->fpr);
  1268     }
  1269 
  1270     return status;
  1271 }
  1272 
  1273 DYNAMIC_API PEP_STATUS undo_last_mistrust(PEP_SESSION session) {
  1274     assert(session);
  1275     
  1276     if (!session)
  1277         return PEP_ILLEGAL_VALUE;
  1278     
  1279     PEP_STATUS status = PEP_STATUS_OK;
  1280         
  1281     pEp_identity* cached_ident = session->cached_mistrusted;
  1282     
  1283     if (!cached_ident)
  1284         status = PEP_CANNOT_FIND_IDENTITY;
  1285     else {
  1286         status = delete_mistrusted_key(session, cached_ident->fpr);
  1287         if (status == PEP_STATUS_OK) {
  1288             status = set_identity(session, cached_ident);
  1289             // THIS SHOULDN'T BE NECESSARY - PREVIOUS VALUE WAS IN THE DB
  1290             // if (status == PEP_STATUS_OK) {
  1291             //     if ((cached_ident->comm_type | PEP_ct_confirmed) == PEP_ct_pEp)
  1292             //         status = set_as_pep_user(session, cached_ident);
  1293             // }            
  1294             free_identity(session->cached_mistrusted);
  1295         }
  1296     }
  1297     
  1298     session->cached_mistrusted = NULL;
  1299     
  1300     return status;
  1301 }
  1302 
  1303 DYNAMIC_API PEP_STATUS key_reset_trust(
  1304         PEP_SESSION session,
  1305         pEp_identity *ident
  1306     )
  1307 {
  1308     PEP_STATUS status = PEP_STATUS_OK;
  1309 
  1310     assert(session);
  1311     assert(ident);
  1312     assert(!EMPTYSTR(ident->fpr));
  1313     assert(!EMPTYSTR(ident->address));
  1314     assert(!EMPTYSTR(ident->user_id));
  1315 
  1316     if (!(session && ident && ident->fpr && ident->fpr[0] != '\0' && ident->address &&
  1317             ident->user_id))
  1318         return PEP_ILLEGAL_VALUE;
  1319 
  1320     // we do not change the input struct at ALL.
  1321     pEp_identity* input_copy = identity_dup(ident);
  1322     
  1323     pEp_identity* tmp_ident = NULL;
  1324     
  1325     status = get_trust(session, input_copy);
  1326     
  1327     if (status != PEP_STATUS_OK)
  1328         goto pep_free;
  1329         
  1330     PEP_comm_type new_trust = PEP_ct_unknown;
  1331     status = get_key_rating(session, ident->fpr, &new_trust);
  1332     if (status != PEP_STATUS_OK)
  1333         goto pep_free;
  1334 
  1335     bool pep_user = false;
  1336     
  1337     status = is_pep_user(session, ident, &pep_user);
  1338     
  1339     if (pep_user && new_trust >= PEP_ct_unconfirmed_encryption)
  1340         input_copy->comm_type = PEP_ct_pEp_unconfirmed;
  1341     else
  1342         input_copy->comm_type = new_trust;
  1343         
  1344     status = set_trust(session, input_copy);
  1345     
  1346     if (status != PEP_STATUS_OK)
  1347         goto pep_free;
  1348 
  1349     bool mistrusted_key = false;
  1350         
  1351     status = is_mistrusted_key(session, ident->fpr, &mistrusted_key);
  1352 
  1353     if (status != PEP_STATUS_OK)
  1354         goto pep_free;
  1355     
  1356     if (mistrusted_key)
  1357         status = delete_mistrusted_key(session, ident->fpr);
  1358 
  1359     if (status != PEP_STATUS_OK)
  1360         goto pep_free;
  1361         
  1362     tmp_ident = new_identity(ident->address, NULL, ident->user_id, NULL);
  1363 
  1364     if (!tmp_ident)
  1365         return PEP_OUT_OF_MEMORY;
  1366     
  1367     if (is_me(session, tmp_ident))
  1368         status = myself(session, tmp_ident);
  1369     else
  1370         status = update_identity(session, tmp_ident);
  1371     
  1372     if (status != PEP_STATUS_OK)
  1373         goto pep_free;
  1374     
  1375     // remove as default if necessary
  1376     if (!EMPTYSTR(tmp_ident->fpr) && strcmp(tmp_ident->fpr, ident->fpr) == 0) {
  1377         free(tmp_ident->fpr);
  1378         tmp_ident->fpr = NULL;
  1379         tmp_ident->comm_type = PEP_ct_unknown;
  1380         status = set_identity(session, tmp_ident);
  1381         if (status != PEP_STATUS_OK)
  1382             goto pep_free;
  1383     }
  1384     
  1385     char* user_default = NULL;
  1386     get_main_user_fpr(session, tmp_ident->user_id, &user_default);
  1387     
  1388     if (!EMPTYSTR(user_default)) {
  1389         if (strcmp(user_default, ident->fpr) == 0)
  1390             status = refresh_userid_default_key(session, ident->user_id);
  1391         if (status != PEP_STATUS_OK)
  1392             goto pep_free;    
  1393     }
  1394             
  1395 pep_free:
  1396     free_identity(tmp_ident);
  1397     free_identity(input_copy);
  1398     return status;
  1399 }
  1400 
  1401 DYNAMIC_API PEP_STATUS trust_personal_key(
  1402         PEP_SESSION session,
  1403         pEp_identity *ident
  1404     )
  1405 {
  1406     PEP_STATUS status = PEP_STATUS_OK;
  1407 
  1408     assert(session);
  1409     assert(ident);
  1410     assert(!EMPTYSTR(ident->address));
  1411     assert(!EMPTYSTR(ident->user_id));
  1412     assert(!EMPTYSTR(ident->fpr));
  1413 
  1414     if (!ident || EMPTYSTR(ident->address) || EMPTYSTR(ident->user_id) ||
  1415             EMPTYSTR(ident->fpr))
  1416         return PEP_ILLEGAL_VALUE;
  1417 
  1418     //bool ident_has_trusted_default = false;
  1419     char* ident_default_fpr = NULL;
  1420 
  1421     // Before we do anything, be sure the input fpr is even eligible to be trusted
  1422     PEP_comm_type input_default_ct = PEP_ct_unknown;
  1423     status = get_key_rating(session, ident->fpr, &input_default_ct);
  1424     if (input_default_ct < PEP_ct_strong_but_unconfirmed)
  1425         return PEP_KEY_UNSUITABLE;
  1426 
  1427     status = set_pgp_keypair(session, ident->fpr);
  1428     if (status != PEP_STATUS_OK)
  1429         return status;
  1430 
  1431     bool me = is_me(session, ident);
  1432 
  1433     pEp_identity* ident_copy = identity_dup(ident);
  1434     char* cached_fpr = NULL;
  1435 
  1436     // for setting up a temp trusted identity for the input fpr
  1437     pEp_identity* tmp_id = NULL;
  1438 
  1439     // For later, in case we need to check the user default key
  1440     pEp_identity* tmp_user_ident = NULL;
  1441 
  1442     if (me) {
  1443         bool has_private = false;
  1444         // first of all, does this key even have a private component.
  1445         status = contains_priv_key(session, ident->fpr, &has_private);
  1446         if (status != PEP_STATUS_OK && status != PEP_KEY_NOT_FOUND)
  1447             goto pep_free;
  1448             
  1449         // if (has_private) {
  1450         //     status = set_own_key(session, ident_copy, ident->fpr); 
  1451         //     goto pep_free;
  1452         // }
  1453     }
  1454     
  1455     // Either it's not me, or it's me but the key has no private key. 
  1456     // We're only talking about pub keys here. Moving on.
  1457     
  1458     // Save the input fpr, which we already tested as non-NULL
  1459     cached_fpr = strdup(ident->fpr);
  1460 
  1461     // Set up a temp trusted identity for the input fpr without a comm type;
  1462     tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL);
  1463     
  1464     // ->me isn't set, even if this is an own identity, so this will work.
  1465     status = validate_fpr(session, tmp_id, false);
  1466         
  1467     if (status == PEP_STATUS_OK) {
  1468         // Validate fpr gets trust DB or, when that fails, key comm type. we checked
  1469         // above that the key was ok. (not revoked or expired), but we want the max.
  1470         tmp_id->comm_type = _MAX(tmp_id->comm_type, input_default_ct) | PEP_ct_confirmed;
  1471 
  1472         // Get the default identity without setting the fpr                                       
  1473         if (me)
  1474             status = _myself(session, ident_copy, false, true);
  1475         else    
  1476             status = update_identity(session, ident_copy);
  1477             
  1478         ident_default_fpr = (EMPTYSTR(ident_copy->fpr) ? NULL : strdup(ident_copy->fpr));
  1479 
  1480         if (status == PEP_STATUS_OK) {
  1481             bool trusted_default = false;
  1482 
  1483             // If there's no default, or the default is different from the input...
  1484             if (me || EMPTYSTR(ident_default_fpr) || strcmp(cached_fpr, ident_default_fpr) != 0) {
  1485                 
  1486                 // If the default fpr (if there is one) is trusted and key is strong enough,
  1487                 // don't replace, we just set the trusted bit on this key for this user_id...
  1488                 // (If there's no default fpr, this won't be true anyway.)
  1489                 if (me || (ident_copy->comm_type >= PEP_ct_strong_but_unconfirmed && 
  1490                           (ident_copy->comm_type & PEP_ct_confirmed))) {                        
  1491 
  1492                     trusted_default = true;
  1493                                     
  1494                     status = set_trust(session, tmp_id);
  1495                     input_default_ct = tmp_id->comm_type;                    
  1496                 }
  1497                 else {
  1498                     free(ident_copy->fpr);
  1499                     ident_copy->fpr = strdup(cached_fpr);
  1500                     ident_copy->comm_type = tmp_id->comm_type;
  1501                     status = set_identity(session, ident_copy); // replace identity default
  1502                     if (status == PEP_STATUS_OK) {
  1503                         if ((ident_copy->comm_type | PEP_ct_confirmed) == PEP_ct_pEp)
  1504                             status = set_as_pep_user(session, ident_copy);
  1505                     }            
  1506                 }
  1507             }
  1508             else { // we're setting this on the default fpr
  1509                 ident->comm_type = tmp_id->comm_type;
  1510                 status = set_identity(session, ident);
  1511                 trusted_default = true;
  1512             }
  1513             if (status == PEP_STATUS_OK && !trusted_default) {
  1514                 // Ok, there wasn't a trusted default, so we replaced. Thus, we also
  1515                 // make sure there's a trusted default on the user_id. If there
  1516                 // is not, we make this the default.
  1517                 char* user_default = NULL;
  1518                 status = get_main_user_fpr(session, ident->user_id, &user_default);
  1519             
  1520                 if (status == PEP_STATUS_OK && user_default) {
  1521                     tmp_user_ident = new_identity(ident->address, 
  1522                                                   user_default, 
  1523                                                   ident->user_id, 
  1524                                                   NULL);
  1525                     if (!tmp_user_ident)
  1526                         status = PEP_OUT_OF_MEMORY;
  1527                     else {
  1528                         status = validate_fpr(session, tmp_user_ident, false);
  1529                         
  1530                         if (status != PEP_STATUS_OK ||
  1531                             tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed ||
  1532                             !(tmp_user_ident->comm_type & PEP_ct_confirmed)) 
  1533                         {
  1534                             char* trusted_fpr = (trusted_default ? ident_default_fpr : cached_fpr);
  1535                             status = replace_main_user_fpr(session, ident->user_id, trusted_fpr);
  1536                         } 
  1537                     }
  1538                 }
  1539             }
  1540         }
  1541     }    
  1542 
  1543 pep_free:
  1544     free(ident_default_fpr);
  1545     free(cached_fpr);
  1546     free_identity(tmp_id);
  1547     free_identity(ident_copy);
  1548     free_identity(tmp_user_ident);
  1549     return status;
  1550 }
  1551 
  1552 DYNAMIC_API PEP_STATUS own_key_is_listed(
  1553         PEP_SESSION session,
  1554         const char *fpr,
  1555         bool *listed
  1556     )
  1557 {
  1558     PEP_STATUS status = PEP_STATUS_OK;
  1559     int count;
  1560     
  1561     assert(session && fpr && fpr[0] && listed);
  1562     
  1563     if (!(session && fpr && fpr[0] && listed))
  1564         return PEP_ILLEGAL_VALUE;
  1565     
  1566     *listed = false;
  1567     
  1568     sqlite3_reset(session->own_key_is_listed);
  1569     sqlite3_bind_text(session->own_key_is_listed, 1, fpr, -1, SQLITE_STATIC);
  1570     
  1571     int result;
  1572     
  1573     result = sqlite3_step(session->own_key_is_listed);
  1574     switch (result) {
  1575         case SQLITE_ROW:
  1576             count = sqlite3_column_int(session->own_key_is_listed, 0);
  1577             *listed = count > 0;
  1578             status = PEP_STATUS_OK;
  1579             break;
  1580             
  1581         default:
  1582             status = PEP_UNKNOWN_ERROR;
  1583     }
  1584     
  1585     sqlite3_reset(session->own_key_is_listed);
  1586     return status;
  1587 }
  1588 
  1589 PEP_STATUS _own_identities_retrieve(
  1590         PEP_SESSION session,
  1591         identity_list **own_identities,
  1592         identity_flags_t excluded_flags
  1593       )
  1594 {
  1595     PEP_STATUS status = PEP_STATUS_OK;
  1596     
  1597     assert(session && own_identities);
  1598     if (!(session && own_identities))
  1599         return PEP_ILLEGAL_VALUE;
  1600     
  1601     *own_identities = NULL;
  1602     identity_list *_own_identities = new_identity_list(NULL);
  1603     if (_own_identities == NULL)
  1604         goto enomem;
  1605     
  1606     sqlite3_reset(session->own_identities_retrieve);
  1607     
  1608     int result;
  1609     // address, fpr, username, user_id, comm_type, lang, flags
  1610     const char *address = NULL;
  1611     const char *fpr = NULL;
  1612     const char *username = NULL;
  1613     const char *user_id = NULL;
  1614     PEP_comm_type comm_type = PEP_ct_unknown;
  1615     const char *lang = NULL;
  1616     unsigned int flags = 0;
  1617     
  1618     identity_list *_bl = _own_identities;
  1619     do {
  1620         sqlite3_bind_int(session->own_identities_retrieve, 1, excluded_flags);
  1621         result = sqlite3_step(session->own_identities_retrieve);
  1622         switch (result) {
  1623             case SQLITE_ROW:
  1624                 address = (const char *)
  1625                     sqlite3_column_text(session->own_identities_retrieve, 0);
  1626                 fpr = (const char *)
  1627                     sqlite3_column_text(session->own_identities_retrieve, 1);
  1628                 user_id = (const char *)
  1629                     sqlite3_column_text(session->own_identities_retrieve, 2);
  1630                 username = (const char *)
  1631                     sqlite3_column_text(session->own_identities_retrieve, 3);
  1632                 comm_type = PEP_ct_pEp;
  1633                 lang = (const char *)
  1634                     sqlite3_column_text(session->own_identities_retrieve, 4);
  1635                 flags = (unsigned int)
  1636                     sqlite3_column_int(session->own_identities_retrieve, 5);
  1637 
  1638                 pEp_identity *ident = new_identity(address, fpr, user_id, username);
  1639                 if (!ident)
  1640                     goto enomem;
  1641                 ident->comm_type = comm_type;
  1642                 if (lang && lang[0]) {
  1643                     ident->lang[0] = lang[0];
  1644                     ident->lang[1] = lang[1];
  1645                     ident->lang[2] = 0;
  1646                 }
  1647                 ident->me = true;
  1648                 ident->flags = flags;
  1649 
  1650                 _bl = identity_list_add(_bl, ident);
  1651                 if (_bl == NULL) {
  1652                     free_identity(ident);
  1653                     goto enomem;
  1654                 }
  1655                 
  1656                 break;
  1657                 
  1658             case SQLITE_DONE:
  1659                 break;
  1660                 
  1661             default:
  1662                 status = PEP_UNKNOWN_ERROR;
  1663                 result = SQLITE_DONE;
  1664         }
  1665     } while (result != SQLITE_DONE);
  1666     
  1667     sqlite3_reset(session->own_identities_retrieve);
  1668     if (status == PEP_STATUS_OK)
  1669         *own_identities = _own_identities;
  1670     else
  1671         free_identity_list(_own_identities);
  1672     
  1673     goto the_end;
  1674     
  1675 enomem:
  1676     free_identity_list(_own_identities);
  1677     status = PEP_OUT_OF_MEMORY;
  1678     
  1679 the_end:
  1680     return status;
  1681 }
  1682 
  1683 DYNAMIC_API PEP_STATUS own_identities_retrieve(
  1684         PEP_SESSION session,
  1685         identity_list **own_identities
  1686       )
  1687 {
  1688     return _own_identities_retrieve(session, own_identities, 0);
  1689 }
  1690 
  1691 PEP_STATUS _own_keys_retrieve(
  1692         PEP_SESSION session,
  1693         stringlist_t **keylist,
  1694         identity_flags_t excluded_flags
  1695       )
  1696 {
  1697     PEP_STATUS status = PEP_STATUS_OK;
  1698     
  1699     assert(session && keylist);
  1700     if (!(session && keylist))
  1701         return PEP_ILLEGAL_VALUE;
  1702     
  1703     *keylist = NULL;
  1704     stringlist_t *_keylist = NULL;
  1705     
  1706     sqlite3_reset(session->own_keys_retrieve);
  1707     
  1708     int result;
  1709     char *fpr = NULL;
  1710     
  1711     stringlist_t *_bl = _keylist;
  1712     do {
  1713         sqlite3_bind_int(session->own_keys_retrieve, 1, excluded_flags);
  1714         result = sqlite3_step(session->own_keys_retrieve);
  1715         switch (result) {
  1716             case SQLITE_ROW:
  1717                 fpr = strdup((const char *) sqlite3_column_text(session->own_keys_retrieve, 0));
  1718                 if(fpr == NULL)
  1719                     goto enomem;
  1720 
  1721                 _bl = stringlist_add(_bl, fpr);
  1722                 if (_bl == NULL) {
  1723                     free(fpr);
  1724                     goto enomem;
  1725                 }
  1726                 if (_keylist == NULL)
  1727                     _keylist = _bl;
  1728                 
  1729                 break;
  1730                 
  1731             case SQLITE_DONE:
  1732                 break;
  1733                 
  1734             default:
  1735                 status = PEP_UNKNOWN_ERROR;
  1736                 result = SQLITE_DONE;
  1737         }
  1738     } while (result != SQLITE_DONE);
  1739     
  1740     sqlite3_reset(session->own_keys_retrieve);
  1741     if (status == PEP_STATUS_OK)
  1742         *keylist = _keylist;
  1743     else
  1744         free_stringlist(_keylist);
  1745     
  1746     goto the_end;
  1747     
  1748 enomem:
  1749     free_stringlist(_keylist);
  1750     status = PEP_OUT_OF_MEMORY;
  1751     
  1752 the_end:
  1753     return status;
  1754 }
  1755 
  1756 DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **keylist)
  1757 {
  1758     return _own_keys_retrieve(session, keylist, 0);
  1759 }
  1760 
  1761 DYNAMIC_API PEP_STATUS set_own_key(
  1762        PEP_SESSION session,
  1763        pEp_identity *me,
  1764        const char *fpr
  1765     )
  1766 {
  1767     PEP_STATUS status = PEP_STATUS_OK;
  1768     
  1769     assert(session && me);
  1770     assert(!EMPTYSTR(fpr));
  1771     assert(!EMPTYSTR(me->address));
  1772     assert(!EMPTYSTR(me->user_id));
  1773     assert(!EMPTYSTR(me->username));
  1774 
  1775     if (!session || !me || EMPTYSTR(fpr) || EMPTYSTR(me->address) ||
  1776             EMPTYSTR(me->user_id) || EMPTYSTR(me->username))
  1777         return PEP_ILLEGAL_VALUE;
  1778 
  1779     status = _myself(session, me, false, true);
  1780     // we do not need a valid key but dislike other errors
  1781     if (status != PEP_STATUS_OK && status != PEP_GET_KEY_FAILED && status != PEP_KEY_UNSUITABLE)
  1782         return status;
  1783     status = PEP_STATUS_OK;
  1784 
  1785     bool private = false;
  1786     status = contains_priv_key(session, fpr, &private);
  1787     
  1788     if (status != PEP_STATUS_OK)
  1789         return status;
  1790         
  1791     if (!private)
  1792         return PEP_KEY_UNSUITABLE;
  1793  
  1794     if (me->fpr)
  1795         free(me->fpr);
  1796     me->fpr = strdup(fpr);
  1797     assert(me->fpr);
  1798     if (!me->fpr)
  1799         return PEP_OUT_OF_MEMORY;
  1800 
  1801     status = validate_fpr(session, me, false);
  1802     if (status)
  1803         return status;
  1804 
  1805     me->comm_type = PEP_ct_pEp;
  1806     status = set_identity(session, me);
  1807     return status;
  1808 }
  1809 
  1810 PEP_STATUS contains_priv_key(PEP_SESSION session, const char *fpr,
  1811                              bool *has_private) {
  1812 
  1813     assert(session);
  1814     assert(fpr);
  1815     assert(has_private);
  1816     
  1817     if (!(session && fpr && has_private))
  1818         return PEP_ILLEGAL_VALUE;
  1819 
  1820     return session->cryptotech[PEP_crypt_OpenPGP].contains_priv_key(session, fpr, has_private);
  1821 }
  1822 
  1823 PEP_STATUS add_mistrusted_key(PEP_SESSION session, const char* fpr)
  1824 {
  1825     int result;
  1826 
  1827     assert(!EMPTYSTR(fpr));
  1828     
  1829     if (!(session) || EMPTYSTR(fpr))
  1830         return PEP_ILLEGAL_VALUE;
  1831 
  1832     sqlite3_reset(session->add_mistrusted_key);
  1833     sqlite3_bind_text(session->add_mistrusted_key, 1, fpr, -1,
  1834             SQLITE_STATIC);
  1835 
  1836     result = sqlite3_step(session->add_mistrusted_key);
  1837     sqlite3_reset(session->add_mistrusted_key);
  1838 
  1839     if (result != SQLITE_DONE)
  1840         return PEP_CANNOT_SET_PGP_KEYPAIR; // FIXME: Better status?
  1841 
  1842     return PEP_STATUS_OK;
  1843 }
  1844 
  1845 PEP_STATUS delete_mistrusted_key(PEP_SESSION session, const char* fpr)
  1846 {
  1847     int result;
  1848 
  1849     assert(!EMPTYSTR(fpr));
  1850     
  1851     if (!(session) || EMPTYSTR(fpr))
  1852         return PEP_ILLEGAL_VALUE;
  1853 
  1854     sqlite3_reset(session->delete_mistrusted_key);
  1855     sqlite3_bind_text(session->delete_mistrusted_key, 1, fpr, -1,
  1856             SQLITE_STATIC);
  1857 
  1858     result = sqlite3_step(session->delete_mistrusted_key);
  1859     sqlite3_reset(session->delete_mistrusted_key);
  1860 
  1861     if (result != SQLITE_DONE)
  1862         return PEP_UNKNOWN_ERROR; // FIXME: Better status?
  1863 
  1864     return PEP_STATUS_OK;
  1865 }
  1866 
  1867 PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr,
  1868                              bool* mistrusted)
  1869 {
  1870     PEP_STATUS status = PEP_STATUS_OK;
  1871 
  1872     assert(session);
  1873     assert(!EMPTYSTR(fpr));
  1874 
  1875     if (!(session && fpr))
  1876         return PEP_ILLEGAL_VALUE;
  1877 
  1878     *mistrusted = false;
  1879 
  1880     sqlite3_reset(session->is_mistrusted_key);
  1881     sqlite3_bind_text(session->is_mistrusted_key, 1, fpr, -1, SQLITE_STATIC);
  1882 
  1883     int result;
  1884 
  1885     result = sqlite3_step(session->is_mistrusted_key);
  1886     switch (result) {
  1887     case SQLITE_ROW:
  1888         *mistrusted = sqlite3_column_int(session->is_mistrusted_key, 0);
  1889         status = PEP_STATUS_OK;
  1890         break;
  1891 
  1892     default:
  1893         status = PEP_UNKNOWN_ERROR;
  1894     }
  1895 
  1896     sqlite3_reset(session->is_mistrusted_key);
  1897     return status;
  1898 }
  1899 
  1900 #ifdef USE_GPG
  1901 PEP_STATUS pgp_find_trusted_private_keys(
  1902         PEP_SESSION session, stringlist_t **keylist
  1903     );
  1904 
  1905 enum _pgp_thing {
  1906     _pgp_none = 0,
  1907     _pgp_fpr,
  1908     _pgp_email,
  1909     _pgp_name
  1910 };
  1911 
  1912 static enum _pgp_thing _pgp_thing_next(enum _pgp_thing thing)
  1913 {
  1914     switch (thing) {
  1915         case _pgp_fpr:
  1916             return _pgp_email;
  1917         case _pgp_email:
  1918             return _pgp_name;
  1919         case _pgp_name:
  1920             return _pgp_fpr;
  1921         default:
  1922             return _pgp_fpr;
  1923     }
  1924 }
  1925 
  1926 PEP_STATUS pgp_import_ultimately_trusted_keypairs(PEP_SESSION session) {
  1927     assert(session);
  1928     if (!session)
  1929         return PEP_ILLEGAL_VALUE;
  1930 
  1931     stringlist_t* priv_keylist = NULL;
  1932     PEP_STATUS status = PEP_STATUS_OK;
  1933 
  1934     // 1. get keys
  1935     status = pgp_find_trusted_private_keys(session, &priv_keylist);
  1936     if (status)
  1937         return status;
  1938 
  1939     pEp_identity *identity = NULL;
  1940     stringlist_t *_sl;
  1941 	
  1942     char *fpr = NULL;
  1943     enum _pgp_thing thing = _pgp_none;
  1944     for (_sl = priv_keylist; _sl && _sl->value; _sl = _sl->next) {
  1945         thing = _pgp_thing_next(thing);
  1946         switch (thing) {
  1947             case _pgp_fpr:
  1948                 identity = new_identity(NULL, NULL, PEP_OWN_USERID, NULL);
  1949                 if (!identity)
  1950                     status = PEP_OUT_OF_MEMORY;
  1951                 identity->me = true;
  1952                 fpr = strdup(_sl->value);
  1953                 assert(fpr);
  1954                 if (!fpr) {
  1955                     status = PEP_OUT_OF_MEMORY;
  1956                     free_identity(identity);
  1957                 }
  1958                 break;
  1959             case _pgp_email:
  1960                 assert(identity);
  1961                 identity->address = strdup(_sl->value);
  1962                 assert(identity->address);
  1963                 if (!identity->address) {
  1964                     status = PEP_OUT_OF_MEMORY;
  1965                     free_identity(identity);
  1966                 }
  1967                 break;
  1968             case _pgp_name:
  1969                 assert(identity);
  1970                 identity->username = strdup(_sl->value);
  1971                 assert(identity->username);
  1972                 if (!identity->username)
  1973                     status = PEP_OUT_OF_MEMORY;
  1974                 else
  1975                     status = set_own_key(session, identity, fpr);
  1976                 free_identity(identity);
  1977                 identity = NULL;
  1978                 break;
  1979             default:
  1980                 assert(0);
  1981                 free_identity(identity);
  1982                 status = PEP_UNKNOWN_ERROR;
  1983         }
  1984         if (status)
  1985             break;
  1986     }
  1987     
  1988     free_stringlist(priv_keylist);
  1989     return status;
  1990 }
  1991 #endif // USE_GPG