update_identity() into pEpComAdapter
authorvb
Wed, 30 Jul 2014 16:02:49 +0200
changeset 941e66a54f03e
parent 8 26cc9f0228f4
child 10 ead888e73384
update_identity() into pEpComAdapter
get_key_rating() added
src/pEpEngine.c
src/pEpEngine.h
test/pEpEngineTest.cc
     1.1 --- a/src/pEpEngine.c	Fri Jul 11 17:43:11 2014 +0200
     1.2 +++ b/src/pEpEngine.c	Wed Jul 30 16:02:49 2014 +0200
     1.3 @@ -1921,4 +1921,101 @@
     1.4  
     1.5      sqlite3_reset(_session->get_trust);
     1.6      return status;
     1.7 +}
     1.8 +
     1.9 +DYNAMIC_API PEP_STATUS get_key_rating(
    1.10 +    PEP_SESSION session,
    1.11 +    const char *fpr,
    1.12 +    PEP_comm_type *comm_type
    1.13 +    )
    1.14 +{
    1.15 +    pEpSession *_session = (pEpSession *) session;
    1.16 +    PEP_STATUS status = PEP_STATUS_OK;
    1.17 +    gpgme_error_t gpgme_error;
    1.18 +    gpgme_key_t key;
    1.19 +
    1.20 +    assert(session);
    1.21 +    assert(fpr);
    1.22 +    assert(comm_type);
    1.23 +    
    1.24 +    *comm_type = PEP_ct_unknown;
    1.25 +
    1.26 +    gpgme_error = _session->gpgme_op_keylist_start(_session->ctx, fpr, 0);
    1.27 +    switch (gpgme_error) {
    1.28 +    case GPG_ERR_NO_ERROR:
    1.29 +        break;
    1.30 +    case GPG_ERR_INV_VALUE:
    1.31 +        assert(0);
    1.32 +        return PEP_UNKNOWN_ERROR;
    1.33 +    default:
    1.34 +        return PEP_GET_KEY_FAILED;
    1.35 +    };
    1.36 +
    1.37 +    gpgme_error = _session->gpgme_op_keylist_next(_session->ctx, &key);
    1.38 +    assert(gpgme_error != GPG_ERR_INV_VALUE);
    1.39 +
    1.40 +    switch (key->protocol) {
    1.41 +    case GPGME_PROTOCOL_OpenPGP:
    1.42 +    case GPGME_PROTOCOL_DEFAULT:
    1.43 +        *comm_type = PEP_ct_OpenPGP_unconfirmed;
    1.44 +        break;
    1.45 +    case GPGME_PROTOCOL_CMS:
    1.46 +        *comm_type = PEP_ct_CMS_unconfirmed;
    1.47 +        break;
    1.48 +    default:
    1.49 +        *comm_type = PEP_ct_unknown;
    1.50 +        _session->gpgme_op_keylist_end(_session->ctx);
    1.51 +        return PEP_STATUS_OK;
    1.52 +    }
    1.53 +
    1.54 +    switch (gpgme_error) {
    1.55 +    case GPG_ERR_EOF:
    1.56 +        break;
    1.57 +    case GPG_ERR_NO_ERROR:
    1.58 +        assert(key);
    1.59 +        assert(key->subkeys);
    1.60 +        for (gpgme_subkey_t sk = key->subkeys; sk != NULL; sk = sk->next) {
    1.61 +            if (sk->length < 1024)
    1.62 +                *comm_type = PEP_ct_key_too_short;
    1.63 +            else if (
    1.64 +                (
    1.65 +                       (sk->pubkey_algo == GPGME_PK_RSA)
    1.66 +                    || (sk->pubkey_algo == GPGME_PK_RSA_E)
    1.67 +                    || (sk->pubkey_algo == GPGME_PK_RSA_S)
    1.68 +                )
    1.69 +                && sk->length == 1024
    1.70 +            )
    1.71 +                *comm_type = PEP_ct_OpenPGP_1024_RSA_unconfirmed;
    1.72 +
    1.73 +            if (sk->invalid) {
    1.74 +                *comm_type = PEP_ct_key_b0rken;
    1.75 +                break;
    1.76 +            }
    1.77 +            if (sk->expired) {
    1.78 +                *comm_type = PEP_ct_key_expired;
    1.79 +                break;
    1.80 +            }
    1.81 +            if (sk->revoked) {
    1.82 +                *comm_type = PEP_ct_key_revoked;
    1.83 +                break;
    1.84 +            }
    1.85 +        }
    1.86 +        break;
    1.87 +    case GPG_ERR_ENOMEM:
    1.88 +        _session->gpgme_op_keylist_end(_session->ctx);
    1.89 +        return PEP_OUT_OF_MEMORY;
    1.90 +    default:
    1.91 +        // BUG: GPGME returns an illegal value instead of GPG_ERR_EOF after
    1.92 +        // reading first key
    1.93 +#ifndef NDEBUG
    1.94 +        fprintf(stderr, "warning: unknown result 0x%x of"
    1.95 +            " gpgme_op_keylist_next()\n", gpgme_error);
    1.96 +#endif
    1.97 +        gpgme_error = GPG_ERR_EOF;
    1.98 +        break;
    1.99 +    };
   1.100 +
   1.101 +    _session->gpgme_op_keylist_end(_session->ctx);
   1.102 +
   1.103 +    return status;
   1.104  }
   1.105 \ No newline at end of file
     2.1 --- a/src/pEpEngine.h	Fri Jul 11 17:43:11 2014 +0200
     2.2 +++ b/src/pEpEngine.h	Wed Jul 30 16:02:49 2014 +0200
     2.3 @@ -321,32 +321,45 @@
     2.4  
     2.5  
     2.6  typedef enum _PEP_comm_type {
     2.7 -	PEP_ct_unknown = 0,
     2.8 +    PEP_ct_unknown = 0,
     2.9  
    2.10 -	// range 0x01 to 0x0f: no encryption or nothing reasonable
    2.11 +    // range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
    2.12  
    2.13 -	PEP_ct_no_encryption = 0x01,                // generic
    2.14 -	PEP_ct_key_too_short = 0x02,                // key too short to talk
    2.15 -                                                // about encryption
    2.16 +    PEP_ct_no_encryption = 0x01,                // generic
    2.17 +    PEP_ct_no_encrypted_channel = 0x02,
    2.18 +    PEP_ct_key_not_found = 0x03,
    2.19 +    PEP_ct_key_expired = 0x04,
    2.20 +    PEP_ct_key_revoked = 0x05,
    2.21 +    PEP_ct_key_b0rken = 0x06,
    2.22 +    PEP_ct_my_key_not_included = 0x09,
    2.23 +
    2.24 +    PEP_ct_security_by_obscurity = 0x0a,
    2.25 +    PEP_ct_b0rken_crypto = 0x0b,
    2.26 +    PEP_ct_key_too_short = 0x0e,
    2.27 +
    2.28      PEP_ct_compromized = 0x0f,                  // known compromized connection
    2.29  
    2.30 -	// range 0x10 to 0x3f: unconfirmed encryption
    2.31 +    // range 0x10 to 0x3f: unconfirmed encryption
    2.32  
    2.33      PEP_ct_unconfirmed_encryption = 0x10,       // generic
    2.34 -	PEP_ct_OpenPGP_1024_RSA_unconfirmed = 0x11,	// RSA 1024 is weak
    2.35 -	PEP_ct_OpenPGP_unconfirmed = 0x3f,          // key at least 2048 bit RSA
    2.36 -                                                // or 1024 bit DSA
    2.37 +    PEP_ct_OpenPGP_1024_RSA_unconfirmed = 0x11,	// RSA 1024 is weak
    2.38 +    PEP_ct_CMS_unconfirmed = 0x30,
    2.39 +    PEP_ct_OpenPGP_unconfirmed = 0x3f,          // key at least 2048 bit RSA
    2.40 +    // or 1024 bit DSA
    2.41  
    2.42 -	// range 0x40 to 0x7f: unconfirmed encryption and anonymization
    2.43 +    // range 0x40 to 0x7f: unconfirmed encryption and anonymization
    2.44  
    2.45      PEP_ct_unconfirmed_enc_anon = 0x40,         // generic
    2.46 -	PEP_ct_PEP_unconfirmed = 0x7f,
    2.47 +    PEP_ct_PEP_unconfirmed = 0x7f,
    2.48  
    2.49 -	// range 0x80 to 0x8f: reserved
    2.50 -	// range 0x90 to 0xbf: confirmed encryption
    2.51 +    PEP_ct_confirmed = 0x80,                    // this bit decides if trust is confirmed
    2.52 +
    2.53 +    // range 0x81 to 0x8f: reserved
    2.54 +    // range 0x90 to 0xbf: confirmed encryption
    2.55  
    2.56      PEP_ct_confirmed_encryption = 0x90,         // generic
    2.57  	PEP_ct_OpenPGP_1024_RSA = 0x91, // RSA 1024 is weak
    2.58 +    PEP_ct_CMS = 0xb0,
    2.59  	PEP_ct_OpenPGP = 0xbf, // key at least 2048 bit RSA or 1024 bit DSA
    2.60  
    2.61      // range 0xc0 to 0xff: confirmed encryption and anonymization
    2.62 @@ -593,6 +606,20 @@
    2.63  DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
    2.64  
    2.65  
    2.66 +// get_key_rating() - get the rating a bare key has
    2.67 +//
    2.68 +//  parameters:
    2.69 +//      session (in)            session handle
    2.70 +//      fpr (in)                unique identifyer for key as UTF-8 string
    2.71 +//      comm_type (out)         key rating
    2.72 +
    2.73 +DYNAMIC_API PEP_STATUS get_key_rating(
    2.74 +    PEP_SESSION session,
    2.75 +    const char *fpr,
    2.76 +    PEP_comm_type *comm_type
    2.77 +    );
    2.78 +
    2.79 +
    2.80  #ifdef __cplusplus
    2.81  }
    2.82  #endif
     3.1 --- a/test/pEpEngineTest.cc	Fri Jul 11 17:43:11 2014 +0200
     3.2 +++ b/test/pEpEngineTest.cc	Wed Jul 30 16:02:49 2014 +0200
     3.3 @@ -127,7 +127,9 @@
     3.4      assert(verify_result == PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH);
     3.5      free_stringlist(keylist);
     3.6  
     3.7 -    keylist = new_stringlist("FA7261F7");
     3.8 +    keylist = new_stringlist("49422235FC99585B891C66530C7B109BFA7261F7");
     3.9 +    // stringlist_add(keylist, "C6FAA231A2B43252B9526D119550C6B6B8B0FCD6");
    3.10 +    stringlist_add(keylist, "5DC8CAC595EDAD6598DD4732DD55BF29DF9B1541");
    3.11  
    3.12      cout << "\ncalling encrypt_and_sign()\n";
    3.13      PEP_STATUS encrypt_result = encrypt_and_sign(session, keylist, plain.c_str(), plain.length(), &buf_text, &buf_size);
    3.14 @@ -258,6 +260,11 @@
    3.15      PEP_STATUS send_key_status = send_key(session, "vb@ulm.ccc.de");
    3.16      assert(recv_key_status == PEP_STATUS_OK);
    3.17  
    3.18 +    PEP_comm_type tcomm_type;
    3.19 +    PEP_STATUS tstatus = get_key_rating(session, "49422235FC99585B891C66530C7B109BFA7261F7", &tcomm_type);
    3.20 +    assert(tstatus == PEP_STATUS_OK);
    3.21 +    assert(tcomm_type == PEP_ct_OpenPGP_unconfirmed);
    3.22 +    
    3.23  	cout << "\ncalling release()\n";
    3.24  	release(session);
    3.25  	return 0;