ENGINE-183 remove session.use_only_own_private_keys, and add existing priv keys to own_keys table at initial startup. Also added fpr from own_keys to own_key_is_listed, influencing result of ellect_own_key. ENGINE-183
authorEdouard Tisserant <edouard@pep-project.org>
Sun, 07 May 2017 13:45:04 +0200
branchENGINE-183
changeset 17526991834e731a
parent 1750 33b2fa2368e6
child 1757 ad2ddc7c88a5
ENGINE-183 remove session.use_only_own_private_keys, and add existing priv keys to own_keys table at initial startup. Also added fpr from own_keys to own_key_is_listed, influencing result of ellect_own_key.
src/keymanagement.c
src/keymanagement.h
src/pEpEngine.c
src/pEp_internal.h
     1.1 --- a/src/keymanagement.c	Thu May 04 16:57:23 2017 +0200
     1.2 +++ b/src/keymanagement.c	Sun May 07 13:45:04 2017 +0200
     1.3 @@ -339,19 +339,14 @@
     1.4          for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
     1.5              bool is_own = false;
     1.6              
     1.7 -            if (session->use_only_own_private_keys)
     1.8 -            {
     1.9 -                status = own_key_is_listed(session, _keylist->value, &is_own);
    1.10 -                assert(status == PEP_STATUS_OK);
    1.11 -                if (status != PEP_STATUS_OK) {
    1.12 -                    free_stringlist(keylist);
    1.13 -                    return status;
    1.14 -                }
    1.15 +            status = own_key_is_listed(session, _keylist->value, &is_own);
    1.16 +            assert(status == PEP_STATUS_OK);
    1.17 +            if (status != PEP_STATUS_OK) {
    1.18 +                free_stringlist(keylist);
    1.19 +                return status;
    1.20              }
    1.21 -
    1.22 -            // TODO : also accept synchronized device group keys ?
    1.23              
    1.24 -            if (!session->use_only_own_private_keys || is_own)
    1.25 +            if (is_own)
    1.26              {
    1.27                  PEP_comm_type _comm_type_key;
    1.28                  
    1.29 @@ -543,16 +538,7 @@
    1.30      {
    1.31          status = key_revoked(session, identity->fpr, &revoked);
    1.32  
    1.33 -        // Forces re-election if key is missing and own-key-only not forced
    1.34 -        if (!session->use_only_own_private_keys && status == PEP_KEY_NOT_FOUND) 
    1.35 -        {
    1.36 -            status = elect_ownkey(session, identity);
    1.37 -            assert(status == PEP_STATUS_OK);
    1.38 -            if (status != PEP_STATUS_OK) {
    1.39 -                return status;
    1.40 -            }
    1.41 -        } 
    1.42 -        else if (status != PEP_STATUS_OK) 
    1.43 +        if (status != PEP_STATUS_OK) 
    1.44          {
    1.45              return status;
    1.46          }
     2.1 --- a/src/keymanagement.h	Thu May 04 16:57:23 2017 +0200
     2.2 +++ b/src/keymanagement.h	Sun May 07 13:45:04 2017 +0200
     2.3 @@ -235,6 +235,12 @@
     2.4          stringlist_t **keylist
     2.5        );
     2.6  
     2.7 +DYNAMIC_API PEP_STATUS set_own_key(
     2.8 +       PEP_SESSION session,
     2.9 +       const char *address,
    2.10 +       const char *fpr
    2.11 +    );
    2.12 +
    2.13  #ifdef __cplusplus
    2.14  }
    2.15  #endif
     3.1 --- a/src/pEpEngine.c	Thu May 04 16:57:23 2017 +0200
     3.2 +++ b/src/pEpEngine.c	Sun May 07 13:45:04 2017 +0200
     3.3 @@ -136,7 +136,11 @@
     3.4      " union "
     3.5      "  select main_key_id from identity "
     3.6      "   where main_key_id = upper(replace(?1,' ',''))"
     3.7 -    "    and user_id = '" PEP_OWN_USERID "' );";
     3.8 +    "    and user_id = '" PEP_OWN_USERID "' "
     3.9 +    " union "
    3.10 +    "  select fpr from own_key "
    3.11 +    "   where fpr = upper(replace(?1,' ',''))"
    3.12 +    " );";
    3.13  
    3.14  static const char *sql_own_identities_retrieve =  
    3.15      "select address, fpr, username, "
    3.16 @@ -209,6 +213,7 @@
    3.17      int int_result;
    3.18      
    3.19      bool in_first = false;
    3.20 +    bool very_first = false;
    3.21  
    3.22      assert(sqlite3_threadsafe());
    3.23      if (!sqlite3_threadsafe())
    3.24 @@ -462,6 +467,11 @@
    3.25                  assert(int_result == SQLITE_OK);
    3.26              }
    3.27          }
    3.28 +        else { 
    3.29 +            // Version from DB was 0, it means this is initial setup.
    3.30 +            // DB has just been created, and all tables are empty.
    3.31 +            very_first = true;
    3.32 +        }
    3.33  
    3.34          if (version < atoi(_DDL_USER_VERSION)) {
    3.35              int_result = sqlite3_exec(
    3.36 @@ -475,7 +485,6 @@
    3.37              );
    3.38              assert(int_result == SQLITE_OK);
    3.39          }
    3.40 -
    3.41      }
    3.42  
    3.43      int_result = sqlite3_prepare_v2(_session->db, sql_log,
    3.44 @@ -635,11 +644,44 @@
    3.45      // runtime config
    3.46  
    3.47  #ifdef ANDROID
    3.48 -    _session->use_only_own_private_keys = true;
    3.49  #elif TARGET_OS_IPHONE
    3.50 -    _session->use_only_own_private_keys = true;
    3.51 -#else
    3.52 -    _session->use_only_own_private_keys = false;
    3.53 +#else /* Desktop */
    3.54 +    if (very_first)
    3.55 +    {
    3.56 +        // On first run, all private keys already present in PGP keyring 
    3.57 +        // are taken as own in order to seamlessly integrate with
    3.58 +        // pre-existing GPG setup.
    3.59 +
    3.60 +        ////////////////////////////// WARNING: ///////////////////////////
    3.61 +        // Considering all PGP priv keys as own is dangerous in case of 
    3.62 +        // re-initialization of pEp DB, while keeping PGP keyring as-is!
    3.63 +        //
    3.64 +        // Indeed, if pEpEngine did import spoofed private keys in previous
    3.65 +        // install, then those keys become automatically trusted in case 
    3.66 +        // pEp_management.db is deleted.
    3.67 +        //
    3.68 +        // A solution to distinguish bare GPG keyring from pEp keyring is
    3.69 +        // needed here. Then keys managed by pEpEngine wouldn't be
    3.70 +        // confused with GPG keys managed by the user through GPA.
    3.71 +        ///////////////////////////////////////////////////////////////////
    3.72 +        
    3.73 +        stringlist_t *keylist = NULL;
    3.74 +
    3.75 +        status = find_private_keys(_session, "", &keylist);
    3.76 +        assert(status != PEP_OUT_OF_MEMORY);
    3.77 +        if (status == PEP_OUT_OF_MEMORY)
    3.78 +            return PEP_OUT_OF_MEMORY;
    3.79 +        
    3.80 +        if (keylist != NULL && keylist->value != NULL)
    3.81 +        {
    3.82 +            stringlist_t *_keylist;
    3.83 +            for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
    3.84 +                status = set_own_key(_session, 
    3.85 +                                     "" /* address is unused in own_keys */,
    3.86 +                                     _keylist->value);
    3.87 +            }
    3.88 +        }
    3.89 +    }
    3.90  #endif
    3.91  
    3.92      // sync_session set to own session by default
    3.93 @@ -765,13 +807,6 @@
    3.94      session->unencrypted_subject = enable;
    3.95  }
    3.96  
    3.97 -DYNAMIC_API void config_use_only_own_private_keys(PEP_SESSION session,
    3.98 -        bool enable)
    3.99 -{
   3.100 -    assert(session);
   3.101 -    session->use_only_own_private_keys = enable;
   3.102 -}
   3.103 -
   3.104  DYNAMIC_API void config_keep_sync_msg(PEP_SESSION session, bool enable)
   3.105  {
   3.106      assert(session);
     4.1 --- a/src/pEp_internal.h	Thu May 04 16:57:23 2017 +0200
     4.2 +++ b/src/pEp_internal.h	Sun May 07 13:45:04 2017 +0200
     4.3 @@ -159,7 +159,6 @@
     4.4  
     4.5      bool passive_mode;
     4.6      bool unencrypted_subject;
     4.7 -    bool use_only_own_private_keys;
     4.8      bool keep_sync_msg;
     4.9      
    4.10  };