Attach_own_key also attach revoke for some time after revocation
authorEdouard Tisserant
Sat, 28 May 2016 23:33:09 +0200
changeset 6947e236f95f1e4
parent 693 45ac944f2b2e
child 695 b8d403779089
Attach_own_key also attach revoke for some time after revocation
src/keymanagement.c
src/message_api.c
src/pEpEngine.c
src/pEpEngine.h
     1.1 --- a/src/keymanagement.c	Sat May 28 15:42:49 2016 +0200
     1.2 +++ b/src/keymanagement.c	Sat May 28 23:33:09 2016 +0200
     1.3 @@ -396,6 +396,9 @@
     1.4              free_stringlist(keylist);
     1.5              return PEP_UNKNOWN_ERROR;
     1.6          }
     1.7 +        
     1.8 +        // TODO if revoked re-created , store in revoke_keys
     1.9 +        
    1.10      }
    1.11      else
    1.12      {
     2.1 --- a/src/message_api.c	Sat May 28 15:42:49 2016 +0200
     2.2 +++ b/src/message_api.c	Sat May 28 23:33:09 2016 +0200
     2.3 @@ -863,12 +863,32 @@
     2.4          update_identity(session, msg->from);
     2.5  }
     2.6  
     2.7 -void attach_own_key(PEP_SESSION session, message *msg)
     2.8 +
     2.9 +PEP_STATUS _attach_key(PEP_SESSION session, const char* fpr, message *msg)
    2.10  {
    2.11      char *keydata;
    2.12      size_t size;
    2.13      bloblist_t *bl;
    2.14  
    2.15 +    PEP_STATUS status = export_key(session, fpr, &keydata, &size);
    2.16 +    assert(status == PEP_STATUS_OK);
    2.17 +    if (status != PEP_STATUS_OK)
    2.18 +        return status;
    2.19 +    assert(size);
    2.20 +    
    2.21 +    bl = bloblist_add(msg->attachments, keydata, size, "application/pgp-keys",
    2.22 +                      "pEpkey.asc");
    2.23 +    
    2.24 +    if (msg->attachments == NULL && bl)
    2.25 +        msg->attachments = bl;
    2.26 +
    2.27 +    return PEP_STATUS_OK;
    2.28 +}
    2.29 +
    2.30 +#define ONE_WEEK (7*24*3600)
    2.31 +
    2.32 +void attach_own_key(PEP_SESSION session, message *msg)
    2.33 +{
    2.34      assert(session);
    2.35      assert(msg);
    2.36  
    2.37 @@ -879,16 +899,24 @@
    2.38      if (msg->from == NULL || msg->from->fpr == NULL)
    2.39          return;
    2.40  
    2.41 -    PEP_STATUS status = export_key(session, msg->from->fpr, &keydata, &size);
    2.42 -    assert(status == PEP_STATUS_OK);
    2.43 -    if (status != PEP_STATUS_OK)
    2.44 +    if(_attach_key(session, msg->from->fpr, msg) != PEP_STATUS_OK)
    2.45          return;
    2.46 -    assert(size);
    2.47 -
    2.48 -    bl = bloblist_add(msg->attachments, keydata, size, "application/pgp-keys",
    2.49 -            "pEpkey.asc");
    2.50 -    if (msg->attachments == NULL && bl)
    2.51 -        msg->attachments = bl;
    2.52 +    
    2.53 +    char *revoked_fpr = NULL;
    2.54 +    uint64_t revocation_date = 0;
    2.55 +    
    2.56 +    if(get_revoked(session, msg->from->fpr,
    2.57 +                   &revoked_fpr, &revocation_date) == PEP_STATUS_OK &&
    2.58 +       revoked_fpr != NULL)
    2.59 +    {
    2.60 +        time_t now = time(NULL);
    2.61 +        
    2.62 +        if (now < (time_t)revocation_date + ONE_WEEK)
    2.63 +        {
    2.64 +            _attach_key(session, revoked_fpr, msg);
    2.65 +        }
    2.66 +    }
    2.67 +    free(revoked_fpr);
    2.68  }
    2.69  
    2.70  PEP_cryptotech determine_encryption_format(message *msg)
     3.1 --- a/src/pEpEngine.c	Sat May 28 15:42:49 2016 +0200
     3.2 +++ b/src/pEpEngine.c	Sat May 28 23:33:09 2016 +0200
     3.3 @@ -1219,6 +1219,23 @@
     3.4              expired);
     3.5  }
     3.6  
     3.7 +DYNAMIC_API PEP_STATUS key_revoked(
     3.8 +                                   PEP_SESSION session,
     3.9 +                                   const char *fpr,
    3.10 +                                   bool *revoked
    3.11 +                                   )
    3.12 +{
    3.13 +    assert(session);
    3.14 +    assert(fpr);
    3.15 +    assert(revoked);
    3.16 +    
    3.17 +    if (!(session && fpr && revoked))
    3.18 +        return PEP_ILLEGAL_VALUE;
    3.19 +    
    3.20 +    return session->cryptotech[PEP_crypt_OpenPGP].key_revoked(session, fpr,
    3.21 +                                                              revoked);
    3.22 +}
    3.23 +
    3.24  static void _clean_log_value(char *text)
    3.25  {
    3.26      if (text) {
     4.1 --- a/src/pEpEngine.h	Sat May 28 15:42:49 2016 +0200
     4.2 +++ b/src/pEpEngine.h	Sat May 28 23:33:09 2016 +0200
     4.3 @@ -710,6 +710,20 @@
     4.4          bool *expired
     4.5      );
     4.6  
     4.7 +    
     4.8 +// key_revoked() - flags if a key is already revoked
     4.9 +//
    4.10 +//  parameters:
    4.11 +//      session (in)            session handle
    4.12 +//      fpr (in)                ID of key to check as UTF-8 string
    4.13 +//      revoked (out)           flag if key revoked
    4.14 +
    4.15 +DYNAMIC_API PEP_STATUS key_revoked(
    4.16 +        PEP_SESSION session,
    4.17 +        const char *fpr,
    4.18 +        bool *revoked
    4.19 +    );
    4.20 +
    4.21  
    4.22  // get_crashdump_log() - get the last log messages out
    4.23  //
    4.24 @@ -781,6 +795,15 @@
    4.25          int32_t *value
    4.26      );
    4.27  
    4.28 +    
    4.29 +// set_revoked() - records relation between a revoked key and its replacement
    4.30 +//
    4.31 +//  parameters:
    4.32 +//      session (in)            session handle
    4.33 +//      revoked_fpr (in)        revoked fingerprint
    4.34 +//      replacement_fpr (in)    replacement key fingerprint
    4.35 +//      revocation_date (in)    revocation date
    4.36 +
    4.37  DYNAMIC_API PEP_STATUS set_revoked(
    4.38         PEP_SESSION session,
    4.39         const char *revoked_fpr,
    4.40 @@ -788,6 +811,14 @@
    4.41         const uint64_t revocation_date
    4.42      );
    4.43  
    4.44 +// get_revoked() - find revoked key that may have been replaced by given key, if any
    4.45 +//
    4.46 +//  parameters:
    4.47 +//      session (in)            session handle
    4.48 +//      fpr (in)                given fingerprint
    4.49 +//      revoked_fpr (out)       revoked fingerprint
    4.50 +//      revocation_date (out)   revocation date
    4.51 +    
    4.52  DYNAMIC_API PEP_STATUS get_revoked(
    4.53          PEP_SESSION session,
    4.54          const char *fpr,