not finished. as far as I got today. for tm generate_api
authornk
Thu, 21 Feb 2019 18:04:35 +0100
branchgenerate_api
changeset 33029bcfd8ff14a9
parent 3298 9b65e15820d5
child 3303 428f0be3c283
child 3308 9e14e43ad5ba
not finished. as far as I got today. for tm
api/keymanagement_api.yml2
api/message_api.yml2
     1.1 --- a/api/keymanagement_api.yml2	Fri Feb 15 15:16:43 2019 +0100
     1.2 +++ b/api/keymanagement_api.yml2	Thu Feb 21 18:04:35 2019 +0100
     1.3 @@ -7,3 +7,213 @@
     1.4  // written by Volker Birk
     1.5  
     1.6  
     1.7 +protocol session {
     1.8 +	method update_identity
     1.9 +		doc="update identity information"
    1.10 +	{
    1.11 +	// parms
    1.12 +
    1.13 +	supply identity identity
    1.14 +	doc="""
    1.15 +		identity information of communication partner
    1.16 +		(identity->fpr is OUT ONLY), and at least
    1.17 +		.address must be set. 
    1.18 +		If .username is set, it will be used to set or patch
    1.19 +		the username record for this identity.
    1.20 +		at least identity->address must be a non-empty UTF-8 string as input
    1.21 +		update_identity() never writes flags; use set_identity_flags() for
    1.22 +		writing
    1.23 +		this function NEVER reads the incoming fpr, only writes to it.
    1.24 +		this function will fail if called on an identity which, with its input
    1.25 +		values, *explicitly* indicates it is an own identity (i.e. .me is set
    1.26 +		to true on input, or a user_id is given AND it is a known own user_id).
    1.27 +		however, it can RETURN an own identity if this is not indicated a
    1.28 +		priori, and in fact will do so with prejudice when not faced with a
    1.29 +		matching default (i.e. it is forced to search by address only).
    1.30 +		if the identity is known to be an own identity (or the caller wishes
    1.31 +		to make it one), call myself() on the identity instead.
    1.32 +
    1.33 +		FIXME: is this next point accurate?
    1.34 +		if this function returns PEP_ct_unknown or PEP_ct_key_expired in
    1.35 +		identity->comm_type, the caller must insert the identity into the
    1.36 +		asynchronous management implementation, so retrieve_next_identity()
    1.37 +		will return this identity later
    1.38 +		END FIXME
    1.39 +		"""
    1.40 +
    1.41 +		// exceptions
    1.42 +
    1.43 +		throws illegal_value
    1.44 +			doc="""
    1.45 +				if called with illegal inputs, including an identity
    1.46 +				with .me set or with an own user_id specified in the
    1.47 +				*input* (see caveats)
    1.48 +				""";
    1.49 +
    1.50 +		throws key_unsuitable
    1.51 +			doc="""
    1.52 +				if a default key was found for this identity, no
    1.53 +				other acceptable keys were found; if this is returned,
    1.54 +				the reason for rejecting the first default key found
    1.55 +				may be found in the comm_type
    1.56 +				"""
    1.57 +	}
    1.58 +
    1.59 +
    1.60 +	method initialise_own_identities
    1.61 +		doc="ensures that an own identity is complete"
    1.62 +	{
    1.63 +	// parms
    1.64 +	
    1.65 +	supply identity_list my_idents
    1.66 +	doc="""
    1.67 +		identities of local user to quick-set
    1.68 +		For these, at least .address must be set.
    1.69 +		if no .user_id is set, AND the DB doesn't contain
    1.70 +		a default user_id, own_userid will be used and
    1.71 +		become the perennial default for the DB.
    1.72 +		
    1.73 +		This function does NOT generate keypairs. It is intended to
    1.74 +		precede running of the engine on actual messages. It effectively
    1.75 +		behaves like myself(), but when there would normally be key generation
    1.76 +		(when there is no valid key, for example),
    1.77 +		it instead stores an identity without keys.
    1.78 +
    1.79 +		N.B. to adapter devs - this function is likely unnecessary, so please
    1.80 +		do not put work into exposing it yet. Tickets will be filed if need be.
    1.81 +		"""
    1.82 +	}
    1.83 +
    1.84 +
    1.85 +	method myself
    1.86 +		doc="ensures that an own identity is complete"
    1.87 +	{
    1.88 +	// parms
    1.89 +
    1.90 +	supply identity identity
    1.91 +	doc="""
    1.92 +		identity of local user
    1.93 +		both .address and .user_id must be set.
    1.94 +		if .fpr is set, an attempt will be made to make
    1.95 +		that the default key for this identity after key validation
    1.96 +		if .fpr is not set, key retrieval is performed.
    1.97 +		If .username is set, it will be used to set or patch
    1.98 +		the username record for this identity. 
    1.99 + 
   1.100 +		If an fpr was entered and is not a valid key, the reason for failure
   1.101 +		is immediately returned in the status and, possibly, identity->comm_type
   1.102 +		If a default own user_id exists in the database, an alias will 
   1.103 +		be created for the default for the input user_id. The ENGINE'S default
   1.104 +		user_id is always returned in the .user_id field
   1.105 +		myself() NEVER elects keys from the keyring; it will only choose keys
   1.106 +		which have been set up explicitly via myself(), or which were imported
   1.107 +		during a first time DB setup from an OpenPGP keyring (compatibility only) 
   1.108 +		this function generates a keypair on demand; because it's synchronous
   1.109 +		it can need a decent amount of time to return
   1.110 +		if you need to do this asynchronous, you need to return an identity
   1.111 +		with retrieve_next_identity() where identity.me is true.
   1.112 +		"""
   1.113 +	}
   1.114 +
   1.115 +	method retrieve_next_identity
   1.116 +		doc="callback being called by do_keymanagement"
   1.117 +	{
   1.118 +	// parms
   1.119 +
   1.120 +XXXXXX
   1.121 +
   1.122 +	method examine_identity
   1.123 +		doc="callback for appending to queue"
   1.124 +	{
   1.125 +	// parms
   1.126 +
   1.127 +XXXX
   1.128 +
   1.129 +	method register_examine_function
   1.130 +		doc="register examine_identity() callback"
   1.131 +	{
   1.132 +	//parms
   1.133 +
   1.134 +	provide?? examine_identity?? examine_identity doc="examine_identity() function to register";
   1.135 +
   1.136 +	provide void management doc="data structure to deliver (implementation defined)"
   1.137 +
   1.138 +XXX?
   1.139 +// do_keymanagement() - function to be run on an extra thread
   1.140 +//
   1.141 +//  parameters:
   1.142 +//      retrieve_next_identity (in) pointer to retrieve_next_identity()
   1.143 +//                                  callback which returns at least a valid
   1.144 +//                                  address field in the identity struct
   1.145 +//
   1.146 +//  return value:
   1.147 +//      PEP_STATUS_OK if thread has to terminate successfully or any other
   1.148 +//      value on failure
   1.149 +//
   1.150 +//  caveat:
   1.151 +//      to ensure proper working of this library, a thread has to be started
   1.152 +//      with this function immediately after initialization
   1.153 +//
   1.154 +//      do_keymanagement() calls retrieve_next_identity(management)
   1.155 +//
   1.156 +//      messageToSend can only be null if no transport is application based
   1.157 +//      if transport system is not used it must not be NULL
   1.158 +DYNAMIC_API PEP_STATUS do_keymanagement(
   1.159 +        retrieve_next_identity_t retrieve_next_identity,
   1.160 +        void *management
   1.161 +
   1.162 +
   1.163 +	method key_mistrusted
   1.164 +		doc="mark key as being compromised"
   1.165 +	{
   1.166 +	//parms
   1.167 +
   1.168 +	use identity ident
   1.169 +	doc="""
   1.170 +		person and key which was compromised
   1.171 +		ident is INPUT ONLY. If you want updated trust on the identity, you'll have
   1.172 +		to call update_identity or myself respectively after this.
   1.173 +		N.B. If you are calling this on a key that is the identity or user default,
   1.174 +		it will be removed as the default key for ANY identity and user for which
   1.175 +		it is the default. Please keep in mind that the undo in undo_last_mistrust
   1.176 +		will only undo the current identity's / it's user's default, not any
   1.177 +		other identities which may be impacted (this will not affect most use
   1.178 +		cases)
   1.179 +		"""
   1.180 +	}
   1.181 +
   1.182 +
   1.183 +	method trust_personal_key
   1.184 +		doc="mark a key as trusted for a user"
   1.185 +	{
   1.186 +	// parms
   1.187 +
   1.188 +	ident (in)          person and key to trust in - this must not be an
   1.189 +//                          own_identity in which the .me flag is set or
   1.190 +//                          the user_id is an own user_id.
   1.191 +//
   1.192 +//  caveat:
   1.193 +//      the fields user_id, address and fpr must be supplied
   1.194 +//      own identities will result in a return of PEP_ILLEGAL_VALUE.
   1.195 +//      for non-own users, this will 1) set the trust bit on its comm type in the DB,
   1.196 +//      2) set this key as the identity default if the current identity default
   1.197 +//      is not trusted, and 3) set this key as the user default if the current
   1.198 +//      user default is not trusted.
   1.199 +
   1.200 +DYNAMIC_API PEP_STATUS trust_personal_key(
   1.201 +        PEP_SESSION session,
   1.202 +        pEp_identity *ident
   1.203 +
   1.204 +
   1.205 +
   1.206 +
   1.207 +
   1.208 +
   1.209 +   
   1.210 +
   1.211 +
   1.212 +
   1.213 +
   1.214 +
   1.215 +
   1.216 +
     2.1 --- a/api/message_api.yml2	Fri Feb 15 15:16:43 2019 +0100
     2.2 +++ b/api/message_api.yml2	Thu Feb 21 18:04:35 2019 +0100
     2.3 @@ -7,6 +7,70 @@
     2.4  // written by Volker Birk
     2.5  
     2.6  
     2.7 +enum text_format {
     2.8 +	hex text_format_plain 0x0;
     2.9 +	hex text_format_html 0x01;
    2.10 +	hex text_format_other 0xff;
    2.11 +}
    2.12 +
    2.13 +
    2.14 +enum msg_direction {
    2.15 +	hex dir_incoming 0x0;
    2.16 +	hex dir_outgoing 0x01;
    2.17 +}
    2.18 +
    2.19 +
    2.20 +enum enc_format {
    2.21 +	hex enc_none 0x0 doc='message is not encrypted';
    2.22 +	hex enc_pieces 0x01 doc='inline PGP + PGP extensions';
    2.23 +	hex enc_S_MIME 0x02 doc='RFC5751';
    2.24 +	hex enc_PGP_MIME 0x04 doc='RFC3156';
    2.25 +	hex enc_PEP 0x08 doc='pEp encryption format';
    2.26 +	hex enc_PGP_MIME_Outlook1 0x10 doc='Message B0rken by Outlook type 1';
    2.27 +}
    2.28 +
    2.29 +
    2.30 +enum message_wrap_type {
    2.31 +	message_default doc='typical inner/outer message 2.0';
    2.32 +	message_transport doc='e.g. for onion layers';
    2.33 +	message_key_reset doc='for wrapped key reset information';
    2.34 +}
    2.35 +
    2.36 +
    2.37 +struct message {
    2.38 +field msg_direction dir;
    2.39 +	field string id doc='UTF-8 string of message ID';
    2.40 +	field string shortmsg doc='UTF-8 string of short message';
    2.41 +	field string longmsg doc='UTF-8 string of long message'(plain)';
    2.42 +	field string longmsg_formatted doc='UTF-8 string of long message (formatted)';
    2.43 +   	field bloblist_t attachments doc='blobs with attachements';
    2.44 +	field char rawmsg_ref doc='reference to raw message data';
    2.45 +	field size_t rawmsg_size doc='size of raw message data';
    2.46 +	field timestamp sent doc='when the message is sent';
    2.47 +	field timestamp recv doc='when the message is received';
    2.48 +	field pEp_identity from doc='whom the message is from';
    2.49 +	field identity_list to doc='whom the message is to';
    2.50 +	field pEp_identity recv_by doc='via which identity the message is received';
    2.51 +	field identity_list cc doc='whom a CC is being sent';
    2.52 +	field identity_list bcc doc='whom a BCC is being sent';
    2.53 +	field identity_list reply_to doc='where a reply should go to';
    2.54 +	field string in_reply_to doc='list of UTF-8 strings with MessageIDs of refering messages';
    2.55 +	field struct _message refering_msg_ref doc='reference to refering message';
    2.56 +	field string references doc='list of UTF-8 strings with references';
    2.57 +	field struct _message_ref_list refered_by doc='list of references to messages being refered';
    2.58 +    field string keywords doc='list of UTF-8 strings with keywords';
    2.59 +    field string char comments doc='UTF-8 string with comments';
    2.60 +    field stringpair_list_t opt_fields doc='optional fields';
    2.61 +    field enc_format enc_format doc='format of encrypted data';
    2.62 +}
    2.63 +
    2.64 +
    2.65 +struct message_ref_list {
    2.66 +    field message msg_ref doc='reference to message';
    2.67 +    field struct _message_ref_list next;
    2.68 +}
    2.69 +
    2.70 +
    2.71  protocol session {
    2.72      method encrypt_message
    2.73          doc="encrypt message in memory"
    2.74 @@ -26,9 +90,9 @@
    2.75          doc="""
    2.76              pointer to new encrypted message or #NV if no encryption could
    2.77              take place
    2.78 -            """
    2.79 +            """;
    2.80  
    2.81 -        use enc_format enc_format doc="encrypted format";
    2.82 +        use enc_format format doc="encrypted format";
    2.83  
    2.84          // flags
    2.85  
    2.86 @@ -39,19 +103,18 @@
    2.87  			flag force_no_attached_key 0x4;
    2.88  			flag inner_message 0x8 doc='This is mainly used by pEp clients to send private keys to their own PGP-only device.';
    2.89  			flag force_version_1 0x10 doc='This is mainly used by pEp clients to send private keys to their own PGP-only device';
    2.90 -			flag key_reset_only 0x20
    2.91 +			flag key_reset_only 0x20;
    2.92          }
    2.93  
    2.94          // exceptions
    2.95  
    2.96 -        throws key_has_ambig_name
    2.97 -            doc="at least one of the receipient keys has an ambiguous name";
    2.98 +        throws key_has_ambig_name doc="at least one of the receipient keys has an ambiguous name";
    2.99  
   2.100          throws unencrypted
   2.101          doc="""
   2.102              on demand or no recipients with usable key, is left unencrypted,
   2.103              and key is attached to it 
   2.104 -            """
   2.105 +            """;
   2.106      }
   2.107  
   2.108  
   2.109 @@ -63,12 +126,12 @@
   2.110  		use message src doc="message to encrypt";
   2.111  
   2.112  		create message dst
   2.113 -		doc="pointer to new encrypted message or NULL if no encryption could take place";
   2.114 +			doc="pointer to new encrypted message or NULL if no encryption could take place";
   2.115  
   2.116 -		const char to_fpr
   2.117 -		doc="fingerprint of the recipient key to which the private key should be encrypted";
   2.118 +		use const char to_fpr
   2.119 +			doc="fingerprint of the recipient key to which the private key should be encrypted";
   2.120  
   2.121 -		use enc_format enc_format doc="encrypted format";
   2.122 +		use enc_format format doc="encrypted format";
   2.123  
   2.124  		// flags
   2.125  
   2.126 @@ -79,19 +142,18 @@
   2.127  			flag force_no_attached_key 0x4;
   2.128  			flag inner_message 0x8 doc='This is mainly used by pEp clients to send private keys to their own PGP-only device.';
   2.129  			flag force_version_1 0x10 doc='This is mainly used by pEp clients to send private keys to their own PGP-only device';
   2.130 -			flag key_reset_only 0x20
   2.131 +			flag key_reset_only 0x20;
   2.132  		}
   2.133  
   2.134  		// exceptions
   2.135  
   2.136 -		throws key_has_ambig_name
   2.137 -			doc="at least one of the receipient keys has an ambiguous name";
   2.138 +		throws key_has_ambig_name doc="at least one of the receipient keys has an ambiguous name";
   2.139  
   2.140  		throws unencrypted
   2.141  			doc="""
   2.142  				on demand or no recipients with usable key, is left unencrypted, 
   2.143  				and key is attached to it
   2.144 -				"""
   2.145 +				""";
   2.146  	}
   2.147  
   2.148  
   2.149 @@ -105,17 +167,17 @@
   2.150  
   2.151  		use identity target_id
   2.152  		doc="""
   2.153 -			self identity this message should be encrypted for. message is NOT encrypted for 
   2.154 -			identities other than the target_id (and then, only if the target_id refers to self!)
   2.155 +			self identity this message should be encrypted for. Message is NOT encrypted for 
   2.156 +			identities other than the target_id (and then, only if the target_id refers to self!).
   2.157  			""";
   2.158  
   2.159  		use message src doc="message to encrypt";
   2.160  
   2.161 -		provide hash_list extra doc="extra keys for encryption";
   2.162 +		use hash_list extra doc="extra keys for encryption";
   2.163  
   2.164  		create message dst doc="pointer to new encrypted message or NULL on failure";
   2.165  
   2.166 -		use enc_format enc_format? doc="encrypted format";
   2.167 +		use enc_format format doc="encrypted format";
   2.168  
   2.169  		// flags
   2.170  
   2.171 @@ -126,59 +188,16 @@
   2.172  			flag force_no_attached_key 0x4;
   2.173  			flag inner_message 0x8 doc='This is mainly used by pEp clients to send private keys to their own PGP-only device.';
   2.174  			flag force_version_1 0x10 doc='This is mainly used by pEp clients to send private keys to their own PGP-only device';
   2.175 -			flag key_reset_only 0x20
   2.176 +			flag key_reset_only 0x20;
   2.177  		}
   2.178  
   2.179 -		// exceptions
   2.180 +		// exceptions doc="(FIXME: This may not be correct or complete)"
   2.181  
   2.182 -		throws key_not_found
   2.183 -			doc="at least one of the receipient keys could not be found";
   2.184 +		throws key_not_found doc="at least one of the receipient keys could not be found";
   2.185  
   2.186 -		throws key_has_ambig_name
   2.187 -			doc="at least one of the receipient keys has an ambiguous name";
   2.188 +		throws key_has_ambig_name doc="at least one of the receipient keys has an ambiguous name";
   2.189  
   2.190 -		throws get_key_failed
   2.191 -			doc="cannot retrieve key"
   2.192 -	}
   2.193 -
   2.194 -
   2.195 -	method color_from_rating
   2.196 -		doc="calculate color from rating"
   2.197 -	{
   2.198 -		// parms
   2.199 -	
   2.200 -		provide color_from_rating rating
   2.201 -		doc="color representing that rating";
   2.202 -
   2.203 -		// ratings
   2.204 -
   2.205 -		ratings {
   2.206 -			rating_undefined 0;
   2.207 -			rating_cannot_decrypt,
   2.208 -			rating_have_no_key,
   2.209 -			rating_unencrypted,
   2.210 -			rating_unencrypted_for_some doc="don't use this any more",
   2.211 -			rating_unreliable,
   2.212 -			rating_reliable,
   2.213 -			rating_trusted,
   2.214 -			rating_trusted_and_anonymized,
   2.215 -			rating_fully_anonymous,
   2.216 -			rating_mistrust -1;
   2.217 -			rating_b0rken -2;
   2.218 -			rating_under_attack -3
   2.219 -		}
   2.220 -
   2.221 -		// colors
   2.222 -
   2.223 -		colors {
   2.224 -			color_no_color 0;
   2.225 -			color_yellow,
   2.226 -			color_green,
   2.227 -			color_red -1
   2.228 -		}
   2.229 -
   2.230 -		// return value
   2.231 -			doc="color representing that rating"
   2.232 +		throws get_key_failed doc="cannot retrieve key";
   2.233  	}
   2.234  
   2.235  
   2.236 @@ -195,8 +214,7 @@
   2.237  		etc) intentionally; when this happens, decrypt_flag_src_modified is set.
   2.238  		""";
   2.239  
   2.240 -	create message dst
   2.241 -	doc="pointer to new decrypted message or NULL on failure";
   2.242 +	create message dst doc="pointer to new decrypted message or NULL on failure";
   2.243  
   2.244  	supply hash_list keylist
   2.245  	doc="""
   2.246 @@ -205,10 +223,11 @@
   2.247  		out: stringlist with keyids used for signing and encryption. first
   2.248  			first key is signer, additional keys are the ones it was encrypted
   2.249  			to. Only signer and whichever of the user's keys was used are reliable.
   2.250 +		The ownership of keylist goes to the caller.
   2.251 +		If src is unencrypted this function returns unencrypted and sets dst to NULL.
   2.252  		""";
   2.253  
   2.254 -	return rating rating
   2.255 -	doc="rating for the message";
   2.256 +	return rating msg_rating doc="rating for the message";
   2.257  
   2.258  	// flags
   2.259  	
   2.260 @@ -217,7 +236,7 @@
   2.261  		doc="""
   2.262  			private key was imported for one of our addresses (NOT trusted
   2.263  			or set to be used - handshake/trust is required for that)
   2.264 -			"""
   2.265 +			""";
   2.266  		decrypt_flag_consume 0x2 doc=’used by sync';
   2.267  		decrypt_flag_ignore 0x4 doc=’used by sync';
   2.268  		decrypt_flag_src_modified 0x8 
   2.269 @@ -231,13 +250,12 @@
   2.270  		doc="""
   2.271  			input flags. Used to signal that decrypt function should engage in behaviour
   2.272  			specified for when the server storing the source is untrusted.
   2.273 -			"""
   2.274 +			""";
   2.275  	}
   2.276  
   2.277  	// exceptions
   2.278  	
   2.279 -	throws decrypted
   2.280 -		doc="if message decrypted but not verified";
   2.281 +	throws decrypted doc="if message decrypted but not verified";
   2.282  
   2.283  	throws cannot_reencrypt
   2.284  		doc="""
   2.285 @@ -249,12 +267,19 @@
   2.286  		doc="""
   2.287  			if src is unencrypted this function returns unencrypted and sets
   2.288  			dst to NULL.
   2.289 -			"""
   2.290 +			""";
   2.291 +
   2.292 +	throws any doc="error status";
   2.293  	}
   2.294  
   2.295  
   2.296  	method own_message_private_key_details
   2.297 -		doc="details on own key in own message"
   2.298 +		doc="""
   2.299 +			details on own key in own message. Note: In order to obtain details about key 
   2.300 +			to be possibly imported as a replacement of key currently used as own identity, 
   2.301 +			application passes message that have been previously flagged by decrypt_message() 
   2.302 +			as own message containing own key to this function.
   2.303 +			"""
   2.304  	{
   2.305  	//parms
   2.306  
   2.307 @@ -264,8 +289,11 @@
   2.308  		can check own signature.
   2.309  		""";
   2.310  
   2.311 -	create identity ident
   2.312 -	doc="identity containing uid, address and fpr of key"
   2.313 +	create identity ident doc="identity containing uid, address and fpr of key";
   2.314 +
   2.315 +	// exceptions
   2.316 +
   2.317 +	throws any doc="error status"
   2.318  	}
   2.319  
   2.320  
   2.321 @@ -280,8 +308,11 @@
   2.322  		Dir must be dir_outgoing.
   2.323  		""";
   2.324  
   2.325 -	create rating rating
   2.326 -	doc="rating for the message"
   2.327 +	return rating msg_rating doc="rating for the message";
   2.328 +
   2.329 +	// exceptions
   2.330 +
   2.331 +	throws any doc="error status"
   2.332  	}
   2.333  
   2.334  
   2.335 @@ -296,8 +327,11 @@
   2.336  		Dir must be dir_outgoing.
   2.337  		""";
   2.338  
   2.339 -	create rating rating
   2.340 -	doc="rating preview for the message"
   2.341 +	return rating msg_rating doc="rating preview for the message";
   2.342 +
   2.343 +	// exceptions
   2.344 +
   2.345 +	throws any doc="error status"
   2.346  	}
   2.347  
   2.348  
   2.349 @@ -306,27 +340,13 @@
   2.350  	{
   2.351  	//parms
   2.352  
   2.353 -	use identity ident
   2.354 -	doc="identity to get the rating for";
   2.355 +	use identity ident doc="identity to get the rating for";
   2.356  
   2.357 -	create rating rating
   2.358 -	doc="rating for the identity"
   2.359 -	}
   2.360 +	return rating identity_rating doc="rating for the identity";
   2.361  
   2.362 +	// exceptions
   2.363  
   2.364 -	method get_binary_path
   2.365 -		doc="retrieve path of cryptotech binary if available"
   2.366 -	{
   2.367 -	//parms
   2.368 -
   2.369 -	use @type tech
   2.370 -	doc="cryptotech to get the binary for";
   2.371 -
   2.372 -	use @type path
   2.373 -	doc="""
   2.374 -		path to cryptotech binary or NULL if not available. **path is owned by 
   2.375 -		the library, do not change it!
   2.376 -		"""
   2.377 +	throws any doc="error status"
   2.378  	}
   2.379  
   2.380  
   2.381 @@ -335,14 +355,11 @@
   2.382  	{
   2.383  	//parms
   2.384  
   2.385 -	provide const identity id1
   2.386 -		doc="identity of first party in communication - fpr can't be NULL";
   2.387 +	use const identity id1 doc="identity of first party in communication - fpr can't be NULL";
   2.388  
   2.389 -	provide const identity id2
   2.390 -		doc="identity of second party in communication - fpr can't be NULL";
   2.391 +	use const identity id2 doc="identity of second party in communication - fpr can't be NULL";
   2.392  
   2.393 -	provide const char lang
   2.394 -		doc="C string with ISO 639-1 language code";
   2.395 +	use const char lang doc="C string with ISO 639-1 language code";
   2.396  
   2.397  	create char words
   2.398  		doc="""
   2.399 @@ -353,15 +370,14 @@
   2.400  			The caller is responsible to free() it (on Windoze use pEp_free())
   2.401  			""";
   2.402  
   2.403 -	create size_t wsize
   2.404 -		doc="length of full trustwords string";
   2.405 +	create size_t wsize doc="length of full trustwords string";
   2.406  
   2.407 -	provide bool full
   2.408 +	use bool full
   2.409  		doc="""
   2.410  			if true, generate ALL trustwords for these identities.
   2.411  			else, generate a fixed-size subset. (TODO: fixed-minimum-entropy
   2.412  			subset in next version)
   2.413 -			"""
   2.414 +			""";
   2.415  
   2.416  	// exceptions
   2.417  
   2.418 @@ -369,7 +385,7 @@
   2.419  		doc="out of memory";
   2.420  
   2.421  	throws trustword_not_found
   2.422 -		doc="at least one trustword not found"
   2.423 +		doc="at least one trustword not found";
   2.424  	}
   2.425  
   2.426  
   2.427 @@ -378,17 +394,14 @@
   2.428  	{
   2.429  	//parms
   2.430  
   2.431 -	provide message msg
   2.432 -		doc="message to get sender identity from";
   2.433 +	use message msg doc="message to get sender identity from";
   2.434  
   2.435 -	provide hash_list keylist
   2.436 +	use hash_list keylist
   2.437  		doc="NULL if message to be decrypted, keylist returned by decrypt_message() otherwise.";
   2.438  
   2.439 -	provide identity received_by
   2.440 -		doc="identity for account receiving message can't be NULL";
   2.441 +	use identity received_by doc="identity for account receiving message can't be NULL";
   2.442  
   2.443 -	provide const char lang
   2.444 -		doc="C string with ISO 639-1 language code";
   2.445 +	use string lang doc="C string with ISO 639-1 language code";
   2.446  
   2.447  	create char words
   2.448  		doc="""
   2.449 @@ -398,20 +411,20 @@
   2.450  			The caller is responsible to free() it (on Windoze use pEp_free())
   2.451  			""";
   2.452  
   2.453 -	provide bool full
   2.454 +	use bool full
   2.455  		doc="""
   2.456  			if true, generate ALL trustwords for these identities.
   2.457  			else, generate a fixed-size subset. (TODO: fixed-minimum-entropy
   2.458  			subset in next version)
   2.459 -			"""
   2.460 +			""";
   2.461  
   2.462  	// exceptions
   2.463  
   2.464 -	throws out_of_memory
   2.465 -		doc="out of memory";
   2.466 +	throws out_of_memory doc="out of memory";
   2.467  
   2.468 -	throws trustword_not_found
   2.469 -		doc="at least one trustword not found"
   2.470 +	throws trustword_not_found doc="at least one trustword not found";
   2.471 +
   2.472 +	throws like decrypt_message doc="error status of decrypt_message() if decryption fails"
   2.473  	}
   2.474  
   2.475  
   2.476 @@ -423,14 +436,11 @@
   2.477  	use message msg
   2.478  		doc="message to get the rating for. msg->from must point to a valid pEp_identity";
   2.479  
   2.480 -	use hash_list x_keylist
   2.481 -		doc="decrypted message recipients keys fpr";
   2.482 +	use hash_list x_keylist doc="decrypted message recipients keys fpr";
   2.483  
   2.484 -	provide rating x_enc_status
   2.485 -		doc="original rating for the decrypted message";
   2.486 +	use rating x_enc_status doc="original rating for the decrypted message";
   2.487  
   2.488 -	create message rating
   2.489 -		doc="rating for the message"
   2.490 +	return rating msg_rating doc="rating for the message";
   2.491  
   2.492  	// exceptions
   2.493  
   2.494 @@ -441,8 +451,7 @@
   2.495  			contain X-Keylist optional field and x_keylist is NULL.
   2.496  			""";
   2.497  
   2.498 -	throws out_of_memory
   2.499 -		doc="if not enough memory could be allocated"
   2.500 +	throws out_of_memory doc="if not enough memory could be allocated";
   2.501  	}
   2.502  
   2.503  
   2.504 @@ -451,14 +460,11 @@
   2.505  	{
   2.506  	//parms
   2.507  
   2.508 -	provide const char user_id
   2.509 -		doc="string with user ID";
   2.510 +	use string user_id doc="string with user ID";
   2.511  
   2.512 -	provide const char fpr
   2.513 -		doc="string with fingerprint";
   2.514 +	use string fpr doc="string with fingerprint";
   2.515  
   2.516 -	create rating rating
   2.517 -		doc="rating of key for this user"
   2.518 +	return rating key_rating doc="rating of key for this user";
   2.519  		
   2.520  	// exceptions
   2.521  
   2.522 @@ -468,13 +474,32 @@
   2.523  }	
   2.524  
   2.525  
   2.526 +	func color_from_rating
   2.527 +		doc="calculate color from rating"
   2.528 +	{
   2.529 +		// parms
   2.530  
   2.531 +		provide color_from_rating rating doc="color representing that rating"
   2.532  
   2.533 +		// return value
   2.534 +		return color rating_color doc="color representing that rating"
   2.535 +}
   2.536  
   2.537 - 
   2.538  			
   2.539 +	func get_binary_path
   2.540 +		doc="retrieve path of cryptotech binary if available"
   2.541 +	{
   2.542 +	//parms
   2.543  
   2.544 +	use cryptotech tech
   2.545 +	doc="cryptotech to get the binary for";
   2.546  
   2.547 +	use string path
   2.548 +	doc="""
   2.549 +		path to cryptotech binary or NULL if not available. **path is owned by 
   2.550 +		the library, do not change it!;
   2.551 +		"""
   2.552 +}
   2.553  
   2.554  
   2.555  
   2.556 @@ -484,6 +509,44 @@
   2.557  
   2.558  
   2.559  
   2.560 +
   2.561 +
   2.562 +
   2.563 +
   2.564 +
   2.565 +
   2.566 +
   2.567 +	// ratings
   2.568 +
   2.569 +	ratings {
   2.570 +		item rating_undefined 0;
   2.571 +		item rating_cannot_decrypt 1;
   2.572 +		item rating_have_no_key 2;
   2.573 +		item rating_unencrypted 3;
   2.574 +		item rating_unencrypted_for_some doc="don't use this any more",
   2.575 +		item rating_unreliable 4;
   2.576 +		item rating_reliable 5;
   2.577 +		item rating_trusted 6;
   2.578 +		item rating_trusted_and_anonymized 7;
   2.579 +		item rating_fully_anonymous 8;
   2.580 +		item rating_mistrust -1;
   2.581 +		item rating_b0rken -2;
   2.582 +		item rating_under_attack -3;
   2.583 +	}
   2.584 +
   2.585 +	// colors
   2.586 +
   2.587 +	colors {
   2.588 +		item color_no_color 0;
   2.589 +		item color_yellow 1;
   2.590 +		item color_green 2;
   2.591 +		item color_red -1;
   2.592 +	}
   2.593 +
   2.594 +
   2.595 +
   2.596 +
   2.597 +
   2.598  	
   2.599  
   2.600