ENGINE-140 merged to default
authorEdouard Tisserant <edouard@pep-project.org>
Wed, 16 Nov 2016 00:17:55 +0100
changeset 1402bf7b1ad6f43a
parent 1400 909966aa9d93
parent 1401 ed3616afb3fb
child 1405 dbb4866e1b6c
ENGINE-140 merged to default
     1.1 --- a/src/keymanagement.c	Tue Nov 15 23:40:28 2016 +0100
     1.2 +++ b/src/keymanagement.c	Wed Nov 16 00:17:55 2016 +0100
     1.3 @@ -913,9 +913,8 @@
     1.4      return status;
     1.5  }
     1.6  
     1.7 -DYNAMIC_API PEP_STATUS keys_retrieve_by_flag(
     1.8 +DYNAMIC_API PEP_STATUS own_keys_retrieve(
     1.9          PEP_SESSION session,
    1.10 -        keypair_flags_t flags,
    1.11          stringlist_t **keylist
    1.12        )
    1.13  {
    1.14 @@ -928,18 +927,17 @@
    1.15      *keylist = NULL;
    1.16      stringlist_t *_keylist = NULL;
    1.17      
    1.18 -    sqlite3_reset(session->keys_retrieve_by_flag);
    1.19 -    sqlite3_bind_int(session->keys_retrieve_by_flag, 1, flags);
    1.20 +    sqlite3_reset(session->own_keys_retrieve);
    1.21      
    1.22      int result;
    1.23      char *fpr = NULL;
    1.24      
    1.25      stringlist_t *_bl = _keylist;
    1.26      do {
    1.27 -        result = sqlite3_step(session->keys_retrieve_by_flag);
    1.28 +        result = sqlite3_step(session->own_keys_retrieve);
    1.29          switch (result) {
    1.30              case SQLITE_ROW:
    1.31 -                fpr = strdup((const char *) sqlite3_column_text(session->keys_retrieve_by_flag, 0));
    1.32 +                fpr = strdup((const char *) sqlite3_column_text(session->own_keys_retrieve, 0));
    1.33                  if(fpr == NULL)
    1.34                      goto enomem;
    1.35  
    1.36 @@ -962,7 +960,7 @@
    1.37          }
    1.38      } while (result != SQLITE_DONE);
    1.39      
    1.40 -    sqlite3_reset(session->keys_retrieve_by_flag);
    1.41 +    sqlite3_reset(session->own_keys_retrieve);
    1.42      if (status == PEP_STATUS_OK)
    1.43          *keylist = _keylist;
    1.44      else
    1.45 @@ -978,6 +976,45 @@
    1.46      return status;
    1.47  }
    1.48  
    1.49 +// TODO: Unused for now, but should be used when sync receive old keys (ENGINE-145)
    1.50 +DYNAMIC_API PEP_STATUS set_own_key(
    1.51 +       PEP_SESSION session,
    1.52 +       const char *address,
    1.53 +       const char *fpr
    1.54 +    )
    1.55 +{
    1.56 +    PEP_STATUS status = PEP_STATUS_OK;
    1.57 +    
    1.58 +    assert(session &&
    1.59 +           address && address[0] &&
    1.60 +           fpr && fpr[0]
    1.61 +          );
    1.62 +    
    1.63 +    if (!(session &&
    1.64 +          address && address[0] &&
    1.65 +          fpr && fpr[0]
    1.66 +         ))
    1.67 +        return PEP_ILLEGAL_VALUE;
    1.68 +    
    1.69 +    sqlite3_reset(session->set_own_key);
    1.70 +    sqlite3_bind_text(session->set_own_key, 1, address, -1, SQLITE_STATIC);
    1.71 +    sqlite3_bind_text(session->set_own_key, 2, fpr, -1, SQLITE_STATIC);
    1.72 +
    1.73 +    int result;
    1.74 +    
    1.75 +    result = sqlite3_step(session->set_own_key);
    1.76 +    switch (result) {
    1.77 +        case SQLITE_DONE:
    1.78 +            status = PEP_STATUS_OK;
    1.79 +            break;
    1.80 +            
    1.81 +        default:
    1.82 +            status = PEP_UNKNOWN_ERROR;
    1.83 +    }
    1.84 +    
    1.85 +    sqlite3_reset(session->set_own_key);
    1.86 +    return status;
    1.87 +}
    1.88  
    1.89  PEP_STATUS contains_priv_key(PEP_SESSION session, const char *fpr,
    1.90                               bool *has_private) {
     2.1 --- a/src/keymanagement.h	Tue Nov 15 23:40:28 2016 +0100
     2.2 +++ b/src/keymanagement.h	Wed Nov 16 00:17:55 2016 +0100
     2.3 @@ -190,18 +190,16 @@
     2.4  PEP_STATUS contains_priv_key(PEP_SESSION session, const char *fpr,
     2.5                               bool *has_private);
     2.6  
     2.7 -// keys_retrieve_by_flag() - retrieve all flagged keypair fingerprints 
     2.8 +// own_keys_retrieve() - retrieve all flagged keypair fingerprints 
     2.9  //
    2.10  //  parameters:
    2.11  //      session (in)            session to use
    2.12 -//      flags                   flags to compare pgp keypair's flags to
    2.13  //      keylist (out)           list of fingerprints
    2.14  //
    2.15  //  caveat:
    2.16  //      the ownership of the list goes to the caller
    2.17 -DYNAMIC_API PEP_STATUS keys_retrieve_by_flag(
    2.18 +DYNAMIC_API PEP_STATUS own_keys_retrieve(
    2.19          PEP_SESSION session,
    2.20 -        keypair_flags_t flags,
    2.21          stringlist_t **keylist
    2.22        );
    2.23  
     3.1 --- a/src/pEpEngine.c	Tue Nov 15 23:40:28 2016 +0100
     3.2 +++ b/src/pEpEngine.c	Wed Nov 16 00:17:55 2016 +0100
     3.3 @@ -32,9 +32,8 @@
     3.4      static const char *sql_get_device_group;
     3.5      static const char *sql_set_pgp_keypair;
     3.6      static const char *sql_set_identity;
     3.7 -    static const char *sql_exists_empty_fpr_entry;
     3.8 -    static const char *sql_update_fprless_identity;
     3.9      static const char *sql_set_identity_flags;
    3.10 +    static const char *sql_unset_identity_flags;
    3.11      static const char *sql_set_trust;
    3.12      static const char *sql_get_trust;
    3.13      static const char *sql_least_trust;
    3.14 @@ -52,7 +51,8 @@
    3.15      // Own keys
    3.16      static const char *sql_own_key_is_listed;
    3.17      static const char *sql_own_identities_retrieve;
    3.18 -    static const char *sql_keys_retrieve_by_flag;
    3.19 +    static const char *sql_own_keys_retrieve;
    3.20 +    static const char *sql_set_own_key;
    3.21  
    3.22      // Sequence
    3.23      static const char *sql_sequence_value1;
    3.24 @@ -223,6 +223,18 @@
    3.25                  "       on delete cascade,\n"
    3.26                  "   revocation_date integer\n"
    3.27                  ");\n"
    3.28 +                "create table if not exists own_keys (\n"
    3.29 +                "   address text,\n"
    3.30 +                "   user_id text,\n"
    3.31 +                "   fpr text not null\n"
    3.32 +                "       references pgp_keypair (fpr)\n"
    3.33 +                "       on delete cascade,\n"
    3.34 +                "   foreign key (address, user_id)\n"
    3.35 +                "       references identity\n"
    3.36 +                "       on delete cascade,\n"
    3.37 +                "   check (user_id = '" PEP_OWN_USERID "')\n"
    3.38 +                "   primary key (address, fpr)\n"
    3.39 +                ");\n" 
    3.40                  ,
    3.41              NULL,
    3.42              NULL,
    3.43 @@ -288,19 +300,6 @@
    3.44              assert(int_result == SQLITE_OK);
    3.45          }
    3.46  
    3.47 -        if (version <= atoi(_DDL_USER_VERSION)) {
    3.48 -            int_result = sqlite3_exec(
    3.49 -                _session->db,
    3.50 -                "pragma user_version = "_DDL_USER_VERSION";\n"
    3.51 -                "insert or replace into version_info (id, version)"
    3.52 -                    "values (1, '" PEP_ENGINE_VERSION "');",
    3.53 -                NULL,
    3.54 -                NULL,
    3.55 -                NULL
    3.56 -            );
    3.57 -            assert(int_result == SQLITE_OK);
    3.58 -        }
    3.59 -
    3.60          sql_log = "insert into log (title, entity, description, comment)"
    3.61                    "values (?1, ?2, ?3, ?4);";
    3.62  
    3.63 @@ -330,21 +329,34 @@
    3.64          sql_get_device_group = "select device_group from person "
    3.65                                 "where id = '" PEP_OWN_USERID "';";
    3.66  
    3.67 -        sql_set_pgp_keypair = "insert or replace into pgp_keypair (fpr, flags) "
    3.68 -                              "values (upper(replace(?1,' ','')), ?2) ;";
    3.69 +        sql_set_pgp_keypair = "insert or replace into pgp_keypair (fpr) "
    3.70 +                              "values (upper(replace(?1,' ',''))) ;";
    3.71  
    3.72 -        sql_set_identity = "insert or replace into identity (address, main_key_id, "
    3.73 -                           "user_id, flags) values (?1, upper(replace(?2,' ','')),"
    3.74 -                           "?3, ?4 & 255) ;";
    3.75 +        sql_set_identity = "insert or replace into identity ("
    3.76 +                           " address, main_key_id, "
    3.77 +                           " user_id, flags"
    3.78 +                           ") values ("
    3.79 +                           " ?1,"
    3.80 +                           " upper(replace(?2,' ','')),"
    3.81 +                           " ?3,"
    3.82 +                           " (select"
    3.83 +                           "   coalesce("
    3.84 +                           "    (select flags from identity"
    3.85 +                           "     where address = ?1 and"
    3.86 +                           "           user_id = ?3),"
    3.87 +                           "    0)"
    3.88 +                           " ) | (?4 & 255)"
    3.89 +                           ");";
    3.90          
    3.91 -        sql_exists_empty_fpr_entry = "select count(*) from identity where address = ?1 and user_id = ?2 "
    3.92 -                                        "and (main_key_id is null or main_key_id = '');";
    3.93 -                
    3.94 -        sql_update_fprless_identity = "update identity set main_key_id = upper(replace(?2,' ','')), "
    3.95 -                                         "flags = ?4 & 255 where address = ?1 and user_id = ?3 and "
    3.96 -                                         "(main_key_id is null or main_key_id = '');";
    3.97 +        sql_set_identity_flags = "update identity set flags = "
    3.98 +                                 "    ((?1 & 255) | (select flags from identity"
    3.99 +                                 "                   where address = ?2 and user_id = ?3)) "
   3.100 +                                 "where address = ?2 and user_id = ?3 ;";
   3.101  
   3.102 -        sql_set_identity_flags = "update identity set flags = ?1 & 255 "
   3.103 +        sql_unset_identity_flags = 
   3.104 +                                 "update identity set flags = "
   3.105 +                                 "    ( ~(?1 & 255) & (select flags from identity"
   3.106 +                                 "                   where address = ?2 and user_id = ?3)) "
   3.107                                   "where address = ?2 and user_id = ?3 ;";
   3.108  
   3.109          sql_set_trust = "insert or replace into trust (user_id, pgp_keypair_fpr, comm_type) "
   3.110 @@ -398,9 +410,13 @@
   3.111                              "       and pgp_keypair_fpr = identity.main_key_id"
   3.112                              "   where identity.user_id = '" PEP_OWN_USERID "';";
   3.113          
   3.114 -        sql_keys_retrieve_by_flag =  
   3.115 -                            "select fpr from pgp_keypair"
   3.116 -                            "  where (flags & ?1) = ?1;";
   3.117 +        sql_own_keys_retrieve =  
   3.118 +                            "select fpr from own_keys"
   3.119 +                            "   join identity"
   3.120 +                            "   where identity.flags & 1 = 0;"; // PEP_idf_not_for_sync
   3.121 +
   3.122 +        sql_set_own_key = "insert or replace into own_keys (address, user_id, fpr)"
   3.123 +                          " values (?1, '" PEP_OWN_USERID "', upper(replace(?2,' ','')));";
   3.124  
   3.125          sql_sequence_value1 = "insert or replace into sequences (name, value, own) "
   3.126                                "values (?1, "
   3.127 @@ -452,21 +468,16 @@
   3.128              (int)strlen(sql_set_identity), &_session->set_identity, NULL);
   3.129      assert(int_result == SQLITE_OK);
   3.130  
   3.131 -    int_result = sqlite3_prepare_v2(_session->db, sql_exists_empty_fpr_entry,
   3.132 -                                    (int)strlen(sql_exists_empty_fpr_entry), &_session->exists_empty_fpr_entry,
   3.133 -                                    NULL);
   3.134 -    assert(int_result == SQLITE_OK);
   3.135 -    
   3.136 -    int_result = sqlite3_prepare_v2(_session->db, sql_update_fprless_identity,
   3.137 -                                    (int)strlen(sql_update_fprless_identity), &_session->update_fprless_identity,
   3.138 -                                    NULL);
   3.139 -    assert(int_result == SQLITE_OK);
   3.140 -    
   3.141      int_result = sqlite3_prepare_v2(_session->db, sql_set_identity_flags,
   3.142              (int)strlen(sql_set_identity_flags), &_session->set_identity_flags,
   3.143              NULL);
   3.144      assert(int_result == SQLITE_OK);
   3.145  
   3.146 +    int_result = sqlite3_prepare_v2(_session->db, sql_unset_identity_flags,
   3.147 +            (int)strlen(sql_unset_identity_flags), &_session->unset_identity_flags,
   3.148 +            NULL);
   3.149 +    assert(int_result == SQLITE_OK);
   3.150 +
   3.151      int_result = sqlite3_prepare_v2(_session->db, sql_set_trust,
   3.152              (int)strlen(sql_set_trust), &_session->set_trust, NULL);
   3.153      assert(int_result == SQLITE_OK);
   3.154 @@ -529,9 +540,14 @@
   3.155              &_session->own_identities_retrieve, NULL);
   3.156      assert(int_result == SQLITE_OK);
   3.157   
   3.158 -    int_result = sqlite3_prepare_v2(_session->db, sql_keys_retrieve_by_flag,
   3.159 -            (int)strlen(sql_keys_retrieve_by_flag),
   3.160 -            &_session->keys_retrieve_by_flag, NULL);
   3.161 +    int_result = sqlite3_prepare_v2(_session->db, sql_own_keys_retrieve,
   3.162 +            (int)strlen(sql_own_keys_retrieve),
   3.163 +            &_session->own_keys_retrieve, NULL);
   3.164 +    assert(int_result == SQLITE_OK);
   3.165 + 
   3.166 +    int_result = sqlite3_prepare_v2(_session->db, sql_set_own_key,
   3.167 +            (int)strlen(sql_set_own_key),
   3.168 +            &_session->set_own_key, NULL);
   3.169      assert(int_result == SQLITE_OK);
   3.170   
   3.171      // Sequence
   3.172 @@ -634,6 +650,8 @@
   3.173                  sqlite3_finalize(session->set_identity);
   3.174              if (session->set_identity_flags)
   3.175                  sqlite3_finalize(session->set_identity_flags);
   3.176 +            if (session->unset_identity_flags)
   3.177 +                sqlite3_finalize(session->unset_identity_flags);
   3.178              if (session->set_trust)
   3.179                  sqlite3_finalize(session->set_trust);
   3.180              if (session->get_trust)
   3.181 @@ -660,8 +678,10 @@
   3.182                  sqlite3_finalize(session->own_key_is_listed);
   3.183              if (session->own_identities_retrieve)
   3.184                  sqlite3_finalize(session->own_identities_retrieve);
   3.185 -            if (session->keys_retrieve_by_flag)
   3.186 -                sqlite3_finalize(session->keys_retrieve_by_flag);
   3.187 +            if (session->own_keys_retrieve)
   3.188 +                sqlite3_finalize(session->own_keys_retrieve);
   3.189 +            if (session->set_own_key)
   3.190 +                sqlite3_finalize(session->set_own_key);
   3.191              if (session->sequence_value1)
   3.192                  sqlite3_finalize(session->sequence_value1);
   3.193              if (session->sequence_value2)
   3.194 @@ -1025,47 +1045,6 @@
   3.195      return status;
   3.196  }
   3.197  
   3.198 -
   3.199 -static PEP_STATUS exists_empty_fpr_entry (
   3.200 -    PEP_SESSION session,
   3.201 -    const char* address,
   3.202 -    const char* user_id,
   3.203 -    bool *exists_empty_fpr
   3.204 -)
   3.205 -{
   3.206 -    PEP_STATUS status = PEP_STATUS_OK;
   3.207 -    int count;
   3.208 -    
   3.209 -    assert(session && address && user_id && exists_empty_fpr);
   3.210 -    
   3.211 -    if (!(session && address && user_id && exists_empty_fpr))
   3.212 -        return PEP_ILLEGAL_VALUE;
   3.213 -    
   3.214 -    *exists_empty_fpr = false;
   3.215 -    
   3.216 -    sqlite3_reset(session->exists_empty_fpr_entry);
   3.217 -    sqlite3_bind_text(session->exists_empty_fpr_entry, 1, address, -1, SQLITE_STATIC);
   3.218 -    sqlite3_bind_text(session->exists_empty_fpr_entry, 2, user_id, -1, SQLITE_STATIC);
   3.219 -    
   3.220 -    int result;
   3.221 -    
   3.222 -    result = sqlite3_step(session->exists_empty_fpr_entry);
   3.223 -    switch (result) {
   3.224 -        case SQLITE_ROW:
   3.225 -            count = sqlite3_column_int(session->exists_empty_fpr_entry, 0);
   3.226 -            *exists_empty_fpr = count > 0;
   3.227 -            status = PEP_STATUS_OK;
   3.228 -            break;
   3.229 -            
   3.230 -        default:
   3.231 -            status = PEP_UNKNOWN_ERROR;
   3.232 -    }
   3.233 -    
   3.234 -    sqlite3_reset(session->exists_empty_fpr_entry);
   3.235 -    return status;
   3.236 -}
   3.237 -
   3.238 -
   3.239  DYNAMIC_API PEP_STATUS set_identity(
   3.240          PEP_SESSION session, const pEp_identity *identity
   3.241      )
   3.242 @@ -1083,7 +1062,6 @@
   3.243          return PEP_ILLEGAL_VALUE;
   3.244  
   3.245      bool listed;
   3.246 -    bool exists_empty_fpr;
   3.247      
   3.248      if (identity->fpr && identity->fpr[0] != '\0') {
   3.249          
   3.250 @@ -1096,12 +1074,6 @@
   3.251          if (listed)
   3.252              return PEP_KEY_BLACKLISTED;
   3.253          
   3.254 -        // empty fpr already in DB
   3.255 -        status = exists_empty_fpr_entry(session, identity->address,
   3.256 -                                           identity->user_id, &exists_empty_fpr);
   3.257 -        if (status != PEP_STATUS_OK)
   3.258 -            return status;
   3.259 -        
   3.260      }
   3.261  
   3.262      sqlite3_exec(session->db, "BEGIN ;", NULL, NULL, NULL);
   3.263 @@ -1134,9 +1106,6 @@
   3.264      sqlite3_reset(session->set_pgp_keypair);
   3.265      sqlite3_bind_text(session->set_pgp_keypair, 1, identity->fpr, -1,
   3.266              SQLITE_STATIC);
   3.267 -    sqlite3_bind_int(session->set_pgp_keypair, 2, 
   3.268 -                     strcmp(identity->user_id, PEP_OWN_USERID) == 0 ?
   3.269 -                        PEP_kpf_own_key : 0);
   3.270      result = sqlite3_step(session->set_pgp_keypair);
   3.271      sqlite3_reset(session->set_pgp_keypair);
   3.272      if (result != SQLITE_DONE) {
   3.273 @@ -1144,24 +1113,37 @@
   3.274          return PEP_CANNOT_SET_PGP_KEYPAIR;
   3.275      }
   3.276  
   3.277 -    sqlite3_stmt *update_or_set_identity = 
   3.278 -        (exists_empty_fpr ? session->update_fprless_identity : session->set_identity);
   3.279 -    
   3.280 -    sqlite3_reset(update_or_set_identity);
   3.281 -    sqlite3_bind_text(update_or_set_identity, 1, identity->address, -1,
   3.282 +
   3.283 +    sqlite3_reset(session->set_identity);
   3.284 +    sqlite3_bind_text(session->set_identity, 1, identity->address, -1,
   3.285              SQLITE_STATIC);
   3.286 -    sqlite3_bind_text(update_or_set_identity, 2, identity->fpr, -1,
   3.287 +    sqlite3_bind_text(session->set_identity, 2, identity->fpr, -1,
   3.288              SQLITE_STATIC);
   3.289 -    sqlite3_bind_text(update_or_set_identity, 3, identity->user_id, -1,
   3.290 +    sqlite3_bind_text(session->set_identity, 3, identity->user_id, -1,
   3.291              SQLITE_STATIC);
   3.292 -    sqlite3_bind_int(update_or_set_identity, 4, identity->flags);
   3.293 -    result = sqlite3_step(update_or_set_identity);
   3.294 -    sqlite3_reset(update_or_set_identity);
   3.295 +    sqlite3_bind_int(session->set_identity, 4, identity->flags);
   3.296 +    result = sqlite3_step(session->set_identity);
   3.297 +    sqlite3_reset(session->set_identity);
   3.298      if (result != SQLITE_DONE) {
   3.299          sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
   3.300          return PEP_CANNOT_SET_IDENTITY;
   3.301      }
   3.302  
   3.303 +    if(strcmp(identity->user_id, PEP_OWN_USERID) == 0 &&
   3.304 +       identity->fpr && identity->fpr[0] != '\0') {
   3.305 +        sqlite3_reset(session->set_own_key);
   3.306 +        sqlite3_bind_text(session->set_own_key, 1, identity->address, -1,
   3.307 +            SQLITE_STATIC);
   3.308 +        sqlite3_bind_text(session->set_own_key, 2, identity->fpr, -1,
   3.309 +            SQLITE_STATIC);
   3.310 +        result = sqlite3_step(session->set_own_key);
   3.311 +        sqlite3_reset(session->set_own_key);
   3.312 +        if (result != SQLITE_DONE) {
   3.313 +            sqlite3_exec(session->db, "ROLLBACK ;", NULL, NULL, NULL);
   3.314 +            return PEP_CANNOT_SET_PGP_KEYPAIR;
   3.315 +        }
   3.316 +    }
   3.317 +
   3.318      sqlite3_reset(session->set_trust);
   3.319      sqlite3_bind_text(session->set_trust, 1, identity->user_id, -1,
   3.320              SQLITE_STATIC);
   3.321 @@ -1268,6 +1250,37 @@
   3.322      return PEP_STATUS_OK;
   3.323  }
   3.324  
   3.325 +DYNAMIC_API PEP_STATUS unset_identity_flags(
   3.326 +        PEP_SESSION session,
   3.327 +        pEp_identity *identity,
   3.328 +        unsigned int flags
   3.329 +    )
   3.330 +{
   3.331 +    int result;
   3.332 +
   3.333 +    assert(session);
   3.334 +    assert(identity);
   3.335 +    assert(identity->address);
   3.336 +    assert(identity->user_id);
   3.337 +
   3.338 +    if (!(session && identity && identity->address && identity->user_id))
   3.339 +        return PEP_ILLEGAL_VALUE;
   3.340 +
   3.341 +    sqlite3_reset(session->unset_identity_flags);
   3.342 +    sqlite3_bind_int(session->unset_identity_flags, 1, flags);
   3.343 +    sqlite3_bind_text(session->unset_identity_flags, 2, identity->address, -1,
   3.344 +            SQLITE_STATIC);
   3.345 +    sqlite3_bind_text(session->unset_identity_flags, 3, identity->user_id, -1,
   3.346 +            SQLITE_STATIC);
   3.347 +    result = sqlite3_step(session->unset_identity_flags);
   3.348 +    sqlite3_reset(session->unset_identity_flags);
   3.349 +    if (result != SQLITE_DONE)
   3.350 +        return PEP_CANNOT_SET_IDENTITY;
   3.351 +
   3.352 +    identity->flags = flags;
   3.353 +    return PEP_STATUS_OK;
   3.354 +}
   3.355 +
   3.356  DYNAMIC_API PEP_STATUS mark_as_compromized(
   3.357          PEP_SESSION session,
   3.358          const char *fpr
     4.1 --- a/src/pEpEngine.h	Tue Nov 15 23:40:28 2016 +0100
     4.2 +++ b/src/pEpEngine.h	Wed Nov 16 00:17:55 2016 +0100
     4.3 @@ -412,21 +412,17 @@
     4.4  
     4.5  typedef enum _identity_flags {
     4.6      // the first octet flags are app defined settings
     4.7 -    PEP_idf_not_for_sync = 1,   // don't use this identity for sync
     4.8 -    PEP_idf_list = 2,           // identity of list of persons
     4.9 +    PEP_idf_not_for_sync = 0x0001,   // don't use this identity for sync
    4.10 +    PEP_idf_list = 0x0002,           // identity of list of persons
    4.11  
    4.12      // the second octet flags are calculated
    4.13 -    PEP_idf_devicegroup = 256   // identity of a device group member
    4.14 +    PEP_idf_devicegroup = 0x0100     // identity of a device group member
    4.15  } identity_flags;
    4.16  
    4.17  typedef unsigned int identity_flags_t;
    4.18  
    4.19 -typedef enum _keypair_flags {
    4.20 -    // the first octet flags are app defined settings
    4.21 -
    4.22 -    // the second octet flags are calculated
    4.23 -    PEP_kpf_own_key = 512   // key (was) used for own identity
    4.24 -} keypair_flags;
    4.25 +// typedef enum _keypair_flags {
    4.26 +// } keypair_flags;
    4.27  
    4.28  typedef unsigned int keypair_flags_t;
    4.29  
     5.1 --- a/src/pEp_internal.h	Tue Nov 15 23:40:28 2016 +0100
     5.2 +++ b/src/pEp_internal.h	Wed Nov 16 00:17:55 2016 +0100
     5.3 @@ -99,9 +99,8 @@
     5.4      sqlite3_stmt *get_device_group;
     5.5      sqlite3_stmt *set_pgp_keypair;
     5.6      sqlite3_stmt *set_identity;
     5.7 -    sqlite3_stmt *exists_empty_fpr_entry;
     5.8 -    sqlite3_stmt *update_fprless_identity;
     5.9      sqlite3_stmt *set_identity_flags;
    5.10 +    sqlite3_stmt *unset_identity_flags;
    5.11      sqlite3_stmt *set_trust;
    5.12      sqlite3_stmt *get_trust;
    5.13      sqlite3_stmt *least_trust;
    5.14 @@ -120,7 +119,8 @@
    5.15      // Own keys
    5.16      sqlite3_stmt *own_key_is_listed;
    5.17      sqlite3_stmt *own_identities_retrieve;
    5.18 -    sqlite3_stmt *keys_retrieve_by_flag;
    5.19 +    sqlite3_stmt *own_keys_retrieve;
    5.20 +    sqlite3_stmt *set_own_key;
    5.21  
    5.22      // sequence value
    5.23      sqlite3_stmt *sequence_value1;
     6.1 --- a/src/sync_impl.c	Tue Nov 15 23:40:28 2016 +0100
     6.2 +++ b/src/sync_impl.c	Wed Nov 16 00:17:55 2016 +0100
     6.3 @@ -579,7 +579,7 @@
     6.4              }
     6.5              
     6.6              stringlist_t *keylist = NULL;
     6.7 -            status = keys_retrieve_by_flag(session, PEP_kpf_own_key, &keylist);
     6.8 +            status = own_keys_retrieve(session, &keylist);
     6.9              if (status != PEP_STATUS_OK)
    6.10                  goto error;
    6.11