completing rating
authorVolker Birk <vb@pep-project.org>
Wed, 06 May 2015 20:16:53 +0200
changeset 251dba7f09db1ed
parent 250 ace6314d8e64
child 255 813b795312b1
child 256 0232e3d7d77c
completing rating
db/CREATE_DB.txt
db/create_system_db.sql
src/message_api.c
src/message_api.h
src/pEpEngine.c
src/pEpEngine.h
src/pEp_internal.h
test/message_api_test.cc
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/db/CREATE_DB.txt	Wed May 06 20:16:53 2015 +0200
     1.3 @@ -0,0 +1,8 @@
     1.4 +To create system.db:
     1.5 +
     1.6 +1) run the create script
     1.7 +
     1.8 +2) import wordlists, 65535 words each language
     1.9 +
    1.10 +3) insert an i18n text per language
    1.11 +
     2.1 --- a/db/create_system_db.sql	Wed May 06 13:46:08 2015 +0200
     2.2 +++ b/db/create_system_db.sql	Wed May 06 20:16:53 2015 +0200
     2.3 @@ -6,3 +6,15 @@
     2.4  );
     2.5  
     2.6  CREATE UNIQUE INDEX wordlist_pk on wordlist (lang, id);
     2.7 +
     2.8 +CREATE TABLE i18n (
     2.9 +    lang text,
    2.10 +    id integer,
    2.11 +    phrase text
    2.12 +);
    2.13 +
    2.14 +CREATE UNIQUE INDEX i18n_pk on i18n (lang, id);
    2.15 +
    2.16 +INSERT INTO i18n VALUES ('en', 1, 'I want to have this conversation in English language');
    2.17 +INSERT INTO i18n VALUES ('de', 1, 'Ich möchte diese Unterhaltung auf Deutsch führen');
    2.18 +' add more languages here
     3.1 --- a/src/message_api.c	Wed May 06 13:46:08 2015 +0200
     3.2 +++ b/src/message_api.c	Wed May 06 20:16:53 2015 +0200
     3.3 @@ -379,7 +379,8 @@
     3.4              PEP_MIME_format mime = (enc_format == PEP_enc_PEP) ? PEP_MIME :
     3.5                      PEP_MIME_fields_omitted;
     3.6  
     3.7 -            status = decrypt_message(session, src, mime, &_dst, &_keylist);
     3.8 +            PEP_color color;
     3.9 +            status = decrypt_message(session, src, mime, &_dst, &_keylist, &color);
    3.10              if (status != PEP_STATUS_OK)
    3.11                  goto pep_error;
    3.12              free_stringlist(_keylist);
    3.13 @@ -663,12 +664,109 @@
    3.14      return strndup(filename, ext - filename);
    3.15  }
    3.16  
    3.17 +static PEP_color decrypt_color(PEP_STATUS status)
    3.18 +{
    3.19 +    switch (status) {
    3.20 +        case PEP_UNENCRYPTED:
    3.21 +        case PEP_VERIFIED:
    3.22 +        case PEP_VERIFY_NO_KEY:
    3.23 +        case PEP_VERIFIED_AND_TRUSTED:
    3.24 +            return PEP_rating_unencrypted;
    3.25 +
    3.26 +        case PEP_DECRYPTED:
    3.27 +            return PEP_rating_unreliable;
    3.28 +
    3.29 +        case PEP_DECRYPTED_AND_VERIFIED:
    3.30 +            return PEP_rating_reliable;
    3.31 +
    3.32 +        case PEP_DECRYPT_WRONG_FORMAT:
    3.33 +        case PEP_DECRYPT_NO_KEY:
    3.34 +        case PEP_CANNOT_DECRYPT_UNKNOWN:
    3.35 +            return PEP_rating_cannot_decrypt;
    3.36 +
    3.37 +        default:
    3.38 +            return PEP_rating_undefined;
    3.39 +    }
    3.40 +}
    3.41 +
    3.42 +static PEP_color _rating(PEP_comm_type ct)
    3.43 +{
    3.44 +    if (ct == PEP_ct_unknown)
    3.45 +        return PEP_rating_undefined;
    3.46 +
    3.47 +    else if (ct == PEP_ct_compromized)
    3.48 +        return PEP_rating_under_attack;
    3.49 +
    3.50 +    else if (ct >= PEP_ct_confirmed_enc_anon)
    3.51 +        return PEP_rating_trusted_and_anonymized;
    3.52 +
    3.53 +    else if (ct >= PEP_ct_strong_encryption)
    3.54 +        return PEP_rating_trusted;
    3.55 +
    3.56 +    else if (ct >= PEP_ct_strong_but_unconfirmed && ct < PEP_ct_confirmed)
    3.57 +        return PEP_rating_reliable;
    3.58 +    
    3.59 +    else if (ct == PEP_ct_no_encryption || ct == PEP_ct_no_encrypted_channel)
    3.60 +        return PEP_rating_unencrypted;
    3.61 +
    3.62 +    else
    3.63 +        return PEP_rating_unreliable;
    3.64 +}
    3.65 +
    3.66 +static PEP_color key_color(PEP_SESSION session, const char *fpr) {
    3.67 +    PEP_comm_type comm_type = PEP_ct_unknown;
    3.68 +
    3.69 +    assert(session);
    3.70 +    assert(fpr);
    3.71 +
    3.72 +    PEP_STATUS status = get_key_rating(session, fpr, &comm_type);
    3.73 +    if (status != PEP_STATUS_OK)
    3.74 +        return PEP_rating_undefined;
    3.75 +
    3.76 +    return _rating(comm_type);
    3.77 +}
    3.78 +
    3.79 +static PEP_color keylist_color(PEP_SESSION session, stringlist_t *keylist)
    3.80 +{
    3.81 +    PEP_color color = PEP_rating_reliable;
    3.82 +
    3.83 +    assert(keylist && keylist->value);
    3.84 +    if (keylist == NULL || keylist->value == NULL)
    3.85 +        return PEP_rating_unencrypted;
    3.86 +
    3.87 +    stringlist_t *_kl;
    3.88 +    for (_kl = keylist; _kl && _kl->value; _kl = _kl->next) {
    3.89 +        PEP_comm_type ct;
    3.90 +        PEP_STATUS status;
    3.91 +        PEP_color _color;
    3.92 +
    3.93 +        _color = key_color(session, _kl->value);
    3.94 +        if (_color == PEP_rating_under_attack)
    3.95 +            return PEP_rating_under_attack;
    3.96 +
    3.97 +        color = MIN(color, _color);
    3.98 +
    3.99 +        status = least_trust(session, _kl->value, &ct);
   3.100 +        if (status != PEP_STATUS_OK)
   3.101 +            return PEP_rating_undefined;
   3.102 +
   3.103 +        _color = _rating(ct);
   3.104 +        if (_color == PEP_rating_under_attack)
   3.105 +            return PEP_rating_under_attack;
   3.106 +
   3.107 +        color = MIN(color, _color);
   3.108 +    }
   3.109 +
   3.110 +    return color;
   3.111 +}
   3.112 +
   3.113  DYNAMIC_API PEP_STATUS decrypt_message(
   3.114          PEP_SESSION session,
   3.115          message *src,
   3.116          PEP_MIME_format mime,
   3.117          message **dst,
   3.118 -        stringlist_t **keylist
   3.119 +        stringlist_t **keylist,
   3.120 +        PEP_color *color
   3.121      )
   3.122  {
   3.123      PEP_STATUS status = PEP_STATUS_OK;
   3.124 @@ -684,11 +782,14 @@
   3.125      assert(src);
   3.126      assert(dst);
   3.127      assert(keylist);
   3.128 +    assert(color);
   3.129  
   3.130 -    if (!(session && src && dst && keylist))
   3.131 +    if (!(session && src && dst && keylist && color))
   3.132          return PEP_ILLEGAL_VALUE;
   3.133  
   3.134      *dst = NULL;
   3.135 +    *keylist = NULL;
   3.136 +    *color = PEP_rating_undefined;
   3.137   
   3.138      determine_encryption_format(src);
   3.139      import_attached_keys(session, src);
   3.140 @@ -724,9 +825,18 @@
   3.141  
   3.142      status = decrypt_and_verify(session, ctext, csize, &ptext, &psize,
   3.143              &_keylist);
   3.144 +    *color = decrypt_color(status);
   3.145      if (ptext == NULL)
   3.146          goto pep_error;
   3.147  
   3.148 +    if (*color != PEP_rating_under_attack) {
   3.149 +        PEP_color _color = keylist_color(session, _keylist);
   3.150 +        if (_color == PEP_rating_under_attack)
   3.151 +            *color = PEP_rating_under_attack;
   3.152 +        else
   3.153 +            *color = MIN(*color, _color);
   3.154 +    }
   3.155 +
   3.156      switch (src->enc_format) {
   3.157          case PEP_enc_PGP_MIME:
   3.158              status = mime_decode_message(ptext, &msg);
   3.159 @@ -902,31 +1012,7 @@
   3.160      }
   3.161  }
   3.162  
   3.163 -static PEP_color _rating(PEP_comm_type ct)
   3.164 -{
   3.165 -    if (ct == PEP_ct_unknown)
   3.166 -        return PEP_rating_undefined;
   3.167 -
   3.168 -    else if (ct == PEP_ct_compromized)
   3.169 -        return PEP_rating_under_attack;
   3.170 -
   3.171 -    else if (ct >= PEP_ct_confirmed_enc_anon)
   3.172 -        return PEP_rating_trusted_and_anonymized;
   3.173 -
   3.174 -    else if (ct >= PEP_ct_strong_encryption)
   3.175 -        return PEP_rating_trusted;
   3.176 -
   3.177 -    else if (ct >= PEP_ct_strong_but_unconfirmed && ct < PEP_ct_confirmed)
   3.178 -        return PEP_rating_reliable;
   3.179 -    
   3.180 -    else if (ct == PEP_ct_no_encryption || ct == PEP_ct_no_encrypted_channel)
   3.181 -        return PEP_rating_unencrypted;
   3.182 -
   3.183 -    else
   3.184 -        return PEP_rating_unreliable;
   3.185 -}
   3.186 -
   3.187 -DYNAMIC_API PEP_STATUS message_color(
   3.188 +DYNAMIC_API PEP_STATUS outgoing_message_color(
   3.189          PEP_SESSION session,
   3.190          message *msg,
   3.191          PEP_color *color
   3.192 @@ -939,50 +1025,40 @@
   3.193  
   3.194      assert(session);
   3.195      assert(msg);
   3.196 +    assert(msg->from);
   3.197 +    assert(msg->dir == PEP_dir_outgoing);
   3.198      assert(color);
   3.199  
   3.200      if (!(session && msg && color))
   3.201          return PEP_ILLEGAL_VALUE;
   3.202  
   3.203 +    if (msg->from == NULL || msg->dir != PEP_dir_outgoing)
   3.204 +        return PEP_ILLEGAL_VALUE;
   3.205 +
   3.206      *color = PEP_rating_undefined;
   3.207  
   3.208      assert(msg->from);
   3.209      if (msg->from == NULL)
   3.210          return PEP_ILLEGAL_VALUE;
   3.211  
   3.212 -    switch (msg->dir) {
   3.213 -        case PEP_dir_incoming:
   3.214 -            status = update_identity(session, msg->from);
   3.215 -            if (status != PEP_STATUS_OK)
   3.216 -                return status;
   3.217 -            max_comm_type = msg->from->comm_type;
   3.218 +    status = myself(session, msg->from);
   3.219 +    if (status != PEP_STATUS_OK)
   3.220 +        return status;
   3.221 +
   3.222 +    for (il = msg->to; il != NULL; il = il->next) {
   3.223 +        if (il->ident) {
   3.224 +            max_comm_type = _get_comm_type(session, max_comm_type,
   3.225 +                    il->ident);
   3.226              comm_type_determined = true;
   3.227 -            break;
   3.228 -        
   3.229 -        case PEP_dir_outgoing:
   3.230 -            status = myself(session, msg->from);
   3.231 -            if (status != PEP_STATUS_OK)
   3.232 -                return status;
   3.233 +        }
   3.234 +    }
   3.235  
   3.236 -            for (il = msg->to; il != NULL; il = il->next) {
   3.237 -                if (il->ident) {
   3.238 -                    max_comm_type = _get_comm_type(session, max_comm_type,
   3.239 -                            il->ident);
   3.240 -                    comm_type_determined = true;
   3.241 -                }
   3.242 -            }
   3.243 -
   3.244 -            for (il = msg->cc; il != NULL; il = il->next) {
   3.245 -                if (il->ident) {
   3.246 -                    max_comm_type = _get_comm_type(session, max_comm_type,
   3.247 -                            il->ident);
   3.248 -                    comm_type_determined = true;
   3.249 -                }
   3.250 -            }
   3.251 -            break;
   3.252 -
   3.253 -        default:
   3.254 -            return PEP_ILLEGAL_VALUE;
   3.255 +    for (il = msg->cc; il != NULL; il = il->next) {
   3.256 +        if (il->ident) {
   3.257 +            max_comm_type = _get_comm_type(session, max_comm_type,
   3.258 +                    il->ident);
   3.259 +            comm_type_determined = true;
   3.260 +        }
   3.261      }
   3.262  
   3.263      if (comm_type_determined == false)
     4.1 --- a/src/message_api.h	Wed May 06 13:46:08 2015 +0200
     4.2 +++ b/src/message_api.h	Wed May 06 20:16:53 2015 +0200
     4.3 @@ -31,7 +31,8 @@
     4.4  //		PEP_GET_KEY_FAILED		        cannot retrieve key
     4.5  //
     4.6  //	caveat:
     4.7 -//	    the ownership of the new message goes to the caller
     4.8 +//	    the ownershop of src remains with the caller
     4.9 +//	    the ownership of dst goes to the caller
    4.10  //	    if src is unencrypted this function returns PEP_UNENCRYPTED and sets
    4.11  //	    dst to NULL
    4.12  
    4.13 @@ -44,30 +45,6 @@
    4.14      );
    4.15  
    4.16  
    4.17 -// decrypt_message() - decrypt message in memory
    4.18 -//
    4.19 -//  parameters:
    4.20 -//      session (in)        session handle
    4.21 -//      src (in)            message to decrypt
    4.22 -//      mime (in)           MIME encoding wanted
    4.23 -//      dst (out)           pointer to new decrypted message or NULL on failure
    4.24 -//      keylist (out)       stringlist with keyids
    4.25 -//
    4.26 -//  return value:
    4.27 -//      error status or PEP_STATUS_OK on success
    4.28 -//
    4.29 -//	caveat:
    4.30 -//	    the ownership of the new message goes to the caller
    4.31 -
    4.32 -DYNAMIC_API PEP_STATUS decrypt_message(
    4.33 -        PEP_SESSION session,
    4.34 -        message *src,
    4.35 -        PEP_MIME_format mime,
    4.36 -        message **dst,
    4.37 -        stringlist_t **keylist
    4.38 -    );
    4.39 -
    4.40 -
    4.41  typedef enum _PEP_color {
    4.42      PEP_rating_undefined = 0,
    4.43      PEP_rating_unencrypted,
    4.44 @@ -85,7 +62,35 @@
    4.45      PEP_rating_b0rken = -2
    4.46  } PEP_color;
    4.47  
    4.48 -// message_color() - get color for a message
    4.49 +// decrypt_message() - decrypt message in memory
    4.50 +//
    4.51 +//  parameters:
    4.52 +//      session (in)        session handle
    4.53 +//      src (in)            message to decrypt
    4.54 +//      mime (in)           MIME encoding wanted
    4.55 +//      dst (out)           pointer to new decrypted message or NULL on failure
    4.56 +//      keylist (out)       stringlist with keyids
    4.57 +//      color (out)         color for the message
    4.58 +//
    4.59 +//  return value:
    4.60 +//      error status or PEP_STATUS_OK on success
    4.61 +//
    4.62 +//	caveat:
    4.63 +//	    the ownership of src remains with the caller
    4.64 +//	    the ownership of dst goes to the caller
    4.65 +//	    the ownership of keylist goes to the caller
    4.66 +
    4.67 +DYNAMIC_API PEP_STATUS decrypt_message(
    4.68 +        PEP_SESSION session,
    4.69 +        message *src,
    4.70 +        PEP_MIME_format mime,
    4.71 +        message **dst,
    4.72 +        stringlist_t **keylist,
    4.73 +        PEP_color *color
    4.74 +    );
    4.75 +
    4.76 +
    4.77 +// outgoing_message_color() - get color for an outgoing message
    4.78  //
    4.79  //  parameters:
    4.80  //      session (in)        session handle
    4.81 @@ -97,8 +102,10 @@
    4.82  //
    4.83  //  caveat:
    4.84  //      msg->from must point to a valid pEp_identity
    4.85 +//      msg->dir must be PEP_dir_outgoing
    4.86 +//      the ownership of msg remains with the caller
    4.87  
    4.88 -DYNAMIC_API PEP_STATUS message_color(
    4.89 +DYNAMIC_API PEP_STATUS outgoing_message_color(
    4.90          PEP_SESSION session,
    4.91          message *msg,
    4.92          PEP_color *color
    4.93 @@ -114,6 +121,9 @@
    4.94  //
    4.95  //  return value:
    4.96  //      error status or PEP_STATUS_OK on success
    4.97 +//
    4.98 +//  caveat:
    4.99 +//      the ownership of ident remains with the caller
   4.100  
   4.101  DYNAMIC_API PEP_STATUS identity_color(
   4.102          PEP_SESSION session,
     5.1 --- a/src/pEpEngine.c	Wed May 06 13:46:08 2015 +0200
     5.2 +++ b/src/pEpEngine.c	Wed May 06 20:16:53 2015 +0200
     5.3 @@ -17,6 +17,7 @@
     5.4  	static const char *sql_set_identity;
     5.5  	static const char *sql_set_trust;
     5.6      static const char *sql_get_trust;
     5.7 +    static const char *sql_least_trust;
     5.8      bool in_first = false;
     5.9  
    5.10      assert(sqlite3_threadsafe());
    5.11 @@ -193,6 +194,8 @@
    5.12  
    5.13          sql_get_trust = "select user_id, comm_type from trust where user_id = ?1 "
    5.14                          "and pgp_keypair_fpr = ?2 ;";
    5.15 +
    5.16 +        sql_least_trust = "select min(comm_type) from trust where pgp_keypair_fpr = ?1 ;";
    5.17      }
    5.18  
    5.19      int_result = sqlite3_prepare_v2(_session->db, sql_log, strlen(sql_log),
    5.20 @@ -227,6 +230,10 @@
    5.21              strlen(sql_get_trust), &_session->get_trust, NULL);
    5.22      assert(int_result == SQLITE_OK);
    5.23  
    5.24 +    int_result = sqlite3_prepare_v2(_session->db, sql_least_trust,
    5.25 +            strlen(sql_least_trust), &_session->least_trust, NULL);
    5.26 +    assert(int_result == SQLITE_OK);
    5.27 +
    5.28      status = init_cryptotech(_session, in_first);
    5.29      if (status != PEP_STATUS_OK)
    5.30          goto pep_error;
    5.31 @@ -285,6 +292,8 @@
    5.32                  sqlite3_finalize(session->set_trust);
    5.33              if (session->get_trust)
    5.34                  sqlite3_finalize(session->get_trust);
    5.35 +            if (session->least_trust)
    5.36 +                sqlite3_finalize(session->least_trust);
    5.37  
    5.38              if (session->db)
    5.39                  sqlite3_close_v2(session->db);
    5.40 @@ -374,9 +383,9 @@
    5.41  		if (*word)
    5.42              *wsize = sqlite3_column_bytes(session->trustword, 1);
    5.43  		else
    5.44 -			status = PEP_SAFEWORD_NOT_FOUND;
    5.45 +			status = PEP_TRUSTWORD_NOT_FOUND;
    5.46  	} else
    5.47 -		status = PEP_SAFEWORD_NOT_FOUND;
    5.48 +		status = PEP_TRUSTWORD_NOT_FOUND;
    5.49  
    5.50  	sqlite3_reset(session->trustword);
    5.51  	return status;
    5.52 @@ -405,7 +414,7 @@
    5.53  	*words = NULL;
    5.54  	*wsize = 0;
    5.55  
    5.56 -    buffer = calloc(1, MAX_SAFEWORDS_SPACE);
    5.57 +    buffer = calloc(1, MAX_TRUSTWORDS_SPACE);
    5.58      assert(buffer);
    5.59      if (buffer == NULL)
    5.60          return PEP_OUT_OF_MEMORY;
    5.61 @@ -447,10 +456,10 @@
    5.62          }
    5.63  		if (word == NULL) {
    5.64              free(buffer);
    5.65 -			return PEP_SAFEWORD_NOT_FOUND;
    5.66 +			return PEP_TRUSTWORD_NOT_FOUND;
    5.67          }
    5.68  
    5.69 -		if (dest + _wsize < buffer + MAX_SAFEWORDS_SPACE - 1) {
    5.70 +		if (dest + _wsize < buffer + MAX_TRUSTWORDS_SPACE - 1) {
    5.71  			strncpy(dest, word, _wsize);
    5.72              free(word);
    5.73  			dest += _wsize;
    5.74 @@ -461,7 +470,7 @@
    5.75          }
    5.76  
    5.77  		if (source < fingerprint + fsize
    5.78 -                && dest + _wsize < buffer + MAX_SAFEWORDS_SPACE - 1)
    5.79 +                && dest + _wsize < buffer + MAX_TRUSTWORDS_SPACE - 1)
    5.80  			*dest++ = ' ';
    5.81  
    5.82  		++n_words;
    5.83 @@ -738,6 +747,41 @@
    5.84      return status;
    5.85  }
    5.86  
    5.87 +DYNAMIC_API PEP_STATUS least_trust(
    5.88 +        PEP_SESSION session,
    5.89 +        const char *fpr,
    5.90 +        PEP_comm_type *comm_type
    5.91 +    )
    5.92 +{
    5.93 +    PEP_STATUS status = PEP_STATUS_OK;
    5.94 +    int result;
    5.95 +    PEP_comm_type _comm_type = PEP_ct_unknown;
    5.96 +
    5.97 +    assert(session);
    5.98 +    assert(fpr);
    5.99 +    assert(comm_type);
   5.100 +
   5.101 +    if (!(session && fpr && comm_type))
   5.102 +        return PEP_ILLEGAL_VALUE;
   5.103 +
   5.104 +    sqlite3_reset(session->least_trust);
   5.105 +    sqlite3_bind_text(session->least_trust, 1, fpr, -1, SQLITE_STATIC);
   5.106 +
   5.107 +    result = sqlite3_step(session->least_trust);
   5.108 +    switch (result) {
   5.109 +        case SQLITE_ROW: {
   5.110 +            *comm_type = (PEP_comm_type)
   5.111 +                    sqlite3_column_int(session->get_identity, 1);
   5.112 +            break;
   5.113 +        }
   5.114 +        default:
   5.115 +            status = PEP_CANNOT_FIND_IDENTITY;
   5.116 +    }
   5.117 +
   5.118 +    sqlite3_reset(session->least_trust);
   5.119 +    return status;
   5.120 +}
   5.121 +
   5.122  DYNAMIC_API PEP_STATUS decrypt_and_verify(
   5.123      PEP_SESSION session, const char *ctext, size_t csize,
   5.124      char **ptext, size_t *psize, stringlist_t **keylist
     6.1 --- a/src/pEpEngine.h	Wed May 06 13:46:08 2015 +0200
     6.2 +++ b/src/pEpEngine.h	Wed May 06 20:16:53 2015 +0200
     6.3 @@ -56,7 +56,7 @@
     6.4      PEP_VERIFIED_AND_TRUSTED                        = 0x0408,
     6.5  	PEP_CANNOT_DECRYPT_UNKNOWN						= 0x04ff,
     6.6  
     6.7 -	PEP_SAFEWORD_NOT_FOUND							= 0x0501,
     6.8 +	PEP_TRUSTWORD_NOT_FOUND							= 0x0501,
     6.9  
    6.10      PEP_CANNOT_CREATE_KEY                           = 0x0601,
    6.11      PEP_CANNOT_SEND_KEY                             = 0x0602,
    6.12 @@ -230,7 +230,7 @@
    6.13  //
    6.14  //	return value:
    6.15  //	    PEP_STATUS_OK           trustword retrieved
    6.16 -//	    PEP_SAFEWORD_NOT_FOUND  trustword not found
    6.17 +//	    PEP_TRUSTWORD_NOT_FOUND  trustword not found
    6.18  //
    6.19  //	caveat:
    6.20  //		the word pointer goes to the ownership of the caller
    6.21 @@ -259,7 +259,7 @@
    6.22  //	return value:
    6.23  //	    PEP_STATUS_OK           trustwords retrieved
    6.24  //      PEP_OUT_OF_MEMORY       out of memory
    6.25 -//	    PEP_SAFEWORD_NOT_FOUND  at least one trustword not found
    6.26 +//	    PEP_TRUSTWORD_NOT_FOUND at least one trustword not found
    6.27  //
    6.28  //	caveat:
    6.29  //		the word pointer goes to the ownership of the caller
    6.30 @@ -583,13 +583,29 @@
    6.31  //                              user_id and comm_type as result (out)
    6.32  //
    6.33  //  this function modifies the given identity struct; the struct remains in
    6.34 -// the ownership of the caller
    6.35 +//  the ownership of the caller
    6.36  //  if the trust level cannot be determined identity->comm_type is set
    6.37  //  to PEP_ct_unknown
    6.38  
    6.39  DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
    6.40  
    6.41  
    6.42 +// least_trust() - get the least known trust level for a key in the database
    6.43 +//
    6.44 +//  parameters:
    6.45 +//      session (in)            session handle
    6.46 +//      fpr (in)                fingerprint of key to check
    6.47 +//      comm_type (out)         least comm_type as result (out)
    6.48 +//
    6.49 +//  if the trust level cannot be determined comm_type is set to PEP_ct_unknown
    6.50 +
    6.51 +DYNAMIC_API PEP_STATUS least_trust(
    6.52 +        PEP_SESSION session,
    6.53 +        const char *fpr,
    6.54 +        PEP_comm_type *comm_type
    6.55 +    );
    6.56 +
    6.57 +
    6.58  // get_key_rating() - get the rating a bare key has
    6.59  //
    6.60  //  parameters:
     7.1 --- a/src/pEp_internal.h	Wed May 06 13:46:08 2015 +0200
     7.2 +++ b/src/pEp_internal.h	Wed May 06 20:16:53 2015 +0200
     7.3 @@ -1,7 +1,7 @@
     7.4  #define PEP_ENGINE_VERSION "0.5.0"
     7.5  
     7.6  // this is 20 trustwords with 79 chars max
     7.7 -#define MAX_SAFEWORDS_SPACE (20 * 80)
     7.8 +#define MAX_TRUSTWORDS_SPACE (20 * 80)
     7.9  
    7.10  // XML parameters string
    7.11  #define PARMS_MAX 32768
    7.12 @@ -84,6 +84,7 @@
    7.13      sqlite3_stmt *set_identity;
    7.14      sqlite3_stmt *set_trust;
    7.15      sqlite3_stmt *get_trust;
    7.16 +    sqlite3_stmt *least_trust;
    7.17  } pEpSession;
    7.18  
    7.19  PEP_STATUS init_transport_system(PEP_SESSION session, bool in_first);
     8.1 --- a/test/message_api_test.cc	Wed May 06 13:46:08 2015 +0200
     8.2 +++ b/test/message_api_test.cc	Wed May 06 20:16:53 2015 +0200
     8.3 @@ -66,7 +66,8 @@
     8.4  
     8.5      message *msg4;
     8.6      stringlist_t *keylist4;
     8.7 -    PEP_STATUS status4 = decrypt_message(session, enc_msg2, PEP_MIME_none, &msg4, &keylist4);
     8.8 +    PEP_color color;
     8.9 +    PEP_STATUS status4 = decrypt_message(session, enc_msg2, PEP_MIME_none, &msg4, &keylist4, &color);
    8.10      assert(status4 == PEP_STATUS_OK);
    8.11      assert(msg4);
    8.12      assert(keylist4);