|
|
|
|
@ -60,31 +60,6 @@ protocol session {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method initialise_own_identities
|
|
|
|
|
doc="ensures that an own identity is complete"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
supply identity_list my_idents
|
|
|
|
|
doc="""
|
|
|
|
|
identities of local user to quick-set
|
|
|
|
|
For these, at least .address must be set.
|
|
|
|
|
if no .user_id is set, AND the DB doesn't contain
|
|
|
|
|
a default user_id, own_userid will be used and
|
|
|
|
|
become the perennial default for the DB.
|
|
|
|
|
|
|
|
|
|
This function does NOT generate keypairs. It is intended to
|
|
|
|
|
precede running of the engine on actual messages. It effectively
|
|
|
|
|
behaves like myself(), but when there would normally be key generation
|
|
|
|
|
(when there is no valid key, for example),
|
|
|
|
|
it instead stores an identity without keys.
|
|
|
|
|
|
|
|
|
|
N.B. to adapter devs - this function is likely unnecessary, so please
|
|
|
|
|
do not put work into exposing it yet. Tickets will be filed if need be.
|
|
|
|
|
"""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method myself
|
|
|
|
|
doc="ensures that an own identity is complete"
|
|
|
|
|
{
|
|
|
|
|
@ -115,53 +90,6 @@ protocol session {
|
|
|
|
|
"""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
method retrieve_next_identity
|
|
|
|
|
doc="callback being called by do_keymanagement"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
XXXXXX
|
|
|
|
|
|
|
|
|
|
method examine_identity
|
|
|
|
|
doc="callback for appending to queue"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
XXXX
|
|
|
|
|
|
|
|
|
|
method register_examine_function
|
|
|
|
|
doc="register examine_identity() callback"
|
|
|
|
|
{
|
|
|
|
|
//parms
|
|
|
|
|
|
|
|
|
|
provide?? examine_identity?? examine_identity doc="examine_identity() function to register";
|
|
|
|
|
|
|
|
|
|
provide void management doc="data structure to deliver (implementation defined)"
|
|
|
|
|
|
|
|
|
|
XXX?
|
|
|
|
|
// do_keymanagement() - function to be run on an extra thread
|
|
|
|
|
//
|
|
|
|
|
// parameters:
|
|
|
|
|
// retrieve_next_identity (in) pointer to retrieve_next_identity()
|
|
|
|
|
// callback which returns at least a valid
|
|
|
|
|
// address field in the identity struct
|
|
|
|
|
//
|
|
|
|
|
// return value:
|
|
|
|
|
// PEP_STATUS_OK if thread has to terminate successfully or any other
|
|
|
|
|
// value on failure
|
|
|
|
|
//
|
|
|
|
|
// caveat:
|
|
|
|
|
// to ensure proper working of this library, a thread has to be started
|
|
|
|
|
// with this function immediately after initialization
|
|
|
|
|
//
|
|
|
|
|
// do_keymanagement() calls retrieve_next_identity(management)
|
|
|
|
|
//
|
|
|
|
|
// messageToSend can only be null if no transport is application based
|
|
|
|
|
// if transport system is not used it must not be NULL
|
|
|
|
|
DYNAMIC_API PEP_STATUS do_keymanagement(
|
|
|
|
|
retrieve_next_identity_t retrieve_next_identity,
|
|
|
|
|
void *management
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method key_mistrusted
|
|
|
|
|
doc="mark key as being compromised"
|
|
|
|
|
@ -183,37 +111,118 @@ DYNAMIC_API PEP_STATUS do_keymanagement(
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method trust_personal_key
|
|
|
|
|
method trust_personal_key
|
|
|
|
|
doc="mark a key as trusted for a user"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
ident (in) person and key to trust in - this must not be an
|
|
|
|
|
// own_identity in which the .me flag is set or
|
|
|
|
|
// the user_id is an own user_id.
|
|
|
|
|
//
|
|
|
|
|
// caveat:
|
|
|
|
|
// the fields user_id, address and fpr must be supplied
|
|
|
|
|
// own identities will result in a return of PEP_ILLEGAL_VALUE.
|
|
|
|
|
// for non-own users, this will 1) set the trust bit on its comm type in the DB,
|
|
|
|
|
// 2) set this key as the identity default if the current identity default
|
|
|
|
|
// is not trusted, and 3) set this key as the user default if the current
|
|
|
|
|
// user default is not trusted.
|
|
|
|
|
|
|
|
|
|
DYNAMIC_API PEP_STATUS trust_personal_key(
|
|
|
|
|
PEP_SESSION session,
|
|
|
|
|
pEp_identity *ident
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
use identity ident
|
|
|
|
|
doc="""
|
|
|
|
|
person and key to trust in - this must not be an own_identity in which
|
|
|
|
|
the .me flag is set or the user_id is an own user_id. The fields user_id,
|
|
|
|
|
address and fpr must be supplied own identities will result in a return
|
|
|
|
|
of illegal_value.
|
|
|
|
|
For non-own users, this will 1) set the trust bit on its comm type in the DB,
|
|
|
|
|
2) set this key as the identity default if the current identity default
|
|
|
|
|
is not trusted, and 3) set this key as the user default if the current user
|
|
|
|
|
default is not trusted.
|
|
|
|
|
"""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method trust_own_key
|
|
|
|
|
doc="""
|
|
|
|
|
mark a key as trusted for self, generally used when we need to trust
|
|
|
|
|
a public key associated with outselves for issues like manual key import.
|
|
|
|
|
"""
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
use identity ident
|
|
|
|
|
doc="""
|
|
|
|
|
own ident containing fpr to trust.
|
|
|
|
|
If this is a public key only, keep in mind that if the private part of the
|
|
|
|
|
keypair is later added, it will not undergo separate trust evaluation. This
|
|
|
|
|
is fine - even desired - as long as the semantics of this function are
|
|
|
|
|
understood as both trusting the key and verifying it as an own key. This will
|
|
|
|
|
NEVER cause replacement of or setting of a default *alone*. However, if a
|
|
|
|
|
private key is ever associated with this fpr, please keep in mind that trusting
|
|
|
|
|
it here makes it an eligible key for selection for encryption later. So use
|
|
|
|
|
this function on purpose with an understanding of what you're doing!
|
|
|
|
|
"""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method key_reset_trust
|
|
|
|
|
doc="""
|
|
|
|
|
reset trust bit or explicitly mistrusted status for an identity and its
|
|
|
|
|
accompanying key/user_id pair.
|
|
|
|
|
"""
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
use ientity ident
|
|
|
|
|
doc="""
|
|
|
|
|
identity for person and key whose trust status is to be reset.
|
|
|
|
|
Ident is INPUT ONLY. If you want updated trust on the identity, you'll have
|
|
|
|
|
to call update_identity or myself respectively after this.
|
|
|
|
|
N.B. If you are calling this on a key that is the identity or user default,
|
|
|
|
|
it will be removed as the default key for the identity and user (but is still
|
|
|
|
|
available for key election, it is just not the cached default anymore).
|
|
|
|
|
"""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method own_key_is_listed
|
|
|
|
|
doc="returns true id key is listed as own key"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
use hash fpr doc="fingerprint of key to test"
|
|
|
|
|
|
|
|
|
|
return bool listed doc="flags if key is own"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method own_identities_retrieve
|
|
|
|
|
doc="retrieve all own identities"
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
create identity_list own_identities
|
|
|
|
|
doc="""
|
|
|
|
|
list of own identities.
|
|
|
|
|
The ownership of the copy of own_identities goes to the caller.
|
|
|
|
|
"""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method own_keys_retrieve
|
|
|
|
|
doc="retrieve all flagged keypair fingerprints"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
create hashlist keylist doc="list of fingerprints"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
method set_own_key
|
|
|
|
|
doc="mark a key as own key"
|
|
|
|
|
{
|
|
|
|
|
// parms
|
|
|
|
|
|
|
|
|
|
supply identity me
|
|
|
|
|
doc="""
|
|
|
|
|
own identity this key is used for. The key has to be in the key ring already.
|
|
|
|
|
me->address, me->user_id and me->username must be set to valid data.
|
|
|
|
|
myself is called by set_own_key without key generation.
|
|
|
|
|
me->flags are ignored
|
|
|
|
|
me->address must not be an alias
|
|
|
|
|
me->fpr will be ignored and replaced by fpr.
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
use hash fpr (in) fingerprint of the key to mark as own key
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
nk
4 years ago