pEp.foundation
/
pEpEngine
14
1
Fork 13
Code Issues Pull Requests 3 Releases 453 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
965 Commits
94 Branches
144 MiB
Tree: 7c7e80dd89
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7c7e80dd89'
${ noResults }
pEpEngine/src/keymanagement.c

812 lines
22 KiB
Raw Normal View History

modifications for Windoze
8 years ago
initial commit
8 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
initial commit
8 years ago
...
7 years ago
initial commit
8 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
remove unused MIN, fix () on EMPTYSTR macro
7 years ago
moving functionality into pEpEngine
8 years ago
checking if own key is expired and renew it on demand
7 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
Fixed infinite loop in keymanagement.c/_same_fpr(), when fingerprints are different
6 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
Fixed infinite loop in keymanagement.c/_same_fpr(), when fingerprints are different
6 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
Fixed infinite loop in keymanagement.c/_same_fpr(), when fingerprints are different
6 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
Fixed infinite loop in keymanagement.c/_same_fpr(), when fingerprints are different
6 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
Fixed infinite loop in keymanagement.c/_same_fpr(), when fingerprints are different
6 years ago
Comparing fingerprints now accepts spaces and upper and lower case
7 years ago
Moved myself() own key election to a separate function
6 years ago
trying to get a better key in update_identity, when existing key has been revoked
6 years ago
initial commit
8 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
initial commit
8 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
safety
7 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
ENGINE-94 Workaround key-election not being stored in case of expired key
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
remove size fields of pEp_identity
6 years ago
Removed get_best_user, leading to unexpected behaviour when user_id is made null again, for example when corresponding app contact is deleted
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
Removed get_best_user, leading to unexpected behaviour when user_id is made null again, for example when corresponding app contact is deleted
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
BUGFIX: user_id cropped
6 years ago
Removed get_best_user, leading to unexpected behaviour when user_id is made null again, for example when corresponding app contact is deleted
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
adding set_identity_flags_test
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
initial commit
8 years ago
fix #30 : memleak in myself(): stored_identity is never freed in keymanagement.c
6 years ago
initial commit
8 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: update_identity no longer pays attention to the input identity's fpr, but pulls one from elect_pubkey.
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
initial commit
8 years ago
...
8 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
fix #30 : memleak in myself(): stored_identity is never freed in keymanagement.c
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
fix #30 : memleak in myself(): stored_identity is never freed in keymanagement.c
6 years ago
bugfix: update_identity
8 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
...
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
moving functionality into pEpEngine
8 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
moving functionality into pEpEngine
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
moving functionality into pEpEngine
8 years ago
adding set_identity_flags()
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
moving functionality into pEpEngine
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
adding set_identity_flags_test
6 years ago
ENGINE-27: intermittent commit, update_identity should now never try to set or return a blacklisted key
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: #comment I forgot one possible blacklist case. If you still get an assertion fail, I'd appreciate capturing the error type if you can so I can follow the logic. Please pull and try again...
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: #comment I forgot one possible blacklist case. If you still get an assertion fail, I'd appreciate capturing the error type if you can so I can follow the logic. Please pull and try again...
6 years ago
bugfix: when identity is not stored yet, update_identity failes
8 years ago
ENGINE-27: #comment I forgot one possible blacklist case. If you still get an assertion fail, I'd appreciate capturing the error type if you can so I can follow the logic. Please pull and try again...
6 years ago
bugfix: when identity is not stored yet, update_identity failes
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: #comment I forgot one possible blacklist case. If you still get an assertion fail, I'd appreciate capturing the error type if you can so I can follow the logic. Please pull and try again...
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: #comment I forgot one possible blacklist case. If you still get an assertion fail, I'd appreciate capturing the error type if you can so I can follow the logic. Please pull and try again...
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: #comment I forgot one possible blacklist case. If you still get an assertion fail, I'd appreciate capturing the error type if you can so I can follow the logic. Please pull and try again...
6 years ago
bugfix: when identity is not stored yet, update_identity failes
8 years ago
initial commit
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
ENGINE-27: setting fpr to empty string, not NULL, so set_identity doesn't crash.
6 years ago
moving functionality into pEpEngine
8 years ago
initial commit
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
bugfix: update_identity
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
fix #30 : memleak in myself(): stored_identity is never freed in keymanagement.c
6 years ago
bugfix: when identity is not stored yet, update_identity failes
8 years ago
trying to get a better key in update_identity, when existing key has been revoked
6 years ago
ENGINE-94 Workaround key-election not being stored in case of expired key
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
fix #30 : memleak in myself(): stored_identity is never freed in keymanagement.c
6 years ago
Fixed Primary Key of identity table. Was (address) and know is (address, user_id). Added 'virtual' user_id (const string + address) as a side effect, in case user_id isn't given and no user have been created with same address.
6 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
moving functionality into pEpEngine
8 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
better policy
7 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
better policy
7 years ago
fix #30 : memleak in myself(): stored_identity is never freed in keymanagement.c
6 years ago
ENGINE-27: blacklist_is_listed will no longer be called with empty/null strings in update_identity (caused assert failure)
6 years ago
moving functionality into pEpEngine
8 years ago
initial commit
8 years ago
Moved myself() own key election to a separate function
6 years ago
ENGINE-27: type
6 years ago
Moved myself() own key election to a separate function
6 years ago
initial commit
8 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
initial commit
8 years ago
Remove own_keys table, added PEP_OWN_USERID, unique person userId for any own identities and keys.
6 years ago
initial commit
8 years ago
safety
7 years ago
Remove own_keys table, added PEP_OWN_USERID, unique person userId for any own identities and keys.
6 years ago
safety
7 years ago
initial commit
8 years ago
Remove own_keys table, added PEP_OWN_USERID, unique person userId for any own identities and keys.
6 years ago
initial commit
8 years ago
DEBUG_LOG() for keymanagement
7 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
initial commit
8 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
remove size fields of pEp_identity
6 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
adding set_identity_flags()
6 years ago
Own keys, now filled and used by myself()
6 years ago
Remove own_keys table, added PEP_OWN_USERID, unique person userId for any own identities and keys.
6 years ago
adding set_identity_flags_test
6 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
Moved myself() own key election to a separate function
6 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
adding set_identity_flags_test
6 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
Myself records replaced revoked key when generating a new key to replace revoked key
6 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
Myself records replaced revoked key when generating a new key to replace revoked key
6 years ago
Myself() : elect another pre-existing private key if stored own identity key have been removed from GPG keyring (Outlook+GPA case)
6 years ago
Myself records replaced revoked key when generating a new key to replace revoked key
6 years ago
Revocation-related fixes
6 years ago
Myself records replaced revoked key when generating a new key to replace revoked key
6 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
DEBUG_LOG() for keymanagement
7 years ago
initial commit
8 years ago
DEBUG_LOG() for keymanagement
7 years ago
Myself records replaced revoked key when generating a new key to replace revoked key
6 years ago
initial commit
8 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
Myself records replaced revoked key when generating a new key to replace revoked key
6 years ago
Fixed double free and unprotected NULL dereferencing.
7 years ago
initial commit
8 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
checking if own key is expired and renew it on demand
7 years ago
Test for expiry one week before it happens
6 years ago
checking if own key is expired and renew it on demand
7 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
Own keys, now filled and used by myself()
6 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
checking if own key is expired and renew it on demand
7 years ago
Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.
6 years ago
checking if own key is expired and renew it on demand
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
Own keys, now filled and used by myself()
6 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
bugfix
7 years ago
examine callback
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
Fixed #32 : assert(keylist) without if in keymanagement.c:238
7 years ago
initial commit
8 years ago
key_compromized() added
7 years ago
DEBUG_LOG() for keymanagement
7 years ago
...
7 years ago
DEBUG_LOG() for keymanagement
7 years ago
key_compromized() added
7 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
DEBUG_LOG() for keymanagement
7 years ago
key_compromized() added
7 years ago
DEBUG_LOG() for keymanagement
7 years ago
key_compromized() added
7 years ago
Revocation-related fixes
6 years ago
key_compromized() added
7 years ago
Revocation-related fixes
6 years ago
...
7 years ago
DEBUG_LOG() for keymanagement
7 years ago
Added key_reset_trust, accepting identity instead of fpr
7 years ago
key_reset_trust() can reset trust_personal_key() only. key_compromized() cannot be reset now, because this would require to undo key revocation The "delete from" implementation in pEpEngine.c was not a good idea. It was deleting too much: trust with p≡p is between a key and a key owner (user_id).
7 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
Added key_reset_trust, accepting identity instead of fpr
7 years ago
key_reset_trust() can reset trust_personal_key() only. key_compromized() cannot be reset now, because this would require to undo key revocation The "delete from" implementation in pEpEngine.c was not a good idea. It was deleting too much: trust with p≡p is between a key and a key owner (user_id).
7 years ago
Added key_reset_trust, accepting identity instead of fpr
7 years ago
key_reset_trust() can reset trust_personal_key() only. key_compromized() cannot be reset now, because this would require to undo key revocation The "delete from" implementation in pEpEngine.c was not a good idea. It was deleting too much: trust with p≡p is between a key and a key owner (user_id).
7 years ago
Added key_reset_trust, accepting identity instead of fpr
7 years ago
intermediate state, implementing mistrust
7 years ago
An undo is possible for keys we don't own, and therefore have not revoked.
7 years ago
key_reset_trust() can reset trust_personal_key() only. key_compromized() cannot be reset now, because this would require to undo key revocation The "delete from" implementation in pEpEngine.c was not a good idea. It was deleting too much: trust with p≡p is between a key and a key owner (user_id).
7 years ago
An undo is possible for keys we don't own, and therefore have not revoked.
7 years ago
sparing a call
7 years ago
Added key_reset_trust, accepting identity instead of fpr
7 years ago
adding trust_personal_key()
7 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
adding trust_personal_key()
7 years ago
Renamed EMPTY macro to EMPTYSTR, conflicting with some apple includes, and then being always 0
7 years ago
adding trust_personal_key()
7 years ago
only what is yellow can be green MISSING FEATURE: S/MIME has to be handled depending on trusted CAs
7 years ago
Reworked logic in update_identity, when identity->fpr is provided
7 years ago
only what is yellow can be green MISSING FEATURE: S/MIME has to be handled depending on trusted CAs
7 years ago
PEP_CANNOT_SET_TRUST added
7 years ago
only what is yellow can be green MISSING FEATURE: S/MIME has to be handled depending on trusted CAs
7 years ago
adding trust_personal_key()
7 years ago
Own keys (SQL and accessors functions)
6 years ago
 
  1. #include "platform.h"

  2. 

  3. #include <string.h>

  4. #include <stdio.h>

  5. #include <stdlib.h>

  6. #include <assert.h>

  7. #include <ctype.h>

  8. 

  9. #include "pEp_internal.h"

  10. #include "keymanagement.h"

  11. 

  12. #ifndef EMPTYSTR

  13. #define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')

  14. #endif

  15. 

  16. #define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)

  17. 

  18. // Space tolerant and case insensitive fingerprint string compare

  19. static int _same_fpr(
  20.         const char* fpra,
  21.         size_t fpras,
  22.         const char* fprb,
  23.         size_t fprbs
  24.     )
  25. {
  26.     size_t ai = 0;
  27.     size_t bi = 0;
  28.     
  29.     do
  30.     {
  31.         if(fpra[ai] == 0 || fprb[bi] == 0)
  32.         {
  33.             return 0;
  34.         }
  35.         else if(fpra[ai] == ' ')
  36.         {
  37.             ai++;
  38.         }
  39.         else if(fprb[bi] == ' ')
  40.         {
  41.             bi++;
  42.         }
  43.         else if(toupper(fpra[ai]) == toupper(fprb[bi]))
  44.         {
  45.             ai++;
  46.             bi++;
  47.         }
  48.         else
  49.         {
  50.             return 0;
  51.         }
  52.         
  53.     }
  54.     while(ai < fpras && bi < fprbs);
  55.     
  56.     return ai == fpras && bi == fprbs;
  57. }
  58. 

  59. PEP_STATUS elect_pubkey(
  60.         PEP_SESSION session, pEp_identity * identity
  61.     )
  62. {
  63.     PEP_STATUS status;
  64.     stringlist_t *keylist;
  65.     char *_fpr = NULL;
  66.     identity->comm_type = PEP_ct_unknown;
  67. 

  68.     status = find_keys(session, identity->address, &keylist);
  69.     assert(status != PEP_OUT_OF_MEMORY);
  70.     if (status == PEP_OUT_OF_MEMORY)
  71.         return PEP_OUT_OF_MEMORY;
  72. 

  73.     stringlist_t *_keylist;
  74.     for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
  75.         PEP_comm_type _comm_type_key;
  76. 

  77.         status = get_key_rating(session, _keylist->value, &_comm_type_key);
  78.         assert(status != PEP_OUT_OF_MEMORY);
  79.         if (status == PEP_OUT_OF_MEMORY) {
  80.             free_stringlist(keylist);
  81.             return PEP_OUT_OF_MEMORY;
  82.         }
  83. 

  84.         if (_comm_type_key != PEP_ct_compromized &&
  85.             _comm_type_key != PEP_ct_unknown)
  86.         {
  87.             if (identity->comm_type == PEP_ct_unknown ||
  88.                 _comm_type_key > identity->comm_type)
  89.             {
  90.                 identity->comm_type = _comm_type_key;
  91.                 _fpr = _keylist->value;
  92.             }
  93.         }
  94.     }
  95. 

  96.     if (_fpr) {
  97.         free(identity->fpr);
  98. 

  99.         identity->fpr = strdup(_fpr);
  100.         if (identity->fpr == NULL) {
  101.             free_stringlist(keylist);
  102.             return PEP_OUT_OF_MEMORY;
  103.         }
  104.     }
  105.     free_stringlist(keylist);
  106.     return PEP_STATUS_OK;
  107. }
  108. 

  109. DYNAMIC_API PEP_STATUS update_identity(
  110.         PEP_SESSION session, pEp_identity * identity
  111.     )
  112. {
  113.     pEp_identity *stored_identity;
  114.     PEP_STATUS status;
  115. 

  116.     assert(session);
  117.     assert(identity);
  118.     assert(!EMPTYSTR(identity->address));
  119. 

  120.     if (!(session && identity && !EMPTYSTR(identity->address)))
  121.         return PEP_ILLEGAL_VALUE;
  122. 

  123.     int _no_user_id = EMPTYSTR(identity->user_id);
  124.     int _did_elect_new_key = 0;
  125. 

  126.     if (_no_user_id)
  127.     {
  128.         free(identity->user_id);
  129. 

  130.         identity->user_id = calloc(1, strlen(identity->address) + 6);
  131.         if (!identity->user_id)
  132.         {
  133.             return PEP_OUT_OF_MEMORY;
  134.         }
  135.         snprintf(identity->user_id, strlen(identity->address) + 6,
  136.                  "TOFU_%s", identity->address);
  137.     }
  138.  
  139.     status = get_identity(session,
  140.                           identity->address,
  141.                           identity->user_id,
  142.                           &stored_identity);
  143.     
  144.     assert(status != PEP_OUT_OF_MEMORY);
  145.     if (status == PEP_OUT_OF_MEMORY)
  146.         goto exit_free;
  147. 

  148.     /* We elect a pubkey first in case there's no acceptable stored fpr */
  149.     pEp_identity* temp_id = identity_dup(identity);
  150.     
  151.     status = elect_pubkey(session, temp_id);
  152.     if (status != PEP_STATUS_OK)
  153.         goto exit_free;
  154.         
  155.     if (stored_identity) {
  156.         PEP_comm_type _comm_type_key;
  157.         
  158.         bool dont_use_fpr = true;
  159. 

  160.         /* if we have a stored_identity fpr */
  161.         if (!EMPTYSTR(stored_identity->fpr)) {
  162.             status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_fpr);
  163.             if (status != PEP_STATUS_OK)
  164.                 dont_use_fpr = true; 
  165.         }
  166.             
  167. 

  168.         if (!dont_use_fpr) {
  169.             free(temp_id->fpr);
  170.             temp_id->fpr = strdup(stored_identity->fpr);
  171.             assert(temp_id->fpr);
  172.             if (temp_id->fpr == NULL) {
  173.                 status = PEP_OUT_OF_MEMORY;
  174.                 goto exit_free;
  175.             }
  176.         }
  177.         else if (!EMPTYSTR(temp_id->fpr)) {
  178.             status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
  179.             if (dont_use_fpr) {
  180.                 free(temp_id->fpr);
  181.                 temp_id->fpr = strdup("");
  182.             }
  183.             else {
  184.                 _did_elect_new_key = 1;
  185.             }
  186.         }
  187.         else {
  188.             if (temp_id->fpr == NULL)
  189.                 temp_id->fpr = strdup("");
  190.         }
  191.         
  192.         /* ok, from here on out, use temp_id */
  193.         
  194.         
  195.         /* At this point, we either have a non-blacklisted fpr we can work */
  196.         /* with, or we've got nada.                                        */        
  197.         if (!EMPTYSTR(temp_id->fpr)) {
  198.             status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
  199.             assert(status != PEP_OUT_OF_MEMORY);
  200.             if (status == PEP_OUT_OF_MEMORY)
  201.                 goto exit_free;
  202.             status = get_trust(session, temp_id);
  203.             if (status == PEP_OUT_OF_MEMORY)
  204.                 goto exit_free;
  205.             if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
  206.                 temp_id->comm_type = _comm_type_key;
  207.             } else{
  208.                 temp_id->comm_type = stored_identity->comm_type;
  209.                 if (temp_id->comm_type == PEP_ct_unknown) {
  210.                     temp_id->comm_type = _comm_type_key;
  211.                 }
  212.             }
  213.         }
  214.             
  215.         if (EMPTYSTR(temp_id->username)) {
  216.             free(temp_id->username);
  217.             temp_id->username = strdup(stored_identity->username);
  218.             assert(temp_id->username);
  219.             if (temp_id->username == NULL){
  220.                 status = PEP_OUT_OF_MEMORY;
  221.                 goto exit_free;
  222.             }
  223.         }
  224. 

  225.         if (temp_id->lang[0] == 0) {
  226.             temp_id->lang[0] = stored_identity->lang[0];
  227.             temp_id->lang[1] = stored_identity->lang[1];
  228.             temp_id->lang[2] = 0;
  229.         }
  230. 

  231.         temp_id->flags = stored_identity->flags;
  232.     }
  233.     else /* stored_identity == NULL */ {
  234.         temp_id->flags = 0;
  235. 

  236.         /* Work with the elected key from above */
  237.         if (!EMPTYSTR(temp_id->fpr)) {
  238.             
  239.             bool dont_use_fpr = true;
  240.             status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
  241.             if (status != PEP_STATUS_OK)
  242.                 dont_use_fpr = true; 
  243. 

  244.             if (!dont_use_fpr) {
  245.                 PEP_comm_type _comm_type_key;
  246. 

  247.                 status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
  248.                 assert(status != PEP_OUT_OF_MEMORY);
  249.                 if (status == PEP_OUT_OF_MEMORY)
  250.                     goto exit_free;
  251. 

  252.                 temp_id->comm_type = _comm_type_key;
  253.             }
  254.             else {
  255.                 free(temp_id->fpr);
  256.                 temp_id->fpr = strdup("");
  257.             }
  258.         }
  259.     }
  260. 

  261.     if (temp_id->fpr == NULL)
  262.         temp_id->fpr = strdup("");
  263.     
  264.     
  265.     status = PEP_STATUS_OK;
  266. 

  267.     if (temp_id->comm_type != PEP_ct_unknown && !EMPTYSTR(temp_id->user_id)) {
  268.         assert(!EMPTYSTR(temp_id->username)); // this should not happen

  269. 

  270.         if (EMPTYSTR(temp_id->username)) { // mitigate

  271.             free(temp_id->username);
  272.             temp_id->username = strdup("anonymous");
  273.             assert(temp_id->username);
  274.             if (temp_id->username == NULL){
  275.                 status = PEP_OUT_OF_MEMORY;
  276.                 goto exit_free;
  277.             }
  278.         }
  279. 

  280.         // Identity doesn't get stored if call was just about checking existing

  281.         // user by address (i.e. no user id given but already stored)

  282.         if (!(_no_user_id && stored_identity) || _did_elect_new_key)
  283.         {
  284.             status = set_identity(session, temp_id);
  285.             assert(status == PEP_STATUS_OK);
  286.             if (status != PEP_STATUS_OK) {
  287.                 goto exit_free;
  288.             }
  289.         }
  290.     }
  291. 

  292.     if (temp_id->comm_type != PEP_ct_compromized &&
  293.             temp_id->comm_type < PEP_ct_strong_but_unconfirmed)
  294.         if (session->examine_identity)
  295.             session->examine_identity(temp_id, session->examine_management);
  296.     
  297.     /* ok, we got to the end. So we can assign the output identity */
  298.     free(identity->address);
  299.     identity->address = strdup(temp_id->address);
  300.     free(identity->fpr);
  301.     identity->fpr = strdup(temp_id->fpr);
  302.     free(identity->user_id);
  303.     identity->user_id = strdup(temp_id->user_id);
  304.     free(identity->username);
  305.     identity->username = strdup(temp_id->username);
  306.     identity->comm_type = temp_id->comm_type;
  307.     identity->lang[0] = temp_id->lang[0];
  308.     identity->lang[1] = temp_id->lang[1];
  309.     identity->lang[2] = 0;
  310.     identity->me = temp_id->me;
  311.     identity->flags = temp_id->flags;
  312. 

  313. exit_free :
  314.     
  315.     if (stored_identity){
  316.         free_identity(stored_identity);
  317.     }
  318. 

  319.     if (temp_id)
  320.         free_identity(temp_id);
  321.     
  322.     return status;
  323. }
  324. 

  325. PEP_STATUS elect_ownkey(
  326.         PEP_SESSION session, pEp_identity * identity
  327.     )
  328. {
  329.     PEP_STATUS status;
  330.     stringlist_t *keylist = NULL;
  331. 

  332.     free(identity->fpr);
  333.     identity->fpr = NULL;
  334. 

  335.     status = find_keys(session, identity->address, &keylist);
  336.     assert(status != PEP_OUT_OF_MEMORY);
  337.     if (status == PEP_OUT_OF_MEMORY)
  338.         return PEP_OUT_OF_MEMORY;
  339.     
  340.     if (keylist != NULL && keylist->value != NULL)
  341.     {
  342.         char *_fpr = NULL;
  343.         identity->comm_type = PEP_ct_unknown;
  344. 

  345.         stringlist_t *_keylist;
  346.         for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
  347.             bool is_own = false;
  348.             
  349.             if (session->use_only_own_private_keys)
  350.             {
  351.                 status = own_key_is_listed(session, _keylist->value, &is_own);
  352.                 assert(status == PEP_STATUS_OK);
  353.                 if (status != PEP_STATUS_OK) {
  354.                     free_stringlist(keylist);
  355.                     return status;
  356.                 }
  357.             }
  358. 

  359.             // TODO : also accept synchronized device group keys ?

  360.             
  361.             if (!session->use_only_own_private_keys || is_own)
  362.             {
  363.                 PEP_comm_type _comm_type_key;
  364.                 
  365.                 status = get_key_rating(session, _keylist->value, &_comm_type_key);
  366.                 assert(status != PEP_OUT_OF_MEMORY);
  367.                 if (status == PEP_OUT_OF_MEMORY) {
  368.                     free_stringlist(keylist);
  369.                     return PEP_OUT_OF_MEMORY;
  370.                 }
  371.                 
  372.                 if (_comm_type_key != PEP_ct_compromized &&
  373.                     _comm_type_key != PEP_ct_unknown)
  374.                 {
  375.                     if (identity->comm_type == PEP_ct_unknown ||
  376.                         _comm_type_key > identity->comm_type)
  377.                     {
  378.                         identity->comm_type = _comm_type_key;
  379.                         _fpr = _keylist->value;
  380.                     }
  381.                 }
  382.             }
  383.         }
  384.         
  385.         if (_fpr)
  386.         {
  387.             identity->fpr = strdup(_fpr);
  388.             assert(identity->fpr);
  389.             if (identity->fpr == NULL)
  390.             {
  391.                 free_stringlist(keylist);
  392.                 return PEP_OUT_OF_MEMORY;
  393.             }
  394.         }
  395.         free_stringlist(keylist);
  396.     }
  397.     return PEP_STATUS_OK;
  398. }
  399. 

  400. DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
  401. {
  402.     pEp_identity *stored_identity;
  403.     PEP_STATUS status;
  404. 

  405.     assert(session);
  406.     assert(identity);
  407.     assert(identity->address);
  408.     assert(identity->username);
  409.     assert(EMPTYSTR(identity->user_id) ||
  410.            strcmp(identity->user_id, PEP_OWN_USERID) == 0);
  411. 

  412.     if (!(session && identity && identity->address && identity->username &&
  413.           (EMPTYSTR(identity->user_id) ||
  414.            strcmp(identity->user_id, PEP_OWN_USERID) == 0)))
  415.         return PEP_ILLEGAL_VALUE;
  416. 

  417.     identity->comm_type = PEP_ct_pEp;
  418.     identity->me = true;
  419.     
  420.     if(EMPTYSTR(identity->user_id))
  421.     {
  422.         free(identity->user_id);
  423.         identity->user_id = strdup(PEP_OWN_USERID);
  424.         assert(identity->user_id);
  425.         if (identity->user_id == NULL)
  426.         {
  427.             return PEP_OUT_OF_MEMORY;
  428.         }
  429.     }
  430. 

  431.     DEBUG_LOG("myself", "debug", identity->address);
  432.     
  433.     status = get_identity(session,
  434.                           identity->address,
  435.                           identity->user_id,
  436.                           &stored_identity);
  437.     
  438.     assert(status != PEP_OUT_OF_MEMORY);
  439.     if (status == PEP_OUT_OF_MEMORY)
  440.         return PEP_OUT_OF_MEMORY;
  441.     
  442.     if (stored_identity)
  443.     {
  444.         if (EMPTYSTR(identity->fpr)) {
  445.             identity->fpr = strdup(stored_identity->fpr);
  446.             assert(identity->fpr);
  447.             if (identity->fpr == NULL)
  448.             {
  449.                 return PEP_OUT_OF_MEMORY;
  450.             }
  451.         }
  452. 

  453.         identity->flags = stored_identity->flags;
  454.     }
  455.     else if (!EMPTYSTR(identity->fpr))
  456.     {
  457.         // App must have a good reason to give fpr, such as explicit

  458.         // import of private key, or similar.

  459. 

  460.         // Take given fpr as-is.

  461. 

  462.         identity->flags = 0;
  463.     }
  464.     else
  465.     {
  466.         status = elect_ownkey(session, identity);
  467.         assert(status == PEP_STATUS_OK);
  468.         if (status != PEP_STATUS_OK) {
  469.             return status;
  470.         }
  471. 

  472.         identity->flags = 0;
  473.     }
  474. 

  475.     bool revoked = false;
  476.     char *r_fpr = NULL;
  477.     if (!EMPTYSTR(identity->fpr))
  478.     {
  479.         status = key_revoked(session, identity->fpr, &revoked);
  480. 

  481.         // Forces re-election if key is missing and own-key-only not forced

  482.         if (!session->use_only_own_private_keys && status == PEP_KEY_NOT_FOUND) 
  483.         {
  484.             status = elect_ownkey(session, identity);
  485.             assert(status == PEP_STATUS_OK);
  486.             if (status != PEP_STATUS_OK) {
  487.                 return status;
  488.             }
  489.         } 
  490.         else if (status != PEP_STATUS_OK) 
  491.         {
  492.             return status;
  493.         }
  494.     }
  495.     
  496.     if (EMPTYSTR(identity->fpr) || revoked)
  497.     {        
  498.         if(revoked)
  499.         {
  500.             r_fpr = identity->fpr;
  501.             identity->fpr = NULL;
  502.         }
  503.         
  504.         DEBUG_LOG("generating key pair", "debug", identity->address);
  505.         status = generate_keypair(session, identity);
  506.         assert(status != PEP_OUT_OF_MEMORY);
  507.         if (status != PEP_STATUS_OK) {
  508.             char buf[11];
  509.             snprintf(buf, 11, "%d", status);
  510.             DEBUG_LOG("generating key pair failed", "debug", buf);
  511.             if(revoked && r_fpr)
  512.                 free(r_fpr);
  513.             return status;
  514.         }
  515.         
  516.         if(revoked)
  517.         {
  518.             status = set_revoked(session, r_fpr,
  519.                                  identity->fpr, time(NULL));
  520.             free(r_fpr);
  521.             if (status != PEP_STATUS_OK) {
  522.                 return status;
  523.             }
  524.         }
  525.     }
  526.     else
  527.     {
  528.         bool expired;
  529.         status = key_expired(session, identity->fpr, 
  530.                              time(NULL) + (7*24*3600), // In a week

  531.                              &expired);
  532. 

  533.         assert(status == PEP_STATUS_OK);
  534.         if (status != PEP_STATUS_OK) {
  535.             return status;
  536.         }
  537. 

  538.         if (status == PEP_STATUS_OK && expired) {
  539.             timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
  540.             renew_key(session, identity->fpr, ts);
  541.             free_timestamp(ts);
  542.         }
  543.     }
  544. 

  545.     status = set_identity(session, identity);
  546.     assert(status == PEP_STATUS_OK);
  547.     if (status != PEP_STATUS_OK) {
  548.         return status;
  549.     }
  550. 

  551.     return PEP_STATUS_OK;
  552. 

  553. }
  554. 

  555. DYNAMIC_API PEP_STATUS register_examine_function(
  556.         PEP_SESSION session, 
  557.         examine_identity_t examine_identity,
  558.         void *management
  559.     )
  560. {
  561.     assert(session);
  562.     if (!session)
  563.         return PEP_ILLEGAL_VALUE;
  564. 

  565.     session->examine_management = management;
  566.     session->examine_identity = examine_identity;
  567. 

  568.     return PEP_STATUS_OK;
  569. }
  570. 

  571. DYNAMIC_API PEP_STATUS do_keymanagement(
  572.         retrieve_next_identity_t retrieve_next_identity,
  573.         void *management
  574.     )
  575. {
  576.     PEP_SESSION session;
  577.     pEp_identity *identity;
  578.     PEP_STATUS status;
  579. 

  580.     assert(retrieve_next_identity);
  581.     assert(management);
  582. 

  583.     if (!retrieve_next_identity || !management)
  584.         return PEP_ILLEGAL_VALUE;
  585. 

  586.     status = init(&session);
  587.     assert(status == PEP_STATUS_OK);
  588.     if (status != PEP_STATUS_OK)
  589.         return status;
  590. 

  591.     log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
  592. 

  593.     while ((identity = retrieve_next_identity(management))) 
  594.     {
  595.         assert(identity->address);
  596.         if(identity->address)
  597.         {
  598.             DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
  599. 

  600.             if (identity->me) {
  601.                 status = myself(session, identity);
  602.             } else {
  603.                 status = recv_key(session, identity->address);
  604.             }
  605. 

  606.             assert(status != PEP_OUT_OF_MEMORY);
  607.             if(status == PEP_OUT_OF_MEMORY)
  608.                 return PEP_OUT_OF_MEMORY;
  609.         }
  610.         free_identity(identity);
  611.     }
  612. 

  613.     log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
  614. 

  615.     release(session);
  616.     return PEP_STATUS_OK;
  617. }
  618. 

  619. DYNAMIC_API PEP_STATUS key_compromized(
  620.         PEP_SESSION session,
  621.         pEp_identity *ident
  622.     )
  623. {
  624.     PEP_STATUS status = PEP_STATUS_OK;
  625. 

  626.     assert(session);
  627.     assert(ident);
  628.     assert(!EMPTYSTR(ident->fpr));
  629. 

  630.     if (!(session && ident && ident->fpr))
  631.         return PEP_ILLEGAL_VALUE;
  632. 

  633.     if (ident->me)
  634.     {
  635.         revoke_key(session, ident->fpr, NULL);
  636.         myself(session, ident);
  637.     }
  638.     else
  639.     {
  640.         status = mark_as_compromized(session, ident->fpr);
  641.     }
  642. 

  643.     return status;
  644. }
  645. 

  646. DYNAMIC_API PEP_STATUS key_reset_trust(
  647.         PEP_SESSION session,
  648.         pEp_identity *ident
  649.     )
  650. {
  651.     PEP_STATUS status = PEP_STATUS_OK;
  652. 

  653.     assert(session);
  654.     assert(ident);
  655.     assert(!ident->me);
  656.     assert(!EMPTYSTR(ident->fpr));
  657.     assert(!EMPTYSTR(ident->address));
  658.     assert(!EMPTYSTR(ident->user_id));
  659. 

  660.     if (!(session && ident && !ident->me && ident->fpr && ident->address &&
  661.             ident->user_id))
  662.         return PEP_ILLEGAL_VALUE;
  663. 

  664.     status = update_identity(session, ident);
  665.     if (status != PEP_STATUS_OK)
  666.         return status;
  667. 

  668.     if (ident->comm_type == PEP_ct_mistrusted)
  669.         ident->comm_type = PEP_ct_unknown;
  670.     else
  671.         ident->comm_type &= ~PEP_ct_confirmed;
  672. 

  673.     status = set_identity(session, ident);
  674.     if (status != PEP_STATUS_OK)
  675.         return status;
  676. 

  677.     if (ident->comm_type == PEP_ct_unknown)
  678.         status = update_identity(session, ident);
  679.     return status;
  680. }
  681. 

  682. DYNAMIC_API PEP_STATUS trust_personal_key(
  683.         PEP_SESSION session,
  684.         pEp_identity *ident
  685.     )
  686. {
  687.     PEP_STATUS status = PEP_STATUS_OK;
  688. 

  689.     assert(session);
  690.     assert(ident);
  691.     assert(!EMPTYSTR(ident->address));
  692.     assert(!EMPTYSTR(ident->user_id));
  693.     assert(!EMPTYSTR(ident->fpr));
  694.     assert(!ident->me);
  695. 

  696.     if (!ident || EMPTYSTR(ident->address) || EMPTYSTR(ident->user_id) ||
  697.             EMPTYSTR(ident->fpr) || ident->me)
  698.         return PEP_ILLEGAL_VALUE;
  699. 

  700.     status = update_identity(session, ident);
  701.     if (status != PEP_STATUS_OK)
  702.         return status;
  703. 

  704.     if (ident->comm_type > PEP_ct_strong_but_unconfirmed) {
  705.         ident->comm_type |= PEP_ct_confirmed;
  706.         status = set_identity(session, ident);
  707.     }
  708.     else {
  709.         // MISSING: S/MIME has to be handled depending on trusted CAs

  710.         status = PEP_CANNOT_SET_TRUST;
  711.     }
  712. 

  713.     return status;
  714. }
  715. 

  716. DYNAMIC_API PEP_STATUS own_key_is_listed(
  717.                                            PEP_SESSION session,
  718.                                            const char *fpr,
  719.                                            bool *listed
  720.                                            )
  721. {
  722.     PEP_STATUS status = PEP_STATUS_OK;
  723.     int count;
  724.     
  725.     assert(session && fpr && fpr[0] && listed);
  726.     
  727.     if (!(session && fpr && fpr[0] && listed))
  728.         return PEP_ILLEGAL_VALUE;
  729.     
  730.     *listed = false;
  731.     
  732.     sqlite3_reset(session->own_key_is_listed);
  733.     sqlite3_bind_text(session->own_key_is_listed, 1, fpr, -1, SQLITE_STATIC);
  734.     
  735.     int result;
  736.     
  737.     result = sqlite3_step(session->own_key_is_listed);
  738.     switch (result) {
  739.         case SQLITE_ROW:
  740.             count = sqlite3_column_int(session->own_key_is_listed, 0);
  741.             *listed = count > 0;
  742.             status = PEP_STATUS_OK;
  743.             break;
  744.             
  745.         default:
  746.             status = PEP_UNKNOWN_ERROR;
  747.     }
  748.     
  749.     sqlite3_reset(session->own_key_is_listed);
  750.     return status;
  751. }
  752. 

  753. DYNAMIC_API PEP_STATUS own_key_retrieve(
  754.                                           PEP_SESSION session,
  755.                                           stringlist_t **own_key
  756.                                           )
  757. {
  758.     PEP_STATUS status = PEP_STATUS_OK;
  759.     
  760.     assert(session);
  761.     assert(own_key);
  762.     
  763.     if (!(session && own_key))
  764.         return PEP_ILLEGAL_VALUE;
  765.     
  766.     *own_key = NULL;
  767.     stringlist_t *_own_key = new_stringlist(NULL);
  768.     if (_own_key == NULL)
  769.         goto enomem;
  770.     
  771.     sqlite3_reset(session->own_key_retrieve);
  772.     
  773.     int result;
  774.     const char *fpr = NULL;
  775.     
  776.     stringlist_t *_bl = _own_key;
  777.     do {
  778.         result = sqlite3_step(session->own_key_retrieve);
  779.         switch (result) {
  780.             case SQLITE_ROW:
  781.                 fpr = (const char *) sqlite3_column_text(session->own_key_retrieve, 0);
  782.                 
  783.                 _bl = stringlist_add(_bl, fpr);
  784.                 if (_bl == NULL)
  785.                     goto enomem;
  786.                 
  787.                 break;
  788.                 
  789.             case SQLITE_DONE:
  790.                 break;
  791.                 
  792.             default:
  793.                 status = PEP_UNKNOWN_ERROR;
  794.                 result = SQLITE_DONE;
  795.         }
  796.     } while (result != SQLITE_DONE);
  797.     
  798.     sqlite3_reset(session->own_key_retrieve);
  799.     if (status == PEP_STATUS_OK)
  800.         *own_key = _own_key;
  801.     else
  802.         free_stringlist(_own_key);
  803.     
  804.     goto the_end;
  805.     
  806. enomem:
  807.     free_stringlist(_own_key);
  808.     status = PEP_OUT_OF_MEMORY;
  809.     
  810. the_end:
  811.     return status;
  812. }