You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

476 lines
12 KiB

8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
4 years ago
4 years ago
8 years ago
7 years ago
8 years ago
8 years ago
4 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
4 years ago
8 years ago
8 years ago
4 years ago
8 years ago
7 years ago
6 years ago
6 years ago
6 years ago
6 years ago
4 years ago
7 years ago
4 years ago
6 years ago
7 years ago
8 years ago
8 years ago
4 years ago
4 years ago
4 years ago
  1. // This file is under GNU General Public License 3.0
  2. // see LICENSE.txt
  3. #define PEP_ENGINE_VERSION "1.1.1"
  4. // maximum attachment size to import as key 1MB, maximum of 20 attachments
  5. #define MAX_KEY_SIZE (1024 * 1024)
  6. #define MAX_KEYS_TO_IMPORT 20
  7. #define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)
  8. // this is 20 trustwords with 79 chars max
  9. #define MAX_TRUSTWORDS_SPACE (20 * 80)
  10. // XML parameters string
  11. #define PARMS_MAX 32768
  12. // maximum busy wait time in ms
  13. #define BUSY_WAIT_TIME 5000
  14. // maximum line length for reading gpg.conf
  15. #define MAX_LINELENGTH 1024
  16. // default keyserver
  17. #ifndef DEFAULT_KEYSERVER
  18. #define DEFAULT_KEYSERVER "hkp://keys.gnupg.net"
  19. #endif
  20. // crashdump constants
  21. #ifndef CRASHDUMP_DEFAULT_LINES
  22. #define CRASHDUMP_DEFAULT_LINES 100
  23. #endif
  24. #define CRASHDUMP_MAX_LINES 32767
  25. // p≡p full string, NUL-terminated
  26. #ifndef PEP_SUBJ_STRING
  27. #define PEP_SUBJ_STRING {0x70,0xE2,0x89,0xA1,0x70,0x00}
  28. #define PEP_SUBJ_BYTELEN 5
  29. #endif
  30. #ifndef PEP_SUBJ_KEY
  31. #define PEP_SUBJ_KEY "Subject: "
  32. #define PEP_SUBJ_KEY_LC "subject: "
  33. #define PEP_SUBJ_KEY_LEN 9
  34. #endif
  35. #ifndef PEP_MSG_WRAP_KEY
  36. #define PEP_MSG_WRAP_KEY "pEp-Wrapped-Message-Info: "
  37. #define PEP_MSG_WRAP_KEY_LC "pep-wrapped-message-info: "
  38. #define PEP_MSG_WRAP_KEY_LEN 26
  39. #endif
  40. #include "platform.h"
  41. #ifdef WIN32
  42. #define LOCAL_DB windoze_local_db()
  43. #define SYSTEM_DB windoze_system_db()
  44. #define LIBGPGME "libgpgme-11.dll"
  45. #else // UNIX
  46. #define _POSIX_C_SOURCE 200809L
  47. #include <dlfcn.h>
  48. #ifdef NDEBUG
  49. #define LOCAL_DB unix_local_db()
  50. #else
  51. #define LOCAL_DB unix_local_db(false)
  52. #endif
  53. #ifndef SYSTEM_DB
  54. #define SYSTEM_DB "/usr/share/pEp/system.db"
  55. #endif
  56. #ifndef LIBGPGME
  57. #define LIBGPGME "libgpgme-pthread.so"
  58. #endif
  59. #endif
  60. #include <locale.h>
  61. #include <stdlib.h>
  62. #include <string.h>
  63. #include <assert.h>
  64. #include <stdio.h>
  65. #include <ctype.h>
  66. #include <math.h>
  67. #ifdef SQLITE3_FROM_OS
  68. #include <sqlite3.h>
  69. #else
  70. #include "sqlite3.h"
  71. #endif
  72. #include "pEpEngine.h"
  73. // If not specified, build for GPG
  74. #ifndef USE_SEQUOIA
  75. #ifndef USE_NETPGP
  76. #ifndef USE_GPG
  77. #define USE_GPG
  78. #endif
  79. #endif
  80. #endif
  81. #ifdef USE_GPG
  82. #include "pgp_gpg_internal.h"
  83. #elif defined(USE_NETPGP)
  84. #include "pgp_netpgp_internal.h"
  85. #elif defined(USE_SEQUOIA)
  86. #include "pgp_sequoia_internal.h"
  87. #endif
  88. #include "keymanagement.h"
  89. #include "cryptotech.h"
  90. #include "transport.h"
  91. #include "sync_api.h"
  92. #include "Sync_func.h"
  93. #include "key_reset.h"
  94. #define NOT_IMPLEMENTED assert(0); return PEP_UNKNOWN_ERROR;
  95. struct _pEpSession;
  96. typedef struct _pEpSession pEpSession;
  97. struct _pEpSession {
  98. const char *version;
  99. messageToSend_t messageToSend;
  100. #ifdef USE_GPG
  101. gpgme_ctx_t ctx;
  102. #elif defined(USE_NETPGP)
  103. pEpNetPGPSession ctx;
  104. #elif defined(USE_SEQUOIA)
  105. sqlite3 *key_db;
  106. struct {
  107. sqlite3_stmt *begin_transaction;
  108. sqlite3_stmt *commit_transaction;
  109. sqlite3_stmt *rollback_transaction;
  110. sqlite3_stmt *tpk_find;
  111. sqlite3_stmt *tsk_find;
  112. sqlite3_stmt *tpk_find_by_keyid;
  113. sqlite3_stmt *tsk_find_by_keyid;
  114. sqlite3_stmt *tpk_find_by_email;
  115. sqlite3_stmt *tsk_find_by_email;
  116. sqlite3_stmt *tpk_all;
  117. sqlite3_stmt *tsk_all;
  118. sqlite3_stmt *tpk_save_insert_primary;
  119. sqlite3_stmt *tpk_save_insert_subkeys;
  120. sqlite3_stmt *tpk_save_insert_userids;
  121. } sq_sql;
  122. #endif
  123. PEP_cryptotech_t *cryptotech;
  124. PEP_transport_t *transports;
  125. sqlite3 *db;
  126. sqlite3 *system_db;
  127. sqlite3_stmt *log;
  128. sqlite3_stmt *trustword;
  129. sqlite3_stmt *get_identity;
  130. sqlite3_stmt *get_identity_without_trust_check;
  131. sqlite3_stmt *get_identities_by_address;
  132. sqlite3_stmt *get_identities_by_userid;
  133. sqlite3_stmt *get_identities_by_main_key_id;
  134. sqlite3_stmt *replace_identities_fpr;
  135. sqlite3_stmt *replace_main_user_fpr;
  136. sqlite3_stmt *get_main_user_fpr;
  137. sqlite3_stmt *refresh_userid_default_key;
  138. sqlite3_stmt *delete_key;
  139. sqlite3_stmt *remove_fpr_as_default;
  140. sqlite3_stmt *set_person;
  141. sqlite3_stmt *update_person;
  142. sqlite3_stmt *delete_person;
  143. sqlite3_stmt *exists_person;
  144. sqlite3_stmt *set_as_pEp_user;
  145. sqlite3_stmt *is_pEp_user;
  146. sqlite3_stmt *add_into_social_graph;
  147. sqlite3_stmt *get_own_address_binding_from_contact;
  148. sqlite3_stmt *set_revoke_contact_as_notified;
  149. sqlite3_stmt *get_contacted_ids_from_revoke_fpr;
  150. sqlite3_stmt *was_id_for_revoke_contacted;
  151. sqlite3_stmt *get_last_contacted;
  152. sqlite3_stmt *set_device_group;
  153. sqlite3_stmt *get_device_group;
  154. sqlite3_stmt *set_pgp_keypair;
  155. sqlite3_stmt *set_identity_entry;
  156. sqlite3_stmt *update_identity_entry;
  157. sqlite3_stmt *exists_identity_entry;
  158. sqlite3_stmt *set_identity_flags;
  159. sqlite3_stmt *unset_identity_flags;
  160. sqlite3_stmt *set_trust;
  161. sqlite3_stmt *update_trust;
  162. sqlite3_stmt *exists_trust_entry;
  163. sqlite3_stmt *update_trust_to_pEp;
  164. sqlite3_stmt *update_trust_for_fpr;
  165. sqlite3_stmt *get_trust;
  166. sqlite3_stmt *get_trust_by_userid;
  167. sqlite3_stmt *least_trust;
  168. sqlite3_stmt *mark_compromised;
  169. sqlite3_stmt *reset_trust;
  170. sqlite3_stmt *crashdump;
  171. sqlite3_stmt *languagelist;
  172. sqlite3_stmt *i18n_token;
  173. sqlite3_stmt *replace_userid;
  174. // blacklist
  175. sqlite3_stmt *blacklist_add;
  176. sqlite3_stmt *blacklist_delete;
  177. sqlite3_stmt *blacklist_is_listed;
  178. sqlite3_stmt *blacklist_retrieve;
  179. // Keys
  180. sqlite3_stmt *own_key_is_listed;
  181. sqlite3_stmt *is_own_address;
  182. sqlite3_stmt *own_identities_retrieve;
  183. sqlite3_stmt *own_keys_retrieve;
  184. sqlite3_stmt *get_user_default_key;
  185. sqlite3_stmt *get_all_keys_for_user;
  186. sqlite3_stmt *get_default_own_userid;
  187. // sqlite3_stmt *set_own_key;
  188. // sequence value
  189. sqlite3_stmt *sequence_value1;
  190. sqlite3_stmt *sequence_value2;
  191. // revoked keys
  192. sqlite3_stmt *set_revoked;
  193. sqlite3_stmt *get_revoked;
  194. sqlite3_stmt *get_replacement_fpr;
  195. // mistrusted
  196. sqlite3_stmt* add_mistrusted_key;
  197. sqlite3_stmt* is_mistrusted_key;
  198. sqlite3_stmt* delete_mistrusted_key;
  199. // aliases
  200. sqlite3_stmt *get_userid_alias_default;
  201. sqlite3_stmt *add_userid_alias;
  202. // callbacks
  203. examine_identity_t examine_identity;
  204. void *examine_management;
  205. void *sync_management;
  206. void *sync_obj;
  207. notifyHandshake_t notifyHandshake;
  208. inject_sync_event_t inject_sync_event;
  209. retrieve_next_sync_event_t retrieve_next_sync_event;
  210. // pEp Sync
  211. struct Sync_state_s sync_state;
  212. struct own_Sync_state_s own_sync_state;
  213. // void* sync_state_payload;
  214. // char sync_uuid[37];
  215. // time_t LastCannotDecrypt;
  216. // time_t LastUpdateRequest;
  217. // runtime config
  218. bool passive_mode;
  219. bool unencrypted_subject;
  220. bool keep_sync_msg;
  221. bool service_log;
  222. #ifdef DEBUG_ERRORSTACK
  223. stringlist_t* errorstack;
  224. #endif
  225. };
  226. PEP_STATUS init_transport_system(PEP_SESSION session, bool in_first);
  227. void release_transport_system(PEP_SESSION session, bool out_last);
  228. /* NOT to be exposed to the outside!!! */
  229. PEP_STATUS encrypt_only(
  230. PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
  231. size_t psize, char **ctext, size_t *csize
  232. );
  233. #if defined(NDEBUG) || defined(NOLOG)
  234. #define DEBUG_LOG(TITLE, ENTITY, DESC)
  235. #else
  236. #ifdef ANDROID
  237. #include <android/log.h>
  238. #define LOG_MORE(...) __android_log_print(ANDROID_LOG_DEBUG, "pEpEngine", " %s :: %s :: %s :: %s ", __VA_ARGS__);
  239. #else
  240. #include <stdio.h>
  241. #define LOG_MORE(...) fprintf(stderr, "pEpEngine DEBUG_LOG('%s','%s','%s','%s')\n", __VA_ARGS__);
  242. #endif
  243. #define DEBUG_LOG(TITLE, ENTITY, DESC) {\
  244. log_event(session, (TITLE), (ENTITY), (DESC), "debug " __FILE__ ":" S_LINE);\
  245. LOG_MORE((TITLE), (ENTITY), (DESC), __FILE__ ":" S_LINE)\
  246. }
  247. #endif
  248. typedef enum _normalize_hex_rest_t {
  249. accept_hex,
  250. ignore_hex,
  251. reject_hex
  252. } normalize_hex_res_t;
  253. static inline normalize_hex_res_t _normalize_hex(char *hex)
  254. {
  255. if (*hex >= '0' && *hex <= '9')
  256. return accept_hex;
  257. if (*hex >= 'A' && *hex <= 'F') {
  258. *hex += 'a' - 'A';
  259. return accept_hex;
  260. }
  261. if (*hex >= 'a' && *hex <= 'f')
  262. return accept_hex;
  263. if (*hex == ' ')
  264. return ignore_hex;
  265. return reject_hex;
  266. }
  267. // Space tolerant and case insensitive fingerprint string compare
  268. static inline PEP_STATUS _compare_fprs(
  269. const char* fpra,
  270. size_t fpras,
  271. const char* fprb,
  272. size_t fprbs,
  273. int* comparison)
  274. {
  275. size_t ai = 0;
  276. size_t bi = 0;
  277. size_t significant = 0;
  278. int _comparison = 0;
  279. const int _FULL_FINGERPRINT_LENGTH = 40;
  280. // First compare every non-ignored chars until an end is reached
  281. while(ai < fpras && bi < fprbs)
  282. {
  283. char fprac = fpra[ai];
  284. char fprbc = fprb[bi];
  285. normalize_hex_res_t fprah = _normalize_hex(&fprac);
  286. normalize_hex_res_t fprbh = _normalize_hex(&fprbc);
  287. if(fprah == reject_hex || fprbh == reject_hex)
  288. return PEP_ILLEGAL_VALUE;
  289. if ( fprah == ignore_hex )
  290. {
  291. ai++;
  292. }
  293. else if ( fprbh == ignore_hex )
  294. {
  295. bi++;
  296. }
  297. else
  298. {
  299. if(fprac != fprbc && _comparison == 0 )
  300. {
  301. _comparison = fprac > fprbc ? 1 : -1;
  302. }
  303. significant++;
  304. ai++;
  305. bi++;
  306. }
  307. }
  308. // Bail out if we didn't got enough significnt chars
  309. if (significant != _FULL_FINGERPRINT_LENGTH )
  310. return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
  311. // Then purge remaining chars, all must be ignored chars
  312. while ( ai < fpras )
  313. {
  314. char fprac = fpra[ai];
  315. normalize_hex_res_t fprah = _normalize_hex(&fprac);
  316. if( fprah == reject_hex )
  317. return PEP_ILLEGAL_VALUE;
  318. if ( fprah != ignore_hex )
  319. return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
  320. ai++;
  321. }
  322. while ( bi < fprbs )
  323. {
  324. char fprbc = fprb[bi];
  325. normalize_hex_res_t fprbh = _normalize_hex(&fprbc);
  326. if( fprbh == reject_hex )
  327. return PEP_ILLEGAL_VALUE;
  328. if ( fprbh != ignore_hex )
  329. return PEP_TRUSTWORDS_FPR_WRONG_LENGTH;
  330. bi++;
  331. }
  332. *comparison = _comparison;
  333. return PEP_STATUS_OK;
  334. }
  335. static inline int _same_fpr(
  336. const char* fpra,
  337. size_t fpras,
  338. const char* fprb,
  339. size_t fprbs
  340. )
  341. {
  342. // illegal values are ignored, and considered not same.
  343. int comparison = 1;
  344. _compare_fprs(fpra, fpras, fprb, fprbs, &comparison);
  345. return comparison == 0;
  346. }
  347. // size is the length of the bytestr that's coming in. This is really only intended
  348. // for comparing two full strings. If charstr's length is different from bytestr_size,
  349. // we'll return a non-zero value.
  350. static inline int _unsigned_signed_strcmp(const unsigned char* bytestr, const char* charstr, int bytestr_size) {
  351. int charstr_len = strlen(charstr);
  352. if (charstr_len != bytestr_size)
  353. return -1; // we don't actually care except that it's non-zero
  354. return memcmp(bytestr, charstr, bytestr_size);
  355. }
  356. // This is just a horrible example of C type madness. UTF-8 made me do it.
  357. static inline char* _pEp_subj_copy() {
  358. #ifndef WIN32
  359. unsigned char pEpstr[] = PEP_SUBJ_STRING;
  360. void* retval = calloc(1, sizeof(unsigned char)*PEP_SUBJ_BYTELEN + 1);
  361. memcpy(retval, pEpstr, PEP_SUBJ_BYTELEN);
  362. return (char*)retval;
  363. #else
  364. return strdup("pEp");
  365. #endif
  366. }
  367. static inline bool is_me(PEP_SESSION session, pEp_identity* test_ident) {
  368. bool retval = false;
  369. if (test_ident && test_ident->user_id) {
  370. char* def_id = NULL;
  371. get_default_own_userid(session, &def_id);
  372. if (test_ident->me ||
  373. (def_id && strcmp(def_id, test_ident->user_id) == 0)) {
  374. retval = true;
  375. }
  376. free(def_id);
  377. }
  378. return retval;
  379. }
  380. #ifndef EMPTYSTR
  381. #define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
  382. #endif
  383. #ifndef IS_PGP_CT
  384. #define IS_PGP_CT(CT) (((CT) | PEP_ct_confirmed) == PEP_ct_OpenPGP)
  385. #endif
  386. #ifndef _MIN
  387. #define _MIN(A, B) ((B) > (A) ? (A) : (B))
  388. #endif
  389. #ifndef _MAX
  390. #define _MAX(A, B) ((B) > (A) ? (B) : (A))
  391. #endif
  392. // These are globals used in generating message IDs and should only be
  393. // computed once, as they're either really constants or OS-dependent
  394. extern int _pEp_rand_max_bits;
  395. extern double _pEp_log2_36;
  396. static inline void _init_globals() {
  397. _pEp_rand_max_bits = (int) ceil(log2((double) RAND_MAX));
  398. _pEp_log2_36 = log2(36);
  399. }