Browse Source

update_identity() into pEpComAdapter

get_key_rating() added
doc_update_sequoia
vb 8 years ago
parent
commit
459c0f224b
3 changed files with 145 additions and 14 deletions
  1. +97
    -0
      src/pEpEngine.c
  2. +40
    -13
      src/pEpEngine.h
  3. +8
    -1
      test/pEpEngineTest.cc

+ 97
- 0
src/pEpEngine.c View File

@ -1920,5 +1920,102 @@ DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity)
}
sqlite3_reset(_session->get_trust);
return status;
}
DYNAMIC_API PEP_STATUS get_key_rating(
PEP_SESSION session,
const char *fpr,
PEP_comm_type *comm_type
)
{
pEpSession *_session = (pEpSession *) session;
PEP_STATUS status = PEP_STATUS_OK;
gpgme_error_t gpgme_error;
gpgme_key_t key;
assert(session);
assert(fpr);
assert(comm_type);
*comm_type = PEP_ct_unknown;
gpgme_error = _session->gpgme_op_keylist_start(_session->ctx, fpr, 0);
switch (gpgme_error) {
case GPG_ERR_NO_ERROR:
break;
case GPG_ERR_INV_VALUE:
assert(0);
return PEP_UNKNOWN_ERROR;
default:
return PEP_GET_KEY_FAILED;
};
gpgme_error = _session->gpgme_op_keylist_next(_session->ctx, &key);
assert(gpgme_error != GPG_ERR_INV_VALUE);
switch (key->protocol) {
case GPGME_PROTOCOL_OpenPGP:
case GPGME_PROTOCOL_DEFAULT:
*comm_type = PEP_ct_OpenPGP_unconfirmed;
break;
case GPGME_PROTOCOL_CMS:
*comm_type = PEP_ct_CMS_unconfirmed;
break;
default:
*comm_type = PEP_ct_unknown;
_session->gpgme_op_keylist_end(_session->ctx);
return PEP_STATUS_OK;
}
switch (gpgme_error) {
case GPG_ERR_EOF:
break;
case GPG_ERR_NO_ERROR:
assert(key);
assert(key->subkeys);
for (gpgme_subkey_t sk = key->subkeys; sk != NULL; sk = sk->next) {
if (sk->length < 1024)
*comm_type = PEP_ct_key_too_short;
else if (
(
(sk->pubkey_algo == GPGME_PK_RSA)
|| (sk->pubkey_algo == GPGME_PK_RSA_E)
|| (sk->pubkey_algo == GPGME_PK_RSA_S)
)
&& sk->length == 1024
)
*comm_type = PEP_ct_OpenPGP_1024_RSA_unconfirmed;
if (sk->invalid) {
*comm_type = PEP_ct_key_b0rken;
break;
}
if (sk->expired) {
*comm_type = PEP_ct_key_expired;
break;
}
if (sk->revoked) {
*comm_type = PEP_ct_key_revoked;
break;
}
}
break;
case GPG_ERR_ENOMEM:
_session->gpgme_op_keylist_end(_session->ctx);
return PEP_OUT_OF_MEMORY;
default:
// BUG: GPGME returns an illegal value instead of GPG_ERR_EOF after
// reading first key
#ifndef NDEBUG
fprintf(stderr, "warning: unknown result 0x%x of"
" gpgme_op_keylist_next()\n", gpgme_error);
#endif
gpgme_error = GPG_ERR_EOF;
break;
};
_session->gpgme_op_keylist_end(_session->ctx);
return status;
}

+ 40
- 13
src/pEpEngine.h View File

@ -321,32 +321,45 @@ DYNAMIC_API PEP_STATUS safewords(
typedef enum _PEP_comm_type {
PEP_ct_unknown = 0,
PEP_ct_unknown = 0,
// range 0x01 to 0x0f: no encryption or nothing reasonable
// range 0x01 to 0x09: no encryption, 0x0a to 0x0e: nothing reasonable
PEP_ct_no_encryption = 0x01, // generic
PEP_ct_no_encrypted_channel = 0x02,
PEP_ct_key_not_found = 0x03,
PEP_ct_key_expired = 0x04,
PEP_ct_key_revoked = 0x05,
PEP_ct_key_b0rken = 0x06,
PEP_ct_my_key_not_included = 0x09,
PEP_ct_security_by_obscurity = 0x0a,
PEP_ct_b0rken_crypto = 0x0b,
PEP_ct_key_too_short = 0x0e,
PEP_ct_no_encryption = 0x01, // generic
PEP_ct_key_too_short = 0x02, // key too short to talk
// about encryption
PEP_ct_compromized = 0x0f, // known compromized connection
// range 0x10 to 0x3f: unconfirmed encryption
// range 0x10 to 0x3f: unconfirmed encryption
PEP_ct_unconfirmed_encryption = 0x10, // generic
PEP_ct_OpenPGP_1024_RSA_unconfirmed = 0x11, // RSA 1024 is weak
PEP_ct_OpenPGP_unconfirmed = 0x3f, // key at least 2048 bit RSA
// or 1024 bit DSA
PEP_ct_OpenPGP_1024_RSA_unconfirmed = 0x11, // RSA 1024 is weak
PEP_ct_CMS_unconfirmed = 0x30,
PEP_ct_OpenPGP_unconfirmed = 0x3f, // key at least 2048 bit RSA
// or 1024 bit DSA
// range 0x40 to 0x7f: unconfirmed encryption and anonymization
// range 0x40 to 0x7f: unconfirmed encryption and anonymization
PEP_ct_unconfirmed_enc_anon = 0x40, // generic
PEP_ct_PEP_unconfirmed = 0x7f,
PEP_ct_PEP_unconfirmed = 0x7f,
PEP_ct_confirmed = 0x80, // this bit decides if trust is confirmed
// range 0x80 to 0x8f: reserved
// range 0x90 to 0xbf: confirmed encryption
// range 0x81 to 0x8f: reserved
// range 0x90 to 0xbf: confirmed encryption
PEP_ct_confirmed_encryption = 0x90, // generic
PEP_ct_OpenPGP_1024_RSA = 0x91, // RSA 1024 is weak
PEP_ct_CMS = 0xb0,
PEP_ct_OpenPGP = 0xbf, // key at least 2048 bit RSA or 1024 bit DSA
// range 0xc0 to 0xff: confirmed encryption and anonymization
@ -593,6 +606,20 @@ DYNAMIC_API void pEp_free(void *p);
DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
// get_key_rating() - get the rating a bare key has
//
// parameters:
// session (in) session handle
// fpr (in) unique identifyer for key as UTF-8 string
// comm_type (out) key rating
DYNAMIC_API PEP_STATUS get_key_rating(
PEP_SESSION session,
const char *fpr,
PEP_comm_type *comm_type
);
#ifdef __cplusplus
}
#endif

+ 8
- 1
test/pEpEngineTest.cc View File

@ -127,7 +127,9 @@ int main(int argc, char* argv[])
assert(verify_result == PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH);
free_stringlist(keylist);
keylist = new_stringlist("FA7261F7");
keylist = new_stringlist("49422235FC99585B891C66530C7B109BFA7261F7");
// stringlist_add(keylist, "C6FAA231A2B43252B9526D119550C6B6B8B0FCD6");
stringlist_add(keylist, "5DC8CAC595EDAD6598DD4732DD55BF29DF9B1541");
cout << "\ncalling encrypt_and_sign()\n";
PEP_STATUS encrypt_result = encrypt_and_sign(session, keylist, plain.c_str(), plain.length(), &buf_text, &buf_size);
@ -258,6 +260,11 @@ int main(int argc, char* argv[])
PEP_STATUS send_key_status = send_key(session, "vb@ulm.ccc.de");
assert(recv_key_status == PEP_STATUS_OK);
PEP_comm_type tcomm_type;
PEP_STATUS tstatus = get_key_rating(session, "49422235FC99585B891C66530C7B109BFA7261F7", &tcomm_type);
assert(tstatus == PEP_STATUS_OK);
assert(tcomm_type == PEP_ct_OpenPGP_unconfirmed);
cout << "\ncalling release()\n";
release(session);
return 0;


Loading…
Cancel
Save