z/OS support: NetPGP

Re-introducing NetPGP backend
2 years ago · 7fa3d0e127
parent 31b62f65e5
commit 7fa3d0e127
8 changed files with 2097 additions and 9 deletions
--- a/Makefile.conf
+++ b/Makefile.conf
@ -238,7 +238,7 @@ ETPAN_INC=

 ######### OpenPGP #########
 # Selects OpenPGP implementation. must be `SEQUOIA`
-OPENPGP=SEQUOIA
+OPENPGP?=SEQUOIA

 # Sequoia-specific variables
 SEQUOIA_CFLAGS+=
--- a/src/Makefile
+++ b/src/Makefile
@ -59,6 +59,13 @@ ifeq ($(OPENPGP),SEQUOIA)
    CFLAGS+= $(SEQUOIA_CFLAGS) $(SEQUOIA_INC)
    LDFLAGS+= $(SEQUOIA_LDFLAGS)
    LDLIBS+= $(SEQUOIA_LIB)
+    NO_SOURCE+=pgp_netpgp.c
+else ifeq ($(OPENPGP),NETPGP)
+    CPPFLAGS+= -DUSE_NETPGP
+    CFLAGS+= $(NETPGP_CFLAGS) $(NETPGP_INC)
+    LDFLAGS+= $(NETPGP_LDFLAGS)
+    LDLIBS+= $(NETPGP_LIB)
+    NO_SOURCE+=pgp_sequoia.c
 else
    $(error Unknown OpenPGP library: $(OPENPGP))
 endif
--- a/src/cryptotech.c
+++ b/src/cryptotech.c
@ -6,10 +6,11 @@

 #include "pEp_internal.h"

-#ifdef USE_SEQUOIA
+#if defined(USE_SEQUOIA)
 #include "pgp_sequoia.h"
+#elif defined(USE_NETPGP)
+#include "pgp_netpgp.h"
 #endif
-// 

 #include <stdlib.h>
 #include <memory.h>
--- a/src/openpgp_compat.h
+++ b/src/openpgp_compat.h
@ -19,8 +19,10 @@ extern "C" {
 #include "dynamic_api.h"
 #include "stringpair.h"    

-#ifdef USE_SEQUOIA
+#if defined(USE_SEQUOIA)
 #include "pgp_sequoia.h"
+#elif defined(USE_NETPGP)
+#include "pgp_netpgp.h"
 #endif
    
 /**
--- a/src/pEp_internal.h
+++ b/src/pEp_internal.h
@ -104,13 +104,10 @@
 #include "keymanagement_internal.h"
 #include "message_api_internal.h"

-// If not specified, build for Sequoia
-#ifndef USE_SEQUOIA
-#define USE_SEQUOIA
-#endif
-
 #if defined(USE_SEQUOIA)
 #include "pgp_sequoia_internal.h"
+#elif defined(USE_NETPGP)
+#include "pgp_netpgp_internal.h"
 #endif

 #include "../asn.1/Distribution.h"
--- a/src/pgp_netpgp.c
+++ b/src/pgp_netpgp.c
--- a/src/pgp_netpgp.h
+++ b/src/pgp_netpgp.h
@ -0,0 +1,118 @@
+// This file is under GNU General Public License 3.0
+
+#pragma once
+
+#include "pEpEngine.h"
+
+PEP_STATUS pgp_init(PEP_SESSION session, bool in_first);
+void pgp_release(PEP_SESSION session, bool out_last);
+
+PEP_STATUS pgp_decrypt_and_verify(
+        PEP_SESSION session, const char *ctext, size_t csize,
+        const char *dsigtext, size_t dsigsize,
+        char **ptext, size_t *psize, stringlist_t **keylist,
+        char** filename_ptr // will be ignored
+    );
+
+PEP_STATUS pgp_encrypt_and_sign(
+        PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
+        size_t psize, char **ctext, size_t *csize
+    );
+
+
+PEP_STATUS pgp_encrypt_only(
+        PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
+        size_t psize, char **ctext, size_t *csize
+    );
+
+PEP_STATUS pgp_sign_only(
+        PEP_SESSION session, const char* fpr, const char *ptext,
+        size_t psize, char **stext, size_t *ssize
+    );
+
+PEP_STATUS pgp_verify_text(
+        PEP_SESSION session, const char *text, size_t size,
+        const char *signature, size_t sig_size, stringlist_t **keylist
+    );
+
+PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr);
+
+PEP_STATUS pgp_export_keydata(
+        PEP_SESSION session, const char *fpr, char **key_data, size_t *size,
+        bool secret
+    );
+
+PEP_STATUS pgp_find_keys(
+        PEP_SESSION session, const char *pattern, stringlist_t **keylist
+    );
+
+PEP_STATUS pgp_list_keyinfo(
+    PEP_SESSION session, const char* pattern, stringpair_list_t** keyinfo_list
+    );
+
+PEP_STATUS pgp_generate_keypair(
+        PEP_SESSION session, pEp_identity *identity
+    );
+
+PEP_STATUS pgp_get_key_rating(
+        PEP_SESSION session,
+        const char *fpr,
+        PEP_comm_type *comm_type
+    );
+
+PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data,
+        size_t size, identity_list **private_idents);
+
+PEP_STATUS pgp_recv_key(PEP_SESSION session, const char *pattern);
+PEP_STATUS pgp_send_key(PEP_SESSION session, const char *pattern);
+
+PEP_STATUS pgp_renew_key(
+        PEP_SESSION session,
+        const char *fpr,
+        const timestamp *ts
+    );
+
+PEP_STATUS pgp_revoke_key(
+        PEP_SESSION session,
+        const char *fpr,
+        const char *reason
+    );
+
+PEP_STATUS pgp_key_expired(
+        PEP_SESSION session,
+        const char *fpr,
+        const time_t when,
+        bool *expired
+    );
+
+PEP_STATUS pgp_key_revoked(
+        PEP_SESSION session,
+        const char *fpr,
+        bool *revoked
+    );
+
+PEP_STATUS pgp_key_created(
+        PEP_SESSION session,
+        const char *fprstr,
+        time_t *created
+    );
+
+PEP_STATUS pgp_contains_priv_key(
+    PEP_SESSION session,
+    const char *fpr,
+    bool *has_private);
+
+PEP_STATUS pgp_find_private_keys(
+    PEP_SESSION session, const char *pattern, stringlist_t **keylist
+);
+
+// Stub - just returns PEP_STATUS_OK, as netpgp isn't sufficient to do this.
+PEP_STATUS pgp_import_ultimately_trusted_keypairs(PEP_SESSION session);
+
+PEP_STATUS pgp_config_cipher_suite(PEP_SESSION session, PEP_CIPHER_SUITE suite) {
+    if (suite == PEP_CIPHER_SUITE_DEFAULT) {
+        return PEP_STATUS_OK;
+    } else {
+        return PEP_CANNOT_CONFIG;
+    }
+}
--- a/src/pgp_netpgp_internal.h
+++ b/src/pgp_netpgp_internal.h
@ -0,0 +1,11 @@
+// This file is under GNU General Public License 3.0
+// see LICENSE.txt
+
+#pragma once
+
+#include <curl/curl.h>
+#include <pthread.h>
+
+typedef struct _pEpNetPGPSession {
+    pthread_mutex_t curl_mutex;
+} pEpNetPGPSession;