diff --git a/DEPENDENCIES b/DEPENDENCIES index 9f21beb4..f38a5a76 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -1,4 +1,4 @@ # 1st Party Dependencies ## Prefer git tags instead of SHA hashes when possible. -sequoia=openpgp/v1.1.0 +sequoia=openpgp/v1.3.0 yml2=2.7.0 diff --git a/api/message_api.h.target b/api/message_api.h.target new file mode 100644 index 00000000..65689699 --- /dev/null +++ b/api/message_api.h.target @@ -0,0 +1,45 @@ +/** + * + * + * @brief Encrypt message in memory + * + * @param[in] session session handle + * @param[in,out] src message to encrypt - usually in-only, but can be + * in-out for unencrypted messages; in that case, + * we may attach the key and decorate the message + * @param[in] extra extra keys for encryption + * @param[out] dst pointer to new encrypted message or NULL if no + * encryption could take place + * @param[in] enc_format The desired format this message should be encrypted with + * @param[in] flags flags to set special encryption features + * + * @retval PEP_STATUS_OK on success + * @retval PEP_KEY_HAS_AMBIG_NAME at least one of the receipient keys has + * an ambiguous name + * @retval PEP_UNENCRYPTED on demand or no recipients with usable + * key, is left unencrypted, and key is + * attached to it + * @retval PEP_ILLEGAL_VALUE illegal parameter values + * @retval PEP_OUT_OF_MEMORY out of memory + * @retval any other value on error + * + * @warning the ownership of src remains with the caller + * the ownership of dst goes to the caller + * + * enc_format PEP_enc_inline_EA: + * internal format of the encrypted attachments is changing, see + * https://dev.pep.foundation/Engine/ElevatedAttachments + * + * Only use this for transports without support for attachments + * when attached data must be sent inline + * + */ + +DYNAMIC_API PEP_STATUS encrypt_message( + PEP_SESSION session, + message *src, + stringlist_t *extra, + message **dst, + PEP_enc_format enc_format, + PEP_encrypt_flags_t flags + ); diff --git a/src/message_api.c b/src/message_api.c index 79a0044a..97cf1049 100644 --- a/src/message_api.c +++ b/src/message_api.c @@ -2215,7 +2215,7 @@ bool import_attached_keys( } } identity_list *local_private_idents = NULL; - PEP_STATUS import_status = _import_key_with_fpr_return( + PEP_STATUS import_status = import_key_with_fpr_return( session, blob_value, blob_size, &local_private_idents, &_keylist, @@ -4620,7 +4620,7 @@ static bool import_header_keys(PEP_SESSION session, message* src, stringlist_t** bloblist_t* the_key = base64_str_to_binary_blob(start_key, length); if (!the_key) return false; - PEP_STATUS status = _import_key_with_fpr_return(session, + PEP_STATUS status = import_key_with_fpr_return(session, the_key->value, the_key->size, NULL, diff --git a/src/pEpEngine.c b/src/pEpEngine.c index 3811c5ce..831cde37 100644 --- a/src/pEpEngine.c +++ b/src/pEpEngine.c @@ -2979,10 +2979,10 @@ DYNAMIC_API PEP_STATUS import_key( size_t size, identity_list **private_keys) { - return _import_key_with_fpr_return(session, key_data, size, private_keys, NULL, NULL); + return import_key_with_fpr_return(session, key_data, size, private_keys, NULL, NULL); } -PEP_STATUS _import_key_with_fpr_return( +DYNAMIC_API PEP_STATUS import_key_with_fpr_return( PEP_SESSION session, const char *key_data, size_t size, diff --git a/src/pEpEngine.h b/src/pEpEngine.h index 4a261179..4d287d51 100644 --- a/src/pEpEngine.h +++ b/src/pEpEngine.h @@ -1151,6 +1151,45 @@ DYNAMIC_API PEP_STATUS generate_keypair( DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr); +/** + * + * + * @brief import keys from data, return optional list of fprs imported + * + * @param[in] session session handle + * @param[in] key_data key data, i.e. ASCII armored OpenPGP key + * @param[in] size amount of data to handle + * @param[out] private_keys list of identities containing the + * private keys that have been imported + * @param[out] imported_keys if non-NULL, list of actual keys imported + * @param[out] changed_public_keys if non-NULL AND imported_keys is non-NULL: + * bitvector - corresponds to the first 64 keys + * imported. If nth bit is set, import changed a + * key corresponding to the nth element in + * imported keys (i.e. key was in DB and was + * changed by import) + * + * @retval PEP_KEY_IMPORTED key was successfully imported + * @retval PEP_OUT_OF_MEMORY out of memory + * @retval PEP_ILLEGAL_VALUE there is no key data to import, or imported keys was NULL and + * changed_public_keys was not + * + * @warning private_keys and imported_keys goes to the ownership of the caller + * private_keys and imported_keys can be left NULL, it is then ignored + * *** THIS IS THE ACTUAL FUNCTION IMPLEMENTED BY CRYPTOTECH "import_key" *** + * + */ + +DYNAMIC_API PEP_STATUS import_key_with_fpr_return( + PEP_SESSION session, + const char *key_data, + size_t size, + identity_list** private_keys, + stringlist_t** imported_keys, + uint64_t* changed_public_keys // use as bit field for the first 64 changed keys +); + + /** * * diff --git a/src/pEpEngine_internal.h b/src/pEpEngine_internal.h index 10d4ad14..9b9e458b 100644 --- a/src/pEpEngine_internal.h +++ b/src/pEpEngine_internal.h @@ -40,45 +40,6 @@ PEP_STATUS replace_identities_fpr(PEP_SESSION session, const char* new_fpr); -/** - * - * - * @brief INTERNAL FUNCTION - import keys from data, return optional list - * of fprs imported - * - * @param[in] session session handle - * @param[in] key_data key data, i.e. ASCII armored OpenPGP key - * @param[in] size amount of data to handle - * @param[out] private_keys list of identities containing the - * private keys that have been imported - * @param[out] imported_keys if non-NULL, list of actual keys imported - * @param[out] changed_public_keys if non-NULL AND imported_keys is non-NULL: - * bitvector - corresponds to the first 64 keys - * imported. If nth bit is set, import changed a - * key corresponding to the nth element in - * imported keys (i.e. key was in DB and was - * changed by import) - * - * @retval PEP_KEY_IMPORTED key was successfully imported - * @retval PEP_OUT_OF_MEMORY out of memory - * @retval PEP_ILLEGAL_VALUE there is no key data to import, or imported keys was NULL and - * changed_public_keys was not - * - * @warning private_keys and imported_keys goes to the ownership of the caller - * private_keys and imported_keys can be left NULL, it is then ignored - * *** THIS IS THE ACTUAL FUNCTION IMPLEMENTED BY CRYPTOTECH "import_key" *** - * - */ - -PEP_STATUS _import_key_with_fpr_return( - PEP_SESSION session, - const char *key_data, - size_t size, - identity_list** private_keys, - stringlist_t** imported_keys, - uint64_t* changed_public_keys // use as bit field for the first 64 changed keys -); - /** * * diff --git a/test/src/ImportKeyTest.cc b/test/src/ImportKeyTest.cc index fd02b35a..79464443 100644 --- a/test/src/ImportKeyTest.cc +++ b/test/src/ImportKeyTest.cc @@ -89,7 +89,7 @@ TEST_F(ImportKeyTest, check_import_fpr_pub_new) { string pubkey = slurp("test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc"); stringlist_t* keylist = NULL; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -104,7 +104,7 @@ TEST_F(ImportKeyTest, check_import_change_pub_new) { string pubkey = slurp("test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -118,7 +118,7 @@ TEST_F(ImportKeyTest, check_import_fpr_priv_new) { string pubkey = slurp("test_keys/priv/pep-test-alice-0x6FF00E97_priv.asc"); stringlist_t* keylist = NULL; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -133,7 +133,7 @@ TEST_F(ImportKeyTest, check_import_change_pub_nochange) { string pubkey = slurp("test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -144,7 +144,7 @@ TEST_F(ImportKeyTest, check_import_change_pub_nochange) { free_stringlist(keylist); keylist = NULL; changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -179,7 +179,7 @@ TEST_F(ImportKeyTest, check_import_change_pub_nochange_binary_bigkey) { stringlist_t* keylist = NULL; uint64_t changes = 0; - status = _import_key_with_fpr_return(session, img, img_size, NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, img, img_size, NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NE(keylist, nullptr); // ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -190,7 +190,7 @@ TEST_F(ImportKeyTest, check_import_change_pub_nochange_binary_bigkey) { free_stringlist(keylist); keylist = NULL; changes = 0; - status = _import_key_with_fpr_return(session, img, img_size, NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, img, img_size, NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NE(keylist, nullptr); // ASSERT_STREQ(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97"); @@ -203,7 +203,7 @@ TEST_F(ImportKeyTest, check_import_change_wo_fpr_illegal) { string pubkey = slurp("test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc"); uint64_t changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, NULL, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, NULL, &changes); ASSERT_EQ(status, PEP_ILLEGAL_VALUE); } @@ -212,7 +212,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_pub_concat) { string pubkey_material = slurp("test_keys/pub/import_keys_multi_pub_concat.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -224,7 +224,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_priv_concat) { string privkey_material = slurp("test_keys/priv/import_keys_multi_priv_concat.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -236,7 +236,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_priv_then_pub) { string privkey_material = slurp("test_keys/priv/import_keys_multi_priv_concat.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -245,7 +245,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_priv_then_pub) { keylist = NULL; changes = 0; string pubkey_material = slurp("test_keys/pub/import_keys_multi_pub_concat.asc"); - status = _import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -257,7 +257,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_pub_then_priv) { string pubkey_material = slurp("test_keys/pub/import_keys_multi_pub_concat.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -266,7 +266,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_pub_then_priv) { keylist = NULL; changes = 0; string privkey_material = slurp("test_keys/priv/import_keys_multi_priv_concat.asc"); - status = _import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -279,7 +279,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_pub_blob) { string pubkey_material = slurp("test_keys/pub/import_keys_multi_pub_serial_blob.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -291,7 +291,7 @@ TEST_F(ImportKeyTest, check_import_fpr_list_priv_blob) { string privkey_material = slurp("test_keys/priv/import_keys_multi_priv_serial_blob.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, privkey_material.c_str(), privkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -304,7 +304,7 @@ TEST_F(ImportKeyTest, check_import_added_subkey_then_revoke_subkey) { string pubkey = slurp("test_keys/pub/import_keys_multi_9-0x045134F0_pub.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "25D08DAFD15F21F6A9492FB00A958FA5045134F0"); @@ -315,7 +315,7 @@ TEST_F(ImportKeyTest, check_import_added_subkey_then_revoke_subkey) { free_stringlist(keylist); keylist = NULL; changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "25D08DAFD15F21F6A9492FB00A958FA5045134F0"); @@ -326,7 +326,7 @@ TEST_F(ImportKeyTest, check_import_added_subkey_then_revoke_subkey) { free_stringlist(keylist); keylist = NULL; changes = 0; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "25D08DAFD15F21F6A9492FB00A958FA5045134F0"); @@ -343,7 +343,7 @@ TEST_F(ImportKeyTest, check_import_huge_concat_then_change) { string pubkey_material = slurp("test_keys/pub/import_keys_multi_pub_concat.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -352,7 +352,7 @@ TEST_F(ImportKeyTest, check_import_huge_concat_then_change) { keylist = NULL; changes = 0; string some_changed_material = slurp("test_keys/pub/import_keys_multi_with_mult_changes_concat.asc"); - status = _import_key_with_fpr_return(session, some_changed_material.c_str(), some_changed_material.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, some_changed_material.c_str(), some_changed_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); @@ -365,14 +365,14 @@ TEST_F(ImportKeyTest, check_non_cleared_list_usage) { string pubkey_material = slurp("test_keys/pub/import_keys_multi_pub_concat.asc"); stringlist_t* keylist = NULL; uint64_t changes = 0; - PEP_STATUS status = _import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); + PEP_STATUS status = import_key_with_fpr_return(session, pubkey_material.c_str(), pubkey_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 10); ASSERT_EQ(changes, 1023); string some_changed_material = slurp("test_keys/pub/import_keys_multi_with_mult_changes_concat.asc"); - status = _import_key_with_fpr_return(session, some_changed_material.c_str(), some_changed_material.size(), NULL, &keylist, &changes); + status = import_key_with_fpr_return(session, some_changed_material.c_str(), some_changed_material.size(), NULL, &keylist, &changes); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_EQ(stringlist_length(keylist), 20); @@ -385,7 +385,7 @@ TEST_F(ImportKeyTest, check_770_import_priv_asc) { string pubkey = slurp("test_keys/770_priv.asc"); stringlist_t* keylist = NULL; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "0521111E12084FDEA58A38E880D9FB378DCC789D"); @@ -399,7 +399,7 @@ TEST_F(ImportKeyTest, check_770_import_priv_pgp) { string pubkey = slurp("test_keys/770_priv.pgp"); stringlist_t* keylist = NULL; - status = _import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); + status = import_key_with_fpr_return(session, pubkey.c_str(), pubkey.size(), NULL, &keylist, NULL); ASSERT_EQ(status, PEP_KEY_IMPORTED); ASSERT_NOTNULL(keylist); ASSERT_STREQ(keylist->value, "0521111E12084FDEA58A38E880D9FB378DCC789D");