ENGINE-140: now send all keys that have been at some point used as own key _on that device_

doc_update_sequoia
Edouard Tisserant 2016-11-08 23:04:26 +01:00
parent a72508d752
commit 969ac0b290
6 changed files with 116 additions and 17 deletions

View File

@ -848,3 +848,68 @@ the_end:
return status;
}
DYNAMIC_API PEP_STATUS keys_retrieve_by_flag(
PEP_SESSION session,
keypair_flags_t flags,
stringlist_t **keylist
)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session && keylist);
if (!(session && keylist))
return PEP_ILLEGAL_VALUE;
*keylist = NULL;
stringlist_t *_keylist = NULL;
sqlite3_reset(session->keys_retrieve_by_flag);
sqlite3_bind_int(session->keys_retrieve_by_flag, 1, flags);
int result;
char *fpr = NULL;
stringlist_t *_bl = _keylist;
do {
result = sqlite3_step(session->keys_retrieve_by_flag);
switch (result) {
case SQLITE_ROW:
fpr = strdup((const char *) sqlite3_column_text(session->keys_retrieve_by_flag, 0));
if(fpr == NULL)
goto enomem;
_bl = stringlist_add(_bl, fpr);
if (_bl == NULL) {
free(fpr);
goto enomem;
}
if (_keylist == NULL)
_keylist = _bl;
break;
case SQLITE_DONE:
break;
default:
status = PEP_UNKNOWN_ERROR;
result = SQLITE_DONE;
}
} while (result != SQLITE_DONE);
sqlite3_reset(session->keys_retrieve_by_flag);
if (status == PEP_STATUS_OK)
*keylist = _keylist;
else
free_stringlist(_keylist);
goto the_end;
enomem:
free_stringlist(_keylist);
status = PEP_OUT_OF_MEMORY;
the_end:
return status;
}

View File

@ -189,6 +189,21 @@ DYNAMIC_API PEP_STATUS own_identities_retrieve(
identity_list **own_identities
);
// keys_retrieve_by_flag() - retrieve all flagged keypair fingerprints
//
// parameters:
// session (in) session to use
// flags flags to compare pgp keypair's flags to
// keylist (out) list of fingerprints
//
// caveat:
// the ownership of the list goes to the caller
DYNAMIC_API PEP_STATUS keys_retrieve_by_flag(
PEP_SESSION session,
keypair_flags_t flags,
stringlist_t **keylist
);
#ifdef __cplusplus
}
#endif

View File

@ -52,6 +52,7 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
// Own keys
static const char *sql_own_key_is_listed;
static const char *sql_own_identities_retrieve;
static const char *sql_keys_retrieve_by_flag;
// Sequence
static const char *sql_sequence_value1;
@ -331,8 +332,8 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
sql_get_device_group = "select device_group from person "
"where id = '" PEP_OWN_USERID "';";
sql_set_pgp_keypair = "insert or replace into pgp_keypair (fpr) "
"values (upper(replace(?1,' ',''))) ;";
sql_set_pgp_keypair = "insert or replace into pgp_keypair (fpr, flags) "
"values (upper(replace(?1,' ','')), ?2) ;";
sql_set_identity = "insert or replace into identity (address, main_key_id, "
"user_id, flags) values (?1, upper(replace(?2,' ','')),"
@ -380,8 +381,7 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
// Own keys
sql_own_key_is_listed =
"select count(*) from ("
sql_own_key_is_listed = "select count(*) from ("
" select main_key_id from person "
" where main_key_id = upper(replace(?1,' ',''))"
" and id = '" PEP_OWN_USERID "' "
@ -390,7 +390,8 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
" where main_key_id = upper(replace(?1,' ',''))"
" and user_id = '" PEP_OWN_USERID "' );";
sql_own_identities_retrieve = "select address, fpr, username, "
sql_own_identities_retrieve =
"select address, fpr, username, "
" lang, identity.flags | pgp_keypair.flags"
" from identity"
" join person on id = identity.user_id"
@ -399,6 +400,10 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
" and pgp_keypair_fpr = identity.main_key_id"
" where identity.user_id = '" PEP_OWN_USERID "';";
sql_keys_retrieve_by_flag =
"select fpr from pgp_keypair"
" where (flags & ?1) = ?1;";
sql_sequence_value1 = "insert or replace into sequences (name, value, own) "
"values (?1, "
"(select coalesce((select value + 1 from sequences "
@ -526,6 +531,11 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
&_session->own_identities_retrieve, NULL);
assert(int_result == SQLITE_OK);
int_result = sqlite3_prepare_v2(_session->db, sql_keys_retrieve_by_flag,
(int)strlen(sql_keys_retrieve_by_flag),
&_session->keys_retrieve_by_flag, NULL);
assert(int_result == SQLITE_OK);
// Sequence
int_result = sqlite3_prepare_v2(_session->db, sql_sequence_value1,
@ -652,6 +662,8 @@ DYNAMIC_API void release(PEP_SESSION session)
sqlite3_finalize(session->own_key_is_listed);
if (session->own_identities_retrieve)
sqlite3_finalize(session->own_identities_retrieve);
if (session->keys_retrieve_by_flag)
sqlite3_finalize(session->keys_retrieve_by_flag);
if (session->sequence_value1)
sqlite3_finalize(session->sequence_value1);
if (session->sequence_value2)
@ -1124,6 +1136,9 @@ DYNAMIC_API PEP_STATUS set_identity(
sqlite3_reset(session->set_pgp_keypair);
sqlite3_bind_text(session->set_pgp_keypair, 1, identity->fpr, -1,
SQLITE_STATIC);
sqlite3_bind_int(session->set_pgp_keypair, 2,
strcmp(identity->user_id, PEP_OWN_USERID) == 0 ?
PEP_kpf_own_key : 0);
result = sqlite3_step(session->set_pgp_keypair);
sqlite3_reset(session->set_pgp_keypair);
if (result != SQLITE_DONE) {

View File

@ -421,6 +421,15 @@ typedef enum _identity_flags {
typedef unsigned int identity_flags_t;
typedef enum _keypair_flags {
// the first octet flags are app defined settings
// the second octet flags are calculated
PEP_kpf_own_key = 512 // key (was) used for own identity
} keypair_flags;
typedef unsigned int keypair_flags_t;
typedef struct _pEp_identity {
char *address; // C string with address UTF-8 encoded
char *fpr; // C string with fingerprint UTF-8 encoded

View File

@ -120,6 +120,7 @@ typedef struct _pEpSession {
// Own keys
sqlite3_stmt *own_key_is_listed;
sqlite3_stmt *own_identities_retrieve;
sqlite3_stmt *keys_retrieve_by_flag;
// sequence value
sqlite3_stmt *sequence_value1;

View File

@ -576,18 +576,13 @@ PEP_STATUS unicast_msg(
goto error;
}
IdentityList_t *list =
msg->payload.present ==
DeviceGroup_Protocol__payload_PR_groupKeys ?
&msg->payload.choice.groupKeys.ownIdentities :
&msg->payload.choice.groupUpdate.ownIdentities;
stringlist_t *keylist = NULL;
status = keys_retrieve_by_flag(session, PEP_kpf_own_key, &keylist);
if (status != PEP_STATUS_OK)
goto error;
for (int i=0; i<list->list.count; i++) {
Identity_t *ident = list->list.array[i];
char *fpr = strndup((const char *)ident->fpr.buf, ident->fpr.size);
assert(fpr);
if (!fpr)
goto enomem;
for (stringlist_t *_keylist=keylist; _keylist!=NULL; _keylist=_keylist->next) {
char *fpr = _keylist->value;
static char filename[MAX_LINELENGTH];
int result = snprintf(filename, MAX_LINELENGTH, "%s-sec.asc", fpr);
if (result < 0)
@ -595,7 +590,6 @@ PEP_STATUS unicast_msg(
char *key = NULL;
size_t size = 0;
status = export_secrect_key(session, fpr, &key, &size);
free(fpr);
if (status != PEP_STATUS_OK)
goto error;
bloblist_t *bl = bloblist_add(_message->attachments,