pEp.foundation
/
pEpEngine
16
2
Fork 17
Code Issues 19 Pull Requests 2 Releases 46 Wiki Activity

merged in default

Browse Source
doxygen-key-id
Krista 'DarthMama' Bennett 2 years ago
parent 4faadedeee b17689e2a8
commit 9c2a11633e
27 changed files with 2410 additions and 1203 deletions
Show Stats Download Patch File Download Diff File

4
build-mac/generated-files-asn1.txt
Unescape View File

@ -70,6 +70,10 @@ $(SRCROOT)/../asn.1/PString.c
$(SRCROOT)/../asn.1/PString.h
$(SRCROOT)/../asn.1/PrintableString.c
$(SRCROOT)/../asn.1/PrintableString.h
$(SRCROOT)/../asn.1/Rating.c
$(SRCROOT)/../asn.1/Rating.h
$(SRCROOT)/../asn.1/ReceiverRating.c
$(SRCROOT)/../asn.1/ReceiverRating.h
$(SRCROOT)/../asn.1/Rollback.c
$(SRCROOT)/../asn.1/Rollback.h
$(SRCROOT)/../asn.1/Sync.c

16
build-mac/pEpEngine.xcodeproj/project.pbxproj
Unescape View File

@ -171,8 +171,8 @@
431F04B722733A7E00CCE960 /* key_reset.h in Headers */ = {isa = PBXBuildFile; fileRef = 431F04B222733A7E00CCE960 /* key_reset.h */; };
432713B023A10B07007EAD4A /* GroupKeysForNewMember.c in Sources */ = {isa = PBXBuildFile; fileRef = 432713AF23A10B07007EAD4A /* GroupKeysForNewMember.c */; };
432714AB23A10B3B007EAD4A /* GroupKeysUpdate.c in Sources */ = {isa = PBXBuildFile; fileRef = 432714AA23A10B3B007EAD4A /* GroupKeysUpdate.c */; };
43370833203C075A004E6547 /* sqlite3.c in Sources */ = {isa = PBXBuildFile; fileRef = 4337082D203C075A004E6547 /* sqlite3.c */; };
43370834203C075A004E6547 /* sqlite3.h in Headers */ = {isa = PBXBuildFile; fileRef = 43370832203C075A004E6547 /* sqlite3.h */; };
436084242539A3B1005D56A7 /* sqlite3.c in Sources */ = {isa = PBXBuildFile; fileRef = 436084222539A3B0005D56A7 /* sqlite3.c */; };
436084252539A3B1005D56A7 /* sqlite3.h in Headers */ = {isa = PBXBuildFile; fileRef = 436084232539A3B1005D56A7 /* sqlite3.h */; };
4378C79123D1AF1700D1AF3F /* ElectGroupKeyResetLeader.h in Headers */ = {isa = PBXBuildFile; fileRef = 4378C78B23D1AF1700D1AF3F /* ElectGroupKeyResetLeader.h */; };
4378C79223D1AF1700D1AF3F /* ElectGroupKeyResetLeader.c in Sources */ = {isa = PBXBuildFile; fileRef = 4378C79023D1AF1700D1AF3F /* ElectGroupKeyResetLeader.c */; };
438C43B52167752C00C7425B /* labeled_int_list.h in Headers */ = {isa = PBXBuildFile; fileRef = 438C43AF2167752C00C7425B /* labeled_int_list.h */; };
@ -429,8 +429,8 @@
431F04B222733A7E00CCE960 /* key_reset.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = key_reset.h; path = ../src/key_reset.h; sourceTree = "<group>"; };
432713AF23A10B07007EAD4A /* GroupKeysForNewMember.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = GroupKeysForNewMember.c; path = ../asn.1/GroupKeysForNewMember.c; sourceTree = "<group>"; };
432714AA23A10B3B007EAD4A /* GroupKeysUpdate.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = GroupKeysUpdate.c; path = ../asn.1/GroupKeysUpdate.c; sourceTree = "<group>"; };
4337082D203C075A004E6547 /* sqlite3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sqlite3.c; path = ../src/sqlite3.c; sourceTree = "<group>"; };
43370832203C075A004E6547 /* sqlite3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sqlite3.h; path = ../src/sqlite3.h; sourceTree = "<group>"; };
436084222539A3B0005D56A7 /* sqlite3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sqlite3.c; path = ../../sqlite/sqlite3.c; sourceTree = "<group>"; };
436084232539A3B1005D56A7 /* sqlite3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sqlite3.h; path = ../../sqlite/sqlite3.h; sourceTree = "<group>"; };
4378C78B23D1AF1700D1AF3F /* ElectGroupKeyResetLeader.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ElectGroupKeyResetLeader.h; path = ../asn.1/ElectGroupKeyResetLeader.h; sourceTree = "<group>"; };
4378C79023D1AF1700D1AF3F /* ElectGroupKeyResetLeader.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ElectGroupKeyResetLeader.c; path = ../asn.1/ElectGroupKeyResetLeader.c; sourceTree = "<group>"; };
438C43962167582400C7425B /* sync_api.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sync_api.h; path = ../src/sync_api.h; sourceTree = "<group>"; };
@ -744,6 +744,8 @@
64A8264B1B455C5600EECAF0 /* srcref */ = {
isa = PBXGroup;
children = (
436084222539A3B0005D56A7 /* sqlite3.c */,
436084232539A3B1005D56A7 /* sqlite3.h */,
43C3778D246A8C0300962D22 /* internal_format.c */,
43C37788246A8C0300962D22 /* internal_format.h */,
43188ABE23C4BBDD008EF79C /* distribution_codec.c */,
@ -771,8 +773,6 @@
43F73C052166282C00AB4524 /* key_reset.c */,
43F73C032166282C00AB4524 /* openpgp_compat.c */,
43F73C092166282C00AB4524 /* sync_api.c */,
4337082D203C075A004E6547 /* sqlite3.c */,
43370832203C075A004E6547 /* sqlite3.h */,
430BCC472015EE800077E998 /* pEp_string.c */,
430BCC462015EE800077E998 /* pEp_string.h */,
43F6921C1F164A47009418F5 /* resource_id.c */,
@ -894,7 +894,6 @@
15B037C822B2B822002D664C /* ISO639-1.h in Headers */,
15B037C922B2B822002D664C /* xer_decoder.h in Headers */,
43188A9923C4B2DE008EF79C /* Sync_func.h in Headers */,
43370834203C075A004E6547 /* sqlite3.h in Headers */,
15147EF1237E9EA7003989FE /* GroupHandshake.h in Headers */,
15B037D522B2B822002D664C /* TID.h in Headers */,
15B037AD22B2B822002D664C /* Rollback.h in Headers */,
@ -921,6 +920,7 @@
C46EBAEE216E445F0042A6A3 /* base64.h in Headers */,
15B037F722B2B822002D664C /* per_decoder.h in Headers */,
158FF95F23C49ED600CB1016 /* GroupKeysUpdate.h in Headers */,
436084252539A3B1005D56A7 /* sqlite3.h in Headers */,
15B037F022B2B822002D664C /* NegotiationOpen.h in Headers */,
);
runOnlyForDeploymentPostprocessing = 0;
@ -1163,7 +1163,6 @@
158FF96123C49ED600CB1016 /* Distribution.c in Sources */,
43F73C0B2166282C00AB4524 /* openpgp_compat.c in Sources */,
15B037F422B2B822002D664C /* ber_decoder.c in Sources */,
43370833203C075A004E6547 /* sqlite3.c in Sources */,
15B0380122B2B822002D664C /* asn_SET_OF.c in Sources */,
15B037DE22B2B822002D664C /* KeySync.c in Sources */,
15B75BE223FA9F9D00DAE976 /* SynchronizeGroupKeys.c in Sources */,
@ -1180,6 +1179,7 @@
430D258B1C9ED75A00B94535 /* blacklist.c in Sources */,
15B0380E22B2B822002D664C /* PrintableString.c in Sources */,
15B037E922B2B822002D664C /* CommitAcceptOfferer.c in Sources */,
436084242539A3B1005D56A7 /* sqlite3.c in Sources */,
43188AC023C4BBDE008EF79C /* distribution_codec.c in Sources */,
432713B023A10B07007EAD4A /* GroupKeysForNewMember.c in Sources */,
646C414E1D510D8800C63EFF /* baseprotocol.c in Sources */,

102
pEpErr.py
Unescape View File

@ -0,0 +1,102 @@
#!/usr/bin/env python3
# Note to python wizzes - I am not trying to be clever or efficient here. This
# is a convenience tool for ridiculous engine debugging fun, and I don't write
# python often. I am definitely not a member of the religion. YMMV, etc.
#
# If you break this, you buy it.
#
import sys
import argparse
def parse_enum_line(line, ct, r):
line = line.strip()
if (line.startswith("//") or line == ""):
return
parts = []
if (ct):
temp = line.split(",")
if len(temp) == 0:
return
else:
parts = temp[0].split()
else:
parts = line.split()
if len(parts) < 3 or parts[1] != '=':
return
if r and not parts[0].startswith("PEP_rating"):
return
elif ct and not parts[0].startswith("PEP_ct_"):
return
elif not ct and not r and not parts[0].startswith("PEP_"):
return
key = int(parts[2].strip(','), 0)
value = parts[0]
valueDict[key] = value
def get_error(code):
try:
error = valueDict[code]
except:
print("Hah buddy! You wish!")
exit(-1)
print(str(code) + " -> " + error)
parser = argparse.ArgumentParser()
parser.add_argument("value", type=int)
parser.add_argument("--comm_type", "-ct", help="number represents a comm type", action='store_true')
parser.add_argument("--rating", "-r", help="number represents a rating", action='store_true')
args = parser.parse_args()
error_val = args.value
input_fname = ""
if not args.rating:
input_fname = "src/pEpEngine.h"
else:
input_fname = "src/message_api.h"
print(input_fname)
pEp_error = not (args.rating or args.comm_type)
file = open(input_fname, 'r')
content = file.readlines()
file.close()
inStruct = False
valueDict = dict()
# This is super fragile. C'est la vie.
# If another struct is added first, expect chaos! ;)
#
for line in content:
if args.rating:
if line.startswith("} PEP_rating;"):
break
elif args.comm_type:
if line.startswith("} PEP_comm_type;"):
break
elif line.startswith("} PEP_STATUS;"):
break
if not inStruct:
if (args.rating and not line.startswith("typedef enum _PEP_rating {")) or \
(args.comm_type and not line.startswith("typedef enum _PEP_comm_type {")) or \
(pEp_error and not line.startswith("typedef enum {")):
continue
else:
inStruct = True
continue
parse_enum_line(line, args.comm_type, args.rating)
get_error(error_val)

3
src/Makefile
Unescape View File

@ -105,7 +105,8 @@ install_headers: $(TARGET)
install: $(TARGET) install_headers
mkdir -p "$(PREFIX)/lib/"
cp $< $(PREFIX)/lib/
cp -v $< $(PREFIX)/lib/
cp -v libpEpEngine.a $(PREFIX)/lib/
beinstall: install
cp platform*.h $(PREFIX)/include/pEp/

40
src/baseprotocol.c
Unescape View File

@ -8,11 +8,23 @@
#include "message_api.h"
#include "baseprotocol.h"
static const char *_base_type[] = {
"application/pEp.sign",
"application/pEp.sync",
"application/pEp.distribution"
};
static PEP_STATUS _get_base_protocol_type_str(base_protocol_type type, const char** type_str) {
*type_str = NULL;
switch(type) {
case BASE_SIGN:
*type_str = _BASE_PROTO_MIME_TYPE_SIGN;
break;
case BASE_SYNC:
*type_str = _BASE_PROTO_MIME_TYPE_SYNC;
break;
case BASE_KEYRESET:
*type_str = _BASE_PROTO_MIME_TYPE_DIST;
break;
default:
return PEP_ILLEGAL_VALUE;
}
return PEP_STATUS_OK;
}
PEP_STATUS base_decorate_message(
PEP_SESSION session,
@ -38,15 +50,15 @@ PEP_STATUS base_decorate_message(
switch (type) {
case BASE_SYNC:
bl = bloblist_add(msg->attachments, payload, size,
_base_type[type], "sync.pEp");
_BASE_PROTO_MIME_TYPE_SIGN, "sync.pEp");
break;
case BASE_KEYRESET:
bl = bloblist_add(msg->attachments, payload, size,
_base_type[type], "distribution.pEp");
_BASE_PROTO_MIME_TYPE_SYNC, "distribution.pEp");
break;
default:
bl = bloblist_add(msg->attachments, payload, size,
_base_type[type], "ignore_this_attachment.pEp");
_BASE_PROTO_MIME_TYPE_DIST, "ignore_this_attachment.pEp");
}
if (bl == NULL)
@ -64,7 +76,7 @@ PEP_STATUS base_decorate_message(
assert(sign && sign_size);
bl = bloblist_add(bl, sign, sign_size,
_base_type[BASE_SIGN], "electronic_signature.asc");
_BASE_PROTO_MIME_TYPE_SIGN, "electronic_signature.asc");
if (!bl)
goto enomem;
}
@ -165,8 +177,14 @@ PEP_STATUS base_extract_message(
size_t _sign_size = 0;
stringlist_t *keylist = NULL;
const char* type_str = NULL;
status = _get_base_protocol_type_str(type, &type_str);
if (status != PEP_STATUS_OK || !type_str)
return status;
for (bloblist_t *bl = msg->attachments; bl ; bl = bl->next) {
if (bl->mime_type && strcasecmp(bl->mime_type, _base_type[type]) == 0) {
if (bl->mime_type && strcasecmp(bl->mime_type, type_str) == 0) {
if (!_payload) {
_payload = bl->value;
_payload_size = bl->size;
@ -176,7 +194,7 @@ PEP_STATUS base_extract_message(
goto the_end;
}
}
else if (bl->mime_type && strcasecmp(bl->mime_type, _base_type[BASE_SIGN]) == 0) {
else if (bl->mime_type && strcasecmp(bl->mime_type, _BASE_PROTO_MIME_TYPE_SIGN) == 0) {
if (!_sign) {
_sign = bl->value;
_sign_size = bl->size;

4
src/baseprotocol.h
Unescape View File

@ -12,6 +12,9 @@
extern "C" {
#endif
#define _BASE_PROTO_MIME_TYPE_SIGN "application/pEp.sign"
#define _BASE_PROTO_MIME_TYPE_SYNC "application/pEp.sync"
#define _BASE_PROTO_MIME_TYPE_DIST "application/pEp.distribution"
/**
* @enum base_protocol_type
@ -21,7 +24,6 @@ extern "C" {
*/
typedef enum _base_protocol_type {
BASE_SIGN = 0,
BASE_SYNC = 1,
BASE_KEYRESET = 2
} base_protocol_type;

2
src/bloblist.c
Unescape View File

@ -157,7 +157,7 @@ DYNAMIC_API bloblist_t *bloblist_add(bloblist_t *bloblist, char *blob, size_t si
list_curr = list_curr->next;
list_curr->next = new_bloblist(blob, size, mime_type, filename);
list_curr->release_value = release_value;
list_curr->next->release_value = release_value;
assert(list_curr->next);
if (!list_curr->next)

11
src/key_reset.c
Unescape View File

@ -1474,6 +1474,17 @@ PEP_STATUS key_reset(
// Now it matters if we're talking about ourselves or a partner.
bool is_own_private = false;
if (is_me(session, tmp_ident)) {
// For now: We don't reset own revoked/mistrusted key. We're
// already done with this. @bug - check after key election removal
bool mistr = false;
bool revok = false;
status = is_mistrusted_key(session, fpr_copy, &mistr);
if (status != PEP_STATUS_OK || mistr)
goto pEp_free;
status = key_revoked(session, fpr_copy, &revok);
if (status != PEP_STATUS_OK || revok)
goto pEp_free;
bool own_key = false;
status = is_own_key(session, fpr_copy, &own_key);

88
src/keymanagement.c
Unescape View File

@ -78,7 +78,6 @@ PEP_STATUS elect_pubkey(
PEP_comm_type _comm_type_key;
status = get_key_rating(session, _keylist->value, &_comm_type_key);
assert(status != PEP_OUT_OF_MEMORY);
if (status == PEP_OUT_OF_MEMORY) {
free_stringlist(keylist);
return PEP_OUT_OF_MEMORY;
@ -171,13 +170,20 @@ static PEP_STATUS validate_fpr(PEP_SESSION session,
if (ct == PEP_ct_unknown) {
// If status is bad, it's ok, we get the rating
// we should use then (PEP_ct_unknown)
get_key_rating(session, fpr, &ct);
// we should use then (PEP_ct_unknown).
// Only one we really care about here is PEP_OUT_OF_MEMORY
status = get_key_rating(session, fpr, &ct);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
ident->comm_type = ct;
}
else if (ct == PEP_ct_key_expired || ct == PEP_ct_key_expired_but_confirmed) {
PEP_comm_type ct_expire_check = PEP_ct_unknown;
get_key_rating(session, fpr, &ct_expire_check);
status = get_key_rating(session, fpr, &ct_expire_check);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
if (ct_expire_check >= PEP_ct_strong_but_unconfirmed) {
ident->comm_type = ct_expire_check;
if (ct == PEP_ct_key_expired_but_confirmed)
@ -191,7 +197,9 @@ static PEP_STATUS validate_fpr(PEP_SESSION session,
bool pEp_user = false;
is_pEp_user(session, ident, &pEp_user);
status = is_pEp_user(session, ident, &pEp_user);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
if (pEp_user) {
switch (ct) {
@ -391,7 +399,10 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
bool* is_user_default,
bool* is_address_default,
bool check_blacklist) {
if (!session)
return PEP_ILLEGAL_VALUE;
PEP_STATUS status = PEP_STATUS_OK;
if (!stored_identity || EMPTYSTR(stored_identity->user_id)
@ -516,6 +527,10 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
*/
static void transfer_ident_lang_and_flags(pEp_identity* new_ident,
pEp_identity* stored_ident) {
if (!(new_ident && stored_ident))
return;
if (new_ident->lang[0] == 0) {
new_ident->lang[0] = stored_ident->lang[0];
new_ident->lang[1] = stored_ident->lang[1];
@ -540,9 +555,10 @@ static void transfer_ident_lang_and_flags(pEp_identity* new_ident,
static void adjust_pEp_trust_status(PEP_SESSION session, pEp_identity* identity) {
assert(session);
assert(identity);
if (identity->comm_type < PEP_ct_strong_but_unconfirmed ||
(identity->comm_type | PEP_ct_confirmed) == PEP_ct_pEp)
if (!session || !identity ||
identity->comm_type < PEP_ct_strong_but_unconfirmed ||
((identity->comm_type | PEP_ct_confirmed) == PEP_ct_pEp) )
return;
bool pEp_user;
@ -818,10 +834,13 @@ DYNAMIC_API PEP_STATUS update_identity(
this_uid = NULL;
// Reflect the change we just made to the DB
this_id->user_id = strdup(identity->user_id);
stored_ident = this_id;
// FIXME: free list.
break;
this_id->user_id = NULL;
stored_ident = identity_dup(this_id);
if (!stored_ident)
goto enomem;
stored_ident->user_id = strdup(identity->user_id);
break;
}
}
else if (input_is_TOFU && !curr_is_TOFU) {
@ -829,13 +848,17 @@ DYNAMIC_API PEP_STATUS update_identity(
// BAD APP BEHAVIOUR.
free(identity->user_id);
identity->user_id = strdup(this_id->user_id);
stored_ident = this_id;
// FIXME: free list.
break;
stored_ident = identity_dup(this_id);
if (!stored_ident)
goto enomem;
break;
}
}
id_curr = id_curr->next;
}
free_identity_list(id_list);
id_list = NULL;
}
}
@ -868,7 +891,13 @@ DYNAMIC_API PEP_STATUS update_identity(
// * create identity with user_id, address, username
// (this is the input id without the fpr + comm type!)
elect_pubkey(session, identity, false);
// the only non-OK status which must be addressed here
// (and is possible) is PEP_OUT_OF_MEMORY. This function will
// disappear in the next release, so we check for this and
// handle it explicitly.
status = elect_pubkey(session, identity, false);
if (status == PEP_OUT_OF_MEMORY)
goto enomem;
// * We've already checked and retrieved
// any applicable temporary identities above. If we're
@ -924,14 +953,15 @@ DYNAMIC_API PEP_STATUS update_identity(
if (!identity->user_id)
goto enomem;
stored_ident = this_id;
stored_ident = identity_dup(this_id);
break;
}
}
}
id_curr = id_curr->next;
}
free_identity_list(id_list);
id_list = NULL;
}
}
@ -1029,10 +1059,12 @@ DYNAMIC_API PEP_STATUS update_identity(
// Results are ordered by timestamp descending, so this covers
// both the one-result and multi-result cases
if (id_list) {
if (id_list && id_list->ident) {
if (stored_ident) // unlikely
free_identity(stored_ident);
stored_ident = id_list->ident;
stored_ident = identity_dup(id_list->ident);
free_identity_list(id_list);
id_list = NULL;
}
}
if (stored_ident)
@ -1104,6 +1136,9 @@ PEP_STATUS elect_ownkey(
PEP_SESSION session, pEp_identity * identity
)
{
if (!(session && identity))
return PEP_ILLEGAL_VALUE;
PEP_STATUS status;
stringlist_t *keylist = NULL;
@ -1207,7 +1242,7 @@ PEP_STATUS _myself(PEP_SESSION session,
assert(identity);
assert(!EMPTYSTR(identity->address));
if (!session || EMPTYSTR(identity->address))
if (!session || !identity || EMPTYSTR(identity->address))
return PEP_ILLEGAL_VALUE;
// this is leading to crashes otherwise
@ -2216,7 +2251,10 @@ PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr,
*/
static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
pEp_identity* ident) {
if (!(session && ident))
return PEP_ILLEGAL_VALUE;
PEP_STATUS status = PEP_STATUS_OK;
if (!ident->user_id)
@ -2259,6 +2297,10 @@ static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
}
DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
if (!session)
return PEP_ILLEGAL_VALUE;
identity_list* idents = NULL;
PEP_STATUS status = own_identities_retrieve(session, &idents);
if (status != PEP_STATUS_OK)

807
src/message_api.c
View File

File diff suppressed because it is too large Load Diff

274
src/message_api.h
Unescape View File

@ -1,4 +1,4 @@
/**
/**
* @file message_api.h
* @brief pEp engine API for message handling and evaluation and related functions
* @license GNU General Public License 3.0 - see LICENSE.txt
@ -18,15 +18,15 @@ extern "C" {
/**
* <!-- import_attached_keys() -->
*
*
* @brief TODO
*
* @param[in] session PEP_SESSION
* @param[in] *msg message
* @param[in] **private_idents identity_list
* @param[in] **imported_keys stringlist_t
* @param[in] *changed_keys uint64_t
*
*
* @param[in] session PEP_SESSION
* @param[in] *msg message
* @param[in] **private_idents identity_list
* @param[in] **imported_keys stringlist_t
* @param[in] *changed_keys uint64_t
*
*/
bool import_attached_keys(
PEP_SESSION session,
@ -38,42 +38,42 @@ bool import_attached_keys(
/**
* <!-- attach_own_key() -->
*
*
* @brief TODO
*
*
* @param[in] session PEP_SESSION
* @param[in] *msg message
*
*
*/
void attach_own_key(PEP_SESSION session, message *msg);
/**
* <!-- determine_encryption_format() -->
*
*
* @brief TODO
*
*
* @param[in] *msg message
*
*
*/
PEP_cryptotech determine_encryption_format(message *msg);
/**
* <!-- add_opt_field() -->
*
*
* @brief TODO
*
*
* @param[in] *msg message
* @param[in] *name constchar
* @param[in] *value constchar
*
*
*/
void add_opt_field(message *msg, const char *name, const char *value);
/**
* @enum PEP_encrypt_flags
*
*
* @brief TODO
*
*
*/
typedef enum _PEP_encrypt_flags {
// "default" means whatever the default behaviour for the function is.
@ -104,9 +104,9 @@ typedef unsigned int PEP_encrypt_flags_t;
/**
* @enum message_wrap_type
*
*
* @brief TODO
*
*
*/
typedef enum _message_wrap_type {
PEP_message_unwrapped, // 1.0 or anything we don't wrap
@ -117,36 +117,36 @@ typedef enum _message_wrap_type {
/**
* <!-- encrypt_message() -->
*
*
* @brief Encrypt message in memory
*
*
* @param[in] session session handle
* @param[in,out] src message to encrypt - usually in-only, but can be
* in-out for unencrypted messages; in that case,
* @param[in,out] src message to encrypt - usually in-only, but can be
* in-out for unencrypted messages; in that case,
* we may attach the key and decorate the message
* @param[in] extra extra keys for encryption
* @param[out] dst pointer to new encrypted message or NULL if no
* encryption could take place
* @param[in] enc_format The desired format this message should be encrypted with
* @param[in] flags flags to set special encryption features
*
*
* @retval PEP_STATUS_OK on success
* @retval PEP_KEY_HAS_AMBIG_NAME at least one of the receipient keys has
* an ambiguous name
* @retval PEP_UNENCRYPTED on demand or no recipients with usable
* key, is left unencrypted, and key is
* attached to it
*
*
* @warning the ownership of src remains with the caller
* the ownership of dst goes to the caller
*
*
* enc_format PEP_enc_inline_EA:
* internal format of the encrypted attachments is changing, see
* https://dev.pep.foundation/Engine/ElevatedAttachments
*
*
* Only use this for transports without support for attachments
* when attached data must be sent inline
*
*
*/
DYNAMIC_API PEP_STATUS encrypt_message(
@ -161,10 +161,10 @@ DYNAMIC_API PEP_STATUS encrypt_message(
/**
* <!-- encrypt_message_and_add_priv_key() -->
*
*
* @brief Encrypt message in memory, adding an encrypted private
* key (encrypted separately and sent within the inner message)
*
*
* @param[in] session session handle
* @param[in] src message to encrypt
* @param[out] dst pointer to new encrypted message or NULL if no
@ -173,17 +173,17 @@ DYNAMIC_API PEP_STATUS encrypt_message(
* should be encrypted
* @param[in] enc_format encrypted format
* @param[in] flags flags to set special encryption features
*
*
* @retval PEP_STATUS_OK on success
* @retval PEP_KEY_HAS_AMBIG_NAME at least one of the receipient keys has
* an ambiguous name
* @retval PEP_UNENCRYPTED on demand or no recipients with usable
* key, is left unencrypted, and key is
* attached to it
*
*
* @warning the ownershop of src remains with the caller
* the ownership of dst goes to the caller
*
*
*/
DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
PEP_SESSION session,
@ -197,11 +197,11 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
/**
* <!-- encrypt_message_for_self() -->
*
*
* @brief Encrypt message in memory for user's identity only,
* ignoring recipients and other identities from
* the message
*
*
* @param[in] session session handle
* @param[in] target_id self identity this message should be encrypted for
* @param[in] src message to encrypt
@ -209,20 +209,20 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
* @param[out] dst pointer to new encrypted message or NULL on failure
* @param[in] enc_format encrypted format
* @param[in] flags flags to set special encryption features
*
*
* @retval PEP_STATUS_OK on success
* @retval PEP_KEY_NOT_FOUND at least one of the receipient keys
* could not be found
* @retval PEP_KEY_HAS_AMBIG_NAME at least one of the receipient keys has
* an ambiguous name
* @retval PEP_GET_KEY_FAILED cannot retrieve key
*
*
* @warning the ownership of src remains with the caller
* the ownership of target_id remains w/ caller
* the ownership of target_id remains w/ caller
* the ownership of dst goes to the caller
* message is NOT encrypted for identities other than the target_id (and then,
* only if the target_id refers to self!)
*
*
*/
DYNAMIC_API PEP_STATUS encrypt_message_for_self(
PEP_SESSION session,
@ -236,9 +236,9 @@ DYNAMIC_API PEP_STATUS encrypt_message_for_self(
/**
* @enum PEP_rating
*
*
* @brief TODO
*
*
*/
typedef enum _PEP_rating {
PEP_rating_undefined = 0,
@ -270,9 +270,9 @@ typedef enum _PEP_rating {
/**
* @enum PEP_color
*
*
* @brief TODO
*
*
*/
typedef enum _PEP_color {
PEP_color_no_color = 0,
@ -284,20 +284,20 @@ typedef enum _PEP_color {
/**
* <!-- color_from_rating() -->
*
*
* @brief Calculate color from rating
*
*
* @param[in] rating rating
*
*
* @retval PEP_color color representing the rating
*/
DYNAMIC_API PEP_color color_from_rating(PEP_rating rating);
/**
* @enum PEP_decrypt_flags
*
*
* @brief TODO
*
*
*/
typedef enum _PEP_decrypt_flags {
PEP_decrypt_flag_own_private_key = 0x1,
@ -315,22 +315,22 @@ typedef unsigned int PEP_decrypt_flags_t;
/**
* <!-- decrypt_message() -->
*
*
* @brief Decrypt message in memory
*
*
* @param[in] session session handle
* @param[in,out] src message to decrypt
* @param[out] dst pointer to new decrypted message or NULL on failure
* @param[in,out] keylist in: stringlist with additional keyids for reencryption if needed
* (will be freed and replaced with output keylist)
* (will be freed and replaced with output keylist)
* out: stringlist with keyids used for signing and encryption. first
* first key is signer, additional keys are the ones it was encrypted
* to. Only signer and whichever of the user's keys was used are
* to. Only signer and whichever of the user's keys was used are
* reliable
* @param[out] rating rating for the message
* @param[in,out] flags flags to signal special decryption features
*
* @retval <ERROR> any error status
*
* @retval <ERROR> any error status
* @retval PEP_DECRYPTED if message decrypted but not verified
* @retval PEP_CANNOT_REENCRYPT if message was decrypted (and possibly
* verified) but a reencryption operation is expected by the caller
@ -342,7 +342,7 @@ typedef unsigned int PEP_decrypt_flags_t;
* ---------------------------------------------------------------------------------------------|
* Incoming flags |
* ---------------------------------------------------------------------------------------------|
* Flag | Description |
* Flag | Description |
* --------------------------------------|------------------------------------------------------|
* PEP_decrypt_flag_untrusted_server | used to signal that decrypt function should engage |
* | in behaviour specified for when the server storing |
@ -354,8 +354,8 @@ typedef unsigned int PEP_decrypt_flags_t;
* | (NOT trusted or set to be used - handshake/trust is |
* | required for that) |
* | |
* PEP_decrypt_flag_src_modified | indicates that the modified_src field should contain |
* | a modified version of the source, at the moment |
* PEP_decrypt_flag_src_modified | indicates that the modified_src field should contain |
* | a modified version of the source, at the moment |
* | always as a result of the input flags. |
* | |
* PEP_decrypt_flag_consume | used by sync to indicate this was a pEp internal |
@ -364,8 +364,8 @@ typedef unsigned int PEP_decrypt_flags_t;
* | |
* PEP_decrypt_flag_ignore | used by sync |
* ---------------------------------------------------------------------------------------------| @endverbatim
*
* @warning the ownership of src remains with the caller - however, the contents
*
* @warning the ownership of src remains with the caller - however, the contents
* might be modified (strings freed and allocated anew or set to NULL,
* etc) intentionally; when this happens, PEP_decrypt_flag_src_modified
* is set.
@ -375,7 +375,7 @@ typedef unsigned int PEP_decrypt_flags_t;
* dst to NULL
* if src->enc_format is PEP_enc_inline_EA on input then elevated attachments
* will be expected
*
*
*/
DYNAMIC_API PEP_STATUS decrypt_message(
@ -389,24 +389,24 @@ DYNAMIC_API PEP_STATUS decrypt_message(
/**
* <!-- own_message_private_key_details() -->
*
*
* @brief Details on own key in own message
*
*
* @param[in] session session handle
* @param[in] msg message to decrypt
* @param[out] ident identity containing uid, address and fpr of key
* note:
* In order to obtain details about key to be possibly imported
* as a replacement of key currently used as own identity,
* application passes message that have been previously flagged by
* as a replacement of key currently used as own identity,
* application passes message that have been previously flagged by
* decrypt_message() as own message containing own key to this function
*
*
* @retval error status or PEP_STATUS_OK on success
*
*
* @warning the ownership of msg remains with the caller
* the ownership of ident goes to the caller
* msg MUST be encrypted so that this function can check own signature
*
*
*/
DYNAMIC_API PEP_STATUS own_message_private_key_details(
PEP_SESSION session,
@ -417,19 +417,19 @@ DYNAMIC_API PEP_STATUS own_message_private_key_details(
/**
* <!-- outgoing_message_rating() -->
*
*
* @brief Get rating for an outgoing message
*
*
* @param[in] session session handle
* @param[in] msg message to get the rating for
* @param[out] rating rating for the message
*
*
* @retval error status or PEP_STATUS_OK on success
*
*
* @warning msg->from must point to a valid pEp_identity
* msg->dir must be PEP_dir_outgoing
* the ownership of msg remains with the caller
*
*
*/
DYNAMIC_API PEP_STATUS outgoing_message_rating(
PEP_SESSION session,
@ -440,19 +440,19 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating(
/**
* <!-- outgoing_message_rating_preview() -->
*
*
* @brief Get rating preview
*
*
* @param[in] session session handle
* @param[in] msg message to get the rating for
* @param[out] rating rating preview for the message
*
*
* @retval error status or PEP_STATUS_OK on success
*
*
* @warning msg->from must point to a valid pEp_identity
* msg->dir must be PEP_dir_outgoing
* the ownership of msg remains with the caller
*
*
*/
DYNAMIC_API PEP_STATUS outgoing_message_rating_preview(
PEP_SESSION session,
@ -462,17 +462,17 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating_preview(
/**
* <!-- identity_rating() -->
*
*
* @brief Get rating for a single identity
*
*
* @param[in] session session handle
* @param[in] ident identity to get the rating for
* @param[out] rating rating for the identity
*
*
* @retval error status or PEP_STATUS_OK on success
*
*
* @warning the ownership of ident remains with the caller
*
*
*/
DYNAMIC_API PEP_STATUS identity_rating(
PEP_SESSION session,
@ -483,25 +483,25 @@ DYNAMIC_API PEP_STATUS identity_rating(
/**
* <!-- get_binary_path() -->
*
*
* @brief Retrieve path of cryptotech binary if available
*
*
* @param[in] tech cryptotech to get the binary for
* @param[out] path path to cryptotech binary or NULL if not available
* **path is owned by the library, do not change it!
*
*
*
*
*/
DYNAMIC_API PEP_STATUS get_binary_path(PEP_cryptotech tech, const char **path);
/**
* <!-- get_trustwords() -->
*
*
* @brief Get full trustwords string for a *pair* of identities
*
*
* @param[in] session session handle
* @param[in] id1 identity of first party in communication - fpr can't be NULL
* @param[in] id1 identity of first party in communication - fpr can't be NULL
* @param[in] id2 identity of second party in communication - fpr can't be NULL
* @param[in] lang C string with ISO 639-1 language code
* @param[out] words pointer to C string with all trustwords UTF-8 encoded,
@ -512,14 +512,14 @@ DYNAMIC_API PEP_STATUS get_binary_path(PEP_cryptotech tech, const char **path);
* @param[in] full if true, generate ALL trustwords for these identities.
* else, generate a fixed-size subset. (TODO: fixed-minimum-entropy
* subset in next version)
*
*
* @retval PEP_STATUS_OK trustwords retrieved
* @retval PEP_OUT_OF_MEMORY out of memory
* @retval PEP_TRUSTWORD_NOT_FOUND at least one trustword not found
*
*
* @warning the word pointer goes to the ownership of the caller
* the caller is responsible to free() it (on Windoze use pEp_free())
*
*
*/
DYNAMIC_API PEP_STATUS get_trustwords(
PEP_SESSION session, const pEp_identity* id1, const pEp_identity* id2,
@ -529,9 +529,9 @@ DYNAMIC_API PEP_STATUS get_trustwords(
/**
* <!-- get_message_trustwords() -->
*
* @brief Get full trustwords string for message sender and reciever identities
*
*
* @brief Get full trustwords string for message sender and reciever identities
*
* @param[in] session session handle
* @param[in] msg message to get sender identity from
* @param[in] keylist NULL if message to be decrypted,
@ -545,15 +545,15 @@ DYNAMIC_API PEP_STATUS get_trustwords(
* @param[in] full if true, generate ALL trustwords for these identities.
* else, generate a fixed-size subset. (TODO: fixed-minimum-entropy
* subset in next version)
*
*
* @retval PEP_STATUS_OK trustwords retrieved
* @retval PEP_OUT_OF_MEMORY out of memory
* @retval PEP_TRUSTWORD_NOT_FOUND at least one trustword not found
* @retval error status of decrypt_message() if decryption fails.
*
*
* @warning the word pointer goes to the ownership of the caller
* the caller is responsible to free() it (on Windoze use pEp_free())
*
*
*/
DYNAMIC_API PEP_STATUS get_message_trustwords(
PEP_SESSION session,
@ -565,9 +565,9 @@ DYNAMIC_API PEP_STATUS get_message_trustwords(
/**
* <!-- get_trustwords_for_fprs() -->
*
*
* @brief Get full trustwords string for a pair of fingerprints
*
*
* @param[in] session session handle
* @param[in] fpr1 fingerprint 1
* @param[in] fpr2 fingerprint 2
@ -580,14 +580,14 @@ DYNAMIC_API PEP_STATUS get_message_trustwords(
* @param[in] full if true, generate ALL trustwords for these identities.
* else, generate a fixed-size subset. (TODO: fixed-minimum-entropy
* subset in next version)
*
*
* @retval PEP_STATUS_OK trustwords retrieved
* @retval PEP_OUT_OF_MEMORY out of memory
* @retval PEP_TRUSTWORD_NOT_FOUND at least one trustword not found
*
*
* @warning the word pointer goes to the ownership of the caller
* the caller is responsible to free() it (on Windoze use pEp_free())
*
*
*/
DYNAMIC_API PEP_STATUS get_trustwords_for_fprs(
PEP_SESSION session, const char* fpr1, const char* fpr2,
@ -596,26 +596,26 @@ DYNAMIC_API PEP_STATUS get_trustwords_for_fprs(
/**
* <!-- re_evaluate_message_rating() -->
*
*
* @brief Re-evaluate already decrypted message rating
*
*
* @param[in] session session handle
* @param[in] msg message to get the rating for
* @param[in] x_keylist decrypted message recipients keys fpr
* @param[in] x_enc_status original rating for the decrypted message
* @param[out] rating rating for the message
*
* @retval PEP_ILLEGAL_VALUE if decrypted message doesn't contain
* X-EncStatus optional field and x_enc_status is
*
* @retval PEP_ILLEGAL_VALUE if decrypted message doesn't contain
* X-EncStatus optional field and x_enc_status is
* pEp_rating_udefined
* or if decrypted message doesn't contain
* or if decrypted message doesn't contain
* X-Keylist optional field and x_keylist is NULL
* @retval PEP_OUT_OF_MEMORY if not enough memory could be allocated
*
*
* @warning msg->from must point to a valid pEp_identity
* the ownership of msg remains with the caller
* the ownership of x_keylist remains with to the caller
*
*
*/
DYNAMIC_API PEP_STATUS re_evaluate_message_rating(
@ -628,18 +628,18 @@ DYNAMIC_API PEP_STATUS re_evaluate_message_rating(
/**
* <!-- get_key_rating_for_user() -->
*
*
* @brief Get the rating of a certain key for a certain user
*
*
* @param[in] session session handle
* @param[in] user_id string with user ID
* @param[in] fpr string with fingerprint
* @param[out] rating rating of key for this user
*
* @retval PEP_RECORD_NOT_FOUND if no trust record for user_id
*
* @retval PEP_RECORD_NOT_FOUND if no trust record for user_id
* and fpr can be found
*
*
*
*
*/
DYNAMIC_API PEP_STATUS get_key_rating_for_user(
@ -651,37 +651,37 @@ DYNAMIC_API PEP_STATUS get_key_rating_for_user(
/**
* <!-- rating_from_comm_type() -->
*
*
* @brief Get the rating for a comm type
*
*
* @param[in] ct the comm type to deliver the rating for
*
*
* @retval PEP_rating rating value for comm type ct
*
*
*
*
*/
DYNAMIC_API PEP_rating rating_from_comm_type(PEP_comm_type ct);
/**
* @internal
*
*
* <!-- try_encrypt_message() -->
*
* @brief This is the internal version of encrypt_message()
*
* @brief This is the internal version of encrypt_message()
* to be used by asynchronous network protocol
* implementations. This function is calls messageToSend(NULL)
* implementations. This function is calls messageToSend(NULL)
* in case there is a missing or wrong passphrase.
*
*
* @param[in] session PEP_SESSION
* @param[in] *src message
* @param[in] *extra stringlist_t
* @param[in] **dst message
* @param[in] enc_format PEP_enc_format
* @param[in] flags PEP_encrypt_flags_t
*
*
* @warning Do NOT use this function in adapters.
*
*
* @todo KB: line up with the try_base_blahblah docs
*/
PEP_STATUS try_encrypt_message(
@ -695,16 +695,16 @@ PEP_STATUS try_encrypt_message(
/**
* <!-- probe_encrypt() -->
*
*
* @brief Test if passphrase for a key is working in current session
*
*
* @param[in] session session handle
* @param[in] fpr fingerprint of key to test
*
*
* @retval PEP_STATUS_OK in case passphrase works
* @retval error if not
*
*
*
*
*/
DYNAMIC_API PEP_STATUS probe_encrypt(PEP_SESSION session, const char *fpr);

844
src/pEpEngine.c
View File

File diff suppressed because it is too large Load Diff

6
src/pEpEngine.h
Unescape View File

@ -24,11 +24,11 @@ extern "C" {
// RELEASE version this targets
// (string: major.minor.patch)
#define PEP_ENGINE_VERSION "2.1.0"
#define PEP_ENGINE_VERSION "2.2.0"
#define PEP_ENGINE_VERSION_MAJOR 2
#define PEP_ENGINE_VERSION_MINOR 1
#define PEP_ENGINE_VERSION_MINOR 2
#define PEP_ENGINE_VERSION_PATCH 0
#define PEP_ENGINE_VERSION_RC 35
#define PEP_ENGINE_VERSION_RC 4
#define PEP_OWN_USERID "pEp_own_userId"

4
src/pEp_internal.h
Unescape View File

@ -4,9 +4,9 @@
* @license GNU General Public License 3.0 - see LICENSE.txt
*/
// maximum attachment size to import as key 1MB, maximum of 20 attachments
// maximum attachment size to import as key 25MB, maximum of 20 attachments
#define MAX_KEY_SIZE (1024 * 1024)
#define MAX_KEY_SIZE (25 * 1024 * 1024)
#define MAX_KEYS_TO_IMPORT 20
#define KEY_EXPIRE_DELTA (60 * 60 * 24 * 365)

816
src/pgp_sequoia.c
View File

File diff suppressed because it is too large Load Diff

2
src/stringpair.c
Unescape View File

@ -81,6 +81,8 @@ DYNAMIC_API stringpair_list_t *stringpair_list_dup(
return NULL;
stringpair_t* copy_pair = stringpair_dup(src->value);
if (!copy_pair)
return NULL;
stringpair_list_t *dst = new_stringpair_list(copy_pair);
if (dst == NULL)

2
test/gen_test_skel.py
Unescape View File

@ -65,7 +65,7 @@ newfile.write("\n" + tb(4) + "// Get a new test Engine.\n")
newfile.write(tb(4) + "engine = new Engine(test_path);\n");
newfile.write(tb(4) + "ASSERT_NE(engine, nullptr);\n")
newfile.write("\n" + tb(4) + "// Ok, let's initialize test directories etc.\n")
newfile.write(tb(4) + "engine->prep(NULL, NULL, init_files);\n")
newfile.write(tb(4) + "engine->prep(NULL, NULL, NULL, init_files);\n")
newfile.write("\n" + tb(4) + "// Ok, try to start this bugger.\n")
newfile.write(tb(4) + "engine->start();\n")
newfile.write(tb(4) + "ASSERT_NE(engine->session, nullptr);\n")

111
test/src/BareDecryptShellTest.cc
Unescape View File

@ -0,0 +1,111 @@
#include <stdlib.h>
#include <string>