Browse Source

key_compromized() added

doc_update_sequoia
Volker Birk 7 years ago
parent
commit
b18b0ee923
5 changed files with 60 additions and 6 deletions
  1. +10
    -4
      src/keymanagement.c
  2. +5
    -2
      src/keymanagement.h
  3. +32
    -0
      src/pEpEngine.c
  4. +12
    -0
      src/pEpEngine.h
  5. +1
    -0
      src/pEp_internal.h

+ 10
- 4
src/keymanagement.c View File

@ -317,17 +317,23 @@ DYNAMIC_API PEP_STATUS do_keymanagement(
return PEP_STATUS_OK;
}
DYNAMIC_API PEP_STATUS key_compromized(PEP_SESSION session, const char *fpr)
DYNAMIC_API PEP_STATUS key_compromized(
PEP_SESSION session,
pEp_identity *ident
)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session);
assert(fpr);
assert(ident);
assert(!EMPTY(ident->fpr));
if (!(session && fpr))
if (!(session && ident && ident->fpr))
return PEP_ILLEGAL_VALUE;
status = revoke_key(session, fpr, NULL);
if (ident->me)
revoke_key(session, ident->fpr, NULL);
status = mark_as_compromized(session, ident->fpr);
return status;
}


+ 5
- 2
src/keymanagement.h View File

@ -117,9 +117,12 @@ DYNAMIC_API PEP_STATUS do_keymanagement(
//
// parameters:
// session (in) session to use
// fpr (in) key which was compromized
// ident (in) person and key which was compromized
DYNAMIC_API PEP_STATUS key_compromized(PEP_SESSION session, const char *fpr);
DYNAMIC_API PEP_STATUS key_compromized(
PEP_SESSION session,
pEp_identity *ident
);
// trust_personal_key() - mark a key as trusted with a person


+ 32
- 0
src/pEpEngine.c View File

@ -18,6 +18,7 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
static const char *sql_set_trust;
static const char *sql_get_trust;
static const char *sql_least_trust;
static const char *sql_mark_as_compromized;
bool in_first = false;
assert(sqlite3_threadsafe());
@ -196,6 +197,8 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
"and pgp_keypair_fpr = ?2 ;";
sql_least_trust = "select min(comm_type) from trust where pgp_keypair_fpr = ?1 ;";
sql_mark_as_compromized = "update trust set comm_type = 15 where pgp_keypair_fpr = ?1 ;";
}
int_result = sqlite3_prepare_v2(_session->db, sql_log, strlen(sql_log),
@ -234,6 +237,10 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
strlen(sql_least_trust), &_session->least_trust, NULL);
assert(int_result == SQLITE_OK);
int_result = sqlite3_prepare_v2(_session->db, sql_mark_as_compromized,
strlen(sql_mark_as_compromized), &_session->mark_compromized, NULL);
assert(int_result == SQLITE_OK);
status = init_cryptotech(_session, in_first);
if (status != PEP_STATUS_OK)
goto pep_error;
@ -695,6 +702,31 @@ DYNAMIC_API PEP_STATUS set_identity(
return PEP_COMMIT_FAILED;
}
DYNAMIC_API PEP_STATUS mark_as_compromized(
PEP_SESSION session,
const char *fpr
)
{
int result;
assert(session);
assert(fpr && fpr[0]);
if (!(session && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
sqlite3_reset(session->mark_compromized);
sqlite3_bind_text(session->mark_compromized, 1, fpr, -1,
SQLITE_STATIC);
result = sqlite3_step(session->mark_compromized);
sqlite3_reset(session->mark_compromized);
if (result != SQLITE_DONE)
return PEP_CANNOT_SET_IDENTITY;
return PEP_STATUS_OK;
}
void pEp_free(void *p)
{
free(p);


+ 12
- 0
src/pEpEngine.h View File

@ -445,6 +445,18 @@ DYNAMIC_API PEP_STATUS set_identity(
);
// mark_as_compromized() - mark key in trust db as compromized
//
// parameters:
// session (in) session handle
// fpr (in) fingerprint of key to mark
DYNAMIC_API PEP_STATUS mark_as_compromized(
PEP_SESSION session,
const char *fpr
);
// generate_keypair() - generate a new key pair and add it to the key ring
//
// parameters:


+ 1
- 0
src/pEp_internal.h View File

@ -86,6 +86,7 @@ typedef struct _pEpSession {
sqlite3_stmt *set_trust;
sqlite3_stmt *get_trust;
sqlite3_stmt *least_trust;
sqlite3_stmt *mark_compromized;
examine_identity_t examine_identity;
void *examine_management;


Loading…
Cancel
Save