You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

171 lines
7.8 KiB

// This file is under GNU General Public License 3.0
// see LICENSE.txt
#pragma once
#include "pEpEngine.h"
#include "keymanagement.h"
#include "message.h"
#include "message_api.h"
#include "cryptotech.h"
#include "keyreset_command.h"
#ifdef __cplusplus
extern "C" {
#endif
// key_reset_identity() - reset the default database status for the identity / keypair
// provided. If this corresponds to an own identity and a private key,
// also revoke the key, generate a new one, and communicate the
// reset to recently contacted pEp partners for this identity.
//
// If it does not, remove the key from the keyring; the key's
// status is completely fresh on next contact from the partner.
//
// If no key is provided, reset the identity default.
//
// Note that reset keys will be removed as defaults for all users and identities.
//
// parameters:
// session (in) session handle
// fpr (in) fingerprint of key to reset. If NULL, we reset the default key
// this identity if there is one, and the user default if not.
// ident (in) identity for which the key reset should occur. Must contain
// user_id and address. Must not be NULL.
//
// Note: ident->fpr field will be ignored.
//
//
DYNAMIC_API PEP_STATUS key_reset_identity(
PEP_SESSION session,
pEp_identity* ident,
const char* fpr
);
// key_reset_user() - reset the default database status for the user / keypair
// provided. This will effectively perform key_reset_identity()
// each identity associated with the key and user_id, if a key is
// provided, and for each key (and all of their identities) if an fpr
// is not.
//
// If the user_id is the own user_id, an fpr MUST be provided.
// For a reset of all own user keys, call key_reset_all_own_keys() instead.
//
// Note that reset keys will be removed as defaults for all users and identities.
//
// parameters:
// session (in) session handle
// user_id (in) user_id for which the key reset should occur. If this
// is the own user_id, fpr MUST NOT be NULL.
// fpr (in) fingerprint of key to reset.
// If NULL, we reset all default
// keys for this user and all of its identities.
// *** However, it is forbidden to use the own user_id
// here when the fpr is NULL. For this functionality,
// call key_reset_all_own_keys ***
//
DYNAMIC_API PEP_STATUS key_reset_user(
PEP_SESSION session,
const char* user_id,
const char* fpr
);
// key_reset_all_own_keys() - revoke and mistrust all own keys, generate new keys for all
// own identities, and opportunistically communicate
// key reset information to people we have recently
// contacted.
//
// caveat: this will return PEP_CANNOT_FIND_IDENTITY if no own user yet exists.
// HOWEVER, apps and adapters must decide if this is a reasonable state;
// since the period where no own user exists will necessarily be very short
// in most implementations, PEP_CANNOT_FIND_IDENTITY may be returned when
// there is some sort of DB corruption and we expect there to be an own user.
// Apps are responsible for deciding whether or not this is an error condition;
// one would expect that it generally is (rather than the uninitialised DB case)
//
// parameters:
// session (in) session handle
//
DYNAMIC_API PEP_STATUS key_reset_all_own_keys(PEP_SESSION session);
// key_reset() - reset the database status for a key, removing all trust information
// and default database connections. For own keys, also revoke the key
// and communicate the revocation and new key to partners we have sent
// mail to recently from the specific identity (i.e. address/user_id)
// that contacted them. We also in this case set up information so that
// if someone we mail uses the wrong key and wasn't yet contacted,
// we can send them the reset information from the right address.
// For non-own keys, also remove key from the keyring.
//
// Can be called manually or through another protocol.
//
// parameters:
// session (in) session handle
// fpr (in) fingerprint of key to reset. If NULL and ident is NULL,
// we reset all keys for the own user. If NULL and ident is
// an own identity, we reset the default key for that
// identity. If that own identity has no default key, we
// reset the user default.
// if it is NULL and there is a non-own identity, we will reset
// the default key for this identity if present, and user if not.
// ident (in) identity for which the key reset should occur.
// if NULL and fpr is non-NULL, we'll reset the key for all
// associated identities. If both ident and fpr are NULL, see
// the fpr arg documentation.
//
// Note: ident->fpr is always ignored
//
// Caveat: this is now used in large part for internal calls.
// external apps should call key_reset_identity and key_reset_userdata
// and this function should probably be removed from the dynamic api
PEP_STATUS key_reset(
PEP_SESSION session,
const char* fpr,
pEp_identity* ident
);
/*
PEP_STATUS key_reset_own_and_deliver_revocations(PEP_SESSION session,
identity_list** own_identities,
stringlist_t** revocations,
stringlist_t** keys);
*/
PEP_STATUS has_key_reset_been_sent(
PEP_SESSION session,
const char* from_addr,
const char* user_id,
const char* revoked_fpr,
bool* contacted);
PEP_STATUS set_reset_contact_notified(
PEP_SESSION session,
const char* own_address,
const char* revoke_fpr,
const char* contact_id
);
PEP_STATUS receive_key_reset(PEP_SESSION session,
message* reset_msg);
PEP_STATUS create_standalone_key_reset_message(PEP_SESSION session,
message** dst,
pEp_identity* own_identity,
pEp_identity* recip,
const char* old_fpr,
const char* new_fpr);
PEP_STATUS send_key_reset_to_recents(PEP_SESSION session,
pEp_identity* from_ident,
const char* old_fpr,
const char* new_fpr);
PEP_STATUS key_reset_commands_to_PER(const keyreset_command_list *command_list, char **cmds, size_t *size);
PEP_STATUS PER_to_key_reset_commands(const char *cmds, size_t size, keyreset_command_list **command_list);
#ifdef __cplusplus
}
#endif