"Fossies" - the Fresh Open Source Software Archive

Member "gnupg-2.2.17/g10/tofu.h" (28 Aug 2017, 6047 Bytes) of package /linux/misc/gnupg-2.2.17.tar.bz2:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "tofu.h" see the Fossies "Dox" file reference documentation.

    1 /* tofu.h - TOFU trust model.
    2  * Copyright (C) 2015 g10 Code GmbH
    3  *
    4  * This file is part of GnuPG.
    5  *
    6  * GnuPG is free software; you can redistribute it and/or modify
    7  * it under the terms of the GNU General Public License as published by
    8  * the Free Software Foundation; either version 3 of the License, or
    9  * (at your option) any later version.
   10  *
   11  * GnuPG is distributed in the hope that it will be useful,
   12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14  * GNU General Public License for more details.
   15  *
   16  * You should have received a copy of the GNU General Public License
   17  * along with this program; if not, see <https://www.gnu.org/licenses/>.
   18  */
   19 
   20 #ifndef G10_TOFU_H
   21 #define G10_TOFU_H
   22 
   23 #include <config.h>
   24 
   25 /* For each binding, we have a trust policy.  */
   26 enum tofu_policy
   27   {
   28     /* This value can be returned by tofu_get_policy to indicate that
   29        there is no policy set for the specified binding.  */
   30     TOFU_POLICY_NONE = 0,
   31 
   32     /* We made a default policy decision.  This is only done if there
   33        is no conflict with another binding (that is, the email address
   34        is not part of another known key).  The default policy is
   35        configurable (and specified using: --tofu-default-policy).
   36 
   37        Note: when using the default policy, we save TOFU_POLICY_AUTO
   38        with the binding, not the policy that was in effect.  This way,
   39        if the user invokes gpg again, but with a different value for
   40        --tofu-default-policy, a different decision is made.  */
   41     TOFU_POLICY_AUTO = 1,
   42 
   43     /* The user explicitly marked the binding as good.  In this case,
   44        we return TRUST_FULLY.  */
   45     TOFU_POLICY_GOOD = 2,
   46 
   47     /* The user explicitly marked the binding as unknown.  In this
   48        case, we return TRUST_UNKNOWN.  */
   49     TOFU_POLICY_UNKNOWN = 3,
   50 
   51     /* The user explicitly marked the binding as bad.  In this case,
   52        we always return TRUST_NEVER.  */
   53     TOFU_POLICY_BAD = 4,
   54 
   55     /* The user deferred a definitive policy decision about the
   56        binding (by selecting accept once or reject once).  The next
   57        time we see this binding, we should ask the user what to
   58        do.  */
   59     TOFU_POLICY_ASK = 5,
   60 
   61 
   62     /* Private value used only within tofu.c.  */
   63     _tofu_GET_POLICY_ERROR = 100
   64   };
   65 
   66 
   67 /* Return a string representation of a trust policy.  Returns "???" if
   68    POLICY is not valid.  */
   69 const char *tofu_policy_str (enum tofu_policy policy);
   70 
   71 /* Convert a binding policy (e.g., TOFU_POLICY_BAD) to a trust level
   72    (e.g., TRUST_BAD) in light of the current configuration.  */
   73 int tofu_policy_to_trust_level (enum tofu_policy policy);
   74 
   75 /* Register the bindings <PK, USER_ID>, for each USER_ID in
   76    USER_ID_LIST, and the signature described by SIGS_DIGEST and
   77    SIG_TIME, which it generated.  Origin describes where the signed
   78    data came from, e.g., "email:claws" (default: "unknown").  Note:
   79    this function does not interact with the user, If there is a
   80    conflict, or if the binding's policy is ask, the actual interaction
   81    is deferred until tofu_get_validity is called.  Set the string
   82    list FLAG to indicate that a specified user id is expired.  This
   83    function returns 0 on success and an error code on failure.  */
   84 gpg_error_t tofu_register_signature (ctrl_t ctrl, PKT_public_key *pk,
   85                                      strlist_t user_id_list,
   86                                      const byte *sigs_digest,
   87                                      int sigs_digest_len,
   88                                      time_t sig_time, const char *origin);
   89 
   90 /* Note that an encrypted mail was sent to <PK, USER_ID>, for each
   91    USER_ID in USER_ID_LIST.  (If USER_ID_LIST is NULL, then all
   92    non-revoked user ids associated with PK are used.)  If MAY_ASK is
   93    set, then may interact with the user to resolve a TOFU
   94    conflict.  */
   95 gpg_error_t tofu_register_encryption (ctrl_t ctrl,
   96                                       PKT_public_key *pk,
   97                                       strlist_t user_id_list,
   98                                       int may_ask);
   99 
  100 /* Combine a trust level returned from the TOFU trust model with a
  101    trust level returned by the PGP trust model.  This is primarily of
  102    interest when the trust model is tofu+pgp (TM_TOFU_PGP).  */
  103 int tofu_wot_trust_combine (int tofu, int wot);
  104 
  105 /* Write a "tfs" record for a --with-colons listing.  */
  106 gpg_error_t tofu_write_tfs_record (ctrl_t ctrl, estream_t fp,
  107                                    PKT_public_key *pk, const char *user_id);
  108 
  109 /* Determine the validity (TRUST_NEVER, etc.) of the binding <PK,
  110    USER_ID>.  If MAY_ASK is 1, then this function may interact with
  111    the user.  If not, TRUST_UNKNOWN is returned if an interaction is
  112    required.  Set the string list FLAGS to indicate that a specified
  113    user id is expired.  If an error occurs, TRUST_UNDEFINED is
  114    returned.  */
  115 int tofu_get_validity (ctrl_t ctrl,
  116                        PKT_public_key *pk, strlist_t user_id_list,
  117                        int may_ask);
  118 
  119 /* Set the policy for all non-revoked user ids in the keyblock KB to
  120    POLICY.  */
  121 gpg_error_t tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy);
  122 
  123 /* Return the TOFU policy for the specified binding in *POLICY.  */
  124 gpg_error_t tofu_get_policy (ctrl_t ctrl,
  125                              PKT_public_key *pk, PKT_user_id *user_id,
  126                  enum tofu_policy *policy);
  127 
  128 /* When doing a lot of DB activities (in particular, when listing
  129    keys), this causes the DB to enter batch mode, which can
  130    significantly speed up operations.  */
  131 void tofu_begin_batch_update (ctrl_t ctrl);
  132 void tofu_end_batch_update (ctrl_t ctrl);
  133 
  134 /* Release all of the resources associated with a DB meta-handle.  */
  135 void tofu_closedbs (ctrl_t ctrl);
  136 
  137 /* Whenever a key is modified (e.g., a user id is added or revoked, a
  138  * new signature, etc.), this function should be called to cause TOFU
  139  * to update its world view.  */
  140 gpg_error_t tofu_notice_key_changed (ctrl_t ctrl, kbnode_t kb);
  141 
  142 #endif /*G10_TOFU_H*/