core, store, tool: Use realm instead of domain.

  - Remove the domain parameter from core::Context.

  - Replace it with a realm to be passed in when opening a store.

  - For sq, merge store name and realm into the --store parameter.

  - Fixes #105.

16 files changed, 77 insertions, 99 deletions

diff --git a/ffi/examples/configure.c b/ffi/examples/configure.c
index 23e243ac..37401047 100644
--- a/ffi/examples/configure.c
+++ b/ffi/examples/configure.c
@@ -24,7 +24,7 @@ main (int argc, char **argv)
   sq_context_t ctx;
   sq_keyserver_t ks;
 
-  cfg = sq_context_configure ("org.sequoia-pgp.example");
+  cfg = sq_context_configure ();
   sq_config_network_policy (cfg, SQ_NETWORK_POLICY_OFFLINE);
   ctx = sq_config_build (cfg, &err);
   if (ctx == NULL)
diff --git a/ffi/examples/keyserver.c b/ffi/examples/keyserver.c
index 1e6ca135..3a0acae7 100644
--- a/ffi/examples/keyserver.c
+++ b/ffi/examples/keyserver.c
@@ -24,7 +24,7 @@ main (int argc, char **argv)
   sq_keyserver_t ks;
   pgp_tpk_t tpk;
 
-  ctx = sq_context_new ("org.sequoia-pgp.example", &err);
+  ctx = sq_context_new (&err);
   if (ctx == NULL)
     error (1, 0, "Initializing sequoia failed: %s",
            pgp_error_to_string (err));
diff --git a/ffi/include/sequoia/core.h b/ffi/include/sequoia/core.h
index d34f8985..c7f73f45 100644
--- a/ffi/include/sequoia/core.h
+++ b/ffi/include/sequoia/core.h
@@ -14,7 +14,7 @@
 /// # Example
 ///
 /// ```c
-/// struct sq_context *ctx sq_context_new("org.sequoia-pgp.example");
+/// struct sq_context *ctx sq_context_new();
 /// if (ctx == NULL) { ... }
 /// ```
 /*/
@@ -125,14 +125,10 @@ typedef enum sq_ipc_policy {
 /*/
 /// Creates a Context with reasonable defaults.
 ///
-/// `domain` should uniquely identify your application, it is strongly
-/// suggested to use a reversed fully qualified domain name that is
-/// associated with your application.  `domain` must not be `NULL`.
-///
 /// Returns `NULL` on errors.  If `errp` is not `NULL`, the error is
 /// stored there.
 /*/
-sq_context_t sq_context_new(const char *domain, pgp_error_t *errp);
+sq_context_t sq_context_new(pgp_error_t *errp);
 
 /*/
 /// Frees a context.
@@ -142,20 +138,11 @@ void sq_context_free(sq_context_t context);
 /*/
 /// Creates a Context that can be configured.
 ///
-/// `domain` should uniquely identify your application, it is strongly
-/// suggested to use a reversed fully qualified domain name that is
-/// associated with your application.  `domain` must not be `NULL`.
-///
 /// The configuration is seeded like in `sq_context_new`, but can be
 /// modified.  A configuration has to be finalized using
 /// `sq_config_build()` in order to turn it into a Context.
 /*/
-sq_config_t sq_context_configure(const char *domain);
-
-/*/
-/// Returns the domain of the context.
-/*/
-const char *sq_context_domain(const sq_context_t ctx);
+sq_config_t sq_context_configure(void);
 
 /*/
 /// Returns the directory containing shared state.
diff --git a/ffi/include/sequoia/store.h b/ffi/include/sequoia/store.h
index 343e52ab..47b581b1 100644
--- a/ffi/include/sequoia/store.h
+++ b/ffi/include/sequoia/store.h
@@ -4,6 +4,16 @@
 #include <sequoia/core.h>
 
 /*/
+/// Keys used for communications.
+/*/
+const char *SQ_REALM_CONTACTS = "org.sequoia-pgp.contacts";
+
+/*/
+/// Keys used for signing software updates.
+/*/
+const char *SQ_REALM_SOFTWARE_UPDATES = "org.sequoia-pgp.software-updates";
+
+/*/
 /// A public key store.
 /*/
 typedef struct sq_store *sq_store_t;
@@ -156,13 +166,13 @@ typedef struct sq_store_iter *sq_store_iter_t;
 /*/
 /// Returns the next store.
 ///
-/// Returns `NULL` on exhaustion.  If `domainp` is not `NULL`, the
-/// stores domain is stored there.  If `namep` is not `NULL`, the
+/// Returns `NULL` on exhaustion.  If `realmp` is not `NULL`, the
+/// stores realm is stored there.  If `namep` is not `NULL`, the
 /// stores name is stored there.  If `policyp` is not `NULL`, the
 /// stores network policy is stored there.
 /*/
 sq_store_t sq_store_iter_next (sq_store_iter_t iter,
-			       char **domainp,
+			       char **realmp,
 			       char **namep,
 			       uint8_t *policyp);
 
@@ -242,17 +252,17 @@ sq_key_iter_t sq_store_list_keys (sq_context_t ctx);
 /*/
 /// Opens a store.
 ///
-/// Opens a store with the given name.  If the store does not
-/// exist, it is created.  Stores are handles for objects
-/// maintained by a background service.  The background service
-/// associates state with this name.
+/// Opens a store with the given name in the given realm.  If the
+/// store does not exist, it is created.  Stores are handles for
+/// objects maintained by a background service.  The background
+/// service associates state with this name.
 ///
 /// The store updates TPKs in compliance with the network policy
 /// of the context that created the store in the first place.
 /// Opening the store with a different network policy is
 /// forbidden.
 /*/
-sq_store_t sq_store_open (sq_context_t ctx, const char *name);
+sq_store_t sq_store_open (sq_context_t ctx, const char *realm, const char *name);
 
 /*/
 /// Adds a key identified by fingerprint to the store.
diff --git a/ffi/lang/python/Makefile b/ffi/lang/python/Makefile
index f398c0c2..429a133e 100644
--- a/ffi/lang/python/Makefile
+++ b/ffi/lang/python/Makefile
@@ -50,7 +50,7 @@ ifneq "$(PYTHON)" "disable"
 	cp build/*/_sequoia.abi*.so . # XXX can we get setuptools to do that?
 	LDFLAGS=-L$(CARGO_TARGET_DIR)/debug LD_LIBRARY_PATH=$(CARGO_TARGET_DIR)/debug \
 		$(IPYTHON) -i -c \
-'from sequoia.prelude import *; ctx = Context("org.sequoia-pgp.tests.interactive")'
+'from sequoia.prelude import *; ctx = Context()'
 endif
 
 # Installation.
diff --git a/ffi/lang/python/examples/decrypt.py b/ffi/lang/python/examples/decrypt.py
index c65f151d..1f4109e1 100644
--- a/ffi/lang/python/examples/decrypt.py
+++ b/ffi/lang/python/examples/decrypt.py
@@ -5,8 +5,7 @@ from enum import Enum, auto
 from sequoia.core import Context, NetworkPolicy
 from sequoia.openpgp import Tag, PacketParser
 
-ctx = Context("org.sequoia-pgp.examples",
-              network_policy=NetworkPolicy.Offline,
+ctx = Context(network_policy=NetworkPolicy.Offline,
               ephemeral=True)
 
 class State(Enum):
diff --git a/ffi/lang/python/sequoia/core.py b/ffi/lang/python/sequoia/core.py
index a7e12808..b985247b 100644
--- a/ffi/lang/python/sequoia/core.py
+++ b/ffi/lang/python/sequoia/core.py
@@ -18,12 +18,12 @@ class IPCPolicy(Enum):
 
 class Context(SQObject):
     _del = lib.sq_context_free
-    def __init__(self, domain,
+    def __init__(self,
                  home=None,
                  network_policy=NetworkPolicy.Encrypted,
                  ipc_policy=IPCPolicy.Robust,
                  ephemeral=False):
-        cfg = lib.sq_context_configure(domain.encode())
+        cfg = lib.sq_context_configure()
         if home:
             lib.sq_config_home(cfg, home.encode())
         lib.sq_config_network_policy(cfg, network_policy.value)
diff --git a/ffi/lang/python/sequoia/glue.py b/ffi/lang/python/sequoia/glue.py
index ea40d20c..cca3a71d 100644
--- a/ffi/lang/python/sequoia/glue.py
+++ b/ffi/lang/python/sequoia/glue.py
@@ -109,6 +109,10 @@ def sq_str(s):
     return t
 _str = sq_str
 
+def sq_static_str(s):
+    return ffi.string(s).decode()
+_static_str = sq_static_str
+
 def sq_iterator(iterator, next_fn, map=lambda x: x):
     while True:
         entry = next_fn(iterator)
diff --git a/ffi/lang/python/sequoia/store.py b/ffi/lang/python/sequoia/store.py
index 4a7a41a9..c9ce84e8 100644
--- a/ffi/lang/python/sequoia/store.py
+++ b/ffi/lang/python/sequoia/store.py
@@ -1,12 +1,18 @@
 from _sequoia import ffi, lib
 
 from .error import Error
-from .glue import _str, SQObject, sq_iterator, sq_time
+from .glue import _str, _static_str, SQObject, sq_iterator, sq_time
 from .openpgp import Fingerprint, TPK
 
 class Store(SQObject):
     _del = lib.sq_store_free
 
+    # Keys used for communications.
+    REALM_CONTACTS = _static_str(lib.SQ_REALM_CONTACTS)
+
+    # Keys used for signing software updates.
+    REALM_SOFTWARE_UPDATES = _static_str(lib.SQ_REALM_SOFTWARE_UPDATES)
+
     @classmethod
     def server_log(cls, ctx):
         yield from sq_iterator(
@@ -34,8 +40,8 @@ class Store(SQObject):
             next_fn)
 
     @classmethod
-    def open(cls, ctx, name):
-        return Store(lib.sq_store_open(ctx.ref(), name.encode()), context=ctx)
+    def open(cls, ctx, realm=REALM_CONTACTS, name="default"):
+        return Store(lib.sq_store_open(ctx.ref(), realm.encode(), name.encode()), context=ctx)
 
 
     def add(self, label, fingerprint):
diff --git a/ffi/lang/python/tests/test_armor.py b/ffi/lang/python/tests/test_armor.py
index e439f612..93486703 100644
--- a/ffi/lang/python/tests/test_armor.py
+++ b/ffi/lang/python/tests/test_armor.py
@@ -7,8 +7,7 @@ from sequoia.openpgp import ArmorReader, ArmorWriter, Kind
 
 TEST_VECTORS = [0, 1, 2, 3, 47, 48, 49, 50, 51]
 
-ctx = Context("org.sequoia-pgp.tests",
-              network_policy=NetworkPolicy.Offline,
+ctx = Context(network_policy=NetworkPolicy.Offline,
               ephemeral=True)
 
 def fn_bin(t):
diff --git a/ffi/lang/python/tests/test_packet_parser.py b/ffi/lang/python/tests/test_packet_parser.py
index de126bc3..e50a58f5 100644
--- a/ffi/lang/python/tests/test_packet_parser.py
+++ b/ffi/lang/python/tests/test_packet_parser.py
@@ -6,8 +6,7 @@ pgp = "../../../openpgp/tests/data/messages/encrypted-aes128-password-123456789.
 plain = "../../../openpgp/tests/data/messages/a-cypherpunks-manifesto.txt"
 
 def test_decryption():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
 
     class State(Enum):
diff --git a/ffi/lang/python/tests/test_store.py b/ffi/lang/python/tests/test_store.py
index 0c86a689..454afb7d 100644
--- a/ffi/lang/python/tests/test_store.py
+++ b/ffi/lang/python/tests/test_store.py
@@ -1,18 +1,18 @@
 from sequoia.prelude import Context, Store, Fingerprint
 
 def test_open():
-    c = Context("org.sequoia-pgp.tests", ephemeral=True)
-    Store.open(c, "default")
+    c = Context(ephemeral=True)
+    Store.open(c)
 
 def test_add():
-    c = Context("org.sequoia-pgp.tests", ephemeral=True)
-    s = Store.open(c, "default")
+    c = Context(ephemeral=True)
+    s = Store.open(c)
     fp = Fingerprint.from_hex("7DCA58B54EB143169DDEE15F247F6DABC84914FE")
     s.add("Ἀριστοτέλης", fp)
 
 def test_iterate():
-    c = Context("org.sequoia-pgp.tests", ephemeral=True)
-    s = Store.open(c, "default")
+    c = Context(ephemeral=True)
+    s = Store.open(c)
     fp = Fingerprint.from_hex("7DCA58B54EB143169DDEE15F247F6DABC84914FE")
     s.add("Ἀριστοτέλης", fp)
     l = list(s.iter())
@@ -23,8 +23,8 @@ def test_iterate():
     assert fpi == fp
 
 def test_logs():
-    c = Context("org.sequoia-pgp.tests", ephemeral=True)
-    s = Store.open(c, "default")
+    c = Context(ephemeral=True)
+    s = Store.open(c)
     fp = Fingerprint.from_hex("7DCA58B54EB143169DDEE15F247F6DABC84914FE")
     b = s.add("Ἀριστοτέλης", fp)
     l = list(s.iter())
diff --git a/ffi/lang/python/tests/test_tpk.py b/ffi/lang/python/tests/test_tpk.py
index c630798f..5e06bd93 100644
--- a/ffi/lang/python/tests/test_tpk.py
+++ b/ffi/lang/python/tests/test_tpk.py
@@ -9,16 +9,14 @@ asc = "../../../openpgp/tests/data/keys/testy.asc"
 fp = Fingerprint.from_hex("3E8877C877274692975189F5D03F6F865226FE8B")
 
 def test_from_reader():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     r = Reader.open(ctx, pgp)
     t = TPK.from_reader(ctx, r)
     assert t.fingerprint() == fp
 
 def test_from_armor_reader():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     k = open(asc, "rb").read()
     r = Reader.from_bytes(ctx, k)
@@ -27,30 +25,26 @@ def test_from_armor_reader():
     assert t.fingerprint() == fp
 
 def test_from_file():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     t = TPK.open(ctx, pgp)
     assert t.fingerprint() == fp
 
 def test_from_packet_pile():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     r = PacketPile.open(ctx, pgp)
     t = TPK.from_packet_pile(ctx, r)
     assert t.fingerprint() == fp
 
 def test_from_bytes():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     t = TPK.from_bytes(ctx, open(pgp, "rb").read())
     assert t.fingerprint() == fp
 
 def test_from_serialize():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     with TemporaryDirectory() as tmp:
         sink = join(tmp, "a")
@@ -63,8 +57,7 @@ def test_from_serialize():
         assert t.fingerprint() == fp
 
 def test_equals():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     b = open(pgp, "rb").read()
     t = TPK.from_bytes(ctx, b)
@@ -72,8 +65,7 @@ def test_equals():
     assert t == u
 
 def test_clone():
-    ctx = Context("org.sequoia-pgp.tests",
-                  network_policy=NetworkPolicy.Offline,
+    ctx = Context(network_policy=NetworkPolicy.Offline,
                   ephemeral=True)
     a = TPK.open(ctx, pgp)
     b = a.copy()
diff --git a/ffi/src/core.rs b/ffi/src/core.rs
index 5b139fb4..830391d6 100644
--- a/ffi/src/core.rs
+++ b/ffi/src/core.rs
@@ -13,7 +13,7 @@
 //! #include <sequoia.h>
 //!
 //! sq_context_t ctx;
-//! ctx = sq_context_new ("org.sequoia-pgp.example", NULL);
+//! ctx = sq_context_new (NULL);
 //!
 //! /* Use Sequoia.  */
 //!
@@ -29,7 +29,7 @@
 //! sq_config_t cfg;
 //! sq_context_t ctx;
 //!
-//! cfg = sq_context_configure ("org.sequoia-pgp.example");
+//! cfg = sq_context_configure ();
 //! sq_config_network_policy (cfg, SQ_NETWORK_POLICY_OFFLINE);
 //! ctx = sq_config_build (cfg, NULL);
 //!
@@ -72,20 +72,13 @@ fn sq_context_last_error(ctx: *mut Context) -> *mut ::error::Error {
 
 /// Creates a Context with reasonable defaults.
 ///
-/// `domain` should uniquely identify your application, it is strongly
-/// suggested to use a reversed fully qualified domain name that is
-/// associated with your application.  `domain` must not be `NULL`.
-///
 /// Returns `NULL` on errors.  If `errp` is not `NULL`, the error is
 /// stored there.
 #[::ffi_catch_abort] #[no_mangle] pub extern "C"
-fn sq_context_new(domain: *const c_char,
-                  errp: Option<&mut *mut ::error::Error>)
+fn sq_context_new(errp: Option<&mut *mut ::error::Error>)
                   -> *mut Context {
     ffi_make_fry_from_errp!(errp);
-    let domain = ffi_param_cstr!(domain).to_string_lossy();
-
-    ffi_try_box!(core::Context::new(&domain).map(|ctx| Context::new(ctx)))
+    ffi_try_box!(core::Context::new().map(|ctx| Context::new(ctx)))
 }
 
 /// Frees a context.
@@ -96,25 +89,12 @@ fn sq_context_free(context: Option<&mut Context>) {
 
 /// Creates a Context that can be configured.
 ///
-/// `domain` should uniquely identify your application, it is strongly
-/// suggested to use a reversed fully qualified domain name that is
-/// associated with your application.  `domain` must not be `NULL`.
-///
 /// The configuration is seeded like in `sq_context_new`, but can be
 /// modified.  A configuration has to be finalized using
 /// `sq_config_build()` in order to turn it into a Context.
 #[::ffi_catch_abort] #[no_mangle] pub extern "C"
-fn sq_context_configure(domain: *const c_char) -> *mut Config {
-    let domain = ffi_param_cstr!(domain).to_string_lossy();
-
-    Box::into_raw(Box::new(core::Context::configure(&domain)))
-}
-
-/// Returns the domain of the context.
-#[::ffi_catch_abort] #[no_mangle] pub extern "C"
-fn sq_context_domain(ctx: *const Context) -> *const c_char {
-    let ctx = ffi_param_ref!(ctx);
-    ctx.c.domain().as_bytes().as_ptr() as *const c_char
+fn sq_context_configure() -> *mut Config {
+    Box::into_raw(Box::new(core::Context::configure()))
 }
 
 /// Returns the directory containing shared state.
diff --git a/ffi/src/net.rs b/ffi/src/net.rs
index 06942739..93ea61cc 100644
--- a/ffi/src/net.rs
+++ b/ffi/src/net.rs
@@ -21,7 +21,7 @@
 //! sq_keyserver_t ks;
 //! pgp_tpk_t tpk;
 //!
-//! ctx = sq_context_new ("org.sequoia-pgp.example", NULL);
+//! ctx = sq_context_new (NULL);
 //! ks = sq_keyserver_sks_pool (ctx);
 //! id = pgp_keyid_from_bytes ((uint8_t *) "\x24\x7F\x6D\xAB\xC8\x49\x14\xFE");
 //! tpk = sq_keyserver_get (ctx, ks, id);
diff --git a/ffi/src/store.rs b/ffi/src/store.rs
index 2a2c18cf..3aef93a7 100644
--- a/ffi/src/store.rs
+++ b/ffi/src/store.rs
@@ -46,32 +46,32 @@ use Maybe;
 /// Lists all stores with the given prefix.
 #[::ffi_catch_abort] #[no_mangle] pub extern "C"
 fn sq_store_list_stores(ctx: *mut Context,
-                        domain_prefix: *const c_char)
+                        realm_prefix: *const c_char)
                         -> *mut StoreIter {
     let ctx = ffi_param_ref_mut!(ctx);
     ffi_make_fry_from_ctx!(ctx);
-    let domain_prefix = ffi_param_cstr!(domain_prefix).to_string_lossy();
+    let realm_prefix = ffi_param_cstr!(realm_prefix).to_string_lossy();
 
-    ffi_try_box!(Store::list(&ctx.c, &domain_prefix))
+    ffi_try_box!(Store::list(&ctx.c, &realm_prefix))
 }
 
 /// Returns the next store.
 ///
-/// Returns `NULL` on exhaustion.  If `domainp` is not `NULL`, the
-/// stores domain is stored there.  If `namep` is not `NULL`, the
+/// Returns `NULL` on exhaustion.  If `realmp` is not `NULL`, the
+/// stores realm is stored there.  If `namep` is not `NULL`, the
 /// stores name is stored there.  If `policyp` is not `NULL`, the
 /// stores network policy is stored there.
 #[::ffi_catch_abort] #[no_mangle] pub extern "C"
 fn sq_store_iter_next(iter: *mut StoreIter,
-                      domainp: Option<&mut *mut c_char>,
+                      realmp: Option<&mut *mut c_char>,
                       namep: Option<&mut *mut c_char>,
                       policyp: Option<&mut uint8_t>)
                       -> *mut Store {
     let iter = ffi_param_ref_mut!(iter);
     match iter.next() {
-        Some((domain, name, policy, store)) => {
-            if domainp.is_some() {
-                *domainp.unwrap() = ffi_return_maybe_string!(domain);
+        Some((realm, name, policy, store)) => {
+            if realmp.is_some() {
+                *realmp.unwrap() = ffi_return_maybe_string!(realm);
             }
 
             if namep.is_some() {
@@ -191,13 +191,15 @@ fn sq_log_iter_free(iter: Option<&mut LogIter>) {
 /// forbidden.
 #[::ffi_catch_abort] #[no_mangle] pub extern "C"
 fn sq_store_open(ctx: *mut Context,
+                 realm: *const c_char,
                  name: *const c_char)
                  -> *mut Store {
     let ctx = ffi_param_ref_mut!(ctx);
     ffi_make_fry_from_ctx!(ctx);
+    let realm = ffi_param_cstr!(realm).to_string_lossy();
     let name = ffi_param_cstr!(name).to_string_lossy();
 
-    ffi_try_box!(Store::open(&ctx.c, &name))
+    ffi_try_box!(Store::open(&ctx.c, &realm, &name))
 }
 
 /// Frees a sq_store_t.