1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
#ifndef SEQUOIA_NET_H
#define SEQUOIA_NET_H
#include <sequoia/core.h>
/*/
/// For accessing keyservers using HKP.
/*/
typedef struct sq_keyserver *sq_keyserver_t;
/*/
/// Network policy for Sequoia.
///
/// With this policy you can control how Sequoia accesses remote
/// systems.
/*/
typedef enum sq_network_policy {
/* Do not contact remote systems. */
SQ_NETWORK_POLICY_OFFLINE = 0,
/* Only contact remote systems using anonymization techniques like
* TOR. */
SQ_NETWORK_POLICY_ANONYMIZED = 1,
/* Only contact remote systems using transports offering
* encryption and authentication like TLS. */
SQ_NETWORK_POLICY_ENCRYPTED = 2,
/* Contact remote systems even with insecure transports. */
SQ_NETWORK_POLICY_INSECURE = 3,
/* Dummy value to make sure the enumeration has a defined size. Do
not use this value. */
SQ_NETWORK_POLICY_FORCE_WIDTH = INT_MAX,
} sq_network_policy_t;
/*/
/// Returns a handle for the given URI.
///
/// `uri` is a UTF-8 encoded value of a keyserver URI,
/// e.g. `hkps://examle.org`.
///
/// Returns `NULL` on errors.
/*/
sq_keyserver_t sq_keyserver_new (sq_context_t ctx,
sq_network_policy_t policy,
const char *uri);
/*/
/// Returns a handle for the given URI.
///
/// `uri` is a UTF-8 encoded value of a keyserver URI,
/// e.g. `hkps://examle.org`. `cert` is a DER encoded certificate of
/// size `len` used to authenticate the server.
///
/// Returns `NULL` on errors.
/*/
sq_keyserver_t sq_keyserver_with_cert (sq_context_t ctx,
sq_network_policy_t policy,
const char *uri,
const uint8_t *cert,
size_t len);
/*/
/// Returns a handle for keys.openpgp.org.
///
/// The server at `hkps://keys.openpgp.org` distributes updates for
/// OpenPGP certificates. It is a good default choice.
///
/// Returns `NULL` on errors.
/*/
sq_keyserver_t sq_keyserver_keys_openpgp_org (sq_context_t ctx,
sq_network_policy_t policy);
/*/
/// Frees a keyserver object.
/*/
void sq_keyserver_free (sq_keyserver_t ks);
/*/
/// Retrieves the key with the given `keyid`.
///
/// Returns `NULL` on errors.
/*/
pgp_cert_t sq_keyserver_get (sq_context_t ctx,
sq_keyserver_t ks,
const pgp_keyid_t id);
/*/
/// Sends the given key to the server.
///
/// Returns != 0 on errors.
/*/
pgp_status_t sq_keyserver_send (sq_context_t ctx,
sq_keyserver_t ks,
const pgp_cert_t cert);
#endif
|
