moved signature validation and encryption one level up into p3IdService. Added timestamp for GXS identities and auto-removal after 7 days. Updated display in IdDialog

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8015 b45a01b8-16f6-495d-af2f-9b41ad6348cc

libretroshare/src/gxs/gxssecurity.cc

@@ -338,7 +338,7 @@ bool GxsSecurity::validateNxsMsg(RsNxsMsg& msg, RsTlvKeySignature& sign, RsTlvSe
 	return false;
 }
 
-bool GxsSecurity::encrypt(uint8_t *& out, int & outlen, const uint8_t *in, int inlen, const RsTlvSecurityKey& key)
+bool GxsSecurity::encrypt(uint8_t *& out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key)
 {
 #ifdef DISTRIB_DEBUG
 	std::cerr << "GxsSecurity::encrypt() " << std::endl;
@@ -441,7 +441,7 @@ bool GxsSecurity::encrypt(uint8_t *& out, int & outlen, const uint8_t *in, int i
 }
 
 
-bool GxsSecurity::decrypt(uint8_t *& out, int & outlen, const uint8_t *in, int inlen, const RsTlvSecurityKey& key)
+bool GxsSecurity::decrypt(uint8_t *& out, uint32_t & outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key)
 {
 
 #ifdef DISTRIB_DEBUG
@@ -519,7 +519,7 @@ bool GxsSecurity::decrypt(uint8_t *& out, int & outlen, const uint8_t *in, int i
 		 return false;
 	 }
 
-    outlen += out_currOffset;
+    outlen = out_currOffset;
 
     if(!EVP_OpenFinal(&ctx, (unsigned char*)out + out_currOffset, &out_currOffset)) 
 	 {

libretroshare/src/gxs/gxssecurity.h

@@ -63,7 +63,7 @@ class GxsSecurity
 		 *@param in
 		 *@param inlen
 		 */
-		static bool encrypt(uint8_t *&out, int &outlen, const uint8_t *in, int inlen, const RsTlvSecurityKey& key) ;
+        static bool encrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key) ;
 
 		/**
 		 * Decrypts data using evelope decryption (taken from open ssl's evp_sealinit )
@@ -74,7 +74,7 @@ class GxsSecurity
 		 * @param inlen
 		 * @return false if encryption failed
 		 */
-		static bool decrypt(uint8_t *&out, int &outlen, const uint8_t *in, int inlen, const RsTlvSecurityKey& key) ;
+        static bool decrypt(uint8_t *&out, uint32_t &outlen, const uint8_t *in, uint32_t inlen, const RsTlvSecurityKey& key) ;
 
 		/*!
 		 * uses grp signature to check if group has been

libretroshare/src/gxs/rsgenexchange.cc

@@ -919,7 +919,9 @@ int RsGenExchange::validateGrp(RsNxsGrp* grp)
 				{
 
 					RsTlvKeySignature sign = metaData.signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_IDENTITY];
-					idValidate = GxsSecurity::validateNxsGrp(*grp, sign, authorKey);
+                    idValidate = GxsSecurity::validateNxsGrp(*grp, sign, authorKey);
+
+                    mGixs->timeStampKey(metaData.mAuthorId) ;
 				}
 				else
 				{
@@ -2887,7 +2889,8 @@ bool RsGenExchange::updateValid(RsGxsGrpMetaData& oldGrpMeta, RsNxsGrp& newGrp)
 	// also check this is the latest published group
 	bool latest = newGrp.metaData->mPublishTs > oldGrpMeta.mPublishTs;
 
-	return GxsSecurity::validateNxsGrp(newGrp, adminSign, keyMit->second) && latest;
+    mGixs->timeStampKey(newGrp.metaData->mAuthorId) ;
+    return GxsSecurity::validateNxsGrp(newGrp, adminSign, keyMit->second) && latest;
 }
 
 void RsGenExchange::setGroupReputationCutOff(uint32_t& token, const RsGxsGroupId& grpId, int CutOff)

libretroshare/src/gxs/rsgixs.h

@@ -99,30 +99,39 @@
 typedef RsPeerId  PeerId; // SHOULD BE REMOVED => RsPeerId (SSLID)
 typedef PGPIdType RsPgpId;
 
-//
-//// External Interface - 
-//class RsIdentityService
-//{
-//    enum IdentityType { Pseudonym, Signed, Anonymous };
-//
-//    virtual bool loadId(const GxsId &id) = 0;	
-//
-//    virtual bool getNickname(const GxsId &id, std::string &nickname) = 0;	
-//
-//    virtual bool createKey(RsGixsProfile& profile, uint32_t type) = 0; /* fills in mKeyId, and signature */
-//
-//    virtual RsGixsProfile* getProfile(const KeyRef& keyref) = 0;
-//
-//	// modify reputation.
-//
-//};
-
-
 /* Identity Interface for GXS Message Verification.
  */
 class RsGixs
 {
 public:
+
+    static const uint32_t RS_GIXS_ERROR_NO_ERROR           = 0x0000 ;
+    static const uint32_t RS_GIXS_ERROR_UNKNOWN            = 0x0001 ;
+    static const uint32_t RS_GIXS_ERROR_KEY_NOT_AVAILABLE  = 0x0002 ;
+    static const uint32_t RS_GIXS_ERROR_SIGNATURE_MISMATCH = 0x0003 ;
+
+     /* Performs/validate a signature with the given key ID. The key must be available, otherwise the signature error
+     * will report it. Each time a key is used to validate a signature, its usage timestamp is updated.
+     *
+     * If force_load is true, the key will be forced loaded from the cache. If not, uncached keys will return
+     * with error_status=RS_GIXS_SIGNATURE_ERROR_KEY_NOT_AVAILABLE, but will likely be cached on the next call.
+     */
+
+    virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) = 0 ;
+    virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,uint32_t& signing_error) = 0 ;
+
+    virtual bool encryptData(const uint8_t *clear_data,uint32_t clear_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) = 0 ;
+    virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& clear_data,uint32_t& clear_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) = 0 ;
+
+//    virtual bool getPublicKey(const RsGxsId &id, RsTlvSecurityKey &key) = 0;
+
+    virtual void getOwnIds(std::list<RsGxsId>& ids) = 0;
+    virtual bool isOwnId(const RsGxsId& key_id) = 0 ;
+
+    virtual void timeStampKey(const RsGxsId& key_id) = 0 ;
+
+ //   virtual void networkRequestPublicKey(const RsGxsId& key_id,const std::list<RsPeerId>& peer_ids) = 0 ;
+
 	// Key related interface - used for validating msgs and groups.
     /*!
      * Use to query a whether given key is available by its key reference
@@ -157,7 +166,8 @@ public:
      */
     virtual bool  getKey(const RsGxsId &id, RsTlvSecurityKey &key) = 0;
     virtual bool  getPrivateKey(const RsGxsId &id, RsTlvSecurityKey &key) = 0;	// For signing outgoing messages.
-
+#ifdef SUSPENDED
+#endif
 
 };