publish key not generated for public groups anymore, added signature creation for publish and id keys (used in main line of code, correctly initialise ur gxs services)

groupid assigned to group before service_CreateGroup now (to help with identity using pgp hashes)
fixed up dummy group creation for photo service and ui 
completed basic functions of GxsGroupDialog




git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-gxs-b1@5809 b45a01b8-16f6-495d-af2f-9b41ad6348cc

libretroshare/src/gxs/rsdataservice.h

@@ -6,7 +6,7 @@
  *
  * General Data service, interface for RetroShare.
  *
- * Copyright 2011-2011 by Evi-Parker Christopher
+ * Copyright 2011-2012 by Evi-Parker Christopher
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public

libretroshare/src/gxs/rsgenexchange.cc

@@ -154,7 +154,7 @@ bool RsGenExchange::acknowledgeTokenGrp(const uint32_t& token,
 	return true;
 }
 
-void RsGenExchange::generateGroupKeys(RsTlvSecurityKeySet& keySet)
+void RsGenExchange::generateGroupKeys(RsTlvSecurityKeySet& keySet, bool genPublishKeys)
 {
     /* create Keys */
 
@@ -162,54 +162,58 @@ void RsGenExchange::generateGroupKeys(RsTlvSecurityKeySet& keySet)
     RSA *rsa_admin = RSA_generate_key(2048, 65537, NULL, NULL);
     RSA *rsa_admin_pub = RSAPublicKey_dup(rsa_admin);
 
-    // publish keys
-    RSA *rsa_publish = RSA_generate_key(2048, 65537, NULL, NULL);
-    RSA *rsa_publish_pub = RSAPublicKey_dup(rsa_admin);
-
-    /* set keys */
+    /* set admin keys */
     RsTlvSecurityKey adminKey, privAdminKey;
 
-    /* set publish keys */
-    RsTlvSecurityKey pubKey, privPubKey;
-
     GxsSecurity::setRSAPublicKey(adminKey, rsa_admin_pub);
     GxsSecurity::setRSAPrivateKey(privAdminKey, rsa_admin);
 
-    GxsSecurity::setRSAPublicKey(pubKey, rsa_publish_pub);
-    GxsSecurity::setRSAPrivateKey(privPubKey, rsa_publish);
-
     adminKey.startTS = time(NULL);
     adminKey.endTS = 0; /* no end */
 
     privAdminKey.startTS = adminKey.startTS;
     privAdminKey.endTS = 0; /* no end */
 
+    // for now all public
+    adminKey.keyFlags = RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_PUBLIC_ONLY;
+    privAdminKey.keyFlags = RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL;
+
+    keySet.keys[adminKey.keyId] = adminKey;
+    keySet.keys[privAdminKey.keyId] = privAdminKey;
+
+    // clean up
+    RSA_free(rsa_admin);
+    RSA_free(rsa_admin_pub);
+
+    if(genPublishKeys)
+    {
+        // publish keys
+        RSA *rsa_publish = RSA_generate_key(2048, 65537, NULL, NULL);
+        RSA *rsa_publish_pub = RSAPublicKey_dup(rsa_publish);
+
+        /* set publish keys */
+        RsTlvSecurityKey pubKey, privPubKey;
+
+        GxsSecurity::setRSAPublicKey(pubKey, rsa_publish_pub);
+        GxsSecurity::setRSAPrivateKey(privPubKey, rsa_publish);
+
         pubKey.startTS = adminKey.startTS;
         pubKey.endTS = pubKey.startTS + 60 * 60 * 24 * 365 * 5; /* approx 5 years */
 
         privPubKey.startTS = adminKey.startTS;
         privPubKey.endTS = 0; /* no end */
 
-    // for now all public
-    adminKey.keyFlags = RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_PUBLIC_ONLY;
-    privAdminKey.keyFlags = RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL;
-
         // for now all public
         pubKey.keyFlags = RSTLV_KEY_DISTRIB_PUBLIC | RSTLV_KEY_TYPE_PUBLIC_ONLY;
         privPubKey.keyFlags = RSTLV_KEY_DISTRIB_PRIVATE | RSTLV_KEY_TYPE_FULL;
 
-    keySet.keys[adminKey.keyId] = adminKey;
         keySet.keys[pubKey.keyId] = pubKey;
-
-    keySet.keys[privAdminKey.keyId] = privAdminKey;
         keySet.keys[privPubKey.keyId] = privPubKey;
 
-    // clean up
-    RSA_free(rsa_admin);
-    RSA_free(rsa_admin_pub);
-
         RSA_free(rsa_publish);
         RSA_free(rsa_publish_pub);
+    }
+
 }
 
 bool RsGenExchange::createGroup(RsNxsGrp *grp, RsTlvSecurityKeySet& keySet)
@@ -217,30 +221,37 @@ bool RsGenExchange::createGroup(RsNxsGrp *grp, RsTlvSecurityKeySet& keySet)
     std::cerr << "RsGenExchange::createGroup()";
     std::cerr << std::endl;
 
-
     RsGxsGrpMetaData* meta = grp->metaData;
 
-    /* add keys to grp */
-    meta->keys = keySet;
+    /* add public admin and publish keys to grp */
 
     // find private admin key
     RsTlvSecurityKey privAdminKey;
     std::map<std::string, RsTlvSecurityKey>::iterator mit = keySet.keys.begin();
 
+    bool privKeyFound = false;
     for(; mit != keySet.keys.end(); mit++)
     {
-    	RsTlvSecurityKey& pk = mit->second;
+        RsTlvSecurityKey& key = mit->second;
 
-        if(pk.keyFlags & (RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL))
+        // add public admin key
+        if(key.keyFlags & (RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_PUBLIC_ONLY))
+            meta->keys.keys.insert(std::make_pair(key.keyId, key));
+
+        // add public publish key
+        if(key.keyFlags & (RSTLV_KEY_DISTRIB_PUBLIC | RSTLV_KEY_TYPE_PUBLIC_ONLY))
+            meta->keys.keys.insert(std::make_pair(key.keyId, key));
+
+        if(key.keyFlags & (RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL))
         {
-            privAdminKey = pk;
-            break;
+            privAdminKey = key;
+            privKeyFound = true;
         }
     }
 
-    if(mit == keySet.keys.end())
+    if(!privKeyFound)
     {
-	std::cerr << "RsGenExchange::createGroup() Missing ADMIN Key";
+        std::cerr << "RsGenExchange::createGroup() Missing private ADMIN Key";
 	std::cerr << std::endl;
 
     	return false;
@@ -248,8 +259,7 @@ bool RsGenExchange::createGroup(RsNxsGrp *grp, RsTlvSecurityKeySet& keySet)
 
     // group is self signing
     // for the creation of group signature
-    // only public admin and publish keys are present
-    // key set
+    // only public admin and publish keys are present in meta
     uint32_t metaDataLen = meta->serial_size();
     uint32_t allGrpDataLen = metaDataLen + grp->grp.bin_len;
     char* metaData = new char[metaDataLen];
@@ -267,7 +277,14 @@ bool RsGenExchange::createGroup(RsNxsGrp *grp, RsTlvSecurityKeySet& keySet)
     // add admin sign to grpMeta
     meta->signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_ADMIN] = adminSign;
 
-    grp->grpId = meta->mGroupId = privAdminKey.keyId;
+    // set meta to be transported as meta without private
+    // key components
+    grp->meta.setBinData(metaData, metaDataLen);
+
+    // but meta that is stored locally
+    // has all keys
+    // nxs net transports only bin data
+    meta->keys = keySet;
 
     // clean up
     delete[] allGrpData;
@@ -282,28 +299,91 @@ bool RsGenExchange::createGroup(RsNxsGrp *grp, RsTlvSecurityKeySet& keySet)
     return ok;
 }
 
-bool RsGenExchange::createMessage(RsNxsMsg* msg)
+bool RsGenExchange::createMsgSignatures(RsTlvKeySignatureSet& signSet, RsTlvBinaryData& msgData,
+                                        const RsGxsMsgMetaData& msgMeta, RsGxsGrpMetaData& grpMeta)
 {
-	const RsGxsGroupId& id = msg->grpId;
-
-	std::map<RsGxsGroupId, RsGxsGrpMetaData*> metaMap;
-
-	metaMap.insert(std::make_pair(id, (RsGxsGrpMetaData*)(NULL)));
-	mDataStore->retrieveGxsGrpMetaData(metaMap);
+    bool isParent = false;
+    bool needPublishSign, needIdentitySign;
     bool ok = true;
-	RSA* rsa_pub = NULL;
+    uint32_t grpFlag = grpMeta.mGroupFlags;
 
-	if(!metaMap[id])
+    // publish signature is determined by whether group is public or not
+    // for private group signature is not needed as it needs decrypting with
+    // the private publish key anyways
+
+    // restricted is a special case which heeds whether publish sign needs to be checked or not
+    // one may or may not want
+
+    if(msgMeta.mParentId.empty())
     {
-		return false;
+        isParent = true;
     }
     else
     {
-		// get publish key
-		RsGxsGrpMetaData* grpMeta = metaMap[id];
+        isParent = false;
+    }
+
+
+    if(isParent)
+    {
+        needIdentitySign = false;
+        needPublishSign = false;
+
+        if(grpFlag & GXS_SERV::FLAG_PRIVACY_PUBLIC)
+        {
+            needPublishSign = false;
+
+            if(checkMsgAuthenFlag(PUBLIC_GRP_BITS, GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN))
+                needIdentitySign = true;
+
+        }
+        else if(grpFlag & GXS_SERV::FLAG_PRIVACY_RESTRICTED)
+        {
+            needPublishSign = true;
+
+            if(checkMsgAuthenFlag(RESTRICTED_GRP_BITS, GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN))
+                needIdentitySign = true;
+        }
+        else if(grpFlag & GXS_SERV::FLAG_PRIVACY_PRIVATE)
+        {
+            needPublishSign = false;
+
+            if(checkMsgAuthenFlag(PRIVATE_GRP_BITS, GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN))
+                needIdentitySign = true;
+        }
+
+    }else
+    {
+        if(grpFlag & GXS_SERV::FLAG_PRIVACY_PUBLIC)
+        {
+            needPublishSign = false;
+
+            if(checkMsgAuthenFlag(PUBLIC_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN))
+                needIdentitySign = true;
+
+        }
+        else if(grpFlag & GXS_SERV::FLAG_PRIVACY_RESTRICTED)
+        {
+            if(checkMsgAuthenFlag(RESTRICTED_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_PUBLISH_SIGN))
+                needPublishSign = true;
+
+            if(checkMsgAuthenFlag(RESTRICTED_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN))
+                needIdentitySign = true;
+        }
+        else if(grpFlag & GXS_SERV::FLAG_PRIVACY_PRIVATE)
+        {
+            needPublishSign = false;
+
+            if(checkMsgAuthenFlag(PRIVATE_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN))
+                needIdentitySign = true;
+        }
+    }
+
+    if(needPublishSign)
+    {
 
         // public and shared is publish key
-                RsTlvSecurityKeySet& keys = grpMeta->keys;
+        RsTlvSecurityKeySet& keys = grpMeta.keys;
         RsTlvSecurityKey* pubKey;
 
         std::map<std::string, RsTlvSecurityKey>::iterator mit =
@@ -317,10 +397,89 @@ bool RsGenExchange::createMessage(RsNxsMsg* msg)
                         break;
         }
 
-		if(pub_key_found)
+        // private publish key
+        pubKey = &(mit->second);
+
+        RsTlvKeySignature pubSign = signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH];
+
+        ok &= GxsSecurity::getSignature((char*)msgData.bin_data, msgData.bin_len, pubKey, pubSign);
+
+        //place signature in msg meta
+        signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH] = pubSign;
+    }
+
+
+    if(needIdentitySign)
     {
+        if(mGixs)
+        {
+            bool haveKey = mGixs->havePrivateKey(msgMeta.mAuthorId);
+
+            if(haveKey)
+            {
+                mGixs->requestPrivateKey(msgMeta.mAuthorId);
+
+                RsTlvSecurityKey authorKey;
+
+                double timeDelta = 0.002; // fast polling
+                time_t now = time(NULL);
+
+                // poll immediately but, don't spend more than a second polling
+                while( (mGixs->getPrivateKey(msgMeta.mAuthorId, authorKey) == -1) &&
+                       ((now + 1) >> time(NULL))
+                    )
+                {
+    #ifndef WINDOWS_SYS
+            usleep((int) (timeDelta * 1000000));
+    #else
+            Sleep((int) (timeDelta * 1000));
+    #endif
+                }
+
+
+                RsTlvKeySignature sign;
+                ok &= GxsSecurity::getSignature((char*)msgData.bin_data, msgData.bin_len,
+                                                &authorKey, sign);
+                signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_IDENTITY] = sign;
+
+            }else
+            {
+                ok = false;
+            }
+        }
+        else
+        {
+#ifdef GEN_EXHANGE_DEBUG
+            std::cerr << "Gixs not enabled while request identity signature validation!" << std::endl;
+#endif
+        }
+    }
+
+    return ok;
+
+
+}
+
+bool RsGenExchange::createMessage(RsNxsMsg* msg)
+{
+	const RsGxsGroupId& id = msg->grpId;
+
+	std::map<RsGxsGroupId, RsGxsGrpMetaData*> metaMap;
+
+	metaMap.insert(std::make_pair(id, (RsGxsGrpMetaData*)(NULL)));
+	mDataStore->retrieveGxsGrpMetaData(metaMap);
+        bool ok = true;
         RsGxsMsgMetaData &meta = *(msg->metaData);
 
+	if(!metaMap[id])
+	{
+            return false;
+	}
+	else
+	{
+            // get publish key
+            RsGxsGrpMetaData* grpMeta = metaMap[id];
+
             uint32_t metaDataLen = meta.serial_size();
             uint32_t allMsgDataLen = metaDataLen + msg->msg.bin_len;
             char* metaData = new char[metaDataLen];
@@ -332,13 +491,12 @@ bool RsGenExchange::createMessage(RsNxsMsg* msg)
             memcpy(allMsgData, msg->msg.bin_data, msg->msg.bin_len);
             memcpy(allMsgData+(msg->msg.bin_len), metaData, metaDataLen);
 
-			// private publish key
-			pubKey = &(mit->second);
+            RsTlvBinaryData msgData(0);
 
-			RsTlvKeySignatureSet& signSet = meta.signSet;
-			RsTlvKeySignature pubSign = signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH];
+            msgData.setBinData(allMsgData, allMsgDataLen);
 
-			GxsSecurity::getSignature(allMsgData, allMsgDataLen, pubKey, pubSign);
+            // create signatures
+            ok &= createMsgSignatures(meta.signSet, msgData, meta, *grpMeta);
 
             // get hash of msg data to create msg id
             pqihash hash;
@@ -348,18 +506,8 @@ bool RsGenExchange::createMessage(RsNxsMsg* msg)
             // assign msg id to msg meta
             msg->metaData->mMsgId = msg->msgId;
 
-			//place signature in msg meta
-			signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH] = pubSign;
-
-			// clean up
-
             delete[] metaData;
             delete[] allMsgData;
-		}
-		else
-		{
-			ok = false;
-		}
 
             delete grpMeta;
 	}
@@ -382,11 +530,11 @@ bool RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSec
 
     if(msg->metaData->mParentId.empty())
     {
-        isParent = false;
+        isParent = true;
     }
     else
     {
-        isParent = true;
+        isParent = false;
     }
 
 
@@ -464,7 +612,10 @@ bool RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSec
     }
 
 
+
     if(checkIdentitySign)
+    {
+        if(mGixs)
         {
             bool haveKey = mGixs->haveKey(metaData.mAuthorId);
 
@@ -482,11 +633,11 @@ bool RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSec
                        ((now + 1) >> time(NULL))
                     )
                 {
-#ifndef WINDOWS_SYS
+    #ifndef WINDOWS_SYS
             usleep((int) (timeDelta * 1000000));
-#else
+    #else
             Sleep((int) (timeDelta * 1000));
-#endif
+    #endif
                 }
 
                 RsTlvKeySignature sign = metaData.signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH];
@@ -496,6 +647,15 @@ bool RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSec
                 valid = false;
             }
         }
+        else
+        {
+#ifdef GEN_EXHANGE_DEBUG
+            std::cerr << "Gixs not enabled while request identity signature validation!" << std::endl;
+#endif
+            valid = false;
+        }
+
+    }
 
     return valid;
 }
@@ -971,13 +1131,44 @@ void RsGenExchange::publishGrps()
         RsGxsGrpItem* grpItem = mit->second;
 
         RsTlvSecurityKeySet keySet;
-            generateGroupKeys(keySet);
+        generateGroupKeys(keySet,
+                          !(grpItem->meta.mGroupFlags & GXS_SERV::FLAG_PRIVACY_PUBLIC));
+
+        // find private admin key
+        RsTlvSecurityKey privAdminKey;
+        std::map<std::string, RsTlvSecurityKey>::iterator mit_keys = keySet.keys.begin();
+
+        bool privKeyFound = false;
+        for(; mit_keys != keySet.keys.end(); mit_keys++)
+        {
+            RsTlvSecurityKey& key = mit_keys->second;
+
+            if(key.keyFlags & (RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL))
+            {
+                privAdminKey = key;
+                privKeyFound = true;
+            }
+        }
+
+        bool ok = true;
+
+        if(privKeyFound)
+        {
+            // get group id from private admin key id
+            grpItem->meta.mGroupId = grp->grpId = privAdminKey.keyId;
+        }
+        else
+        {
+            ok = false;
+        }
+
 
         service_CreateGroup(grpItem, keySet);
 
         uint32_t size = mSerialiser->size(grpItem);
         char gData[size];
-            bool ok = mSerialiser->serialise(grpItem, gData, &size);
+        ok = mSerialiser->serialise(grpItem, gData, &size);
+
         if (!ok)
         {
             std::cerr << "RsGenExchange::publishGrps() !ok ERROR After First Serialise" << std::endl;
@@ -991,22 +1182,14 @@ void RsGenExchange::publishGrps()
             grpItem->meta.mPublishTs = time(NULL);
             *(grp->metaData) = grpItem->meta;
             grp->metaData->mSubscribeFlags = GXS_SERV::GROUP_SUBSCRIBE_ADMIN;
+
             ok &= createGroup(grp, keySet);
+
             if (!ok)
             {
                     std::cerr << "RsGenExchange::publishGrps() !ok ERROR After createGroup" << std::endl;
             }
 
-                size = grp->metaData->serial_size();
-                char mData[size];
-                grp->metaData->mGroupId = grp->grpId;
-                ok &= grp->metaData->serialise(mData, size);
-		if (!ok)
-		{
-                	std::cerr << "RsGenExchange::publishGrps() !ok ERROR After Meta Serialise" << std::endl;
-		}
-
-                grp->meta.setBinData(mData, size);
             RsGxsGroupId grpId = grp->grpId;
             mDataAccess->addGroupData(grp);
 
@@ -1090,10 +1273,8 @@ bool RsGenExchange::getGroupKeys(const RsGxsGroupId &grpId, RsTlvSecurityKeySet
 
 void RsGenExchange::createDummyGroup(RsGxsGrpItem *grpItem)
 {
-
     RsStackMutex stack(mGenMtx);
 
-
     RsNxsGrp* grp = new RsNxsGrp(mServType);
     uint32_t size = mSerialiser->size(grpItem);
     char gData[size];
@@ -1101,7 +1282,35 @@ void RsGenExchange::createDummyGroup(RsGxsGrpItem *grpItem)
     grp->grp.setBinData(gData, size);
 
     RsTlvSecurityKeySet keySet;
-	generateGroupKeys(keySet);
+    generateGroupKeys(keySet,
+                      !(grpItem->meta.mGroupFlags & GXS_SERV::FLAG_PRIVACY_PUBLIC));
+
+    // find private admin key
+    RsTlvSecurityKey privAdminKey;
+    std::map<std::string, RsTlvSecurityKey>::iterator mit_keys = keySet.keys.begin();
+
+    bool privKeyFound = false;
+    for(; mit_keys != keySet.keys.end(); mit_keys++)
+    {
+        RsTlvSecurityKey& key = mit_keys->second;
+
+        if(key.keyFlags & (RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL))
+        {
+            privAdminKey = key;
+            privKeyFound = true;
+        }
+    }
+
+
+    if(privKeyFound)
+    {
+        // get group id from private admin key id
+        grpItem->meta.mGroupId = grp->grpId = privAdminKey.keyId;
+    }
+    else
+    {
+        ok = false;
+    }
 
     service_CreateGroup(grpItem, keySet);
 
@@ -1110,13 +1319,8 @@ void RsGenExchange::createDummyGroup(RsGxsGrpItem *grpItem)
         grp->metaData = new RsGxsGrpMetaData();
         grpItem->meta.mPublishTs = time(NULL);
         *(grp->metaData) = grpItem->meta;
-        grp->metaData->mSubscribeFlags = ~GXS_SERV::GROUP_SUBSCRIBE_MASK;
+        grp->metaData->mSubscribeFlags = GXS_SERV::GROUP_SUBSCRIBE_ADMIN;
         createGroup(grp, keySet);
-        size = grp->metaData->serial_size();
-        char mData[size];
-        grp->metaData->mGroupId = grp->grpId;
-        ok = grp->metaData->serialise(mData, size);
-        grp->meta.setBinData(mData, size);
 
         mDataAccess->addGroupData(grp);
     }

libretroshare/src/gxs/rsgenexchange.h

@@ -384,7 +384,8 @@ private:
 
     /*!
      * This completes the creation of an instance on RsNxsGrp
-     * by assigning it a groupId and signature via SHA1 and EVP_sign respectively
+     * by assigning it a groupId and signature via SHA1 and EVP_sign respectively \n
+     * Meta is serialised and stored in group at this point also
      * @param grp Nxs group to create
      */
     bool createGroup(RsNxsGrp* grp, RsTlvSecurityKeySet& keySet);
@@ -398,6 +399,16 @@ private:
      */
     bool createMessage(RsNxsMsg* msg);
 
+    /*!
+     * convenience function to create sign
+     * @param signSet signatures are stored here
+     * @param msgData message data to be signed
+     * @param grpMeta the meta data for group the message belongs to
+     * @return false if signature creation for any required signature fails, true otherwise
+     */
+    bool createMsgSignatures(RsTlvKeySignatureSet& signSet, RsTlvBinaryData& msgData,
+                             const RsGxsMsgMetaData& msgMeta, RsGxsGrpMetaData& grpMeta);
+
     /*!
      * check meta change is legal
      * @return false if meta change is not legal
@@ -407,8 +418,9 @@ private:
     /*!
      * Generate a set of keys that can define a GXS group
      * @param keySet this is set generated keys
+     * @param genPublicKeys should public keys also be generated
      */
-    void generateGroupKeys(RsTlvSecurityKeySet& keySet);
+    void generateGroupKeys(RsTlvSecurityKeySet& keySet, bool genPublishKeys);
 
     /*!
      * Attempts to validate msg
@@ -419,8 +431,16 @@ private:
      */
     bool validateMsg(RsNxsMsg* msg, const uint32_t& grpFlag, RsTlvSecurityKeySet& grpKeySet);
 
+    /*!
+     * Checks flag against a given privacy bit block
+     * @param pos Determines 8 bit wide privacy block to check
+     * @param flag the flag to and(&) against
+     * @param the result of the (bit-block & flag)
+     */
     bool checkMsgAuthenFlag(const PrivacyBitPos& pos, const uint8_t& flag) const;
 
+    void  groupShareKeys(std::list<std::string> peers);
+
 private:
 
     RsMutex mGenMtx;

libretroshare/src/gxs/rsgxsnetservice.cc

@@ -363,8 +363,8 @@ void RsGxsNetService::run(){
 
 bool RsGxsNetService::locked_checkTransacTimedOut(NxsTransaction* tr)
 {
-   // return tr->mTimeOut < ((uint32_t) time(NULL));
-     return false;
+   return tr->mTimeOut < ((uint32_t) time(NULL));
+    // return false;
 }
 
 void RsGxsNetService::processTransactions(){
@@ -1022,7 +1022,7 @@ void RsGxsNetService::locked_genSendMsgsTransaction(NxsTransaction* tr)
 
 	uint32_t transN = locked_getTransactionId();
 
-	// store grp items to send in transaction
+        // store msg items to send in transaction
 	GxsMsgResult::iterator mit = msgs.begin();
 	std::string peerId = tr->mTransaction->PeerId();
 	uint32_t msgSize = 0;

libretroshare/src/pqi/pqihash.h

@@ -23,6 +23,9 @@
  *
  */
 
+#ifndef PQI_HASH_
+#define PQI_HASH_
+
 #include <openssl/sha.h>
 #include <string>
 #include <iomanip>
@@ -86,4 +89,4 @@ void 	Complete(std::string &hash)
 	SHA_CTX *sha_ctx;
 };
 
-
+#endif

libretroshare/src/retroshare/rsposted.h

@@ -42,6 +42,7 @@ class RsPostedGroup
 {
         public:
         RsGroupMetaData mMeta;
+        std::string mDescription;
         RsPostedGroup() { return; }
 };
 

libretroshare/src/rsserver/rsinit.cc

@@ -2329,6 +2329,11 @@ int RsServer::StartupRetroShare()
         RsGenExchange::setAuthenPolicyFlag(flag, photoAuthenPolicy,
                                            RsGenExchange::RESTRICTED_GRP_BITS);
 
+// Re-enable later, photo not using gixs yet
+//        flag = GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN;
+//        RsGenExchange::setAuthenPolicyFlag(flag, photoAuthenPolicy,
+//                                           RsGenExchange::RESTRICTED_GRP_BITS);
+
         flag = GXS_SERV::GRP_OPTION_AUTHEN_AUTHOR_SIGN;
         RsGenExchange::setAuthenPolicyFlag(flag, photoAuthenPolicy,
                                            RsGenExchange::GRP_OPTION_BITS);

libretroshare/src/serialiser/rsnxsitems.h

@@ -70,7 +70,7 @@ public:
     RsNxsItem(uint16_t servtype, uint8_t subtype)
         : RsItem(RS_PKT_VERSION_SERVICE, servtype, subtype), transactionNumber(0)
     {
-    	setPriorityLevel(QOS_PRIORITY_RS_GXS_NET);
+        setPriorityLevel(QOS_PRIORITY_RS_VOIP_PING);
         return;
     }
 

libretroshare/src/services/p3photoserviceV2.cc

@@ -90,8 +90,10 @@ p3PhotoServiceV2::p3PhotoServiceV2(RsGeneralDataService* gds, RsNetworkExchangeS
     RsGxsPhotoAlbumItem* item1 = new RsGxsPhotoAlbumItem(), *item2 = new RsGxsPhotoAlbumItem();
 
     item1->meta.mGroupName = "Dummy Album 1";
+    item1->meta.mGroupFlags = GXS_SERV::FLAG_PRIVACY_RESTRICTED;
     item1->album.mCaption = "Dummy 1";
     item2->meta.mGroupName = "Dummy Album 2";
+    item2->meta.mGroupFlags = GXS_SERV::FLAG_PRIVACY_RESTRICTED;
     item2->album.mCaption = "Dummy 2";
 
     createDummyGroup(item1);

libretroshare/src/tests/gxs/nxstestscenario.cc

@@ -7,6 +7,7 @@
 
 #include "nxstestscenario.h"
 #include "gxs/rsdataservice.h"
+#include "gxs/rsgxsflags.h"
 #include "data_support.h"
 #include <stdio.h>
 
@@ -147,6 +148,8 @@ void NxsMessageTestObserver::notifyNewGroups(std::vector<RsNxsGrp *> &groups)
     {
         RsNxsGrp* grp = *vit;
         RsGxsGrpMetaData* meta = new RsGxsGrpMetaData();
+        meta->deserialise(grp->meta.bin_data, grp->meta.bin_len);
+        meta->mSubscribeFlags |= GXS_SERV::GROUP_SUBSCRIBE_SUBSCRIBED;
         meta->mGroupId = grp->grpId;
         grps.insert(std::make_pair(grp, meta));
     }

retroshare-gui/src/gui/PhotoShare/AlbumDialog.cpp

@@ -2,6 +2,7 @@
 
 #include "AlbumDialog.h"
 #include "ui_AlbumDialog.h"
+#include "gxs/rsgxsflags.h"
 
 AlbumDialog::AlbumDialog(const RsPhotoAlbum& album, TokenQueue* photoQueue, RsPhotoV2* rs_Photo, QWidget *parent) :
     QDialog(parent),
@@ -13,6 +14,12 @@ AlbumDialog::AlbumDialog(const RsPhotoAlbum& album, TokenQueue* photoQueue, RsPh
     connect(ui->pushButton_DeletePhoto, SIGNAL(clicked()), this, SLOT(deletePhoto()));
 
     mPhotoDrop = ui->scrollAreaWidgetContents;
+
+    if(!(mAlbum.mMeta.mSubscribeFlags & GXS_SERV::GROUP_SUBSCRIBE_ADMIN))
+    {
+        ui->scrollAreaPhotos->setEnabled(false);
+        ui->pushButton_DeletePhoto->setEnabled(false);
+    }
     mPhotoDrop->setPhotoItemHolder(this);
 
     setUp();
@@ -32,6 +39,7 @@ void AlbumDialog::setUp()
 }
 
 void AlbumDialog::updateAlbumPhotos(){
+
     QSet<PhotoItem*> photos;
 
     mPhotoDrop->getPhotos(photos);

retroshare-gui/src/gui/PhotoShare/AlbumDialog.ui

@@ -285,7 +285,7 @@ p, li { white-space: pre-wrap; }
             <x>0</x>
             <y>0</y>
             <width>627</width>
-            <height>107</height>
+            <height>116</height>
            </rect>
           </property>
           <property name="styleSheet">
@@ -344,7 +344,7 @@ p, li { white-space: pre-wrap; }
      <item>
       <widget class="QPushButton" name="pushButton_PublishPhotos">
        <property name="text">
-        <string>Publish Photos</string>
+        <string>Publish Photos / Close</string>
        </property>
       </widget>
      </item>

retroshare-gui/src/gui/PhotoShare/PhotoDialog.cpp

@@ -2,7 +2,7 @@
 #include <QVBoxLayout>
 #include "PhotoDialog.h"
 #include "ui_PhotoDialog.h"
-
+#include "retroshare/rsidentity.h"
 #include "AddCommentDialog.h"
 
 PhotoDialog::PhotoDialog(RsPhotoV2 *rs_photo, const RsPhotoPhoto &photo, QWidget *parent) :
@@ -37,8 +37,6 @@ void PhotoDialog::setUp()
     ui->label_Photo->setPixmap(qtn);
     ui->lineEdit_Title->setText(QString::fromStdString(mPhotoDetails.mMeta.mMsgName));
 
-    //ui->scrollAreaWidgetContents->setLayout(new QVBoxLayout());
-
     requestComments();
 }
 

retroshare-gui/src/gui/Posted/PostedGroupDialog.cpp

@@ -56,21 +56,13 @@ bool PostedGroupDialog::service_CreateGroup(uint32_t &token, const RsGroupMetaDa
 {
 	// Specific Function.
         RsPostedGroup grp;
+        grp.mDescription = getDescription().toStdString();
 	grp.mMeta = meta;
 
         rsPosted->submitGroup(token, grp);
 	return true;
 }
 
-QPixmap PostedGroupDialog::service_getLogo()
-{
-    return QPixmap(); // null pixmap
-}
-
-QString PostedGroupDialog::service_getDescription()
-{
-    return QString();
-}
 
 
 

retroshare-gui/src/gui/Posted/PostedGroupDialog.h

@@ -46,19 +46,6 @@ protected:
 
     bool service_CreateGroup(uint32_t &token, const RsGroupMetaData &meta);
 
-    /*!
-     * This should return a group logo \n
-     * Will be called when GxsGroupDialog is initialised in show mode
-     *
-     */
-    virtual QPixmap service_getLogo();
-
-    /*!
-     * This should return a group description string
-     * @return group description string
-     */
-    virtual QString service_getDescription();
-
 private:
 
     RsPostedGroup mGrp;

retroshare-gui/src/gui/gxs/GxsGroupDialog.cpp

@@ -399,7 +399,15 @@ void GxsGroupDialog::addGroupLogo()
 	ui.groupLogo->setIcon(picture);
 }
 
+QPixmap GxsGroupDialog::getLogo()
+{
+    return picture;
+}
 
+QString GxsGroupDialog::getDescription()
+{
+    return ui.groupDesc->document()->toPlainText();
+}
 
 /***********************************************************************************
   Share Lists.

retroshare-gui/src/gui/gxs/GxsGroupDialog.h

@@ -149,24 +149,24 @@ protected:
 
         /*!
          * Main purpose is to help tansfer meta data to service
-         * and also
+         *
          * @param token This should be set to the token retrieved
          * @param meta The deriving GXS service should set their grp meta to this value
          */
         virtual bool service_CreateGroup(uint32_t &token, const RsGroupMetaData &meta) = 0;
 
         /*!
-         * This should return a group logo \n
-         * Will be called when GxsGroupDialog is initialised in show mode
+         * This returns a group logo from the ui \n
+         * Should be calleld by deriving service
          * @return The logo for the service
          */
-        virtual QPixmap service_getLogo() = 0;
+        QPixmap getLogo();
 
         /*!
-         * This should return a group description string
+         * This returns a group description string from the ui
          * @return group description string
          */
-        virtual QString service_getDescription() = 0;
+        virtual QString getDescription();
 
 	
 private slots: