The user-visible change here is that it allows the FFI API to save
keys in the database for a context. This is primarily intended for
testing purposes as it allows you to get a key without having to
generate it.
Internally the most important change is to start using the
SignedPublicKey and SignedPrivateKey types from rpgp instead of
wrapping them into a single Key object. This allows APIs to be
specific about which they want instead of having to do runtime checks
like .is_public() or so. This means some of the functionality of the
Key impl now needs to be a trait.
A thid API change is to introduce the KeyPair struct, which binds
together the email address, public and private key for a keypair.
All these changes result in a bunch of cleanups, though more more
should be done to completely replace the Key type with the
SignedPublicKye/SignedPrivateKey + traits. But this change is large
enough already.
Testing-wise this adds two new keys which can be loaded from disk and
and avoids a few more key-generating tests. The encrypt/decrypt tests
are moved from the stress tests into the pgp tests and split up.
there are 3 key blobs in the database, gossip_key, public_key and verified_key.
the verification_key should not change if, for any reasons,
the public_key or the gossip_key changes.
Additionally, this change reduces duplication: now test public key is
stored in only one place, and used in two instead of copy-paste of very
long line.
Add a test for failing e2e encryption and some info statement to hunt where the e2e encryption failure comes from, as well as fix the issue.
Closes#233
Add a trait for str.strdup() to replace to_cstring() which avoid the
signature ambiguity with .to_string().
Also instruduce CString::yolo() as a shortcut to
CString::new().unwrap() and use it whenever the variable does can be
deallocated by going out of scope. This is less error prone.
Use some Path.to_c_string() functions where possible.
* refactor: safe sql access
* Clean up the worst rebase mistakes
* Some more progress on the rebase fallout and this branch
* upgrade and compile again
* cleanup from rebase
* example of how to prepare now
* rebase fixes
* add sql.query_map
* less preparation
* more improvements in sql code
* fix string truncation
* more prepare conversions
* most prep done
* fix tests
* fix ffi
* fix last prepares
* fix segfaults and some queries
* use r2d2 pool
* fix dc_job sql call, to reduce contention
* try newer rust
* No more vararg printing (drop dc_log_)
* ignore expected errors
* fix: uses exists instead of execute where needed
* fix: get_contacts logic was broken
* fix: contact creation
* test on 32bit linux
* ci: try running 32bit without cross
* undo 32bit tests
* refactor: rename dc_sqlite3 to sql
* fix: safer string conversions
* more string fixes
* try fixing appveyor build to 64bit
* chore(ci): hardcode target
* chore(ci): appveyor
* some cleanup work
* try fix darwin
* fix and improve sql escaping
* fix various bugs
* fix chat deletion
* refactor: cleanup config values and move to their own file
* refactor: move more methods onto the sql struct
* dont panic on failed state loading
* first round of cr
* one more cr fix
* stop using strange defaults
* remove unused escapes
Experiment with refactoring the internal sql interface a bit. My
original goal was to modify the schema and thus refactor to a state
where it would be sane to write tests for dc_sqlite_open() (and/or
however it ends up refactored) to assert schame changes before/after.
The C API allows passing a NULL pointer is for the callback function.
However when calling the callback nothing checks for this null pointer
and thus things fail badly. Even worse since the C API is defined
using an "fn pointer" rather than a "*-ptr" or raw pointer to the
function rust does not realise this can be invalid and therefore the
typechecker does not catch this even though there are no unsafe casts.
Fix this by making the callback an Option in rust, this can be easily
checked when calling. Also add a Context.call_cb() function which
simplifies calling the callback, hides the weird syntax due to the
function pointer and makes the call a little easier. Finally it also
means the option checking is only needed in one place.
For the C API this needs to check if this is a NULL pointer or not,
this is implicitly done by rust using the "nullable pointer
optimisation":
https://doc.rust-lang.org/nomicon/ffi.html#the-nullable-pointer-optimization
