Browse Source

merging in ENGINE-812

IOS-2414 Release_2.1.0-RC29
Volker Birk 1 year ago
parent
commit
b38198b47e
9 changed files with 294 additions and 14 deletions
  1. +28
    -2
      asn.1/pEp.asn1
  2. +1
    -1
      src/baseprotocol.h
  3. +97
    -7
      src/message_api.c
  4. +1
    -0
      src/pEp_internal.h
  5. +2
    -2
      sync/gen_message_func.ysl2
  6. +1
    -1
      sync/gen_messages.ysl2
  7. +1
    -1
      sync/gen_statemachine.ysl2
  8. +9
    -0
      sync/sync.fsm
  9. +154
    -0
      test/src/ReceiverRatingTest.cc

+ 28
- 2
asn.1/pEp.asn1 View File

@ -1,7 +1,7 @@
-- This file is under BSD License 2.0
-- Sync protocol for p≡p
-- Copyright (c) 2016, 2017 p≡p foundation
-- Copyright (c) 2016, 2010 p≡p foundation
-- Written by Volker Birk
@ -12,7 +12,7 @@ DEFINITIONS AUTOMATIC TAGS EXTENSIBILITY IMPLIED ::=
BEGIN
EXPORTS Identity, IdentityList, TID, Hash, Version;
EXPORTS Identity, IdentityList, TID, Hash, Version, Rating;
ISO639-1 ::= PrintableString(FROM ("a".."z")) (SIZE(2))
Hex ::= PrintableString(FROM ("A".."F") | FROM ("0".."9"))
@ -36,5 +36,31 @@ Version ::= SEQUENCE {
minor INTEGER (0..255) DEFAULT 2
}
Rating ::= ENUMERATED {
-- no color
cannot-decrypt (1),
have-no-key (2),
unencrypted (3),
unreliable (5),
b0rken (-2),
-- yellow
reliable (6),
-- green
trusted (7),
trusted-and-anonymized (8),
fully-anonymous (9),
-- red
mistrust (-1),
under-attack (-3)
}
END

+ 1
- 1
src/baseprotocol.h View File

@ -94,7 +94,7 @@ PEP_STATUS base_prepare_message(
//
// caveat:
// payload may point to msg attachment, the ownership does not change
// if fpr != NULL the ownership goes to the caller
// the ownership of fpr goes to the caller
PEP_STATUS base_extract_message(
PEP_SESSION session,


+ 97
- 7
src/message_api.c View File

@ -13,6 +13,7 @@
#include "base64.h"
#include "resource_id.h"
#include "internal_format.h"
#include "sync_codec.h"
#include <assert.h>
#include <string.h>
@ -186,7 +187,68 @@ void replace_opt_field(message *msg,
}
}
PEP_STATUS set_receiverRating(PEP_SESSION session, message *msg, PEP_rating rating)
{
if (!(session && msg && rating))
return PEP_ILLEGAL_VALUE;
if (!(msg->recv_by && msg->recv_by->fpr && msg->recv_by->fpr[0]))
return PEP_SYNC_NO_CHANNEL;
Sync_t *res = new_Sync_message(Sync_PR_keysync, KeySync_PR_receiverRating);
if (!res)
return PEP_OUT_OF_MEMORY;
res->choice.keysync.choice.receiverRating.rating = (Rating_t) rating;
char *payload;
size_t size;
PEP_STATUS status = encode_Sync_message(res, &payload, &size);
free_Sync_message(res);
if (status)
return status;
return base_decorate_message(session, msg, BASE_SYNC, payload, size, msg->recv_by->fpr);
}
PEP_STATUS get_receiverRating(PEP_SESSION session, message *msg, PEP_rating *rating)
{
if (!(session && msg && rating))
return PEP_ILLEGAL_VALUE;
*rating = PEP_rating_undefined;
size_t size;
const char *payload;
char *fpr;
PEP_STATUS status = base_extract_message(session, msg, BASE_SYNC, &size, &payload, &fpr);
if (status)
return status;
if (!fpr)
return PEP_SYNC_NO_CHANNEL;
bool own_key;
status = is_own_key(session, fpr, &own_key);
free(fpr);
if (!own_key)
return PEP_SYNC_NO_CHANNEL;
Sync_t *res;
status = decode_Sync_message(payload, size, &res);
if (status)
return status;
if (!(res->present == Sync_PR_keysync && res->choice.keysync.present == KeySync_PR_receiverRating)) {
free_Sync_message(res);
return PEP_SYNC_NO_CHANNEL;
}
*rating = res->choice.keysync.choice.receiverRating.rating;
return PEP_STATUS_OK;
}
void decorate_message(
PEP_SESSION session,
message *msg,
PEP_rating rating,
stringlist_t *keylist,
@ -199,8 +261,10 @@ void decorate_message(
if (add_version)
replace_opt_field(msg, "X-pEp-Version", PEP_VERSION, clobber);
if (rating != PEP_rating_undefined)
if (rating != PEP_rating_undefined) {
replace_opt_field(msg, "X-EncStatus", rating_to_string(rating), clobber);
set_receiverRating(session, msg, rating);
}
if (keylist) {
char *_keylist = keylist_to_string(keylist);
@ -2111,7 +2175,7 @@ DYNAMIC_API PEP_STATUS encrypt_message(
attach_own_key(session, src);
added_key_to_real_src = true;
}
decorate_message(src, PEP_rating_undefined, NULL, true, true);
decorate_message(session, src, PEP_rating_undefined, NULL, true, true);
return PEP_UNENCRYPTED;
}
else {
@ -2179,7 +2243,7 @@ DYNAMIC_API PEP_STATUS encrypt_message(
}
if (msg) {
decorate_message(msg, PEP_rating_undefined, NULL, true, true);
decorate_message(session, msg, PEP_rating_undefined, NULL, true, true);
if (_src->id) {
msg->id = strdup(_src->id);
assert(msg->id);
@ -2547,7 +2611,7 @@ DYNAMIC_API PEP_STATUS encrypt_message_for_self(
if (msg->id == NULL)
goto enomem;
}
decorate_message(msg, PEP_rating_undefined, NULL, true, true);
decorate_message(session, msg, PEP_rating_undefined, NULL, true, true);
}
*dst = msg;
@ -3824,8 +3888,15 @@ static PEP_STATUS _decrypt_message(
// Check for and deal with unencrypted messages
if (src->enc_format == PEP_enc_none) {
// if there is a valid receiverRating then return this rating else
// return unencrypted
*rating = PEP_rating_unencrypted;
PEP_rating _rating = PEP_rating_undefined;
status = get_receiverRating(session, src, &_rating);
if (status == PEP_STATUS_OK && _rating)
*rating = _rating;
else
*rating = PEP_rating_unencrypted;
// We remove these from the outermost source message
// if (keys_were_imported)
@ -3841,9 +3912,22 @@ static PEP_STATUS _decrypt_message(
return PEP_UNENCRYPTED;
}
// if there is an own identity defined via this message is coming in
// retrieve the details; in case there's no usuable own key make it
// functional
if (src->recv_by) {
status = myself(session, src->recv_by);
if (status) {
free_stringlist(_imported_key_list);
return status;
}
}
status = get_crypto_text(src, &ctext, &csize);
if (status != PEP_STATUS_OK)
if (status) {
free_stringlist(_imported_key_list);
return status;
}
/** Ok, we should be ready to decrypt. Try decrypt and verify first! **/
status = decrypt_and_verify(session, ctext, csize, dsig_text, dsig_size,
@ -4294,7 +4378,13 @@ static PEP_STATUS _decrypt_message(
dedup_stringlist(_keylist->next);
/* add pEp-related status flags to header */
decorate_message(msg, *rating, _keylist, false, true);
if (src->recv_by) {
free_identity(msg->recv_by);
msg->recv_by = identity_dup(src->recv_by);
if (!msg->recv_by)
goto enomem;
}
decorate_message(session, msg, *rating, _keylist, false, true);
// Maybe unnecessary
// if (keys_were_imported)


+ 1
- 0
src/pEp_internal.h View File

@ -284,6 +284,7 @@ PEP_STATUS encrypt_only(
);
void decorate_message(
PEP_SESSION session,
message *msg,
PEP_rating rating,
stringlist_t *keylist,


+ 2
- 2
sync/gen_message_func.ysl2 View File

@ -296,7 +296,7 @@ template "field", mode=update_message {
const "state" > «yml:lcase(ancestor::protocol/@name)»_state.«yml:lcase(ancestor::fsm/@name)»
choose {
when "func:basicType()" // copyable
when "func:basicType() or @type='Rating'" // copyable
||
msg->choice.«yml:lcase(../../@name)».choice.«$message_name».«@name»
= session->«$state».«@name»;
@ -380,7 +380,7 @@ template "message", mode=update_state {
template "field", mode=update_state {
param "message_name";
choose {
when "func:basicType()" // copyable
when "func:basicType() or @type='Rating'" // copyable
||
session->«yml:lcase(../../../@name)»_state.«yml:lcase(../../@name)».«@name» = msg->choice.«yml:lcase(../../@name)»
.choice.«$message_name».«@name»;


+ 1
- 1
sync/gen_messages.ysl2 View File

@ -15,7 +15,7 @@ tstylesheet {
include ./functions.ysl2
function "pEp_imports"
| IMPORTS Version, Identity, IdentityList, TID, Hash FROM PEP;
| IMPORTS Version, Identity, IdentityList, TID, Hash, Rating FROM PEP;
function "header"
||


+ 1
- 1
sync/gen_statemachine.ysl2 View File

@ -585,7 +585,7 @@ tstylesheet {
goto the_end;
}
attach_own_key(session, _m);
decorate_message(_m, PEP_rating_undefined, NULL, true, true);
decorate_message(session, _m, PEP_rating_undefined, NULL, true, true);
m = _m;
break;


+ 9
- 0
sync/sync.fsm View File

@ -679,5 +679,14 @@ protocol Sync 1 {
message SynchronizeGroupKeys 21, ratelimit=60 {
}
// This could be part of TrustSync, but actually it does not matter.
// This message will not be sent by the Sync thread. It is used by
// decrypt_message() to mark a previously computed rating. It is only
// valid when signed with an own key.
message ReceiverRating 22, security=unencrypted {
field Rating rating;
}
}
}

+ 154
- 0
test/src/ReceiverRatingTest.cc View File

@ -0,0 +1,154 @@
#include <stdlib.h>
#include <string>
#include <cstring>
#include "internal_format.h"
#include "test_util.h"
#include "TestConstants.h"
#include "Engine.h"
#include <gtest/gtest.h>
extern "C" {
PEP_STATUS set_receiverRating(PEP_SESSION session, message *msg, PEP_rating rating);
PEP_STATUS get_receiverRating(PEP_SESSION session, message *msg, PEP_rating *rating);
}
namespace {
//The fixture for ReceiverRatingTest
class ReceiverRatingTest : public ::testing::Test {
public:
Engine* engine;
PEP_SESSION session;
protected:
// You can remove any or all of the following functions if its body
// is empty.
ReceiverRatingTest() {
// You can do set-up work for each test here.
test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM();
test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name();
test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name;
}
~ReceiverRatingTest() override {
// You can do clean-up work that doesn't throw exceptions here.
}
// If the constructor and destructor are not enough for setting up
// and cleaning up each test, you can define the following methods:
void SetUp() override {
// Code here will be called immediately after the constructor (right
// before each test).
// Leave this empty if there are no files to copy to the home directory path
std::vector<std::pair<std::string, std::string>> init_files = std::vector<std::pair<std::string, std::string>>();
// Get a new test Engine.
engine = new Engine(test_path);
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
ASSERT_NE(engine->session, nullptr);
session = engine->session;
// Engine is up. Keep on truckin'
}
void TearDown() override {
// Code here will be called immediately after each test (right
// before the destructor).
engine->shut_down();
delete engine;
engine = NULL;
session = NULL;
}
private:
const char* test_suite_name;
const char* test_name;
string test_path;
// Objects declared here can be used by all tests in the ReceiverRatingTest suite.
};
} // namespace
TEST_F(ReceiverRatingTest, check_internal_format) {
// a message from me, Alice, to myself
const char* alice_fpr = "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97";
PEP_STATUS status = read_file_and_import_key(session,
"test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc");
ASSERT_EQ(status , PEP_KEY_IMPORTED);
status = set_up_ident_from_scratch(session,
"test_keys/priv/pep-test-alice-0x6FF00E97_priv.asc",
"pep.test.alice@pep-project.org", alice_fpr,
PEP_OWN_USERID, "Alice in Wonderland", NULL, true
);
ASSERT_EQ(status , PEP_STATUS_OK);
message* msg = new_message(PEP_dir_outgoing);
pEp_identity* alice = new_identity("pep.test.alice@pep-project.org", NULL, PEP_OWN_USERID, NULL);
status = myself(session, alice);
ASSERT_EQ(status , PEP_STATUS_OK);
pEp_identity* alice2 = identity_dup(alice);
msg->to = new_identity_list(identity_dup(alice));
msg->from = identity_dup(alice);
msg->shortmsg = strdup("Yo Mama!");
msg->longmsg = strdup("Look at my hot new sender fpr field!");
// encrypt this message
message* enc_msg = NULL;
status = encrypt_message(session, msg, NULL, &enc_msg, PEP_enc_PEP, 0);
ASSERT_EQ(status , PEP_STATUS_OK);
// decrypt this message
message *dec_msg = NULL;
stringlist_t *keylist = NULL;
PEP_rating rating = PEP_rating_undefined;
PEP_decrypt_flags_t flags = 0;
enc_msg->recv_by = identity_dup(alice);
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status, PEP_STATUS_OK);
ASSERT_STREQ(msg->shortmsg, dec_msg->shortmsg);
ASSERT_STREQ(msg->longmsg, dec_msg->longmsg);
ASSERT_EQ(rating, PEP_rating_trusted_and_anonymized);
bloblist_t *as = dec_msg->attachments;
ASSERT_STREQ(as->mime_type, "application/pEp.sync");
// test if receiver rating can be evaluated
free_stringlist(keylist);
message *dec_msg2 = NULL;
dec_msg->recv_by = identity_dup(alice);
status = decrypt_message(session, dec_msg, &dec_msg2, &keylist, &rating, &flags);
ASSERT_EQ(status, PEP_UNENCRYPTED);
ASSERT_EQ(rating, PEP_rating_trusted_and_anonymized);
// this must be repeatable
free_stringlist(keylist);
dec_msg->recv_by = identity_dup(alice);
status = decrypt_message(session, dec_msg, &dec_msg2, &keylist, &rating, &flags);
ASSERT_EQ(status, PEP_UNENCRYPTED);
ASSERT_EQ(rating, PEP_rating_trusted_and_anonymized);
free_stringlist(keylist);
free_identity(alice);
free_message(msg);
free_message(enc_msg);
free_message(dec_msg);
free_message(dec_msg2);
}

Loading…
Cancel
Save