pEp.foundation
/
pEpEngine
14
2
Fork 17
Code Issues 27 Pull Requests 1 Projects 2 Releases 62 Wiki Activity

Removed allowed calls to trust_personal_key with an own_identity. Trusting a pubkey from the same user and another device will require using a different user_id or calling set_own_key (on a pub/priv keypair)

generate_api
Krista 'DarthMama' Bennett 2019-01-14 18:54:27 +01:00
parent c4408695a4
commit 2c5b7db338
3 changed files with 156 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/keymanagement.c
View File

@ -1381,7 +1381,9 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
EMPTYSTR(ident->fpr))
return PEP_ILLEGAL_VALUE;
//bool ident_has_trusted_default = false;
if (is_me(session, ident))
return PEP_ILLEGAL_VALUE;
char* ident_default_fpr = NULL;
// Before we do anything, be sure the input fpr is even eligible to be trusted
@ -1394,8 +1396,6 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
if (status != PEP_STATUS_OK)
return status;
bool me = is_me(session, ident);
pEp_identity* ident_copy = identity_dup(ident);
char* cached_fpr = NULL;
@ -1404,23 +1404,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
// For later, in case we need to check the user default key
pEp_identity* tmp_user_ident = NULL;
if (me) {
bool has_private = false;
// first of all, does this key even have a private component.
status = contains_priv_key(session, ident->fpr, &has_private);
if (status != PEP_STATUS_OK && status != PEP_KEY_NOT_FOUND)
goto pEp_free;
// if (has_private) {
// status = set_own_key(session, ident_copy, ident->fpr);
// goto pEp_free;
// }
}
// Either it's not me, or it's me but the key has no private key.
// We're only talking about pub keys here. Moving on.
// Save the input fpr, which we already tested as non-NULL
cached_fpr = strdup(ident->fpr);
@ -1436,10 +1420,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
tmp_id->comm_type = _MAX(tmp_id->comm_type, input_default_ct) | PEP_ct_confirmed;
// Get the default identity without setting the fpr
if (me)
status = _myself(session, ident_copy, false, true);
else
status = update_identity(session, ident_copy);
status = update_identity(session, ident_copy);
ident_default_fpr = (EMPTYSTR(ident_copy->fpr) ? NULL : strdup(ident_copy->fpr));
@ -1447,13 +1428,13 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
bool trusted_default = false;
// If there's no default, or the default is different from the input...
if (me || EMPTYSTR(ident_default_fpr) || strcmp(cached_fpr, ident_default_fpr) != 0) {
if (EMPTYSTR(ident_default_fpr) || strcmp(cached_fpr, ident_default_fpr) != 0) {
// If the default fpr (if there is one) is trusted and key is strong enough,
// don't replace, we just set the trusted bit on this key for this user_id...
// (If there's no default fpr, this won't be true anyway.)
if (me || (ident_copy->comm_type >= PEP_ct_strong_but_unconfirmed &&
(ident_copy->comm_type & PEP_ct_confirmed))) {
if ((ident_copy->comm_type >= PEP_ct_strong_but_unconfirmed &&
(ident_copy->comm_type & PEP_ct_confirmed))) {
trusted_default = true;
@ -1957,4 +1938,3 @@ PEP_STATUS pgp_import_ultimately_trusted_keypairs(PEP_SESSION session) {
return status;
}
#endif // USE_GPG

6
src/keymanagement.h
View File

@ -211,15 +211,17 @@ DYNAMIC_API PEP_STATUS key_mistrusted(
//
// parameters:
// session (in) session to use
// ident (in) person and key to trust in
// ident (in) person and key to trust in - this must not be an
// own_identity in which the .me flag is set or
// the user_id is an own user_id.
//
// caveat:
// the fields user_id, address and fpr must be supplied
// own identities will result in a return of PEP_ILLEGAL_VALUE.
// for non-own users, this will 1) set the trust bit on its comm type in the DB,
// 2) set this key as the identity default if the current identity default
// is not trusted, and 3) set this key as the user default if the current
// user default is not trusted.
// For an own user, this is simply a call to myself().
DYNAMIC_API PEP_STATUS trust_personal_key(
PEP_SESSION session,

288
test/src/SuiteMaker.cc
View File

@ -12,191 +12,191 @@
#include "SuiteMaker.h"
// Begin where we generate stuff
#include "DecorateTests.h"
#include "MimeTests.h"
#include "ExpiredSubkeyTests.h"
#include "UserIdCollisionTests.h"
#include "ReencryptPlusExtraKeysTests.h"
#include "BlacklistTests.h"
#include "AppleMailTests.h"
#include "MessageTwoPointOhTests.h"
#include "IdentityListTests.h"
#include "I18nTests.h"
#include "Engine463Tests.h"
#include "DecryptAttachPrivateKeyUntrustedTests.h"
#include "BloblistTests.h"
#include "NewUpdateIdAndMyselfTests.h"
#include "I18nTests.h"
#include "IdentityListTests.h"
#include "PgpBinaryTests.h"
#include "MessageNullFromTests.h"
#include "LeastCommonDenomColorTests.h"
#include "StringlistTests.h"
#include "PgpListKeysTests.h"
#include "MessageApiTests.h"
#include "EncryptMissingPrivateKeyTests.h"
#include "CaseAndDotAddressTests.h"
#include "UserIDAliasTests.h"
#include "SignOnlyTests.h"
#include "BCCTests.h"
#include "LeastColorGroupTests.h"
#include "Engine358Tests.h"
#include "BlacklistAcceptNewKeyTests.h"
#include "MessageApiTests.h"
#include "StringlistTests.h"
#include "HeaderKeyImportTests.h"
#include "StringpairListTests.h"
#include "TrustManipulationTests.h"
#include "SignOnlyTests.h"
#include "EncryptAttachPrivateKeyTests.h"
#include "BloblistTests.h"
#include "KeyResetMessageTests.h"
#include "SequenceTests.h"
#include "TrustwordsTests.h"
#include "DecryptAttachPrivateKeyUntrustedTests.h"
#include "BlacklistTests.h"
#include "RevokeRegenAttachTests.h"
#include "CheckRenewedExpiredKeyTrustStatusTests.h"
#include "EncryptMissingPrivateKeyTests.h"
#include "PepSubjectReceivedTests.h"
#include "KeyeditTests.h"
#include "MapAsn1Tests.h"
#include "PgpBinaryTests.h"
#include "DecryptAttachPrivateKeyTrustedTests.h"
#include "MessageNullFromTests.h"
#include "MimeTests.h"
#include "PgpListKeysTests.h"
#include "NewUpdateIdAndMyselfTests.h"
#include "EncryptForIdentityTests.h"
#include "CrashdumpTests.h"
#include "CaseAndDotAddressTests.h"
#include "ExpiredSubkeyTests.h"
#include "LeastCommonDenomColorTests.h"
#include "SequenceTests.h"
#include "HeaderKeyImportTests.h"
#include "EncryptAttachPrivateKeyTests.h"
#include "ExternalRevokeTests.h"
#include "UserIDAliasTests.h"
#include "KeyeditTests.h"
#include "LeastColorGroupTests.h"
#include "DecryptAttachPrivateKeyTrustedTests.h"
#include "CheckRenewedExpiredKeyTrustStatusTests.h"
#include "TrustwordsTests.h"
#include "ReencryptPlusExtraKeysTests.h"
#include "MapAsn1Tests.h"
#include "DecorateTests.h"
#include "MessageTwoPointOhTests.h"
#include "CrashdumpTests.h"
#include "StringpairListTests.h"
#include "EncryptForIdentityTests.h"
#include "KeyResetMessageTests.h"
#include "TrustManipulationTests.h"
#include "AppleMailTests.h"
const char* SuiteMaker::all_suites[] = {
"DecorateTests",
"MimeTests",
"ExpiredSubkeyTests",
"UserIdCollisionTests",
"ReencryptPlusExtraKeysTests",
"BlacklistTests",
"AppleMailTests",
"MessageTwoPointOhTests",
"IdentityListTests",
"I18nTests",
"Engine463Tests",
"DecryptAttachPrivateKeyUntrustedTests",
"BloblistTests",
"NewUpdateIdAndMyselfTests",
"I18nTests",
"IdentityListTests",
"PgpBinaryTests",
"MessageNullFromTests",
"LeastCommonDenomColorTests",
"StringlistTests",
"PgpListKeysTests",
"MessageApiTests",
"EncryptMissingPrivateKeyTests",
"CaseAndDotAddressTests",
"UserIDAliasTests",
"SignOnlyTests",
"BCCTests",
"LeastColorGroupTests",
"Engine358Tests",
"BlacklistAcceptNewKeyTests",
"MessageApiTests",
"StringlistTests",
"HeaderKeyImportTests",
"StringpairListTests",
"TrustManipulationTests",
"SignOnlyTests",
"EncryptAttachPrivateKeyTests",
"BloblistTests",
"KeyResetMessageTests",
"SequenceTests",
"TrustwordsTests",
"DecryptAttachPrivateKeyUntrustedTests",
"BlacklistTests",
"RevokeRegenAttachTests",
"CheckRenewedExpiredKeyTrustStatusTests",
"EncryptMissingPrivateKeyTests",
"PepSubjectReceivedTests",
"KeyeditTests",
"MapAsn1Tests",
"PgpBinaryTests",
"DecryptAttachPrivateKeyTrustedTests",
"MessageNullFromTests",
"MimeTests",
"PgpListKeysTests",
"NewUpdateIdAndMyselfTests",
"EncryptForIdentityTests",
"CrashdumpTests",
"CaseAndDotAddressTests",
"ExpiredSubkeyTests",
"LeastCommonDenomColorTests",
"SequenceTests",
"HeaderKeyImportTests",
"EncryptAttachPrivateKeyTests",
"ExternalRevokeTests",
"UserIDAliasTests",
"KeyeditTests",
"LeastColorGroupTests",
"DecryptAttachPrivateKeyTrustedTests",
"CheckRenewedExpiredKeyTrustStatusTests",
"TrustwordsTests",
"ReencryptPlusExtraKeysTests",
"MapAsn1Tests",
"DecorateTests",
"MessageTwoPointOhTests",
"CrashdumpTests",
"StringpairListTests",
"EncryptForIdentityTests",
"KeyResetMessageTests",
"TrustManipulationTests",
"AppleMailTests",
};
// This file is generated, so magic constants are ok.
int SuiteMaker::num_suites = 44;
void SuiteMaker::suitemaker_build(const char* test_class_name, const char* test_home, Test::Suite** test_suite) {
if (strcmp(test_class_name, "DecorateTests") == 0)
*test_suite = new DecorateTests(test_class_name, test_home);
if (strcmp(test_class_name, "MimeTests") == 0)
*test_suite = new MimeTests(test_class_name, test_home);
else if (strcmp(test_class_name, "ExpiredSubkeyTests") == 0)
*test_suite = new ExpiredSubkeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "UserIdCollisionTests") == 0)
*test_suite = new UserIdCollisionTests(test_class_name, test_home);
else if (strcmp(test_class_name, "ReencryptPlusExtraKeysTests") == 0)
*test_suite = new ReencryptPlusExtraKeysTests(test_class_name, test_home);
else if (strcmp(test_class_name, "BlacklistTests") == 0)
*test_suite = new BlacklistTests(test_class_name, test_home);
else if (strcmp(test_class_name, "AppleMailTests") == 0)
*test_suite = new AppleMailTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MessageTwoPointOhTests") == 0)
*test_suite = new MessageTwoPointOhTests(test_class_name, test_home);
else if (strcmp(test_class_name, "IdentityListTests") == 0)
*test_suite = new IdentityListTests(test_class_name, test_home);
else if (strcmp(test_class_name, "I18nTests") == 0)
*test_suite = new I18nTests(test_class_name, test_home);
else if (strcmp(test_class_name, "Engine463Tests") == 0)
*test_suite = new Engine463Tests(test_class_name, test_home);
else if (strcmp(test_class_name, "DecryptAttachPrivateKeyUntrustedTests") == 0)
*test_suite = new DecryptAttachPrivateKeyUntrustedTests(test_class_name, test_home);
else if (strcmp(test_class_name, "BloblistTests") == 0)
*test_suite = new BloblistTests(test_class_name, test_home);
else if (strcmp(test_class_name, "NewUpdateIdAndMyselfTests") == 0)
*test_suite = new NewUpdateIdAndMyselfTests(test_class_name, test_home);
else if (strcmp(test_class_name, "I18nTests") == 0)
*test_suite = new I18nTests(test_class_name, test_home);
else if (strcmp(test_class_name, "IdentityListTests") == 0)
*test_suite = new IdentityListTests(test_class_name, test_home);
else if (strcmp(test_class_name, "PgpBinaryTests") == 0)
*test_suite = new PgpBinaryTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MessageNullFromTests") == 0)
*test_suite = new MessageNullFromTests(test_class_name, test_home);
else if (strcmp(test_class_name, "LeastCommonDenomColorTests") == 0)
*test_suite = new LeastCommonDenomColorTests(test_class_name, test_home);
else if (strcmp(test_class_name, "StringlistTests") == 0)
*test_suite = new StringlistTests(test_class_name, test_home);
else if (strcmp(test_class_name, "PgpListKeysTests") == 0)
*test_suite = new PgpListKeysTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MessageApiTests") == 0)
*test_suite = new MessageApiTests(test_class_name, test_home);
else if (strcmp(test_class_name, "EncryptMissingPrivateKeyTests") == 0)
*test_suite = new EncryptMissingPrivateKeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "CaseAndDotAddressTests") == 0)
*test_suite = new CaseAndDotAddressTests(test_class_name, test_home);
else if (strcmp(test_class_name, "UserIDAliasTests") == 0)
*test_suite = new UserIDAliasTests(test_class_name, test_home);
else if (strcmp(test_class_name, "SignOnlyTests") == 0)
*test_suite = new SignOnlyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "BCCTests") == 0)
*test_suite = new BCCTests(test_class_name, test_home);
else if (strcmp(test_class_name, "LeastColorGroupTests") == 0)
*test_suite = new LeastColorGroupTests(test_class_name, test_home);
else if (strcmp(test_class_name, "Engine358Tests") == 0)
*test_suite = new Engine358Tests(test_class_name, test_home);
else if (strcmp(test_class_name, "BlacklistAcceptNewKeyTests") == 0)
*test_suite = new BlacklistAcceptNewKeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MessageApiTests") == 0)
*test_suite = new MessageApiTests(test_class_name, test_home);
else if (strcmp(test_class_name, "StringlistTests") == 0)
*test_suite = new StringlistTests(test_class_name, test_home);
else if (strcmp(test_class_name, "HeaderKeyImportTests") == 0)
*test_suite = new HeaderKeyImportTests(test_class_name, test_home);
else if (strcmp(test_class_name, "StringpairListTests") == 0)
*test_suite = new StringpairListTests(test_class_name, test_home);
else if (strcmp(test_class_name, "TrustManipulationTests") == 0)
*test_suite = new TrustManipulationTests(test_class_name, test_home);
else if (strcmp(test_class_name, "SignOnlyTests") == 0)
*test_suite = new SignOnlyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "EncryptAttachPrivateKeyTests") == 0)
*test_suite = new EncryptAttachPrivateKeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "BloblistTests") == 0)
*test_suite = new BloblistTests(test_class_name, test_home);
else if (strcmp(test_class_name, "KeyResetMessageTests") == 0)
*test_suite = new KeyResetMessageTests(test_class_name, test_home);
else if (strcmp(test_class_name, "SequenceTests") == 0)
*test_suite = new SequenceTests(test_class_name, test_home);
else if (strcmp(test_class_name, "TrustwordsTests") == 0)
*test_suite = new TrustwordsTests(test_class_name, test_home);
else if (strcmp(test_class_name, "DecryptAttachPrivateKeyUntrustedTests") == 0)
*test_suite = new DecryptAttachPrivateKeyUntrustedTests(test_class_name, test_home);
else if (strcmp(test_class_name, "BlacklistTests") == 0)
*test_suite = new BlacklistTests(test_class_name, test_home);
else if (strcmp(test_class_name, "RevokeRegenAttachTests") == 0)
*test_suite = new RevokeRegenAttachTests(test_class_name, test_home);
else if (strcmp(test_class_name, "CheckRenewedExpiredKeyTrustStatusTests") == 0)
*test_suite = new CheckRenewedExpiredKeyTrustStatusTests(test_class_name, test_home);
else if (strcmp(test_class_name, "EncryptMissingPrivateKeyTests") == 0)
*test_suite = new EncryptMissingPrivateKeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "PepSubjectReceivedTests") == 0)
*test_suite = new PepSubjectReceivedTests(test_class_name, test_home);
else if (strcmp(test_class_name, "KeyeditTests") == 0)
*test_suite = new KeyeditTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MapAsn1Tests") == 0)
*test_suite = new MapAsn1Tests(test_class_name, test_home);
else if (strcmp(test_class_name, "PgpBinaryTests") == 0)
*test_suite = new PgpBinaryTests(test_class_name, test_home);
else if (strcmp(test_class_name, "DecryptAttachPrivateKeyTrustedTests") == 0)
*test_suite = new DecryptAttachPrivateKeyTrustedTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MessageNullFromTests") == 0)
*test_suite = new MessageNullFromTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MimeTests") == 0)
*test_suite = new MimeTests(test_class_name, test_home);
else if (strcmp(test_class_name, "PgpListKeysTests") == 0)
*test_suite = new PgpListKeysTests(test_class_name, test_home);
else if (strcmp(test_class_name, "NewUpdateIdAndMyselfTests") == 0)
*test_suite = new NewUpdateIdAndMyselfTests(test_class_name, test_home);
else if (strcmp(test_class_name, "EncryptForIdentityTests") == 0)
*test_suite = new EncryptForIdentityTests(test_class_name, test_home);
else if (strcmp(test_class_name, "CrashdumpTests") == 0)
*test_suite = new CrashdumpTests(test_class_name, test_home);
else if (strcmp(test_class_name, "CaseAndDotAddressTests") == 0)
*test_suite = new CaseAndDotAddressTests(test_class_name, test_home);
else if (strcmp(test_class_name, "ExpiredSubkeyTests") == 0)
*test_suite = new ExpiredSubkeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "LeastCommonDenomColorTests") == 0)
*test_suite = new LeastCommonDenomColorTests(test_class_name, test_home);
else if (strcmp(test_class_name, "SequenceTests") == 0)
*test_suite = new SequenceTests(test_class_name, test_home);
else if (strcmp(test_class_name, "HeaderKeyImportTests") == 0)
*test_suite = new HeaderKeyImportTests(test_class_name, test_home);
else if (strcmp(test_class_name, "EncryptAttachPrivateKeyTests") == 0)
*test_suite = new EncryptAttachPrivateKeyTests(test_class_name, test_home);
else if (strcmp(test_class_name, "ExternalRevokeTests") == 0)
*test_suite = new ExternalRevokeTests(test_class_name, test_home);
else if (strcmp(test_class_name, "UserIDAliasTests") == 0)
*test_suite = new UserIDAliasTests(test_class_name, test_home);
else if (strcmp(test_class_name, "KeyeditTests") == 0)
*test_suite = new KeyeditTests(test_class_name, test_home);
else if (strcmp(test_class_name, "LeastColorGroupTests") == 0)
*test_suite = new LeastColorGroupTests(test_class_name, test_home);
else if (strcmp(test_class_name, "DecryptAttachPrivateKeyTrustedTests") == 0)
*test_suite = new DecryptAttachPrivateKeyTrustedTests(test_class_name, test_home);
else if (strcmp(test_class_name, "CheckRenewedExpiredKeyTrustStatusTests") == 0)
*test_suite = new CheckRenewedExpiredKeyTrustStatusTests(test_class_name, test_home);
else if (strcmp(test_class_name, "TrustwordsTests") == 0)
*test_suite = new TrustwordsTests(test_class_name, test_home);
else if (strcmp(test_class_name, "ReencryptPlusExtraKeysTests") == 0)
*test_suite = new ReencryptPlusExtraKeysTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MapAsn1Tests") == 0)
*test_suite = new MapAsn1Tests(test_class_name, test_home);
else if (strcmp(test_class_name, "DecorateTests") == 0)
*test_suite = new DecorateTests(test_class_name, test_home);
else if (strcmp(test_class_name, "MessageTwoPointOhTests") == 0)
*test_suite = new MessageTwoPointOhTests(test_class_name, test_home);
else if (strcmp(test_class_name, "CrashdumpTests") == 0)
*test_suite = new CrashdumpTests(test_class_name, test_home);
else if (strcmp(test_class_name, "StringpairListTests") == 0)
*test_suite = new StringpairListTests(test_class_name, test_home);
else if (strcmp(test_class_name, "EncryptForIdentityTests") == 0)
*test_suite = new EncryptForIdentityTests(test_class_name, test_home);
else if (strcmp(test_class_name, "KeyResetMessageTests") == 0)
*test_suite = new KeyResetMessageTests(test_class_name, test_home);
else if (strcmp(test_class_name, "TrustManipulationTests") == 0)
*test_suite = new TrustManipulationTests(test_class_name, test_home);
else if (strcmp(test_class_name, "AppleMailTests") == 0)
*test_suite = new AppleMailTests(test_class_name, test_home);
}
void SuiteMaker::suitemaker_buildlist(const char** test_class_names, int num_to_run, const char* test_home, std::vector<Test::Suite*>& test_suites) {