gitea-87: new pEp protocol 3.3 using a new (incompatible) way to compute trustwords

I also seized the occasion for a large factoring / rewrite of the
trustword-related part of message_api.c , which I find much nicer now.
allow-empty-username
positron 1 month ago
parent c2cd337782
commit 9a14de0aad

@ -437,3 +437,9 @@ ifndef LOGDESTINATIONS
LOGDESTINATIONS = '(PEP_LOG_DESTINATION_STDERR|PEP_LOG_DESTINATION_DATABASE)'
endif
CPPFLAGS += -DPEP_LOG_DESTINATIONS=$(LOGDESTINATIONS)
# Set xor-trustword compatibility through a command-line preprocessor
# definition.
ifdef TRUSTWORDSXORCOMPATIBILITY
CPPFLAGS += -DPEP_TRUSTWORDS_XOR_COMPATIBILITY=1
endif

42
NEWS

@ -18,6 +18,48 @@
* fix windows compilation problem releated to strcasecmp; problem reported by
Alex. This fixes
https://gitea.pep.foundation/pEp.foundation/pEpEngine/issues/109 .
* New protocol version 3.3.
The only difference is the new handling of trustwords with RIPEMD-160.
* Unfortunately we have to disable backward compatibility by default to prevent
downgrade attacks.
Compatibility with older protocols requiring xor trustwords is kept if the
Engine is built with the CPP macro
PEP_TRUSTWORDS_XOR_COMPATIBILITY defined. This can be accomplished by adding
-DPEP_TRUSTWORDS_XOR_COMPATIBILITY=1
to the command line, or (when using our Makefile) by building with the make
variable TRUSTWORDSXORCOMPATIBILITY defined.
Explicitly calling get_xor_trustwords_for_fprs will always yield xor
trustwords.
* A further incompatible change in xor trustwords, "[A_XOR_A]": combining an fpr
with itself no longer returns the same fpr as the result. In other words we
no longer have a special case to force
for every A A xor A == A
. Instead I am switching to the correct alternative: now
for every A A xor A == 0
. The test suite used to explicitly check this case; I changed the test suite
to agree with Mathematics.
I significantly factored, rewrote and and cleand up the old trustword code in
src/message_api.c .
* local.conf.example: document TRUSTWORDSXORCOMPATIBILITY.
* PUBLIC_API get_trustwords_for_fprs ranamed to
get_xor_trustwords_for_fprs : this implements the old, weaker FPR combination
which might be vulnerable to a collision attack
(It is not possible to write a higher-level backwards-compatible function
get_trustwords_for_fprs which decides the best algorithm: the two FPRs are
not enough to decide which algorithm is needed)
* New PUBLIC_API:
get_ripemd_trustwords_for_fprs : this implement the new, stronger FPR
combination
* The following PUBLIC_API functions have a new behaviour but the same API:
* get_trustwords (taking identity arguments)
* get_message_trustwords (taking a message and a recipient identity)
In case xor-trustwords-compatibility is disabled these function now return
PEP_TRUSTWORD_NOT_FOUND (instead of mismatching trustwords) when refusing to
downgrade.
* Bug fix: update the pEp protocol version supported by a communication partner
on successful decrpyption of a message from her (including on PEP_UNENCRYPTED);
I believe that this behaviour had always been intended.
* add a THANKS file
v3.2.0-RC13
* add NEWS file

@ -506,7 +506,41 @@ protocol session {
}
method get_trustwords_for_fprs doc="get full trustwords string for a pair of fingerprints"
method get_xor_trustwords_for_fprs doc="get full trustwords string for a pair of fingerprints combining them with xor"
{
// parms
use string fpr1 doc="fingerprint 1";
use string fpr2 doc="fingerprint 2";
use ISO639_1 lang doc="string with ISO 639-1 language code";
create string words
doc="""
pointer to string with all trustwords UTF-8 encoded, separated by a blank each.
Empty if language is not supported or trustword wordlist is damaged or unavailable.
The caller is responsible to free() it (on Windoze use pEp_free()).
""";
return size_t wsize doc="length of full trustwords string";
use bool full
doc="""
if true, generate ALL trustwords for these identities. Else, generate a fixed-size
subset. (TODO: fixed-minimum-entropy subset in next version)
""";
// exceptions
throws out_of_memory doc="out of memory";
throws illegal_value doc="illegal parameter values";
throws trustword_not_found doc="at least one trustword not found";
}
method get_ripemd160_trustwords_for_fprs doc="get full trustwords string for a pair of fingerprints combining them with ordered concatenation and then a RIPEMD-160 hash"
{
// parms

@ -126,3 +126,21 @@
# Log to stderr, syslog and the log.db database.
#
# LOGDESTINATIONS = '(PEP_LOG_DESTINATION_STDERR|PEP_LOG_DESTINATION_SYSLOG|PEP_LOG_DESTINATION_DATABASE)'
# Backward compatibility with xor trustwords
# #########################################################
# The current pEp protocol uses RIPEMD-160 trustwords, which are unfortunately
# incompatibile with the older xor trustwords used in protocol versions up to
# 3.2 included.
# By default we do *not* fall back to xor trustwords for compatibility, in order
# to prevent downgrade attacks.
# If the make variable TRUSTWORDSXORCOMPATIBILITY is defined, however, we do
# fall back to xor trustwords when communicating with communication partners
# using older protocol versions.
# # Fall back to xor trustwords with communication partners using protocol
# # version <= 3.2 (default: fail with PEP_TRUSTWORD_NOT_FOUND instead).
# TRUSTWORDSXORCOMPATIBILITY = yes

File diff suppressed because it is too large Load Diff

@ -521,7 +521,10 @@ DYNAMIC_API PEP_STATUS get_trustwords(
/**
* <!-- get_message_trustwords() -->
*
* @brief Get full trustwords string for message sender and reciever identities
* @brief Get full trustwords string for message sender and reciever identities.
* This will use either get_ripemd160_trustwords_for_fprs or (if
* trustword-xor-compatibility mode is enabled and the communication
* partner requires an old protocol) get_ripemd160_trustwords_for_fprs.
*
* @param[in] session session handle
* @param[in] msg message to get sender identity from
@ -557,9 +560,10 @@ DYNAMIC_API PEP_STATUS get_message_trustwords(
);
/**
* <!-- get_trustwords_for_fprs() -->
* <!-- get_xor_trustwords_for_fprs() -->
*
* @brief Get full trustwords string for a pair of fingerprints
* @brief Get full trustwords string for a pair of fingerprints, combinind the
* two FPRs with a xor operation.
*
* @param[in] session session handle
* @param[in] fpr1 fingerprint 1
@ -583,7 +587,19 @@ DYNAMIC_API PEP_STATUS get_message_trustwords(
* the caller is responsible to free() it (on Windoze use pEp_free())
*
*/
DYNAMIC_API PEP_STATUS get_trustwords_for_fprs(
DYNAMIC_API PEP_STATUS get_xor_trustwords_for_fprs(
PEP_SESSION session, const char* fpr1, const char* fpr2,
const char* lang, char **words, size_t *wsize, bool full
);
/**
* <!-- get_ripemd160_trustwords_for_fprs() -->
*
* @brief Exactly like get_xor_trustwords_for_fprs, but instead of combining
* with xor combine with ordered concatenation and then the RIPEMD-160
* hash.
*/
DYNAMIC_API PEP_STATUS get_ripemd160_trustwords_for_fprs(
PEP_SESSION session, const char* fpr1, const char* fpr2,
const char* lang, char **words, size_t *wsize, bool full
);
@ -664,6 +680,27 @@ DYNAMIC_API PEP_STATUS get_key_rating_for_user(
DYNAMIC_API PEP_rating rating_from_comm_type(PEP_comm_type ct);
/* Utility functions.
* ***************************************************************** */
/*
* <!-- normalize_fpr() -->
*
* @brief Given an fpr compute its normalised version. A normalised fpr
* has no separators and only upper-case hex digits. This function
* should fail in every case where an fpr is invalid.
*
* @param[in] session session handle
* @param[out] normalize_fpr a normalised copy of fpr
* @param[in] fpr the input fpr
*
* @retval PEP_ILLEGAL_VALUE invalid fpr, NULL arguments
* @retval PEP_OUT_OF_MEMORY out of memory
* @retval PEP_STATUS_OK success
*/
PEP_STATUS normalize_fpr(PEP_SESSION session, char **normalized_fpr,
const char *input);
#ifdef __cplusplus
}

@ -22,7 +22,7 @@ extern "C" {
#include "timestamp.h"
#define PEP_PROTOCOL_VERSION_MAJOR 3 ///< pEp *protocol* version major component
#define PEP_PROTOCOL_VERSION_MINOR 2 ///< pEp *protocol* version minor component
#define PEP_PROTOCOL_VERSION_MINOR 3 ///< pEp *protocol* version minor component
/* Expand to the stringification of the macro parameter, itself unexpanded. */
#define _STRINGIFY_UNEXPANDED(whatever) \

@ -83,233 +83,269 @@ namespace {
TEST_F(TrustwordsTest, check_trustwords) {
output_stream << "\n*** get_trustwords test ***\n\n";
PEP_STATUS status;
pEp_identity* identity1 = new_identity(
"leon.schumacher@digitalekho.com",
"8BD08954C74D830EEFFB5DEB2682A17F7C87F73D",
"23",
"Leon Schumacher");
pEp_identity* identity2 = new_identity(
"krista@darthmama.org",
"62D4932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
pEp_identity* identity2_with_spaces = new_identity(
"krista@darthmama.org",
" 62D4932086185C159 17B72D30571A FBCA 5493553 ",
"blargh",
"Krista Bennett");
string fingerprint1 = identity1->fpr;
string fingerprint2 = identity2->fpr;
char* words1 = nullptr;
char* words2 = nullptr;
char* full_wordlist = nullptr;
size_t wsize1 = 0;
size_t wsize2 = 0;
size_t wsize_full = 0;
output_stream << "\nTest 1: fpr1 > fpr2, short" << endl;
output_stream << "\nfinding German trustwords for " << fingerprint1 << "...\n";
trustwords(session, fingerprint1.c_str(), "de", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
free(words1);
words1 = nullptr;
output_stream << "\nfinding German trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "de", &words2, &wsize2, 5);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
free(words2);
words1 = nullptr;
output_stream << "\nfinding German trustwords for " << identity1->address << " and " << identity2->address << "...\n";
get_trustwords(session, identity1, identity2, "de", &full_wordlist, &wsize_full, false);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nfinding English trustwords for " << identity1->address << " and " << identity2->address << "... with spaces\n";
get_trustwords(session, identity1, identity2_with_spaces, "en", &full_wordlist, &wsize_full, false);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 2: fpr1 == fpr1, short" << endl;
output_stream << "\nfinding French trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "fr", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding French trustwords for " << identity2->address << " and " << identity2->address << "...\n";
status = get_trustwords(session, identity2, identity2, "fr", &full_wordlist, &wsize_full, false);
ASSERT_STREQ(words1, full_wordlist);
// ASSERT_EQ(status , PEP_TRUSTWORDS_DUPLICATE_FPR);
// output_stream << "Discovered duplicate fprs as desired" << endl;
output_stream << "\nfinding English trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "en", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding English trustwords for " << identity2->address << " and " << identity2->address << "... with spaces\n";
get_trustwords(session, identity2, identity2_with_spaces, "en", &full_wordlist, &wsize_full, false);
ASSERT_STREQ(words1, full_wordlist);
// ASSERT_EQ(status , PEP_TRUSTWORDS_DUPLICATE_FPR);
// output_stream << "Discovered duplicate fprs as desired" << endl;
pEp_free(words1);
words1 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 3: fpr1 < fpr2, long" << endl;
output_stream << "\nfinding English trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "en", &words1, &wsize1, 0);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding English trustwords for " << fingerprint1 << "...\n";
trustwords(session, fingerprint1.c_str(), "en", &words2, &wsize2, 0);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
output_stream << "\nfinding English trustwords for " << identity2->address << " and " << identity1->address << "...\n";
get_trustwords(session, identity2, identity1, "en", &full_wordlist, &wsize_full, true);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
output_stream << "\nfinding English trustwords for " << identity2->address << " and " << identity1->address << "... with spaces\n";
get_trustwords(session, identity2_with_spaces, identity1, "en", &full_wordlist, &wsize_full, true);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
pEp_free(words1);
words1 = nullptr;
pEp_free(words2);
words2 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 4: fpr1 < fpr2, leading zeros (fpr1 has more), long" << endl;
pEp_identity* identity3 = new_identity(
"nobody@darthmama.org",
"000F932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
pEp_identity* identity4 = new_identity(
"nobody2@darthmama.org",
"001F932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
pEp_identity* identity5 = new_identity(
"nobody3@darthmama.org",
"001F732086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
string fingerprint3 = identity3->fpr;
string fingerprint4 = identity4->fpr;
string fingerprint5 = identity5->fpr;
output_stream << "\nfinding Catalan trustwords for " << fingerprint3 << "...\n";
trustwords(session, fingerprint3.c_str(), "ca", &words1, &wsize1, 0);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding Catalan trustwords for " << fingerprint4 << "...\n";
trustwords(session, fingerprint4.c_str(), "ca", &words2, &wsize2, 0);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
output_stream << "\nfinding Catalan trustwords for " << identity3->address << " and " << identity4->address << "...\n";
get_trustwords(session, identity3, identity4, "ca", &full_wordlist, &wsize_full, true);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
pEp_free(words1);
words1 = nullptr;
pEp_free(words2);
words2 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 5: fpr1 > fpr2, leading zeros (same number), interior digit difference, short" << endl;
output_stream << "\nfinding Turkish trustwords for " << fingerprint4 << "...\n";
trustwords(session, fingerprint4.c_str(), "tr", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding Turkish trustwords for " << fingerprint5 << "...\n";
trustwords(session, fingerprint5.c_str(), "tr", &words2, &wsize2, 5);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
output_stream << "\nfinding Turkish trustwords for " << identity4->address << " and " << identity5->address << "...\n";
get_trustwords(session, identity4, identity5, "tr", &full_wordlist, &wsize_full, false);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
pEp_free(words1);
words1 = nullptr;
pEp_free(words2);
words2 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 6: fpr2 is shorter" << endl;
pEp_identity* identity6 = new_identity(
"nobody4@darthmama.org",
"F1F932086185c15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
output_stream << "\nfinding Turkish trustwords for " << identity5->address << " and " << identity6->address << "...\n";
PEP_STATUS status6 = get_trustwords(session, identity5, identity6, "tr", &full_wordlist, &wsize_full, false);
ASSERT_EQ(status6 , PEP_STATUS_OK);
output_stream << full_wordlist << endl;
pEp_identity* identity7 = new_identity(
"nobody5@darthmama.org",
"F01X932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
output_stream << "\nTest 7: fpr2 has a non-hex character" << endl;
output_stream << "\nfinding Turkish trustwords for " << identity1->address << " and " << identity7->address << "...\n";
PEP_STATUS status7 = get_trustwords(session, identity1, identity7, "tr", &full_wordlist, &wsize_full, true);
ASSERT_EQ(status7 , PEP_ILLEGAL_VALUE);
output_stream << "Illegal digit value correctly recognised." << "\n";
free_identity(identity1);
free_identity(identity2);
free_identity(identity3);
free_identity(identity4);
free_identity(identity5);
free_identity(identity6);
free_identity(identity7);
#define SET_VERSION(identity) \
do { \
int major, minor; \
if (outer_iteration_i == 0) { \
/* Latest version: only use RIPEMD-160. */ \
major = PEP_PROTOCOL_VERSION_MAJOR; \
minor = PEP_PROTOCOL_VERSION_MINOR; \
} \
else { \
/* Fall back to xor trustwords. */ \
major = 2; \
minor = 1; \
} \
(identity)->major_ver = major; \
(identity)->minor_ver = minor; \
status = set_protocol_version(session, (identity), \
major, minor); \
ASSERT_EQ(status, PEP_STATUS_OK); \
} while (false)
#if defined(PEP_TRUSTWORDS_XOR_COMPATIBILITY)
int outer_iteration_no = 2;
#else
int outer_iteration_no = 1;
#endif
int outer_iteration_i;
for (outer_iteration_i = 0;
outer_iteration_i < outer_iteration_no;
outer_iteration_i ++) {
output_stream << "\n*** get_trustwords test ***\n\n";
PEP_STATUS status = PEP_STATUS_OK;
pEp_identity* identity1 = new_identity(
"leon.schumacher@digitalekho.com",
"8BD08954C74D830EEFFB5DEB2682A17F7C87F73D",
"23",
"Leon Schumacher");
SET_VERSION(identity1);
pEp_identity* identity2 = new_identity(
"krista@darthmama.org",
"62D4932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
SET_VERSION(identity2);
pEp_identity* identity2_with_spaces = new_identity(
"krista@darthmama.org",
" 62D4932086185C159 17B72D30571A FBCA 5493553 ",
"blargh",
"Krista Bennett");
SET_VERSION(identity2_with_spaces);
string fingerprint1 = identity1->fpr;
string fingerprint2 = identity2->fpr;
char* words1 = nullptr;
char* words2 = nullptr;
char* full_wordlist = nullptr;
size_t wsize1 = 0;
size_t wsize2 = 0;
size_t wsize_full = 0;
output_stream << "\nTest 1: fpr1 > fpr2, short" << endl;
output_stream << "\nfinding German trustwords for " << fingerprint1 << "...\n";
trustwords(session, fingerprint1.c_str(), "de", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
free(words1);
words1 = nullptr;
output_stream << "\nfinding German trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "de", &words2, &wsize2, 5);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
free(words2);
words1 = nullptr;
output_stream << "\nfinding German trustwords for " << identity1->address << " and " << identity2->address << "...\n";
get_trustwords(session, identity1, identity2, "de", &full_wordlist, &wsize_full, false);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nfinding English trustwords for " << identity1->address << " and " << identity2->address << "... with spaces\n";
get_trustwords(session, identity1, identity2_with_spaces, "en", &full_wordlist, &wsize_full, false);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 2: fpr1 == fpr1, short" << endl;
output_stream << "\nfinding French trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "fr", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding French trustwords for " << identity2->address << " and " << identity2->address << "...\n";
status = get_trustwords(session, identity2, identity2, "fr", &full_wordlist, &wsize_full, false);
ASSERT_STRNE(words1, full_wordlist); // flipped since [A_XOR_A]
output_stream << "\nfinding English trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "en", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding English trustwords for " << identity2->address << " and " << identity2->address << "... with spaces\n";
get_trustwords(session, identity2, identity2_with_spaces, "en", &full_wordlist, &wsize_full, false);
ASSERT_STRNE(words1, full_wordlist); // flipped since [A_XOR_A]
// ASSERT_EQ(status , PEP_TRUSTWORDS_DUPLICATE_FPR);
// output_stream << "Discovered duplicate fprs as desired" << endl;
pEp_free(words1);
words1 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 3: fpr1 < fpr2, long" << endl;
output_stream << "\nfinding English trustwords for " << fingerprint2 << "...\n";
trustwords(session, fingerprint2.c_str(), "en", &words1, &wsize1, 0);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding English trustwords for " << fingerprint1 << "...\n";
trustwords(session, fingerprint1.c_str(), "en", &words2, &wsize2, 0);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
output_stream << "\nfinding English trustwords for " << identity2->address << " and " << identity1->address << "...\n";
get_trustwords(session, identity2, identity1, "en", &full_wordlist, &wsize_full, true);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
output_stream << "\nfinding English trustwords for " << identity2->address << " and " << identity1->address << "... with spaces\n";
get_trustwords(session, identity2_with_spaces, identity1, "en", &full_wordlist, &wsize_full, true);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
pEp_free(words1);
words1 = nullptr;
pEp_free(words2);
words2 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 4: fpr1 < fpr2, leading zeros (fpr1 has more), long" << endl;
pEp_identity* identity3 = new_identity(
"nobody@darthmama.org",
"000F932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
SET_VERSION(identity3);
pEp_identity* identity4 = new_identity(
"nobody2@darthmama.org",
"001F932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
SET_VERSION(identity4);
pEp_identity* identity5 = new_identity(
"nobody3@darthmama.org",
"001F732086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
SET_VERSION(identity5);
string fingerprint3 = identity3->fpr;
string fingerprint4 = identity4->fpr;
string fingerprint5 = identity5->fpr;
output_stream << "\nfinding Catalan trustwords for " << fingerprint3 << "...\n";
trustwords(session, fingerprint3.c_str(), "ca", &words1, &wsize1, 0);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding Catalan trustwords for " << fingerprint4 << "...\n";
trustwords(session, fingerprint4.c_str(), "ca", &words2, &wsize2, 0);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
output_stream << "\nfinding Catalan trustwords for " << identity3->address << " and " << identity4->address << "...\n";
get_trustwords(session, identity3, identity4, "ca", &full_wordlist, &wsize_full, true);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
pEp_free(words1);
words1 = nullptr;
pEp_free(words2);
words2 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 5: fpr1 > fpr2, leading zeros (same number), interior digit difference, short" << endl;
output_stream << "\nfinding Turkish trustwords for " << fingerprint4 << "...\n";
trustwords(session, fingerprint4.c_str(), "tr", &words1, &wsize1, 5);
ASSERT_NOTNULL(words1);
output_stream << words1 << "\n";
output_stream << "\nfinding Turkish trustwords for " << fingerprint5 << "...\n";
trustwords(session, fingerprint5.c_str(), "tr", &words2, &wsize2, 5);
ASSERT_NOTNULL(words2);
output_stream << words2 << "\n";
output_stream << "\nfinding Turkish trustwords for " << identity4->address << " and " << identity5->address << "...\n";
get_trustwords(session, identity4, identity5, "tr", &full_wordlist, &wsize_full, false);
ASSERT_NOTNULL(full_wordlist);
output_stream << full_wordlist << "\n";
pEp_free(words1);
words1 = nullptr;
pEp_free(words2);
words2 = nullptr;
pEp_free(full_wordlist);
full_wordlist = nullptr;
output_stream << "\nTest 6: fpr2 is shorter" << endl;
pEp_identity* identity6 = new_identity(
"nobody4@darthmama.org",
"F1F932086185c15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
SET_VERSION(identity6);
output_stream << "\nfinding Turkish trustwords for " << identity5->address << " and " << identity6->address << "...\n";
PEP_STATUS status6 = get_trustwords(session, identity5, identity6, "tr", &full_wordlist, &wsize_full, false);
ASSERT_EQ(status6 , PEP_STATUS_OK);
output_stream << full_wordlist << endl;
pEp_identity* identity7 = new_identity(
"nobody5@darthmama.org",
"F01X932086185C15917B72D30571AFBCA5493553",
"blargh",
"Krista Bennett");
SET_VERSION(identity7);
output_stream << "\nTest 7: fpr2 has a non-hex character" << endl;
output_stream << "\nfinding Turkish trustwords for " << identity1->address << " and " << identity7->address << "...\n";
PEP_STATUS status7 = get_trustwords(session, identity1, identity7, "tr", &full_wordlist, &wsize_full, true);
ASSERT_EQ(status7 , PEP_ILLEGAL_VALUE);
output_stream << "Illegal digit value correctly recognised." << "\n";
free_identity(identity1);
free_identity(identity2);
free_identity(identity3);
free_identity(identity4);
free_identity(identity5);
free_identity(identity6);
free_identity(identity7);
} /* outer iteration loop */
}
TEST_F(TrustwordsTest, check_trustwords_short_trailing_space) {

Loading…
Cancel
Save