pEp.foundation
/
pEpEngine
16
2
Fork 17
Code Issues 23 Pull Requests 2 Releases 48 Wiki Activity

merged in default

Browse Source
doxygen_doc
Krista 'DarthMama' Bennett 3 years ago
parent 22b5d27c04 c8c3fcd7e6
commit a460195780
6 changed files with 144 additions and 145 deletions
Show Stats Download Patch File Download Diff File

2
src/keymanagement.c
Unescape Escape View File

@ -2072,7 +2072,7 @@ static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
return status;
}
PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
identity_list* idents = NULL;
PEP_STATUS status = own_identities_retrieve(session, &idents);
if (status != PEP_STATUS_OK)

22
src/keymanagement.h
Unescape Escape View File

@ -381,6 +381,25 @@ DYNAMIC_API PEP_STATUS set_own_key(
const char *fpr
);
//
// clean_own_key_defaults()
//
// Remove any broken, unrenewable expired, or revoked
// own keys from identity and user defaults in the database.
//
// parameters:
// session (in) session to use
//
// return value:
// PEP_STATUS_OK if all went well
// PEP_PASSPHRASE_REQUIRED if a key needs to be renewed
// but cached passphrase isn't present
// PEP_WRONG_PASSPHRASE if passphrase required for expired key renewal
// but passphrase is the wrong one
// Otherwise, database and keyring errors as appropriate
//
DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session);
PEP_STATUS get_all_keys_for_user(PEP_SESSION session,
const char* user_id,
stringlist_t** keys);
@ -415,9 +434,6 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
bool check_blacklist,
bool own_must_contain_private);
PEP_STATUS clean_own_key_defaults(PEP_SESSION session);
#ifdef __cplusplus
}
#endif

11
src/pEpEngine.c
Unescape Escape View File

@ -2099,11 +2099,12 @@ DYNAMIC_API PEP_STATUS init(
goto pEp_error;
// runtime config
// clean up invalid keys
status = clean_own_key_defaults(_session);
if (status != PEP_STATUS_OK)
goto pEp_error;
// Will now be called by adapter.
// // clean up invalid keys
// status = clean_own_key_defaults(_session);
// if (status != PEP_STATUS_OK)
// goto pEp_error;
*session = _session;

2
src/pEpEngine.h
Unescape Escape View File

@ -25,7 +25,7 @@ extern "C" {
#define PEP_ENGINE_VERSION_MAJOR 2
#define PEP_ENGINE_VERSION_MINOR 1
#define PEP_ENGINE_VERSION_PATCH 0
#define PEP_ENGINE_VERSION_RC 16
#define PEP_ENGINE_VERSION_RC 18
#define PEP_OWN_USERID "pEp_own_userId"

231
src/pgp_sequoia.c
Unescape Escape View File

@ -231,6 +231,84 @@ int email_cmp(void *cookie, int a_len, const void *a, int b_len, const void *b)
return result;
}
static PEP_STATUS _pgp_get_decrypted_key(PEP_SESSION session,
pgp_cert_valid_key_iter_t iter,
pgp_key_t* decrypted_key) {
if (!iter)
return PEP_UNKNOWN_ERROR; // ???
if (!decrypted_key)
return PEP_ILLEGAL_VALUE;
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
bool bad_pass = false;
bool missing_pass = false;
pgp_key_t key = NULL;
*decrypted_key = NULL;
pgp_valid_key_amalgamation_t ka = pgp_cert_valid_key_iter_next (iter, NULL, NULL);
// FIXME: better error!!!
if (! ka)
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no capable key", fpr);
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
for ( ; ka ; (ka = pgp_cert_valid_key_iter_next(iter, NULL, NULL))) {
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
key = pgp_valid_key_amalgamation_key (ka);
if (pgp_key_has_unencrypted_secret(key))
break;
else {
const char* pass = session->curr_passphrase;
if (pass && pass[0]) {
pgp_key_t decrypted_key = NULL;
decrypted_key = pgp_key_decrypt_secret(&err, pgp_key_clone(key), (uint8_t*)session->curr_passphrase,
strlen(session->curr_passphrase));
pgp_key_free(key);
key = NULL;
if (!decrypted_key) {
bad_pass = true;
continue;
}
else {
key = decrypted_key;
break;
}
}
else {
pgp_key_free(key);
key = NULL;
missing_pass = true;
continue;
}
}
}
if (!key) {
if (bad_pass)
ERROR_OUT(err, PEP_WRONG_PASSPHRASE, "pgp_key_decrypt_secret");
else if (missing_pass)
ERROR_OUT(err, PEP_PASSPHRASE_REQUIRED, "pgp_key_decrypt_secret");
else
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_valid_key_amalgamation_key");
}
out:
pgp_valid_key_amalgamation_free (ka);
*decrypted_key = key;
T("(%s)-> %s", fpr, pEp_status_to_string(status));
return status;
}
PEP_STATUS pgp_init(PEP_SESSION session, bool in_first)
{
PEP_STATUS status = PEP_STATUS_OK;
@ -1851,10 +1929,7 @@ PEP_STATUS pgp_sign_only(
pgp_key_pair_t signing_keypair = NULL;
pgp_signer_t signer = NULL;
pgp_writer_stack_t ws = NULL;
bool bad_pass = false;
bool missing_pass = false;
status = cert_find_by_fpr_hex(session, fpr, true, &signer_cert, NULL);
ERROR_OUT(NULL, status, "Looking up key '%s'", fpr);
@ -1862,60 +1937,14 @@ PEP_STATUS pgp_sign_only(
pgp_cert_valid_key_iter_alive(iter);
pgp_cert_valid_key_iter_revoked(iter, false);
pgp_cert_valid_key_iter_for_signing (iter);
// pgp_cert_valid_key_iter_unencrypted_secret (iter);
// If there are multiple signing capable subkeys, we just take
// the first one, whichever one that happens to be.
ka = pgp_cert_valid_key_iter_next (iter, NULL, NULL);
if (! ka)
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no signing capable key", fpr);
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
pgp_key_t key = NULL;
for ( ; ka ; (ka = pgp_cert_valid_key_iter_next(iter, NULL, NULL))) {
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
key = pgp_valid_key_amalgamation_key (ka);
status = _pgp_get_decrypted_key(session, iter, &key);
if (pgp_key_has_unencrypted_secret(key))
break;
else {
const char* pass = session->curr_passphrase;
if (pass && pass[0]) {
pgp_key_t decrypted_key = NULL;
decrypted_key = pgp_key_decrypt_secret(&err, pgp_key_clone(key), (uint8_t*)session->curr_passphrase,
strlen(session->curr_passphrase));
pgp_key_free(key);
key = NULL;
if (!decrypted_key) {
bad_pass = true;
continue;
}
else {
key = decrypted_key;
break;
}
}
else {
pgp_key_free(key);
key = NULL;
missing_pass = true;
continue;
}
}
}
if (!key) {
if (bad_pass)
ERROR_OUT(err, PEP_WRONG_PASSPHRASE, "pgp_key_decrypt_secret");
else if (missing_pass)
ERROR_OUT(err, PEP_PASSPHRASE_REQUIRED, "pgp_key_decrypt_secret");
else
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_valid_key_amalgamation_key");
}
if (!key || status != PEP_STATUS_OK) {
ERROR_OUT (err, status,
"%s has no signing capable key", fpr);
}
signing_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (key));
pgp_key_free (key);
@ -2118,68 +2147,20 @@ static PEP_STATUS pgp_encrypt_sign_optional(
// pgp_encrypt_new consumes the recipients (but not the keys).
recipient_count = 0;
bool bad_pass = false;
bool missing_pass = false;
if (sign) {
iter = pgp_cert_valid_key_iter(signer_cert, session->policy, 0);
pgp_cert_valid_key_iter_alive(iter);
pgp_cert_valid_key_iter_revoked(iter, false);
pgp_cert_valid_key_iter_for_signing (iter);
// pgp_cert_valid_key_iter_unencrypted_secret (iter);
// If there are multiple signing capable subkeys, we just take
// the first one, whichever one that happens to be.
ka = pgp_cert_valid_key_iter_next (iter, NULL, NULL);
if (! ka)
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no signing capable key", keylist->value);
pgp_key_t key = NULL;
for ( ; ka ; (ka = pgp_cert_valid_key_iter_next(iter, NULL, NULL))) {
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
key = pgp_valid_key_amalgamation_key (ka);
status = _pgp_get_decrypted_key(session, iter, &key);
if (pgp_key_has_unencrypted_secret(key))
break;
else {
const char* pass = session->curr_passphrase;
if (pass && pass[0]) {
pgp_key_t decrypted_key = NULL;
decrypted_key = pgp_key_decrypt_secret(&err, pgp_key_clone(key), (uint8_t*)session->curr_passphrase,
strlen(session->curr_passphrase));
pgp_key_free(key);
key = NULL;
if (!decrypted_key) {
bad_pass = true;
continue;
}
else {
key = decrypted_key;
break;
}
}
else {
pgp_key_free(key);
key = NULL;
missing_pass = true;
continue;
}
}
}
if (!key) {
if (bad_pass)
ERROR_OUT(err, PEP_WRONG_PASSPHRASE, "pgp_key_decrypt_secret");
else if (missing_pass)
ERROR_OUT(err, PEP_PASSPHRASE_REQUIRED, "pgp_key_decrypt_secret");
else
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_valid_key_amalgamation_key");
}
if (!key || status != PEP_STATUS_OK) {
ERROR_OUT (err, status,
"%s has no signing capable key", fpr);
}
signing_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (key));
@ -3071,19 +3052,18 @@ PEP_STATUS pgp_renew_key(
iter = pgp_cert_valid_key_iter(cert, session->policy, 0);
pgp_cert_valid_key_iter_for_certification (iter);
pgp_cert_valid_key_iter_unencrypted_secret (iter);
pgp_cert_valid_key_iter_revoked(iter, false);
// If there are multiple certification capable subkeys, we just
// take the first one, whichever one that happens to be.
primary = pgp_cert_valid_key_iter_next (iter, NULL, NULL);
if (! primary)
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no usable certification capable key", fpr);
pgp_key_t key = NULL;
status = _pgp_get_decrypted_key(session, iter, &key);
if (!key || status != PEP_STATUS_OK) {
ERROR_OUT (err, status,
"%s has no signing capable key", fpr);
}
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
pgp_key_t key = pgp_valid_key_amalgamation_key (primary);
keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (key));
pgp_key_free (key);
if (! keypair)
@ -3197,18 +3177,17 @@ PEP_STATUS pgp_revoke_key(
pgp_cert_valid_key_iter_alive(iter);
pgp_cert_valid_key_iter_revoked(iter, false);
pgp_cert_valid_key_iter_for_certification (iter);
pgp_cert_valid_key_iter_unencrypted_secret (iter);
// If there are multiple certification capable subkeys, we just
// take the first one, whichever one that happens to be.
ka = pgp_cert_valid_key_iter_next (iter, NULL, NULL);
if (! ka)
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no usable certification capable key", fpr);
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
pgp_key_t key = pgp_valid_key_amalgamation_key (ka);
// only get a reference (which we still need to free).
pgp_key_t key = NULL;
status = _pgp_get_decrypted_key(session, iter, &key);
if (!key || status != PEP_STATUS_OK) {
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no usable certification capable key", fpr);
}
keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (key));
pgp_key_free (key);
if (! keypair)

21
test/src/CleanInvalidOwnKeysTest.cc
Unescape Escape View File

@ -82,10 +82,11 @@ namespace {
TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_revoked) {
// This is just a dummy test case. The convention is check_whatever_you_are_checking
// so for multiple test cases in a suite, be more explicit ;)
PEP_STATUS status = clean_own_key_defaults(session);
ASSERT_EQ(status, PEP_STATUS_OK);
pEp_identity* alice = NULL;
PEP_STATUS status = get_identity(session, "pep.test.alice@pep-project.org", "ALICE", &alice);
status = get_identity(session, "pep.test.alice@pep-project.org", "ALICE", &alice);
ASSERT_EQ(status, PEP_STATUS_OK);
ASSERT_STRNE(alice->fpr, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97");
char* fpr = NULL;
@ -95,10 +96,11 @@ TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_revoked) {
}
TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_mistrusted) {
// This is just a dummy test case. The convention is check_whatever_you_are_checking
// so for multiple test cases in a suite, be more explicit ;)
PEP_STATUS status = clean_own_key_defaults(session);
ASSERT_EQ(status, PEP_STATUS_OK);
pEp_identity* alice = NULL;
PEP_STATUS status = get_identity(session, "pep.test.alice@pep-project.org", "ALICE", &alice);
status = get_identity(session, "pep.test.alice@pep-project.org", "ALICE", &alice);
ASSERT_EQ(status, PEP_STATUS_OK);
ASSERT_STRNE(alice->fpr, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97");
char* fpr = NULL;
@ -108,10 +110,11 @@ TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_mistrusted)
}
TEST_F(CleanInvalidOwnKeysTest, check_clean_invalid_own_keys_no_alts_expired) {
// This is just a dummy test case. The convention is check_whatever_you_are_checking
// so for multiple test cases in a suite, be more explicit ;)
PEP_STATUS status = clean_own_key_defaults(session);
ASSERT_EQ(status, PEP_STATUS_OK);
pEp_identity* bob = NULL;
PEP_STATUS status = get_identity(session, "expired_bob_0@darthmama.org", "BOB", &bob);
status = get_identity(session, "expired_bob_0@darthmama.org", "BOB", &bob);
ASSERT_EQ(status, PEP_STATUS_OK);
ASSERT_STREQ(bob->fpr, "E4A8CD51C25D0ED5BAD0834BD2FDE305A35FE3F5");
char* fpr = NULL;

Write Preview
Loading…
Cancel
Save