Browse Source

Made myself() re-use already selected fpr from pre-existing identity if not explicitely given. More restriction while selecting gpg ring's key should still be enforced.

doc_update_sequoia
Edouard Tisserant 6 years ago
parent
commit
a926501109
1 changed files with 67 additions and 18 deletions
  1. +67
    -18
      src/keymanagement.c

+ 67
- 18
src/keymanagement.c View File

@ -267,6 +267,7 @@ DYNAMIC_API PEP_STATUS update_identity(
DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
{
pEp_identity *stored_identity;
PEP_STATUS status;
stringlist_t *keylist = NULL;
@ -285,12 +286,69 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
DEBUG_LOG("myself", "debug", identity->address);
status = find_keys(session, identity->address, &keylist);
status = get_identity(session,
identity->address,
identity->user_id,
&stored_identity);
assert(status != PEP_OUT_OF_MEMORY);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
if (keylist == NULL || keylist->value == NULL) {
if (stored_identity)
{
if (EMPTYSTR(identity->fpr)) {
identity->fpr = strndup(stored_identity->fpr, stored_identity->fpr_size);
assert(identity->fpr);
if (identity->fpr == NULL)
{
return PEP_OUT_OF_MEMORY;
}
identity->fpr_size = stored_identity->fpr_size;
}
}
else
{
free(identity->fpr);
identity->fpr_size = 0;
status = find_keys(session, identity->address, &keylist);
assert(status != PEP_OUT_OF_MEMORY);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
if (keylist != NULL && keylist->value != NULL)
{
// BUG : Vulnerable to auto-key-import poisoning.
// Attacker's key with forged userId could have been
// auto imported from already received email and be used here
// TODO : iterate over list to elect best key
// TODO : discard keys which aren't private
// TODO : discard keys which aren't either
// - own generated key
// - own from synchronized device group
// - already fully trusted as a public key of known
// identity, for that same address
// (case of imported key for mailing lists)
identity->fpr = strdup(keylist->value);
assert(identity->fpr);
if (identity->fpr == NULL)
{
return PEP_OUT_OF_MEMORY;
}
identity->fpr_size = strlen(identity->fpr);
}
}
// TODO : Check key for revoked state
if (EMPTYSTR(identity->fpr) /* or revoked */)
{
DEBUG_LOG("generating key pair", "debug", identity->address);
status = generate_keypair(session, identity);
assert(status != PEP_OUT_OF_MEMORY);
@ -300,20 +358,21 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
DEBUG_LOG("generating key pair failed", "debug", buf);
return status;
}
status = find_keys(session, identity->address, &keylist);
assert(status != PEP_OUT_OF_MEMORY);
if (status == PEP_OUT_OF_MEMORY)
return PEP_OUT_OF_MEMORY;
assert(keylist && keylist->value);
if (keylist == NULL || keylist->value == NULL) {
return PEP_UNKNOWN_ERROR;
}
}
else {
else
{
bool expired;
status = key_expired(session, keylist->value, &expired);
status = key_expired(session, identity->fpr, &expired);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {
goto free_keylist;
@ -321,21 +380,11 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
if (status == PEP_STATUS_OK && expired) {
timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
renew_key(session, keylist->value, ts);
renew_key(session, identity->fpr, ts);
free_timestamp(ts);
}
}
if (identity->fpr)
free(identity->fpr);
identity->fpr = strdup(keylist->value);
assert(identity->fpr);
if (identity->fpr == NULL){
status = PEP_OUT_OF_MEMORY;
goto free_keylist;
}
identity->fpr_size = strlen(identity->fpr);
status = set_identity(session, identity);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {


Loading…
Cancel
Save