diff --git a/src/message_api.c b/src/message_api.c index c15be5bc..c60521e0 100644 --- a/src/message_api.c +++ b/src/message_api.c @@ -2574,6 +2574,13 @@ DYNAMIC_API PEP_STATUS encrypt_message( if (status != PEP_STATUS_OK) goto pEp_error; + // This is only local, the caller will keep the keylist, but we don't want to + // allow extra keys for non-org (e.g. business) accounts, so we set it to NULL + // locally so as not to use it if it's a non-org account (cheaper than checks + // everywhere) + if (!(src->from->flags & PEP_idf_org_ident)) + extra = NULL; + // is a passphrase needed? status = probe_encrypt(session, src->from->fpr); if (failed_test(status)) @@ -2588,6 +2595,7 @@ DYNAMIC_API PEP_STATUS encrypt_message( stringlist_t *_k = keys; + // Will be NULL if this is a private account if (extra) { _k = stringlist_append(_k, extra); if (_k == NULL) @@ -3074,7 +3082,11 @@ DYNAMIC_API PEP_STATUS encrypt_message_for_self( else if (!target_id->fpr) { return PEP_ILLEGAL_VALUE; } - + + // Ensure we don't encrypt to extra keys if this is a non-org account + if (!(target_id->flags & PEP_idf_org_ident)) + extra = NULL; + *dst = NULL; // PEP_STATUS _status = update_identity(session, target_id); @@ -5395,12 +5407,13 @@ static PEP_STATUS _decrypt_message( if (has_extra_keys) sfpr = _keylist->value; + // We only actually reencrypt if the message is 100% safe. if (sfpr && decrypt_status == PEP_DECRYPTED_AND_VERIFIED) { own_key_is_listed(session, sfpr, &reenc_signer_key_is_own_key); bool key_missing = false; - // Also, see if extra keys are all in the encrypted-to keys; otherwise, we do it again + // Also, see if extra keys are all in the encrypted-to keys; otherwise, we do it again if (extra) { stringlist_t* curr_key = NULL; for (curr_key = extra; curr_key && curr_key->value; curr_key = curr_key->next) { @@ -5411,35 +5424,31 @@ static PEP_STATUS _decrypt_message( } } } - + + // Reencrypt if not signed by us, or there was a key missing from us/extra keys or if we keep subjects + // unencrypted and they don't match on inner/outer (?) if (key_missing || (!reenc_signer_key_is_own_key) || ((!subjects_match) && session->unencrypted_subject)) { message* reencrypt_msg = NULL; PEP_STATUS reencrypt_status = PEP_CANNOT_REENCRYPT; - char* own_id = NULL; - status = get_default_own_userid(session, &own_id); - if (own_id) { - char* target_own_fpr = seek_good_trusted_private_fpr(session, - own_id, - _keylist); - if (target_own_fpr) { - pEp_identity* target_id = new_identity(NULL, target_own_fpr, - own_id, NULL); - if (target_id) { - reencrypt_status = encrypt_message_for_self(session, target_id, msg, - extra, &reencrypt_msg, PEP_enc_PGP_MIME, - PEP_encrypt_reencrypt); - if (reencrypt_status != PEP_STATUS_OK) - reencrypt_status = PEP_CANNOT_REENCRYPT; - - free_identity(target_id); - } - free(target_own_fpr); - } - free(own_id); + + if (src->recv_by && !EMPTYSTR(src->recv_by->address)) { + // we've already called myself() on this, so we have a key. + if (!EMPTYSTR(src->recv_by->fpr)) { + reencrypt_status = encrypt_message_for_self(session, src->recv_by, msg, + extra, &reencrypt_msg, PEP_enc_PGP_MIME, + PEP_encrypt_reencrypt); + if (reencrypt_status != PEP_STATUS_OK) + reencrypt_status = PEP_CANNOT_REENCRYPT; + } } - free_stringlist(extra); // This was an input variable for us. Keylist is overwritten above. - + + // This was the initial contents of the keylist**, which we now own. + // Keylist is overwritten as an output variable above. + free_stringlist(extra); + if (reencrypt_status != PEP_CANNOT_REENCRYPT && reencrypt_msg) { + // This will reassign pointers and NULL out others and make sure + // reencrypt_msg is safe to free, FYI message_transfer(src, reencrypt_msg); *flags |= PEP_decrypt_flag_src_modified; free_message(reencrypt_msg); @@ -5447,8 +5456,8 @@ static PEP_STATUS _decrypt_message( else decrypt_status = PEP_CANNOT_REENCRYPT; } - } - else if (!has_extra_keys && session->unencrypted_subject) { + } + else if (!has_extra_keys && session->unencrypted_subject) { // this is just unencrypted subj. free(src->shortmsg); src->shortmsg = strdup(msg->shortmsg); assert(src->shortmsg); diff --git a/src/pEp_internal.h b/src/pEp_internal.h index 464c6dcc..013db4f7 100644 --- a/src/pEp_internal.h +++ b/src/pEp_internal.h @@ -70,6 +70,7 @@ #define LOCAL_DB unix_local_db() #else #define LOCAL_DB unix_local_db(false) +#define LOCAL_DB_RESET unix_local_db(true) #endif #ifdef ANDROID #define SYSTEM_DB android_system_db() diff --git a/test/src/ReencryptPlusExtraKeysTest.cc b/test/src/ReencryptPlusExtraKeysTest.cc index 2ab5e509..d2c8b39a 100644 --- a/test/src/ReencryptPlusExtraKeysTest.cc +++ b/test/src/ReencryptPlusExtraKeysTest.cc @@ -155,6 +155,13 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj) { ASSERT_EQ(status , PEP_STATUS_OK); ASSERT_NE(carol, nullptr); + status = set_identity_flags(session, carol, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, carol); + ASSERT_OK; + ASSERT_EQ(carol->flags, carol->flags & PEP_idf_org_ident); + string mailfile = slurp("test_mails/From_M2_1.eml"); char* decrypted_text = nullptr; @@ -167,23 +174,23 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj) { flags = PEP_decrypt_flag_untrusted_server; char* modified_src = NULL; - status = MIME_decrypt_message(session, - mailfile.c_str(), - mailfile.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); - - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); - message* checker = NULL; - status = mime_decode_message(modified_src, strlen(modified_src), &checker, NULL); - ASSERT_NE(checker, nullptr); + message* decoded = NULL; + status = mime_decode_message(mailfile.c_str(), mailfile.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + message* dec_msg = NULL; + decoded->recv_by = identity_dup(carol); + + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); + + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); + + message* checker = decoded; ASSERT_STREQ(checker->shortmsg, "Boom shaka laka"); config_unencrypted_subject(session, false); - cout << modified_src << endl; + message* src_msg = NULL; status = mime_decode_message(mailfile.c_str(), mailfile.size(), &src_msg, NULL); ASSERT_NE(src_msg, nullptr); @@ -202,6 +209,13 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_check_effici ASSERT_EQ(status , PEP_STATUS_OK); ASSERT_NE(carol, nullptr); + status = set_identity_flags(session, carol, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, carol); + ASSERT_OK; + ASSERT_EQ(carol->flags, carol->flags & PEP_idf_org_ident); + string mailfile = slurp("test_mails/From_M2_1.eml"); char* decrypted_text = nullptr; @@ -214,28 +228,29 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_check_effici flags = PEP_decrypt_flag_untrusted_server; char* modified_src = NULL; - status = MIME_decrypt_message(session, - mailfile.c_str(), - mailfile.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); - - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); - message* checker = NULL; - status = mime_decode_message(modified_src, strlen(modified_src), &checker, NULL); - ASSERT_NE(checker, nullptr); + message* decoded = NULL; + status = mime_decode_message(mailfile.c_str(), mailfile.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + message* dec_msg = NULL; + decoded->recv_by = identity_dup(carol); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); + + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); + + message* checker = decoded; ASSERT_STREQ(checker->shortmsg, "Boom shaka laka"); - cout << modified_src << endl; + message* src_msg = NULL; status = mime_decode_message(mailfile.c_str(), mailfile.size(), &src_msg, NULL); ASSERT_NE(src_msg, nullptr); ASSERT_STREQ(src_msg->attachments->next->value, checker->attachments->next->value); - - message* dec_msg = NULL; + + free_message(dec_msg); + dec_msg = NULL; flags = PEP_decrypt_flag_untrusted_server; free_stringlist(keys); keys = NULL; // remember, this is no extra_keys in this test @@ -270,6 +285,13 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys) ASSERT_EQ(status, PEP_STATUS_OK); ASSERT_NE(carol, nullptr); + status = set_identity_flags(session, carol, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, carol); + ASSERT_OK; + ASSERT_EQ(carol->flags, carol->flags & PEP_idf_org_ident); + string mailfile = slurp("test_mails/From_M2_1.eml"); char* decrypted_text = nullptr; @@ -281,22 +303,23 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys) flags = PEP_decrypt_flag_untrusted_server; char* modified_src = NULL; - status = MIME_decrypt_message(session, - mailfile.c_str(), - mailfile.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); - - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); - message* checker = NULL; - status = mime_decode_message(modified_src, strlen(modified_src), &checker, NULL); - ASSERT_NE(checker, nullptr); + message* decoded = NULL; + status = mime_decode_message(mailfile.c_str(), mailfile.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + message* dec_msg = NULL; + decoded->recv_by = identity_dup(carol); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); + + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); + + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); + + message* checker = decoded; ASSERT_STREQ(checker->shortmsg, "Boom shaka laka"); - cout << modified_src << endl; + message* src_msg = NULL; status = mime_decode_message(mailfile.c_str(), mailfile.size(), &src_msg, NULL); ASSERT_NE(src_msg, nullptr); @@ -353,6 +376,14 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys_e ASSERT_EQ(status, PEP_STATUS_OK); ASSERT_NE(carol, nullptr); + status = set_identity_flags(session, carol, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, carol); + ASSERT_OK; + ASSERT_EQ(carol->flags, carol->flags & PEP_idf_org_ident); + + string mailfile = slurp("test_mails/From_M2_1.eml"); char* decrypted_text = nullptr; @@ -364,22 +395,23 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys_e flags = PEP_decrypt_flag_untrusted_server; char* modified_src = NULL; - status = MIME_decrypt_message(session, - mailfile.c_str(), - mailfile.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); - - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); - message* checker = NULL; - status = mime_decode_message(modified_src, strlen(modified_src), &checker, NULL); - ASSERT_NE(checker, nullptr); + message* decoded = NULL; + status = mime_decode_message(mailfile.c_str(), mailfile.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + message* dec_msg = NULL; + decoded->recv_by = identity_dup(carol); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); + + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); + + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); + + message* checker = decoded; ASSERT_STREQ(checker->shortmsg, "Boom shaka laka"); - cout << modified_src << endl; + message* src_msg = NULL; status = mime_decode_message(mailfile.c_str(), mailfile.size(), &src_msg, NULL); ASSERT_NE(src_msg, nullptr); @@ -424,6 +456,14 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys_e ASSERT_EQ(status, PEP_STATUS_OK); ASSERT_NE(carol, nullptr); + + status = set_identity_flags(session, carol, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, carol); + ASSERT_OK; + ASSERT_EQ(carol->flags, carol->flags & PEP_idf_org_ident); + string mailfile = slurp("test_mails/From_M2_1.eml"); char* decrypted_text = nullptr; @@ -435,22 +475,22 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys_e flags = PEP_decrypt_flag_untrusted_server; char* modified_src = NULL; - status = MIME_decrypt_message(session, - mailfile.c_str(), - mailfile.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); - - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); - message* checker = NULL; - status = mime_decode_message(modified_src, strlen(modified_src), &checker, NULL); - ASSERT_NE(checker, nullptr); + message* decoded = NULL; + status = mime_decode_message(mailfile.c_str(), mailfile.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + message* dec_msg = NULL; + decoded->recv_by = identity_dup(carol); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); + + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); + + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); + + message* checker = decoded; ASSERT_STREQ(checker->shortmsg, "Boom shaka laka"); - cout << modified_src << endl; message* src_msg = NULL; status = mime_decode_message(mailfile.c_str(), mailfile.size(), &src_msg, NULL); ASSERT_NE(src_msg, nullptr); @@ -463,6 +503,7 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_unencrypted_subj_extra_keys_e flags = PEP_decrypt_flag_untrusted_server; message* decryptomatic = NULL; + checker->recv_by = identity_dup(carol); status = decrypt_message(session, checker, &decryptomatic, &keys, &rating, &flags); ASSERT_EQ(status , PEP_STATUS_OK); ASSERT_NE(decryptomatic, nullptr); @@ -497,6 +538,13 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { ASSERT_EQ(status , PEP_STATUS_OK); output_stream << "Done: inserting own identities and keys into database." << endl; + status = set_identity_flags(session, me_recip_2, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, me_recip_2); + ASSERT_OK; + ASSERT_EQ(me_recip_2->flags, me_recip_2->flags & PEP_idf_org_ident); + const string to_reencrypt_from_enigmail = slurp("test_mails/reencrypt_sent_by_enigmail.eml"); const string to_reencrypt_from_enigmail_BCC = slurp("test_mails/reencrypt_BCC_sent_by_enigmail.eml"); const string to_reencrypt_from_pEp = slurp("test_mails/reencrypt_encrypted_through_pEp.eml"); @@ -513,26 +561,22 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { flags = PEP_decrypt_flag_untrusted_server; char* modified_src = NULL; - status = MIME_decrypt_message(session, - to_reencrypt_from_enigmail.c_str(), - to_reencrypt_from_enigmail.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); + message* decoded = NULL; + status = mime_decode_message(to_reencrypt_from_enigmail.c_str(), to_reencrypt_from_enigmail.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + message* dec_msg = NULL; + decoded->recv_by = identity_dup(me_recip_2); - output_stream << decrypted_text << endl; + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); - output_stream << "Status is " << tl_status_string(status) << endl; - ASSERT_NE(decrypted_text , nullptr); - ASSERT_EQ(flags & PEP_decrypt_flag_src_modified, 0); + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); - ASSERT_EQ(modified_src , nullptr); - //output_stream << modified_src << endl; + ASSERT_NE(dec_msg, nullptr); + ASSERT_EQ(PEP_decrypt_flag_src_modified & flags, 0); - free(decrypted_text); - decrypted_text = nullptr; + free_message(decoded); + free_message(dec_msg); output_stream << "Case 1a: PASS" << endl << endl; @@ -545,40 +589,31 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { flags = PEP_decrypt_flag_untrusted_server; - status = MIME_decrypt_message(session, - to_reencrypt_from_enigmail.c_str(), - to_reencrypt_from_enigmail.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); + decoded = NULL; + status = mime_decode_message(to_reencrypt_from_enigmail.c_str(), to_reencrypt_from_enigmail.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + dec_msg = NULL; + decoded->recv_by = identity_dup(me_recip_2); - output_stream << decrypted_text << endl; - output_stream << "Status is " << tl_status_string(status) << endl; + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); - free(decrypted_text); - decrypted_text = nullptr; + free_message(dec_msg); + dec_msg = NULL; output_stream << "CHECK: Decrypting to see what keys it was encrypted for." << endl; - free(decrypted_text); - decrypted_text = nullptr; flags = 0; - char* throwaway = NULL; + message* throwaway = NULL; - status = MIME_decrypt_message(session, - modified_src, - strlen(modified_src), - &decrypted_text, - &keys, - &rating, - &flags, - &throwaway); + decoded->recv_by = identity_dup(me_recip_2); + stringlist_t* tmp_keys = NULL; + status = decrypt_message(session, decoded, &dec_msg, &tmp_keys, &rating, &flags); output_stream << "keys used:\n"; @@ -588,10 +623,10 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { int i = 0; - if (keys && keys->next) - dedup_stringlist(keys->next); + if (tmp_keys && tmp_keys->next) + dedup_stringlist(tmp_keys->next); - for (stringlist_t* kl = keys; kl && kl->value; kl = kl->next, i++) + for (stringlist_t* kl = tmp_keys; kl && kl->value; kl = kl->next, i++) { if (i == 0) { output_stream << "Signed by " << (strcasecmp("", kl->value) == 0 ? "NOBODY" : kl->value) << endl; @@ -620,6 +655,8 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { } ASSERT_TRUE(own_key_found && extra_key_0_found && extra_key_1_found); output_stream << "Message was encrypted for all the keys it should be, and none it should not!" << endl; + free_stringlist(tmp_keys); + tmp_keys = NULL; output_stream << "Case 1b: PASS" << endl << endl; @@ -633,25 +670,22 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { flags = PEP_decrypt_flag_untrusted_server; - status = MIME_decrypt_message(session, - to_reencrypt_from_enigmail_BCC.c_str(), - to_reencrypt_from_enigmail_BCC.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); + decoded = NULL; + status = mime_decode_message(to_reencrypt_from_enigmail_BCC.c_str(), to_reencrypt_from_enigmail_BCC.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + dec_msg = NULL; + decoded->recv_by = identity_dup(me_recip_2); - output_stream << (decrypted_text ? decrypted_text : "No decrypted text") << endl; - output_stream << "Status is " << tl_status_string(status) << endl; + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); - ASSERT_NE(decrypted_text , nullptr); - ASSERT_EQ(flags & PEP_decrypt_flag_src_modified, 0); - ASSERT_EQ(modified_src , nullptr); + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); - free(decrypted_text); - decrypted_text = nullptr; + ASSERT_NE(dec_msg, nullptr); + ASSERT_EQ(PEP_decrypt_flag_src_modified & flags, 0); + free_message(dec_msg); + dec_msg = NULL; output_stream << "Case 2a: PASS" << endl << endl; @@ -663,39 +697,31 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { flags = PEP_decrypt_flag_untrusted_server; - status = MIME_decrypt_message(session, - to_reencrypt_from_enigmail_BCC.c_str(), - to_reencrypt_from_enigmail_BCC.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); + decoded = NULL; + status = mime_decode_message(to_reencrypt_from_enigmail_BCC.c_str(), to_reencrypt_from_enigmail_BCC.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + dec_msg = NULL; + decoded->recv_by = identity_dup(me_recip_2); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); - output_stream << decrypted_text << endl; - output_stream << "Status is " << tl_status_string(status) << endl; + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); - ASSERT_NE(decrypted_text , nullptr); - ASSERT_NE(modified_src , nullptr); + ASSERT_NE(dec_msg, nullptr); + ASSERT_NE(PEP_decrypt_flag_src_modified & flags, 0); - free(decrypted_text); - decrypted_text = nullptr; + free_message(dec_msg); + dec_msg = NULL; output_stream << "CHECK: Decrypting to see what keys it was encrypted for." << endl; - free(decrypted_text); - decrypted_text = nullptr; flags = 0; throwaway = NULL; - status = MIME_decrypt_message(session, - modified_src, - strlen(modified_src), - &decrypted_text, - &keys, - &rating, - &flags, - &throwaway); + decoded->recv_by = identity_dup(me_recip_2); + tmp_keys = NULL; + status = decrypt_message(session, decoded, &dec_msg, &tmp_keys, &rating, &flags); output_stream << "keys used:\n"; @@ -705,10 +731,10 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { i = 0; - if (keys->next) - dedup_stringlist(keys->next); + if (tmp_keys && tmp_keys->next) + dedup_stringlist(tmp_keys->next); - for (stringlist_t* kl = keys; kl && kl->value; kl = kl->next, i++) + for (stringlist_t* kl = tmp_keys; kl && kl->value; kl = kl->next, i++) { if (i == 0) { output_stream << "Signed by " << (strcasecmp("", kl->value) == 0 ? "NOBODY" : kl->value) << endl; @@ -742,8 +768,6 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { output_stream << "Case 2b: PASS" << endl << endl; output_stream << "Case 3a: Calling MIME_decrypt_message with reencrypt flag set on message generated by pEp (message 2.0) with no extra keys." << endl; - free(modified_src); - modified_src = NULL; free_stringlist(keys); keys = NULL; @@ -751,26 +775,31 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { status = set_own_key(session, me_recip_1, fpr_own_recip_key); ASSERT_EQ(status , PEP_STATUS_OK); + status = set_identity_flags(session, me_recip_1, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, me_recip_1); + ASSERT_OK; + ASSERT_EQ(me_recip_1->flags, me_recip_1->flags & PEP_idf_org_ident); + flags = PEP_decrypt_flag_untrusted_server; - status = MIME_decrypt_message(session, - to_reencrypt_from_pEp.c_str(), - to_reencrypt_from_pEp.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); + decoded = NULL; + status = mime_decode_message(to_reencrypt_from_pEp.c_str(), to_reencrypt_from_pEp.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + dec_msg = NULL; + decoded->recv_by = identity_dup(me_recip_1); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); - output_stream << decrypted_text << endl; - output_stream << "Status is " << tl_status_string(status) << endl; + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); - ASSERT_NE(decrypted_text , nullptr); - ASSERT_EQ(flags & PEP_decrypt_flag_src_modified, 0); - ASSERT_EQ(modified_src , nullptr); + ASSERT_NE(dec_msg, nullptr); + ASSERT_EQ(PEP_decrypt_flag_src_modified & flags, 0); - free(decrypted_text); - decrypted_text = nullptr; + free_message(dec_msg); + dec_msg = NULL; output_stream << "Case 3a: PASS" << endl << endl; @@ -783,38 +812,30 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { flags = PEP_decrypt_flag_untrusted_server; - status = MIME_decrypt_message(session, - to_reencrypt_from_pEp.c_str(), - to_reencrypt_from_pEp.size(), - &decrypted_text, - &keys, - &rating, - &flags, - &modified_src); + decoded = NULL; + status = mime_decode_message(to_reencrypt_from_pEp.c_str(), to_reencrypt_from_pEp.size(), &decoded, NULL); + ASSERT_NE(decoded, nullptr); + ASSERT_OK; + dec_msg = NULL; + decoded->recv_by = identity_dup(me_recip_1); + + status = decrypt_message(session, decoded, &dec_msg, &keys, &rating, &flags); - output_stream << decrypted_text << endl; - output_stream << "Status is " << tl_status_string(status) << endl; + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); - ASSERT_NE(decrypted_text , nullptr); + ASSERT_NE(dec_msg, nullptr); - free(decrypted_text); - decrypted_text = nullptr; + free_message(dec_msg); + dec_msg = NULL; output_stream << "CHECK: Decrypting to see what keys it was encrypted for." << endl; - free(decrypted_text); - decrypted_text = nullptr; flags = 0; throwaway = NULL; - status = MIME_decrypt_message(session, - modified_src, - strlen(modified_src), - &decrypted_text, - &keys, - &rating, - &flags, - &throwaway); + decoded->recv_by = identity_dup(me_recip_1); + tmp_keys = NULL; + status = decrypt_message(session, decoded, &dec_msg, &tmp_keys, &rating, &flags); output_stream << "keys used:\n"; @@ -824,10 +845,10 @@ TEST_F(ReencryptPlusExtraKeysTest, check_reencrypt_plus_extra_keys) { i = 0; - if (keys->next) - dedup_stringlist(keys->next); + if (tmp_keys && tmp_keys->next) + dedup_stringlist(tmp_keys->next); - for (stringlist_t* kl = keys; kl && kl->value; kl = kl->next, i++) + for (stringlist_t* kl = tmp_keys; kl && kl->value; kl = kl->next, i++) { if (i == 0) { output_stream << "Signed by " << (strcasecmp("", kl->value) == 0 ? "NOBODY" : kl->value) << endl; @@ -879,6 +900,13 @@ TEST_F(ReencryptPlusExtraKeysTest, check_efficient_reencrypt_from_enigmail) { ASSERT_EQ(status , PEP_STATUS_OK); output_stream << "Done: inserting own identities and keys into database." << endl; + status = set_identity_flags(session, me_recip_2, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, me_recip_2); + ASSERT_OK; + ASSERT_EQ(me_recip_2->flags, me_recip_2->flags & PEP_idf_org_ident); + // BEGIN ACTUAL TEST // Ready to receive message for the first time @@ -901,7 +929,7 @@ TEST_F(ReencryptPlusExtraKeysTest, check_efficient_reencrypt_from_enigmail) { ASSERT_EQ(status , PEP_STATUS_OK); ASSERT_NE(enc_msg , nullptr); - + enc_msg->recv_by = identity_dup(me_recip_2); // First reencryption - should give us a reencrypted message status = decrypt_message(session, enc_msg, &dec_msg, &keys, &rating, &flags); ASSERT_EQ(status , PEP_STATUS_OK); @@ -951,6 +979,13 @@ TEST_F(ReencryptPlusExtraKeysTest, check_efficient_reencrypt_from_enigmail_w_own ASSERT_EQ(status , PEP_STATUS_OK); output_stream << "Done: inserting own identities and keys into database." << endl; + status = set_identity_flags(session, me_recip_2, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, me_recip_2); + ASSERT_OK; + ASSERT_EQ(me_recip_2->flags, me_recip_2->flags & PEP_idf_org_ident); + // BEGIN ACTUAL TEST // Ready to receive message for the first time @@ -971,7 +1006,7 @@ TEST_F(ReencryptPlusExtraKeysTest, check_efficient_reencrypt_from_enigmail_w_own // Put the original message into a message struct status = mime_decode_message(to_reencrypt_from_enigmail_BCC.c_str(), to_reencrypt_from_enigmail_BCC.size(), &enc_msg, NULL); - + enc_msg->recv_by = identity_dup(me_recip_2); ASSERT_EQ(status , PEP_STATUS_OK); ASSERT_NE(enc_msg , nullptr); @@ -1024,6 +1059,14 @@ TEST_F(ReencryptPlusExtraKeysTest, check_efficient_reencrypt_from_pEp_2_0) { ASSERT_EQ(status , PEP_STATUS_OK); output_stream << "Done: inserting own identities and keys into database." << endl; + status = set_identity_flags(session, me_recip_2, PEP_idf_org_ident); + ASSERT_EQ(status , PEP_STATUS_OK); + + status = myself(session, me_recip_2); + ASSERT_OK; + ASSERT_EQ(me_recip_2->flags, me_recip_2->flags & PEP_idf_org_ident); + + // BEGIN ACTUAL TEST // Ready to receive message for the first time @@ -1043,12 +1086,14 @@ TEST_F(ReencryptPlusExtraKeysTest, check_efficient_reencrypt_from_pEp_2_0) { // Put the original message into a message struct status = mime_decode_message(to_reencrypt_from_pEp.c_str(), to_reencrypt_from_pEp.size(), &enc_msg, NULL); + enc_msg->recv_by = identity_dup(me_recip_2); - ASSERT_EQ(status , PEP_STATUS_OK); + ASSERT_OK; ASSERT_NE(enc_msg , nullptr); // First reencryption - should give us a reencrypted message status = decrypt_message(session, enc_msg, &dec_msg, &keys, &rating, &flags); + ASSERT_NE(status, PEP_CANNOT_REENCRYPT); ASSERT_EQ(status , PEP_STATUS_OK); ASSERT_NE(dec_msg , nullptr); ASSERT_NE(flags & PEP_decrypt_flag_src_modified, 0);