diff --git a/Makefile b/Makefile
index ec144817..71d4db54 100644
--- a/Makefile
+++ b/Makefile
@@ -54,6 +54,7 @@ clean:
$(MAKE) -C db clean
$(MAKE) -C asn.1 clean
$(MAKE) -C sync clean
+ $(MAKE) -C build-android clean
tags:
$(MAKE) -C asn.1 tags
diff --git a/build-android/Makefile b/build-android/Makefile
new file mode 100644
index 00000000..1f5f0865
--- /dev/null
+++ b/build-android/Makefile
@@ -0,0 +1,13 @@
+# Copyright 2020, pEp Foundation
+# This file is part of pEpEngine - Android Build
+# This file may be used under the terms of the GNU General Public License version 3
+# see LICENSE.txt
+
+include ../Makefile.conf
+
+all:
+ echo "Placeholder command, this is meant to be cleaned by JNIAdapter Android build"
+
+.PHONY: clean
+clean:
+ rm -rf include/
diff --git a/build-windows/libpEpasn1/libpEpasn1.vcxproj b/build-windows/libpEpasn1/libpEpasn1.vcxproj
index 7bd8f91d..b63f687d 100644
--- a/build-windows/libpEpasn1/libpEpasn1.vcxproj
+++ b/build-windows/libpEpasn1/libpEpasn1.vcxproj
@@ -60,10 +60,6 @@
Windows
-
- cd "$(ProjectDir)..\.." && "$(ProjectDir)..\generate_code.cmd"
- Generating Code for pEp Sync
-
@@ -81,10 +77,6 @@
true
true
-
- cd "$(ProjectDir)..\.." && "$(ProjectDir)..\generate_code.cmd"
- Generating Code for pEp Sync
-
@@ -227,4 +219,8 @@
+
+
+
+
\ No newline at end of file
diff --git a/src/Makefile b/src/Makefile
index 4eb4f3c2..16df3b30 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -28,7 +28,7 @@ endif
ifeq ($(BUILD_ON),Darwin)
ifeq ($(BUILD_FOR),Darwin)
CFLAGS+= -DSQLITE_THREADSAFE=1
- LDLIBS+= -lz -liconv
+ LDLIBS+= -lz -liconv -mmacosx-version-min=10.10
else
$(error I do not know how to make for $(BUILD_FOR) on $(BUILD_ON))
endif
diff --git a/src/aux_mime_msg.c b/src/aux_mime_msg.c
index 7afc048a..ada134c5 100644
--- a/src/aux_mime_msg.c
+++ b/src/aux_mime_msg.c
@@ -38,7 +38,7 @@ static PEP_STATUS update_identity_recip_list(PEP_SESSION session,
}
}
else
- status = _myself(session, curr_identity, false, false, true);
+ status = _myself(session, curr_identity, false, false, false, true);
if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY)
return status;
}
@@ -83,9 +83,9 @@ DYNAMIC_API PEP_STATUS MIME_decrypt_message(
if (!is_me(session, tmp_msg->from))
status = update_identity(session, (tmp_msg->from));
else
- status = _myself(session, tmp_msg->from, false, false, true);
+ status = _myself(session, tmp_msg->from, false, true, false, true);
- if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY)
+ if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY || PASS_ERROR(status))
goto pEp_error;
}
diff --git a/src/etpan_mime.c b/src/etpan_mime.c
index 7f68eb07..cea42004 100644
--- a/src/etpan_mime.c
+++ b/src/etpan_mime.c
@@ -548,6 +548,12 @@ timestamp * etpantime_to_timestamp(const struct mailimf_date_time *et)
result->tm_mon = et->dt_month - 1;
result->tm_year = et->dt_year - 1900;
result->tm_gmtoff = 36L * (long) et->dt_zone;
+
+ // Normalize to UTC and then forget the offset.
+ time_t t = timegm_with_gmtoff(result);
+ gmtime_r(&t, result);
+ result->tm_gmtoff = 0;
+
return result;
}
diff --git a/src/key_reset.c b/src/key_reset.c
index 6776050a..3b174332 100644
--- a/src/key_reset.c
+++ b/src/key_reset.c
@@ -67,9 +67,14 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session,
if (!include_secret) { // This isn't to own recips, so shipping the rev'd key is OK. Own keys are revoked on each device.
status = export_key(session, old_fpr, &key_material_old, &datasize);
+
+ // Shouldn't happen, but we can't make presumptions about crypto engine
+ if (PASS_ERROR(status))
+ goto pEp_error;
+
if (datasize > 0 && key_material_old) {
if (status != PEP_STATUS_OK)
- return status;
+ goto pEp_error;
if (!keys)
keys = new_bloblist(key_material_old, datasize,
@@ -82,10 +87,13 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session,
datasize = 0;
}
status = export_key(session, new_fpr, &key_material_new, &datasize);
+ // Shouldn't happen, but we can't make presumptions about crypto engine
+ if (PASS_ERROR(status))
+ goto pEp_error;
if (datasize > 0 && key_material_new) {
if (status != PEP_STATUS_OK)
- return status;
+ goto pEp_error;
if (!keys)
keys = new_bloblist(key_material_new, datasize,
@@ -97,8 +105,8 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session,
datasize = 0;
if (include_secret) {
status = export_secret_key(session, new_fpr, &key_material_priv, &datasize);
- if (status != PEP_STATUS_OK)
- return status;
+ if (status != PEP_STATUS_OK) // includes PASS_ERROR
+ goto pEp_error;
if (datasize > 0 && key_material_priv) {
bloblist_add(keys, key_material_priv, datasize, "application/pgp-keys",
"file://pEpkey_priv.asc");
@@ -112,6 +120,13 @@ static PEP_STATUS _generate_reset_structs(PEP_SESSION session,
*key_attachments = keys;
}
return status;
+
+pEp_error:
+ free(key_material_old);
+ free(key_material_new);
+ free(key_material_priv);
+ free_bloblist(keys);
+ return status;
}
// For multiple idents under a single key
@@ -139,9 +154,11 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session,
&kr_commands,
true);
if (status != PEP_STATUS_OK)
- return status; // FIXME
- if (!key_attachments || !kr_commands)
- return PEP_UNKNOWN_ERROR;
+ goto pEp_error;
+ if (!key_attachments || !kr_commands) {
+ status = PEP_UNKNOWN_ERROR;
+ goto pEp_error;
+ }
}
}
@@ -154,7 +171,7 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session,
size_t size = 0;
status = key_reset_commands_to_PER(kr_commands, &payload, &size);
if (status != PEP_STATUS_OK)
- return status;
+ goto pEp_error;
// From and to our first ident - this only goes to us.
pEp_identity* from = identity_dup(from_idents->ident);
@@ -163,17 +180,22 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session,
BASE_KEYRESET, payload, size, NULL,
&msg);
- if (status != PEP_STATUS_OK) {
- free(msg);
- return status;
+ if (status != PEP_STATUS_OK)
+ goto pEp_error;
+
+ if (!msg) {
+ status = PEP_OUT_OF_MEMORY;
+ goto pEp_error;
+ }
+ if (!msg->attachments) {
+ status = PEP_UNKNOWN_ERROR;
+ goto pEp_error;
}
- if (!msg)
- return PEP_OUT_OF_MEMORY;
- if (!msg->attachments)
- return PEP_UNKNOWN_ERROR;
- if (!bloblist_join(msg->attachments, key_attachments))
- return PEP_UNKNOWN_ERROR;
+ if (!bloblist_join(msg->attachments, key_attachments)) {
+ status = PEP_UNKNOWN_ERROR;
+ goto pEp_error;
+ }
if (msg)
*dst = msg;
@@ -181,7 +203,16 @@ static PEP_STATUS _generate_own_commandlist_msg(PEP_SESSION session,
free_keyreset_command_list(kr_commands);
return status;
+
+pEp_error:
+ if (!msg)
+ free_bloblist(key_attachments);
+ else
+ free(msg);
+ free_keyreset_command_list(kr_commands);
+
+ return status;
}
static PEP_STATUS _generate_keyreset_command_message(PEP_SESSION session,
@@ -195,8 +226,7 @@ static PEP_STATUS _generate_keyreset_command_message(PEP_SESSION session,
if (!session || !from_ident || !old_fpr || !new_fpr || !dst)
return PEP_ILLEGAL_VALUE;
- // safe cast
- if (!is_me(session, (pEp_identity*)from_ident))
+ if (!is_me(session, from_ident))
return PEP_ILLEGAL_VALUE;
PEP_STATUS status = PEP_STATUS_OK;
@@ -225,29 +255,41 @@ static PEP_STATUS _generate_keyreset_command_message(PEP_SESSION session,
&key_attachments,
&kr_list,
is_private);
+
+ // N.B. command list and key attachments are freed by
+ // _generate_reset_structs when status is not OK
if (status != PEP_STATUS_OK)
- return status; // FIXME
+ return status;
+
if (!key_attachments || !kr_list)
return PEP_UNKNOWN_ERROR;
char* payload = NULL;
size_t size = 0;
status = key_reset_commands_to_PER(kr_list, &payload, &size);
+ if (status != PEP_STATUS_OK)
+ return status;
+
status = base_prepare_message(session, outgoing_ident, to_ident,
BASE_KEYRESET, payload, size, NULL,
&msg);
- if (status) {
+
+ if (status != PEP_STATUS_OK) {
free(msg);
return status;
}
if (!msg)
return PEP_OUT_OF_MEMORY;
- if (!msg->attachments)
+
+ if (!msg->attachments) {
+ free(msg);
return PEP_UNKNOWN_ERROR;
+ }
if (msg)
*dst = msg;
return status;
+
}
PEP_STATUS has_key_reset_been_sent(
@@ -398,6 +440,8 @@ PEP_STATUS receive_key_reset(PEP_SESSION session,
if (!sender_id->user_id)
return PEP_UNKNOWN_ERROR;
}
+ if (status != PEP_STATUS_OK) // Do we need to be more specific??
+ return status;
bool sender_own_key = false;
bool from_me = is_me(session, sender_id);
@@ -503,7 +547,9 @@ PEP_STATUS receive_key_reset(PEP_SESSION session,
free(curr_ident->user_id);
curr_ident->user_id = NULL;
status = update_identity(session, curr_ident);
-
+ if (status != PEP_STATUS_OK)
+ return status;
+
// Ok, now check the old fpr to see if we have an entry for it
// temp fpr set for function call
curr_ident->fpr = old_fpr;
@@ -577,6 +623,9 @@ PEP_STATUS receive_key_reset(PEP_SESSION session,
status = replace_main_user_fpr_if_equal(session, curr_ident->user_id,
new_fpr, old_fpr);
+ if (status != PEP_STATUS_OK)
+ return status;
+
// This only sets as the default, does NOT TRUST IN ANY WAY
PEP_comm_type new_key_rating = PEP_ct_unknown;
@@ -722,8 +771,10 @@ PEP_STATUS create_standalone_key_reset_message(PEP_SESSION session,
if (!reset_msg)
return PEP_ILLEGAL_VALUE;
- if (!reset_msg->attachments)
- return PEP_UNKNOWN_ERROR;
+ if (!reset_msg->attachments) {
+ status = PEP_UNKNOWN_ERROR;
+ goto pEp_free;
+ }
message* output_msg = NULL;
@@ -733,6 +784,8 @@ PEP_STATUS create_standalone_key_reset_message(PEP_SESSION session,
if (status == PEP_STATUS_OK)
*dst = output_msg;
+ else if (output_msg) // shouldn't happen, but...
+ free_message(output_msg);
pEp_free:
@@ -919,6 +972,67 @@ static PEP_STATUS _dup_grouped_only(identity_list* idents, identity_list** filte
return PEP_STATUS_OK;
}
+static PEP_STATUS _check_own_reset_passphrase_readiness(PEP_SESSION session,
+ const char* key) {
+
+ // Check generation setup
+ // Because of the above, we can support a signing passphrase
+ // that differs from the generation passphrase. We'll
+ // just check to make sure everything is in order for
+ // later use, however
+ if (session->new_key_pass_enable) {
+ if (EMPTYSTR(session->generation_passphrase))
+ return PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED;
+ }
+
+ stringlist_t* test_key = NULL;
+
+ // Be sure we HAVE this key
+ PEP_STATUS status = find_keys(session, key, &test_key);
+ bool exists_key = test_key != NULL;
+ free_stringlist(test_key);
+
+ if (!exists_key || status == PEP_KEY_NOT_FOUND) {
+ remove_fpr_as_default(session, key);
+ return PEP_KEY_NOT_FOUND;
+ }
+ if (status != PEP_STATUS_OK)
+ return status;
+
+ ensure_passphrase_t ensure_key_cb = session->ensure_passphrase;
+
+ // Check to see that this key has its passphrase set as the configured
+ // passphrase, IF it has one. If not, bail early.
+ status = probe_encrypt(session, key);
+ if (PASS_ERROR(status)) {
+ if (ensure_key_cb)
+ status = ensure_key_cb(session, key);
+ }
+ if (status != PEP_STATUS_OK)
+ return status;
+
+ if (EMPTYSTR(session->curr_passphrase) && !EMPTYSTR(session->generation_passphrase)) {
+ // We'll need it as the current passphrase to sign
+ // messages with the generated keys
+ config_passphrase(session, session->generation_passphrase);
+ }
+
+ return PEP_STATUS_OK;
+}
+
+// This is for ONE specific key, but possibly many identities
+// We could have ONE return for PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED
+// and another for PEP_PASSPHRASE_REQUIRED/PEP_WRONG_PASSPHRASE
+// State would advance though, it just might need to be called
+// twice with correct passwords, and more without.
+// (In other words, with multiple passwords, this is not the end of all things)
+//
+// N.B. This function presumes that ALL idents in this group have the
+// key in question as their main key. That's what this function
+// was created for.
+// FIXME:
+// I am not sure this is safe with already-revoked keys.
+//
static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
identity_list* key_idents,
const char* old_key,
@@ -929,19 +1043,33 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
if (!session || !key_idents || EMPTYSTR(old_key))
return PEP_ILLEGAL_VALUE;
-
+
messageToSend_t send_cb = session->messageToSend;
+
if (!send_cb)
return PEP_SYNC_NO_MESSAGE_SEND_CALLBACK;
-
+
PEP_STATUS status = PEP_STATUS_OK;
-
+
+ message* enc_msg = NULL;
+ message* outmsg = NULL;
+ stringlist_t* test_key = NULL;
+
+
+ // Make sure the signing password is set correctly and that
+ // we are also ready for keygen
+ status = _check_own_reset_passphrase_readiness(session, old_key);
+ if (status != PEP_STATUS_OK)
+ return status;
+
+ char* cached_passphrase = EMPTYSTR(session->curr_passphrase) ? NULL : strdup(session->curr_passphrase);
+
// if we only want grouped identities, we do this:
if (grouped_only) {
identity_list* new_list = NULL;
status = _dup_grouped_only(key_idents, &new_list);
if (status != PEP_STATUS_OK)
- return status;
+ goto pEp_error;
key_idents = new_list; // local var change, won't impact caller
}
@@ -956,47 +1084,70 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
ident->fpr = NULL;
status = _generate_keypair(session, ident, true);
if (status != PEP_STATUS_OK)
- return status;
+ goto pEp_error;
}
// Ok, everyone's got a new keypair. Hoorah!
// generate, sign, and push messages into queue
- message* outmsg = NULL;
+ //
+
+ // Because we have to export the NEW secret keys,
+ // we have to switch in the passgen key
+ // as the configured key. We'll switch it back
+ // afterward (no revocation, decrypt, or signing
+ // with the old key happens in here)
+ config_passphrase(session, session->generation_passphrase);
+
status = _generate_own_commandlist_msg(session,
key_idents,
old_key,
&outmsg);
-
+
+ config_passphrase(session, cached_passphrase);
+
+ // Key-based errors here shouldn't happen.
+ if (status != PEP_STATUS_OK)
+ goto pEp_error;
+
// Following will only be true if some idents were grouped,
- // and will only include grouped idents!
+ // and will only include grouped idents!
+ // Will be signed with old signing key.
+ // (Again, see the FIXME - we need to figure oout what
+ // happens if it got revoked externally)
if (outmsg) {
- message* enc_msg = NULL;
// encrypt this baby and get out
// extra keys???
status = encrypt_message(session, outmsg, NULL, &enc_msg, PEP_enc_auto, PEP_encrypt_flag_key_reset_only);
- if (status != PEP_STATUS_OK) {
- goto pEp_free;
- }
+ if (status != PEP_STATUS_OK)
+ goto pEp_error;
+
_add_auto_consume(enc_msg);
// insert into queue
status = send_cb(enc_msg);
- if (status != PEP_STATUS_OK) {
- free(enc_msg);
- goto pEp_free;
- }
+ if (status != PEP_STATUS_OK)
+ goto pEp_error;
}
// Ok, we've signed everything we need to with the old key,
// Revoke that baby.
status = revoke_key(session, old_key, NULL);
+ // again, we should not have key-related issues here,
+ // as we ensured the correct password earlier
if (status != PEP_STATUS_OK)
- goto pEp_free;
+ goto pEp_error;
+ // Ok, NOW - the current password needs to be swapped out
+ // because we're going to sign with keys using it.
+ //
+ // All new keys have the same passphrase, if any
+ //
+ config_passphrase(session, session->generation_passphrase);
+
for (curr_ident = key_idents; curr_ident && curr_ident->ident; curr_ident = curr_ident->next) {
if (curr_ident->ident->flags & PEP_idf_devicegroup) {
pEp_identity* ident = curr_ident->ident;
@@ -1006,10 +1157,10 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
char* new_key = ident->fpr;
ident->fpr = NULL;
status = set_own_key(session, ident, new_key);
- if (status != PEP_STATUS_OK) {
+ if (status != PEP_STATUS_OK)
// scream loudly and cry, then hang head in shame
- return status;
- }
+ goto pEp_error;
+
free(ident->fpr);
// release ownership to the struct again
@@ -1021,7 +1172,7 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
status = set_revoked(session, old_key, new_key, time(NULL));
if (status != PEP_STATUS_OK)
- goto pEp_free;
+ goto pEp_error;
// Whether new_key is NULL or not, if this key is equal to the current user default, we
// replace it.
@@ -1031,12 +1182,12 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
old_key);
if (status != PEP_STATUS_OK)
- goto pEp_free;
+ goto pEp_error;
pEp_identity* tmp_ident = identity_dup(ident);
if (!tmp_ident) {
status = PEP_OUT_OF_MEMORY;
- goto pEp_free;
+ goto pEp_error;
}
free(tmp_ident->fpr);
@@ -1045,24 +1196,36 @@ static PEP_STATUS _key_reset_device_group_for_shared_key(PEP_SESSION session,
tmp_ident->fpr = strdup(old_key); // freed in free_identity
if (status == PEP_STATUS_OK)
status = send_key_reset_to_recents(session, tmp_ident, old_key, ident->fpr);
+
+ if (status != PEP_STATUS_OK)
+ goto pEp_error;
+
free_identity(tmp_ident);
}
}
+ config_passphrase(session, cached_passphrase);
+
if (status == PEP_STATUS_OK)
// cascade that mistrust for anyone using this key
- status = mark_as_compromised(session, old_key);
-
+ status = mark_as_compromised(session, old_key);
if (status == PEP_STATUS_OK)
status = remove_fpr_as_default(session, old_key);
if (status == PEP_STATUS_OK)
status = add_mistrusted_key(session, old_key);
-pEp_free:
+ return status;
+
+pEp_error:
+ // Just in case
+ config_passphrase(session, cached_passphrase);
+ free_stringlist(test_key);
+ free_message(outmsg);
+ free_message(enc_msg);
+ free(cached_passphrase);
return status;
}
-
DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) {
assert(session);
@@ -1080,7 +1243,7 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) {
status = get_all_keys_for_user(session, user_id, &keys);
// TODO: free
- if (status == PEP_STATUS_OK) {
+ if (status == PEP_STATUS_OK) {
stringlist_t* curr_key;
for (curr_key = keys; curr_key && curr_key->value; curr_key = curr_key->next) {
@@ -1097,6 +1260,16 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session) {
else
goto pEp_free;
+ // This is in a switch because our return statuses COULD get more
+ // complicated
+ switch (status) {
+ case PEP_STATUS_OK:
+ case PEP_KEY_NOT_FOUND: // call removed it as a default
+ break;
+ default:
+ goto pEp_free;
+ }
+
free_identity_list(key_idents);
}
}
@@ -1108,8 +1281,6 @@ pEp_free:
return status;
}
-// Notes to integrate into header:
-// IF there is an ident, it must have a user_id.
PEP_STATUS key_reset(
PEP_SESSION session,
const char* key_id,
@@ -1129,6 +1300,8 @@ PEP_STATUS key_reset(
identity_list* key_idents = NULL;
stringlist_t* keys = NULL;
+ char* cached_passphrase = EMPTYSTR(session->curr_passphrase) ? NULL : strdup(session->curr_passphrase);
+
if (!EMPTYSTR(key_id)) {
fpr_copy = strdup(key_id);
if (!fpr_copy)
@@ -1228,7 +1401,7 @@ PEP_STATUS key_reset(
// case of own identities with private keys.
if (is_own_private) {
-
+
// This is now the "is_own" base case - we don't do this
// per-identity, because all identities using this key will
// need new ones. That said, this is really only a problem
@@ -1250,6 +1423,14 @@ PEP_STATUS key_reset(
if (is_grouped)
status = _key_reset_device_group_for_shared_key(session, key_idents, fpr_copy, false);
else if (status == PEP_STATUS_OK) {
+ // KB: FIXME_NOW - revoked?
+ // Make sure we can even progress - if there are passphrase issues,
+ // bounce back to the caller now, because our attempts to make it work failed,
+ // even possibly with callback.
+ status = _check_own_reset_passphrase_readiness(session, fpr_copy);
+ if (status != PEP_STATUS_OK)
+ return status;
+
// now have ident list, or should
identity_list* curr_ident;
@@ -1260,10 +1441,14 @@ PEP_STATUS key_reset(
// Do the full reset on this identity
// Base case for is_own_private starts here
// Note that we reset this key for ANY own ident that has it. And if
- // tmp_ident did NOT have this key, it won't matter. We will reset the
+ // tmp_ident did NOT have this key, it won't matter. We will reset this
// key for all idents for this user.
status = revoke_key(session, fpr_copy, NULL);
+ // Should never happen, we checked this, but STILL.
+ if (PASS_ERROR(status))
+ goto pEp_free;
+
// If we have a full identity, we have some cleanup and generation tasks here
if (!EMPTYSTR(this_ident->address)) {
// generate new key
@@ -1308,10 +1493,14 @@ PEP_STATUS key_reset(
// for all active communication partners:
// active_send revocation
+ config_passphrase(session, session->generation_passphrase);
tmp_ident->fpr = fpr_copy;
if (status == PEP_STATUS_OK)
status = send_key_reset_to_recents(session, this_ident, fpr_copy, new_key);
+ config_passphrase(session, cached_passphrase);
tmp_ident->fpr = NULL;
+ if (PASS_ERROR(status))
+ goto pEp_free; // should NOT happen
}
// Whether new_key is NULL or not, if this key is equal to the current user default, we
@@ -1323,8 +1512,10 @@ PEP_STATUS key_reset(
// we got an error and want to bail anyway.
goto pEp_free;
}
- else
- return PEP_CANNOT_FIND_IDENTITY;
+ else {
+ status = PEP_CANNOT_FIND_IDENTITY;
+ goto pEp_free;
+ }
} // end is_own_private
else {
// if it's mistrusted, make it not be so.
@@ -1366,7 +1557,9 @@ pEp_free:
free(own_id);
free_identity_list(key_idents);
free_stringlist(keys);
- free(new_key);
+ free(new_key);
+ config_passphrase(session, cached_passphrase);
+ free(cached_passphrase);
return status;
}
diff --git a/src/key_reset.h b/src/key_reset.h
index 2a7cd87e..8473f8be 100644
--- a/src/key_reset.h
+++ b/src/key_reset.h
@@ -90,6 +90,8 @@ DYNAMIC_API PEP_STATUS key_reset_user(
DYNAMIC_API PEP_STATUS key_reset_all_own_keys(PEP_SESSION session);
// FIXME: Doc
+// This is simply NOT SAFE for multiple passwords on the extant
+// keys. Cannot be called with multiple passwords for that purpose.
DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session);
// key_reset() - reset the database status for a key, removing all trust information
@@ -116,6 +118,7 @@ DYNAMIC_API PEP_STATUS key_reset_own_grouped_keys(PEP_SESSION session);
// if NULL and fpr is non-NULL, we'll reset the key for all
// associated identities. If both ident and fpr are NULL, see
// the fpr arg documentation.
+// ***IF there is an ident, it must have a user_id.***
//
// Note: ident->fpr is always ignored
//
diff --git a/src/keymanagement.c b/src/keymanagement.c
index 928f7459..03615755 100644
--- a/src/keymanagement.c
+++ b/src/keymanagement.c
@@ -11,6 +11,7 @@
#include "pEp_internal.h"
#include "keymanagement.h"
+#include "KeySync_fsm.h"
#include "blacklist.h"
@@ -39,6 +40,7 @@ static bool key_matches_address(PEP_SESSION session, const char* address,
return retval;
}
+// Does not return PASSPHRASE errors
PEP_STATUS elect_pubkey(
PEP_SESSION session, pEp_identity * identity, bool check_blacklist
)
@@ -106,10 +108,13 @@ PEP_STATUS elect_pubkey(
// own_must_contain_private is usually true when calling;
// we only set it to false when we have the idea of
// possibly having an own pubkey that we need to check on its own
+// N.B. Checked for PASSPHRASE errors - will now return them always
+// False value of "renew_private" prevents their possibility, though.
PEP_STATUS validate_fpr(PEP_SESSION session,
pEp_identity* ident,
bool check_blacklist,
- bool own_must_contain_private) {
+ bool own_must_contain_private,
+ bool renew_private) {
PEP_STATUS status = PEP_STATUS_OK;
@@ -121,6 +126,7 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
bool has_private = false;
status = contains_priv_key(session, fpr, &has_private);
+ // N.B. Will not contain PEP_PASSPHRASE related returns here
if (ident->me && own_must_contain_private) {
if (status != PEP_STATUS_OK || !has_private)
return PEP_KEY_UNSUITABLE;
@@ -173,6 +179,7 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
bool revoked, expired;
bool blacklisted = false;
+ // Should not need to decrypt key material
status = key_revoked(session, fpr, &revoked);
if (status != PEP_STATUS_OK) {
@@ -182,11 +189,12 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
if (!revoked) {
time_t exp_time = (ident->me ?
time(NULL) + (7*24*3600) : time(NULL));
-
+
+ // Should not need to decrypt key material
status = key_expired(session, fpr,
exp_time,
&expired);
-
+
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK)
return status;
@@ -202,7 +210,9 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
}
}
- if (ident->me && has_private &&
+ // Renew key if it's expired, our own, has a private part,
+ // isn't too weak, and we didn't say "DON'T DO THIS"
+ if (renew_private && ident->me && has_private &&
(ct >= PEP_ct_strong_but_unconfirmed) &&
!revoked && expired) {
// extend key
@@ -210,6 +220,9 @@ PEP_STATUS validate_fpr(PEP_SESSION session,
status = renew_key(session, fpr, ts);
free_timestamp(ts);
+ if (status == PEP_PASSPHRASE_REQUIRED || status == PEP_WRONG_PASSPHRASE)
+ return status;
+
if (status == PEP_STATUS_OK) {
// if key is valid (second check because pEp key might be extended above)
// Return fpr
@@ -338,6 +351,11 @@ PEP_STATUS get_user_default_key(PEP_SESSION session, const char* user_id,
// Also, we presume that if the stored_identity was sent in
// without an fpr, there wasn't one in the trust DB for this
// identity.
+//
+// Will now NOT return passphrase errors, as we tell
+// validate_fpr NOT to renew it. And we specifically suppress them
+// with "PEP_KEY_UNSUITABLE"
+//
PEP_STATUS get_valid_pubkey(PEP_SESSION session,
pEp_identity* stored_identity,
bool* is_identity_default,
@@ -357,19 +375,28 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
PEP_STATUS first_reject_status = PEP_KEY_NOT_FOUND;
char* stored_fpr = stored_identity->fpr;
+
// Input: stored identity retrieved from database
// if stored identity contains a default key
if (!EMPTYSTR(stored_fpr)) {
- status = validate_fpr(session, stored_identity, check_blacklist, true);
- if (status == PEP_STATUS_OK && !EMPTYSTR(stored_identity->fpr)) {
- *is_identity_default = *is_address_default = true;
- return status;
- }
- else if (status != PEP_KEY_NOT_FOUND) {
- first_reject_status = status;
- first_reject_comm_type = stored_identity->comm_type;
- }
- }
+
+ // Won't ask for passphrase, won't return PASSPHRASE status
+ // Because of non-renewal
+ status = validate_fpr(session, stored_identity, check_blacklist, true, false);
+ switch (status) {
+ case PEP_STATUS_OK:
+ if (!EMPTYSTR(stored_identity->fpr)) {
+ *is_identity_default = *is_address_default = true;
+ return status;
+ }
+ break;
+ case PEP_KEY_NOT_FOUND:
+ break;
+ default:
+ first_reject_status = status;
+ first_reject_comm_type = stored_identity->comm_type;
+ }
+ }
// if no valid default stored identity key found
free(stored_identity->fpr);
stored_identity->fpr = NULL;
@@ -380,24 +407,38 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
if (!EMPTYSTR(user_fpr)) {
// There exists a default key for user, so validate
stored_identity->fpr = user_fpr;
- status = validate_fpr(session, stored_identity, check_blacklist, true);
- if (status == PEP_STATUS_OK && stored_identity->fpr) {
- *is_user_default = true;
- *is_address_default = key_matches_address(session,
- stored_identity->address,
- stored_identity->fpr);
- return status;
- }
- else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
- first_reject_status = status;
- first_reject_comm_type = stored_identity->comm_type;
- }
+
+ // Won't ask for passphrase, won't return PASSPHRASE status
+ // Because of non-renewal
+ status = validate_fpr(session, stored_identity, check_blacklist, true, false);
+
+ switch (status) {
+ case PEP_STATUS_OK:
+ if (!EMPTYSTR(stored_identity->fpr)) {
+ *is_user_default = true;
+ *is_address_default = key_matches_address(session,
+ stored_identity->address,
+ stored_identity->fpr);
+ return status;
+ }
+ break;
+ case PEP_KEY_NOT_FOUND:
+ break;
+ default:
+ if (first_reject_status != PEP_KEY_NOT_FOUND) {
+ first_reject_status = status;
+ first_reject_comm_type = stored_identity->comm_type;
+ }
+ }
}
status = elect_pubkey(session, stored_identity, check_blacklist);
if (status == PEP_STATUS_OK) {
- if (!EMPTYSTR(stored_identity->fpr))
- validate_fpr(session, stored_identity, false, true); // blacklist already filtered of needed
+ if (!EMPTYSTR(stored_identity->fpr)) {
+ // Won't ask for passphrase, won't return PASSPHRASE status
+ // Because of non-renewal
+ status = validate_fpr(session, stored_identity, false, true, false); // blacklist already filtered of needed
+ }
}
else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
first_reject_status = status;
@@ -425,6 +466,11 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
}
break;
}
+
+ // should never happen, but we will MAKE sure
+ if (PASS_ERROR(status))
+ status = PEP_KEY_UNSUITABLE; // renew it on your own time, baby
+
return status;
}
@@ -463,6 +509,11 @@ static void adjust_pEp_trust_status(PEP_SESSION session, pEp_identity* identity)
}
+// NEVER called on an own identity.
+// But we also make sure get_valid_pubkey
+// and friends NEVER return with a password error.
+// (get_valid_pubkey tells validate_fpr not to try renewal)
+// Will not return PASSPHRASE errors.
static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
pEp_identity* return_id,
pEp_identity* stored_ident,
@@ -480,29 +531,31 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
&is_identity_default,
&is_user_default,
&is_address_default,
- false);
-
- if (status == PEP_STATUS_OK && stored_ident->fpr && *(stored_ident->fpr) != '\0') {
- // set identity comm_type from trust db (user_id, FPR)
- status = get_trust(session, stored_ident);
- if (status == PEP_CANNOT_FIND_IDENTITY || stored_ident->comm_type == PEP_ct_unknown) {
- // This is OK - there is no trust DB entry, but we
- // found a key. We won't store this, but we'll
- // use it.
- PEP_comm_type ct = PEP_ct_unknown;
- status = get_key_rating(session, stored_ident->fpr, &ct);
- stored_ident->comm_type = ct;
- }
- }
- else if (status != PEP_STATUS_OK) {
- free(stored_ident->fpr);
- stored_ident->fpr = NULL;
- stored_ident->comm_type = PEP_ct_key_not_found;
- }
- else { // no key returned, but status ok?
- if (stored_ident->comm_type == PEP_ct_unknown)
- stored_ident->comm_type = PEP_ct_key_not_found;
+ false);
+
+ switch (status) {
+ case PEP_STATUS_OK:
+ if (!EMPTYSTR(stored_ident->fpr)) {
+ // set identity comm_type from trust db (user_id, FPR)
+ status = get_trust(session, stored_ident);
+ if (status == PEP_CANNOT_FIND_IDENTITY || stored_ident->comm_type == PEP_ct_unknown) {
+ // This is OK - there is no trust DB entry, but we
+ // found a key. We won't store this, but we'll
+ // use it.
+ PEP_comm_type ct = PEP_ct_unknown;
+ status = get_key_rating(session, stored_ident->fpr, &ct);
+ stored_ident->comm_type = ct;
+ }
+ }
+ else if (stored_ident->comm_type == PEP_ct_unknown)
+ stored_ident->comm_type = PEP_ct_key_not_found;
+ break;
+ default:
+ free(stored_ident->fpr);
+ stored_ident->fpr = NULL;
+ stored_ident->comm_type = PEP_ct_key_not_found;
}
+
free(return_id->fpr);
return_id->fpr = NULL;
if (status == PEP_STATUS_OK && !EMPTYSTR(stored_ident->fpr))
@@ -582,6 +635,8 @@ static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
return status;
}
+// Should not return PASSPHRASE errors because we force
+// calls that can cause key renewal not to.
DYNAMIC_API PEP_STATUS update_identity(
PEP_SESSION session, pEp_identity * identity
)
@@ -629,7 +684,8 @@ DYNAMIC_API PEP_STATUS update_identity(
if (_own_addr) {
free(identity->user_id);
identity->user_id = strdup(default_own_id);
- return _myself(session, identity, false, false, true);
+ // Do not renew, do not generate
+ return _myself(session, identity, false, false, false, true);
}
}
}
@@ -1052,7 +1108,8 @@ PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
PEP_STATUS _myself(PEP_SESSION session,
pEp_identity * identity,
- bool do_keygen,
+ bool do_keygen,
+ bool do_renew,
bool ignore_flags,
bool read_only)
{
@@ -1139,7 +1196,10 @@ PEP_STATUS _myself(PEP_SESSION session,
// Set usernames - priority is input username > stored name > address
// If there's an input username, we always patch the username with that
// input.
- if (EMPTYSTR(identity->username) || read_only) {
+ // N.B. there was an || read_only here, but why? read_only ONLY means
+ // we don't write to the DB! So... removed. But how this managed to work
+ // before I don't know.
+ if (EMPTYSTR(identity->username)) {
bool stored_uname = (stored_identity && !EMPTYSTR(stored_identity->username));
char* uname = (stored_uname ? stored_identity->username : identity->address);
if (uname) {
@@ -1164,34 +1224,43 @@ PEP_STATUS _myself(PEP_SESSION session,
if (stored_identity) {
if (!EMPTYSTR(stored_identity->fpr)) {
// Fall back / retrieve
- status = validate_fpr(session, stored_identity, false, true);
- if (status == PEP_OUT_OF_MEMORY)
- goto pEp_free;
- if (status == PEP_STATUS_OK) {
- if (stored_identity->comm_type >= PEP_ct_strong_but_unconfirmed) {
- identity->fpr = strdup(stored_identity->fpr);
- assert(identity->fpr);
- if (!identity->fpr) {
- status = PEP_OUT_OF_MEMORY;
- goto pEp_free;
- }
- valid_key_found = true;
- }
- else {
- bool revoked = false;
- status = key_revoked(session, stored_identity->fpr, &revoked);
- if (status)
- goto pEp_free;
- if (revoked) {
- revoked_fpr = strdup(stored_identity->fpr);
- assert(revoked_fpr);
- if (!revoked_fpr) {
+ status = validate_fpr(session, stored_identity, false, true, do_renew);
+
+ switch (status) {
+ // Only possible if we called this with do_renew = true
+ case PEP_OUT_OF_MEMORY:
+ case PEP_PASSPHRASE_REQUIRED:
+ case PEP_WRONG_PASSPHRASE:
+ goto pEp_free;
+
+ case PEP_STATUS_OK:
+ if (stored_identity->comm_type >= PEP_ct_strong_but_unconfirmed) {
+ identity->fpr = strdup(stored_identity->fpr);
+ assert(identity->fpr);
+ if (!identity->fpr) {
status = PEP_OUT_OF_MEMORY;
goto pEp_free;
}
+ valid_key_found = true;
}
- }
- }
+ else {
+ bool revoked = false;
+ status = key_revoked(session, stored_identity->fpr, &revoked);
+ if (status)
+ goto pEp_free;
+ if (revoked) {
+ revoked_fpr = strdup(stored_identity->fpr);
+ assert(revoked_fpr);
+ if (!revoked_fpr) {
+ status = PEP_OUT_OF_MEMORY;
+ goto pEp_free;
+ }
+ }
+ }
+ break;
+ default:
+ break;
+ }
}
// reconcile language, flags
transfer_ident_lang_and_flags(identity, stored_identity);
@@ -1209,6 +1278,9 @@ PEP_STATUS _myself(PEP_SESSION session,
status = generate_keypair(session, identity);
assert(status != PEP_OUT_OF_MEMORY);
+ if (status == PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED)
+ goto pEp_free;
+
if (status != PEP_STATUS_OK) {
char buf[11];
snprintf(buf, 11, "%d", status); // uh, this is kludgey. FIXME
@@ -1260,7 +1332,7 @@ pEp_free:
DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
{
- return _myself(session, identity, true, false, false);
+ return _myself(session, identity, true, true, false, false);
}
DYNAMIC_API PEP_STATUS register_examine_function(
@@ -1286,7 +1358,8 @@ DYNAMIC_API PEP_STATUS do_keymanagement(
{
PEP_SESSION session;
pEp_identity *identity;
- PEP_STATUS status = init(&session, NULL, NULL);
+ // FIXME_NOW: ensure_decrypt callback???
+ PEP_STATUS status = init(&session, NULL, NULL, NULL);
assert(!status);
if (status)
return status;
@@ -1490,6 +1563,12 @@ pEp_free:
return status;
}
+// Technically speaking, this should not EVER
+// return PASSPHRASE errors, because
+// this is never for an own identity (enforced), and thus
+// validate_fpr will not call renew_key.
+// If it ever does, the status gets propagated, but
+// it is distinctly not OK.
DYNAMIC_API PEP_STATUS trust_personal_key(
PEP_SESSION session,
pEp_identity *ident
@@ -1537,7 +1616,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
// Set up a temp trusted identity for the input fpr without a comm type;
tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL);
- status = validate_fpr(session, tmp_id, false, true);
+ status = validate_fpr(session, tmp_id, false, true, false);
if (status == PEP_STATUS_OK) {
// Validate fpr gets trust DB or, when that fails, key comm type. we checked
@@ -1597,7 +1676,7 @@ DYNAMIC_API PEP_STATUS trust_personal_key(
if (!tmp_user_ident)
status = PEP_OUT_OF_MEMORY;
else {
- status = validate_fpr(session, tmp_user_ident, false, true);
+ status = validate_fpr(session, tmp_user_ident, false, true, false);
if (status != PEP_STATUS_OK ||
tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed ||
@@ -1639,7 +1718,7 @@ DYNAMIC_API PEP_STATUS trust_own_key(
return PEP_ILLEGAL_VALUE;
// don't check blacklist or require a private key
- PEP_STATUS status = validate_fpr(session, ident, false, false);
+ PEP_STATUS status = validate_fpr(session, ident, false, false, true);
if (status != PEP_STATUS_OK)
return status;
@@ -1890,6 +1969,7 @@ DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **key
return _own_keys_retrieve(session, keylist, 0, true);
}
+// Returns PASSPHRASE errors when necessary
DYNAMIC_API PEP_STATUS set_own_key(
PEP_SESSION session,
pEp_identity *me,
@@ -1911,7 +1991,8 @@ DYNAMIC_API PEP_STATUS set_own_key(
if (me->fpr == fpr)
me->fpr = NULL;
- status = _myself(session, me, false, true, false);
+ // renew if needed, but do not generate
+ status = _myself(session, me, false, true, true, false);
// we do not need a valid key but dislike other errors
if (status != PEP_STATUS_OK && status != PEP_GET_KEY_FAILED && status != PEP_KEY_UNSUITABLE)
return status;
@@ -1933,12 +2014,15 @@ DYNAMIC_API PEP_STATUS set_own_key(
if (!me->fpr)
return PEP_OUT_OF_MEMORY;
- status = validate_fpr(session, me, false, true);
+ status = validate_fpr(session, me, false, true, true);
if (status)
return status;
me->comm_type = PEP_ct_pEp;
status = set_identity(session, me);
+ if (status == PEP_STATUS_OK)
+ signal_Sync_event(session, Sync_PR_keysync, SynchronizeGroupKeys, NULL);
+
return status;
}
@@ -2047,7 +2131,10 @@ static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
if (!ident->fpr)
return PEP_OUT_OF_MEMORY;
- PEP_STATUS keystatus = validate_fpr(session, ident, true, false);
+ PEP_STATUS keystatus = validate_fpr(session, ident, true, false, true);
+ if (PASS_ERROR(status))
+ return status;
+
switch (keystatus) {
case PEP_STATUS_OK:
// Check for non-renewable expiry and
@@ -2066,7 +2153,8 @@ static PEP_STATUS _wipe_default_key_if_invalid(PEP_SESSION session,
}
free(cached_fpr);
- if (status == PEP_STATUS_OK)
+ // This may have been for a user default, not an identity default.
+ if (status == PEP_STATUS_OK && !(EMPTYSTR(ident->address)))
status = myself(session, ident);
return status;
@@ -2093,7 +2181,9 @@ DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
if (!ident)
continue;
- _wipe_default_key_if_invalid(session, ident);
+ status = _wipe_default_key_if_invalid(session, ident);
+ if (PASS_ERROR(status))
+ return status;
}
free_identity_list(idents);
@@ -2117,8 +2207,11 @@ DYNAMIC_API PEP_STATUS clean_own_key_defaults(PEP_SESSION session) {
return status;
}
else if (user_default_key) {
- pEp_identity* empty_user = new_identity(NULL, user_default_key, NULL, own_id);
- _wipe_default_key_if_invalid(session, empty_user);
+ pEp_identity* empty_user = new_identity(NULL, user_default_key, own_id, NULL);
+ status = _wipe_default_key_if_invalid(session, empty_user);
+ if (PASS_ERROR(status))
+ return status;
+
free(user_default_key);
}
free(own_id);
diff --git a/src/keymanagement.h b/src/keymanagement.h
index 305cfde6..7049897f 100644
--- a/src/keymanagement.h
+++ b/src/keymanagement.h
@@ -117,6 +117,7 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity);
PEP_STATUS _myself(PEP_SESSION session,
pEp_identity * identity,
bool do_keygen,
+ bool do_renew,
bool ignore_flags,
bool read_only);
@@ -432,8 +433,9 @@ PEP_STATUS get_valid_pubkey(PEP_SESSION session,
PEP_STATUS validate_fpr(PEP_SESSION session,
pEp_identity* ident,
bool check_blacklist,
- bool own_must_contain_private);
-
+ bool own_must_contain_private,
+ bool renew_private);
+
#ifdef __cplusplus
}
#endif
diff --git a/src/message_api.c b/src/message_api.c
index 13887025..7f0e0ae4 100644
--- a/src/message_api.c
+++ b/src/message_api.c
@@ -13,6 +13,7 @@
#include "base64.h"
#include "resource_id.h"
#include "internal_format.h"
+#include "keymanagement.h"
#include
#include
@@ -1375,18 +1376,24 @@ static PEP_rating keylist_rating(PEP_SESSION session, stringlist_t *keylist, cha
return rating;
}
+// KB: Fixme - the first statement below is probably unnecessary now.
// Internal function WARNING:
-// Only call this on an ident that might have its FPR set from retrieval!
+// Should be called on ident that might have its FPR set from retrieval!
// (or on one without an fpr)
// We do not want myself() setting the fpr here.
+//
+// Cannot return passphrase statuses. No keygen or renewal allowed here.
static PEP_comm_type _get_comm_type(
PEP_SESSION session,
PEP_comm_type max_comm_type,
pEp_identity *ident
)
{
+ if (!ident)
+ return PEP_ILLEGAL_VALUE;
+
PEP_STATUS status = PEP_STATUS_OK;
-
+
if (max_comm_type == PEP_ct_compromised)
return PEP_ct_compromised;
@@ -1397,7 +1404,7 @@ static PEP_comm_type _get_comm_type(
status = update_identity(session, ident);
}
else {
- status = _myself(session, ident, false, false, true);
+ status = _myself(session, ident, false, false, false, true);
}
if (status == PEP_STATUS_OK) {
@@ -1410,7 +1417,7 @@ static PEP_comm_type _get_comm_type(
}
else {
return PEP_ct_unknown;
- }
+ }
}
static PEP_comm_type _get_comm_type_preview(
@@ -1859,6 +1866,105 @@ static bool failed_test(PEP_STATUS status)
return false;
}
+// CANNOT return PASSPHRASE errors, as no gen or renew allowed below
+static PEP_STATUS _update_state_for_ident_list(
+ PEP_SESSION session,
+ pEp_identity* from_ident,
+ identity_list* ident_list,
+ stringlist_t** keylist,
+ PEP_comm_type* max_comm_type,
+ unsigned int* max_version_major,
+ unsigned int* max_version_minor,
+ bool* has_pEp_user,
+ bool* dest_keys_found,
+ bool suppress_update_for_bcc
+ )
+{
+ if (!ident_list || !max_version_major || !max_version_minor
+ || !has_pEp_user || !dest_keys_found
+ || !keylist)
+ return PEP_ILLEGAL_VALUE;
+
+ PEP_STATUS status = PEP_STATUS_OK;
+
+ identity_list* _il = ident_list;
+
+ for ( ; _il && _il->ident; _il = _il->next) {
+
+ PEP_STATUS status = PEP_STATUS_OK;
+
+ if (!is_me(session, _il->ident)) {
+ status = update_identity(session, _il->ident);
+
+ if (status == PEP_CANNOT_FIND_IDENTITY) {
+ _il->ident->comm_type = PEP_ct_key_not_found;
+ status = PEP_STATUS_OK;
+ }
+ // 0 unless set, so safe.
+
+ if (!suppress_update_for_bcc) {
+ set_min_version( _il->ident->major_ver, _il->ident->minor_ver,
+ *max_version_major, *max_version_minor,
+ max_version_major, max_version_minor);
+ }
+
+ bool is_blacklisted = false;
+ if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
+ status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
+ if (status != PEP_STATUS_OK) {
+ // DB error
+ status = PEP_UNENCRYPTED;
+ goto pEp_done;
+ }
+ if (is_blacklisted) {
+ bool user_default, ident_default, address_default;
+ status = get_valid_pubkey(session, _il->ident,
+ &ident_default, &user_default,
+ &address_default,
+ true);
+
+ if (status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
+ _il->ident->comm_type = PEP_ct_key_not_found;
+ status = PEP_STATUS_OK;
+ }
+ }
+ }
+ if (!(*has_pEp_user) && !EMPTYSTR(_il->ident->user_id))
+ is_pEp_user(session, _il->ident, has_pEp_user);
+
+ if (!suppress_update_for_bcc && from_ident) {
+ status = bind_own_ident_with_contact_ident(session, from_ident, _il->ident);
+ if (status != PEP_STATUS_OK) {
+ status = PEP_UNKNOWN_DB_ERROR;
+ goto pEp_done;
+ }
+ }
+ }
+ else // myself, but don't gen or renew
+ status = _myself(session, _il->ident, false, false, false, true);
+
+ if (status != PEP_STATUS_OK)
+ goto pEp_done;
+
+ if (!EMPTYSTR(_il->ident->fpr)) {
+ *keylist = stringlist_add(*keylist, _il->ident->fpr);
+ if (*keylist == NULL) {
+ status = PEP_OUT_OF_MEMORY;
+ goto pEp_done;
+ }
+ *max_comm_type = _get_comm_type(session, *max_comm_type,
+ _il->ident);
+ }
+ else {
+ *dest_keys_found = false;
+// ? status = PEP_KEY_NOT_FOUND;
+ }
+ }
+
+pEp_done:
+ return status;
+}
+
DYNAMIC_API PEP_STATUS encrypt_message(
PEP_SESSION session,
message *src,
@@ -1937,6 +2043,10 @@ DYNAMIC_API PEP_STATUS encrypt_message(
identity_list * _il = NULL;
+ //
+ // Update the identities and gather key and version information
+ // for sending
+ //
if (enc_format != PEP_enc_none && (_il = src->bcc) && _il->ident)
// BCC limited support:
{
@@ -1948,181 +2058,85 @@ DYNAMIC_API PEP_STATUS encrypt_message(
return PEP_ILLEGAL_VALUE;
}
- PEP_STATUS _status = PEP_STATUS_OK;
- if (!is_me(session, _il->ident)) {
- _status = update_identity(session, _il->ident);
- if (_status == PEP_CANNOT_FIND_IDENTITY) {
- _il->ident->comm_type = PEP_ct_key_not_found;
- _status = PEP_STATUS_OK;
- }
- // 0 unless set, so safe.
-
- set_min_version( _il->ident->major_ver, _il->ident->minor_ver,
- max_version_major, max_version_minor,
- &max_version_major, &max_version_minor);
-
- bool is_blacklisted = false;
- if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
- _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
- if (_status != PEP_STATUS_OK) {
- // DB error
- status = PEP_UNENCRYPTED;
- goto pEp_error;
- }
- if (is_blacklisted) {
- bool user_default, ident_default, address_default;
- _status = get_valid_pubkey(session, _il->ident,
- &ident_default, &user_default,
- &address_default,
- true);
- if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
- _il->ident->comm_type = PEP_ct_key_not_found;
- _status = PEP_STATUS_OK;
- }
- }
- }
- if (!has_pEp_user && !EMPTYSTR(_il->ident->user_id))
- is_pEp_user(session, _il->ident, &has_pEp_user);
- }
- else
- _status = myself(session, _il->ident);
-
- if (_status != PEP_STATUS_OK) {
- status = PEP_UNENCRYPTED;
- goto pEp_error;
- }
-
- if (_il->ident->fpr && _il->ident->fpr[0]) {
- _k = stringlist_add(_k, _il->ident->fpr);
- if (_k == NULL)
- goto enomem;
- max_comm_type = _get_comm_type(session, max_comm_type,
- _il->ident);
- }
- else {
- dest_keys_found = false;
- status = PEP_KEY_NOT_FOUND;
+ // If you think this call is a beast, try the cut-and-pasted code 3 x
+ PEP_STATUS _status = _update_state_for_ident_list(
+ session, src->from, _il,
+ &_k,
+ &max_comm_type,
+ &max_version_major,
+ &max_version_minor,
+ &has_pEp_user,
+ &dest_keys_found,
+ true);
+
+ switch (_status) {
+ case PEP_PASSPHRASE_REQUIRED:
+ case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED:
+ case PEP_WRONG_PASSPHRASE:
+ status = _status;
+ goto pEp_error;
+ case PEP_STATUS_OK:
+ break;
+ default:
+ status = PEP_UNENCRYPTED;
+ goto pEp_error;
}
}
else // Non BCC
{
- for (_il = src->to; _il && _il->ident; _il = _il->next) {
- PEP_STATUS _status = PEP_STATUS_OK;
- if (!is_me(session, _il->ident)) {
- _status = update_identity(session, _il->ident);
- if (_status == PEP_CANNOT_FIND_IDENTITY) {
- _il->ident->comm_type = PEP_ct_key_not_found;
- _status = PEP_STATUS_OK;
- }
- // 0 unless set, so safe.
- set_min_version( _il->ident->major_ver, _il->ident->minor_ver,
- max_version_major, max_version_minor,
- &max_version_major, &max_version_minor);
-
- bool is_blacklisted = false;
- if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
- _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
- if (_status != PEP_STATUS_OK) {
- // DB error
- status = PEP_UNENCRYPTED;
- goto pEp_error;
- }
- if (is_blacklisted) {
- bool user_default, ident_default, address_default;
- _status = get_valid_pubkey(session, _il->ident,
- &ident_default, &user_default,
- &address_default,
- true);
- if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
- _il->ident->comm_type = PEP_ct_key_not_found;
- _status = PEP_STATUS_OK;
- }
- }
- }
- if (!has_pEp_user && !EMPTYSTR(_il->ident->user_id))
- is_pEp_user(session, _il->ident, &has_pEp_user);
-
- _status = bind_own_ident_with_contact_ident(session, src->from, _il->ident);
- if (_status != PEP_STATUS_OK) {
- status = PEP_UNKNOWN_DB_ERROR;
- goto pEp_error;
- }
-
- }
- else
- _status = myself(session, _il->ident);
-
- if (_status != PEP_STATUS_OK) {
- status = PEP_UNENCRYPTED;
- goto pEp_error;
- }
-
- if (_il->ident->fpr && _il->ident->fpr[0]) {
- _k = stringlist_add(_k, _il->ident->fpr);
- if (_k == NULL)
- goto enomem;
- max_comm_type = _get_comm_type(session, max_comm_type,
- _il->ident);
- }
- else {
- dest_keys_found = false;
- status = PEP_KEY_NOT_FOUND;
- }
- }
- for (_il = src->cc; _il && _il->ident; _il = _il->next) {
- PEP_STATUS _status = PEP_STATUS_OK;
- if (!is_me(session, _il->ident)) {
- _status = update_identity(session, _il->ident);
- if (_status == PEP_CANNOT_FIND_IDENTITY) {
- _il->ident->comm_type = PEP_ct_key_not_found;
- _status = PEP_STATUS_OK;
- }
- bool is_blacklisted = false;
- if (_il->ident->fpr && IS_PGP_CT(_il->ident->comm_type)) {
- _status = blacklist_is_listed(session, _il->ident->fpr, &is_blacklisted);
- if (_status != PEP_STATUS_OK) {
- // DB error
- status = PEP_UNENCRYPTED;
- goto pEp_error;
- }
- if (is_blacklisted) {
- bool user_default, ident_default, address_default;
- _status = get_valid_pubkey(session, _il->ident,
- &ident_default, &user_default,
- &address_default,
- true);
- if (_status != PEP_STATUS_OK || _il->ident->fpr == NULL) {
- _il->ident->comm_type = PEP_ct_key_not_found;
- _status = PEP_STATUS_OK;
- }
- }
- }
- if (!has_pEp_user && !EMPTYSTR(_il->ident->user_id))
- is_pEp_user(session, _il->ident, &has_pEp_user);
- }
- else
- _status = myself(session, _il->ident);
- if (_status != PEP_STATUS_OK)
- {
- status = PEP_UNENCRYPTED;
- goto pEp_error;
- }
-
- if (_il->ident->fpr && _il->ident->fpr[0]) {
- _k = stringlist_add(_k, _il->ident->fpr);
- if (_k == NULL)
- goto enomem;
- max_comm_type = _get_comm_type(session, max_comm_type,
- _il->ident);
- }
- else {
- dest_keys_found = false;
- }
+ // If you think this call is a beast, try the cut-and-pasted code 3 x
+ PEP_STATUS _status = PEP_STATUS_OK;
+
+ if (src->to) {
+ _status = _update_state_for_ident_list(
+ session, src->from, src->to,
+ &_k,
+ &max_comm_type,
+ &max_version_major,
+ &max_version_minor,
+ &has_pEp_user,
+ &dest_keys_found,
+ false
+ );
+ switch (_status) {
+ case PEP_PASSPHRASE_REQUIRED:
+ case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED:
+ case PEP_WRONG_PASSPHRASE:
+ goto pEp_error;
+ case PEP_STATUS_OK:
+ break;
+ default:
+ status = PEP_UNENCRYPTED;
+ goto pEp_error;
+ }
}
+ if (src->cc) {
+ _status = _update_state_for_ident_list(
+ session, src->from, src->cc,
+ &_k,
+ &max_comm_type,
+ &max_version_major,
+ &max_version_minor,
+ &has_pEp_user,
+ &dest_keys_found,
+ false
+ );
+ switch (_status) {
+ case PEP_PASSPHRASE_REQUIRED:
+ case PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED:
+ case PEP_WRONG_PASSPHRASE:
+ goto pEp_error;
+ case PEP_STATUS_OK:
+ break;
+ default:
+ status = PEP_UNENCRYPTED;
+ goto pEp_error;
+ }
+ }
}
- if (max_version_major == 1)
+ if (max_version_major < 2)
force_v_1 = true;
if (enc_format == PEP_enc_auto) {
@@ -2377,11 +2391,15 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
status = encrypt_and_sign(session, keys, priv_key_data, priv_key_size,
&encrypted_key_text, &encrypted_key_size);
- if (!encrypted_key_text) {
+ if (status == PEP_PASSPHRASE_REQUIRED || status == PEP_WRONG_PASSPHRASE) {
+ free(encrypted_key_text);
+ goto pEp_free;
+ }
+ else if (!encrypted_key_text) {
status = PEP_UNKNOWN_ERROR;
goto pEp_free;
}
- else if (status) {
+ else if (status != PEP_STATUS_OK) {
free(encrypted_key_text);
goto pEp_free; // FIXME - we need an error return overall
}
@@ -3337,10 +3355,10 @@ static PEP_STATUS update_sender_to_pEp_trust(
free(sender->fpr);
sender->fpr = NULL;
- PEP_STATUS status = PEP_STATUS_OK;
+ PEP_STATUS status = is_me(session, sender) ? myself(session, sender) : update_identity(session, sender);
- // Seems status doesn't matter
- is_me(session, sender) ? myself(session, sender) : update_identity(session, sender);
+ if (PASS_ERROR(status))
+ return status;
if (EMPTYSTR(sender->fpr) || strcmp(sender->fpr, keylist->value) != 0) {
free(sender->fpr);
@@ -3734,6 +3752,7 @@ static void get_protocol_version_from_headers(
pEp_version_major_minor(pEp_protocol_version->value->value, major_ver, minor_ver);
}
+// CAN return PASS errors
static PEP_STATUS set_default_key_fpr_if_valid(
PEP_SESSION session,
pEp_identity* ident,
@@ -3749,7 +3768,7 @@ static PEP_STATUS set_default_key_fpr_if_valid(
return PEP_OUT_OF_MEMORY;
// this will check to see that the key is usable as well as get its comm_type
- PEP_STATUS status = validate_fpr(session, ident, true, true);
+ PEP_STATUS status = validate_fpr(session, ident, true, true, true);
if (status == PEP_STATUS_OK)
status = set_identity(session, ident);
else {
@@ -4034,10 +4053,10 @@ static PEP_STATUS _decrypt_message(
// pEp key or no, we only take this key if it's the only one.
if (*start && !((*start)->next)) {
const char* check_key = (*start)->value;
- status = update_identity(session, msg->from);
+ status = update_identity(session, src->from);
- if (status == PEP_STATUS_OK && EMPTYSTR(msg->from->fpr) && !EMPTYSTR(check_key)) {
- status = set_default_key_fpr_if_valid(session, msg->from, check_key);
+ if (status == PEP_STATUS_OK && EMPTYSTR(src->from->fpr) && !EMPTYSTR(check_key)) {
+ status = set_default_key_fpr_if_valid(session, src->from, check_key);
if (status != PEP_OUT_OF_MEMORY)
status = PEP_STATUS_OK;
}
@@ -4138,8 +4157,8 @@ static PEP_STATUS _decrypt_message(
const char* check_key = (*start)->value;
status = update_identity(session, msg->from);
- if (status == PEP_STATUS_OK && EMPTYSTR(msg->from->fpr) && !EMPTYSTR(check_key)) {
- status = set_default_key_fpr_if_valid(session, msg->from, check_key);
+ if (status == PEP_STATUS_OK && EMPTYSTR(src->from->fpr) && !EMPTYSTR(check_key)) {
+ status = set_default_key_fpr_if_valid(session, src->from, check_key);
if (status != PEP_OUT_OF_MEMORY)
status = PEP_STATUS_OK;
}
@@ -4427,7 +4446,12 @@ static PEP_STATUS _decrypt_message(
if (!cached_ownname)
cached_ownname = strdup(msg_from->address);
msg_from->username = NULL;
- status = _myself(session, msg_from, false, false, myself_read_only);
+
+ // Don't renew for now: FIXME, SWIFT ticket coming with one To: etc...
+ status = _myself(session, msg_from, false, false, false, myself_read_only);
+ if (PASS_ERROR(status))
+ goto pEp_error;
+
free(msg_from->username);
msg_from->username = cached_ownname;
}
@@ -4883,6 +4907,7 @@ DYNAMIC_API PEP_STATUS own_message_private_key_details(
// Note: if comm_type_determine is false, it generally means that
// we were unable to get key information for anyone in the list,
// likely because a key is missing.
+// Cannot propagate PASSPHRASE errors.
static void _max_comm_type_from_identity_list(
identity_list *identities,
PEP_SESSION session,
@@ -4890,6 +4915,7 @@ static void _max_comm_type_from_identity_list(
bool *comm_type_determined
)
{
+
identity_list * il;
for (il = identities; il != NULL; il = il->next)
{
@@ -4897,7 +4923,7 @@ static void _max_comm_type_from_identity_list(
{
PEP_STATUS status = PEP_STATUS_OK;
*max_comm_type = _get_comm_type(session, *max_comm_type,
- il->ident);
+ il->ident);
*comm_type_determined = true;
bool is_blacklisted = false;
@@ -4909,7 +4935,8 @@ static void _max_comm_type_from_identity_list(
&ident_default, &user_default,
&address_default,
true);
- if (status != PEP_STATUS_OK || il->ident->fpr == NULL) {
+
+ if (status != PEP_STATUS_OK || il->ident->fpr == NULL) {
il->ident->comm_type = PEP_ct_key_not_found;
if (*max_comm_type > PEP_ct_no_encryption)
*max_comm_type = PEP_ct_no_encryption;
@@ -4955,6 +4982,7 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating(
)
{
PEP_comm_type max_comm_type = PEP_ct_pEp;
+
bool comm_type_determined = false;
assert(session);
@@ -5025,6 +5053,12 @@ DYNAMIC_API PEP_STATUS outgoing_message_rating_preview(
return PEP_STATUS_OK;
}
+// CAN return PASSPHRASE errors on own keys because
+// of myself. Will not, however, return PASSPHRASE
+// errors if the incoming ident isn't marked as an own
+// identity.
+// FIXME: document at top level - we RELY on knowing
+// if this is an own identity in the input
DYNAMIC_API PEP_STATUS identity_rating(
PEP_SESSION session,
pEp_identity *ident,
@@ -5043,28 +5077,29 @@ DYNAMIC_API PEP_STATUS identity_rating(
*rating = PEP_rating_undefined;
if (ident->me)
- status = _myself(session, ident, false, true, true);
- else
+ status = _myself(session, ident, false, true, true, true);
+ else { // Since we don't blacklist own keys, we only check it in here
status = update_identity(session, ident);
- bool is_blacklisted = false;
-
- if (ident->fpr && IS_PGP_CT(ident->comm_type)) {
- status = blacklist_is_listed(session, ident->fpr, &is_blacklisted);
- if (status != PEP_STATUS_OK) {
- return status; // DB ERROR
- }
- if (is_blacklisted) {
- bool user_default, ident_default, address_default;
- status = get_valid_pubkey(session, ident,
- &ident_default, &user_default,
- &address_default,
- true);
- if (status != PEP_STATUS_OK || ident->fpr == NULL) {
- ident->comm_type = PEP_ct_key_not_found;
- status = PEP_STATUS_OK;
+ bool is_blacklisted = false;
+
+ if (ident->fpr && IS_PGP_CT(ident->comm_type)) {
+ status = blacklist_is_listed(session, ident->fpr, &is_blacklisted);
+ if (status != PEP_STATUS_OK) {
+ return status; // DB ERROR
}
- }
+ if (is_blacklisted) {
+ bool user_default, ident_default, address_default;
+ status = get_valid_pubkey(session, ident,
+ &ident_default, &user_default,
+ &address_default,
+ true);
+ if (status != PEP_STATUS_OK || ident->fpr == NULL) {
+ ident->comm_type = PEP_ct_key_not_found;
+ status = PEP_STATUS_OK;
+ }
+ }
+ }
}
if (status == PEP_STATUS_OK)
@@ -5519,6 +5554,7 @@ enomem:
return PEP_OUT_OF_MEMORY;
}
+// CAN return PASSPHRASE errors
DYNAMIC_API PEP_STATUS re_evaluate_message_rating(
PEP_SESSION session,
message *msg,
@@ -5579,7 +5615,7 @@ got_keylist:
if (!is_me(session, msg->from))
status = update_identity(session, msg->from);
else
- status = _myself(session, msg->from, false, false, true);
+ status = _myself(session, msg->from, false, true, false, true);
switch (status) {
case PEP_KEY_NOT_FOUND:
@@ -5595,7 +5631,7 @@ got_keylist:
}
status = amend_rating_according_to_sender_and_recipients(session, &_rating,
- msg->from, _keylist);
+ msg->from, _keylist);
if (status == PEP_STATUS_OK)
*rating = _rating;
diff --git a/src/message_api.h b/src/message_api.h
index 4752eb9e..59725d83 100644
--- a/src/message_api.h
+++ b/src/message_api.h
@@ -564,6 +564,8 @@ PEP_STATUS try_encrypt_message(
PEP_encrypt_flags_t flags
);
+PEP_STATUS probe_encrypt(PEP_SESSION session, const char *fpr);
+
#ifdef __cplusplus
}
#endif
diff --git a/src/pEpEngine.c b/src/pEpEngine.c
index 13635b61..8a66d101 100644
--- a/src/pEpEngine.c
+++ b/src/pEpEngine.c
@@ -538,9 +538,6 @@ static const char *sql_get_last_contacted =
static int user_version(void *_version, int count, char **text, char **name)
{
- assert(_version);
- assert(count == 1);
- assert(text && text[0]);
if (!(_version && count == 1 && text && text[0]))
return -1;
@@ -947,7 +944,8 @@ static PEP_STATUS upgrade_revoc_contact_to_13(PEP_SESSION session) {
DYNAMIC_API PEP_STATUS init(
PEP_SESSION *session,
messageToSend_t messageToSend,
- inject_sync_event_t inject_sync_event
+ inject_sync_event_t inject_sync_event,
+ ensure_passphrase_t ensure_passphrase
)
{
PEP_STATUS status = PEP_STATUS_OK;
@@ -983,7 +981,6 @@ DYNAMIC_API PEP_STATUS init(
// client session, or by using synchronization primitive to protect
// creation/deletion of first/last session from the app.
- assert(session);
if (session == NULL)
return PEP_ILLEGAL_VALUE;
@@ -997,11 +994,8 @@ DYNAMIC_API PEP_STATUS init(
_session->version = PEP_ENGINE_VERSION;
_session->messageToSend = messageToSend;
_session->inject_sync_event = inject_sync_event;
-
-#ifdef DEBUG_ERRORSTACK
- _session->errorstack = new_stringlist("init()");
-#endif
-
+ _session->ensure_passphrase = ensure_passphrase;
+
assert(LOCAL_DB);
if (LOCAL_DB == NULL) {
status = PEP_INIT_CANNOT_OPEN_DB;
@@ -2128,10 +2122,7 @@ DYNAMIC_API void release(PEP_SESSION session)
bool out_last = false;
int _count = --init_count;
- assert(_count >= -1);
- assert(session);
-
- if (!((_count >= -1) && session))
+ if ((_count < -1) || !session)
return;
// a small race condition but still a race condition
@@ -2307,10 +2298,6 @@ DYNAMIC_API void release(PEP_SESSION session)
release_transport_system(session, out_last);
release_cryptotech(session, out_last);
-
-#ifdef DEBUG_ERRORSTACK
- free_stringlist(session->errorstack);
-#endif
free(session);
}
}
@@ -2346,16 +2333,16 @@ DYNAMIC_API PEP_STATUS config_passphrase(PEP_SESSION session, const char *passph
}
DYNAMIC_API PEP_STATUS config_passphrase_for_new_keys(PEP_SESSION session, bool enable, const char *passphrase) {
- if (enable && EMPTYSTR(passphrase))
- return PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED;
-
+ if (!session)
+ return PEP_ILLEGAL_VALUE;
+
session->new_key_pass_enable = enable;
PEP_STATUS status = PEP_STATUS_OK;
free(session->generation_passphrase);
- if (!passphrase)
+ if (EMPTYSTR(passphrase)) {
session->generation_passphrase = NULL;
- else {
+ } else {
session->generation_passphrase = strdup(passphrase);
if (!session->generation_passphrase)
status = PEP_OUT_OF_MEMORY;
@@ -2402,11 +2389,7 @@ DYNAMIC_API PEP_STATUS log_event(
session->service_log = true;
int result;
-
- assert(session);
- assert(title);
- assert(entity);
-
+
if (!(session && title && entity))
return PEP_ILLEGAL_VALUE;
@@ -2436,7 +2419,6 @@ DYNAMIC_API PEP_STATUS log_service(
const char *comment
)
{
- assert(session);
if (!session)
return PEP_ILLEGAL_VALUE;
@@ -2453,10 +2435,6 @@ DYNAMIC_API PEP_STATUS trustword(
{
PEP_STATUS status = PEP_STATUS_OK;
- assert(session);
- assert(word);
- assert(wsize);
-
if (!(session && word && wsize))
return PEP_ILLEGAL_VALUE;
@@ -2466,6 +2444,7 @@ DYNAMIC_API PEP_STATUS trustword(
if (lang == NULL)
lang = "en";
+ // FIXME: should this not be an actual check???
assert((lang[0] >= 'A' && lang[0] <= 'Z')
|| (lang[0] >= 'a' && lang[0] <= 'z'));
assert((lang[1] >= 'A' && lang[1] <= 'Z')
@@ -2498,12 +2477,6 @@ DYNAMIC_API PEP_STATUS trustwords(
{
const char *source = fingerprint;
- assert(session);
- assert(fingerprint);
- assert(words);
- assert(wsize);
- assert(max_words >= 0);
-
if (!(session && fingerprint && words && wsize && max_words >= 0))
return PEP_ILLEGAL_VALUE;
@@ -2521,6 +2494,7 @@ DYNAMIC_API PEP_STATUS trustwords(
if (!lang || !lang[0])
lang = "en";
+ // FIXME: Should this not be an actual check?
assert((lang[0] >= 'A' && lang[0] <= 'Z')
|| (lang[0] >= 'a' && lang[0] <= 'z'));
assert((lang[1] >= 'A' && lang[1] <= 'Z')
@@ -2586,7 +2560,6 @@ pEp_identity *new_identity(
)
{
pEp_identity *result = calloc(1, sizeof(pEp_identity));
- assert(result);
if (result) {
if (address) {
result->address = strdup(address);
@@ -2626,23 +2599,23 @@ pEp_identity *new_identity(
pEp_identity *identity_dup(const pEp_identity *src)
{
- assert(src);
-
- pEp_identity *dup = new_identity(src->address, src->fpr, src->user_id,
- src->username);
- assert(dup);
- if (dup == NULL)
- return NULL;
-
- dup->comm_type = src->comm_type;
- dup->lang[0] = src->lang[0];
- dup->lang[1] = src->lang[1];
- dup->lang[2] = 0;
- dup->flags = src->flags;
- dup->me = src->me;
- dup->major_ver = src->major_ver;
- dup->minor_ver = src->minor_ver;
-
+ pEp_identity* dup = NULL;
+ if (src) {
+ dup = new_identity(src->address, src->fpr, src->user_id,
+ src->username);
+ assert(dup);
+ if (dup == NULL)
+ return NULL;
+
+ dup->comm_type = src->comm_type;
+ dup->lang[0] = src->lang[0];
+ dup->lang[1] = src->lang[1];
+ dup->lang[2] = 0;
+ dup->flags = src->flags;
+ dup->me = src->me;
+ dup->major_ver = src->major_ver;
+ dup->minor_ver = src->minor_ver;
+ }
return dup;
}
@@ -2662,8 +2635,6 @@ DYNAMIC_API PEP_STATUS get_default_own_userid(
char** userid
)
{
- assert(session);
- assert(userid);
if (!session || !userid)
return PEP_ILLEGAL_VALUE;
@@ -2706,11 +2677,6 @@ DYNAMIC_API PEP_STATUS get_userid_alias_default(
const char* alias_id,
char** default_id) {
- assert(session);
- assert(alias_id);
- assert(alias_id[0]);
- assert(default_id);
-
if (!(session && alias_id && alias_id[0] && default_id))
return PEP_ILLEGAL_VALUE;
@@ -2751,10 +2717,6 @@ DYNAMIC_API PEP_STATUS set_userid_alias (
int result;
- assert(session);
- assert(default_id);
- assert(alias_id);
-
if (!(session && default_id && alias_id &&
default_id[0] != '\0' && alias_id[0] != '\0'))
return PEP_ILLEGAL_VALUE;
@@ -2790,11 +2752,6 @@ DYNAMIC_API PEP_STATUS get_identity(
PEP_STATUS status = PEP_STATUS_OK;
pEp_identity *_identity = NULL;
- assert(session);
- assert(address);
- assert(address[0]);
- assert(identity);
-
if (!(session && address && address[0] && identity))
return PEP_ILLEGAL_VALUE;
@@ -3019,11 +2976,6 @@ PEP_STATUS get_identity_without_trust_check(
PEP_STATUS status = PEP_STATUS_OK;
pEp_identity *_identity = NULL;
- assert(session);
- assert(address);
- assert(address[0]);
- assert(identity);
-
if (!(session && address && address[0] && identity))
return PEP_ILLEGAL_VALUE;
@@ -3088,10 +3040,6 @@ PEP_STATUS get_identities_by_address(
identity_list** id_list
)
{
- assert(session);
- assert(address);
- assert(address[0]);
- assert(id_list);
if (!(session && address && address[0] && id_list))
return PEP_ILLEGAL_VALUE;
@@ -3159,11 +3107,7 @@ PEP_STATUS get_identities_by_address(
PEP_STATUS exists_identity_entry(PEP_SESSION session, pEp_identity* identity,
bool* exists) {
- assert(session);
- assert(identity);
- assert(!EMPTYSTR(identity->user_id));
- assert(!EMPTYSTR(identity->address));
- if (!session || !exists || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->address))
+ if (!session || !exists || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->address))
return PEP_ILLEGAL_VALUE;
*exists = false;
@@ -3194,11 +3138,7 @@ PEP_STATUS exists_identity_entry(PEP_SESSION session, pEp_identity* identity,
PEP_STATUS exists_trust_entry(PEP_SESSION session, pEp_identity* identity,
bool* exists) {
- assert(session);
- assert(identity);
- assert(!EMPTYSTR(identity->user_id));
- assert(!EMPTYSTR(identity->fpr));
- if (!session || !exists || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr))
+ if (!session || !exists || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr))
return PEP_ILLEGAL_VALUE;
*exists = false;
@@ -3269,11 +3209,6 @@ PEP_STATUS clear_trust_info(PEP_SESSION session,
static PEP_STATUS _set_or_update_trust(PEP_SESSION session,
pEp_identity* identity,
sqlite3_stmt* set_or_update) {
-
- assert(session);
- assert(identity);
- assert(identity->user_id);
- assert(identity->fpr);
if (!session || !identity || EMPTYSTR(identity->user_id) || EMPTYSTR(identity->fpr))
return PEP_ILLEGAL_VALUE;
@@ -3302,9 +3237,6 @@ static PEP_STATUS _set_or_update_trust(PEP_SESSION session,
static PEP_STATUS _set_or_update_identity_entry(PEP_SESSION session,
pEp_identity* identity,
sqlite3_stmt* set_or_update) {
- assert(session);
- assert(identity);
- assert(set_or_update);
if (!session || !identity || !identity->user_id || !identity->address)
return PEP_ILLEGAL_VALUE;
@@ -3332,9 +3264,6 @@ static PEP_STATUS _set_or_update_identity_entry(PEP_SESSION session,
static PEP_STATUS _set_or_update_person(PEP_SESSION session,
pEp_identity* identity,
sqlite3_stmt* set_or_update) {
- assert(session);
- assert(identity);
- assert(set_or_update);
if (!session || !identity || !identity->user_id || !identity->username)
return PEP_ILLEGAL_VALUE;
@@ -3441,12 +3370,6 @@ DYNAMIC_API PEP_STATUS set_identity(
{
int result;
- assert(session);
- assert(identity);
- assert(identity->address);
- assert(identity->user_id);
- assert(identity->username);
-
if (!(session && identity && identity->address &&
identity->user_id && identity->username))
return PEP_ILLEGAL_VALUE;
@@ -3539,10 +3462,6 @@ PEP_STATUS update_pEp_user_trust_vals(PEP_SESSION session,
// This ONLY sets the user flag. Must be called outside of a transaction.
DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user) {
-
- assert(session);
- assert(user);
- assert(!EMPTYSTR(user->user_id));
if (!session || !user || EMPTYSTR(user->user_id))
return PEP_ILLEGAL_VALUE;
@@ -3576,10 +3495,10 @@ DYNAMIC_API PEP_STATUS set_as_pEp_user(PEP_SESSION session, pEp_identity* user)
// This ONLY sets the version flag. Must be called outside of a transaction.
PEP_STATUS set_pEp_version(PEP_SESSION session, pEp_identity* ident, unsigned int new_ver_major, unsigned int new_ver_minor) {
- assert(session);
- assert(!EMPTYSTR(ident->user_id));
- assert(!EMPTYSTR(ident->address));
-
+
+ if (!session || !ident || EMPTYSTR(ident->user_id) || EMPTYSTR(ident->address))
+ return PEP_ILLEGAL_VALUE;
+
sqlite3_reset(session->set_pEp_version);
sqlite3_bind_double(session->set_pEp_version, 1, new_ver_major);
sqlite3_bind_double(session->set_pEp_version, 2, new_ver_minor);
@@ -3604,8 +3523,9 @@ PEP_STATUS upgrade_pEp_version_by_user_id(PEP_SESSION session,
unsigned int new_ver_minor
)
{
- assert(session);
- assert(!EMPTYSTR(ident->user_id));
+
+ if (!session || !ident || EMPTYSTR(ident->user_id))
+ return PEP_ILLEGAL_VALUE;
sqlite3_reset(session->upgrade_pEp_version_by_user_id);
sqlite3_bind_int(session->upgrade_pEp_version_by_user_id, 1, new_ver_major);
@@ -3624,14 +3544,7 @@ PEP_STATUS upgrade_pEp_version_by_user_id(PEP_SESSION session,
PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity,
bool* exists) {
-
- // const char* user_id,
- // char** default_id, bool* exists) {
- assert(session);
- assert(exists);
- assert(identity);
- assert(!EMPTYSTR(identity->user_id));
-
+
if (!session || !exists || !identity || EMPTYSTR(identity->user_id))
return PEP_ILLEGAL_VALUE;
@@ -3673,8 +3586,7 @@ PEP_STATUS exists_person(PEP_SESSION session, pEp_identity* identity,
}
PEP_STATUS delete_person(PEP_SESSION session, const char* user_id) {
- assert(session);
- assert(!EMPTYSTR(user_id));
+
if (!session || EMPTYSTR(user_id))
return PEP_ILLEGAL_VALUE;
@@ -3695,10 +3607,6 @@ PEP_STATUS delete_person(PEP_SESSION session, const char* user_id) {
DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, pEp_identity *identity, bool* is_pEp)
{
- assert(session);
- assert(is_pEp);
- assert(identity);
- assert(!EMPTYSTR(identity->user_id));
if (!session || !is_pEp || !identity || EMPTYSTR(identity->user_id))
return PEP_ILLEGAL_VALUE;
@@ -3740,9 +3648,6 @@ DYNAMIC_API PEP_STATUS is_pEp_user(PEP_SESSION session, pEp_identity *identity,
PEP_STATUS is_own_address(PEP_SESSION session, const char* address, bool* is_own_addr)
{
- assert(session);
- assert(is_own_addr);
- assert(!EMPTYSTR(address));
if (!session || !is_own_addr || EMPTYSTR(address))
return PEP_ILLEGAL_VALUE;
@@ -3800,12 +3705,7 @@ PEP_STATUS bind_own_ident_with_contact_ident(PEP_SESSION session,
// since this could be either way
PEP_STATUS has_partner_contacted_address(PEP_SESSION session, const char* partner_id,
const char* own_address, bool* was_contacted) {
-
- assert(session);
- assert(!EMPTYSTR(partner_id));
- assert(!EMPTYSTR(own_address));
- assert(was_contacted);
-
+
if (!session || !was_contacted || EMPTYSTR(partner_id) || EMPTYSTR(own_address))
return PEP_ILLEGAL_VALUE;
@@ -3883,7 +3783,6 @@ PEP_STATUS get_own_ident_for_contact_id(PEP_SESSION session,
PEP_STATUS remove_fpr_as_default(PEP_SESSION session,
const char* fpr)
{
- assert(fpr);
if (!session || !fpr)
return PEP_ILLEGAL_VALUE;
@@ -3916,8 +3815,6 @@ PEP_STATUS replace_identities_fpr(PEP_SESSION session,
const char* old_fpr,
const char* new_fpr)
{
- assert(old_fpr);
- assert(new_fpr);
if (!old_fpr || !new_fpr)
return PEP_ILLEGAL_VALUE;
@@ -3965,11 +3862,6 @@ DYNAMIC_API PEP_STATUS set_identity_flags(
{
int result;
- assert(session);
- assert(identity);
- assert(identity->address);
- assert(identity->user_id);
-
if (!(session && identity && identity->address && identity->user_id))
return PEP_ILLEGAL_VALUE;
@@ -3998,11 +3890,6 @@ DYNAMIC_API PEP_STATUS unset_identity_flags(
{
int result;
- assert(session);
- assert(identity);
- assert(identity->address);
- assert(identity->user_id);
-
if (!(session && identity && identity->address && identity->user_id))
return PEP_ILLEGAL_VALUE;
@@ -4030,11 +3917,6 @@ DYNAMIC_API PEP_STATUS set_ident_enc_format(
{
int result;
- assert(session);
- assert(identity);
- assert(identity->address);
- assert(identity->user_id);
-
if (!(session && identity && identity->address && identity->user_id))
return PEP_ILLEGAL_VALUE;
@@ -4375,9 +4257,6 @@ pEp_free:
PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid,
const char* new_uid) {
- assert(session);
- assert(old_uid);
- assert(new_uid);
if (!session || !old_uid || !new_uid)
return PEP_ILLEGAL_VALUE;
@@ -4414,8 +4293,6 @@ PEP_STATUS replace_userid(PEP_SESSION session, const char* old_uid,
}
PEP_STATUS remove_key(PEP_SESSION session, const char* fpr) {
- assert(session);
- assert(fpr);
if (!session || EMPTYSTR(fpr))
return PEP_ILLEGAL_VALUE;
@@ -4435,8 +4312,6 @@ PEP_STATUS remove_key(PEP_SESSION session, const char* fpr) {
PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id) {
- assert(session);
- assert(user_id);
if (!session || !user_id)
return PEP_ILLEGAL_VALUE;
@@ -4456,9 +4331,6 @@ PEP_STATUS refresh_userid_default_key(PEP_SESSION session, const char* user_id)
PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id,
const char* new_fpr) {
- assert(session);
- assert(user_id);
- assert(new_fpr);
if (!session || !user_id || !new_fpr)
return PEP_ILLEGAL_VALUE;
@@ -4480,9 +4352,6 @@ PEP_STATUS replace_main_user_fpr(PEP_SESSION session, const char* user_id,
PEP_STATUS replace_main_user_fpr_if_equal(PEP_SESSION session, const char* user_id,
const char* new_fpr, const char* compare_fpr) {
- assert(session);
- assert(user_id);
- assert(compare_fpr);
if (!session || !user_id || !compare_fpr)
return PEP_ILLEGAL_VALUE;
@@ -4513,11 +4382,7 @@ PEP_STATUS get_main_user_fpr(PEP_SESSION session,
{
PEP_STATUS status = PEP_STATUS_OK;
int result;
-
- assert(session);
- assert(user_id);
- assert(main_fpr);
-
+
if (!(session && user_id && user_id[0] && main_fpr))
return PEP_ILLEGAL_VALUE;
@@ -4565,9 +4430,6 @@ DYNAMIC_API PEP_STATUS mark_as_compromised(
{
int result;
- assert(session);
- assert(fpr && fpr[0]);
-
if (!(session && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
@@ -4598,15 +4460,6 @@ DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity)
PEP_STATUS status = PEP_STATUS_OK;
int result;
- // We need to be able to test that we break correctly without shutting
- // asserts off everywhere.
- // assert(session);
- // assert(identity);
- // assert(identity->user_id);
- // assert(identity->user_id[0]);
- // assert(identity->fpr);
- // assert(identity->fpr[0]);
-
if (!(session && identity && identity->user_id && identity->user_id[0] &&
identity->fpr && identity->fpr[0]))
return PEP_ILLEGAL_VALUE;
@@ -4645,10 +4498,6 @@ DYNAMIC_API PEP_STATUS least_trust(
PEP_STATUS status = PEP_STATUS_OK;
int result;
- assert(session);
- assert(fpr);
- assert(comm_type);
-
if (!(session && fpr && comm_type))
return PEP_ILLEGAL_VALUE;
@@ -4700,12 +4549,6 @@ DYNAMIC_API PEP_STATUS decrypt_and_verify(
char** filename_ptr
)
{
- assert(session);
- assert(ctext);
- assert(csize);
- assert(ptext);
- assert(psize);
- assert(keylist);
if (!(session && ctext && csize && ptext && psize && keylist))
return PEP_ILLEGAL_VALUE;
@@ -4728,12 +4571,6 @@ DYNAMIC_API PEP_STATUS encrypt_and_sign(
size_t psize, char **ctext, size_t *csize
)
{
- assert(session);
- assert(keylist);
- assert(ptext);
- assert(psize);
- assert(ctext);
- assert(csize);
if (!(session && keylist && ptext && psize && ctext && csize))
return PEP_ILLEGAL_VALUE;
@@ -4747,12 +4584,6 @@ PEP_STATUS encrypt_only(
size_t psize, char **ctext, size_t *csize
)
{
- assert(session);
- assert(keylist);
- assert(ptext);
- assert(psize);
- assert(ctext);
- assert(csize);
if (!(session && keylist && ptext && psize && ctext && csize))
return PEP_ILLEGAL_VALUE;
@@ -4767,12 +4598,6 @@ PEP_STATUS sign_only(PEP_SESSION session,
const char *fpr,
char **sign,
size_t *sign_size) {
- assert(session);
- assert(fpr);
- assert(data);
- assert(data_size);
- assert(sign);
- assert(sign_size);
if (!(session && fpr && data && data_size && sign && sign_size))
return PEP_ILLEGAL_VALUE;
@@ -4789,12 +4614,6 @@ DYNAMIC_API PEP_STATUS verify_text(
const char *signature, size_t sig_size, stringlist_t **keylist
)
{
- assert(session);
- assert(text);
- assert(size);
- assert(signature);
- assert(sig_size);
- assert(keylist);
if (!(session && text && size && signature && sig_size && keylist))
return PEP_ILLEGAL_VALUE;
@@ -4805,8 +4624,6 @@ DYNAMIC_API PEP_STATUS verify_text(
DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr)
{
- assert(session);
- assert(fpr);
if (!(session && fpr))
return PEP_ILLEGAL_VALUE;
@@ -4818,10 +4635,6 @@ DYNAMIC_API PEP_STATUS export_key(
PEP_SESSION session, const char *fpr, char **key_data, size_t *size
)
{
- assert(session);
- assert(fpr);
- assert(key_data);
- assert(size);
if (!(session && fpr && key_data && size))
return PEP_ILLEGAL_VALUE;
@@ -4834,11 +4647,6 @@ DYNAMIC_API PEP_STATUS export_secret_key(
PEP_SESSION session, const char *fpr, char **key_data, size_t *size
)
{
- assert(session);
- assert(fpr);
- assert(key_data);
- assert(size);
-
if (!(session && fpr && key_data && size))
return PEP_ILLEGAL_VALUE;
@@ -4862,10 +4670,6 @@ DYNAMIC_API PEP_STATUS find_keys(
PEP_SESSION session, const char *pattern, stringlist_t **keylist
)
{
- assert(session);
- assert(pattern);
- assert(keylist);
-
if (!(session && pattern && keylist))
return PEP_ILLEGAL_VALUE;
@@ -4886,11 +4690,6 @@ PEP_STATUS _generate_keypair(PEP_SESSION session,
bool suppress_event
)
{
- assert(session);
- assert(identity);
- assert(identity->address);
- assert(identity->fpr == NULL || identity->fpr[0] == 0);
-// assert(identity->username);
// N.B. We now allow empty usernames, so the underlying layer for
// non-sequoia crypto implementations will have to deal with this.
@@ -4942,17 +4741,13 @@ PEP_STATUS _generate_keypair(PEP_SESSION session,
return status;
}
-
+// SHOULD NOT (in implementation) ever return PASSPHRASE errors
DYNAMIC_API PEP_STATUS get_key_rating(
PEP_SESSION session,
const char *fpr,
PEP_comm_type *comm_type
)
{
- assert(session);
- assert(fpr);
- assert(comm_type);
-
if (!(session && fpr && comm_type))
return PEP_ILLEGAL_VALUE;
@@ -4978,9 +4773,6 @@ PEP_STATUS _import_key_with_fpr_return(
uint64_t* changed_public_keys
)
{
- assert(session);
- assert(key_data);
-
if (!(session && key_data))
return PEP_ILLEGAL_VALUE;
@@ -4992,10 +4784,7 @@ PEP_STATUS _import_key_with_fpr_return(
}
DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern)
-{
- assert(session);
- assert(pattern);
-
+{
if (!(session && pattern))
return PEP_ILLEGAL_VALUE;
@@ -5004,9 +4793,6 @@ DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern)
DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern)
{
- assert(session);
- assert(pattern);
-
if (!(session && pattern))
return PEP_ILLEGAL_VALUE;
@@ -5019,9 +4805,6 @@ DYNAMIC_API PEP_STATUS renew_key(
const timestamp *ts
)
{
- assert(session);
- assert(fpr);
-
if (!(session && fpr))
return PEP_ILLEGAL_VALUE;
@@ -5034,9 +4817,6 @@ DYNAMIC_API PEP_STATUS revoke_key(
const char *reason
)
{
- assert(session);
- assert(fpr);
-
if (!(session && fpr))
return PEP_ILLEGAL_VALUE;
@@ -5060,10 +4840,6 @@ DYNAMIC_API PEP_STATUS key_expired(
bool *expired
)
{
- assert(session);
- assert(fpr);
- assert(expired);
-
if (!(session && fpr && expired))
return PEP_ILLEGAL_VALUE;
@@ -5076,11 +4852,7 @@ DYNAMIC_API PEP_STATUS key_revoked(
const char *fpr,
bool *revoked
)
-{
- assert(session);
- assert(fpr);
- assert(revoked);
-
+{
if (!(session && fpr && revoked))
return PEP_ILLEGAL_VALUE;
@@ -5091,7 +4863,6 @@ DYNAMIC_API PEP_STATUS key_revoked(
DYNAMIC_API PEP_STATUS config_cipher_suite(PEP_SESSION session,
PEP_CIPHER_SUITE suite)
{
- assert(session);
if (!session)
return PEP_ILLEGAL_VALUE;
@@ -5141,10 +4912,6 @@ DYNAMIC_API PEP_STATUS get_crashdump_log(
PEP_STATUS status = PEP_STATUS_OK;
char *_logdata= NULL;
- assert(session);
- assert(maxlines >= 0 && maxlines <= CRASHDUMP_MAX_LINES);
- assert(logdata);
-
if (!(session && logdata && maxlines >= 0 && maxlines <=
CRASHDUMP_MAX_LINES))
return PEP_ILLEGAL_VALUE;
@@ -5239,9 +5006,6 @@ DYNAMIC_API PEP_STATUS get_languagelist(
PEP_STATUS status = PEP_STATUS_OK;
char *_languages= NULL;
- assert(session);
- assert(languages);
-
if (!(session && languages))
return PEP_ILLEGAL_VALUE;
@@ -5311,7 +5075,6 @@ DYNAMIC_API PEP_STATUS get_phrase(
{
PEP_STATUS status = PEP_STATUS_OK;
- assert(session && lang && lang[0] && lang[1] && lang[2] == 0 && phrase);
if (!(session && lang && lang[0] && lang[1] && lang[2] == 0 && phrase))
return PEP_ILLEGAL_VALUE;
@@ -5357,7 +5120,6 @@ the_end:
static PEP_STATUS _get_sequence_value(PEP_SESSION session, const char *name,
int32_t *value)
{
- assert(session && name && value);
if (!(session && name && value))
return PEP_ILLEGAL_VALUE;
@@ -5388,7 +5150,6 @@ static PEP_STATUS _get_sequence_value(PEP_SESSION session, const char *name,
static PEP_STATUS _increment_sequence_value(PEP_SESSION session,
const char *name)
{
- assert(session && name);
if (!(session && name))
return PEP_ILLEGAL_VALUE;
@@ -5411,9 +5172,6 @@ DYNAMIC_API PEP_STATUS sequence_value(
{
PEP_STATUS status = PEP_STATUS_OK;
- assert(session);
- assert(name && value);
-
if (!(session && name && name[0] && value))
return PEP_ILLEGAL_VALUE;
@@ -5476,12 +5234,7 @@ DYNAMIC_API PEP_STATUS set_revoked(
)
{
PEP_STATUS status = PEP_STATUS_OK;
-
- assert(session &&
- revoked_fpr && revoked_fpr[0] &&
- replacement_fpr && replacement_fpr[0]
- );
-
+
if (!(session &&
revoked_fpr && revoked_fpr[0] &&
replacement_fpr && replacement_fpr[0]
@@ -5518,16 +5271,8 @@ DYNAMIC_API PEP_STATUS get_revoked(
)
{
PEP_STATUS status = PEP_STATUS_OK;
-
- assert(session &&
- revoked_fpr &&
- fpr && fpr[0]
- );
-
- if (!(session &&
- revoked_fpr &&
- fpr && fpr[0]
- ))
+
+ if (!(session && revoked_fpr && fpr && fpr[0]))
return PEP_ILLEGAL_VALUE;
*revoked_fpr = NULL;
@@ -5568,8 +5313,6 @@ DYNAMIC_API PEP_STATUS get_replacement_fpr(
)
{
PEP_STATUS status = PEP_STATUS_OK;
-
- assert(session && revoked_fpr && !EMPTYSTR(fpr) && revocation_date);
if (!session || !revoked_fpr || EMPTYSTR(fpr) || !revocation_date)
return PEP_ILLEGAL_VALUE;
@@ -5609,9 +5352,6 @@ PEP_STATUS get_last_contacted(
identity_list** id_list
)
{
- assert(session);
- assert(id_list);
-
if (!(session && id_list))
return PEP_ILLEGAL_VALUE;
@@ -5657,7 +5397,6 @@ PEP_STATUS key_created(
time_t *created
)
{
- assert(session && fpr && created);
if (!(session && fpr && created))
return PEP_ILLEGAL_VALUE;
@@ -5667,7 +5406,6 @@ PEP_STATUS key_created(
PEP_STATUS find_private_keys(PEP_SESSION session, const char* pattern,
stringlist_t **keylist) {
- assert(session && keylist);
if (!(session && keylist))
return PEP_ILLEGAL_VALUE;
@@ -5686,7 +5424,6 @@ DYNAMIC_API const char* get_protocol_version() {
DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session)
{
- assert(session);
if (!session)
return PEP_ILLEGAL_VALUE;
@@ -5706,55 +5443,6 @@ DYNAMIC_API PEP_STATUS reset_pEptest_hack(PEP_SESSION session)
return PEP_STATUS_OK;
}
-#ifdef DEBUG_ERRORSTACK
-PEP_STATUS session_add_error(PEP_SESSION session, const char* file, unsigned line, PEP_STATUS status)
-{
- char logline[48];
- if(status>0)
- {
- snprintf(logline,47, "%.24s:%u status=%u (0x%x)", file, line, status, status);
- }else{
- snprintf(logline,47, "%.24s:%u status=%i.", file, line, status);
- }
- stringlist_add(session->errorstack, logline); // logline is copied! :-)
- return status;
-}
-
-DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session)
-{
- return session->errorstack;
-}
-
-DYNAMIC_API void clear_errorstack(PEP_SESSION session)
-{
- const int old_len = stringlist_length(session->errorstack);
- char buf[48];
- free_stringlist(session->errorstack);
- snprintf(buf, 47, "(%i elements cleared)", old_len);
- session->errorstack = new_stringlist(buf);
-}
-
-#else
-
-static stringlist_t* dummy_errorstack = NULL;
-
-DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session)
-{
- if(dummy_errorstack == NULL)
- {
- dummy_errorstack = new_stringlist("( Please recompile pEpEngine with -DDEBUG_ERRORSTACK )");
- }
-
- return dummy_errorstack;
-}
-
-DYNAMIC_API void clear_errorstack(PEP_SESSION session)
-{
- // nothing to do here
-}
-
-#endif
-
DYNAMIC_API void _service_error_log(PEP_SESSION session, const char *entity,
PEP_STATUS status, const char *where)
{
diff --git a/src/pEpEngine.h b/src/pEpEngine.h
index 2eeef263..cf3cdcfb 100644
--- a/src/pEpEngine.h
+++ b/src/pEpEngine.h
@@ -25,7 +25,7 @@ extern "C" {
#define PEP_ENGINE_VERSION_MAJOR 2
#define PEP_ENGINE_VERSION_MINOR 1
#define PEP_ENGINE_VERSION_PATCH 0
-#define PEP_ENGINE_VERSION_RC 20
+#define PEP_ENGINE_VERSION_RC 26
#define PEP_OWN_USERID "pEp_own_userId"
@@ -205,6 +205,23 @@ DYNAMIC_API void free_Sync_event(SYNC_EVENT ev);
typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management);
+// ensure_passphrase() - callee ensures correct password for (signing) key is configured in the session on
+// return, or returns error when it is not found
+// parameters:
+//. session (in) session for which the guarantee is made
+// fpr (in) fpr to check
+//
+// return value:
+// PEP_STATUS_OK passphrase is configured and ready to use
+// If the caller runs out of passphrases to try, PEP_*PASSWORD* errors
+// are acceptable.
+//. Other errors if, e.g., the key is not found
+//
+// caveat:
+// The callee is responsible for iterating through passwords
+// to ensure signing/encryption can occur successfully.
+//
+typedef PEP_STATUS (*ensure_passphrase_t)(PEP_SESSION session, const char* fpr);
// INIT_STATUS init() - initialize pEpEngine for a thread
//
@@ -214,13 +231,14 @@ typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management);
// messageToSend (in) callback for sending message by the
// application
// inject_sync_event (in) callback for injecting a sync event
+// ensure_passphrase (in) callback for ensuring correct password for key is set
//
// return value:
// PEP_STATUS_OK = 0 if init() succeeds
// PEP_INIT_SQLITE3_WITHOUT_MUTEX if SQLite3 was compiled with
// SQLITE_THREADSAFE 0
// PEP_INIT_CANNOT_LOAD_CRYPTO_LIB if crypto lin cannot be found
-// PEP_INIT_CRYPTO_LIB_INIT_FAILED if CRYPTO_LIB init fails
+// PEP_INIT_CRYPTO_LIB_INIT_FAILED if CRYPTO_LIB init fails
// PEP_INIT_CANNOT_OPEN_DB if user's management db cannot be
// opened
// PEP_INIT_CANNOT_OPEN_SYSTEM_DB if system's management db cannot be
@@ -239,14 +257,20 @@ typedef int (*inject_sync_event_t)(SYNC_EVENT ev, void *management);
//
// messageToSend can only be null if no transport is application based
// if transport system is not used it must not be NULL
+//
+// ensure_refresh_key should only be NULL if the
+// caller can guarantee that there is only one single or zero passphrases
+// used in the whole of the keys database
DYNAMIC_API PEP_STATUS init(
PEP_SESSION *session,
messageToSend_t messageToSend,
- inject_sync_event_t inject_sync_event
+ inject_sync_event_t inject_sync_event,
+ ensure_passphrase_t ensure_passphrase
);
+
// void release() - release thread session handle
//
// parameters:
@@ -261,26 +285,6 @@ DYNAMIC_API PEP_STATUS init(
DYNAMIC_API void release(PEP_SESSION session);
-
-// const stringlist_t* get_errorstack(PEP_SESSION) - get the error stack for that session, if any
-//
-// parameters:
-// session (in) session handle
-//
-// caveat:
-// To get a useful error stack you have to compile with -DDEBUG_ERRORSTACK
-// The error stack belongs to the session. Do no not change it!
-DYNAMIC_API const stringlist_t* get_errorstack(PEP_SESSION session);
-
-
-// void clear_errorstack(PEP_SESSION) - clear the error stack for that session, if any
-//
-// parameters:
-// session (in) session handle
-//
-DYNAMIC_API void clear_errorstack(PEP_SESSION session);
-
-
// config_passive_mode() - enable passive mode
//
// parameters:
diff --git a/src/pEp_internal.h b/src/pEp_internal.h
index a0ef5648..2c6cc848 100644
--- a/src/pEp_internal.h
+++ b/src/pEp_internal.h
@@ -250,6 +250,7 @@ struct _pEpSession {
notifyHandshake_t notifyHandshake;
inject_sync_event_t inject_sync_event;
retrieve_next_sync_event_t retrieve_next_sync_event;
+ ensure_passphrase_t ensure_passphrase;
// pEp Sync
void *sync_management;
@@ -268,9 +269,6 @@ struct _pEpSession {
bool service_log;
#ifndef NDEBUG
-# ifdef DEBUG_ERRORSTACK
- stringlist_t* errorstack;
-# endif
int debug_color;
#endif
};
@@ -448,7 +446,7 @@ static inline char* _pEp_subj_copy() {
#endif
}
-static inline bool is_me(PEP_SESSION session, pEp_identity* test_ident) {
+static inline bool is_me(PEP_SESSION session, const pEp_identity* test_ident) {
bool retval = false;
if (test_ident && test_ident->user_id) {
char* def_id = NULL;
@@ -528,6 +526,10 @@ static inline void set_max_version(unsigned int first_maj, unsigned int first_mi
#define EMPTYSTR(STR) ((STR) == NULL || (STR)[0] == '\0')
#endif
+#ifndef PASS_ERROR
+#define PASS_ERROR(ST) (ST == PEP_PASSPHRASE_REQUIRED || ST == PEP_WRONG_PASSPHRASE || ST == PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED)
+#endif
+
#ifndef IS_PGP_CT
#define IS_PGP_CT(CT) (((CT) | PEP_ct_confirmed) == PEP_ct_OpenPGP)
#endif
diff --git a/src/pgp_sequoia.c b/src/pgp_sequoia.c
index b1d9f411..185a1b0d 100644
--- a/src/pgp_sequoia.c
+++ b/src/pgp_sequoia.c
@@ -3184,7 +3184,7 @@ PEP_STATUS pgp_revoke_key(
status = _pgp_get_decrypted_key(session, iter, &key);
if (!key || status != PEP_STATUS_OK) {
- ERROR_OUT (err, PEP_UNKNOWN_ERROR,
+ ERROR_OUT (err, (status != PEP_STATUS_OK ? status : PEP_UNKNOWN_ERROR),
"%s has no usable certification capable key", fpr);
}
diff --git a/src/platform_windows.cpp b/src/platform_windows.cpp
index 19c5190a..10a7fbc3 100644
--- a/src/platform_windows.cpp
+++ b/src/platform_windows.cpp
@@ -406,11 +406,12 @@ DYNAMIC_API time_t timegm(timestamp *timeptr)
if (!timeptr)
return -1;
+ timeptr->tm_gmtoff = 0;
time_t result = _mkgmtime((struct tm *) timeptr);
if (result == -1)
return -1;
- return (result - timeptr->tm_gmtoff);
+ return result;
}
void uuid_generate_random(pEpUUID out)
diff --git a/src/platform_windows.h b/src/platform_windows.h
index 3bc883a8..dda65abd 100644
--- a/src/platform_windows.h
+++ b/src/platform_windows.h
@@ -54,6 +54,8 @@ int dlclose(void *handle);
void *dlsym(void *handle, const char *symbol);
int mkstemp(char *templ);
+// Nota bene: It does _not_ respect timeptr->tm_gmtoff, so it behaves the same as its POSIX original.
+// Use timegm_with_gmtoff() from or that.
DYNAMIC_API time_t timegm(timestamp *timeptr);
#ifndef strdup
diff --git a/src/timestamp.c b/src/timestamp.c
index 2969b8a8..3e9f6e60 100644
--- a/src/timestamp.c
+++ b/src/timestamp.c
@@ -9,6 +9,26 @@
#include
#include
+
+DYNAMIC_API time_t timegm_with_gmtoff(const timestamp* ts)
+{
+ if (!ts)
+ return -1;
+
+ timestamp *_ts = timestamp_dup(ts);
+ if (!_ts)
+ return -1;
+
+ const time_t raw_time = timegm(_ts);
+ if(raw_time==-1)
+ return -1;
+
+ free_timestamp(_ts);
+
+ return raw_time - ts->tm_gmtoff;
+}
+
+
DYNAMIC_API timestamp * new_timestamp(time_t clock)
{
timestamp *ts = calloc(1, sizeof(timestamp));
@@ -33,11 +53,8 @@ DYNAMIC_API timestamp * timestamp_dup(const timestamp *src)
if (!src)
return NULL;
- timestamp *dst = calloc(1, sizeof(timestamp));
- assert(dst);
- if (!dst)
- return NULL;
-
+ timestamp *dst = (timestamp *) malloc(sizeof(timestamp));
memcpy(dst, src, sizeof(timestamp));
+
return dst;
}
diff --git a/src/timestamp.h b/src/timestamp.h
index 215ac694..8989d4de 100644
--- a/src/timestamp.h
+++ b/src/timestamp.h
@@ -30,6 +30,17 @@ typedef struct _timestamp {
typedef struct tm timestamp;
#endif
+
+// timegm_with_gmtoff() - convert the broken-out time into time_t, and respect tm_gmtoff
+//
+// parameters:
+// timeptr(in) broken-out time
+//
+// return value:
+// time_t that holds the usual "seconds since epoch"
+DYNAMIC_API time_t timegm_with_gmtoff(const timestamp* ts);
+
+
// new_timestamp() - allocate a new timestamp
//
// parameters:
diff --git a/sync/gen_statemachine.ysl2 b/sync/gen_statemachine.ysl2
index 6295ba91..ac998e49 100644
--- a/sync/gen_statemachine.ysl2
+++ b/sync/gen_statemachine.ysl2
@@ -291,7 +291,9 @@ tstylesheet {
return PEP_«yml:ucase(@name)»_NO_INJECT_CALLBACK;
if (event < Extra) {
- msg = new_«@name»_message(fsm, event);
+ // FIXME: there should be a mapping between event and message type
+ // with current implementation they've got an offset of 1
+ msg = new_«@name»_message(fsm, event - 1);
if (!msg) {
status = PEP_OUT_OF_MEMORY;
goto the_end;
diff --git a/test/Makefile b/test/Makefile
index fa5f973f..fff580de 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -16,7 +16,7 @@ SRCS:=$(wildcard src/*.cc) $(wildcard src/*/*.cc)
OBJS:=$(addsuffix .o,$(basename $(SRCS)))
DEPS:=$(OBJS:.o=.d)
-LDFLAGS+= -L../asn.1 -L../src $(ETPAN_LIB) $(CPPUNIT_LIB)
+LDFLAGS+= -L../asn.1 -L../src $(ETPAN_LIB) $(GTEST_LDFLAGS)
TARGET:=EngineTests
@@ -63,7 +63,7 @@ endif
CXXFLAGS:=-I$(GTEST_INC_DIR) $(filter-out -DNDEBUG,$(CXXFLAGS))
# FIXME Possibly missing incdirs: ASN1C_INC
-CXXFLAGS+= -I./src -I../sync $(CPPUNIT_INC) $(INC_FLAGS) -Wno-deprecated -Wno-unused-variable
+CXXFLAGS+= -I./src -I../sync $(INC_FLAGS) -Wno-deprecated -Wno-unused-variable
ifeq ($(OPENPGP),GPG)
CXXFLAGS+= -DUSE_GPG $(GPGME_INC)
@@ -81,9 +81,6 @@ endif
ifdef NETPGP_LIB
EXTRA_LIB_PATHS:=$(EXTRA_LIB_PATHS)$(patsubst -L%,%,$(NETPGP_LIB)):
endif
-ifdef CPPUNIT_LIB
- EXTRA_LIB_PATHS:=$(EXTRA_LIB_PATHS)$(patsubst -L%,%,$(CPPUNIT_LIB)):
-endif
# Remove trailing ':'
EXTRA_LIB_PATHS:=$(EXTRA_LIB_PATHS::=)
diff --git a/test/src/AppleMailTest.cc b/test/src/AppleMailTest.cc
index af216918..066ba94d 100644
--- a/test/src/AppleMailTest.cc
+++ b/test/src/AppleMailTest.cc
@@ -61,7 +61,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/BCCTest.cc b/test/src/BCCTest.cc
index 9e4b0384..b5808467 100644
--- a/test/src/BCCTest.cc
+++ b/test/src/BCCTest.cc
@@ -55,7 +55,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/BlacklistAcceptNewKeyTest.cc b/test/src/BlacklistAcceptNewKeyTest.cc
index 56cdf706..59b94296 100644
--- a/test/src/BlacklistAcceptNewKeyTest.cc
+++ b/test/src/BlacklistAcceptNewKeyTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/BlacklistTest.cc b/test/src/BlacklistTest.cc
index fe113365..06c8d9db 100644
--- a/test/src/BlacklistTest.cc
+++ b/test/src/BlacklistTest.cc
@@ -72,7 +72,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/CaseAndDotAddressTest.cc b/test/src/CaseAndDotAddressTest.cc
index 73a1e7bd..a09f0d32 100644
--- a/test/src/CaseAndDotAddressTest.cc
+++ b/test/src/CaseAndDotAddressTest.cc
@@ -56,7 +56,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc b/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc
index 82b7e166..650c7784 100644
--- a/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc
+++ b/test/src/CheckRenewedExpiredKeyTrustStatusTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/CleanInvalidOwnKeysTest.cc b/test/src/CleanInvalidOwnKeysTest.cc
index ebc23d92..f83fd0e4 100644
--- a/test/src/CleanInvalidOwnKeysTest.cc
+++ b/test/src/CleanInvalidOwnKeysTest.cc
@@ -51,7 +51,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/CrashdumpTest.cc b/test/src/CrashdumpTest.cc
index 6bd421fd..84b1e1ba 100644
--- a/test/src/CrashdumpTest.cc
+++ b/test/src/CrashdumpTest.cc
@@ -51,7 +51,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/DecorateTest.cc b/test/src/DecorateTest.cc
index 50c82ad4..204584da 100644
--- a/test/src/DecorateTest.cc
+++ b/test/src/DecorateTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/DecryptAttachPrivateKeyTrustedTest.cc b/test/src/DecryptAttachPrivateKeyTrustedTest.cc
index abb3dc70..259666f1 100644
--- a/test/src/DecryptAttachPrivateKeyTrustedTest.cc
+++ b/test/src/DecryptAttachPrivateKeyTrustedTest.cc
@@ -59,7 +59,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/DecryptAttachPrivateKeyUntrustedTest.cc b/test/src/DecryptAttachPrivateKeyUntrustedTest.cc
index f715ea16..03299c6c 100644
--- a/test/src/DecryptAttachPrivateKeyUntrustedTest.cc
+++ b/test/src/DecryptAttachPrivateKeyUntrustedTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/DeleteKeyTest.cc b/test/src/DeleteKeyTest.cc
index dd4b23ac..977d0a7b 100644
--- a/test/src/DeleteKeyTest.cc
+++ b/test/src/DeleteKeyTest.cc
@@ -67,7 +67,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/ElevatedAttachmentsTest.cc b/test/src/ElevatedAttachmentsTest.cc
index 450f66ad..43565b44 100644
--- a/test/src/ElevatedAttachmentsTest.cc
+++ b/test/src/ElevatedAttachmentsTest.cc
@@ -48,7 +48,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/EmptyLongmsgFullHtmlTest.cc b/test/src/EmptyLongmsgFullHtmlTest.cc
index 9849635d..e499a84a 100644
--- a/test/src/EmptyLongmsgFullHtmlTest.cc
+++ b/test/src/EmptyLongmsgFullHtmlTest.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/EncryptAttachPrivateKeyTest.cc b/test/src/EncryptAttachPrivateKeyTest.cc
index 120dd73d..1e462f99 100644
--- a/test/src/EncryptAttachPrivateKeyTest.cc
+++ b/test/src/EncryptAttachPrivateKeyTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/EncryptForIdentityTest.cc b/test/src/EncryptForIdentityTest.cc
index 1fd9598c..73f1cd20 100644
--- a/test/src/EncryptForIdentityTest.cc
+++ b/test/src/EncryptForIdentityTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/EncryptMissingPrivateKeyTest.cc b/test/src/EncryptMissingPrivateKeyTest.cc
index f1e90762..7b9e42ec 100644
--- a/test/src/EncryptMissingPrivateKeyTest.cc
+++ b/test/src/EncryptMissingPrivateKeyTest.cc
@@ -62,7 +62,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine.cc b/test/src/Engine.cc
index 3b577869..14e6dbcb 100644
--- a/test/src/Engine.cc
+++ b/test/src/Engine.cc
@@ -32,17 +32,19 @@ Engine::Engine(string engine_home_dir) {
real_home = getenv("HOME");
cached_messageToSend = NULL;
cached_inject_sync_event = NULL;
+ cached_ensure_passphrase = NULL;
}
Engine::~Engine() {}
-void Engine::prep(messageToSend_t mts, inject_sync_event_t ise,
+void Engine::prep(messageToSend_t mts, inject_sync_event_t ise, ensure_passphrase_t ep,
std::vector> init_files) {
if (engine_home.empty())
throw std::runtime_error("Engine setup: BAD INITIALISATION. No test home.");
cached_messageToSend = mts;
cached_inject_sync_event = ise;
+ cached_ensure_passphrase = ep;
int success = 0;
struct stat dirchk;
@@ -90,16 +92,9 @@ void Engine::start() {
unix_local_db(true);
- PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event);
+ PEP_STATUS status = init(&session, cached_messageToSend, cached_inject_sync_event, cached_ensure_passphrase);
assert(status == PEP_STATUS_OK);
assert(session);
-
-#ifdef USE_GPG
- success = system("gpgconf --create-socketdir");
- if (success != 0)
- throw std::runtime_error("RESTORE: Error when executing 'gpgconf --create-socketdir'.");
- system("gpg-connect-agent /bye 2>/dev/null"); // Just in case - otherwise, we die on MacOS sometimes. Is this enough??
-#endif
}
void Engine::copy_conf_file_to_test_dir(const char* dest_path, const char* conf_orig_path, const char* conf_dest_name) {
diff --git a/test/src/Engine.h b/test/src/Engine.h
index 1039faa4..56b9c371 100644
--- a/test/src/Engine.h
+++ b/test/src/Engine.h
@@ -14,7 +14,7 @@ class Engine {
Engine(string engine_home_dir);
virtual ~Engine();
- void prep(const messageToSend_t mts, const inject_sync_event_t ise, std::vector> init_files);
+ void prep(const messageToSend_t mts, const inject_sync_event_t ise, const ensure_passphrase_t ep, std::vector> init_files);
void start();
void shut_down();
@@ -27,6 +27,7 @@ class Engine {
messageToSend_t cached_messageToSend;
inject_sync_event_t cached_inject_sync_event;
+ ensure_passphrase_t cached_ensure_passphrase;
void copy_conf_file_to_test_dir(const char* dest_path, const char* conf_orig_path, const char* conf_dest_name);
void process_file_queue(std::string dirname, std::vector> file_queue);
diff --git a/test/src/Engine358Test.cc b/test/src/Engine358Test.cc
index a8ea310c..d228c383 100644
--- a/test/src/Engine358Test.cc
+++ b/test/src/Engine358Test.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine463Test.cc b/test/src/Engine463Test.cc
index 322e030e..b3654078 100644
--- a/test/src/Engine463Test.cc
+++ b/test/src/Engine463Test.cc
@@ -54,7 +54,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine514Test.cc b/test/src/Engine514Test.cc
index 3c64bd54..3cade593 100644
--- a/test/src/Engine514Test.cc
+++ b/test/src/Engine514Test.cc
@@ -47,7 +47,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine655Test.cc b/test/src/Engine655Test.cc
index 64abfc31..2baff958 100644
--- a/test/src/Engine655Test.cc
+++ b/test/src/Engine655Test.cc
@@ -51,7 +51,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine703Test.cc b/test/src/Engine703Test.cc
index cc2684e5..6cf99013 100644
--- a/test/src/Engine703Test.cc
+++ b/test/src/Engine703Test.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine704Test.cc b/test/src/Engine704Test.cc
index 0df6b3ff..9f96cb33 100644
--- a/test/src/Engine704Test.cc
+++ b/test/src/Engine704Test.cc
@@ -47,7 +47,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine715Test.cc b/test/src/Engine715Test.cc
index 4e6afa34..e677b9c4 100644
--- a/test/src/Engine715Test.cc
+++ b/test/src/Engine715Test.cc
@@ -47,7 +47,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Engine736Test.cc b/test/src/Engine736Test.cc
index acadf653..38f21ca3 100644
--- a/test/src/Engine736Test.cc
+++ b/test/src/Engine736Test.cc
@@ -49,7 +49,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/ExpiredSubkeyTest.cc b/test/src/ExpiredSubkeyTest.cc
index 1be066de..7402f3d5 100644
--- a/test/src/ExpiredSubkeyTest.cc
+++ b/test/src/ExpiredSubkeyTest.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/ExportKeyTest.cc b/test/src/ExportKeyTest.cc
index ffc787d5..b72bb22c 100644
--- a/test/src/ExportKeyTest.cc
+++ b/test/src/ExportKeyTest.cc
@@ -54,7 +54,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/ExternalRevokeTest.cc b/test/src/ExternalRevokeTest.cc
index af416d26..aadce157 100644
--- a/test/src/ExternalRevokeTest.cc
+++ b/test/src/ExternalRevokeTest.cc
@@ -59,7 +59,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/GetKeyRatingForUserTest.cc b/test/src/GetKeyRatingForUserTest.cc
index 325e412a..28f32565 100644
--- a/test/src/GetKeyRatingForUserTest.cc
+++ b/test/src/GetKeyRatingForUserTest.cc
@@ -54,7 +54,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/HeaderKeyImportTest.cc b/test/src/HeaderKeyImportTest.cc
index 0bcdeb2f..8d96a9d3 100644
--- a/test/src/HeaderKeyImportTest.cc
+++ b/test/src/HeaderKeyImportTest.cc
@@ -56,7 +56,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/I18nTest.cc b/test/src/I18nTest.cc
index 0a1d07bd..8a7f3b65 100644
--- a/test/src/I18nTest.cc
+++ b/test/src/I18nTest.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/IdentEncFormatTest.cc b/test/src/IdentEncFormatTest.cc
index b859f5be..4ab00e92 100644
--- a/test/src/IdentEncFormatTest.cc
+++ b/test/src/IdentEncFormatTest.cc
@@ -47,7 +47,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/ImportKeyTest.cc b/test/src/ImportKeyTest.cc
index f6ab0b64..8602b2f8 100644
--- a/test/src/ImportKeyTest.cc
+++ b/test/src/ImportKeyTest.cc
@@ -47,7 +47,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/KeyAttachmentTest.cc b/test/src/KeyAttachmentTest.cc
index 8064c8ad..49ccb52a 100644
--- a/test/src/KeyAttachmentTest.cc
+++ b/test/src/KeyAttachmentTest.cc
@@ -19,6 +19,9 @@
#include
+// Note: the whole purpose of this test is to see that we delete the keys and only the keys.
+// However, right now we are NOT deleting keys, on purpose, until trustsync is in.
+#define KEYS_STAY_ATTACHED 1
namespace {
@@ -57,7 +60,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -105,8 +108,15 @@ TEST_F(KeyAttachmentTest, check_key_attach_inline) {
PEP_decrypt_flags_t flags = 0;
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments , nullptr);
+ ASSERT_EQ(dec_msg->attachments->next, nullptr);
+ ASSERT_EQ(strncmp(dec_msg->attachments->value, "-----BEGIN PGP PUBLIC KEY BLOCK-----", strlen("-----BEGIN PGP PUBLIC KEY BLOCK-----")), 0);
+ ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#else
ASSERT_NE(dec_msg, nullptr);
ASSERT_EQ(dec_msg->attachments , nullptr);
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -126,6 +136,14 @@ TEST_F(KeyAttachmentTest, check_key_plus_encr_att_inline) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+ ASSERT_NE(dec_msg->attachments->next->filename, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->next->filename, "file://cheese.txt.gpg");
+ ASSERT_NE(dec_msg->attachments->next->mime_type, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->next->mime_type, "application/octet-stream");
+#else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
@@ -133,6 +151,7 @@ TEST_F(KeyAttachmentTest, check_key_plus_encr_att_inline) {
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -152,6 +171,16 @@ TEST_F(KeyAttachmentTest, check_encr_att_plus_key_inline) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
+ #if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next, nullptr);
+ ASSERT_EQ(dec_msg->attachments->next->next , nullptr);
+ ASSERT_NE(dec_msg->attachments->filename, nullptr);
+ // TODO: is there a missing update to resource IDs in decrypt in parts?
+ ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
+ ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+ #else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
@@ -159,6 +188,7 @@ TEST_F(KeyAttachmentTest, check_encr_att_plus_key_inline) {
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -178,6 +208,16 @@ TEST_F(KeyAttachmentTest, check_key_plus_unencr_att_inline) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
+ #if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+ ASSERT_EQ(dec_msg->attachments->next->next , nullptr);
+ ASSERT_NE(dec_msg->attachments->next->filename, nullptr);
+ // TODO: is there a missing update to resource IDs in decrypt in parts?
+ ASSERT_STREQ(dec_msg->attachments->next->filename, "file://cheese.txt");
+ ASSERT_NE(dec_msg->attachments->next->mime_type, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->next->mime_type, "application/octet-stream");
+ #else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
@@ -185,6 +225,7 @@ TEST_F(KeyAttachmentTest, check_key_plus_unencr_att_inline) {
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -205,7 +246,12 @@ TEST_F(KeyAttachmentTest, check_unencr_att_plus_key_inline) {
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
ASSERT_NE(dec_msg->attachments, nullptr);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+ ASSERT_EQ(dec_msg->attachments->next->next , nullptr);
+#else
ASSERT_EQ(dec_msg->attachments->next , nullptr);
+#endif
ASSERT_NE(dec_msg->attachments->filename, nullptr);
// TODO: is there a missing update to resource IDs in decrypt in parts?
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt");
@@ -234,7 +280,11 @@ TEST_F(KeyAttachmentTest, check_many_keys_inline) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+#else
ASSERT_EQ(dec_msg->attachments , nullptr);
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -254,6 +304,13 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_encr_file_inline) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
+#if KEYS_STAY_ATTACHED
+ // Ok, this is a little ridiculous, so FIXME, but if we're even going to bother
+ // until we decide to delete keys again, we need to check these are all intact.
+ // This is a placeholder so we can keep moving.
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+#else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
@@ -261,6 +318,7 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_encr_file_inline) {
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -280,6 +338,13 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_unencr_file_inline) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
+#if KEYS_STAY_ATTACHED
+ // Ok, this is a little ridiculous, so FIXME, but if we're even going to bother
+ // until we decide to delete keys again, we need to check these are all intact.
+ // This is a placeholder so we can keep moving.
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+#else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
@@ -287,6 +352,7 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_unencr_file_inline) {
ASSERT_STREQ(dec_msg->attachments->filename, "file://barky.txt");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -307,6 +373,7 @@ TEST_F(KeyAttachmentTest, check_many_keys_with_many_files_inline) {
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
+ // FIXME: I think this was part of something that didn't translate to google test.
const char* not_pres = "Encrypted attachment not preserved.";
const char* left_att = "Decryption left attachments it should have deleted.";
const char* no_fname = "Attachment doesn't have a filename.";
@@ -327,6 +394,10 @@ TEST_F(KeyAttachmentTest, check_many_keys_with_many_files_inline) {
bloblist_t* curr_att = dec_msg->attachments;
vector>::iterator it = v.begin();
+ // FIXME: test with files still in here/
+#if KEYS_STAY_ATTACHED
+ output_stream << "Don't believe the hype, KeyAttachmentTests aren't going much until trustsync is in" << endl;
+#else
while (it != v.end()) {
ASSERT_NE(curr_att, nullptr);
ASSERT_NE(curr_att->filename, nullptr);
@@ -337,7 +408,7 @@ TEST_F(KeyAttachmentTest, check_many_keys_with_many_files_inline) {
it++;
curr_att = curr_att->next;
}
-
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -357,7 +428,15 @@ TEST_F(KeyAttachmentTest, check_key_attach_OpenPGP) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
+#if KEYS_STAY_ATTACHED
+ // Ok, this is a little ridiculous, so FIXME, but if we're even going to bother
+ // until we decide to delete keys again, we need to check these are all intact.
+ // This is a placeholder so we can keep moving.
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_EQ(dec_msg->attachments->next , nullptr);
+#else
ASSERT_EQ(dec_msg->attachments , nullptr);
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -377,12 +456,21 @@ TEST_F(KeyAttachmentTest, check_key_plus_encr_att_OpenPGP) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+ ASSERT_NE(dec_msg->attachments->next->filename, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->next->filename, "file://cheese.txt.gpg");
+ ASSERT_NE(dec_msg->attachments->next->mime_type, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->next->mime_type, "application/octet-stream");
+#else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -402,12 +490,23 @@ TEST_F(KeyAttachmentTest, check_encr_att_plus_key_OpenPGP) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
+ #if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next, nullptr);
+ ASSERT_EQ(dec_msg->attachments->next->next , nullptr);
+ ASSERT_NE(dec_msg->attachments->filename, nullptr);
+ // TODO: is there a missing update to resource IDs in decrypt in parts?
+ ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
+ ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+ #else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -428,12 +527,23 @@ TEST_F(KeyAttachmentTest, check_key_plus_unencr_att_OpenPGP) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_STATUS_OK);
ASSERT_NE(dec_msg, nullptr);
+ #if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+ ASSERT_EQ(dec_msg->attachments->next->next , nullptr);
+ ASSERT_NE(dec_msg->attachments->next->filename, nullptr);
+ // TODO: is there a missing update to resource IDs in decrypt in parts?
+ ASSERT_STREQ(dec_msg->attachments->next->filename, "file://cheese.txt");
+ ASSERT_NE(dec_msg->attachments->next->mime_type, nullptr);
+ ASSERT_STREQ(dec_msg->attachments->next->mime_type, "text/plain");
+ #else
ASSERT_NE(dec_msg->attachments, nullptr);
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "text/plain");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -452,9 +562,14 @@ TEST_F(KeyAttachmentTest, check_unencr_att_plus_key_OpenPGP) {
PEP_decrypt_flags_t flags = 0;
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
- ASSERT_NE(dec_msg, nullptr);
+ ASSERT_NE(dec_msg, nullptr);
ASSERT_NE(dec_msg->attachments, nullptr);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+ ASSERT_EQ(dec_msg->attachments->next->next , nullptr);
+#else
ASSERT_EQ(dec_msg->attachments->next , nullptr);
+#endif
ASSERT_NE(dec_msg->attachments->filename, nullptr);
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
@@ -478,7 +593,11 @@ TEST_F(KeyAttachmentTest, check_many_keys_OpenPGP) {
status = decrypt_message(session, enc_msg, &dec_msg, &keylist, &rating, &flags);
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
- ASSERT_EQ(dec_msg->attachments, nullptr);
+#if KEYS_STAY_ATTACHED
+ ASSERT_NE(dec_msg->attachments, nullptr);
+#else
+ ASSERT_EQ(dec_msg->attachments , nullptr);
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -499,11 +618,18 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_encr_file_OpenPGP) {
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
ASSERT_NE(dec_msg->attachments, nullptr);
+#if KEYS_STAY_ATTACHED
+ // Ok, this is a little ridiculous, so FIXME, but if we're even going to bother
+ // until we decide to delete keys again, we need to check these are all intact.
+ // This is a placeholder so we can keep moving.
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+#else
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt.gpg");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "application/octet-stream");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -524,11 +650,18 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_unencr_file_OpenPGP) {
ASSERT_EQ(status , PEP_DECRYPTED);
ASSERT_NE(dec_msg, nullptr);
ASSERT_NE(dec_msg->attachments, nullptr);
+#if KEYS_STAY_ATTACHED
+ // Ok, this is a little ridiculous, so FIXME, but if we're even going to bother
+ // until we decide to delete keys again, we need to check these are all intact.
+ // This is a placeholder so we can keep moving.
+ ASSERT_NE(dec_msg->attachments->next , nullptr);
+#else
ASSERT_EQ(dec_msg->attachments->next , nullptr);
ASSERT_NE(dec_msg->attachments->filename, nullptr);
ASSERT_STREQ(dec_msg->attachments->filename, "file://cheese.txt");
ASSERT_NE(dec_msg->attachments->mime_type, nullptr);
ASSERT_STREQ(dec_msg->attachments->mime_type, "text/plain");
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
@@ -554,6 +687,7 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_many_files_OpenPGP) {
const char* no_fname = "Attachment doesn't have a filename.";
const char* no_mime = "Attachment doesn't have a MIME type.";
+ // FIXME: test with files still in here/
// pair is filename, mime_type
vector> v =
{
@@ -568,6 +702,10 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_many_files_OpenPGP) {
bloblist_t* curr_att = dec_msg->attachments;
vector>::iterator it = v.begin();
+ // FIXME: test with files still in here/
+#if KEYS_STAY_ATTACHED
+ output_stream << "Don't believe the hype, KeyAttachmentTests aren't going much until trustsync is in" << endl;
+#else
while (it != v.end()) {
ASSERT_NE(curr_att, nullptr);
ASSERT_NE(curr_att->filename, nullptr);
@@ -577,7 +715,7 @@ TEST_F(KeyAttachmentTest, check_many_keys_w_many_files_OpenPGP) {
it++;
curr_att = curr_att->next;
}
-
+#endif
free_message(enc_msg);
free_message(dec_msg);
free_stringlist(keylist);
diff --git a/test/src/KeyManipulationTest.cc b/test/src/KeyManipulationTest.cc
index 92db798d..ca2278e0 100644
--- a/test/src/KeyManipulationTest.cc
+++ b/test/src/KeyManipulationTest.cc
@@ -47,7 +47,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/KeyResetMessageTest.cc b/test/src/KeyResetMessageTest.cc
index c1b716ed..92b70166 100644
--- a/test/src/KeyResetMessageTest.cc
+++ b/test/src/KeyResetMessageTest.cc
@@ -24,6 +24,7 @@
#include
PEP_STATUS KRMT_message_send_callback(message* msg);
+PEP_STATUS KRMT_ensure_passphrase_callback(PEP_SESSION session, const char* key);
static void* KRMT_fake_this;
@@ -34,6 +35,7 @@ class KeyResetMessageTest : public ::testing::Test {
PEP_SESSION session;
vector m_queue;
+ vector pass_list;
protected:
@@ -49,6 +51,15 @@ class KeyResetMessageTest : public ::testing::Test {
const string erin_user_id = "ErinErinErin";
const string fenris_user_id = "BadWolf";
+ const char* bob2_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp";
+ const char* bob2_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736";
+
+ const char* alice2_filename = "test_keys/alice-no-passwords.pgp";
+ const char* alice2_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F";
+
+ const char* erwin_filename = "test_keys/erwin_normal_encrypted.pgp";
+ const char* erwin_fpr = "CBA968BC01FCEB89F04CCF155C5E9E3F0420A570";
+
// You can remove any or all of the following functions if its body
// is empty.
KeyResetMessageTest() {
@@ -78,7 +89,7 @@ class KeyResetMessageTest : public ::testing::Test {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(&KRMT_message_send_callback, NULL, init_files);
+ engine->prep(&KRMT_message_send_callback, NULL, &KRMT_ensure_passphrase_callback, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -87,6 +98,7 @@ class KeyResetMessageTest : public ::testing::Test {
// Engine is up. Keep on truckin'
m_queue.clear();
+ pass_list.clear();
}
void TearDown() override {
@@ -236,6 +248,9 @@ PEP_STATUS KRMT_message_send_callback(message* msg) {
return PEP_STATUS_OK;
}
+PEP_STATUS KRMT_ensure_passphrase_callback(PEP_SESSION session, const char* fpr) {
+ return config_valid_passphrase(session, fpr, ((KeyResetMessageTest*)KRMT_fake_this)->pass_list);
+}
TEST_F(KeyResetMessageTest, check_reset_key_and_notify) {
send_setup();
@@ -2479,6 +2494,482 @@ TEST_F(KeyResetMessageTest, check_reset_all_own_keys_one_URI_partner) {
ASSERT_STRNE(me->fpr, copy_fpr);
}
+TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "julio");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+//
+TEST_F(KeyResetMessageTest, check_reset_key_user_needs_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_wrong_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "julio");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_all_own_keys(session);
+
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_correct_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_first_wrong) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ config_passphrase(session, "erwin");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_second_wrong) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ config_passphrase(session, "bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ pass_list.push_back("erwin");
+ pass_list.push_back("cathy");
+ pass_list.push_back("bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_first_configured) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ config_passphrase(session, "bob");
+ pass_list.push_back("erwin");
+ pass_list.push_back("cathy");
+ pass_list.push_back("bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_second_configured) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ config_passphrase(session, "erwin");
+ pass_list.push_back("cathy");
+ pass_list.push_back("bob");
+ pass_list.push_back("erwin");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_first_missing) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ pass_list.push_back("cathy");
+ pass_list.push_back("erwin");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_second_missing) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ pass_list.push_back("cathy");
+ pass_list.push_back("bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_config_all_missing) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ config_passphrase(session, "cathy");
+ pass_list.push_back("dragons!");
+ pass_list.push_back("cheez whiz is gross");
+ pass_list.push_back("Vashedan!");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_user_multi_passphrase_with_passlist_empty_config_all_missing) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ ASSERT_TRUE(slurp_and_import_key(session, erwin_filename));
+
+ PEP_STATUS status;
+
+ pass_list.push_back("dragons!");
+ pass_list.push_back("cheez whiz is gross");
+ pass_list.push_back("Vashedan!");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ pEp_identity* erwin = new_identity("erwin@example.org", erwin_fpr, "BOB", "Bob is Erwin");
+ status = set_own_key(session, erwin, erwin_fpr);
+
+ status = key_reset_all_own_keys(session);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+//
+
+TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase_for_new_keys(session, true, "bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_needs_passphrase_gen_key_matches_has_passlist) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase_for_new_keys(session, true, "bob");
+ pass_list.push_back("bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_matches) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "julio");
+ config_passphrase_for_new_keys(session, true, "bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_matches_has_passlist) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "julio");
+ config_passphrase_for_new_keys(session, true, "bob");
+ pass_list.push_back("april");
+ pass_list.push_back("bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+
+TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_matches) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "bob");
+ config_passphrase_for_new_keys(session, true, "bob");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_correct_passphrase_gen_key_differs) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "bob");
+ config_passphrase_for_new_keys(session, true, "juan");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_wrong_passphrase_gen_key_differs_has_passlist) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pass_list.push_back("amy");
+ pass_list.push_back("Spurius Tettius");
+ pass_list.push_back("bob");
+ pass_list.push_back("Correct Horse Battery Staple");
+
+ config_passphrase(session, "julio");
+ config_passphrase_for_new_keys(session, true, "juan");
+
+ pEp_identity* bob2 = new_identity("bob@example.org", bob2_fpr, "BOB", "Bob Dog");
+ status = set_own_key(session, bob2, bob2_fpr);
+
+ status = key_reset_identity(session, bob2, bob2_fpr);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_but_has_gen_key) {
+ ASSERT_TRUE(slurp_and_import_key(session, alice2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, alice2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase_for_new_keys(session, true, "alice");
+
+ pEp_identity* alice2 = new_identity("alice@example.org", alice2_fpr, "ALICE", "Alice");
+ status = set_own_key(session, alice2, alice2_fpr);
+
+ status = key_reset_identity(session, alice2, alice2_fpr);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+
+}
+
+TEST_F(KeyResetMessageTest, check_reset_key_no_passphrase_needed_but_has_gen_key_and_passlist) {
+ ASSERT_TRUE(slurp_and_import_key(session, alice2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, alice2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pass_list.push_back("julio");
+ pass_list.push_back("juan");
+
+ config_passphrase_for_new_keys(session, true, "alice");
+
+ pEp_identity* alice2 = new_identity("alice@example.org", alice2_fpr, "ALICE", "Alice");
+ status = set_own_key(session, alice2, alice2_fpr);
+
+ status = key_reset_identity(session, alice2, alice2_fpr);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+
+}
+
+
+TEST_F(KeyResetMessageTest, check_reset_key_gen_key_pass_required) {
+ ASSERT_TRUE(slurp_and_import_key(session, alice2_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, alice2_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ session->new_key_pass_enable = true;
+
+ pEp_identity* alice2 = new_identity("alice@example.org", alice2_fpr, "ALICE", "Alice");
+ status = set_own_key(session, alice2, alice2_fpr);
+
+ status = key_reset_identity(session, alice2, alice2_fpr);
+ ASSERT_EQ(status, PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED);
+
+}
+
/*
TEST_F(KeyResetMessageTest, check_reset_own_with_revocations) {
pEp_identity* id1 = new_identity("krista-not-real@darthmama.org", NULL, PEP_OWN_USERID, "Krista at Home");
diff --git a/test/src/KeyeditTest.cc b/test/src/KeyeditTest.cc
index ffee0d55..442cc161 100644
--- a/test/src/KeyeditTest.cc
+++ b/test/src/KeyeditTest.cc
@@ -55,7 +55,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -74,6 +74,18 @@ namespace {
session = NULL;
}
+ const char* alice_filename = "test_keys/alice-no-passwords.pgp";
+ const char* alice_pub_filename = "test_keys/pub/alice-0x2A649B9F_pub.asc";
+ const char* bob_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp";
+ const char* carol_filename = "test_keys/carol-subkeys-password-carol.pgp";
+ const char* david_filename = "test_keys/david-encryption-subkey-password-encrypt-signing-subkey-password-sign.pgp";
+ const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp";
+ const char* alice_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F";
+ const char* bob_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736";
+ const char* carol_fpr = "A5B3473EA7CBB5DF7A4F595A8883DC4BCD8BAC06";
+ const char* david_fpr = "7F72E4B27C6161455CD9C50FE7A05D7BF3FF4E19";
+ const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97";
+
private:
const char* test_suite_name;
const char* test_name;
@@ -137,3 +149,59 @@ TEST_F(KeyeditTest, check_keyedit) {
// output_stream << "delete_keypair() exits with " << delete_status << "\n";
// ASSERT_EQ(delete_status , PEP_STATUS_OK);
}
+
+TEST_F(KeyeditTest, check_renew_key_correct_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "bob");
+
+ time_t now = time(NULL);
+ output_stream << "Time is " << now << endl;
+ timestamp *ts = new_timestamp(now);
+ ts->tm_year += 2;
+
+ status = renew_key(session, bob_fpr, ts);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
+
+TEST_F(KeyeditTest, check_renew_key_needs_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ time_t now = time(NULL);
+ output_stream << "Time is " << now << endl;
+ timestamp *ts = new_timestamp(now);
+ ts->tm_year += 2;
+
+ status = renew_key(session, bob_fpr, ts);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+
+}
+
+TEST_F(KeyeditTest, check_renew_key_wrong_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "julio");
+
+ time_t now = time(NULL);
+ output_stream << "Time is " << now << endl;
+ timestamp *ts = new_timestamp(now);
+ ts->tm_year += 2;
+
+ status = renew_key(session, bob_fpr, ts);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
diff --git a/test/src/KeyringImportTest.cc b/test/src/KeyringImportTest.cc
index 376f284c..4dc72016 100644
--- a/test/src/KeyringImportTest.cc
+++ b/test/src/KeyringImportTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/LeastColorGroupTest.cc b/test/src/LeastColorGroupTest.cc
index b56100c8..27cd6941 100644
--- a/test/src/LeastColorGroupTest.cc
+++ b/test/src/LeastColorGroupTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/LeastCommonDenomColorTest.cc b/test/src/LeastCommonDenomColorTest.cc
index 79352081..7325e59a 100644
--- a/test/src/LeastCommonDenomColorTest.cc
+++ b/test/src/LeastCommonDenomColorTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/LiteralFilenameTest.cc b/test/src/LiteralFilenameTest.cc
index 0c56e8ff..b5f1d471 100644
--- a/test/src/LiteralFilenameTest.cc
+++ b/test/src/LiteralFilenameTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/LookupTest.cc b/test/src/LookupTest.cc
index d1495b5a..6b617503 100644
--- a/test/src/LookupTest.cc
+++ b/test/src/LookupTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/LotsOfKeysTest.cc b/test/src/LotsOfKeysTest.cc
index 8eac13bc..b3cba08b 100644
--- a/test/src/LotsOfKeysTest.cc
+++ b/test/src/LotsOfKeysTest.cc
@@ -168,7 +168,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/MapAsn1Test.cc b/test/src/MapAsn1Test.cc
index 7e2b4f82..0f9c98b7 100644
--- a/test/src/MapAsn1Test.cc
+++ b/test/src/MapAsn1Test.cc
@@ -54,7 +54,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Message2_1Test.cc b/test/src/Message2_1Test.cc
index 2a3343bf..f26785d9 100644
--- a/test/src/Message2_1Test.cc
+++ b/test/src/Message2_1Test.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/MessageApiTest.cc b/test/src/MessageApiTest.cc
index 70d8588c..c51ba465 100644
--- a/test/src/MessageApiTest.cc
+++ b/test/src/MessageApiTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/MessageNullFromTest.cc b/test/src/MessageNullFromTest.cc
index 9ec5b54f..935c5674 100644
--- a/test/src/MessageNullFromTest.cc
+++ b/test/src/MessageNullFromTest.cc
@@ -70,7 +70,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/MessageTwoPointOhTest.cc b/test/src/MessageTwoPointOhTest.cc
index 41b6785a..9990eec3 100644
--- a/test/src/MessageTwoPointOhTest.cc
+++ b/test/src/MessageTwoPointOhTest.cc
@@ -59,7 +59,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/MimeTest.cc b/test/src/MimeTest.cc
index 2609839e..bd07d0f6 100644
--- a/test/src/MimeTest.cc
+++ b/test/src/MimeTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/NoOwnIdentWritesOnDecryptTest.cc b/test/src/NoOwnIdentWritesOnDecryptTest.cc
index 9c52ddca..7307edbb 100644
--- a/test/src/NoOwnIdentWritesOnDecryptTest.cc
+++ b/test/src/NoOwnIdentWritesOnDecryptTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -131,7 +131,7 @@ TEST_F(NoOwnIdentWritesOnDecryptTest, check_no_own_ident_writes_on_decrypt) {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -196,7 +196,7 @@ TEST_F(NoOwnIdentWritesOnDecryptTest, check_no_own_ident_writes_on_decrypt) {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/OwnIdentitiesRetrieveTest.cc b/test/src/OwnIdentitiesRetrieveTest.cc
index f54a89ca..7da8476c 100644
--- a/test/src/OwnIdentitiesRetrieveTest.cc
+++ b/test/src/OwnIdentitiesRetrieveTest.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -112,3 +112,121 @@ TEST_F(OwnIdentitiesRetrieveTest, check_own_identities_retrieve) {
ASSERT_NE(id_list, nullptr);
ASSERT_NE(id_list->ident, nullptr);
}
+
+TEST_F(OwnIdentitiesRetrieveTest, check_own_identities_retrieve_filter) {
+ pEp_identity* sync_alice = new_identity("alice@darthmama.org", NULL, PEP_OWN_USERID, "Alice");
+ pEp_identity* sync_bob = new_identity("bob@darthmama.org", NULL, PEP_OWN_USERID, "Bob");
+ pEp_identity* no_sync_carol = new_identity("carol@darthmama.org", NULL, PEP_OWN_USERID, "Carol");
+ pEp_identity* sync_dave = new_identity("dave@darthmama.org", NULL, PEP_OWN_USERID, "Dave");
+ pEp_identity* no_sync_eddie = new_identity("eddie@darthmama.org", NULL, PEP_OWN_USERID, "Eddie");
+ pEp_identity* no_sync_felicia = new_identity("felicia@darthmama.org", NULL, PEP_OWN_USERID, "Felicia");
+ pEp_identity* sync_gordon = new_identity("gordon@darthmama.org", NULL, PEP_OWN_USERID, "Gordon");
+
+ PEP_STATUS status = myself(session, sync_alice);
+ ASSERT_OK;
+ status = set_identity_flags(session, sync_alice, PEP_idf_devicegroup);
+ ASSERT_OK;
+ status = myself(session, sync_alice);
+ ASSERT_OK;
+ ASSERT_NE(sync_alice->flags & PEP_idf_devicegroup, 0);
+
+ status = myself(session, sync_bob);
+ ASSERT_OK;
+ status = set_identity_flags(session, sync_bob, PEP_idf_devicegroup);
+ ASSERT_OK;
+ status = myself(session, sync_bob);
+ ASSERT_OK;
+ ASSERT_NE(sync_bob->flags & PEP_idf_devicegroup, 0);
+
+ status = myself(session, no_sync_carol);
+ ASSERT_OK;
+ status = set_identity_flags(session, no_sync_carol, PEP_idf_not_for_sync);
+ ASSERT_OK;
+ status = myself(session, no_sync_carol);
+ ASSERT_OK;
+ ASSERT_NE(no_sync_carol->flags & PEP_idf_not_for_sync, 0);
+
+ status = myself(session, sync_dave);
+ ASSERT_OK;
+ status = set_identity_flags(session, sync_dave, PEP_idf_devicegroup);
+ ASSERT_OK;
+ status = myself(session, sync_dave);
+ ASSERT_OK;
+ ASSERT_NE(sync_dave->flags & PEP_idf_devicegroup, 0);
+
+ status = myself(session, no_sync_eddie);
+ ASSERT_OK;
+ status = set_identity_flags(session, no_sync_eddie, PEP_idf_not_for_sync);
+ ASSERT_OK;
+ status = myself(session, no_sync_eddie);
+ ASSERT_OK;
+ ASSERT_NE(no_sync_eddie->flags & PEP_idf_not_for_sync, 0);
+
+ status = myself(session, no_sync_felicia);
+ ASSERT_OK;
+ status = set_identity_flags(session, no_sync_felicia, PEP_idf_not_for_sync);
+ ASSERT_OK;
+ status = myself(session, no_sync_felicia);
+ ASSERT_OK;
+ ASSERT_NE(no_sync_felicia->flags & PEP_idf_not_for_sync, 0);
+
+ status = myself(session, sync_gordon);
+ ASSERT_OK;
+ status = set_identity_flags(session, sync_gordon, PEP_idf_devicegroup);
+ ASSERT_OK;
+ status = myself(session, sync_gordon);
+ ASSERT_OK;
+ ASSERT_NE(sync_gordon->flags & PEP_idf_devicegroup, 0);
+
+ identity_list* id_list = NULL;
+ status = _own_identities_retrieve(session, &id_list, PEP_idf_not_for_sync);
+ ASSERT_OK;
+ ASSERT_NE(id_list, nullptr);
+
+ const char* synced[] = {"alice@darthmama.org", "bob@darthmama.org", "dave@darthmama.org", "gordon@darthmama.org"};
+ const char* unsynced[] = {"carol@darthmama.org", "eddie@darthmama.org", "felicia@darthmama.org"};
+
+ identity_list* curr;
+ int i = 0;
+ bool sync_found = false;
+ for ( ; i < 4; i++) {
+ const char* curr_addr = synced[i];
+ sync_found = false;
+ for (curr = id_list; curr && curr->ident; curr = curr->next) {
+ if (strcmp(curr_addr, curr->ident->address) == 0) {
+ sync_found = true;
+ break;
+ }
+ }
+ ASSERT_TRUE(sync_found);
+ }
+
+ for (i = 0, curr = id_list; curr && curr->ident; curr = curr->next, i++) {}
+
+ ASSERT_EQ(i, 4);
+
+ free_identity_list(id_list);
+ id_list = NULL;
+
+ status = _own_identities_retrieve(session, &id_list, PEP_idf_devicegroup);
+ ASSERT_OK;
+ ASSERT_NE(id_list, nullptr);
+
+ bool no_sync_found = false;
+
+ for ( ; i < 3; i++) {
+ const char* curr_addr = unsynced[i];
+ no_sync_found = false;
+ for (curr = id_list; curr && curr->ident; curr = curr->next) {
+ if (strcmp(curr_addr, curr->ident->address) == 0) {
+ no_sync_found = true;
+ break;
+ }
+ }
+ ASSERT_TRUE(no_sync_found);
+ }
+
+ for (i = 0, curr = id_list; curr && curr->ident; curr = curr->next, i++) {}
+
+ ASSERT_EQ(i, 3);
+}
diff --git a/test/src/OwnKeysRetrieveTest.cc b/test/src/OwnKeysRetrieveTest.cc
index 0d01aaf1..8f1dbfde 100644
--- a/test/src/OwnKeysRetrieveTest.cc
+++ b/test/src/OwnKeysRetrieveTest.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/PassphraseTest.cc b/test/src/PassphraseTest.cc
index ad510e7d..2390732d 100644
--- a/test/src/PassphraseTest.cc
+++ b/test/src/PassphraseTest.cc
@@ -49,7 +49,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/PepSubjectReceivedTest.cc b/test/src/PepSubjectReceivedTest.cc
index 6c69eb19..3f4d121f 100644
--- a/test/src/PepSubjectReceivedTest.cc
+++ b/test/src/PepSubjectReceivedTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/PgpBinaryTest.cc b/test/src/PgpBinaryTest.cc
index 05a461f8..8fbae6b3 100644
--- a/test/src/PgpBinaryTest.cc
+++ b/test/src/PgpBinaryTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/PgpListKeysTest.cc b/test/src/PgpListKeysTest.cc
index bea3ca9a..4dd2a5b4 100644
--- a/test/src/PgpListKeysTest.cc
+++ b/test/src/PgpListKeysTest.cc
@@ -55,7 +55,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/Quick11to12Test.cc b/test/src/Quick11to12Test.cc
index 42206435..2b7078a5 100644
--- a/test/src/Quick11to12Test.cc
+++ b/test/src/Quick11to12Test.cc
@@ -51,7 +51,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/ReencryptPlusExtraKeysTest.cc b/test/src/ReencryptPlusExtraKeysTest.cc
index ede4a262..2ab5e509 100644
--- a/test/src/ReencryptPlusExtraKeysTest.cc
+++ b/test/src/ReencryptPlusExtraKeysTest.cc
@@ -58,7 +58,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/RevocationTest.cc b/test/src/RevocationTest.cc
index b3d43bb2..cce2088d 100644
--- a/test/src/RevocationTest.cc
+++ b/test/src/RevocationTest.cc
@@ -57,7 +57,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -76,6 +76,18 @@ namespace {
session = NULL;
}
+ const char* alice_filename = "test_keys/alice-no-passwords.pgp";
+ const char* alice_pub_filename = "test_keys/pub/alice-0x2A649B9F_pub.asc";
+ const char* bob_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp";
+ const char* carol_filename = "test_keys/carol-subkeys-password-carol.pgp";
+ const char* david_filename = "test_keys/david-encryption-subkey-password-encrypt-signing-subkey-password-sign.pgp";
+ const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp";
+ const char* alice_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F";
+ const char* bob_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736";
+ const char* carol_fpr = "A5B3473EA7CBB5DF7A4F595A8883DC4BCD8BAC06";
+ const char* david_fpr = "7F72E4B27C6161455CD9C50FE7A05D7BF3FF4E19";
+ const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97";
+
private:
const char* test_suite_name;
const char* test_name;
@@ -130,3 +142,50 @@ TEST_F(RevocationTest, check_revocation) {
free_stringlist(keylist);
#endif
}
+
+TEST_F(RevocationTest, check_revoke_key_needs_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ // Key imported.
+ // Now: revoke it.
+ status = revoke_key(session, bob_fpr, NULL);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+
+}
+
+TEST_F(RevocationTest, check_revoke_key_wrong_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "julio");
+
+ // Key imported.
+ // Now: revoke it.
+ status = revoke_key(session, bob_fpr, NULL);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(RevocationTest, check_revoke_key_correct_passphrase) {
+ ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ config_passphrase(session, "bob");
+
+ // Key imported.
+ // Now: revoke it.
+ status = revoke_key(session, bob_fpr, NULL);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+}
diff --git a/test/src/RevokeRegenAttachTest.cc b/test/src/RevokeRegenAttachTest.cc
index 87ba78c7..38938f9b 100644
--- a/test/src/RevokeRegenAttachTest.cc
+++ b/test/src/RevokeRegenAttachTest.cc
@@ -61,7 +61,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/SenderFPRTest.cc b/test/src/SenderFPRTest.cc
index 6dfa544b..0ac62e81 100644
--- a/test/src/SenderFPRTest.cc
+++ b/test/src/SenderFPRTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/SequenceTest.cc b/test/src/SequenceTest.cc
index 7d20d931..f89184f9 100644
--- a/test/src/SequenceTest.cc
+++ b/test/src/SequenceTest.cc
@@ -52,7 +52,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/SignOnlyTest.cc b/test/src/SignOnlyTest.cc
index b1277995..6787e679 100644
--- a/test/src/SignOnlyTest.cc
+++ b/test/src/SignOnlyTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/SimpleBodyNotAltTest.cc b/test/src/SimpleBodyNotAltTest.cc
index 22b1cbdd..041667a8 100644
--- a/test/src/SimpleBodyNotAltTest.cc
+++ b/test/src/SimpleBodyNotAltTest.cc
@@ -55,7 +55,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/SubkeyRatingEvalTest.cc b/test/src/SubkeyRatingEvalTest.cc
index 0b6f80bf..9a80ff27 100644
--- a/test/src/SubkeyRatingEvalTest.cc
+++ b/test/src/SubkeyRatingEvalTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/SyncTest.cc b/test/src/SyncTest.cc
deleted file mode 100644
index aab1d5d8..00000000
--- a/test/src/SyncTest.cc
+++ /dev/null
@@ -1,294 +0,0 @@
-// This file is under GNU General Public License 3.0
-// see LICENSE.txt
-
-#include
-#include
-#include
-#include
-
-#include "locked_queue.hh"
-#include "sync_api.h"
-#include "Sync_impl.h"
-
-#include "test_util.h"
-
-#include "pEpEngine.h"
-
-#include "pEp_internal.h"
-#include "KeySync_fsm.h"
-#include "sync_codec.h"
-
-#include "Engine.h"
-
-#include
-
-class Sync_Adapter {
-public:
- utility::locked_queue< Sync_event_t * > q;
-
- void processing();
-
- static PEP_STATUS notifyHandshake(
- pEp_identity *me,
- pEp_identity *partner,
- sync_handshake_signal signal
- );
- static int inject_sync_event(SYNC_EVENT ev, void *management);
- static Sync_event_t *retrieve_next_sync_event(void *management, unsigned threshold);
- static PEP_STATUS messageToSend(struct _message *msg);
-
- static void sync_thread(PEP_SESSION session, Sync_Adapter *adapter);
-};
-
-
-void Sync_Adapter::processing()
-{
- output_stream << "waiting for processing\n";
- const struct timespec arr[] = {{0, 100000000L}};
- while (!q.empty()) {
- nanosleep(arr, NULL);
- }
-}
-
-PEP_STATUS Sync_Adapter::notifyHandshake(
- pEp_identity *me,
- pEp_identity *partner,
- sync_handshake_signal signal
- )
-{
- return PEP_STATUS_OK;
-}
-
-int Sync_Adapter::inject_sync_event(SYNC_EVENT ev, void *management)
-{
- Sync_event_t *_ev = ev;
- switch (_ev->fsm) {
- case Sync_PR_keysync:
- output_stream << "injecting event " << KeySync_event_name(_ev->event) << "\n";
- break;
- default:
- output_stream << "unknown state machine: " << _ev->fsm << "\n";
- assert(0);
- }
- auto adapter = static_cast< Sync_Adapter *>(management);
- adapter->q.push_front(ev);
- return 0;
-}
-
-Sync_event_t *Sync_Adapter::retrieve_next_sync_event(void *management, unsigned threshold)
-{
- auto adapter = static_cast< Sync_Adapter *>(management);
- time_t started = time(nullptr);
- bool timeout = false;
-
- while (adapter->q.empty()) {
- int i = 0;
- ++i;
- if (i > 10) {
- if (time(nullptr) > started + threshold) {
- timeout = true;
- break;
- }
- i = 0;
- }
- const struct timespec arr[] = {{0, 100000000L}};
- nanosleep(arr, NULL);
- }
-
- if (timeout)
- return SYNC_TIMEOUT_EVENT;
-
- Sync_event_t *ev = adapter->q.pop_front();
- if (ev) {
- switch (ev->fsm) {
- case Sync_PR_keysync:
- output_stream << "sync thread: retrieving event " << KeySync_event_name(ev->event) << "\n";
- break;
- default:
- output_stream << "sync thread: unknown state machine: " << ev->fsm << "\n";
- assert(0);
- }
- }
- else {
- output_stream << "sync thread: retrieving shutdown\n";
- }
-
- return ev;
-}
-
-PEP_STATUS Sync_Adapter::messageToSend(struct _message *msg)
-{
- assert(msg && msg->attachments);
-
- output_stream << "sending message:\n";
-
- for (bloblist_t *b = msg->attachments; b && b->value; b = b->next) {
- if (b->mime_type && strcasecmp(b->mime_type, "application/pEp.sync") == 0) {
- assert(msg->from && msg->from->address && msg->from->username);
- output_stream << "\n";
- char *text = NULL;
- PEP_STATUS status = PER_to_XER_Sync_msg(msg->attachments->value, msg->attachments->size, &text);
- assert(status == PEP_STATUS_OK);
- output_stream << text << "\n";
- free(text);
- }
- }
-
- free_message(msg);
- return PEP_STATUS_OK;
-}
-
-void Sync_Adapter::sync_thread(PEP_SESSION session, Sync_Adapter *adapter)
-{
- output_stream << "sync_thread: startup\n";
- do_sync_protocol(session, adapter);
- output_stream << "sync_thread: shutdown\n";
-}
-
-
-namespace {
-
- //The fixture for SyncTest
- class SyncTest : public ::testing::Test {
- public:
- Engine* engine;
- PEP_SESSION session;
-
- Sync_Adapter adapter;
- PEP_SESSION sync = NULL;
- thread *sync_thread;
-
-
- protected:
- // You can remove any or all of the following functions if its body
- // is empty.
- SyncTest() {
- // You can do set-up work for each test here.
- test_suite_name = ::testing::UnitTest::GetInstance()->current_test_info()->GTEST_SUITE_SYM();
- test_name = ::testing::UnitTest::GetInstance()->current_test_info()->name();
- test_path = get_main_test_home_dir() + "/" + test_suite_name + "/" + test_name;
- }
-
- ~SyncTest() override {
- // You can do clean-up work that doesn't throw exceptions here.
- }
-
- // If the constructor and destructor are not enough for setting up
- // and cleaning up each test, you can define the following methods:
-
- void SetUp() override {
- // Code here will be called immediately after the constructor (right
- // before each test).
-
- // Leave this empty if there are no files to copy to the home directory path
- std::vector> init_files = std::vector>();
-
- // Get a new test Engine.
- engine = new Engine(test_path);
- ASSERT_NE(engine, nullptr);
-
- // Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
-
- // Ok, try to start this bugger. Is this totally irrelevant for this case??
- engine->start();
- ASSERT_NE(engine->session, nullptr);
- session = engine->session;
-
- // Engine is up. Keep on truckin'
-
- pEp_identity *self = new_identity("alice@synctests.pEp", nullptr, "23", "Alice Miller");
- assert(self);
- output_stream << "setting own identity for " << self->address << "\n";
- PEP_STATUS status = myself(session, self);
- assert(self->me);
- assert(self->fpr);
- output_stream << "fpr: " << self->fpr << "\n";
- free_identity(self);
-
- status = init(&sync, Sync_Adapter::messageToSend, Sync_Adapter::inject_sync_event);
- if (status != PEP_STATUS_OK)
- throw std::runtime_error((string("init returned ") + tl_status_string(status)).c_str());
-
- output_stream << "initialize sync and start first state machine\n";
- status = register_sync_callbacks(
- sync,
- (void *) &adapter.q,
- Sync_Adapter::notifyHandshake,
- Sync_Adapter::retrieve_next_sync_event
- );
- if (status != PEP_STATUS_OK)
- throw std::runtime_error((string("register sync status returned ") + tl_status_string(status)).c_str());
- if (sync->sync_state.keysync.state != Sole)
- throw std::runtime_error((string("keysync.state was supposed to be ") + to_string((int)Sole) + " but was " + to_string((int)(sync->sync_state.keysync.state))).c_str());
-
- output_stream << "creating thread for sync\n";
- sync_thread = new thread(Sync_Adapter::sync_thread, sync, &adapter);
-
- }
-
- void TearDown() override {
- // Code here will be called immediately after each test (right
- // before the destructor).
-
- adapter.processing();
-
- output_stream << "sending shutdown to sync thread\n";
- adapter.q.push_front(nullptr);
- sync_thread->join();
-
- unregister_sync_callbacks(sync);
- release(sync);
-
- engine->shut_down();
- delete engine;
- engine = NULL;
- session = NULL;
- }
-
- private:
- const char* test_suite_name;
- const char* test_name;
- string test_path;
- // Objects declared here can be used by all tests in the SyncTest suite.
-
- };
-
-} // namespace
-
-TEST_F(SyncTest, check_sync)
-{
- output_stream << "check_sync(): trigger KeyGen event\n";
- signal_Sync_event(sync, Sync_PR_keysync, KeyGen, NULL);
- adapter.processing();
-
- output_stream << "check_sync(): cry for unknown key\n";
- signal_Sync_event(sync, Sync_PR_keysync, CannotDecrypt, NULL);
-}
-
-/*
-TEST_F(SyncTest, check_sync_enable)
-{
- pEp_identity* julio = new_identity("julio.iglesias@truhan.senor.es", NULL, PEP_OWN_USERID, "Julio Iglesias");
- enable_identity_for_sync(session, julio);
- adapter.processing();
- myself(session, julio);
- ASSERT_EQ(julio->flags, PEP_idf_devicegroup);
- string current_fpr = julio->fpr;
-
-// Passes if you step through and ignore the send_key_to_recents part of key reset, because the attempt to pass the static class vars above doesn't work.
-// FIXME: KB, reimplement according to now-standard method used in key reset tests
- // disable_identity_for_sync(session, julio);
- // adapter.processing();
- // myself(session, julio);
- // ASSERT_EQ(julio->flags, PEP_idf_not_for_sync);
- // ASSERT_STRNE(current_fpr.c_str(), julio->fpr);
- //
- // pEp_identity* juan = new_identity("juan.valdez@columbian.coffee.co", NULL, PEP_OWN_USERID, "Juan Valdez");
- // disable_identity_for_sync(session, juan);
- // adapter.processing();
- // myself(session, juan);
- // ASSERT_EQ(juan->flags, PEP_idf_not_for_sync);
- // ASSERT_FALSE(EMPTYSTR(juan->fpr));
-}
-*/
diff --git a/test/src/TrustManipulationTest.cc b/test/src/TrustManipulationTest.cc
index 99a3ef27..d115650c 100644
--- a/test/src/TrustManipulationTest.cc
+++ b/test/src/TrustManipulationTest.cc
@@ -56,7 +56,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/TrustwordsTest.cc b/test/src/TrustwordsTest.cc
index 2e16dae3..b4fb58e9 100644
--- a/test/src/TrustwordsTest.cc
+++ b/test/src/TrustwordsTest.cc
@@ -51,7 +51,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/URIAddressTest.cc b/test/src/URIAddressTest.cc
index bb8b691d..cddb1240 100644
--- a/test/src/URIAddressTest.cc
+++ b/test/src/URIAddressTest.cc
@@ -56,7 +56,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/UnencryptedPepMailTest.cc b/test/src/UnencryptedPepMailTest.cc
index 147f4785..23a2eb2d 100644
--- a/test/src/UnencryptedPepMailTest.cc
+++ b/test/src/UnencryptedPepMailTest.cc
@@ -50,7 +50,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/UpdateIdAndMyselfTest.cc b/test/src/UpdateIdAndMyselfTest.cc
index 5bbc1b9c..91259765 100644
--- a/test/src/UpdateIdAndMyselfTest.cc
+++ b/test/src/UpdateIdAndMyselfTest.cc
@@ -13,6 +13,7 @@
#include "TestConstants.h"
#include "pEpEngine.h"
+#include "pEp_internal.h"
#include "message_api.h"
#include "keymanagement.h"
#include "test_util.h"
@@ -59,7 +60,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
@@ -78,6 +79,9 @@ namespace {
session = NULL;
}
+ const char* testy_filename = "test_keys/testy_expired.pgp"; // pub/private keypair
+ const char* testy_fpr = "D1AEA592B78BEF2BE8D93C78DD835B271075DA7E";
+
private:
const char* test_suite_name;
const char* test_name;
@@ -674,3 +678,215 @@ TEST_F(UpdateIdAndMyselfTest, check_update_identity_and_myself) {
free(alias_id);
free(new_fpr);
}
+
+TEST_F(UpdateIdAndMyselfTest, check_myself_gen_password) {
+ PEP_STATUS status;
+ config_passphrase_for_new_keys(session, true, "test");
+ pEp_identity* testy = new_identity("testy@darthmama.org", NULL, PEP_OWN_USERID, "Testy McKeys");
+ testy->me = true;
+ testy->comm_type = PEP_ct_pEp;
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ status = myself(session, testy);
+ ASSERT_OK;
+ ASSERT_NE(testy->fpr, nullptr);
+ ASSERT_NE(testy->fpr[0], '\0');
+
+ status = probe_encrypt(session, testy->fpr);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+ config_passphrase(session, "test");
+ status = probe_encrypt(session, testy->fpr);
+ ASSERT_OK;
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_myself_gen_password_required) {
+ PEP_STATUS status;
+
+ session->new_key_pass_enable = true;
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", NULL, PEP_OWN_USERID, "Testy McKeys");
+ testy->me = true;
+ testy->comm_type = PEP_ct_pEp;
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ status = myself(session, testy);
+ ASSERT_EQ(status, PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED);
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_myself_gen_password_disable) {
+ PEP_STATUS status;
+ config_passphrase_for_new_keys(session, true, "test");
+ session->new_key_pass_enable = false;
+ pEp_identity* testy = new_identity("testy@darthmama.org", NULL, PEP_OWN_USERID, "Testy McKeys");
+ testy->me = true;
+ testy->comm_type = PEP_ct_pEp;
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ status = myself(session, testy);
+ ASSERT_OK;
+ ASSERT_NE(testy->fpr, nullptr);
+ ASSERT_NE(testy->fpr[0], '\0');
+
+ status = probe_encrypt(session, testy->fpr);
+ ASSERT_OK;
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_myself_renewal_password) {
+ ASSERT_TRUE(slurp_and_import_key(session, testy_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, testy_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys");
+ testy->me = true;
+ testy->comm_type = PEP_ct_pEp;
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ config_passphrase(session, "test");
+
+ status = myself(session, testy);
+ ASSERT_OK;
+
+ bool expired = false;
+ status = key_expired(session, testy_fpr, time(NULL), &expired);
+ ASSERT_OK;
+ ASSERT_FALSE(expired);
+
+ ASSERT_STREQ(testy_fpr, testy->fpr);
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_myself_renewal_wrong_password) {
+ ASSERT_TRUE(slurp_and_import_key(session, testy_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, testy_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys");
+ testy->me = true;
+ testy->comm_type = PEP_ct_pEp;
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ config_passphrase(session, "bob");
+
+ status = myself(session, testy);
+ ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_myself_renewal_requires_password) {
+ ASSERT_TRUE(slurp_and_import_key(session, testy_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, testy_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys");
+ testy->me = true;
+ testy->comm_type = PEP_ct_pEp;
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ status = myself(session, testy);
+ ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_update_identity_own_renewal_password) {
+ ASSERT_TRUE(slurp_and_import_key(session, testy_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, testy_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ // Force own identity to exist in DB, but not the onee we're working on
+ pEp_identity* fake_id = new_identity("fake@fake.fake", NULL, PEP_OWN_USERID, "This identity is fake");
+ fake_id->me = true;
+ status = set_identity(session, fake_id);
+ ASSERT_OK;
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys");
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ config_passphrase(session, "test");
+
+ free(testy->user_id);
+ testy->user_id = NULL;
+ status = update_identity(session, testy);
+ ASSERT_EQ(status, PEP_KEY_UNSUITABLE);
+
+ bool expired = false;
+ status = key_expired(session, testy_fpr, time(NULL), &expired);
+ ASSERT_OK;
+ ASSERT_TRUE(expired);
+}
+
+
+TEST_F(UpdateIdAndMyselfTest, check_update_identity_own_renewal_wrong_password) {
+ ASSERT_TRUE(slurp_and_import_key(session, testy_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, testy_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ // Force own identity to exist in DB, but not the onee we're working on
+ pEp_identity* fake_id = new_identity("fake@fake.fake", NULL, PEP_OWN_USERID, "This identity is fake");
+ fake_id->me = true;
+ status = set_identity(session, fake_id);
+ ASSERT_OK;
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys");
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ config_passphrase(session, "bob");
+
+ free(testy->user_id);
+ testy->user_id = NULL;
+ status = update_identity(session, testy);
+ ASSERT_EQ(status, PEP_KEY_UNSUITABLE);
+
+ bool expired = false;
+ status = key_expired(session, testy_fpr, time(NULL), &expired);
+ ASSERT_OK;
+ ASSERT_TRUE(expired);
+}
+
+TEST_F(UpdateIdAndMyselfTest, check_update_identity_own_renewal_requires_password) {
+ ASSERT_TRUE(slurp_and_import_key(session, testy_filename));
+ stringlist_t* found_key = NULL;
+ PEP_STATUS status = find_keys(session, testy_fpr, &found_key);
+ ASSERT_EQ(status, PEP_STATUS_OK);
+ ASSERT_NE(found_key, nullptr);
+ ASSERT_NE(found_key->value, nullptr);
+
+ // Force own identity to exist in DB, but not the onee we're working on
+ pEp_identity* fake_id = new_identity("fake@fake.fake", NULL, PEP_OWN_USERID, "This identity is fake");
+ fake_id->me = true;
+ status = set_identity(session, fake_id);
+ ASSERT_OK;
+
+ pEp_identity* testy = new_identity("testy@darthmama.org", testy_fpr, PEP_OWN_USERID, "Testy McKeys");
+ status = set_identity(session, testy);
+ ASSERT_OK;
+
+ free(testy->user_id);
+ testy->user_id = NULL;
+ status = update_identity(session, testy);
+ ASSERT_EQ(status, PEP_KEY_UNSUITABLE);
+
+ bool expired = false;
+ status = key_expired(session, testy_fpr, time(NULL), &expired);
+ ASSERT_OK;
+ ASSERT_TRUE(expired);
+}
diff --git a/test/src/UserIDAliasTest.cc b/test/src/UserIDAliasTest.cc
index 57599462..656efe9e 100644
--- a/test/src/UserIDAliasTest.cc
+++ b/test/src/UserIDAliasTest.cc
@@ -56,7 +56,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/UserIdCollisionTest.cc b/test/src/UserIdCollisionTest.cc
index c7a3ca9b..601d65cf 100644
--- a/test/src/UserIdCollisionTest.cc
+++ b/test/src/UserIdCollisionTest.cc
@@ -134,7 +134,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/VerifyTest.cc b/test/src/VerifyTest.cc
index 73f387be..80b67259 100644
--- a/test/src/VerifyTest.cc
+++ b/test/src/VerifyTest.cc
@@ -53,7 +53,7 @@ namespace {
ASSERT_NE(engine, nullptr);
// Ok, let's initialize test directories etc.
- engine->prep(NULL, NULL, init_files);
+ engine->prep(NULL, NULL, NULL, init_files);
// Ok, try to start this bugger.
engine->start();
diff --git a/test/src/test_util.cc b/test/src/test_util.cc
index 2eb2d170..4166e86b 100644
--- a/test/src/test_util.cc
+++ b/test/src/test_util.cc
@@ -14,6 +14,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -483,6 +484,21 @@ int util_delete_filepath(const char *filepath,
return retval;
}
+PEP_STATUS config_valid_passphrase(PEP_SESSION session, const char* fpr, std::vector passphrases) {
+ // Check to see if it currently works
+ PEP_STATUS status = probe_encrypt(session, fpr);
+ if (status == PEP_STATUS_OK || passphrases.empty())
+ return status;
+
+ for (auto && pass : passphrases) {
+ config_passphrase(session, pass.c_str());
+ status = probe_encrypt(session, fpr);
+ if (status == PEP_STATUS_OK)
+ break;
+ }
+ return status;
+}
+
#ifndef ENIGMAIL_MAY_USE_THIS
static PEP_STATUS update_identity_recip_list(PEP_SESSION session,
@@ -509,7 +525,7 @@ static PEP_STATUS update_identity_recip_list(PEP_SESSION session,
}
}
else
- status = _myself(session, curr_identity, false, false, true);
+ status = _myself(session, curr_identity, false, false, false, true);
if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY)
return status;
}
@@ -556,7 +572,7 @@ PEP_STATUS MIME_decrypt_message(
if (!is_me(session, tmp_msg->from))
status = update_identity(session, (tmp_msg->from));
else
- status = _myself(session, tmp_msg->from, false, false, true);
+ status = _myself(session, tmp_msg->from, false, true, false, true);
if (status == PEP_ILLEGAL_VALUE || status == PEP_OUT_OF_MEMORY)
goto pEp_error;
diff --git a/test/src/test_util.h b/test/src/test_util.h
index a8abad75..31a15430 100644
--- a/test/src/test_util.h
+++ b/test/src/test_util.h
@@ -6,17 +6,23 @@
#include
#include
#include
+#include
#include "pEpEngine.h"
#include "message_api.h"
#include "aux_mime_msg.h"
#include "mime.h"
+#include
+
void test_init();
bool file_exists(std::string filename);
bool is_pEpmsg(const message *msg); // duplicates static func in message_api.c, fyi
+#ifndef ASSERT_OK
+#define ASSERT_OK ASSERT_EQ(status, PEP_STATUS_OK)
+#endif
extern std::string _main_test_home_dir;
@@ -117,6 +123,8 @@ class NullBuffer : public std::streambuf {
int overflow(int c);
};
+PEP_STATUS config_valid_passphrase(PEP_SESSION session, const char* fpr, std::vector passphrases);
+
#ifndef ENIGMAIL_MAY_USE_THIS
// MIME_decrypt_message() - decrypt a MIME message, with MIME output
diff --git a/test/test_keys/erwin_normal_encrypted.pgp b/test/test_keys/erwin_normal_encrypted.pgp
new file mode 100644
index 00000000..5c4af94e
--- /dev/null
+++ b/test/test_keys/erwin_normal_encrypted.pgp
@@ -0,0 +1,30 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+Comment: CBA9 68BC 01FC EB89 F04C CF15 5C5E 9E3F 0420 A570
+Comment: erwin2-electric-boogaloo@example.org
+
+xYYEXyRZVBYJKwYBBAHaRw8BAQdAyWxnUgFCgukUn3n98AKyVEM1/zFEbXK29yRj
+OJHBG1H+CQMI1MVsl/YGGq7/WC9ZYFQty5jz0X/zo/JY1jFmXqCWCGeMhqLl3WBq
+DwGonZVBWhp8QnIXiydHIkqxhxoc7XShHme5hZs28LPIT5LF8EO3vcKHBB8WCgAY
+BYJfJFlUBYkFpI+1AgsJAhUKApsBAh4BACEJEFxenj8EIKVwFiEEy6lovAH864nw
+TM8VXF6ePwQgpXAlOwEAlOsjerl/1bBhCcO0A3wucwmgUhcnQfRG+WIifKnmhOcA
+/20v/GvkgO22K8YZhygwmcSOvx0s93EBxyWRRnG9Pb8IzSRlcndpbjItZWxlY3Ry
+aWMtYm9vZ2Fsb29AZXhhbXBsZS5vcmfCigQTFgoAGwWCXyRZVAWJBaSPtQILCQIV
+CgKZAQKbAQIeAQAhCRBcXp4/BCClcBYhBMupaLwB/OuJ8EzPFVxenj8EIKVwhQYB
+APh7AVFMZ+KCcz5yHn+czAHC9tl8iw3liikqujNqnw8pAQDWlsOMixGS7gYPgDwh
+PxYV0y32iFcycHT+0nkDVN50B8eGBF8kWVQWCSsGAQQB2kcPAQEHQHEP9EAwlT1V
+nS22ZNOBauv4Exo7aVZKPIknM0PhrIo1/gkDCAJNdcr6xM35/wlyhLfBuX47t+FV
+G/dxDWvlHvhL0d10kDRxV2OUOTs9FF6SHhoNmJCTXECgjfIE2VA9Jdwi7kGbFjcL
+vZBt9opkoqZsHJjCwDgEGBYKABIFgl8kWVQFiQWkj7UCmwICHgEAmAkQXF6ePwQg
+pXB2oAQZFgoABgWCXyRZVAAhCRAOQ+rSK33mEhYhBKs6FrQlWp++ddYFNw5D6tIr
+feYSAIABAL+R7weg/XPynY6A5VLLFq5papoAo+UKGMfA5ddK1nJNAP0bN61ikyvN
+GVhxivR6+Bjf91a45aYNz/ewllIeEBaMBBYhBMupaLwB/OuJ8EzPFVxenj8EIKVw
+cqkA/2Qfrv2dJ6VDDrCC9ucrW4NcMQllNse8GIWKehXp35f9AQD3Vj2qJIve+v9/
+BVnJcREBxT+WFJIa8762bbAEC4XdCMeLBF8kWVQSCisGAQQBl1UBBQEBB0AKCbEf
+OOdH80jxLLh9LG3K5hHI9zvo9strgGGAEcaFKwMBCAn+CQMICjFkzCai4CX/NIVi
+Vv36MrODVyIK478sFI1Nn7nJpRQynAGRss5LqfmFgEfWlVseBFcC7+o5rmXrG/0/
+Zy4YzHnhWmI/VG9jRSSr6ELGUcKBBBgWCgASBYJfJFlUBYkFpI+1ApsMAh4BACEJ
+EFxenj8EIKVwFiEEy6lovAH864nwTM8VXF6ePwQgpXATJQEA/KVMdqzMeug6bQlc
+JEX+eh0vpANB3dPIjPem43yTMtQA/0/6GddNBVIH2c2LDEA1ntHsbBWrtL9KG694
+R6OBpcAD
+=1aYf
+-----END PGP PRIVATE KEY BLOCK-----
diff --git a/test/test_keys/testy_expired.pgp b/test/test_keys/testy_expired.pgp
new file mode 100644
index 00000000..d826defa
--- /dev/null
+++ b/test/test_keys/testy_expired.pgp
@@ -0,0 +1,30 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+Comment: D1AE A592 B78B EF2B E8D9 3C78 DD83 5B27 1075 DA7E
+Comment: Testy McExpiredKey
+
+xYYEXE2XJxYJKwYBBAHaRw8BAQdAzRzNNktTqmvJZUdK3SQkPqAVWvL0n5qCpapG
+bGXi+VH+CQMI8JRexRCwx3D/m5XQOLFR/5rmzMlBV0kLTr10RCad3feLBs2vr1lf
+xh+eLIxNJhYrPbOCTea7nN8nzUDwzQNUWVp7caINrnhIhDNRL973w8KHBB8WCgAY
+BYJcTZcnBYkAAVF9AgsJAhUKApsBAh4BACEJEN2DWycQddp+FiEE0a6lkreL7yvo
+2Tx43YNbJxB12n62vQD/Qm4oGq/KHnAcyTXYtzTVR+4vkWXr044Dk0IUlLWuh+YA
+/issbJX/6D+9QLJNWgU8NIJkeM2V7/Dn5TG78nEBuJUFzShUZXN0eSBNY0V4cGly
+ZWRLZXkgPHRlc3R5QGRhcnRobWFtYS5vcmc+wooEExYKABsFglxNlycFiQABUX0C
+CwkCFQoCmQECmwECHgEAIQkQ3YNbJxB12n4WIQTRrqWSt4vvK+jZPHjdg1snEHXa
+fmQsAQD88B62VN2aAw/mbuA7Ihz0itl9bG6xKTadqloNqhWBywEA3rt9/tYOiZlP
+9ZqVG5wGEu14wTVehr+Tn34RIXvS0AjHhgRcTZcnFgkrBgEEAdpHDwEBB0BilSz+
+AK65ih+A56g1kb9PzZQWO+/dbkiYkyhCAQnLL/4JAwjzE9QpYS6+pP+B7PMLWWlO
+I4+aqLaU+X0rPobzjaW2prZAMAMALmdy4+XX70lSwO0vfyUDUxS1FYuourwcs7SH
+FbWNFBhwy19oH0iUUUCMwsA4BBgWCgASBYJcTZcnBYkAAVF9ApsCAh4BAJgJEN2D
+WycQddp+dqAEGRYKAAYFglxNlycAIQkQ6SLysAGDI6YWIQTYCRj9VOI8cNRohC3p
+IvKwAYMjplZJAQCUU7/Gxypr3spe5enGxmOG176f5zwpgRtofjgdzB3A4wEAwCRs
+ULVltO5aLEGpTqI3Y4c7FQpL7by5rjMGPQXwaA4WIQTRrqWSt4vvK+jZPHjdg1sn
+EHXafvudAP9gluzsBG/h5dmnUdj8wBjdiwMLtF2EbnJ5yNerFlKVogEAwmwY0Oza
+Gtwxs/RfH3rpDNOciyeHKTVpDxIgCTslfgbHiwRcTZcnEgorBgEEAZdVAQUBAQdA
+TJVNGPLhOn5xvalYOJSe2xEK8erJP4ypAPyjIZAOOgYDAQgJ/gkDCKMEQlbxKbC8
+/zympAiM9Hg2+AnkkTCeyH9hrRfAwdRBMFCg6WyvL/8YfnduszqEw16azdCSyXbF
+/83O9UpVoyoltxW13zzX0CK+34I8R5rCgQQYFgoAEgWCXE2XJwWJAAFRfQKbDAIe
+AQAhCRDdg1snEHXafhYhBNGupZK3i+8r6Nk8eN2DWycQddp+v3kBALvpES5a5YNv
+s05KWZmdhKDv/G+RNa427OKX1JO9gdvAAP9FAS7lujAbfmMPgXpgY1an4aIY0466
+FO4XjYee+ROODQ==
+=55ON
+-----END PGP PRIVATE KEY BLOCK-----