Own keys, now filled and used by myself()

doc_update_sequoia
Edouard Tisserant 7 years ago
parent f6d3b47651
commit d5708d03a2

@ -190,20 +190,16 @@ DYNAMIC_API PEP_STATUS update_identity(
return PEP_OUT_OF_MEMORY;
}
if (identity->comm_type == PEP_ct_unknown) {
if (_comm_type_key != PEP_ct_compromized && _comm_type_key != PEP_ct_unknown) {
if (_comm_type_key != PEP_ct_compromized &&
_comm_type_key != PEP_ct_unknown)
{
if (identity->comm_type == PEP_ct_unknown ||
_comm_type_key > identity->comm_type)
{
identity->comm_type = _comm_type_key;
_fpr = _keylist->value;
}
}
else {
if (_comm_type_key != PEP_ct_compromized && _comm_type_key != PEP_ct_unknown) {
if (_comm_type_key > identity->comm_type) {
identity->comm_type = _comm_type_key;
_fpr = _keylist->value;
}
}
}
}
if (_fpr) {
@ -257,7 +253,6 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
{
pEp_identity *stored_identity;
PEP_STATUS status;
stringlist_t *keylist = NULL;
assert(session);
assert(identity);
@ -295,9 +290,27 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
}
identity->fpr_size = stored_identity->fpr_size;
}
// Backward compatibility, not check that stored key is indeed own key
}
else if (!EMPTYSTR(identity->fpr))
{
// App must have a good reason to give fpr, such as explicit
// import of private key, or similar.
// Take given fpr as-is, and consider it as own-key.
status = own_key_add(session, identity->fpr);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {
return status;
}
}
else
{
stringlist_t *keylist = NULL;
free(identity->fpr);
identity->fpr_size = 0;
@ -308,34 +321,66 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
if (keylist != NULL && keylist->value != NULL)
{
// BUG : Vulnerable to auto-key-import poisoning.
// Attacker's key with forged userId could have been
// auto imported from already received email and be used here
// TODO : iterate over list to elect best key
// TODO : discard keys which aren't private
// TODO : discard keys which aren't either
// - own generated key
// - own from synchronized device group
// - already fully trusted as a public key of known
// identity, for that same address
// (case of imported key for mailing lists)
char *_fpr = NULL;
identity->comm_type = PEP_ct_unknown;
stringlist_t *_keylist;
for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
bool is_own = false;
status = own_key_is_listed(session, _keylist->value, &is_own);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {
free_stringlist(keylist);
return status;
}
// TODO : also accept synchronized device group keys ?
if (is_own)
{
PEP_comm_type _comm_type_key;
status = get_key_rating(session, _keylist->value, &_comm_type_key);
assert(status != PEP_OUT_OF_MEMORY);
if (status == PEP_OUT_OF_MEMORY) {
free_stringlist(keylist);
return PEP_OUT_OF_MEMORY;
}
if (_comm_type_key != PEP_ct_compromized &&
_comm_type_key != PEP_ct_unknown)
{
if (identity->comm_type == PEP_ct_unknown ||
_comm_type_key > identity->comm_type)
{
identity->comm_type = _comm_type_key;
_fpr = _keylist->value;
}
}
}
}
identity->fpr = strdup(keylist->value);
assert(identity->fpr);
if (identity->fpr == NULL)
if (_fpr)
{
return PEP_OUT_OF_MEMORY;
identity->fpr = strdup(_fpr);
assert(identity->fpr);
if (identity->fpr == NULL)
{
free_stringlist(keylist);
return PEP_OUT_OF_MEMORY;
}
identity->fpr_size = strlen(identity->fpr);
}
identity->fpr_size = strlen(identity->fpr);
free_stringlist(keylist);
}
}
// TODO : Check key for revoked state
if (EMPTYSTR(identity->fpr) /* or revoked */)
{
stringlist_t *keylist = NULL;
DEBUG_LOG("generating key pair", "debug", identity->address);
status = generate_keypair(session, identity);
@ -353,9 +398,20 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
return PEP_OUT_OF_MEMORY;
assert(keylist && keylist->value);
if (keylist == NULL || keylist->value == NULL) {
if (keylist == NULL) {
return PEP_UNKNOWN_ERROR;
}else if (keylist->value == NULL) {
free_stringlist(keylist);
return PEP_UNKNOWN_ERROR;
}
// Consider generated keys as own keys.
status = own_key_add(session, identity->fpr);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {
free_stringlist(keylist);
return status;
}
}
else
{
@ -363,7 +419,7 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
status = key_expired(session, identity->fpr, &expired);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {
goto free_keylist;
return status;
}
if (status == PEP_STATUS_OK && expired) {
@ -376,14 +432,11 @@ DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
status = set_identity(session, identity);
assert(status == PEP_STATUS_OK);
if (status != PEP_STATUS_OK) {
goto free_keylist;
return status;
}
return PEP_STATUS_OK;
free_keylist:
free_stringlist(keylist);
return status;
}
DYNAMIC_API PEP_STATUS register_examine_function(

@ -177,7 +177,7 @@ DYNAMIC_API PEP_STATUS init(PEP_SESSION *session)
"create table if not exists own_keys (\n"
" fpr text primary key\n"
" references pgp_keypair (fpr)\n"
" on delete cascade,\n"
" on delete cascade\n"
");\n"
,
NULL,

Loading…
Cancel
Save