Browse Source

ENGINE-420: fixed bug in key_reset_trust when key corresponds to an own identity (this case: public-key-only), plus test expansion and bug fixes on encrypt_message_and_add_private_key

doc_update_sequoia
Krista Bennett 4 years ago
parent
commit
e1b33d0def
3 changed files with 102 additions and 16 deletions
  1. +4
    -1
      src/keymanagement.c
  2. +30
    -14
      src/message_api.c
  3. +68
    -1
      test/encrypt_attach_private_key_test.cc

+ 4
- 1
src/keymanagement.c View File

@ -1289,7 +1289,10 @@ DYNAMIC_API PEP_STATUS key_reset_trust(
if (!tmp_ident)
return PEP_OUT_OF_MEMORY;
status = update_identity(session, tmp_ident);
if (is_me(session, tmp_ident))
status = myself(session, tmp_ident);
else
status = update_identity(session, tmp_ident);
if (status != PEP_STATUS_OK)
goto pep_free;


+ 30
- 14
src/message_api.c View File

@ -1825,7 +1825,7 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
assert(src);
assert(dst);
assert(to_fpr);
if (!session || !src || !dst || !to_fpr)
return PEP_ILLEGAL_VALUE;
@ -1844,6 +1844,8 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
if (!strcasecmp(src->from->address, src->to->ident->address) == 0)
return PEP_ILLEGAL_VALUE;
stringlist_t* keys = NULL;
char* own_id = NULL;
char* default_id = NULL;
@ -1865,8 +1867,8 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
// Ok, we are at least marginally sure the initial stuff is ok.
// Let's get our own, normal identity
pEp_identity* own_identity = NULL;
status = get_identity(session, src->to->ident->address, own_id, &own_identity);
pEp_identity* own_identity = identity_dup(src->from);
status = myself(session, own_identity);
if (status != PEP_STATUS_OK)
goto pep_free;
@ -1877,8 +1879,11 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
status = get_trust(session, own_identity);
if (status != PEP_STATUS_OK)
if (status != PEP_STATUS_OK) {
if (status == PEP_CANNOT_FIND_IDENTITY)
status = PEP_ILLEGAL_VALUE;
goto pep_free;
}
if ((own_identity->comm_type & PEP_ct_confirmed) != PEP_ct_confirmed) {
status = PEP_ILLEGAL_VALUE;
@ -1902,12 +1907,14 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
}
// Ok, fine... let's encrypt yon blob
stringlist_t* keys = new_stringlist(to_fpr);
keys = new_stringlist(own_private_fpr);
if (!keys) {
status = PEP_OUT_OF_MEMORY;
goto pep_free;
}
stringlist_add(keys, to_fpr);
char* encrypted_key_text = NULL;
size_t encrypted_key_size = 0;
@ -1926,7 +1933,14 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
// We will have to delete this before returning, as we allocated it.
bloblist_t* created_bl = NULL;
bloblist_t* created_predecessor = NULL;
if (!src->attachments) {
bloblist_t* old_head = NULL;
if (!src->attachments || src->attachments->value == NULL) {
if (src->attachments->value == NULL) {
old_head = src->attachments;
src->attachments = NULL;
}
src->attachments = new_bloblist(encrypted_key_text, encrypted_key_size,
"application/octet-stream",
"file://pEpkey.asc.pgp");
@ -1934,15 +1948,14 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
}
else {
bloblist_t* tmp = src->attachments;
while (src->attachments->next) {
tmp = src->attachments->next;
while (tmp && tmp->next) {
tmp = tmp->next;
}
created_bl = bloblist_add(src->attachments,
created_predecessor = tmp;
created_bl = bloblist_add(tmp,
encrypted_key_text, encrypted_key_size,
"application/octet-stream",
"file://pEpkey.asc.pgp");
created_predecessor = tmp;
}
if (!created_bl) {
@ -1957,13 +1970,16 @@ DYNAMIC_API PEP_STATUS encrypt_message_and_add_priv_key(
free_bloblist(created_bl);
if (created_predecessor)
created_predecessor->next = NULL;
else
src->attachments = NULL;
else {
if (old_head)
src->attachments = old_head;
else
src->attachments = NULL;
}
pep_free:
free(own_id);
free(default_id);
free(priv_key_data);
free(own_private_fpr);
free_identity(own_identity);
free_stringlist(keys);


+ 68
- 1
test/encrypt_attach_private_key_test.cc View File

@ -29,6 +29,8 @@ int main() {
const char* diff_uid_0 = "TASTY_TEST_UID_0";
const char* diff_uid_1 = "TASTY_TEST_UID_1";
cout << "Importing keys..." << endl;
string input_key;
const char* main_addr = "priv-key-import-test-main@darthmama.cool";
pEp_identity* main_me = NULL;
@ -81,29 +83,49 @@ int main() {
input_key = slurp("test_keys/pub/priv-key-import-test-other_1-0xC785F20A_pub.asc");
status = import_key(session, input_key.c_str(), input_key.length(), NULL);
assert(status == PEP_STATUS_OK);
cout << "Done!" << endl << endl;
cout << "Setting up own identity with default key " << fpr_main_me << endl;
// Own identity with default key etc
main_me = new_identity(main_addr, fpr_main_me, own_uid, "PrivateKey Import Test");
status = set_own_key(session, main_me, fpr_main_me);
assert(status == PEP_STATUS_OK);
assert(strcmp(main_me->fpr, fpr_main_me) == 0);
cout << "Done!" << endl << endl;
cout << "Setting up recipient identities and resetting key trust." << endl;
cout << "#1: same address, same user_id - address: " << main_addr << ", user_id: " << own_uid << ", fpr: " << fpr_same_addr_same_uid << endl;
// Identity with same address and user_id - the fpr here will be ignored in update_identity and friends.
same_addr_same_uid = new_identity(main_addr, fpr_same_addr_same_uid, own_uid, "PrivateKey Import Test");
// Might be problematic with myself()?
status = key_reset_trust(session, same_addr_same_uid);
assert(status == PEP_STATUS_OK);
assert(strcmp(same_addr_same_uid->fpr, fpr_same_addr_same_uid) == 0);
// Identity with same address and different user_id
cout << "#2: same address, different user_id - address: " << main_addr << ", user_id: " << diff_uid_0 << ", fpr: " << fpr_same_addr_diff_uid << endl;
same_addr_diff_uid = new_identity(main_addr, fpr_same_addr_diff_uid, diff_uid_0, "PrivateKey Import Test");
assert(same_addr_diff_uid);
status = key_reset_trust(session, same_addr_diff_uid);
assert(status == PEP_STATUS_OK);
assert(strcmp(same_addr_diff_uid->fpr, fpr_same_addr_diff_uid) == 0);
// Identity with diff address and same user_id
cout << "#3: different address, same user_id - address: " << diff_addr_0 << ", user_id: " << own_uid << ", fpr: " << fpr_diff_addr_same_uid << endl;
diff_addr_same_uid = new_identity(diff_addr_0, fpr_diff_addr_same_uid, own_uid, "PrivateKey Import Test");
assert(diff_addr_same_uid);
status = key_reset_trust(session, diff_addr_same_uid);
assert(status == PEP_STATUS_OK);
assert(strcmp(diff_addr_same_uid->fpr, fpr_diff_addr_same_uid) == 0);
// Identity with different address and different user_id
cout << "#4: different address, different user_id - address: " << diff_addr_1 << ", user_id: " << diff_uid_1 << ", fpr: " << fpr_diff_addr_diff_uid << endl;
diff_addr_diff_uid = new_identity(diff_addr_1, fpr_diff_addr_diff_uid, diff_uid_1, "PrivateKey Import Test");
assert(diff_addr_diff_uid);
status = key_reset_trust(session, diff_addr_diff_uid);
assert(status == PEP_STATUS_OK);
assert(strcmp(diff_addr_diff_uid->fpr, fpr_diff_addr_diff_uid) == 0);
cout << "Done!" << endl << endl;
message* msg_same_addr_same_uid = new_message(PEP_dir_outgoing);
msg_same_addr_same_uid->from = main_me;
@ -115,10 +137,13 @@ int main() {
message* msg_diff_addr_same_uid = message_dup(msg_same_addr_same_uid);
message* msg_diff_addr_diff_uid = message_dup(msg_same_addr_same_uid);
cout << "Starting tests..." << endl;
// Case 1:
// Same address, same user_id, untrusted
cout << "Case 1: Same address, same user_id, untrusted" << endl;
assert(msg_same_addr_same_uid);
identity_list* to_list = new_identity_list(same_addr_same_uid);
msg_same_addr_same_uid->to = to_list;
message* enc_same_addr_same_uid_untrusted = NULL;
status = encrypt_message_and_add_priv_key(session,
msg_same_addr_same_uid,
@ -127,8 +152,13 @@ int main() {
PEP_enc_PGP_MIME,
0);
cout << "Case 1 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
// Case 2:
// Same address, same_user_id, trusted
cout << "Case 2: Same address, same user_id, trusted" << endl;
status = trust_personal_key(session, same_addr_same_uid);
assert(status == PEP_STATUS_OK);
message* enc_same_addr_same_uid_trusted = NULL;
@ -139,10 +169,16 @@ int main() {
PEP_enc_PGP_MIME,
0);
cout << "Case 2 Status: " << tl_status_string(status) << endl;
assert(status == PEP_STATUS_OK);
cout << "PASS!" << endl;
// Case 3:
// Different address, same user_id, untrusted
cout << "Case 3: Different address, same user_id, untrusted" << endl;
assert(msg_diff_addr_same_uid);
identity_list* to_list_1 = new_identity_list(diff_addr_same_uid);
msg_diff_addr_same_uid->to = to_list_1;
message* enc_diff_addr_same_uid_untrusted = NULL;
status = encrypt_message_and_add_priv_key(session,
msg_diff_addr_same_uid,
@ -150,9 +186,14 @@ int main() {
fpr_diff_addr_same_uid,
PEP_enc_PGP_MIME,
0);
cout << "Case 3 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
// Case 4:
// Different address, same user_id, trusted
cout << "Case 4: Different address, same user_id, trusted" << endl;
status = trust_personal_key(session, diff_addr_same_uid);
assert(status == PEP_STATUS_OK);
message* enc_diff_addr_same_uid_trusted = NULL;
@ -162,11 +203,17 @@ int main() {
fpr_diff_addr_same_uid,
PEP_enc_PGP_MIME,
0);
cout << "Case 4 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
// Case 5:
// Same address, different user_id, untrusted
cout << "Case 5: Same address, different user_id, untrusted" << endl;
assert(msg_same_addr_diff_uid);
identity_list* to_list_2 = new_identity_list(same_addr_diff_uid);
msg_same_addr_diff_uid->to = to_list_2;
message* enc_same_addr_diff_uid_untrusted = NULL;
status = encrypt_message_and_add_priv_key(session,
msg_same_addr_diff_uid,
@ -175,8 +222,13 @@ int main() {
PEP_enc_PGP_MIME,
0);
cout << "Case 5 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
// Case 6:
// Same address, different user_id, trusted
cout << "Case 6: Same address, different user_id, trusted" << endl;
status = trust_personal_key(session, same_addr_diff_uid);
assert(status == PEP_STATUS_OK);
message* enc_same_addr_diff_uid_trusted = NULL;
@ -187,10 +239,16 @@ int main() {
PEP_enc_PGP_MIME,
0);
cout << "Case 6 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
// Case 7:
// Different address, different user_id, untrusted
cout << "Case 7: Different address, different user_id, untrusted" << endl;
assert(msg_diff_addr_diff_uid);
identity_list* to_list_3 = new_identity_list(diff_addr_diff_uid);
msg_diff_addr_diff_uid->to = to_list_3;
message* enc_diff_addr_diff_uid_untrusted = NULL;
status = encrypt_message_and_add_priv_key(session,
msg_diff_addr_diff_uid,
@ -199,8 +257,13 @@ int main() {
PEP_enc_PGP_MIME,
0);
cout << "Case 7 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
// Case 8:
// Different address, different user_id, trusted
cout << "Case 8: Different address, different user_id, trusted" << endl;
status = trust_personal_key(session, diff_addr_diff_uid);
assert(status == PEP_STATUS_OK);
message* enc_diff_addr_diff_uid_trusted = NULL;
@ -211,6 +274,10 @@ int main() {
PEP_enc_PGP_MIME,
0);
cout << "Case 8 Status: " << tl_status_string(status) << endl;
assert(status == PEP_ILLEGAL_VALUE);
cout << "PASS!" << endl;
release(session);
return 0;


Loading…
Cancel
Save