test/src/engine_tests/IntegrityTests.cc
author Krista Bennett <krista@pep-project.org>
Tue, 22 May 2018 09:33:43 +0200
branchENGINE-434
changeset 2679 567462e5b11a
parent 2678 610a608c410d
child 2684 a5175dd76542
permissions -rw-r--r--
shelving changes to add graftable fix
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #include <stdlib.h>
     5 #include <string>
     6 #include <assert.h>
     7 #include <unistd.h>
     8 
     9 #include "pEpEngine.h"
    10 #include "message_api.h"
    11 
    12 #include "test_util.h"
    13 
    14 #include "EngineTestIndividualSuite.h"
    15 #include "IntegrityTests.h"
    16 
    17 using namespace std;
    18 
    19 IntegrityTests::IntegrityTests(string suitename, string test_home_dir) :
    20     EngineTestIndividualSuite::EngineTestIndividualSuite(suitename, test_home_dir) {
    21     recip_fpr = "9D8047989841CF4207EA152A4ACAF735F390A40D";
    22     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unsigned_PGP_MIME"),
    23                                                                       static_cast<Func>(&IntegrityTests::check_unsigned_PGP_MIME)));
    24     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unsigned_PGP_MIME_attached_key"),
    25                                                                       static_cast<Func>(&IntegrityTests::check_unsigned_PGP_MIME_attached_key)));
    26     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unsigned_PGP_MIME_w_render_flag"),
    27                                                                       static_cast<Func>(&IntegrityTests::check_unsigned_PGP_MIME_w_render_flag)));
    28     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_known_good_signed_PGP_MIME"),
    29                                                                       static_cast<Func>(&IntegrityTests::check_known_good_signed_PGP_MIME)));
    30     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_known_good_signed_PGP_MIME_attached_key"),
    31                                                                       static_cast<Func>(&IntegrityTests::check_known_good_signed_PGP_MIME_attached_key)));
    32     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unknown_signed_PGP_MIME_no_key"),
    33                                                                       static_cast<Func>(&IntegrityTests::check_unknown_signed_PGP_MIME_no_key)));
    34     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unknown_signed_PGP_MIME_attached_key"),
    35                                                                       static_cast<Func>(&IntegrityTests::check_unknown_signed_PGP_MIME_attached_key)));
    36     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unsigned_PGP_MIME_corrupted"),
    37                                                                       static_cast<Func>(&IntegrityTests::check_unsigned_PGP_MIME_corrupted)));
    38     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_signed_PGP_MIME_corrupted"),
    39                                                                       static_cast<Func>(&IntegrityTests::check_signed_PGP_MIME_corrupted)));
    40     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unsigned_2_0"),
    41                                                                       static_cast<Func>(&IntegrityTests::check_unsigned_2_0)));
    42     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unknown_signed_2_0_no_key"),
    43                                                                       static_cast<Func>(&IntegrityTests::check_unknown_signed_2_0_no_key)));
    44     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unknown_signed_2_0_no_key_known_signer"),
    45                                                                       static_cast<Func>(&IntegrityTests::check_unknown_signed_2_0_no_key_known_signer)));                                                                                                                                        
    46     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_unknown_signed_2_0_key_attached"),
    47                                                                       static_cast<Func>(&IntegrityTests::check_unknown_signed_2_0_key_attached)));  
    48     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("IntegrityTests::check_integrity"),
    49                                                                       static_cast<Func>(&IntegrityTests::check_integrity)));
    50 }
    51 
    52 void IntegrityTests::setup() {
    53     EngineTestIndividualSuite::setup();
    54     string recip_key = slurp("test_keys/pub/integrity_test_recip_0-0xF390A40D_pub.asc");
    55     PEP_STATUS status = import_key(session, recip_key.c_str(), recip_key.size(), NULL);
    56     assert(status == PEP_STATUS_OK);
    57     recip_key = "";
    58     string priv_key = slurp("test_keys/priv/integrity_test_recip_0-0xF390A40D_priv.asc");
    59     cout << priv_key << endl;
    60     cout << "GNUPGHOME is " << getenv("GNUPGHOME") << endl;
    61     status = import_key(session, priv_key.c_str(), priv_key.size(), NULL);
    62     assert(status == PEP_STATUS_OK);
    63     stringlist_t* debug_keylist = NULL;
    64     status = find_private_keys(session, recip_fpr, &debug_keylist);
    65     assert(debug_keylist);
    66     
    67     pEp_identity* me = new_identity("integrity_test_recip@darthmama.org", recip_fpr, PEP_OWN_USERID, "Integrity Test Recipient");
    68     assert(me != NULL);
    69     status = set_own_key(session, me, recip_fpr);
    70     assert(status == PEP_STATUS_OK);
    71 
    72     message = "";
    73     decrypted_msg = NULL;
    74     decrypt_status = PEP_STATUS_OK;
    75     rating = PEP_rating_undefined;
    76     flags = 0;
    77     keylist = NULL;
    78     dummy_ignore = NULL;
    79 }
    80 
    81 void IntegrityTests::tear_down() {
    82     free_stringlist(keylist);
    83     free(decrypted_msg);
    84     EngineTestIndividualSuite::tear_down();
    85 }
    86 
    87 /*
    88 Type            Error State             Render              Status Code
    89 ---------------------------------------------------------------------------------------------------------------
    90 inline          ALL                     Yes, if present     Whatever GPG gives us
    91 PGP/MIME        Unsigned                No                  DECRYPTED_BUT_UNSIGNED (grey)
    92                 Signed, no key          Yes                 NO_KEY_FOR_SIGNER
    93                 Bad sig                 No                  SIGNATURE_DOES_NOT_MATCH
    94 Message 1.0     Unsigned                No                  MODIFICATION_DETECTED
    95                 Signed, no key          No                  MODIFICATION_DETECTED
    96                 Bad sig                 No                  SIGNATURE_DOES_NOT_MATCH
    97 Message 2.0     Unsigned                No                  MODIFICATION_DETECTED (red)
    98                 Signed, no key          No                  MODIFICATION_DETECTED  (red)
    99                 Bad sig                 No                  SIGNATURE_DOES_NOT_MATCH
   100 
   101 */
   102 
   103 void IntegrityTests::check_known_good_signed_PGP_MIME() {
   104     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Signed no attach PGP_MIME.eml", message,
   105                                              "test_keys/pub/integrity_test_signer_0-0xFF26631A_pub.asc"));
   106 
   107     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   108                                           &rating, &flags, &dummy_ignore);
   109 
   110     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_STATUS_OK", tl_status_string(decrypt_status));
   111     TEST_ASSERT_MSG(decrypt_status == PEP_STATUS_OK, failed_msg_buf);
   112     TEST_ASSERT(decrypted_msg != NULL);
   113     TEST_ASSERT(rating == PEP_rating_reliable);
   114 }
   115 
   116 void IntegrityTests::check_known_good_signed_PGP_MIME_attached_key() {
   117     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Signed attached key PGP_MIME.eml", message,
   118                                              NULL));
   119 
   120     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   121                                           &rating, &flags, &dummy_ignore);
   122 
   123     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_STATUS_OK", tl_status_string(decrypt_status));
   124     TEST_ASSERT_MSG(decrypt_status == PEP_STATUS_OK, failed_msg_buf);
   125     TEST_ASSERT(decrypted_msg != NULL);
   126     TEST_ASSERT(rating == PEP_rating_reliable);
   127 }
   128 
   129 void IntegrityTests::check_unsigned_PGP_MIME() {
   130     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Unsigned from PGP_MIME_noattach.eml", message,
   131                                              "test_keys/pub/integrity_test_signer_0-0xFF26631A_pub.asc"));
   132 
   133     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   134                                           &rating, &flags, &dummy_ignore);
   135 
   136     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPTED_BUT_UNSIGNED", tl_status_string(decrypt_status));
   137     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPTED_BUT_UNSIGNED, failed_msg_buf);
   138     TEST_ASSERT(decrypted_msg == NULL);
   139     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Rating == %s, should be PEP_rating_unreliable", tl_rating_string(rating));
   140     TEST_ASSERT_MSG(rating == PEP_rating_unreliable, failed_msg_buf);
   141 }
   142 
   143 void IntegrityTests::check_unsigned_PGP_MIME_attached_key() {
   144     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Unsigned from PGP_MIME_attach.eml", message,
   145                                              NULL));
   146 
   147     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   148                                           &rating, &flags, &dummy_ignore);
   149 
   150     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPTED_BUT_UNSIGNED", tl_status_string(decrypt_status));
   151     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPTED_BUT_UNSIGNED, failed_msg_buf);
   152     TEST_ASSERT(decrypted_msg == NULL);
   153     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Rating == %s, should be PEP_rating_unreliable", tl_rating_string(rating));
   154     TEST_ASSERT_MSG(rating == PEP_rating_unreliable, failed_msg_buf);
   155 }
   156 
   157 void IntegrityTests::check_unsigned_PGP_MIME_w_render_flag() {
   158     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Unsigned from PGP_MIME_noattach.eml", message,
   159                                              "test_keys/pub/integrity_test_signer_0-0xFF26631A_pub.asc"));
   160     flags |= PEP_decrypt_deliver_pgpmime_badsigned;
   161     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   162                                           &rating, &flags, &dummy_ignore);
   163 
   164     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPTED_BUT_UNSIGNED", tl_status_string(decrypt_status));
   165     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPTED_BUT_UNSIGNED, failed_msg_buf);
   166     TEST_ASSERT(decrypted_msg != NULL);
   167     TEST_ASSERT(rating == PEP_rating_unreliable);
   168 }
   169 
   170 
   171 void IntegrityTests::check_unknown_signed_PGP_MIME_no_key() {
   172     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Signed PGP_MIME by unknown signer no attach.eml", message,
   173                                              NULL));
   174     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   175                                           &rating, &flags, &dummy_ignore);
   176 
   177     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPT_NO_KEY_FOR_SIGNER", tl_status_string(decrypt_status));
   178     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPT_NO_KEY_FOR_SIGNER, failed_msg_buf);
   179     TEST_ASSERT(decrypted_msg != NULL);
   180     TEST_ASSERT(rating == PEP_rating_unreliable);
   181 }
   182 
   183 void IntegrityTests::check_unknown_signed_PGP_MIME_attached_key() {
   184     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Signed PGP_MIME by unknown signer attach.eml", message,
   185                                              NULL));
   186 
   187     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   188                                           &rating, &flags, &dummy_ignore);
   189 
   190     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_STATUS_OK", tl_status_string(decrypt_status));
   191     TEST_ASSERT_MSG(decrypt_status == PEP_STATUS_OK, failed_msg_buf);
   192     TEST_ASSERT(decrypted_msg != NULL);
   193     TEST_ASSERT(rating == PEP_rating_reliable);
   194 }
   195 
   196 // FIXME: we need cleverer attacked mails
   197 void IntegrityTests::check_unsigned_PGP_MIME_corrupted() {
   198     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Unsigned from PGP_MIME_attach_corrupted.eml", message,
   199                                              NULL));
   200 
   201     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   202                                           &rating, &flags, &dummy_ignore);
   203 
   204 //    snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_STATUS_OK", tl_status_string(decrypt_status));
   205 //    TEST_ASSERT_MSG(decrypt_status == PEP_STATUS_OK, failed_msg_buf);
   206     TEST_ASSERT(decrypt_status != PEP_STATUS_OK && decrypt_status != PEP_DECRYPTED);
   207     TEST_ASSERT(decrypted_msg == NULL);
   208 }
   209 
   210 void IntegrityTests::check_signed_PGP_MIME_corrupted() {
   211     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/Signed attached key PGP_MIME_corrupted.eml", message,
   212                                              NULL));
   213 
   214     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   215                                           &rating, &flags, &dummy_ignore);
   216 
   217 //    snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_STATUS_OK", tl_status_string(decrypt_status));
   218 //    TEST_ASSERT_MSG(decrypt_status == PEP_STATUS_OK, failed_msg_buf);
   219     TEST_ASSERT(decrypt_status != PEP_STATUS_OK && decrypt_status != PEP_DECRYPTED);
   220     TEST_ASSERT(decrypted_msg == NULL);
   221 }
   222 
   223 void IntegrityTests::check_unsigned_2_0() {
   224     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/fake_2.0_unsigned.eml", message,
   225                                              NULL));
   226     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   227                                           &rating, &flags, &dummy_ignore);
   228 
   229     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPT_MODIFICATION_DETECTED", tl_status_string(decrypt_status));
   230     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPT_MODIFICATION_DETECTED, failed_msg_buf);
   231     TEST_ASSERT(decrypted_msg == NULL);
   232     TEST_ASSERT(rating == PEP_rating_under_attack);
   233 }
   234 
   235 void IntegrityTests::check_unknown_signed_2_0_no_key() {
   236     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/fake_2.0_signed_no_key_attached.eml", message,
   237                                              NULL));
   238     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   239                                           &rating, &flags, &dummy_ignore);
   240 
   241     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPT_MODIFICATION_DETECTED", tl_status_string(decrypt_status));
   242     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPT_MODIFICATION_DETECTED, failed_msg_buf);
   243     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypted msg should have been NULL, but starts with %s", decrypted_msg);
   244     TEST_ASSERT_MSG(decrypted_msg == NULL, failed_msg_buf);
   245     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Rating == %s, should be PEP_rating_under_attack", tl_rating_string(rating));
   246     TEST_ASSERT_MSG(rating == PEP_rating_under_attack, failed_msg_buf);
   247 }
   248 
   249 void IntegrityTests::check_unknown_signed_2_0_no_key_known_signer() {
   250     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/fake_2.0_signed_no_key_attached.eml", message,
   251                                              "test_keys/pub/integrity_test_signer_0-0xFF26631A_pub.asc"));
   252     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   253                                           &rating, &flags, &dummy_ignore);
   254 
   255     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_DECRYPT_MODIFICATION_DETECTED", tl_status_string(decrypt_status));
   256     TEST_ASSERT_MSG(decrypt_status == PEP_DECRYPT_MODIFICATION_DETECTED, failed_msg_buf);
   257     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypted msg should have been NULL, but starts with %s", decrypted_msg);
   258     TEST_ASSERT_MSG(decrypted_msg == NULL, failed_msg_buf);
   259     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Rating == %s, should be PEP_rating_under_attack", tl_rating_string(rating));
   260     TEST_ASSERT_MSG(rating == PEP_rating_under_attack, failed_msg_buf);
   261 }
   262 
   263 
   264 void IntegrityTests::check_unknown_signed_2_0_key_attached() {
   265     TEST_ASSERT(slurp_message_and_import_key(session, "test_mails/fake_2.0_good.eml", message,
   266                                              NULL));
   267     decrypt_status = MIME_decrypt_message(session, message.c_str(), message.size(), &decrypted_msg, &keylist,
   268                                           &rating, &flags, &dummy_ignore);
   269 
   270     snprintf(failed_msg_buf, TEST_FAILED_MESSAGE_BUFSIZE, "Decrypt status == %s, should be PEP_STATUS_OK", tl_status_string(decrypt_status));
   271     TEST_ASSERT_MSG(decrypt_status == PEP_STATUS_OK, failed_msg_buf);
   272     TEST_ASSERT(decrypted_msg != NULL);
   273     TEST_ASSERT(rating == PEP_rating_reliable);
   274 }
   275 
   276 
   277 void IntegrityTests::check_integrity() {
   278     TEST_ASSERT(true);
   279 }