test/src/engine_tests/ExternalRevokeTests.cc
author Krista 'DarthMama' Bennett <krista@pep.foundation>
Tue, 29 Jan 2019 19:19:30 +0100
branchENGINE-448
changeset 3254 6e7f6bc9460a
parent 3049 edbd93b17440
child 3276 c0b3430f1f1d
permissions -rw-r--r--
ENGINE-448: made key removal much less aggressive. NetPGP will still be a problem, but versions built against gpg will now only remove actual keys
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #include <stdlib.h>
     5 #include <string>
     6 #include <cstring>
     7 #include <time.h>
     8 #include "platform.h"
     9 #include <iostream>
    10 #include <fstream>
    11 #include "mime.h"
    12 #include "message_api.h"
    13 #include "test_util.h"
    14 
    15 #include "pEpEngine.h"
    16 
    17 #include <cpptest.h>
    18 #include "EngineTestSessionSuite.h"
    19 #include "ExternalRevokeTests.h"
    20 
    21 using namespace std;
    22 
    23 ExternalRevokeTests::ExternalRevokeTests(string suitename, string test_home_dir) :
    24     EngineTestSessionSuite::EngineTestSessionSuite(suitename, test_home_dir) {
    25     add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("ExternalRevokeTests::check_external_revoke"),
    26                                                                       static_cast<Func>(&ExternalRevokeTests::check_external_revoke)));
    27 }
    28 
    29 void ExternalRevokeTests::check_external_revoke() {
    30 
    31     PEP_STATUS status = PEP_STATUS_OK;   
    32 
    33 #ifndef NETPGP
    34     char* fprs[2];
    35 
    36     const string fenris_pub_key = slurp("test_keys/pub/pep.test.fenris-0x4F3D2900_pub.asc");
    37     const string fenris_priv_key = slurp("test_keys/priv/pep.test.fenris-0x4F3D2900_priv.asc");
    38 
    39     TEST_ASSERT_MSG((fenris_pub_key.length() != 0), "fenris_pub_key.length() != 0");
    40     TEST_ASSERT_MSG((fenris_priv_key.length() != 0), "fenris_priv_key.length() != 0");
    41     
    42     PEP_STATUS statuspub = import_key(session, fenris_pub_key.c_str(), fenris_pub_key.length(), NULL);
    43     PEP_STATUS statuspriv = import_key(session, fenris_priv_key.c_str(), fenris_priv_key.length(), NULL);
    44     TEST_ASSERT_MSG((statuspub == PEP_KEY_IMPORTED), "statuspub == PEP_STATUS_OK");
    45     TEST_ASSERT_MSG((statuspriv == PEP_KEY_IMPORTED), "statuspriv == PEP_STATUS_OK");
    46 
    47     // Create sender ID
    48     
    49     pEp_identity * me = new_identity("pep.test.fenris@thisstilldoesntwork.lu", "0969FA229DF21C832A64A04711B1B9804F3D2900", PEP_OWN_USERID, "Fenris Hawke");
    50     status = myself(session, me);
    51     
    52     // Create key
    53     cout << "Creating new id for : ";
    54     char *uniqname = strdup("AAAAtestuser@testdomain.org");
    55     srandom(time(NULL));
    56     for(int i=0; i < 4;i++)
    57         uniqname[i] += random() & 0xf;
    58     
    59     cout << uniqname << "\n";
    60     pEp_identity * recip1 = new_identity(uniqname, NULL, NULL, "Test User");
    61 
    62     status = generate_keypair(session, recip1);
    63     
    64     cout << "Generated fingerprint ";
    65     cout << recip1->fpr << "\n";
    66 
    67     fprs[0] = strdup(recip1->fpr);
    68     
    69     cout << endl << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl;
    70     cout << "Trust and revoke single key, ensure trust changes, then generate new key and ensure rating is correct." << endl;
    71     cout << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl << endl;
    72     
    73     cout << endl << "---------------------------------------------------------" << endl;
    74     cout << "1a. Encrypt message for trusted partner." << endl;
    75     cout << "---------------------------------------------------------" << endl << endl;
    76 
    77     cout << "Trusting personal key for " << uniqname << endl;
    78     recip1->me = false;
    79     // Trust it
    80     status = update_identity(session, recip1);
    81     status = trust_personal_key(session, recip1);
    82     status = update_identity(session, recip1);
    83     
    84     // TODO: Check trust?
    85     cout << "Done! Trusted personal key with fpr " << recip1->fpr << " for " << uniqname << endl;
    86 
    87     const char* r1_userid = (recip1->user_id ? strdup(recip1->user_id) : NULL);
    88 
    89     
    90     // encrypt something to the key
    91     cout << "Creating message…\n";
    92     identity_list* to_list = new_identity_list(identity_dup(recip1)); // to bob
    93     message* outgoing_msg = new_message(PEP_dir_outgoing);
    94     TEST_ASSERT_MSG((outgoing_msg), "outgoing_msg");
    95     outgoing_msg->from = identity_dup(me);
    96     outgoing_msg->to = to_list;
    97     outgoing_msg->shortmsg = strdup("Greetings, humans!");
    98     outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
    99     outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   100     cout << "Message created.\n";
   101 
   102     message* encrypted_outgoing_msg = NULL;
   103 
   104     cout << "Encrypting message to " << uniqname << "…\n";    
   105     status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   106     cout << "Encrypted message with status " << tl_status_string(status) << endl;
   107     // check status
   108     TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
   109     TEST_ASSERT_MSG((encrypted_outgoing_msg), "encrypted_outgoing_msg");
   110 
   111     cout << "Checking message recipient comm_type from message." << endl;
   112     // check comm_type
   113     cout << "comm_type: " << tl_ct_string(encrypted_outgoing_msg->to->ident->comm_type) << endl;
   114     TEST_ASSERT_MSG((encrypted_outgoing_msg->to->ident->comm_type == PEP_ct_OpenPGP), "encrypted_outgoing_msg->to->ident->comm_type == PEP_ct_OpenPGP");
   115     
   116     status = get_trust(session, recip1);
   117     
   118     cout << "Recip's trust DB comm_type = "  << tl_ct_string(recip1->comm_type) << endl;
   119     TEST_ASSERT_MSG((recip1->comm_type == PEP_ct_OpenPGP), "recip1->comm_type == PEP_ct_OpenPGP"); // FIXME: PEP_ct_pEp???
   120 
   121     // decrypt message
   122     free_message(outgoing_msg);
   123     outgoing_msg = NULL;
   124 
   125     stringlist_t* keylist = nullptr;
   126     PEP_rating rating;
   127     PEP_decrypt_flags_t flags;
   128 
   129     cout << endl << "---------------------------------------------------------" << endl;
   130     cout << "1b. Decrypt message that was encrypted for trusted partner." << endl;
   131     cout << "---------------------------------------------------------" << endl << endl;
   132 
   133     flags = 0;
   134     cout << "Decrypting message." << endl;
   135     status = decrypt_message(session, encrypted_outgoing_msg, &outgoing_msg, &keylist, &rating, &flags);
   136     cout << "Decrypted message with status " << tl_status_string(status) << endl;
   137     TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
   138     TEST_ASSERT_MSG((rating == PEP_rating_trusted), "rating == PEP_rating_trusted");
   139 
   140     // check rating
   141     cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   142     TEST_ASSERT_MSG((rating == PEP_rating_trusted), "rating == PEP_rating_trusted"); // FIXME: trusted and anonymised?
   143     
   144     // check comm_type
   145     status = get_trust(session, recip1);
   146 
   147     cout << "Recip's trust DB comm_type = " << tl_ct_string(recip1->comm_type) << endl;
   148     TEST_ASSERT_MSG((recip1->comm_type == PEP_ct_OpenPGP), "recip1->comm_type == PEP_ct_OpenPGP"); // FIXME: PEP_ct_pEp???
   149 
   150     cout << endl << "---------------------------------------------------------" << endl;
   151     cout << "2a. Revoke key for (currently) trusted partner." << endl;
   152     cout << "---------------------------------------------------------" << endl << endl;
   153     // externally revoke key
   154     // (note - as of 23.5.17, revoke_key() doesn't touch the trust db, just the keyring, so we can do this)
   155 
   156     cout << "Revoking key." << endl;
   157     status = update_identity(session, recip1);    
   158     status = revoke_key(session, recip1->fpr, "encrypt_for_identity_test");
   159     cout << "Status of revocation call for " << recip1->fpr << " is "<< tl_status_string(status) << endl;
   160 
   161     // free messages
   162     free_message(outgoing_msg);
   163     free_message(encrypted_outgoing_msg);
   164     outgoing_msg = NULL;
   165     encrypted_outgoing_msg = NULL;
   166     
   167     // encrypt something to the key
   168     cout << "creating message…\n";
   169     to_list = new_identity_list(identity_dup(recip1)); // to bob
   170     outgoing_msg = new_message(PEP_dir_outgoing);
   171     TEST_ASSERT_MSG((outgoing_msg), "outgoing_msg");
   172     outgoing_msg->from = identity_dup(me);
   173     outgoing_msg->to = to_list;
   174     outgoing_msg->shortmsg = strdup("Greetings, humans!");
   175     outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   176     outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   177     cout << "message created.\n";
   178 
   179     encrypted_outgoing_msg = NULL;
   180     message* decrypted_msg = NULL;
   181 
   182     cout << endl << "---------------------------------------------------------" << endl;
   183     cout << "2b. Encrypt message for recip whose key has been externally revoked in the keyring, not the app." << endl;
   184     cout << "---------------------------------------------------------" << endl << endl;
   185 
   186 
   187     status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   188     cout << "Encryption returns with status " << tl_status_string(status) << endl;
   189     TEST_ASSERT (status == PEP_UNENCRYPTED);
   190     TEST_ASSERT (encrypted_outgoing_msg == NULL);
   191     status = update_identity(session, recip1);
   192     TEST_ASSERT_MSG((recip1->comm_type = PEP_ct_key_not_found), "recip1->comm_type = PEP_ct_key_not_found");
   193 
   194     cout << endl << "---------------------------------------------------------" << endl;
   195     cout << "2c. Check trust of recip, whose only key has been revoked, once an encryption attempt has been made." << endl;
   196     cout << "---------------------------------------------------------" << endl << endl;
   197 
   198     TEST_ASSERT_MSG((recip1->fpr == NULL), "recip1->fpr == NULL");
   199     recip1->fpr = fprs[0];
   200     status = get_trust(session, recip1);
   201     recip1->fpr = NULL;
   202 
   203     cout << "Recip's trust DB comm_type = " << tl_ct_string(recip1->comm_type) << endl;
   204     TEST_ASSERT_MSG((recip1->comm_type == PEP_ct_unknown || recip1->comm_type == PEP_ct_key_revoked), "recip1->comm_type == PEP_ct_unknown || recip1->comm_type == PEP_ct_key_revoked");
   205 
   206     free_message(decrypted_msg);
   207     free_message(outgoing_msg);
   208     outgoing_msg = NULL;
   209     decrypted_msg = NULL;
   210 
   211     cout << endl << "---------------------------------------------------------" << endl;
   212     cout << "3a. Generate new key, but don't explicitly trust it." << endl;
   213     cout << "---------------------------------------------------------" << endl << endl;
   214 
   215     // now: generate new key
   216     free(recip1->fpr);
   217     recip1->fpr = NULL;
   218     status = generate_keypair(session, recip1);
   219     
   220     cout << "Generated fingerprint \n";
   221     cout << recip1->fpr << "\n";
   222     fprs[1] = strdup(recip1->fpr);
   223 
   224     // try again
   225     cout << endl << "---------------------------------------------------------" << endl;
   226     cout << "3b. Try to send something to the email address of our revoked friend, make sure a new key is used to encrypt." << endl;
   227     cout << "---------------------------------------------------------" << endl << endl;
   228     
   229     // encrypt something to the key
   230     cout << "Creating message…\n";
   231     
   232     // cout << "First, update identity though!\n";
   233     // status = update_identity(session, recip1);
   234     to_list = new_identity_list(identity_dup(recip1)); // to bob
   235     outgoing_msg = new_message(PEP_dir_outgoing);
   236     TEST_ASSERT_MSG((outgoing_msg), "outgoing_msg");
   237     outgoing_msg->from = identity_dup(me);
   238     outgoing_msg->to = to_list;
   239     outgoing_msg->shortmsg = strdup("Greetings, humans!");
   240     outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   241     outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   242     cout << "Message created.\n";
   243 
   244     status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   245     PEP_comm_type ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   246     
   247 
   248     // CHECK STATUS???
   249     cout << "Encryption returns with status " << tl_status_string(status) << endl;
   250 
   251     // check comm_type
   252     cout << "comm_type: " << tl_ct_string(ct) << endl;
   253     TEST_ASSERT_MSG((ct == PEP_ct_OpenPGP_unconfirmed), "ct == PEP_ct_OpenPGP_unconfirmed");
   254     
   255     status = get_trust(session, recip1);
   256 
   257     cout << "Recip's trust DB comm_type (should be unknown, as we're using a keyring-only key, not in DB) = "  << tl_ct_string(recip1->comm_type) << endl;
   258     TEST_ASSERT_MSG((recip1->comm_type != PEP_ct_OpenPGP_unconfirmed), "recip1->comm_type != PEP_ct_OpenPGP_unconfirmed");
   259 
   260     // decrypt message
   261 //    free_message(outgoing_msg);
   262 //    outgoing_msg = NULL;
   263 
   264     cout << endl << "---------------------------------------------------------" << endl;
   265     cout << "3c. Decrypt... that... message!" << endl;
   266     cout << "---------------------------------------------------------" << endl << endl;
   267 
   268 
   269     flags = 0;
   270     status = decrypt_message(session, encrypted_outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   271     cout << "Decryption returns with status " << tl_status_string(status) << endl;
   272     TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
   273     TEST_ASSERT_MSG((decrypted_msg), "decrypted_msg");
   274     
   275     // check rating
   276     cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   277     TEST_ASSERT_MSG((rating == PEP_rating_reliable), "rating == PEP_rating_reliable");
   278 
   279     status = update_identity(session, decrypted_msg->to->ident);
   280     ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   281 
   282     cout << "comm_type: " << tl_ct_string(ct) << endl;
   283     TEST_ASSERT_MSG((ct == PEP_ct_OpenPGP_unconfirmed), "ct == PEP_ct_OpenPGP_unconfirmed");
   284     
   285     status = get_trust(session, recip1);
   286     
   287     cout << "Recip's trust DB comm_type (should be unknown - there's nothing in the DB) = "  << tl_ct_string(recip1->comm_type) << endl;
   288     TEST_ASSERT_MSG((recip1->comm_type == PEP_ct_unknown), "recip1->comm_type == PEP_ct_unknown");
   289 
   290     free_message(encrypted_outgoing_msg);
   291     free_message(decrypted_msg);
   292     free_message(outgoing_msg);
   293     outgoing_msg = NULL;
   294     decrypted_msg = NULL;
   295     encrypted_outgoing_msg = NULL;
   296 
   297     free_identity(me);
   298     free_identity(recip1);
   299     free(uniqname);
   300         
   301     free(fprs[0]);
   302     free(fprs[1]);
   303     
   304 #else
   305     cout << "Sorry, test is not defined for NETPGP at this time." << endl;
   306     
   307 #endif
   308 }