test/external_revoke_test.cc
author Krista Bennett <krista@pep-project.org>
Thu, 01 Jun 2017 19:52:13 +0200
branchENGINE-209
changeset 1812 925ad845e3ec
parent 1811 04d2a7abcfa2
child 1817 d206064589cf
permissions -rw-r--r--
ENGINE-209: externally revoked and added keys should now be handled correctly in the database.
     1 // This file is under GNU General Public License 3.0
     2 // see LICENSE.txt
     3 
     4 #include <stdlib.h>
     5 #include <string.h>
     6 #include <time.h>
     7 #include "platform.h"
     8 #include <iostream>
     9 #include <fstream>
    10 #include <assert.h>
    11 #include "mime.h"
    12 #include "message_api.h"
    13 #include "test_util.h"
    14 
    15 using namespace std;
    16 
    17 int main() {
    18     cout << "\n*** external_revoke_test.cc ***\n\n";
    19 
    20     PEP_SESSION session;
    21     
    22     cout << "calling init()\n";
    23     PEP_STATUS status = init(&session);   
    24     assert(status == PEP_STATUS_OK);
    25     assert(session);
    26     cout << "init() completed.\n";
    27 
    28 #ifndef NETPGP
    29     char* fprs[2];
    30     
    31     // Create sender ID
    32     
    33     pEp_identity * me = new_identity("pep.test.apple@pep-project.org", NULL, PEP_OWN_USERID, "Alice Cooper");
    34     status = update_identity(session, me);
    35     status = trust_personal_key(session, me);
    36     status = update_identity(session, me);
    37     
    38     // Create key
    39 
    40     cout << "Creating new id for : ";
    41     char *uniqname = strdup("AAAAtestuser@testdomain.org");
    42     srandom(time(NULL));
    43     for(int i=0; i < 4;i++)
    44         uniqname[i] += random() & 0xf;
    45     
    46     cout << uniqname << "\n";
    47     pEp_identity * recip1 = new_identity(uniqname, NULL, NULL, "Test User");
    48 
    49     status = generate_keypair(session, recip1);
    50     
    51     cout << "Generated fingerprint ";
    52     cout << recip1->fpr << "\n";
    53 
    54     fprs[0] = strdup(recip1->fpr);
    55     
    56     cout << endl << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl;
    57     cout << "Trust and revoke single key, ensure trust changes, then generate new key and ensure rating is correct." << endl;
    58     cout << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl << endl;
    59     
    60     cout << endl << "---------------------------------------------------------" << endl;
    61     cout << "1a. Encrypt message for trusted partner." << endl;
    62     cout << "---------------------------------------------------------" << endl << endl;
    63 
    64     cout << "Trusting personal key for " << uniqname << endl;
    65     // Trust it
    66     recip1->me = false;
    67     status = update_identity(session, recip1);
    68     status = trust_personal_key(session, recip1);
    69     status = update_identity(session, recip1);
    70     
    71     // TODO: Check trust?
    72     cout << "Done! Trusted personal key with fpr " << recip1->fpr << " for " << uniqname << endl;
    73 
    74     const char* r1_userid = (recip1->user_id ? strdup(recip1->user_id) : NULL);
    75 
    76     
    77     // encrypt something to the key
    78     cout << "Creating message…\n";
    79     identity_list* to_list = new_identity_list(identity_dup(recip1)); // to bob
    80     message* outgoing_msg = new_message(PEP_dir_outgoing);
    81     assert(outgoing_msg);
    82     outgoing_msg->from = identity_dup(me);
    83     outgoing_msg->to = to_list;
    84     outgoing_msg->shortmsg = strdup("Greetings, humans!");
    85     outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
    86     outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
    87     cout << "Message created.\n";
    88 
    89     message* encrypted_outgoing_msg = NULL;
    90 
    91     cout << "Encrypting message to " << uniqname << "…\n";    
    92     status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
    93     cout << "Encrypted message with status " << tl_status_string(status) << endl;
    94     // check status
    95     assert(status == PEP_STATUS_OK);
    96     assert(encrypted_outgoing_msg);
    97 
    98     cout << "Checking message recipient comm_type from message." << endl;
    99     // check comm_type
   100     cout << "comm_type: " << tl_ct_string(encrypted_outgoing_msg->to->ident->comm_type) << endl;
   101     assert(encrypted_outgoing_msg->to->ident->comm_type == PEP_ct_OpenPGP);
   102     
   103     status = get_trust(session, recip1);
   104     
   105     cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   106     assert(recip1->comm_type == PEP_ct_OpenPGP); // FIXME: PEP_ct_pEp???
   107 
   108     // decrypt message
   109     free_message(outgoing_msg);
   110     outgoing_msg = NULL;
   111 
   112     stringlist_t* keylist = nullptr;
   113     PEP_rating rating;
   114     PEP_decrypt_flags_t flags;
   115 
   116     cout << endl << "---------------------------------------------------------" << endl;
   117     cout << "1b. Decrypt message that was encrypted for trusted partner." << endl;
   118     cout << "---------------------------------------------------------" << endl << endl;
   119 
   120     cout << "Decrypting message." << endl;
   121     status = decrypt_message(session, encrypted_outgoing_msg, &outgoing_msg, &keylist, &rating, &flags);
   122     cout << "Decrypted message with status " << tl_status_string(status) << endl;
   123     assert(status == PEP_STATUS_OK);
   124     assert(rating == PEP_rating_trusted);
   125 
   126     // check rating
   127     cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   128     assert(rating == PEP_rating_trusted); // FIXME: trusted and anonymised?
   129     
   130     // check comm_type
   131     status = get_trust(session, recip1);
   132 
   133     cout << "Recip's trust DB comm_type = " << tl_ct_string(recip1->comm_type) << endl;
   134     assert(recip1->comm_type == PEP_ct_OpenPGP); // FIXME: PEP_ct_pEp???
   135 
   136     cout << endl << "---------------------------------------------------------" << endl;
   137     cout << "2a. Revoke key for (currently) trusted partner." << endl;
   138     cout << "---------------------------------------------------------" << endl << endl;
   139     // externally revoke key
   140     // (note - as of 23.5.17, revoke_key() doesn't touch the trust db, just the keyring, so we can do this)
   141 
   142     cout << "Revoking key." << endl;
   143     status = get_identity(session, uniqname, r1_userid, &recip1);    
   144     status = revoke_key(session, recip1->fpr, "encrypt_for_identity_test");
   145     cout << "Status of revocation call for " << recip1->fpr << " is "<< tl_status_string(status) << endl;
   146 
   147     // free messages
   148     free_message(outgoing_msg);
   149     free_message(encrypted_outgoing_msg);
   150     outgoing_msg = NULL;
   151     encrypted_outgoing_msg = NULL;
   152     
   153     // encrypt something to the key
   154     cout << "creating message…\n";
   155     to_list = new_identity_list(identity_dup(recip1)); // to bob
   156     outgoing_msg = new_message(PEP_dir_outgoing);
   157     assert(outgoing_msg);
   158     outgoing_msg->from = identity_dup(me);
   159     outgoing_msg->to = to_list;
   160     outgoing_msg->shortmsg = strdup("Greetings, humans!");
   161     outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   162     outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   163     cout << "message created.\n";
   164 
   165     encrypted_outgoing_msg = NULL;
   166     message* decrypted_msg = NULL;
   167 
   168     cout << endl << "---------------------------------------------------------" << endl;
   169     cout << "2b. Encrypt message for recip whose key has been externally revoked in the keyring, not the app." << endl;
   170     cout << "---------------------------------------------------------" << endl << endl;
   171 
   172     status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   173     cout << "Encryption returns with status " << tl_status_string(status) << endl;
   174 
   175     PEP_comm_type ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   176 
   177     cout << endl << "---------------------------------------------------------" << endl;
   178     cout << "2c. Check trust of recip, whose only key has been revoked, once an encryption attempt has been made." << endl;
   179     cout << "---------------------------------------------------------" << endl << endl;
   180 
   181     // check comm_type
   182     cout << "comm_type: " << tl_ct_string(ct) << endl;
   183     assert(ct == PEP_ct_key_revoked);
   184     
   185     status = get_trust(session, recip1);
   186 
   187     cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   188     assert(recip1->comm_type == PEP_ct_key_revoked);
   189 
   190     cout << endl << "---------------------------------------------------------" << endl;
   191     cout << "2d. Try to decrypt message that was encrypted for revoked key guy." << endl;
   192     cout << "---------------------------------------------------------" << endl << endl;
   193     // decrypt message
   194 //    free_message(outgoing_msg);
   195 //    outgoing_msg = NULL;
   196     // FIXME: Make this make more sense
   197     status = decrypt_message(session, outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   198     cout << "Decryption returns with status " << tl_status_string(status) << endl;
   199     assert(status == PEP_UNENCRYPTED);
   200     
   201     // check rating
   202     cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   203     assert(rating == PEP_rating_unencrypted);
   204 
   205     ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   206 
   207     cout << "comm_type: " << tl_ct_string(ct) << endl;
   208     assert(ct == PEP_ct_key_revoked);
   209     
   210     status = get_trust(session, recip1);
   211     
   212     cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   213     assert(recip1->comm_type == PEP_ct_key_revoked);
   214 
   215     free_message(encrypted_outgoing_msg);
   216     free_message(decrypted_msg);
   217     free_message(outgoing_msg);
   218     outgoing_msg = NULL;
   219     decrypted_msg = NULL;
   220     encrypted_outgoing_msg = NULL;
   221 
   222     cout << endl << "---------------------------------------------------------" << endl;
   223     cout << "3a. Generate new key, but don't explicitly trust it." << endl;
   224     cout << "---------------------------------------------------------" << endl << endl;
   225 
   226     // now: generate new key
   227     free(recip1->fpr);
   228     recip1->fpr = NULL;
   229     status = generate_keypair(session, recip1);
   230     
   231     cout << "Generated fingerprint \n";
   232     cout << recip1->fpr << "\n";
   233     fprs[1] = strdup(recip1->fpr);
   234 
   235     // try again
   236     cout << endl << "---------------------------------------------------------" << endl;
   237     cout << "3b. Try to send something to the email address of our revoked friend, make sure a new key is used to encrypt." << endl;
   238     cout << "---------------------------------------------------------" << endl << endl;
   239     
   240     // encrypt something to the key
   241     cout << "Creating message…\n";
   242     to_list = new_identity_list(identity_dup(recip1)); // to bob
   243     outgoing_msg = new_message(PEP_dir_outgoing);
   244     assert(outgoing_msg);
   245     outgoing_msg->from = identity_dup(me);
   246     outgoing_msg->to = to_list;
   247     outgoing_msg->shortmsg = strdup("Greetings, humans!");
   248     outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   249     outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   250     cout << "Message created.\n";
   251 
   252     status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   253 
   254     ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   255 
   256     // CHECK STATUS???
   257     cout << "Encryption returns with status " << tl_status_string(status) << endl;
   258 
   259     // check comm_type
   260     cout << "comm_type: " << tl_ct_string(ct) << endl;
   261     assert(ct == PEP_ct_OpenPGP_unconfirmed);
   262     
   263     status = get_trust(session, recip1);
   264 
   265     cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   266     assert(recip1->comm_type == PEP_ct_OpenPGP_unconfirmed);
   267 
   268     // decrypt message
   269 //    free_message(outgoing_msg);
   270 //    outgoing_msg = NULL;
   271 
   272     cout << endl << "---------------------------------------------------------" << endl;
   273     cout << "3c. Decrypt... that... message!" << endl;
   274     cout << "---------------------------------------------------------" << endl << endl;
   275 
   276 
   277     status = decrypt_message(session, encrypted_outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   278     cout << "Decryption returns with status " << tl_status_string(status) << endl;
   279     assert(status == PEP_STATUS_OK);
   280 
   281     // check rating
   282     cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   283     assert(rating == PEP_rating_reliable);
   284 
   285     ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   286 
   287     cout << "comm_type: " << tl_ct_string(ct) << endl;
   288     assert(ct == PEP_ct_OpenPGP_unconfirmed);
   289     
   290     status = get_trust(session, recip1);
   291     
   292     cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   293     assert(recip1->comm_type == PEP_ct_OpenPGP_unconfirmed);
   294 
   295     free_message(encrypted_outgoing_msg);
   296     free_message(decrypted_msg);
   297     free_message(outgoing_msg);
   298     outgoing_msg = NULL;
   299     decrypted_msg = NULL;
   300     encrypted_outgoing_msg = NULL;
   301 
   302     free_identity(me);
   303     free_identity(recip1);
   304     free(uniqname);
   305     
   306     delete_keypair(session, fprs[0]);    
   307     delete_keypair(session, fprs[1]);
   308     
   309     free(fprs[0]);
   310     free(fprs[1]);
   311     
   312 #else
   313     cout << "Sorry, test is not defined for NETPGP at this time." << endl;
   314     
   315 #endif
   316     
   317     release(session);
   318 
   319     return 0;
   320 }