ENGINE-209: merged into default
authorKrista Bennett <krista@pep-project.org>
Thu, 01 Jun 2017 19:57:30 +0200
changeset 18130dbbba72dfbb
parent 1809 54a7d37790b9
parent 1812 925ad845e3ec
child 1815 2ce849e5ca78
child 1817 d206064589cf
ENGINE-209: merged into default
     1.1 --- a/src/keymanagement.c	Mon May 29 16:32:24 2017 +0200
     1.2 +++ b/src/keymanagement.c	Thu Jun 01 19:57:30 2017 +0200
     1.3 @@ -144,9 +144,23 @@
     1.4  
     1.5          /* if we have a stored_identity fpr */
     1.6          if (!EMPTYSTR(stored_identity->fpr)) {
     1.7 -            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
     1.8 -            if (status != PEP_STATUS_OK)
     1.9 -                dont_use_stored_fpr = true; 
    1.10 +            bool revoked = false;
    1.11 +            status = key_revoked(session, stored_identity->fpr, &revoked);
    1.12 +            
    1.13 +            if (status != PEP_STATUS_OK || revoked)
    1.14 +                dont_use_stored_fpr = true;
    1.15 +                
    1.16 +            if (revoked) {
    1.17 +                // Do stuff
    1.18 +                status = update_trust_for_fpr(session, stored_identity->fpr, PEP_ct_key_revoked);
    1.19 +                // What to do on failure? FIXME
    1.20 +                status = replace_identities_fpr(session, stored_identity->fpr, "");
    1.21 +            }
    1.22 +            else {    
    1.23 +                status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    1.24 +                if (status != PEP_STATUS_OK)
    1.25 +                    dont_use_stored_fpr = true; 
    1.26 +            }
    1.27          }
    1.28              
    1.29  
     2.1 --- a/src/keymanagement.h	Mon May 29 16:32:24 2017 +0200
     2.2 +++ b/src/keymanagement.h	Thu Jun 01 19:57:30 2017 +0200
     2.3 @@ -159,7 +159,6 @@
     2.4          pEp_identity *ident
     2.5      );
     2.6  
     2.7 -
     2.8  // own_key_is_listed() - returns true id key is listed as own key
     2.9  //
    2.10  //  parameters:
    2.11 @@ -244,4 +243,3 @@
    2.12  #ifdef __cplusplus
    2.13  }
    2.14  #endif
    2.15 -
     3.1 --- a/src/pEpEngine.c	Mon May 29 16:32:24 2017 +0200
     3.2 +++ b/src/pEpEngine.c	Thu Jun 01 19:57:30 2017 +0200
     3.3 @@ -29,6 +29,11 @@
     3.4      "       and pgp_keypair_fpr = identity.main_key_id"
     3.5      "   where address = ?1 and identity.user_id = ?2;";
     3.6  
     3.7 +static const char *sql_replace_identities_fpr =  
     3.8 +    "update identity"
     3.9 +    "   set main_key_id = ?1 "
    3.10 +    "   where main_key_id = ?2 ;";
    3.11 +
    3.12  // Set person, but if already exist, only update.
    3.13  // if main_key_id already set, don't touch.
    3.14  static const char *sql_set_person = 
    3.15 @@ -85,6 +90,11 @@
    3.16      "insert or replace into trust (user_id, pgp_keypair_fpr, comm_type) "
    3.17      "values (?1, upper(replace(?2,' ','')), ?3) ;";
    3.18  
    3.19 +static const char *sql_update_trust_for_fpr =
    3.20 +    "update trust "
    3.21 +    "set comm_type = ?1 "
    3.22 +    "where pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
    3.23 +
    3.24  static const char *sql_get_trust = 
    3.25      "select comm_type from trust where user_id = ?1 "
    3.26      "and pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
    3.27 @@ -503,6 +513,11 @@
    3.28              (int)strlen(sql_get_identity), &_session->get_identity, NULL);
    3.29      assert(int_result == SQLITE_OK);
    3.30  
    3.31 +    int_result = sqlite3_prepare_v2(_session->db, sql_replace_identities_fpr,
    3.32 +            (int)strlen(sql_replace_identities_fpr), 
    3.33 +            &_session->replace_identities_fpr, NULL);
    3.34 +    assert(int_result == SQLITE_OK);
    3.35 +
    3.36      int_result = sqlite3_prepare_v2(_session->db, sql_set_person,
    3.37              (int)strlen(sql_set_person), &_session->set_person, NULL);
    3.38      assert(int_result == SQLITE_OK);
    3.39 @@ -538,6 +553,10 @@
    3.40              (int)strlen(sql_set_trust), &_session->set_trust, NULL);
    3.41      assert(int_result == SQLITE_OK);
    3.42  
    3.43 +    int_result = sqlite3_prepare_v2(_session->db, sql_update_trust_for_fpr,
    3.44 +            (int)strlen(sql_update_trust_for_fpr), &_session->update_trust_for_fpr, NULL);
    3.45 +    assert(int_result == SQLITE_OK);
    3.46 +
    3.47      int_result = sqlite3_prepare_v2(_session->db, sql_get_trust,
    3.48              (int)strlen(sql_get_trust), &_session->get_trust, NULL);
    3.49      assert(int_result == SQLITE_OK);
    3.50 @@ -731,6 +750,8 @@
    3.51                  sqlite3_finalize(session->trustword);
    3.52              if (session->get_identity)
    3.53                  sqlite3_finalize(session->get_identity);
    3.54 +            if (session->replace_identities_fpr)
    3.55 +                sqlite3_finalize(session->replace_identities_fpr);        
    3.56              if (session->set_person)
    3.57                  sqlite3_finalize(session->set_person);
    3.58              if (session->set_device_group)
    3.59 @@ -747,6 +768,8 @@
    3.60                  sqlite3_finalize(session->unset_identity_flags);
    3.61              if (session->set_trust)
    3.62                  sqlite3_finalize(session->set_trust);
    3.63 +            if (session->update_trust_for_fpr)
    3.64 +                sqlite3_finalize(session->update_trust_for_fpr);
    3.65              if (session->get_trust)
    3.66                  sqlite3_finalize(session->get_trust);
    3.67              if (session->least_trust)
    3.68 @@ -1147,13 +1170,15 @@
    3.69                  identity->user_id && identity->username))
    3.70          return PEP_ILLEGAL_VALUE;
    3.71  
    3.72 +    PEP_STATUS status = PEP_STATUS_OK;
    3.73 +    
    3.74      bool listed;
    3.75  
    3.76      bool has_fpr = (identity->fpr && identity->fpr[0] != '\0');
    3.77      
    3.78      if (has_fpr) {    
    3.79          // blacklist check
    3.80 -        PEP_STATUS status = blacklist_is_listed(session, identity->fpr, &listed);
    3.81 +        status = blacklist_is_listed(session, identity->fpr, &listed);
    3.82          assert(status == PEP_STATUS_OK);
    3.83          if (status != PEP_STATUS_OK)
    3.84              return status;
    3.85 @@ -1231,6 +1256,8 @@
    3.86              }
    3.87          }
    3.88  
    3.89 +        // status = set_trust(session, identity->user_id, identity->fpr,
    3.90 +        //                    identity->comm_type)
    3.91          sqlite3_reset(session->set_trust);
    3.92          sqlite3_bind_text(session->set_trust, 1, identity->user_id, -1,
    3.93                  SQLITE_STATIC);
    3.94 @@ -1252,6 +1279,54 @@
    3.95          return PEP_COMMIT_FAILED;
    3.96  }
    3.97  
    3.98 +PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
    3.99 +                                 const char* old_fpr, 
   3.100 +                                 const char* new_fpr) 
   3.101 +{
   3.102 +    PEP_STATUS status = PEP_STATUS_OK;
   3.103 +    
   3.104 +    assert(old_fpr);
   3.105 +    assert(new_fpr);
   3.106 +    
   3.107 +    if (!old_fpr || !new_fpr)
   3.108 +        return PEP_ILLEGAL_VALUE;
   3.109 +            
   3.110 +    sqlite3_reset(session->replace_identities_fpr);
   3.111 +    sqlite3_bind_text(session->replace_identities_fpr, 1, new_fpr, -1,
   3.112 +                      SQLITE_STATIC);
   3.113 +    sqlite3_bind_text(session->replace_identities_fpr, 2, old_fpr, -1,
   3.114 +                      SQLITE_STATIC);
   3.115 +
   3.116 +    int result = sqlite3_step(session->replace_identities_fpr);
   3.117 +    sqlite3_reset(session->replace_identities_fpr);
   3.118 +    
   3.119 +    if (result != SQLITE_DONE)
   3.120 +        return PEP_CANNOT_SET_IDENTITY;
   3.121 +
   3.122 +    return PEP_STATUS_OK;
   3.123 +}
   3.124 +
   3.125 +
   3.126 +PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
   3.127 +                                const char* fpr, 
   3.128 +                                PEP_comm_type comm_type)
   3.129 +{
   3.130 +    if (!fpr)
   3.131 +        return PEP_ILLEGAL_VALUE;
   3.132 +        
   3.133 +    sqlite3_reset(session->update_trust_for_fpr);
   3.134 +    sqlite3_bind_int(session->update_trust_for_fpr, 1, comm_type);
   3.135 +    sqlite3_bind_text(session->update_trust_for_fpr, 2, fpr, -1,
   3.136 +            SQLITE_STATIC);
   3.137 +    int result = sqlite3_step(session->update_trust_for_fpr);
   3.138 +    sqlite3_reset(session->update_trust_for_fpr);
   3.139 +    if (result != SQLITE_DONE) {
   3.140 +        return PEP_CANNOT_SET_TRUST;
   3.141 +    }
   3.142 +    
   3.143 +    return PEP_STATUS_OK;
   3.144 +}
   3.145 +
   3.146  DYNAMIC_API PEP_STATUS set_device_group(
   3.147          PEP_SESSION session,
   3.148          const char *group_name
   3.149 @@ -2363,4 +2438,3 @@
   3.150  }
   3.151  
   3.152  #endif
   3.153 -
     4.1 --- a/src/pEpEngine.h	Mon May 29 16:32:24 2017 +0200
     4.2 +++ b/src/pEpEngine.h	Thu Jun 01 19:57:30 2017 +0200
     4.3 @@ -544,6 +544,11 @@
     4.4          pEp_identity **identity
     4.5      );
     4.6  
     4.7 +PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
     4.8 +                                 const char* old_fpr, 
     4.9 +                                 const char* new_fpr); 
    4.10 +
    4.11 +
    4.12  // set_identity() - set identity information
    4.13  //
    4.14  //    parameters:
    4.15 @@ -827,6 +832,14 @@
    4.16  
    4.17  DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
    4.18  
    4.19 +PEP_STATUS set_trust(PEP_SESSION session, 
    4.20 +                            const char* user_id,
    4.21 +                            const char* fpr, 
    4.22 +                            PEP_comm_type comm_type);
    4.23 +                            
    4.24 +PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
    4.25 +                                const char* fpr, 
    4.26 +                                PEP_comm_type comm_type);
    4.27  
    4.28  // least_trust() - get the least known trust level for a key in the database
    4.29  //
    4.30 @@ -925,6 +938,12 @@
    4.31          bool *revoked
    4.32      );
    4.33  
    4.34 +PEP_STATUS get_key_userids(
    4.35 +        PEP_SESSION session,
    4.36 +        const char* fpr,
    4.37 +        stringlist_t** keylist
    4.38 +    );
    4.39 +
    4.40  
    4.41  // get_crashdump_log() - get the last log messages out
    4.42  //
     5.1 --- a/src/pEp_internal.h	Mon May 29 16:32:24 2017 +0200
     5.2 +++ b/src/pEp_internal.h	Thu Jun 01 19:57:30 2017 +0200
     5.3 @@ -100,6 +100,7 @@
     5.4      sqlite3_stmt *log;
     5.5      sqlite3_stmt *trustword;
     5.6      sqlite3_stmt *get_identity;
     5.7 +    sqlite3_stmt *replace_identities_fpr;
     5.8      sqlite3_stmt *set_person;
     5.9      sqlite3_stmt *set_device_group;
    5.10      sqlite3_stmt *get_device_group;
    5.11 @@ -108,6 +109,7 @@
    5.12      sqlite3_stmt *set_identity_flags;
    5.13      sqlite3_stmt *unset_identity_flags;
    5.14      sqlite3_stmt *set_trust;
    5.15 +    sqlite3_stmt *update_trust_for_fpr;
    5.16      sqlite3_stmt *get_trust;
    5.17      sqlite3_stmt *least_trust;
    5.18      sqlite3_stmt *mark_compromized;
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/test/external_revoke_test.cc	Thu Jun 01 19:57:30 2017 +0200
     6.3 @@ -0,0 +1,320 @@
     6.4 +// This file is under GNU General Public License 3.0
     6.5 +// see LICENSE.txt
     6.6 +
     6.7 +#include <stdlib.h>
     6.8 +#include <string.h>
     6.9 +#include <time.h>
    6.10 +#include "platform.h"
    6.11 +#include <iostream>
    6.12 +#include <fstream>
    6.13 +#include <assert.h>
    6.14 +#include "mime.h"
    6.15 +#include "message_api.h"
    6.16 +#include "test_util.h"
    6.17 +
    6.18 +using namespace std;
    6.19 +
    6.20 +int main() {
    6.21 +    cout << "\n*** external_revoke_test.cc ***\n\n";
    6.22 +
    6.23 +    PEP_SESSION session;
    6.24 +    
    6.25 +    cout << "calling init()\n";
    6.26 +    PEP_STATUS status = init(&session);   
    6.27 +    assert(status == PEP_STATUS_OK);
    6.28 +    assert(session);
    6.29 +    cout << "init() completed.\n";
    6.30 +
    6.31 +#ifndef NETPGP
    6.32 +    char* fprs[2];
    6.33 +    
    6.34 +    // Create sender ID
    6.35 +    
    6.36 +    pEp_identity * me = new_identity("pep.test.apple@pep-project.org", NULL, PEP_OWN_USERID, "Alice Cooper");
    6.37 +    status = update_identity(session, me);
    6.38 +    status = trust_personal_key(session, me);
    6.39 +    status = update_identity(session, me);
    6.40 +    
    6.41 +    // Create key
    6.42 +
    6.43 +    cout << "Creating new id for : ";
    6.44 +    char *uniqname = strdup("AAAAtestuser@testdomain.org");
    6.45 +    srandom(time(NULL));
    6.46 +    for(int i=0; i < 4;i++)
    6.47 +        uniqname[i] += random() & 0xf;
    6.48 +    
    6.49 +    cout << uniqname << "\n";
    6.50 +    pEp_identity * recip1 = new_identity(uniqname, NULL, NULL, "Test User");
    6.51 +
    6.52 +    status = generate_keypair(session, recip1);
    6.53 +    
    6.54 +    cout << "Generated fingerprint ";
    6.55 +    cout << recip1->fpr << "\n";
    6.56 +
    6.57 +    fprs[0] = strdup(recip1->fpr);
    6.58 +    
    6.59 +    cout << endl << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl;
    6.60 +    cout << "Trust and revoke single key, ensure trust changes, then generate new key and ensure rating is correct." << endl;
    6.61 +    cout << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl << endl;
    6.62 +    
    6.63 +    cout << endl << "---------------------------------------------------------" << endl;
    6.64 +    cout << "1a. Encrypt message for trusted partner." << endl;
    6.65 +    cout << "---------------------------------------------------------" << endl << endl;
    6.66 +
    6.67 +    cout << "Trusting personal key for " << uniqname << endl;
    6.68 +    // Trust it
    6.69 +    recip1->me = false;
    6.70 +    status = update_identity(session, recip1);
    6.71 +    status = trust_personal_key(session, recip1);
    6.72 +    status = update_identity(session, recip1);
    6.73 +    
    6.74 +    // TODO: Check trust?
    6.75 +    cout << "Done! Trusted personal key with fpr " << recip1->fpr << " for " << uniqname << endl;
    6.76 +
    6.77 +    const char* r1_userid = (recip1->user_id ? strdup(recip1->user_id) : NULL);
    6.78 +
    6.79 +    
    6.80 +    // encrypt something to the key
    6.81 +    cout << "Creating message…\n";
    6.82 +    identity_list* to_list = new_identity_list(identity_dup(recip1)); // to bob
    6.83 +    message* outgoing_msg = new_message(PEP_dir_outgoing);
    6.84 +    assert(outgoing_msg);
    6.85 +    outgoing_msg->from = identity_dup(me);
    6.86 +    outgoing_msg->to = to_list;
    6.87 +    outgoing_msg->shortmsg = strdup("Greetings, humans!");
    6.88 +    outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
    6.89 +    outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
    6.90 +    cout << "Message created.\n";
    6.91 +
    6.92 +    message* encrypted_outgoing_msg = NULL;
    6.93 +
    6.94 +    cout << "Encrypting message to " << uniqname << "…\n";    
    6.95 +    status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
    6.96 +    cout << "Encrypted message with status " << tl_status_string(status) << endl;
    6.97 +    // check status
    6.98 +    assert(status == PEP_STATUS_OK);
    6.99 +    assert(encrypted_outgoing_msg);
   6.100 +
   6.101 +    cout << "Checking message recipient comm_type from message." << endl;
   6.102 +    // check comm_type
   6.103 +    cout << "comm_type: " << tl_ct_string(encrypted_outgoing_msg->to->ident->comm_type) << endl;
   6.104 +    assert(encrypted_outgoing_msg->to->ident->comm_type == PEP_ct_OpenPGP);
   6.105 +    
   6.106 +    status = get_trust(session, recip1);
   6.107 +    
   6.108 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   6.109 +    assert(recip1->comm_type == PEP_ct_OpenPGP); // FIXME: PEP_ct_pEp???
   6.110 +
   6.111 +    // decrypt message
   6.112 +    free_message(outgoing_msg);
   6.113 +    outgoing_msg = NULL;
   6.114 +
   6.115 +    stringlist_t* keylist = nullptr;
   6.116 +    PEP_rating rating;
   6.117 +    PEP_decrypt_flags_t flags;
   6.118 +
   6.119 +    cout << endl << "---------------------------------------------------------" << endl;
   6.120 +    cout << "1b. Decrypt message that was encrypted for trusted partner." << endl;
   6.121 +    cout << "---------------------------------------------------------" << endl << endl;
   6.122 +
   6.123 +    cout << "Decrypting message." << endl;
   6.124 +    status = decrypt_message(session, encrypted_outgoing_msg, &outgoing_msg, &keylist, &rating, &flags);
   6.125 +    cout << "Decrypted message with status " << tl_status_string(status) << endl;
   6.126 +    assert(status == PEP_STATUS_OK);
   6.127 +    assert(rating == PEP_rating_trusted);
   6.128 +
   6.129 +    // check rating
   6.130 +    cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   6.131 +    assert(rating == PEP_rating_trusted); // FIXME: trusted and anonymised?
   6.132 +    
   6.133 +    // check comm_type
   6.134 +    status = get_trust(session, recip1);
   6.135 +
   6.136 +    cout << "Recip's trust DB comm_type = " << tl_ct_string(recip1->comm_type) << endl;
   6.137 +    assert(recip1->comm_type == PEP_ct_OpenPGP); // FIXME: PEP_ct_pEp???
   6.138 +
   6.139 +    cout << endl << "---------------------------------------------------------" << endl;
   6.140 +    cout << "2a. Revoke key for (currently) trusted partner." << endl;
   6.141 +    cout << "---------------------------------------------------------" << endl << endl;
   6.142 +    // externally revoke key
   6.143 +    // (note - as of 23.5.17, revoke_key() doesn't touch the trust db, just the keyring, so we can do this)
   6.144 +
   6.145 +    cout << "Revoking key." << endl;
   6.146 +    status = get_identity(session, uniqname, r1_userid, &recip1);    
   6.147 +    status = revoke_key(session, recip1->fpr, "encrypt_for_identity_test");
   6.148 +    cout << "Status of revocation call for " << recip1->fpr << " is "<< tl_status_string(status) << endl;
   6.149 +
   6.150 +    // free messages
   6.151 +    free_message(outgoing_msg);
   6.152 +    free_message(encrypted_outgoing_msg);
   6.153 +    outgoing_msg = NULL;
   6.154 +    encrypted_outgoing_msg = NULL;
   6.155 +    
   6.156 +    // encrypt something to the key
   6.157 +    cout << "creating message…\n";
   6.158 +    to_list = new_identity_list(identity_dup(recip1)); // to bob
   6.159 +    outgoing_msg = new_message(PEP_dir_outgoing);
   6.160 +    assert(outgoing_msg);
   6.161 +    outgoing_msg->from = identity_dup(me);
   6.162 +    outgoing_msg->to = to_list;
   6.163 +    outgoing_msg->shortmsg = strdup("Greetings, humans!");
   6.164 +    outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   6.165 +    outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   6.166 +    cout << "message created.\n";
   6.167 +
   6.168 +    encrypted_outgoing_msg = NULL;
   6.169 +    message* decrypted_msg = NULL;
   6.170 +
   6.171 +    cout << endl << "---------------------------------------------------------" << endl;
   6.172 +    cout << "2b. Encrypt message for recip whose key has been externally revoked in the keyring, not the app." << endl;
   6.173 +    cout << "---------------------------------------------------------" << endl << endl;
   6.174 +
   6.175 +    status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   6.176 +    cout << "Encryption returns with status " << tl_status_string(status) << endl;
   6.177 +
   6.178 +    PEP_comm_type ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   6.179 +
   6.180 +    cout << endl << "---------------------------------------------------------" << endl;
   6.181 +    cout << "2c. Check trust of recip, whose only key has been revoked, once an encryption attempt has been made." << endl;
   6.182 +    cout << "---------------------------------------------------------" << endl << endl;
   6.183 +
   6.184 +    // check comm_type
   6.185 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   6.186 +    assert(ct == PEP_ct_key_revoked);
   6.187 +    
   6.188 +    status = get_trust(session, recip1);
   6.189 +
   6.190 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   6.191 +    assert(recip1->comm_type == PEP_ct_key_revoked);
   6.192 +
   6.193 +    cout << endl << "---------------------------------------------------------" << endl;
   6.194 +    cout << "2d. Try to decrypt message that was encrypted for revoked key guy." << endl;
   6.195 +    cout << "---------------------------------------------------------" << endl << endl;
   6.196 +    // decrypt message
   6.197 +//    free_message(outgoing_msg);
   6.198 +//    outgoing_msg = NULL;
   6.199 +    // FIXME: Make this make more sense
   6.200 +    status = decrypt_message(session, outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   6.201 +    cout << "Decryption returns with status " << tl_status_string(status) << endl;
   6.202 +    assert(status == PEP_UNENCRYPTED);
   6.203 +    
   6.204 +    // check rating
   6.205 +    cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   6.206 +    assert(rating == PEP_rating_unencrypted);
   6.207 +
   6.208 +    ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   6.209 +
   6.210 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   6.211 +    assert(ct == PEP_ct_key_revoked);
   6.212 +    
   6.213 +    status = get_trust(session, recip1);
   6.214 +    
   6.215 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   6.216 +    assert(recip1->comm_type == PEP_ct_key_revoked);
   6.217 +
   6.218 +    free_message(encrypted_outgoing_msg);
   6.219 +    free_message(decrypted_msg);
   6.220 +    free_message(outgoing_msg);
   6.221 +    outgoing_msg = NULL;
   6.222 +    decrypted_msg = NULL;
   6.223 +    encrypted_outgoing_msg = NULL;
   6.224 +
   6.225 +    cout << endl << "---------------------------------------------------------" << endl;
   6.226 +    cout << "3a. Generate new key, but don't explicitly trust it." << endl;
   6.227 +    cout << "---------------------------------------------------------" << endl << endl;
   6.228 +
   6.229 +    // now: generate new key
   6.230 +    free(recip1->fpr);
   6.231 +    recip1->fpr = NULL;
   6.232 +    status = generate_keypair(session, recip1);
   6.233 +    
   6.234 +    cout << "Generated fingerprint \n";
   6.235 +    cout << recip1->fpr << "\n";
   6.236 +    fprs[1] = strdup(recip1->fpr);
   6.237 +
   6.238 +    // try again
   6.239 +    cout << endl << "---------------------------------------------------------" << endl;
   6.240 +    cout << "3b. Try to send something to the email address of our revoked friend, make sure a new key is used to encrypt." << endl;
   6.241 +    cout << "---------------------------------------------------------" << endl << endl;
   6.242 +    
   6.243 +    // encrypt something to the key
   6.244 +    cout << "Creating message…\n";
   6.245 +    to_list = new_identity_list(identity_dup(recip1)); // to bob
   6.246 +    outgoing_msg = new_message(PEP_dir_outgoing);
   6.247 +    assert(outgoing_msg);
   6.248 +    outgoing_msg->from = identity_dup(me);
   6.249 +    outgoing_msg->to = to_list;
   6.250 +    outgoing_msg->shortmsg = strdup("Greetings, humans!");
   6.251 +    outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   6.252 +    outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   6.253 +    cout << "Message created.\n";
   6.254 +
   6.255 +    status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   6.256 +
   6.257 +    ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   6.258 +
   6.259 +    // CHECK STATUS???
   6.260 +    cout << "Encryption returns with status " << tl_status_string(status) << endl;
   6.261 +
   6.262 +    // check comm_type
   6.263 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   6.264 +    assert(ct == PEP_ct_OpenPGP_unconfirmed);
   6.265 +    
   6.266 +    status = get_trust(session, recip1);
   6.267 +
   6.268 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   6.269 +    assert(recip1->comm_type == PEP_ct_OpenPGP_unconfirmed);
   6.270 +
   6.271 +    // decrypt message
   6.272 +//    free_message(outgoing_msg);
   6.273 +//    outgoing_msg = NULL;
   6.274 +
   6.275 +    cout << endl << "---------------------------------------------------------" << endl;
   6.276 +    cout << "3c. Decrypt... that... message!" << endl;
   6.277 +    cout << "---------------------------------------------------------" << endl << endl;
   6.278 +
   6.279 +
   6.280 +    status = decrypt_message(session, encrypted_outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   6.281 +    cout << "Decryption returns with status " << tl_status_string(status) << endl;
   6.282 +    assert(status == PEP_STATUS_OK);
   6.283 +
   6.284 +    // check rating
   6.285 +    cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   6.286 +    assert(rating == PEP_rating_reliable);
   6.287 +
   6.288 +    ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   6.289 +
   6.290 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   6.291 +    assert(ct == PEP_ct_OpenPGP_unconfirmed);
   6.292 +    
   6.293 +    status = get_trust(session, recip1);
   6.294 +    
   6.295 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   6.296 +    assert(recip1->comm_type == PEP_ct_OpenPGP_unconfirmed);
   6.297 +
   6.298 +    free_message(encrypted_outgoing_msg);
   6.299 +    free_message(decrypted_msg);
   6.300 +    free_message(outgoing_msg);
   6.301 +    outgoing_msg = NULL;
   6.302 +    decrypted_msg = NULL;
   6.303 +    encrypted_outgoing_msg = NULL;
   6.304 +
   6.305 +    free_identity(me);
   6.306 +    free_identity(recip1);
   6.307 +    free(uniqname);
   6.308 +    
   6.309 +    delete_keypair(session, fprs[0]);    
   6.310 +    delete_keypair(session, fprs[1]);
   6.311 +    
   6.312 +    free(fprs[0]);
   6.313 +    free(fprs[1]);
   6.314 +    
   6.315 +#else
   6.316 +    cout << "Sorry, test is not defined for NETPGP at this time." << endl;
   6.317 +    
   6.318 +#endif
   6.319 +    
   6.320 +    release(session);
   6.321 +
   6.322 +    return 0;
   6.323 +}
     7.1 --- a/test/test_util.cc	Mon May 29 16:32:24 2017 +0200
     7.2 +++ b/test/test_util.cc	Thu Jun 01 19:57:30 2017 +0200
     7.3 @@ -1,4 +1,6 @@
     7.4  #include "pEpEngine_test.h"
     7.5 +#include "pEpEngine.h"
     7.6 +#include "message_api.h"
     7.7  #include <fstream>
     7.8  #include <sstream>
     7.9  #include <stdexcept>
    7.10 @@ -15,3 +17,237 @@
    7.11  	sstr << input.rdbuf();
    7.12  	return sstr.str();
    7.13  }
    7.14 +
    7.15 +const char* tl_status_string(PEP_STATUS status) {
    7.16 +    switch (status) {
    7.17 +        case PEP_STATUS_OK:
    7.18 +            return "PEP_STATUS_OK";
    7.19 +        case PEP_INIT_CANNOT_LOAD_GPGME:
    7.20 +            return "PEP_INIT_CANNOT_LOAD_GPGME";
    7.21 +        case PEP_INIT_GPGME_INIT_FAILED:
    7.22 +            return "PEP_INIT_GPGME_INIT_FAILED";
    7.23 +        case PEP_INIT_NO_GPG_HOME:
    7.24 +            return "PEP_INIT_NO_GPG_HOME";
    7.25 +        case PEP_INIT_NETPGP_INIT_FAILED:
    7.26 +            return "PEP_INIT_NETPGP_INIT_FAILED";
    7.27 +        case PEP_INIT_SQLITE3_WITHOUT_MUTEX:
    7.28 +            return "PEP_INIT_SQLITE3_WITHOUT_MUTEX";
    7.29 +        case PEP_INIT_CANNOT_OPEN_DB:
    7.30 +            return "PEP_INIT_CANNOT_OPEN_DB";
    7.31 +        case PEP_INIT_CANNOT_OPEN_SYSTEM_DB:
    7.32 +            return "PEP_INIT_CANNOT_OPEN_SYSTEM_DB";
    7.33 +        case PEP_KEY_NOT_FOUND:
    7.34 +            return "PEP_KEY_NOT_FOUND";
    7.35 +        case PEP_KEY_HAS_AMBIG_NAME:
    7.36 +            return "PEP_KEY_HAS_AMBIG_NAME";
    7.37 +        case PEP_GET_KEY_FAILED:
    7.38 +            return "PEP_GET_KEY_FAILED";
    7.39 +        case PEP_CANNOT_EXPORT_KEY:
    7.40 +            return "PEP_CANNOT_EXPORT_KEY";
    7.41 +        case PEP_CANNOT_EDIT_KEY:
    7.42 +            return "PEP_CANNOT_EDIT_KEY";
    7.43 +        case PEP_CANNOT_FIND_IDENTITY:
    7.44 +            return "PEP_CANNOT_FIND_IDENTITY";
    7.45 +        case PEP_CANNOT_SET_PERSON:
    7.46 +            return "PEP_CANNOT_SET_PERSON";
    7.47 +        case PEP_CANNOT_SET_PGP_KEYPAIR:
    7.48 +            return "PEP_CANNOT_SET_PGP_KEYPAIR";
    7.49 +        case PEP_CANNOT_SET_IDENTITY:
    7.50 +            return "PEP_CANNOT_SET_IDENTITY";
    7.51 +        case PEP_CANNOT_SET_TRUST:
    7.52 +            return "PEP_CANNOT_SET_TRUST";
    7.53 +        case PEP_KEY_BLACKLISTED:
    7.54 +            return "PEP_KEY_BLACKLISTED";
    7.55 +        case PEP_UNENCRYPTED:
    7.56 +            return "PEP_UNENCRYPTED";
    7.57 +        case PEP_VERIFIED:
    7.58 +            return "PEP_VERIFIED";
    7.59 +        case PEP_DECRYPTED:
    7.60 +            return "PEP_DECRYPTED";
    7.61 +        case PEP_DECRYPTED_AND_VERIFIED:
    7.62 +            return "PEP_DECRYPTED_AND_VERIFIED";
    7.63 +        case PEP_DECRYPT_WRONG_FORMAT:
    7.64 +            return "PEP_DECRYPT_WRONG_FORMAT";
    7.65 +        case PEP_DECRYPT_NO_KEY:
    7.66 +            return "PEP_DECRYPT_NO_KEY";
    7.67 +        case PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH:
    7.68 +            return "PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH";
    7.69 +        case PEP_VERIFY_NO_KEY:
    7.70 +            return "PEP_VERIFY_NO_KEY";
    7.71 +        case PEP_VERIFIED_AND_TRUSTED:
    7.72 +            return "PEP_VERIFIED_AND_TRUSTED";
    7.73 +        case PEP_CANNOT_DECRYPT_UNKNOWN:
    7.74 +            return "PEP_CANNOT_DECRYPT_UNKNOWN";
    7.75 +        case PEP_TRUSTWORD_NOT_FOUND:
    7.76 +            return "PEP_TRUSTWORD_NOT_FOUND";
    7.77 +        case PEP_TRUSTWORDS_FPR_WRONG_LENGTH:
    7.78 +            return "PEP_TRUSTWORDS_FPR_WRONG_LENGTH";
    7.79 +        case PEP_CANNOT_CREATE_KEY:
    7.80 +            return "PEP_CANNOT_CREATE_KEY";
    7.81 +        case PEP_CANNOT_SEND_KEY:
    7.82 +            return "PEP_CANNOT_SEND_KEY";
    7.83 +        case PEP_PHRASE_NOT_FOUND:
    7.84 +            return "PEP_PHRASE_NOT_FOUND";
    7.85 +        case PEP_SEND_FUNCTION_NOT_REGISTERED:
    7.86 +            return "PEP_SEND_FUNCTION_NOT_REGISTERED";
    7.87 +        case PEP_CONTRAINTS_VIOLATED:
    7.88 +            return "PEP_CONTRAINTS_VIOLATED";
    7.89 +        case PEP_CANNOT_ENCODE:
    7.90 +            return "PEP_CANNOT_ENCODE";
    7.91 +        case PEP_SYNC_NO_NOTIFY_CALLBACK:
    7.92 +            return "PEP_SYNC_NO_NOTIFY_CALLBACK";
    7.93 +        case PEP_SYNC_ILLEGAL_MESSAGE:
    7.94 +            return "PEP_SYNC_ILLEGAL_MESSAGE";
    7.95 +        case PEP_SYNC_NO_INJECT_CALLBACK:
    7.96 +            return "PEP_SYNC_NO_INJECT_CALLBACK";
    7.97 +        case PEP_SEQUENCE_VIOLATED:
    7.98 +            return "PEP_SEQUENCE_VIOLATED";
    7.99 +        case PEP_CANNOT_INCREASE_SEQUENCE:
   7.100 +            return "PEP_CANNOT_INCREASE_SEQUENCE";
   7.101 +        case PEP_CANNOT_SET_SEQUENCE_VALUE:
   7.102 +            return "PEP_CANNOT_SET_SEQUENCE_VALUE";
   7.103 +        case PEP_OWN_SEQUENCE:
   7.104 +            return "PEP_OWN_SEQUENCE";
   7.105 +        case PEP_SYNC_STATEMACHINE_ERROR:
   7.106 +            return "PEP_SYNC_STATEMACHINE_ERROR";
   7.107 +        case PEP_SYNC_NO_TRUST:
   7.108 +            return "PEP_SYNC_NO_TRUST";
   7.109 +        case PEP_STATEMACHINE_INVALID_STATE:
   7.110 +            return "PEP_STATEMACHINE_INVALID_STATE";
   7.111 +        case PEP_STATEMACHINE_INVALID_EVENT:
   7.112 +            return "PEP_STATEMACHINE_INVALID_EVENT";
   7.113 +        case PEP_STATEMACHINE_INVALID_CONDITION:
   7.114 +            return "PEP_STATEMACHINE_INVALID_CONDITION";
   7.115 +        case PEP_STATEMACHINE_INVALID_ACTION:
   7.116 +            return "PEP_STATEMACHINE_INVALID_ACTION";
   7.117 +        case PEP_STATEMACHINE_INHIBITED_EVENT:
   7.118 +            return "PEP_STATEMACHINE_INHIBITED_EVENT";
   7.119 +        case PEP_COMMIT_FAILED:
   7.120 +            return "PEP_COMMIT_FAILED";
   7.121 +        case PEP_MESSAGE_CONSUME:
   7.122 +            return "PEP_MESSAGE_CONSUME";
   7.123 +        case PEP_MESSAGE_IGNORE:
   7.124 +            return "PEP_MESSAGE_IGNORE";
   7.125 +        case PEP_RECORD_NOT_FOUND:
   7.126 +            return "PEP_RECORD_NOT_FOUND";
   7.127 +        case PEP_CANNOT_CREATE_TEMP_FILE:
   7.128 +            return "PEP_CANNOT_CREATE_TEMP_FILE";
   7.129 +        case PEP_ILLEGAL_VALUE:
   7.130 +            return "PEP_ILLEGAL_VALUE";
   7.131 +        case PEP_BUFFER_TOO_SMALL:
   7.132 +            return "PEP_BUFFER_TOO_SMALL";
   7.133 +        case PEP_OUT_OF_MEMORY:
   7.134 +            return "PEP_OUT_OF_MEMORY";
   7.135 +        case PEP_UNKNOWN_ERROR:
   7.136 +            return "PEP_UNKNOWN_ERROR";
   7.137 +        default:
   7.138 +            return "PEP_STATUS_OMGWTFBBQ - This means you're using a status the test lib doesn't know about!";
   7.139 +    }
   7.140 +}
   7.141 +const char* tl_rating_string(PEP_rating rating) {
   7.142 +    switch (rating) {
   7.143 +        case PEP_rating_undefined:
   7.144 +            return "PEP_rating_undefined";
   7.145 +        case PEP_rating_cannot_decrypt:
   7.146 +            return "PEP_rating_cannot_decrypt";
   7.147 +        case PEP_rating_have_no_key:
   7.148 +            return "PEP_rating_have_no_key";
   7.149 +        case PEP_rating_unencrypted:
   7.150 +            return "PEP_rating_unencrypted";
   7.151 +        case PEP_rating_unencrypted_for_some:
   7.152 +            return "PEP_rating_unencrypted_for_some";
   7.153 +        case PEP_rating_unreliable:
   7.154 +            return "PEP_rating_unreliable";
   7.155 +        case PEP_rating_reliable:
   7.156 +            return "PEP_rating_reliable";
   7.157 +        case PEP_rating_trusted:
   7.158 +            return "PEP_rating_trusted";
   7.159 +        case PEP_rating_trusted_and_anonymized:
   7.160 +            return "PEP_rating_trusted_and_anonymized";
   7.161 +        case PEP_rating_fully_anonymous:
   7.162 +            return "PEP_rating_fully_anonymous";
   7.163 +        case PEP_rating_mistrust:
   7.164 +            return "PEP_rating_mistrust";
   7.165 +        case PEP_rating_b0rken:
   7.166 +            return "PEP_rating_b0rken";
   7.167 +        case PEP_rating_under_attack:
   7.168 +            return "PEP_rating_under_attack";
   7.169 +        default:
   7.170 +            return "PEP_rating_OMGWTFBBQ - in other words, INVALID RATING VALUE!!!\n\nSomething bad is going on here, or a new rating value has been added to the enum and not the test function.";
   7.171 +    }
   7.172 +}
   7.173 +
   7.174 +const char* tl_ct_string(PEP_comm_type ct) {
   7.175 +    switch (ct) {
   7.176 +        case PEP_ct_unknown:
   7.177 +            return "PEP_ct_unknown";
   7.178 +        case PEP_ct_no_encryption:
   7.179 +            return "PEP_ct_no_encryption";
   7.180 +        case PEP_ct_no_encrypted_channel:
   7.181 +            return "PEP_ct_no_encrypted_channel";
   7.182 +        case PEP_ct_key_not_found:
   7.183 +            return "PEP_ct_key_not_found";
   7.184 +        case PEP_ct_key_expired:
   7.185 +            return "PEP_ct_key_expired";
   7.186 +        case PEP_ct_key_revoked:
   7.187 +            return "PEP_ct_key_revoked";
   7.188 +        case PEP_ct_key_b0rken:
   7.189 +            return "PEP_ct_key_b0rken";
   7.190 +        case PEP_ct_my_key_not_included:
   7.191 +            return "PEP_ct_my_key_not_included";
   7.192 +        case PEP_ct_security_by_obscurity:
   7.193 +            return "PEP_ct_security_by_obscurity";
   7.194 +        case PEP_ct_b0rken_crypto:
   7.195 +            return "PEP_ct_b0rken_crypto";
   7.196 +        case PEP_ct_key_too_short:
   7.197 +            return "PEP_ct_key_too_short";
   7.198 +        case PEP_ct_compromized:
   7.199 +            return "PEP_ct_compromized";
   7.200 +        case PEP_ct_mistrusted:
   7.201 +            return "PEP_ct_mistrusted";
   7.202 +        case PEP_ct_unconfirmed_encryption:
   7.203 +            return "PEP_ct_unconfirmed_encryption";
   7.204 +        case PEP_ct_OpenPGP_weak_unconfirmed:
   7.205 +            return "PEP_ct_OpenPGP_weak_unconfirmed";
   7.206 +        case PEP_ct_to_be_checked:
   7.207 +            return "PEP_ct_to_be_checked";
   7.208 +        case PEP_ct_SMIME_unconfirmed:
   7.209 +            return "PEP_ct_SMIME_unconfirmed";
   7.210 +        case PEP_ct_CMS_unconfirmed:
   7.211 +            return "PEP_ct_CMS_unconfirmed";
   7.212 +        case PEP_ct_strong_but_unconfirmed:
   7.213 +            return "PEP_ct_strong_but_unconfirmed";
   7.214 +        case PEP_ct_OpenPGP_unconfirmed:
   7.215 +            return "PEP_ct_OpenPGP_unconfirmed";
   7.216 +        case PEP_ct_OTR_unconfirmed:
   7.217 +            return "PEP_ct_OTR_unconfirmed";
   7.218 +        case PEP_ct_unconfirmed_enc_anon:
   7.219 +            return "PEP_ct_unconfirmed_enc_anon";
   7.220 +        case PEP_ct_pEp_unconfirmed:
   7.221 +            return "PEP_ct_pEp_unconfirmed";
   7.222 +        case PEP_ct_confirmed:
   7.223 +            return "PEP_ct_pEp_confirmed";
   7.224 +        case PEP_ct_confirmed_encryption:
   7.225 +            return "PEP_ct_confirmed_encryption";
   7.226 +        case PEP_ct_OpenPGP_weak:
   7.227 +            return "PEP_ct_OpenPGP_weak";
   7.228 +        case PEP_ct_to_be_checked_confirmed:
   7.229 +            return "PEP_ct_to_be_checked_confirmed";
   7.230 +        case PEP_ct_SMIME:
   7.231 +            return "PEP_ct_SMIME";
   7.232 +        case PEP_ct_CMS:
   7.233 +            return "PEP_ct_CMS";
   7.234 +        case PEP_ct_strong_encryption:
   7.235 +            return "PEP_ct_strong_encryption";
   7.236 +        case PEP_ct_OpenPGP:
   7.237 +            return "PEP_ct_OpenPGP";
   7.238 +        case PEP_ct_OTR:
   7.239 +            return "PEP_ct_OTR";
   7.240 +        case PEP_ct_confirmed_enc_anon:
   7.241 +            return "PEP_ct_confirmed_enc_anon";
   7.242 +        case PEP_ct_pEp:
   7.243 +            return "PEP_ct_pEp";
   7.244 +        default:
   7.245 +            return "PEP_ct_OMGWTFBBQ\n\nIn other words, comm type is invalid. Either something's corrupt or a new ct value has been added to the enum but not to the test function.";
   7.246 +    }
   7.247 +}
     8.1 --- a/test/test_util.h	Mon May 29 16:32:24 2017 +0200
     8.2 +++ b/test/test_util.h	Thu Jun 01 19:57:30 2017 +0200
     8.3 @@ -1,5 +1,16 @@
     8.4  #include <string>
     8.5 +#include "pEpEngine.h"
     8.6 +#include "message_api.h"
     8.7  
     8.8  // reads a whole file and returns it as std::string
     8.9  // throws std::runtime_error() if the file cannot be read. Empty file is not an error.
    8.10  std::string slurp(const std::string& filename);
    8.11 +
    8.12 +// Returns the string value of the input rating enum value. 
    8.13 +const char* tl_rating_string(PEP_rating rating);
    8.14 +
    8.15 +// Returns the string value of the input comm_type enum value. 
    8.16 +const char* tl_ct_string(PEP_comm_type ct);
    8.17 +
    8.18 +// Returns the string value of the input status enum value. 
    8.19 +const char* tl_status_string(PEP_STATUS status);