ENGINE-209: merged into default
authorKrista Bennett <krista@pep-project.org>
Thu, 01 Jun 2017 19:57:30 +0200
changeset 18130dbbba72dfbb
parent 1809 54a7d37790b9
parent 1812 925ad845e3ec
child 1815 2ce849e5ca78
child 1817 d206064589cf
ENGINE-209: merged into default
     1.1 --- a/src/keymanagement.c	Mon May 29 16:32:24 2017 +0200
     1.2 +++ b/src/keymanagement.c	Thu Jun 01 19:57:30 2017 +0200
     1.3 @@ -144,9 +144,23 @@
     1.4  
     1.5          /* if we have a stored_identity fpr */
     1.6          if (!EMPTYSTR(stored_identity->fpr)) {
     1.7 -            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
     1.8 -            if (status != PEP_STATUS_OK)
     1.9 -                dont_use_stored_fpr = true; 
    1.10 +            bool revoked = false;
    1.11 +            status = key_revoked(session, stored_identity->fpr, &revoked);
    1.12 +            
    1.13 +            if (status != PEP_STATUS_OK || revoked)
    1.14 +                dont_use_stored_fpr = true;
    1.15 +                
    1.16 +            if (revoked) {
    1.17 +                // Do stuff
    1.18 +                status = update_trust_for_fpr(session, stored_identity->fpr, PEP_ct_key_revoked);
    1.19 +                // What to do on failure? FIXME
    1.20 +                status = replace_identities_fpr(session, stored_identity->fpr, "");
    1.21 +            }
    1.22 +            else {    
    1.23 +                status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    1.24 +                if (status != PEP_STATUS_OK)
    1.25 +                    dont_use_stored_fpr = true; 
    1.26 +            }
    1.27          }
    1.28              
    1.29  
     2.1 --- a/src/keymanagement.h	Mon May 29 16:32:24 2017 +0200
     2.2 +++ b/src/keymanagement.h	Thu Jun 01 19:57:30 2017 +0200
     2.3 @@ -159,7 +159,6 @@
     2.4          pEp_identity *ident
     2.5      );
     2.6  
     2.7 -
     2.8  // own_key_is_listed() - returns true id key is listed as own key
     2.9  //
    2.10  //  parameters:
    2.11 @@ -244,4 +243,3 @@
    2.12  #ifdef __cplusplus
    2.13  }
    2.14  #endif
    2.15 -
     3.1 --- a/src/pEpEngine.c	Mon May 29 16:32:24 2017 +0200
     3.2 +++ b/src/pEpEngine.c	Thu Jun 01 19:57:30 2017 +0200
     3.3 @@ -29,6 +29,11 @@
     3.4      "       and pgp_keypair_fpr = identity.main_key_id"
     3.5      "   where address = ?1 and identity.user_id = ?2;";
     3.6  
     3.7 +static const char *sql_replace_identities_fpr =  
     3.8 +    "update identity"
     3.9 +    "   set main_key_id = ?1 "
    3.10 +    "   where main_key_id = ?2 ;";
    3.11 +
    3.12  // Set person, but if already exist, only update.
    3.13  // if main_key_id already set, don't touch.
    3.14  static const char *sql_set_person = 
    3.15 @@ -85,6 +90,11 @@
    3.16      "insert or replace into trust (user_id, pgp_keypair_fpr, comm_type) "
    3.17      "values (?1, upper(replace(?2,' ','')), ?3) ;";
    3.18  
    3.19 +static const char *sql_update_trust_for_fpr =
    3.20 +    "update trust "
    3.21 +    "set comm_type = ?1 "
    3.22 +    "where pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
    3.23 +
    3.24  static const char *sql_get_trust = 
    3.25      "select comm_type from trust where user_id = ?1 "
    3.26      "and pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
    3.27 @@ -503,6 +513,11 @@
    3.28              (int)strlen(sql_get_identity), &_session->get_identity, NULL);
    3.29      assert(int_result == SQLITE_OK);
    3.30  
    3.31 +    int_result = sqlite3_prepare_v2(_session->db, sql_replace_identities_fpr,
    3.32 +            (int)strlen(sql_replace_identities_fpr), 
    3.33 +            &_session->replace_identities_fpr, NULL);
    3.34 +    assert(int_result == SQLITE_OK);
    3.35 +
    3.36      int_result = sqlite3_prepare_v2(_session->db, sql_set_person,
    3.37              (int)strlen(sql_set_person), &_session->set_person, NULL);
    3.38      assert(int_result == SQLITE_OK);
    3.39 @@ -538,6 +553,10 @@
    3.40              (int)strlen(sql_set_trust), &_session->set_trust, NULL);
    3.41      assert(int_result == SQLITE_OK);
    3.42  
    3.43 +    int_result = sqlite3_prepare_v2(_session->db, sql_update_trust_for_fpr,
    3.44 +            (int)strlen(sql_update_trust_for_fpr), &_session->update_trust_for_fpr, NULL);
    3.45 +    assert(int_result == SQLITE_OK);
    3.46 +
    3.47      int_result = sqlite3_prepare_v2(_session->db, sql_get_trust,
    3.48              (int)strlen(sql_get_trust), &_session->get_trust, NULL);
    3.49      assert(int_result == SQLITE_OK);
    3.50 @@ -731,6 +750,8 @@
    3.51                  sqlite3_finalize(session->trustword);
    3.52              if (session->get_identity)
    3.53                  sqlite3_finalize(session->get_identity);
    3.54 +            if (session->replace_identities_fpr)
    3.55 +                sqlite3_finalize(session->replace_identities_fpr);        
    3.56              if (session->set_person)
    3.57                  sqlite3_finalize(session->set_person);
    3.58              if (session->set_device_group)
    3.59 @@ -747,6 +768,8 @@
    3.60                  sqlite3_finalize(session->unset_identity_flags);
    3.61              if (session->set_trust)
    3.62                  sqlite3_finalize(session->set_trust);
    3.63 +            if (session->update_trust_for_fpr)
    3.64 +                sqlite3_finalize(session->update_trust_for_fpr);
    3.65              if (session->get_trust)
    3.66                  sqlite3_finalize(session->get_trust);
    3.67              if (session->least_trust)
    3.68 @@ -1147,13 +1170,15 @@
    3.69                  identity->user_id && identity->username))
    3.70          return PEP_ILLEGAL_VALUE;
    3.71  
    3.72 +    PEP_STATUS status = PEP_STATUS_OK;
    3.73 +    
    3.74      bool listed;
    3.75  
    3.76      bool has_fpr = (identity->fpr && identity->fpr[0] != '\0');
    3.77      
    3.78      if (has_fpr) {    
    3.79          // blacklist check
    3.80 -        PEP_STATUS status = blacklist_is_listed(session, identity->fpr, &listed);
    3.81 +        status = blacklist_is_listed(session, identity->fpr, &listed);
    3.82          assert(status == PEP_STATUS_OK);
    3.83          if (status != PEP_STATUS_OK)
    3.84              return status;
    3.85 @@ -1231,6 +1256,8 @@
    3.86              }
    3.87          }
    3.88  
    3.89 +        // status = set_trust(session, identity->user_id, identity->fpr,
    3.90 +        //                    identity->comm_type)
    3.91          sqlite3_reset(session->set_trust);
    3.92          sqlite3_bind_text(session->set_trust, 1, identity->user_id, -1,
    3.93                  SQLITE_STATIC);
    3.94 @@ -1252,6 +1279,54 @@
    3.95          return PEP_COMMIT_FAILED;
    3.96  }
    3.97  
    3.98 +PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
    3.99 +                                 const char* old_fpr, 
   3.100 +                                 const char* new_fpr) 
   3.101 +{
   3.102 +    PEP_STATUS status = PEP_STATUS_OK;
   3.103 +    
   3.104 +    assert(old_fpr);
   3.105 +    assert(new_fpr);
   3.106 +    
   3.107 +    if (!old_fpr || !new_fpr)
   3.108 +        return PEP_ILLEGAL_VALUE;
   3.109 +            
   3.110 +    sqlite3_reset(session->replace_identities_fpr);
   3.111 +    sqlite3_bind_text(session->replace_identities_fpr, 1, new_fpr, -1,
   3.112 +                      SQLITE_STATIC);
   3.113 +    sqlite3_bind_text(session->replace_identities_fpr, 2, old_fpr, -1,
   3.114 +                      SQLITE_STATIC);
   3.115 +
   3.116 +    int result = sqlite3_step(session->replace_identities_fpr);
   3.117 +    sqlite3_reset(session->replace_identities_fpr);
   3.118 +    
   3.119 +    if (result != SQLITE_DONE)
   3.120 +        return PEP_CANNOT_SET_IDENTITY;
   3.121 +
   3.122 +    return PEP_STATUS_OK;
   3.123 +}
   3.124 +
   3.125 +
   3.126 +PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
   3.127 +                                const char* fpr, 
   3.128 +                                PEP_comm_type comm_type)
   3.129 +{
   3.130 +    if (!fpr)
   3.131 +        return PEP_ILLEGAL_VALUE;
   3.132 +        
   3.133 +    sqlite3_reset(session->update_trust_for_fpr);
   3.134 +    sqlite3_bind_int(session->update_trust_for_fpr, 1, comm_type);
   3.135 +    sqlite3_bind_text(session->update_trust_for_fpr, 2, fpr, -1,
   3.136 +            SQLITE_STATIC);
   3.137 +    int result = sqlite3_step(session->update_trust_for_fpr);
   3.138 +    sqlite3_reset(session->update_trust_for_fpr);
   3.139 +    if (result != SQLITE_DONE) {
   3.140 +        return PEP_CANNOT_SET_TRUST;
   3.141 +    }
   3.142 +    
   3.143 +    return PEP_STATUS_OK;
   3.144 +}
   3.145 +
   3.146  DYNAMIC_API PEP_STATUS set_device_group(
   3.147          PEP_SESSION session,
   3.148          const char *group_name
   3.149 @@ -2363,4 +2438,3 @@
   3.150  }
   3.151  
   3.152  #endif
   3.153 -
     4.1 --- a/src/pEpEngine.h	Mon May 29 16:32:24 2017 +0200
     4.2 +++ b/src/pEpEngine.h	Thu Jun 01 19:57:30 2017 +0200
     4.3 @@ -544,6 +544,11 @@
     4.4          pEp_identity **identity
     4.5      );
     4.6  
     4.7 +PEP_STATUS replace_identities_fpr(PEP_SESSION session, 
     4.8 +                                 const char* old_fpr, 
     4.9 +                                 const char* new_fpr); 
    4.10 +
    4.11 +
    4.12  // set_identity() - set identity information
    4.13  //
    4.14  //    parameters:
    4.15 @@ -827,6 +832,14 @@
    4.16  
    4.17  DYNAMIC_API PEP_STATUS get_trust(PEP_SESSION session, pEp_identity *identity);
    4.18  
    4.19 +PEP_STATUS set_trust(PEP_SESSION session, 
    4.20 +                            const char* user_id,
    4.21 +                            const char* fpr, 
    4.22 +                            PEP_comm_type comm_type);
    4.23 +                            
    4.24 +PEP_STATUS update_trust_for_fpr(PEP_SESSION session, 
    4.25 +                                const char* fpr, 
    4.26 +                                PEP_comm_type comm_type);
    4.27  
    4.28  // least_trust() - get the least known trust level for a key in the database
    4.29  //
    4.30 @@ -925,6 +938,12 @@
    4.31          bool *revoked
    4.32      );
    4.33  
    4.34 +PEP_STATUS get_key_userids(
    4.35 +        PEP_SESSION session,
    4.36 +        const char* fpr,
    4.37 +        stringlist_t** keylist
    4.38 +    );
    4.39 +
    4.40  
    4.41  // get_crashdump_log() - get the last log messages out
    4.42  //
     5.1 --- a/src/pEp_internal.h	Mon May 29 16:32:24 2017 +0200
     5.2 +++ b/src/pEp_internal.h	Thu Jun 01 19:57:30 2017 +0200
     5.3 @@ -100,6 +100,7 @@
     5.4      sqlite3_stmt *log;
     5.5      sqlite3_stmt *trustword;
     5.6      sqlite3_stmt *get_identity;
     5.7 +    sqlite3_stmt *replace_identities_fpr;
     5.8      sqlite3_stmt *set_person;
     5.9      sqlite3_stmt *set_device_group;
    5.10      sqlite3_stmt *get_device_group;
    5.11 @@ -108,6 +109,7 @@
    5.12      sqlite3_stmt *set_identity_flags;
    5.13      sqlite3_stmt *unset_identity_flags;
    5.14      sqlite3_stmt *set_trust;
    5.15 +    sqlite3_stmt *update_trust_for_fpr;
    5.16      sqlite3_stmt *get_trust;
    5.17      sqlite3_stmt *least_trust;
    5.18      sqlite3_stmt *mark_compromized;
     8.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.2 +++ b/test/external_revoke_test.cc	Thu Jun 01 19:57:30 2017 +0200
     8.3 @@ -0,0 +1,320 @@
     8.4 +// This file is under GNU General Public License 3.0
     8.5 +// see LICENSE.txt
     8.6 +
     8.7 +#include <stdlib.h>
     8.8 +#include <string.h>
     8.9 +#include <time.h>
    8.10 +#include "platform.h"
    8.11 +#include <iostream>
    8.12 +#include <fstream>
    8.13 +#include <assert.h>
    8.14 +#include "mime.h"
    8.15 +#include "message_api.h"
    8.16 +#include "test_util.h"
    8.17 +
    8.18 +using namespace std;
    8.19 +
    8.20 +int main() {
    8.21 +    cout << "\n*** external_revoke_test.cc ***\n\n";
    8.22 +
    8.23 +    PEP_SESSION session;
    8.24 +    
    8.25 +    cout << "calling init()\n";
    8.26 +    PEP_STATUS status = init(&session);   
    8.27 +    assert(status == PEP_STATUS_OK);
    8.28 +    assert(session);
    8.29 +    cout << "init() completed.\n";
    8.30 +
    8.31 +#ifndef NETPGP
    8.32 +    char* fprs[2];
    8.33 +    
    8.34 +    // Create sender ID
    8.35 +    
    8.36 +    pEp_identity * me = new_identity("pep.test.apple@pep-project.org", NULL, PEP_OWN_USERID, "Alice Cooper");
    8.37 +    status = update_identity(session, me);
    8.38 +    status = trust_personal_key(session, me);
    8.39 +    status = update_identity(session, me);
    8.40 +    
    8.41 +    // Create key
    8.42 +
    8.43 +    cout << "Creating new id for : ";
    8.44 +    char *uniqname = strdup("AAAAtestuser@testdomain.org");
    8.45 +    srandom(time(NULL));
    8.46 +    for(int i=0; i < 4;i++)
    8.47 +        uniqname[i] += random() & 0xf;
    8.48 +    
    8.49 +    cout << uniqname << "\n";
    8.50 +    pEp_identity * recip1 = new_identity(uniqname, NULL, NULL, "Test User");
    8.51 +
    8.52 +    status = generate_keypair(session, recip1);
    8.53 +    
    8.54 +    cout << "Generated fingerprint ";
    8.55 +    cout << recip1->fpr << "\n";
    8.56 +
    8.57 +    fprs[0] = strdup(recip1->fpr);
    8.58 +    
    8.59 +    cout << endl << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl;
    8.60 +    cout << "Trust and revoke single key, ensure trust changes, then generate new key and ensure rating is correct." << endl;
    8.61 +    cout << "*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*!*" << endl << endl;
    8.62 +    
    8.63 +    cout << endl << "---------------------------------------------------------" << endl;
    8.64 +    cout << "1a. Encrypt message for trusted partner." << endl;
    8.65 +    cout << "---------------------------------------------------------" << endl << endl;
    8.66 +
    8.67 +    cout << "Trusting personal key for " << uniqname << endl;
    8.68 +    // Trust it
    8.69 +    recip1->me = false;
    8.70 +    status = update_identity(session, recip1);
    8.71 +    status = trust_personal_key(session, recip1);
    8.72 +    status = update_identity(session, recip1);
    8.73 +    
    8.74 +    // TODO: Check trust?
    8.75 +    cout << "Done! Trusted personal key with fpr " << recip1->fpr << " for " << uniqname << endl;
    8.76 +
    8.77 +    const char* r1_userid = (recip1->user_id ? strdup(recip1->user_id) : NULL);
    8.78 +
    8.79 +    
    8.80 +    // encrypt something to the key
    8.81 +    cout << "Creating message…\n";
    8.82 +    identity_list* to_list = new_identity_list(identity_dup(recip1)); // to bob
    8.83 +    message* outgoing_msg = new_message(PEP_dir_outgoing);
    8.84 +    assert(outgoing_msg);
    8.85 +    outgoing_msg->from = identity_dup(me);
    8.86 +    outgoing_msg->to = to_list;
    8.87 +    outgoing_msg->shortmsg = strdup("Greetings, humans!");
    8.88 +    outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
    8.89 +    outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
    8.90 +    cout << "Message created.\n";
    8.91 +
    8.92 +    message* encrypted_outgoing_msg = NULL;
    8.93 +
    8.94 +    cout << "Encrypting message to " << uniqname << "…\n";    
    8.95 +    status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
    8.96 +    cout << "Encrypted message with status " << tl_status_string(status) << endl;
    8.97 +    // check status
    8.98 +    assert(status == PEP_STATUS_OK);
    8.99 +    assert(encrypted_outgoing_msg);
   8.100 +
   8.101 +    cout << "Checking message recipient comm_type from message." << endl;
   8.102 +    // check comm_type
   8.103 +    cout << "comm_type: " << tl_ct_string(encrypted_outgoing_msg->to->ident->comm_type) << endl;
   8.104 +    assert(encrypted_outgoing_msg->to->ident->comm_type == PEP_ct_OpenPGP);
   8.105 +    
   8.106 +    status = get_trust(session, recip1);
   8.107 +    
   8.108 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   8.109 +    assert(recip1->comm_type == PEP_ct_OpenPGP); // FIXME: PEP_ct_pEp???
   8.110 +
   8.111 +    // decrypt message
   8.112 +    free_message(outgoing_msg);
   8.113 +    outgoing_msg = NULL;
   8.114 +
   8.115 +    stringlist_t* keylist = nullptr;
   8.116 +    PEP_rating rating;
   8.117 +    PEP_decrypt_flags_t flags;
   8.118 +
   8.119 +    cout << endl << "---------------------------------------------------------" << endl;
   8.120 +    cout << "1b. Decrypt message that was encrypted for trusted partner." << endl;
   8.121 +    cout << "---------------------------------------------------------" << endl << endl;
   8.122 +
   8.123 +    cout << "Decrypting message." << endl;
   8.124 +    status = decrypt_message(session, encrypted_outgoing_msg, &outgoing_msg, &keylist, &rating, &flags);
   8.125 +    cout << "Decrypted message with status " << tl_status_string(status) << endl;
   8.126 +    assert(status == PEP_STATUS_OK);
   8.127 +    assert(rating == PEP_rating_trusted);
   8.128 +
   8.129 +    // check rating
   8.130 +    cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   8.131 +    assert(rating == PEP_rating_trusted); // FIXME: trusted and anonymised?
   8.132 +    
   8.133 +    // check comm_type
   8.134 +    status = get_trust(session, recip1);
   8.135 +
   8.136 +    cout << "Recip's trust DB comm_type = " << tl_ct_string(recip1->comm_type) << endl;
   8.137 +    assert(recip1->comm_type == PEP_ct_OpenPGP); // FIXME: PEP_ct_pEp???
   8.138 +
   8.139 +    cout << endl << "---------------------------------------------------------" << endl;
   8.140 +    cout << "2a. Revoke key for (currently) trusted partner." << endl;
   8.141 +    cout << "---------------------------------------------------------" << endl << endl;
   8.142 +    // externally revoke key
   8.143 +    // (note - as of 23.5.17, revoke_key() doesn't touch the trust db, just the keyring, so we can do this)
   8.144 +
   8.145 +    cout << "Revoking key." << endl;
   8.146 +    status = get_identity(session, uniqname, r1_userid, &recip1);    
   8.147 +    status = revoke_key(session, recip1->fpr, "encrypt_for_identity_test");
   8.148 +    cout << "Status of revocation call for " << recip1->fpr << " is "<< tl_status_string(status) << endl;
   8.149 +
   8.150 +    // free messages
   8.151 +    free_message(outgoing_msg);
   8.152 +    free_message(encrypted_outgoing_msg);
   8.153 +    outgoing_msg = NULL;
   8.154 +    encrypted_outgoing_msg = NULL;
   8.155 +    
   8.156 +    // encrypt something to the key
   8.157 +    cout << "creating message…\n";
   8.158 +    to_list = new_identity_list(identity_dup(recip1)); // to bob
   8.159 +    outgoing_msg = new_message(PEP_dir_outgoing);
   8.160 +    assert(outgoing_msg);
   8.161 +    outgoing_msg->from = identity_dup(me);
   8.162 +    outgoing_msg->to = to_list;
   8.163 +    outgoing_msg->shortmsg = strdup("Greetings, humans!");
   8.164 +    outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   8.165 +    outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   8.166 +    cout << "message created.\n";
   8.167 +
   8.168 +    encrypted_outgoing_msg = NULL;
   8.169 +    message* decrypted_msg = NULL;
   8.170 +
   8.171 +    cout << endl << "---------------------------------------------------------" << endl;
   8.172 +    cout << "2b. Encrypt message for recip whose key has been externally revoked in the keyring, not the app." << endl;
   8.173 +    cout << "---------------------------------------------------------" << endl << endl;
   8.174 +
   8.175 +    status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   8.176 +    cout << "Encryption returns with status " << tl_status_string(status) << endl;
   8.177 +
   8.178 +    PEP_comm_type ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   8.179 +
   8.180 +    cout << endl << "---------------------------------------------------------" << endl;
   8.181 +    cout << "2c. Check trust of recip, whose only key has been revoked, once an encryption attempt has been made." << endl;
   8.182 +    cout << "---------------------------------------------------------" << endl << endl;
   8.183 +
   8.184 +    // check comm_type
   8.185 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   8.186 +    assert(ct == PEP_ct_key_revoked);
   8.187 +    
   8.188 +    status = get_trust(session, recip1);
   8.189 +
   8.190 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   8.191 +    assert(recip1->comm_type == PEP_ct_key_revoked);
   8.192 +
   8.193 +    cout << endl << "---------------------------------------------------------" << endl;
   8.194 +    cout << "2d. Try to decrypt message that was encrypted for revoked key guy." << endl;
   8.195 +    cout << "---------------------------------------------------------" << endl << endl;
   8.196 +    // decrypt message
   8.197 +//    free_message(outgoing_msg);
   8.198 +//    outgoing_msg = NULL;
   8.199 +    // FIXME: Make this make more sense
   8.200 +    status = decrypt_message(session, outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   8.201 +    cout << "Decryption returns with status " << tl_status_string(status) << endl;
   8.202 +    assert(status == PEP_UNENCRYPTED);
   8.203 +    
   8.204 +    // check rating
   8.205 +    cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   8.206 +    assert(rating == PEP_rating_unencrypted);
   8.207 +
   8.208 +    ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   8.209 +
   8.210 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   8.211 +    assert(ct == PEP_ct_key_revoked);
   8.212 +    
   8.213 +    status = get_trust(session, recip1);
   8.214 +    
   8.215 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   8.216 +    assert(recip1->comm_type == PEP_ct_key_revoked);
   8.217 +
   8.218 +    free_message(encrypted_outgoing_msg);
   8.219 +    free_message(decrypted_msg);
   8.220 +    free_message(outgoing_msg);
   8.221 +    outgoing_msg = NULL;
   8.222 +    decrypted_msg = NULL;
   8.223 +    encrypted_outgoing_msg = NULL;
   8.224 +
   8.225 +    cout << endl << "---------------------------------------------------------" << endl;
   8.226 +    cout << "3a. Generate new key, but don't explicitly trust it." << endl;
   8.227 +    cout << "---------------------------------------------------------" << endl << endl;
   8.228 +
   8.229 +    // now: generate new key
   8.230 +    free(recip1->fpr);
   8.231 +    recip1->fpr = NULL;
   8.232 +    status = generate_keypair(session, recip1);
   8.233 +    
   8.234 +    cout << "Generated fingerprint \n";
   8.235 +    cout << recip1->fpr << "\n";
   8.236 +    fprs[1] = strdup(recip1->fpr);
   8.237 +
   8.238 +    // try again
   8.239 +    cout << endl << "---------------------------------------------------------" << endl;
   8.240 +    cout << "3b. Try to send something to the email address of our revoked friend, make sure a new key is used to encrypt." << endl;
   8.241 +    cout << "---------------------------------------------------------" << endl << endl;
   8.242 +    
   8.243 +    // encrypt something to the key
   8.244 +    cout << "Creating message…\n";
   8.245 +    to_list = new_identity_list(identity_dup(recip1)); // to bob
   8.246 +    outgoing_msg = new_message(PEP_dir_outgoing);
   8.247 +    assert(outgoing_msg);
   8.248 +    outgoing_msg->from = identity_dup(me);
   8.249 +    outgoing_msg->to = to_list;
   8.250 +    outgoing_msg->shortmsg = strdup("Greetings, humans!");
   8.251 +    outgoing_msg->longmsg = strdup("This is a test of the emergency message system. This is only a test. BEEP.");
   8.252 +    outgoing_msg->attachments = new_bloblist(NULL, 0, "application/octet-stream", NULL);
   8.253 +    cout << "Message created.\n";
   8.254 +
   8.255 +    status = encrypt_message(session, outgoing_msg, NULL, &encrypted_outgoing_msg, PEP_enc_PGP_MIME, 0);
   8.256 +
   8.257 +    ct = (encrypted_outgoing_msg ? encrypted_outgoing_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   8.258 +
   8.259 +    // CHECK STATUS???
   8.260 +    cout << "Encryption returns with status " << tl_status_string(status) << endl;
   8.261 +
   8.262 +    // check comm_type
   8.263 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   8.264 +    assert(ct == PEP_ct_OpenPGP_unconfirmed);
   8.265 +    
   8.266 +    status = get_trust(session, recip1);
   8.267 +
   8.268 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   8.269 +    assert(recip1->comm_type == PEP_ct_OpenPGP_unconfirmed);
   8.270 +
   8.271 +    // decrypt message
   8.272 +//    free_message(outgoing_msg);
   8.273 +//    outgoing_msg = NULL;
   8.274 +
   8.275 +    cout << endl << "---------------------------------------------------------" << endl;
   8.276 +    cout << "3c. Decrypt... that... message!" << endl;
   8.277 +    cout << "---------------------------------------------------------" << endl << endl;
   8.278 +
   8.279 +
   8.280 +    status = decrypt_message(session, encrypted_outgoing_msg, &decrypted_msg, &keylist, &rating, &flags);
   8.281 +    cout << "Decryption returns with status " << tl_status_string(status) << endl;
   8.282 +    assert(status == PEP_STATUS_OK);
   8.283 +
   8.284 +    // check rating
   8.285 +    cout << "Rating of decrypted message to trusted recip: " << tl_rating_string(rating) << endl;
   8.286 +    assert(rating == PEP_rating_reliable);
   8.287 +
   8.288 +    ct = (decrypted_msg ? decrypted_msg->to->ident->comm_type : outgoing_msg->to->ident->comm_type);
   8.289 +
   8.290 +    cout << "comm_type: " << tl_ct_string(ct) << endl;
   8.291 +    assert(ct == PEP_ct_OpenPGP_unconfirmed);
   8.292 +    
   8.293 +    status = get_trust(session, recip1);
   8.294 +    
   8.295 +    cout << "Recip's trust DB comm_type = " << hex << tl_ct_string(recip1->comm_type) << endl;
   8.296 +    assert(recip1->comm_type == PEP_ct_OpenPGP_unconfirmed);
   8.297 +
   8.298 +    free_message(encrypted_outgoing_msg);
   8.299 +    free_message(decrypted_msg);
   8.300 +    free_message(outgoing_msg);
   8.301 +    outgoing_msg = NULL;
   8.302 +    decrypted_msg = NULL;
   8.303 +    encrypted_outgoing_msg = NULL;
   8.304 +
   8.305 +    free_identity(me);
   8.306 +    free_identity(recip1);
   8.307 +    free(uniqname);
   8.308 +    
   8.309 +    delete_keypair(session, fprs[0]);    
   8.310 +    delete_keypair(session, fprs[1]);
   8.311 +    
   8.312 +    free(fprs[0]);
   8.313 +    free(fprs[1]);
   8.314 +    
   8.315 +#else
   8.316 +    cout << "Sorry, test is not defined for NETPGP at this time." << endl;
   8.317 +    
   8.318 +#endif
   8.319 +    
   8.320 +    release(session);
   8.321 +
   8.322 +    return 0;
   8.323 +}
     9.1 --- a/test/test_util.cc	Mon May 29 16:32:24 2017 +0200
     9.2 +++ b/test/test_util.cc	Thu Jun 01 19:57:30 2017 +0200
     9.3 @@ -1,4 +1,6 @@
     9.4  #include "pEpEngine_test.h"
     9.5 +#include "pEpEngine.h"
     9.6 +#include "message_api.h"
     9.7  #include <fstream>
     9.8  #include <sstream>
     9.9  #include <stdexcept>
    9.10 @@ -15,3 +17,237 @@
    9.11  	sstr << input.rdbuf();
    9.12  	return sstr.str();
    9.13  }
    9.14 +
    9.15 +const char* tl_status_string(PEP_STATUS status) {
    9.16 +    switch (status) {
    9.17 +        case PEP_STATUS_OK:
    9.18 +            return "PEP_STATUS_OK";
    9.19 +        case PEP_INIT_CANNOT_LOAD_GPGME:
    9.20 +            return "PEP_INIT_CANNOT_LOAD_GPGME";
    9.21 +        case PEP_INIT_GPGME_INIT_FAILED:
    9.22 +            return "PEP_INIT_GPGME_INIT_FAILED";
    9.23 +        case PEP_INIT_NO_GPG_HOME:
    9.24 +            return "PEP_INIT_NO_GPG_HOME";
    9.25 +        case PEP_INIT_NETPGP_INIT_FAILED:
    9.26 +            return "PEP_INIT_NETPGP_INIT_FAILED";
    9.27 +        case PEP_INIT_SQLITE3_WITHOUT_MUTEX:
    9.28 +            return "PEP_INIT_SQLITE3_WITHOUT_MUTEX";
    9.29 +        case PEP_INIT_CANNOT_OPEN_DB:
    9.30 +            return "PEP_INIT_CANNOT_OPEN_DB";
    9.31 +        case PEP_INIT_CANNOT_OPEN_SYSTEM_DB:
    9.32 +            return "PEP_INIT_CANNOT_OPEN_SYSTEM_DB";
    9.33 +        case PEP_KEY_NOT_FOUND:
    9.34 +            return "PEP_KEY_NOT_FOUND";
    9.35 +        case PEP_KEY_HAS_AMBIG_NAME:
    9.36 +            return "PEP_KEY_HAS_AMBIG_NAME";
    9.37 +        case PEP_GET_KEY_FAILED:
    9.38 +            return "PEP_GET_KEY_FAILED";
    9.39 +        case PEP_CANNOT_EXPORT_KEY:
    9.40 +            return "PEP_CANNOT_EXPORT_KEY";
    9.41 +        case PEP_CANNOT_EDIT_KEY:
    9.42 +            return "PEP_CANNOT_EDIT_KEY";
    9.43 +        case PEP_CANNOT_FIND_IDENTITY:
    9.44 +            return "PEP_CANNOT_FIND_IDENTITY";
    9.45 +        case PEP_CANNOT_SET_PERSON:
    9.46 +            return "PEP_CANNOT_SET_PERSON";
    9.47 +        case PEP_CANNOT_SET_PGP_KEYPAIR:
    9.48 +            return "PEP_CANNOT_SET_PGP_KEYPAIR";
    9.49 +        case PEP_CANNOT_SET_IDENTITY:
    9.50 +            return "PEP_CANNOT_SET_IDENTITY";
    9.51 +        case PEP_CANNOT_SET_TRUST:
    9.52 +            return "PEP_CANNOT_SET_TRUST";
    9.53 +        case PEP_KEY_BLACKLISTED:
    9.54 +            return "PEP_KEY_BLACKLISTED";
    9.55 +        case PEP_UNENCRYPTED:
    9.56 +            return "PEP_UNENCRYPTED";
    9.57 +        case PEP_VERIFIED:
    9.58 +            return "PEP_VERIFIED";
    9.59 +        case PEP_DECRYPTED:
    9.60 +            return "PEP_DECRYPTED";
    9.61 +        case PEP_DECRYPTED_AND_VERIFIED:
    9.62 +            return "PEP_DECRYPTED_AND_VERIFIED";
    9.63 +        case PEP_DECRYPT_WRONG_FORMAT:
    9.64 +            return "PEP_DECRYPT_WRONG_FORMAT";
    9.65 +        case PEP_DECRYPT_NO_KEY:
    9.66 +            return "PEP_DECRYPT_NO_KEY";
    9.67 +        case PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH:
    9.68 +            return "PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH";
    9.69 +        case PEP_VERIFY_NO_KEY:
    9.70 +            return "PEP_VERIFY_NO_KEY";
    9.71 +        case PEP_VERIFIED_AND_TRUSTED:
    9.72 +            return "PEP_VERIFIED_AND_TRUSTED";
    9.73 +        case PEP_CANNOT_DECRYPT_UNKNOWN:
    9.74 +            return "PEP_CANNOT_DECRYPT_UNKNOWN";
    9.75 +        case PEP_TRUSTWORD_NOT_FOUND:
    9.76 +            return "PEP_TRUSTWORD_NOT_FOUND";
    9.77 +        case PEP_TRUSTWORDS_FPR_WRONG_LENGTH:
    9.78 +            return "PEP_TRUSTWORDS_FPR_WRONG_LENGTH";
    9.79 +        case PEP_CANNOT_CREATE_KEY:
    9.80 +            return "PEP_CANNOT_CREATE_KEY";
    9.81 +        case PEP_CANNOT_SEND_KEY:
    9.82 +            return "PEP_CANNOT_SEND_KEY";
    9.83 +        case PEP_PHRASE_NOT_FOUND:
    9.84 +            return "PEP_PHRASE_NOT_FOUND";
    9.85 +        case PEP_SEND_FUNCTION_NOT_REGISTERED:
    9.86 +            return "PEP_SEND_FUNCTION_NOT_REGISTERED";
    9.87 +        case PEP_CONTRAINTS_VIOLATED:
    9.88 +            return "PEP_CONTRAINTS_VIOLATED";
    9.89 +        case PEP_CANNOT_ENCODE:
    9.90 +            return "PEP_CANNOT_ENCODE";
    9.91 +        case PEP_SYNC_NO_NOTIFY_CALLBACK:
    9.92 +            return "PEP_SYNC_NO_NOTIFY_CALLBACK";
    9.93 +        case PEP_SYNC_ILLEGAL_MESSAGE:
    9.94 +            return "PEP_SYNC_ILLEGAL_MESSAGE";
    9.95 +        case PEP_SYNC_NO_INJECT_CALLBACK:
    9.96 +            return "PEP_SYNC_NO_INJECT_CALLBACK";
    9.97 +        case PEP_SEQUENCE_VIOLATED:
    9.98 +            return "PEP_SEQUENCE_VIOLATED";
    9.99 +        case PEP_CANNOT_INCREASE_SEQUENCE:
   9.100 +            return "PEP_CANNOT_INCREASE_SEQUENCE";
   9.101 +        case PEP_CANNOT_SET_SEQUENCE_VALUE:
   9.102 +            return "PEP_CANNOT_SET_SEQUENCE_VALUE";
   9.103 +        case PEP_OWN_SEQUENCE:
   9.104 +            return "PEP_OWN_SEQUENCE";
   9.105 +        case PEP_SYNC_STATEMACHINE_ERROR:
   9.106 +            return "PEP_SYNC_STATEMACHINE_ERROR";
   9.107 +        case PEP_SYNC_NO_TRUST:
   9.108 +            return "PEP_SYNC_NO_TRUST";
   9.109 +        case PEP_STATEMACHINE_INVALID_STATE:
   9.110 +            return "PEP_STATEMACHINE_INVALID_STATE";
   9.111 +        case PEP_STATEMACHINE_INVALID_EVENT:
   9.112 +            return "PEP_STATEMACHINE_INVALID_EVENT";
   9.113 +        case PEP_STATEMACHINE_INVALID_CONDITION:
   9.114 +            return "PEP_STATEMACHINE_INVALID_CONDITION";
   9.115 +        case PEP_STATEMACHINE_INVALID_ACTION:
   9.116 +            return "PEP_STATEMACHINE_INVALID_ACTION";
   9.117 +        case PEP_STATEMACHINE_INHIBITED_EVENT:
   9.118 +            return "PEP_STATEMACHINE_INHIBITED_EVENT";
   9.119 +        case PEP_COMMIT_FAILED:
   9.120 +            return "PEP_COMMIT_FAILED";
   9.121 +        case PEP_MESSAGE_CONSUME:
   9.122 +            return "PEP_MESSAGE_CONSUME";
   9.123 +        case PEP_MESSAGE_IGNORE:
   9.124 +            return "PEP_MESSAGE_IGNORE";
   9.125 +        case PEP_RECORD_NOT_FOUND:
   9.126 +            return "PEP_RECORD_NOT_FOUND";
   9.127 +        case PEP_CANNOT_CREATE_TEMP_FILE:
   9.128 +            return "PEP_CANNOT_CREATE_TEMP_FILE";
   9.129 +        case PEP_ILLEGAL_VALUE:
   9.130 +            return "PEP_ILLEGAL_VALUE";
   9.131 +        case PEP_BUFFER_TOO_SMALL:
   9.132 +            return "PEP_BUFFER_TOO_SMALL";
   9.133 +        case PEP_OUT_OF_MEMORY:
   9.134 +            return "PEP_OUT_OF_MEMORY";
   9.135 +        case PEP_UNKNOWN_ERROR:
   9.136 +            return "PEP_UNKNOWN_ERROR";
   9.137 +        default:
   9.138 +            return "PEP_STATUS_OMGWTFBBQ - This means you're using a status the test lib doesn't know about!";
   9.139 +    }
   9.140 +}
   9.141 +const char* tl_rating_string(PEP_rating rating) {
   9.142 +    switch (rating) {
   9.143 +        case PEP_rating_undefined:
   9.144 +            return "PEP_rating_undefined";
   9.145 +        case PEP_rating_cannot_decrypt:
   9.146 +            return "PEP_rating_cannot_decrypt";
   9.147 +        case PEP_rating_have_no_key:
   9.148 +            return "PEP_rating_have_no_key";
   9.149 +        case PEP_rating_unencrypted:
   9.150 +            return "PEP_rating_unencrypted";
   9.151 +        case PEP_rating_unencrypted_for_some:
   9.152 +            return "PEP_rating_unencrypted_for_some";
   9.153 +        case PEP_rating_unreliable:
   9.154 +            return "PEP_rating_unreliable";
   9.155 +        case PEP_rating_reliable:
   9.156 +            return "PEP_rating_reliable";
   9.157 +        case PEP_rating_trusted:
   9.158 +            return "PEP_rating_trusted";
   9.159 +        case PEP_rating_trusted_and_anonymized:
   9.160 +            return "PEP_rating_trusted_and_anonymized";
   9.161 +        case PEP_rating_fully_anonymous:
   9.162 +            return "PEP_rating_fully_anonymous";
   9.163 +        case PEP_rating_mistrust:
   9.164 +            return "PEP_rating_mistrust";
   9.165 +        case PEP_rating_b0rken:
   9.166 +            return "PEP_rating_b0rken";
   9.167 +        case PEP_rating_under_attack:
   9.168 +            return "PEP_rating_under_attack";
   9.169 +        default:
   9.170 +            return "PEP_rating_OMGWTFBBQ - in other words, INVALID RATING VALUE!!!\n\nSomething bad is going on here, or a new rating value has been added to the enum and not the test function.";
   9.171 +    }
   9.172 +}
   9.173 +
   9.174 +const char* tl_ct_string(PEP_comm_type ct) {
   9.175 +    switch (ct) {
   9.176 +        case PEP_ct_unknown:
   9.177 +            return "PEP_ct_unknown";
   9.178 +        case PEP_ct_no_encryption:
   9.179 +            return "PEP_ct_no_encryption";
   9.180 +        case PEP_ct_no_encrypted_channel:
   9.181 +            return "PEP_ct_no_encrypted_channel";
   9.182 +        case PEP_ct_key_not_found:
   9.183 +            return "PEP_ct_key_not_found";
   9.184 +        case PEP_ct_key_expired:
   9.185 +            return "PEP_ct_key_expired";
   9.186 +        case PEP_ct_key_revoked:
   9.187 +            return "PEP_ct_key_revoked";
   9.188 +        case PEP_ct_key_b0rken:
   9.189 +            return "PEP_ct_key_b0rken";
   9.190 +        case PEP_ct_my_key_not_included:
   9.191 +            return "PEP_ct_my_key_not_included";
   9.192 +        case PEP_ct_security_by_obscurity:
   9.193 +            return "PEP_ct_security_by_obscurity";
   9.194 +        case PEP_ct_b0rken_crypto:
   9.195 +            return "PEP_ct_b0rken_crypto";
   9.196 +        case PEP_ct_key_too_short:
   9.197 +            return "PEP_ct_key_too_short";
   9.198 +        case PEP_ct_compromized:
   9.199 +            return "PEP_ct_compromized";
   9.200 +        case PEP_ct_mistrusted:
   9.201 +            return "PEP_ct_mistrusted";
   9.202 +        case PEP_ct_unconfirmed_encryption:
   9.203 +            return "PEP_ct_unconfirmed_encryption";
   9.204 +        case PEP_ct_OpenPGP_weak_unconfirmed:
   9.205 +            return "PEP_ct_OpenPGP_weak_unconfirmed";
   9.206 +        case PEP_ct_to_be_checked:
   9.207 +            return "PEP_ct_to_be_checked";
   9.208 +        case PEP_ct_SMIME_unconfirmed:
   9.209 +            return "PEP_ct_SMIME_unconfirmed";
   9.210 +        case PEP_ct_CMS_unconfirmed:
   9.211 +            return "PEP_ct_CMS_unconfirmed";
   9.212 +        case PEP_ct_strong_but_unconfirmed:
   9.213 +            return "PEP_ct_strong_but_unconfirmed";
   9.214 +        case PEP_ct_OpenPGP_unconfirmed:
   9.215 +            return "PEP_ct_OpenPGP_unconfirmed";
   9.216 +        case PEP_ct_OTR_unconfirmed:
   9.217 +            return "PEP_ct_OTR_unconfirmed";
   9.218 +        case PEP_ct_unconfirmed_enc_anon:
   9.219 +            return "PEP_ct_unconfirmed_enc_anon";
   9.220 +        case PEP_ct_pEp_unconfirmed:
   9.221 +            return "PEP_ct_pEp_unconfirmed";
   9.222 +        case PEP_ct_confirmed:
   9.223 +            return "PEP_ct_pEp_confirmed";
   9.224 +        case PEP_ct_confirmed_encryption:
   9.225 +            return "PEP_ct_confirmed_encryption";
   9.226 +        case PEP_ct_OpenPGP_weak:
   9.227 +            return "PEP_ct_OpenPGP_weak";
   9.228 +        case PEP_ct_to_be_checked_confirmed:
   9.229 +            return "PEP_ct_to_be_checked_confirmed";
   9.230 +        case PEP_ct_SMIME:
   9.231 +            return "PEP_ct_SMIME";
   9.232 +        case PEP_ct_CMS:
   9.233 +            return "PEP_ct_CMS";
   9.234 +        case PEP_ct_strong_encryption:
   9.235 +            return "PEP_ct_strong_encryption";
   9.236 +        case PEP_ct_OpenPGP:
   9.237 +            return "PEP_ct_OpenPGP";
   9.238 +        case PEP_ct_OTR:
   9.239 +            return "PEP_ct_OTR";
   9.240 +        case PEP_ct_confirmed_enc_anon:
   9.241 +            return "PEP_ct_confirmed_enc_anon";
   9.242 +        case PEP_ct_pEp:
   9.243 +            return "PEP_ct_pEp";
   9.244 +        default:
   9.245 +            return "PEP_ct_OMGWTFBBQ\n\nIn other words, comm type is invalid. Either something's corrupt or a new ct value has been added to the enum but not to the test function.";
   9.246 +    }
   9.247 +}
    10.1 --- a/test/test_util.h	Mon May 29 16:32:24 2017 +0200
    10.2 +++ b/test/test_util.h	Thu Jun 01 19:57:30 2017 +0200
    10.3 @@ -1,5 +1,16 @@
    10.4  #include <string>
    10.5 +#include "pEpEngine.h"
    10.6 +#include "message_api.h"
    10.7  
    10.8  // reads a whole file and returns it as std::string
    10.9  // throws std::runtime_error() if the file cannot be read. Empty file is not an error.
   10.10  std::string slurp(const std::string& filename);
   10.11 +
   10.12 +// Returns the string value of the input rating enum value. 
   10.13 +const char* tl_rating_string(PEP_rating rating);
   10.14 +
   10.15 +// Returns the string value of the input comm_type enum value. 
   10.16 +const char* tl_ct_string(PEP_comm_type ct);
   10.17 +
   10.18 +// Returns the string value of the input status enum value. 
   10.19 +const char* tl_status_string(PEP_STATUS status);