ENGINE-155: merged in default ENGINE-155
authorKrista Grothoff <krista@pep-project.org>
Wed, 21 Dec 2016 08:44:39 +0100
branchENGINE-155
changeset 1530184b8fde20cc
parent 1498 f726362229d8
parent 1506 fc7d96185247
child 1531 262db6c39241
child 1532 924a0487139e
ENGINE-155: merged in default
     1.1 --- a/src/bloblist.c	Tue Dec 20 11:21:35 2016 +0100
     1.2 +++ b/src/bloblist.c	Wed Dec 21 08:44:39 2016 +0100
     1.3 @@ -165,16 +165,3 @@
     1.4  
     1.5      return len;
     1.6  }
     1.7 -
     1.8 -bloblist_t* consume_bloblist_head(bloblist_t *bloblist_head) {
     1.9 -    if (!bloblist_head)
    1.10 -        return NULL;
    1.11 -
    1.12 -    bloblist_t* next = bloblist_head->next;
    1.13 -
    1.14 -    free(bloblist_head->mime_type);
    1.15 -    free(bloblist_head->filename);
    1.16 -    free(bloblist_head);
    1.17 -
    1.18 -    return next;
    1.19 -}
     2.1 --- a/src/bloblist.h	Tue Dec 20 11:21:35 2016 +0100
     2.2 +++ b/src/bloblist.h	Wed Dec 21 08:44:39 2016 +0100
     2.3 @@ -91,18 +91,6 @@
     2.4  
     2.5  DYNAMIC_API int bloblist_length(const bloblist_t *bloblist);
     2.6  
     2.7 -// consume_bloblist_head() - internal function to delete head of the bloblist
     2.8 -//
     2.9 -//  parameters:
    2.10 -//      bloblist (in)   bloblist to delete head from
    2.11 -//
    2.12 -//  return value:
    2.13 -//      new head of the bloblist 
    2.14 -//
    2.15 -
    2.16 -bloblist_t* consume_bloblist_head(bloblist_t *bloblist_head);
    2.17 -
    2.18 -
    2.19  #ifdef __cplusplus
    2.20  }
    2.21  #endif
     3.1 --- a/src/keymanagement.c	Tue Dec 20 11:21:35 2016 +0100
     3.2 +++ b/src/keymanagement.c	Wed Dec 21 08:44:39 2016 +0100
     3.3 @@ -127,48 +127,71 @@
     3.4      if (status == PEP_OUT_OF_MEMORY)
     3.5          goto exit_free;
     3.6  
     3.7 -    /* We elect a pubkey first in case there's no acceptable stored fpr */
     3.8      temp_id = identity_dup(identity);
     3.9      
    3.10 -    status = elect_pubkey(session, temp_id);
    3.11 -    if (status != PEP_STATUS_OK)
    3.12 -        goto exit_free;
    3.13 +    /* We don't take given fpr. 
    3.14 +       In case there's no acceptable stored fpr, it will be elected. */
    3.15 +    free(temp_id->fpr);
    3.16 +    temp_id->fpr = NULL;
    3.17 +    temp_id->comm_type = PEP_ct_unknown;
    3.18 +            
    3.19 +    if (stored_identity) {
    3.20          
    3.21 -    if (stored_identity) {
    3.22 -        PEP_comm_type _comm_type_key;
    3.23 -        
    3.24 -        bool dont_use_fpr = true;
    3.25 +        bool dont_use_stored_fpr = true;
    3.26  
    3.27          /* if we have a stored_identity fpr */
    3.28 -        if (!EMPTYSTR(stored_identity->fpr) && !EMPTYSTR(temp_id->fpr)) {
    3.29 -            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_fpr);
    3.30 +        if (!EMPTYSTR(stored_identity->fpr)) {
    3.31 +            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    3.32              if (status != PEP_STATUS_OK)
    3.33 -                dont_use_fpr = true; 
    3.34 +                dont_use_stored_fpr = true; 
    3.35          }
    3.36              
    3.37  
    3.38 -        if (!dont_use_fpr) {
    3.39 -            free(temp_id->fpr);
    3.40 -            temp_id->fpr = strdup(stored_identity->fpr);
    3.41 -            assert(temp_id->fpr);
    3.42 -            if (temp_id->fpr == NULL) {
    3.43 -                status = PEP_OUT_OF_MEMORY;
    3.44 +        if (!dont_use_stored_fpr) {
    3.45 +            /* Check stored comm_type */
    3.46 +            PEP_comm_type _comm_type_key;
    3.47 +            status = get_key_rating(session, stored_identity->fpr, &_comm_type_key);
    3.48 +            assert(status != PEP_OUT_OF_MEMORY);
    3.49 +            if (status == PEP_OUT_OF_MEMORY) {
    3.50                  goto exit_free;
    3.51              }
    3.52 -        }
    3.53 -        else if (!EMPTYSTR(temp_id->fpr)) {
    3.54 -            status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
    3.55 -            if (dont_use_fpr) {
    3.56 -                free(temp_id->fpr);
    3.57 -                temp_id->fpr = strdup("");
    3.58 -            }
    3.59 -            else {
    3.60 -                _did_elect_new_key = 1;
    3.61 +            if (status == PEP_KEY_NOT_FOUND){
    3.62 +                /* stored key was deleted from keyring. any other candidate ?*/
    3.63 +                status = elect_pubkey(session, temp_id);
    3.64 +                if (status != PEP_STATUS_OK) {
    3.65 +                    goto exit_free;
    3.66 +                } else {
    3.67 +                    _did_elect_new_key = 1;
    3.68 +                }
    3.69 +            } else {
    3.70 +                temp_id->fpr = strdup(stored_identity->fpr);
    3.71 +                assert(temp_id->fpr);
    3.72 +                if (temp_id->fpr == NULL) {
    3.73 +                    status = PEP_OUT_OF_MEMORY;
    3.74 +                    goto exit_free;
    3.75 +                }
    3.76 +
    3.77 +                if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
    3.78 +                    /* if key not good anymore, 
    3.79 +                       downgrade eventually trusted comm_type */
    3.80 +                    temp_id->comm_type = _comm_type_key;
    3.81 +                } else {
    3.82 +                    /* otherwise take stored comm_type as-is */
    3.83 +                    temp_id->comm_type = stored_identity->comm_type;
    3.84 +                    if (temp_id->comm_type == PEP_ct_unknown) {
    3.85 +                        /* except if unknown */
    3.86 +                        temp_id->comm_type = _comm_type_key;
    3.87 +                    }
    3.88 +                }
    3.89              }
    3.90          }
    3.91          else {
    3.92 -            if (temp_id->fpr == NULL)
    3.93 -                temp_id->fpr = strdup("");
    3.94 +            status = elect_pubkey(session, temp_id);
    3.95 +            if (status != PEP_STATUS_OK){
    3.96 +                goto exit_free;
    3.97 +            } else {
    3.98 +                _did_elect_new_key = 1;
    3.99 +            }
   3.100          }
   3.101          
   3.102          /* ok, from here on out, use temp_id */
   3.103 @@ -176,22 +199,9 @@
   3.104          
   3.105          /* At this point, we either have a non-blacklisted fpr we can work */
   3.106          /* with, or we've got nada.                                        */        
   3.107 -        if (!EMPTYSTR(temp_id->fpr)) {
   3.108 -            status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
   3.109 -            assert(status != PEP_OUT_OF_MEMORY);
   3.110 -            if (status == PEP_OUT_OF_MEMORY)
   3.111 -                goto exit_free;
   3.112 -            if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
   3.113 -                temp_id->comm_type = _comm_type_key;
   3.114 -            } else{
   3.115 -                temp_id->comm_type = stored_identity->comm_type;
   3.116 -                if (temp_id->comm_type == PEP_ct_unknown) {
   3.117 -                    temp_id->comm_type = _comm_type_key;
   3.118 -                }
   3.119 -            }
   3.120 -        }
   3.121 -        else {
   3.122 -            /* Set comm_type accordingly */
   3.123 +
   3.124 +        if (EMPTYSTR(temp_id->fpr)) {
   3.125 +            /* nada : set comm_type accordingly */
   3.126              temp_id->comm_type = PEP_ct_key_not_found;
   3.127          }
   3.128          
   3.129 @@ -216,40 +226,35 @@
   3.130      else /* stored_identity == NULL */ {
   3.131          temp_id->flags = 0;
   3.132  
   3.133 -        /* Work with the elected key from above */
   3.134 +        /* We elect a pubkey */
   3.135 +        status = elect_pubkey(session, temp_id);
   3.136 +        if (status != PEP_STATUS_OK)
   3.137 +            goto exit_free;
   3.138 +        
   3.139 +        /* Work with the elected key */
   3.140          if (!EMPTYSTR(temp_id->fpr)) {
   3.141              
   3.142 -            bool dont_use_fpr = true;
   3.143 -            status = blacklist_is_listed(session, temp_id->fpr, &dont_use_fpr);
   3.144 -            if (status != PEP_STATUS_OK)
   3.145 -                dont_use_fpr = true; 
   3.146 +            PEP_comm_type _comm_type_key = temp_id->comm_type;
   3.147 +            
   3.148 +            _did_elect_new_key = 1;
   3.149  
   3.150 -            if (!dont_use_fpr) {
   3.151 -                PEP_comm_type _comm_type_key;
   3.152 -                
   3.153 -                // We don't want to lose a previous trust entry!!!
   3.154 -                status = get_trust(session, temp_id);
   3.155 +            // We don't want to lose a previous trust entry!!!
   3.156 +            status = get_trust(session, temp_id);
   3.157  
   3.158 -                bool has_trust_status = (status == PEP_STATUS_OK);
   3.159 -                
   3.160 -                status = get_key_rating(session, temp_id->fpr, &_comm_type_key);
   3.161 -            
   3.162 -                assert(status != PEP_OUT_OF_MEMORY);
   3.163 -                if (status == PEP_OUT_OF_MEMORY)
   3.164 -                    goto exit_free;
   3.165 +            bool has_trust_status = (status == PEP_STATUS_OK);
   3.166  
   3.167 -                if (!has_trust_status || _comm_type_key > temp_id->comm_type)
   3.168 -                    temp_id->comm_type = _comm_type_key;
   3.169 -            }
   3.170 -            else {
   3.171 -                free(temp_id->fpr);
   3.172 -                temp_id->fpr = strdup("");
   3.173 -            }
   3.174 +            if (!has_trust_status)
   3.175 +                temp_id->comm_type = _comm_type_key;
   3.176          }
   3.177      }
   3.178  
   3.179 -    if (temp_id->fpr == NULL)
   3.180 +    if (temp_id->fpr == NULL) {
   3.181          temp_id->fpr = strdup("");
   3.182 +        if (temp_id->fpr == NULL) {
   3.183 +            status = PEP_OUT_OF_MEMORY;
   3.184 +            goto exit_free;
   3.185 +        }
   3.186 +    }
   3.187      
   3.188      
   3.189      status = PEP_STATUS_OK;
     4.1 --- a/src/message_api.c	Tue Dec 20 11:21:35 2016 +0100
     4.2 +++ b/src/message_api.c	Wed Dec 21 08:44:39 2016 +0100
     4.3 @@ -1432,6 +1432,68 @@
     4.4      return PEP_STATUS_OK;
     4.5  }
     4.6  
     4.7 +PEP_STATUS combine_keylists(PEP_SESSION session, stringlist_t** verify_in, 
     4.8 +                            stringlist_t** keylist_in_out, 
     4.9 +                            pEp_identity* from) {
    4.10 +    
    4.11 +    if (!verify_in || !(*verify_in)) // this isn't really a problem.
    4.12 +        return PEP_STATUS_OK;
    4.13 +    
    4.14 +    stringlist_t* orig_verify = *verify_in;
    4.15 +    
    4.16 +    stringlist_t* verify_curr;
    4.17 +    stringlist_t* from_keys;
    4.18 +    
    4.19 +    /* FIXME: what to do if head needs to be null */
    4.20 +    PEP_STATUS status = find_keys(session, from->address, &from_keys);
    4.21 +    
    4.22 +    stringlist_t* from_fpr_node = NULL;
    4.23 +    stringlist_t* from_curr;
    4.24 +    
    4.25 +    for (from_curr = from_keys; from_curr; from_curr = from_curr->next) {
    4.26 +        for (verify_curr = orig_verify; verify_curr; verify_curr = verify_curr->next) {
    4.27 +            if (from_curr->value && verify_curr->value &&
    4.28 +                strcasecmp(from_curr->value, verify_curr->value) == 0) {
    4.29 +                from_fpr_node = from_curr;
    4.30 +                break;
    4.31 +            }
    4.32 +        }
    4.33 +    }
    4.34 +    
    4.35 +    if (!from_fpr_node) {
    4.36 +        status = PEP_KEY_NOT_FOUND;
    4.37 +        goto free;
    4.38 +    }
    4.39 +
    4.40 +    verify_curr = orig_verify;
    4.41 +    
    4.42 +    /* put "from" signer at the beginning of the list */
    4.43 +    if (strcasecmp(orig_verify->value, from_fpr_node->value) != 0) {
    4.44 +        orig_verify = stringlist_delete(orig_verify, from_fpr_node->value);
    4.45 +        verify_curr = new_stringlist(from_fpr_node->value);
    4.46 +        verify_curr->next = orig_verify;
    4.47 +    }
    4.48 +
    4.49 +    /* append keylist to signers */
    4.50 +    if (keylist_in_out && *keylist_in_out && (*keylist_in_out)->value) {
    4.51 +        stringlist_t** tail_pp = &verify_curr->next;
    4.52 +        
    4.53 +        while (*tail_pp) {
    4.54 +            tail_pp = &((*tail_pp)->next);
    4.55 +        }
    4.56 +        *tail_pp = *keylist_in_out;
    4.57 +    }
    4.58 +    
    4.59 +    *keylist_in_out = verify_curr;
    4.60 +    
    4.61 +    status = PEP_STATUS_OK;
    4.62 +    
    4.63 +free:
    4.64 +    free_stringlist(from_keys);
    4.65 +    return status;    
    4.66 +}
    4.67 +
    4.68 +
    4.69  DYNAMIC_API PEP_STATUS _decrypt_message(
    4.70          PEP_SESSION session,
    4.71          message *src,
    4.72 @@ -1472,36 +1534,6 @@
    4.73      if(status != PEP_STATUS_OK)
    4.74          return status;
    4.75  
    4.76 -    // IF longmsg and longmsg_formatted are empty, we MAY have an encrypted body
    4.77 -    // that's an attachment instead.
    4.78 -    // Check for encryption stuck in the first 2 attachments instead of the body
    4.79 -    // (RFC3156)
    4.80 -    //
    4.81 -    // if (!src->longmsg && !src->longmsg_formatted) {
    4.82 -    //     bloblist_t* attached_head = src->attachments;
    4.83 -    //     if (attached_head && 
    4.84 -    //         strcasecmp(attached_head->mime_type, "application/pgp-encrypted") == 0) {
    4.85 -    //         bloblist_t* enc_att_txt = attached_head->next;
    4.86 -    //         if (enc_att_txt && 
    4.87 -    //             strcasecmp(enc_att_txt->mime_type, "application/octet-stream") == 0) {
    4.88 -    //             size_t enc_att_len = enc_att_txt->size;
    4.89 -    //             char* newlongmsg = calloc(1, enc_att_len + 1);
    4.90 -    //             if (newlongmsg == NULL)
    4.91 -    //                 goto enomem;
    4.92 -    // 
    4.93 -    //             memcpy(newlongmsg, enc_att_txt, enc_att_len);
    4.94 -    //             newlongmsg[enc_att_len] = '\0';
    4.95 -    // 
    4.96 -    //             src->longmsg = newlongmsg;
    4.97 -    // 
    4.98 -    //             // delete attachments here
    4.99 -    //             src->attachments = enc_att_txt->next;
   4.100 -    //             consume_bloblist_head(attached_head);
   4.101 -    //             consume_bloblist_head(attached_head);
   4.102 -    //         }
   4.103 -    //     }
   4.104 -    // }
   4.105 -
   4.106      // Get detached signature, if any
   4.107      bloblist_t* detached_sig = NULL;
   4.108      char* dsig_text = NULL;
   4.109 @@ -1537,6 +1569,36 @@
   4.110                      return status;
   4.111                  }
   4.112              }
   4.113 +            
   4.114 +            char* slong = src->longmsg;
   4.115 +            char* sform = src->longmsg_formatted;
   4.116 +            bloblist_t* satt = src->attachments;
   4.117 +                                    
   4.118 +            if ((!slong || slong[0] == '\0')
   4.119 +                 && (!sform || sform[0] == '\0')) {
   4.120 +                if (satt) {
   4.121 +                    const char* inner_mime_type = satt->mime_type;
   4.122 +                    if (strcasecmp(inner_mime_type, "text/plain") == 0) {
   4.123 +                        free(slong); /* in case of "" */
   4.124 +                        src->longmsg = strdup(satt->value);
   4.125 +                    
   4.126 +                        bloblist_t* next_node = satt->next;
   4.127 +                        if (next_node) {
   4.128 +                            inner_mime_type = next_node->mime_type;
   4.129 +                            if (strcasecmp(inner_mime_type, "text/html") == 0) {
   4.130 +                                free(sform);
   4.131 +                                src->longmsg_formatted = strdup(next_node->value);
   4.132 +                            }
   4.133 +                        }
   4.134 +                    }
   4.135 +                    else if (strcasecmp(inner_mime_type, "text/html") == 0) {
   4.136 +                        free(sform);
   4.137 +                        src->longmsg_formatted = strdup(satt->value);
   4.138 +                    }                    
   4.139 +                }
   4.140 +            }       
   4.141 +
   4.142 +            
   4.143              return PEP_UNENCRYPTED;
   4.144  
   4.145          case PEP_enc_PGP_MIME:
   4.146 @@ -1576,27 +1638,63 @@
   4.147              case PEP_enc_PGP_MIME:
   4.148                  status = mime_decode_message(ptext, psize, &msg);
   4.149                  if (status != PEP_STATUS_OK)
   4.150 -                    goto pep_error;
   4.151 -                status = _get_detached_signature(msg, &detached_sig);
   4.152 -                if (decrypt_status == PEP_DECRYPTED && detached_sig) {
   4.153 -                    dsig_text = detached_sig->value;
   4.154 -                    dsig_size = detached_sig->size;
   4.155 -                    size_t ssize = 0;
   4.156 -                    char* stext = NULL;
   4.157 +                    goto pep_error;                
   4.158 +                
   4.159 +                char* mlong = msg->longmsg;
   4.160 +                char* mform = msg->longmsg_formatted;
   4.161 +                bloblist_t* matt = msg->attachments;
   4.162 +                                        
   4.163 +                if ((!mlong || mlong[0] == '\0')
   4.164 +                     && (!mform || mform[0] == '\0')) {
   4.165 +                    if (matt) {
   4.166 +                        const char* inner_mime_type = matt->mime_type;
   4.167 +                        if (strcasecmp(inner_mime_type, "text/plain") == 0) {
   4.168 +                            free(mlong); /* in case of "" */
   4.169 +                            msg->longmsg = strdup(matt->value);
   4.170 +                        
   4.171 +                            bloblist_t* next_node = matt->next;
   4.172 +                            if (next_node) {
   4.173 +                                inner_mime_type = next_node->mime_type;
   4.174 +                                if (strcasecmp(inner_mime_type, "text/html") == 0) {
   4.175 +                                    free(mform);
   4.176 +                                    msg->longmsg_formatted = strdup(next_node->value);
   4.177 +                                }
   4.178 +                            }
   4.179 +                        }
   4.180 +                        else if (strcasecmp(inner_mime_type, "text/html") == 0) {
   4.181 +                            free(mform);
   4.182 +                            msg->longmsg_formatted = strdup(matt->value);
   4.183 +                        }                    
   4.184 +                    }
   4.185 +                    if (msg->shortmsg) {
   4.186 +                        free(src->shortmsg);
   4.187 +                        src->shortmsg = strdup(msg->shortmsg);
   4.188 +                    }
   4.189 +                }    
   4.190  
   4.191 -                    status = _get_signed_text(ptext, psize, &stext, &ssize);
   4.192 -                    stringlist_t *_verify_keylist = NULL;
   4.193 +                if (decrypt_status != PEP_DECRYPTED_AND_VERIFIED) {
   4.194 +                    status = _get_detached_signature(msg, &detached_sig);
   4.195 +                    if (decrypt_status == PEP_DECRYPTED && detached_sig) {
   4.196 +                        dsig_text = detached_sig->value;
   4.197 +                        dsig_size = detached_sig->size;
   4.198 +                        size_t ssize = 0;
   4.199 +                        char* stext = NULL;
   4.200  
   4.201 -                    if (ssize > 0 && stext) {
   4.202 -                        status = cryptotech[crypto].verify_text(session, stext,
   4.203 -                                                                ssize, dsig_text, dsig_size,
   4.204 -                                                                &_verify_keylist);
   4.205 +                        status = _get_signed_text(ptext, psize, &stext, &ssize);
   4.206 +                        stringlist_t *_verify_keylist = NULL;
   4.207  
   4.208 -                        if (status == PEP_VERIFIED || status == PEP_VERIFIED_AND_TRUSTED)
   4.209 -                            decrypt_status = PEP_DECRYPTED_AND_VERIFIED;
   4.210 +                        if (ssize > 0 && stext) {
   4.211 +                            status = cryptotech[crypto].verify_text(session, stext,
   4.212 +                                                                    ssize, dsig_text, dsig_size,
   4.213 +                                                                    &_verify_keylist);
   4.214 +
   4.215 +                            if (status == PEP_VERIFIED || status == PEP_VERIFIED_AND_TRUSTED)
   4.216 +                                decrypt_status = PEP_DECRYPTED_AND_VERIFIED;
   4.217 +                            
   4.218 +                                status = combine_keylists(session, &_verify_keylist, &_keylist, src->from);
   4.219 +                        }
   4.220                      }
   4.221                  }
   4.222 -
   4.223                  break;
   4.224  
   4.225              case PEP_enc_pieces:
   4.226 @@ -1633,7 +1731,7 @@
   4.227                          status = decrypt_and_verify(session, attctext, attcsize,
   4.228                                                      NULL, 0,
   4.229                                                      &ptext, &psize, &_keylist);
   4.230 -                        free_stringlist(_keylist);
   4.231 +                        free_stringlist(_keylist); // FIXME: Why do we do this?
   4.232  
   4.233                          if (ptext) {
   4.234                              if (is_encrypted_html_attachment(_s)) {
   4.235 @@ -1719,10 +1817,9 @@
   4.236                          goto enomem;
   4.237                  }
   4.238                  break;
   4.239 -
   4.240              default:
   4.241 -                // BUG: must implement more
   4.242 -                NOT_IMPLEMENTED
   4.243 +                    // BUG: must implement more
   4.244 +                    NOT_IMPLEMENTED
   4.245          }
   4.246  
   4.247          // check for private key in decrypted message attachement while inporting
     5.1 --- a/test/blacklist_accept_new_key_test.cc	Tue Dec 20 11:21:35 2016 +0100
     5.2 +++ b/test/blacklist_accept_new_key_test.cc	Wed Dec 21 08:44:39 2016 +0100
     5.3 @@ -86,10 +86,10 @@
     5.4      PEP_STATUS status13 = blacklist_delete(session, bl_fpr_1);
     5.5      PEP_STATUS status14 = update_identity(session, blacklisted_identity);
     5.6  
     5.7 +    status = delete_keypair(session, new_key);
     5.8 +    update_identity(session, blacklisted_identity);
     5.9      status = delete_keypair(session, bl_fpr_1);
    5.10      update_identity(session, blacklisted_identity);
    5.11 -    status = delete_keypair(session, new_key);
    5.12 -    update_identity(session, blacklisted_identity);
    5.13      
    5.14      free_message(msg_ptr);
    5.15      free_message(dest_msg);
     6.1 --- a/test/blacklist_test.cc	Tue Dec 20 11:21:35 2016 +0100
     6.2 +++ b/test/blacklist_test.cc	Wed Dec 21 08:44:39 2016 +0100
     6.3 @@ -118,21 +118,22 @@
     6.4      }
     6.5      infile2.close(); 
     6.6      
     6.7 -    PEP_STATUS status14 = import_key(session, keytext.c_str(), keytext.length(), NULL);
     6.8 +    PEP_STATUS status14 = import_key(session, keytext2.c_str(), keytext2.length(), NULL);
     6.9      
    6.10      pEp_identity* blacklisted_identity2 = new_identity("blacklistedkeys@kgrothoff.org",
    6.11                                                         bl_fpr_2,
    6.12                                                          NULL,
    6.13                                                         "Blacklist Keypair");
    6.14      PEP_STATUS status15 = update_identity(session, blacklisted_identity2);
    6.15 -    PEP_STATUS status12 = blacklist_delete(session, bl_fpr_1);
    6.16 -    PEP_STATUS status13 = update_identity(session, blacklisted_identity);
    6.17  
    6.18 -    if (strcmp(blacklisted_identity->fpr, bl_fpr_2))
    6.19 +    if (strcmp(blacklisted_identity->fpr, bl_fpr_2) == 0)
    6.20          cout << "blacklisted identity's fpr successfully replaced by the unblacklisted one" << endl;
    6.21      else
    6.22          cout << "blacklisted_identity->fpr should be " << bl_fpr_2 << " but is " << blacklisted_identity->fpr << endl;
    6.23 -            
    6.24 +    
    6.25 +    PEP_STATUS status12 = blacklist_delete(session, bl_fpr_1);
    6.26 +    PEP_STATUS status13 = update_identity(session, blacklisted_identity);
    6.27 +        
    6.28      pEp_identity* stored_identity = new_identity("blacklistedkeys@kgrothoff.org",
    6.29                                                    NULL,
    6.30                                                    blacklisted_identity->user_id,
    6.31 @@ -140,8 +141,7 @@
    6.32       
    6.33      PEP_STATUS status00 = update_identity(session, stored_identity);
    6.34      
    6.35 -    // Following should be true because bl_fpr_1's trust is set higher
    6.36 -    assert(stored_identity->comm_type == PEP_ct_pEp && (strcmp(stored_identity->fpr, bl_fpr_1) == 0));    
    6.37 +    assert(stored_identity->comm_type == PEP_ct_pEp);    
    6.38      
    6.39      PEP_STATUS status16 = delete_keypair(session, bl_fpr_1);
    6.40      update_identity(session, blacklisted_identity);