Got things working with the key_reset_own_with_revocatioins (or whatever it's called), main test is in, modified pgp_sequoia so that revocations are checked first, as otherwise, it determines they are expired based on capabilities key_reset_get_revocations
authorKrista 'DarthMama' Bennett <krista@pep.foundation>
Tue, 10 Dec 2019 17:53:24 +0100
branchkey_reset_get_revocations
changeset 4246587727826dc4
parent 4245 40ef37a1e806
child 4247 6bb362f1734e
Got things working with the key_reset_own_with_revocatioins (or whatever it's called), main test is in, modified pgp_sequoia so that revocations are checked first, as otherwise, it determines they are expired based on capabilities
src/key_reset.c
src/pgp_sequoia.c
test/src/KeyResetMessageTest.cc
     1.1 --- a/src/key_reset.c	Tue Dec 10 12:15:21 2019 +0100
     1.2 +++ b/src/key_reset.c	Tue Dec 10 17:53:24 2019 +0100
     1.3 @@ -556,7 +556,7 @@
     1.4                      status = myself(session, tmp_ident);
     1.5                  }
     1.6                  
     1.7 -                if (own_identities) {
     1.8 +                if (status == PEP_STATUS_OK && own_identities) {
     1.9                      if (!(*own_identities))
    1.10                          *own_identities = new_identity_list(NULL);
    1.11                      
    1.12 @@ -696,6 +696,7 @@
    1.13                  if (datasize > 0 && key_material)
    1.14                      stringlist_add(keydata, key_material);
    1.15              }
    1.16 +            curr_ident = curr_ident->next;
    1.17          }
    1.18      }
    1.19      
     2.1 --- a/src/pgp_sequoia.c	Tue Dec 10 12:15:21 2019 +0100
     2.2 +++ b/src/pgp_sequoia.c	Tue Dec 10 17:53:24 2019 +0100
     2.3 @@ -2842,6 +2842,14 @@
     2.4  
     2.5      *comm_type = PEP_ct_OpenPGP_unconfirmed;
     2.6  
     2.7 +    pgp_revocation_status_t rs = pgp_cert_revoked(cert, 0);
     2.8 +    pgp_revocation_status_variant_t rsv = pgp_revocation_status_variant(rs);
     2.9 +    pgp_revocation_status_free(rs);
    2.10 +    if (rsv == PGP_REVOCATION_STATUS_REVOKED) {
    2.11 +        *comm_type = PEP_ct_key_revoked;
    2.12 +        goto out;
    2.13 +    }
    2.14 +
    2.15      bool expired = false;
    2.16      
    2.17      // MUST guarantee the same behaviour.
    2.18 @@ -2857,13 +2865,6 @@
    2.19      //     goto out;
    2.20      // }
    2.21  
    2.22 -    pgp_revocation_status_t rs = pgp_cert_revoked(cert, 0);
    2.23 -    pgp_revocation_status_variant_t rsv = pgp_revocation_status_variant(rs);
    2.24 -    pgp_revocation_status_free(rs);
    2.25 -    if (rsv == PGP_REVOCATION_STATUS_REVOKED) {
    2.26 -        *comm_type = PEP_ct_key_revoked;
    2.27 -        goto out;
    2.28 -    }
    2.29  
    2.30      PEP_comm_type best_enc = PEP_ct_no_encryption, best_sign = PEP_ct_no_encryption;
    2.31      pgp_cert_key_iter_t key_iter = pgp_cert_key_iter_valid(cert);
     3.1 --- a/test/src/KeyResetMessageTest.cc	Tue Dec 10 12:15:21 2019 +0100
     3.2 +++ b/test/src/KeyResetMessageTest.cc	Tue Dec 10 17:53:24 2019 +0100
     3.3 @@ -1308,3 +1308,132 @@
     3.4      ASSERT_EQ(rating, PEP_rating_reliable);
     3.5      
     3.6  }
     3.7 +
     3.8 +TEST_F(KeyResetMessageTest, check_reset_own_with_revocations) {
     3.9 +    pEp_identity* id1 = new_identity("krista-not-real@darthmama.org", NULL, PEP_OWN_USERID, "Krista at Home");    
    3.10 +    PEP_STATUS status = myself(session, id1);
    3.11 +    pEp_identity* id2 = NULL;
    3.12 +    status = set_up_preset(session, ALICE, true, true, false, false, false, &id2);
    3.13 +    pEp_identity* id3 = new_identity("krista-not-real@angryshark.eu", NULL, PEP_OWN_USERID, "Krista at Shark");
    3.14 +    status = myself(session, id3);
    3.15 +    pEp_identity* id4 = NULL;    
    3.16 +    status = set_up_preset(session, BOB, true, false, false, false, false, &id4);
    3.17 +    pEp_identity* id5 = new_identity("krista-not-real@pep.foundation", NULL, PEP_OWN_USERID, "Krista at Work");
    3.18 +    status = myself(session, id5);
    3.19 +    pEp_identity* id6 = new_identity("grrrr-not-real@angryshark.eu", NULL, PEP_OWN_USERID, "GRRRR is a Shark");
    3.20 +    status = myself(session, id6);
    3.21 +    pEp_identity* id7 = NULL;
    3.22 +    status = set_up_preset(session, CAROL, true, false, true, false, false, &id7);
    3.23 +    pEp_identity* id8 = NULL;    
    3.24 +    status = set_up_preset(session, DAVE, true, true, true, false, false, &id8);
    3.25 +
    3.26 +    identity_list* own_identities = NULL;
    3.27 +    stringlist_t* revocations = NULL;
    3.28 +    stringlist_t* keys = NULL;
    3.29 +    
    3.30 +    stringlist_t* first_keylist = new_stringlist(NULL);
    3.31 +    stringlist_add(first_keylist, strdup(id1->fpr));
    3.32 +    stringlist_add(first_keylist, strdup(id3->fpr));
    3.33 +    stringlist_add(first_keylist, strdup(id5->fpr));
    3.34 +    stringlist_add(first_keylist, strdup(id6->fpr));
    3.35 +    
    3.36 +    status = key_reset_own_and_deliver_revocations(session, 
    3.37 +                                                   &own_identities, 
    3.38 +                                                   &revocations, 
    3.39 +                                                   &keys);
    3.40 +                                                                                                      
    3.41 +    ASSERT_EQ(status, PEP_STATUS_OK);
    3.42 +    ASSERT_NE(own_identities, nullptr);
    3.43 +    ASSERT_NE(revocations, nullptr);
    3.44 +    ASSERT_NE(keys, nullptr);
    3.45 +
    3.46 +    int i = 0;
    3.47 +    identity_list* curr_ident = own_identities;
    3.48 +    stringlist_t* second_keylist = new_stringlist(NULL);
    3.49 +    
    3.50 +    for (i = 0; i < 4 && curr_ident; i++, curr_ident = curr_ident->next) {
    3.51 +        ASSERT_NE(curr_ident->ident, nullptr);
    3.52 +        ASSERT_NE(curr_ident->ident->fpr, nullptr);        
    3.53 +        stringlist_t* found = stringlist_search(first_keylist, curr_ident->ident->fpr);
    3.54 +        ASSERT_EQ(found, nullptr);
    3.55 +        PEP_comm_type ct = PEP_ct_unknown;
    3.56 +        status = get_key_rating(session, curr_ident->ident->fpr, &ct);
    3.57 +        ASSERT_EQ(ct, PEP_ct_OpenPGP_unconfirmed);    
    3.58 +        stringlist_add(second_keylist, strdup(curr_ident->ident->fpr));            
    3.59 +    }
    3.60 +    ASSERT_EQ(i, 4);
    3.61 +    ASSERT_EQ(curr_ident, nullptr);
    3.62 +    
    3.63 +    stringlist_t* curr_key = first_keylist;
    3.64 +    for (i = 0; i < 4; i++, curr_key = curr_key->next) {
    3.65 +        PEP_comm_type ct = PEP_ct_unknown;
    3.66 +        status = get_key_rating(session, curr_key->value, &ct);
    3.67 +        ASSERT_EQ(ct, PEP_ct_key_revoked);
    3.68 +    }
    3.69 +    
    3.70 +    // Ok, now we're going to delete all the keys, and then try to reimport.
    3.71 +    curr_key = first_keylist;
    3.72 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
    3.73 +        status = delete_keypair(session, curr_key->value);
    3.74 +        ASSERT_EQ(status, PEP_STATUS_OK);
    3.75 +    }
    3.76 +    ASSERT_EQ(i, 4);
    3.77 +    ASSERT_EQ(curr_key, nullptr);
    3.78 +    
    3.79 +    curr_key = second_keylist;
    3.80 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
    3.81 +        status = delete_keypair(session, curr_key->value);
    3.82 +        ASSERT_EQ(status, PEP_STATUS_OK);
    3.83 +    }
    3.84 +    ASSERT_EQ(i, 4);
    3.85 +    ASSERT_EQ(curr_key, nullptr);
    3.86 +    
    3.87 +    // Make sure we can't find them
    3.88 +    curr_key = first_keylist;
    3.89 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
    3.90 +        PEP_comm_type ct = PEP_ct_unknown;
    3.91 +        status = get_key_rating(session, curr_key->value, &ct);
    3.92 +        ASSERT_EQ(status, PEP_KEY_NOT_FOUND);    
    3.93 +    }
    3.94 +    curr_key = second_keylist;
    3.95 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
    3.96 +        PEP_comm_type ct = PEP_ct_unknown;
    3.97 +        status = get_key_rating(session, curr_key->value, &ct);
    3.98 +        ASSERT_EQ(status, PEP_KEY_NOT_FOUND);
    3.99 +    }
   3.100 +    
   3.101 +    
   3.102 +    // Reimport
   3.103 +    curr_key = revocations;
   3.104 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
   3.105 +        status = import_key(session, curr_key->value, strlen(curr_key->value), NULL);
   3.106 +        ASSERT_EQ(status, PEP_KEY_IMPORTED);
   3.107 +    }
   3.108 +    ASSERT_EQ(i, 4);
   3.109 +    ASSERT_EQ(curr_key, nullptr);
   3.110 +    
   3.111 +    curr_key = keys;
   3.112 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
   3.113 +        status = import_key(session, curr_key->value, strlen(curr_key->value), NULL);
   3.114 +        ASSERT_EQ(status, PEP_KEY_IMPORTED);
   3.115 +    }
   3.116 +    ASSERT_EQ(i, 4);
   3.117 +    ASSERT_EQ(curr_key, nullptr);
   3.118 +    
   3.119 +    // Check the revoked keys to be sure they are revoked
   3.120 +    curr_key = first_keylist;
   3.121 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
   3.122 +        PEP_comm_type ct = PEP_ct_unknown;
   3.123 +        status = get_key_rating(session, curr_key->value, &ct);
   3.124 +        ASSERT_EQ(ct, PEP_ct_key_revoked);
   3.125 +        ASSERT_EQ(status, PEP_STATUS_OK);
   3.126 +    }
   3.127 +    // Check the imported keys to be sure they are OK
   3.128 +    curr_key = second_keylist;
   3.129 +    for (i = 0; i < 4; curr_key = curr_key->next, i++) {
   3.130 +        PEP_comm_type ct = PEP_ct_unknown;
   3.131 +        status = get_key_rating(session, curr_key->value, &ct);
   3.132 +        ASSERT_EQ(ct, PEP_ct_OpenPGP_unconfirmed);
   3.133 +        ASSERT_EQ(status, PEP_STATUS_OK);
   3.134 +    }
   3.135 +}