ENGINE-432: added additional src->from check before verify call.
authorKrista Bennett <krista@pep-project.org>
Tue, 28 Aug 2018 17:33:07 +0200
changeset 289759e0e6ed0534
parent 2896 aa0ffbb0c37e
child 2898 601cdaeef663
ENGINE-432: added additional src->from check before verify call.
src/message_api.c
test/include/MessageNullFromTests.h
test/src/engine_tests/MessageNullFromTests.cc
test/test_keys/priv/pep-test-bob-0xC9C2EE39_priv.asc
     1.1 --- a/src/message_api.c	Tue Aug 28 16:52:03 2018 +0200
     1.2 +++ b/src/message_api.c	Tue Aug 28 17:33:07 2018 +0200
     1.3 @@ -3200,13 +3200,14 @@
     1.4  
     1.5                  /* if decrypted, but not verified... */
     1.6                  if (decrypt_status == PEP_DECRYPTED) {
     1.7 -                                                                                     
     1.8 -                    status = verify_decrypted(session,
     1.9 -                                              src, msg,
    1.10 -                                              ptext, psize,
    1.11 -                                              &_keylist,
    1.12 -                                              &decrypt_status,
    1.13 -                                              crypto);
    1.14 +                    
    1.15 +                    if (src->from)                                                                 
    1.16 +                        status = verify_decrypted(session,
    1.17 +                                                  src, msg,
    1.18 +                                                  ptext, psize,
    1.19 +                                                  &_keylist,
    1.20 +                                                  &decrypt_status,
    1.21 +                                                  crypto);
    1.22                  }
    1.23                  break;
    1.24  
     2.1 --- a/test/include/MessageNullFromTests.h	Tue Aug 28 16:52:03 2018 +0200
     2.2 +++ b/test/include/MessageNullFromTests.h	Tue Aug 28 17:33:07 2018 +0200
     2.3 @@ -12,8 +12,15 @@
     2.4  class MessageNullFromTests : public EngineTestIndividualSuite {
     2.5      public:
     2.6          MessageNullFromTests(string test_suite, string test_home_dir);
     2.7 +    protected:
     2.8 +        void setup();
     2.9      private:
    2.10          void check_message_null_from_no_header_key_unencrypted();
    2.11 +        void check_message_null_from_header_key_unencrypted();
    2.12 +        void check_message_null_from_encrypted_not_signed();
    2.13 +        void check_message_null_from_encrypted_and_signed(); 
    2.14 +        void import_bob_pair_and_set_own();
    2.15 +        void import_alice_pub();
    2.16  };
    2.17  
    2.18  #endif
     3.1 --- a/test/src/engine_tests/MessageNullFromTests.cc	Tue Aug 28 16:52:03 2018 +0200
     3.2 +++ b/test/src/engine_tests/MessageNullFromTests.cc	Tue Aug 28 17:33:07 2018 +0200
     3.3 @@ -4,6 +4,8 @@
     3.4  #include <stdlib.h>
     3.5  #include <string>
     3.6  
     3.7 +#include <assert.h>
     3.8 +
     3.9  #include "pEpEngine.h"
    3.10  #include "test_util.h"
    3.11  
    3.12 @@ -15,7 +17,33 @@
    3.13  MessageNullFromTests::MessageNullFromTests(string suitename, string test_home_dir) :
    3.14      EngineTestIndividualSuite::EngineTestIndividualSuite(suitename, test_home_dir) {
    3.15      add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("MessageNullFromTests::check_message_null_from_no_header_key_unencrypted"),
    3.16 -                                                                      static_cast<Func>(&MessageNullFromTests::check_message_null_from_no_header_key_unencrypted)));
    3.17 +                                                                      static_cast<Func>(&MessageNullFromTests::check_message_null_from_header_key_unencrypted)));
    3.18 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("MessageNullFromTests::check_message_null_from_no_header_key_unencrypted"),
    3.19 +                                                                          static_cast<Func>(&MessageNullFromTests::check_message_null_from_header_key_unencrypted)));                                                                  
    3.20 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("MessageNullFromTests::check_message_null_from_encrypted_not_signed"),
    3.21 +                                                                          static_cast<Func>(&MessageNullFromTests::check_message_null_from_encrypted_not_signed)));                                                                  
    3.22 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("MessageNullFromTests::check_message_null_from_encrypted_and_signed"),
    3.23 +                                                                          static_cast<Func>(&MessageNullFromTests::check_message_null_from_encrypted_and_signed)));                                                                                                                                            
    3.24 +}
    3.25 +
    3.26 +void MessageNullFromTests::import_alice_pub() {
    3.27 +    const string alice_pub_key = slurp("test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc");
    3.28 +    PEP_STATUS status = import_key(session, alice_pub_key.c_str(), alice_pub_key.length(), NULL);
    3.29 +    assert(status == PEP_STATUS_OK);
    3.30 +}
    3.31 +
    3.32 +void MessageNullFromTests::import_bob_pair_and_set_own() {
    3.33 +    const string bob_pub_key = slurp("test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc");
    3.34 +    const string bob_priv_key = slurp("test_keys/priv/pep-test-bob-0xC9C2EE39_priv.asc");
    3.35 +    PEP_STATUS status = import_key(session, bob_pub_key.c_str(), bob_pub_key.length(), NULL);
    3.36 +    assert(status == PEP_STATUS_OK);
    3.37 +    status = import_key(session, bob_priv_key.c_str(), bob_priv_key.length(), NULL);
    3.38 +    assert(status == PEP_STATUS_OK);
    3.39 +}
    3.40 +
    3.41 +void MessageNullFromTests::setup() {
    3.42 +    EngineTestIndividualSuite::setup();
    3.43 +    import_bob_pair_and_set_own();
    3.44  }
    3.45  
    3.46  void MessageNullFromTests::check_message_null_from_no_header_key_unencrypted() {
    3.47 @@ -36,3 +64,61 @@
    3.48      TEST_ASSERT_MSG(status == PEP_UNENCRYPTED, tl_status_string(status));                                         
    3.49  }
    3.50  
    3.51 +void MessageNullFromTests::check_message_null_from_header_key_unencrypted() {
    3.52 +    string null_from_msg = slurp("test_files/432_no_from.eml");
    3.53 +    cout << null_from_msg << endl;
    3.54 +    stringlist_t* keylist = NULL;
    3.55 +    PEP_decrypt_flags_t flags;
    3.56 +    PEP_rating rating;
    3.57 +    char* mime_plaintext = NULL;
    3.58 +    char* modified_src = NULL;
    3.59 +    PEP_STATUS status = MIME_decrypt_message(session, null_from_msg.c_str(),
    3.60 +                                             null_from_msg.size(),
    3.61 +                                             &mime_plaintext,
    3.62 +                                             &keylist,
    3.63 +                                             &rating,
    3.64 +                                             &flags,
    3.65 +                                             &modified_src);
    3.66 +    TEST_ASSERT_MSG(status == PEP_UNENCRYPTED, tl_status_string(status));                                         
    3.67 +}
    3.68 +
    3.69 +void MessageNullFromTests::check_message_null_from_encrypted_not_signed() {
    3.70 +    import_alice_pub();
    3.71 +    string null_from_msg = slurp("test_files/432_no_from_encrypted_not_signed.eml");
    3.72 +    cout << null_from_msg << endl;
    3.73 +    stringlist_t* keylist = NULL;
    3.74 +    PEP_decrypt_flags_t flags;
    3.75 +    PEP_rating rating;
    3.76 +    char* mime_plaintext = NULL;
    3.77 +    char* modified_src = NULL;
    3.78 +    PEP_STATUS status = MIME_decrypt_message(session, null_from_msg.c_str(),
    3.79 +                                             null_from_msg.size(),
    3.80 +                                             &mime_plaintext,
    3.81 +                                             &keylist,
    3.82 +                                             &rating,
    3.83 +                                             &flags,
    3.84 +                                             &modified_src);
    3.85 +    TEST_ASSERT_MSG(status == PEP_DECRYPTED, tl_status_string(status));                                         
    3.86 +    TEST_ASSERT(mime_plaintext);
    3.87 +}
    3.88 +
    3.89 +void MessageNullFromTests::check_message_null_from_encrypted_and_signed() {
    3.90 +    import_alice_pub();    
    3.91 +    string null_from_msg = slurp("test_files/432_no_from_encrypted_and_signed.eml");
    3.92 +    cout << null_from_msg << endl;
    3.93 +    stringlist_t* keylist = NULL;
    3.94 +    PEP_decrypt_flags_t flags;
    3.95 +    PEP_rating rating;
    3.96 +    char* mime_plaintext = NULL;
    3.97 +    char* modified_src = NULL;
    3.98 +    PEP_STATUS status = MIME_decrypt_message(session, null_from_msg.c_str(),
    3.99 +                                             null_from_msg.size(),
   3.100 +                                             &mime_plaintext,
   3.101 +                                             &keylist,
   3.102 +                                             &rating,
   3.103 +                                             &flags,
   3.104 +                                             &modified_src);
   3.105 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));                                         
   3.106 +    TEST_ASSERT(mime_plaintext);
   3.107 +}
   3.108 +
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/test/test_keys/priv/pep-test-bob-0xC9C2EE39_priv.asc	Tue Aug 28 17:33:07 2018 +0200
     4.3 @@ -0,0 +1,57 @@
     4.4 +-----BEGIN PGP PRIVATE KEY BLOCK-----
     4.5 +
     4.6 +lQOYBFV4Pl8BCACuukQLwsHftH5jkVsSL7COFhamNsEE8lZ8MG1f1Rx5ztPuZTna
     4.7 +YXyWODgpj2Bxz0TcP+Q17GbLKse7TWD1k9i1RzLWz8ZSCLYq2TtjLWPleVuGGWeq
     4.8 +Y3tTWHC/nFbivolNPA0mL2038TGdBolPaZiPZ4P8wuQVYNfDqi4utcezGDNS8OHh
     4.9 +EPhfyKKoSM79HLoUPc6xsfimxPMrylI/i8bFvfDYz5vmydefvAxNhqjLH3Gmhj1p
    4.10 +nInsraEiyh7Y2zAxCfr6hD9nky7WixBinKFFhQpcUu1o+Ie6UGwLVbTyRMOcRsob
    4.11 +yahqA/m2HfDRj1Y+n8HHqsQkB2BtmMYXla3jABEBAAEAB/wKqiU2GVr1zJ5iqGZ7
    4.12 +hS9zDk3imXjAuwpK7GlfAVk9snSRpycK7IrxeX8s3J30qsOxGv5sYvOUcGK35kCs
    4.13 +eV78RyfthmM8WMcs28ATgE7WtkhyUAGmTwnuq9+Ldz9MYEUHUrEaXnTkBocFmd0I
    4.14 +Qx5qZLvHHtDtRx4HfAJZz0/5kj8KyKYB5cYsvRoLYdCWuxeIbJu5FYtHHBywNFnZ
    4.15 +Qt8STaQqZPD0gPh3ahzY8KYJFZbSFpGfaH0AX5dkFpUJdyad4R2c9ZOmnaK3W0Ba
    4.16 +cdQSdi66iiT0UG7f6ECR9HfI+nVfshOVLZA90p+LqLW51S7iBeFAoZyYfKuNrE9b
    4.17 +pV3VBADNf9Ec2CJ3jo2LrTrkN1HkcjmwdosFQWaDaXtRmV/GidWAyTS+JzaxnS1A
    4.18 +Y9klOqJktVNegrrkk+Xo6jHxkneGucDSsxpIVIcqTa2LGrt1E1eHNYwuEPIyHvl3
    4.19 +gPmfLCuetu+qp97+EOJBklSJi4ljPcAo7i+WI4Nsni6Q6eF7XQQA2aqRpIBmDdFY
    4.20 +9x3uAMDO3mSqIiEJWPiFZHs/qKGezJUgl4hrsjuiUWiD1gcPSS0zJRcZZ7GLYb9r
    4.21 +1uJOnzOtTLexEnAa0VJ9Svci+jtRX6HVETAnYqn9AQ/0sYvmTmWKge7q7BJHGnyv
    4.22 +YbyXmCwGyV8/cvSS8Mmh8iMYWg6mej8D/jN0ymPP9jGeuFav6Va/T8j+Fdl0zTVT
    4.23 +MkFPizlxJEev6PA9QKvAWo4iqRA3SIdqjrZpPcpwhalV5cK4KfHlh8/GagjU9kFS
    4.24 +JvUarmLZqoDqKT6cHb2OzcNBeCsuKGthraT1G+8NpXIgNr6a+5upo83pbL4RarPn
    4.25 +3u2JgSX0RPKDP8y0QXBFcCBUZXN0IEJvYiAodGVzdCBrZXksIGRvbid0IHVzZSkg
    4.26 +PHBlcC50ZXN0LmJvYkBwZXAtcHJvamVjdC5vcmc+iQE4BBMBAgAiBQJVeD5fAhsD
    4.27 +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBZv/SIycLuOaR5CACj3E6ykNqj
    4.28 +GS5PzghYfLJso6j954QzLwOozTzU/3/HWH4lC3Jmfr0pGI51KZ6Xevrp3N9SxRqr
    4.29 +uJCFRtwNeH3ujIgDh/UHCUEsP/+d74SOenIBYGUKE1OJmh8/LQdkNSc6JNdzJjDW
    4.30 +dKeh6cAMFvWju/Nqtl/l0FGspQU9dmCMtzkKgmwoKZW56aEVZ2lTxqNEo1aQ+lLr
    4.31 +NueBq0/Q5kAVEzUG7Ufm19wXjWenEMeeElX3UAGudLJuckx7uD8W/yBwqrRAbaCS
    4.32 +eZf6RVBLz96ekjWrVfMnmjkPuQPPt5cs98RxQTpxk7b6xLaWXymhA6cYU+FAW4Dp
    4.33 +bjfJjMWIFDcKnQOYBFV4Pl8BCADKQ2SV6gjR5N69xVdiCaefjwobrXR1niuBHBNT
    4.34 +XMJwPk2xv+e7fY28RK1BzODYCzBhpltvRoCcJi9S7Rqyz81nbxnw/1TaKtn6dDDh
    4.35 +ZPVHjN3vasDueM6xTEfEihNc0Owf4wz9SBjuredUVkdTxU7FxSgVP10dOxhdtkjW
    4.36 +jGW1DF6WlYA8BAIEdbpoheJHz3NFkhPQ8Dlzo7Ioe2t7vrTztcBX11o2e+FPOq1S
    4.37 +mhEr78wbROAyCVAXK+8qDh4zDq8iAMZK/KnZrm6pP00+iBRcb+JQgn3Gn+hU0lgE
    4.38 +3YB9kBJLeWaHxEPNnnNNvW/BMl53ctf8Ip+pzpA1K/S23KU7ABEBAAEAB/0UO5/y
    4.39 +aSoUXl8zv5ZpWGA8E1x7qU3MPZQfgwtMhwEXplEyVelHSvIkjQAsjridPqf1KhAy
    4.40 +dkHY8kRAo4xMqoHjIMIzu+76hgKDzcoH+gfumOD97qwPDub/kGBg1j5v8KGg4knD
    4.41 +L8pNXKMWlNeSFzDf6BmFipmfb3EVYBiIMceIz97c4BGvs29TC2wIKmJBRbWu9eS7
    4.42 +vqkBj8rEGi+pEnzTFvcZTMkoU6Uj/HifpvQ7BcOzUQ/1tiGQMEPv8oPMWmKudqBw
    4.43 +53e7RoYCZmTzuzI5fNvNcNT1EcUQmAfkgT6zvQuY63DAdECVx2f0p7MlgGA9ncQb
    4.44 +IVVdBtJXfwsAFmthBADXmavPPgiC8nU1q8e2pB0pmS3/uflPdmh+xKs0MxylDgSO
    4.45 +H9Ar7g9duxsrjxxHzlkTb0Am2XeWww3fBO762VH9VCAPH3FRoHGNCnY6Ix0MyikW
    4.46 +g4Gs66QXHMTNweOa9zk+cZS6N0H6dDis6x+9M1FCeJzy3gXaq+vfV5LfGeXMYQQA
    4.47 +8CnyHE7rjoqGNPnTWetuYgo6yhYJudbhO0uDewR5MdP1gwpTUmYl5RD41LSwTSGp
    4.48 +VSbjtct5dQg2ZhjUWxXcx1OC+aMafmDPi6S32mwbgfNtfTCIygM8CPDjdWbFu1ba
    4.49 +KbPA9Lc/SHgpg0vbdiZ4PWOqsqnig834r+3VfLX/dxsEANAWGGJRNTHmIwoC4HsV
    4.50 ++KiyApbBRw2TCHxJjlzFY2OFpe8RuGKE7HpKiSYjarGxP0RlESrbie0nbJ8FooIH
    4.51 +gY2ipO3khgK4MK1Xua405mNVzge9oNJPgWEtLabubimVnTwjU6O7m79Xl+R9BYb1
    4.52 +GVZm7f/WMDL7BsNVvhMVjdgiOOOJAR8EGAECAAkFAlV4Pl8CGwwACgkQWb/0iMnC
    4.53 +7jlqbwf/dP4sXDRiR5uVMh5WhOn1S8MnHZhLWAQ6fI9/KxggCPhgY6zAgszPMutz
    4.54 +BsQlV4P6QX30d99IMJrzGYYxjN7Z6fF7us9u103+GTzGQH7/47JG0eSTSaKQvqEa
    4.55 +N1+6M/OBZKcwNW6xHa+lhIS5nJGV3Oey/RFQwucBujQbtyjDN3aGshwqzhJXFBlF
    4.56 +3RqFzLxuAJmeOVedaKvdPjRhgFuxhkicUhVp27qXQCpDpkUkj9hb75yCE6pAzopO
    4.57 +6s65yHsnFyehwgyMrfpTPlPM86B1LH4IEwSaOrEJSdHnnFD8nnSIjRyfra3dsI/R
    4.58 +VNmYX8EkMGICzoR4lWcYFShJQM6QQg==
    4.59 +=rBox
    4.60 +-----END PGP PRIVATE KEY BLOCK-----