Preparing for import of gpg private key on android : decrypt flags (import own key from own trusted message) + pgp_gpg giving a list private keys when importing. import_own_key
authorEdouard Tisserant
Wed, 08 Jun 2016 01:32:10 +0200
branchimport_own_key
changeset 72880b966277620
parent 727 382718692559
child 729 6e93d01cf378
Preparing for import of gpg private key on android : decrypt flags (import own key from own trusted message) + pgp_gpg giving a list private keys when importing.
src/cryptotech.h
src/message_api.c
src/message_api.h
src/pEpEngine.c
src/pEpEngine.h
src/pgp_gpg.c
src/pgp_gpg.h
src/pgp_gpg_internal.h
test/message_api_test.cc
test/pEpEngineTest.cc
     1.1 --- a/src/cryptotech.h	Thu Jun 09 19:19:46 2016 +0200
     1.2 +++ b/src/cryptotech.h	Wed Jun 08 01:32:10 2016 +0200
     1.3 @@ -48,7 +48,7 @@
     1.4      );
     1.5  
     1.6  typedef PEP_STATUS (*import_key_t)(PEP_SESSION session, const char *key_data,
     1.7 -        size_t size);
     1.8 +        size_t size, identity_list **private_keys);
     1.9  
    1.10  typedef PEP_STATUS (*recv_key_t)(PEP_SESSION session, const char *pattern);
    1.11  
     2.1 --- a/src/message_api.c	Thu Jun 09 19:19:46 2016 +0200
     2.2 +++ b/src/message_api.c	Wed Jun 08 01:32:10 2016 +0200
     2.3 @@ -830,7 +830,30 @@
     2.4      }
     2.5  }
     2.6  
     2.7 -void import_attached_keys(PEP_SESSION session, const message *msg)
     2.8 +bool _is_pgp_key(bloblist_t *bl)
     2.9 +{
    2.10 +    return (// workaround for Apple Mail bugs
    2.11 +            (is_mime_type(bl, "application/x-apple-msg-attachment") &&
    2.12 +             is_fileending(bl, ".asc")) ||
    2.13 +            // as binary, by file name
    2.14 +            ((bl->mime_type == NULL ||
    2.15 +              is_mime_type(bl, "application/octet-stream")) &&
    2.16 +             (is_fileending(bl, ".pgp") || is_fileending(bl, ".gpg") ||
    2.17 +                    is_fileending(bl, ".key") || is_fileending(bl, ".asc"))) ||
    2.18 +            // explicit mime type 
    2.19 +            is_mime_type(bl, "application/pgp-keys") ||
    2.20 +            // as text, by file name
    2.21 +            (is_mime_type(bl, "text/plain") &&
    2.22 +             (is_fileending(bl, ".pgp") || is_fileending(bl, ".gpg") ||
    2.23 +                    is_fileending(bl, ".key") || is_fileending(bl, ".asc")))
    2.24 +           );
    2.25 +}
    2.26 +
    2.27 +void import_attached_keys(
    2.28 +        PEP_SESSION session, 
    2.29 +        const message *msg,
    2.30 +        identity_list **private_idents
    2.31 +    )
    2.32  {
    2.33      assert(session);
    2.34      assert(msg);
    2.35 @@ -839,31 +862,13 @@
    2.36      for (bl = msg->attachments; bl && bl->value; bl = bl->next) {
    2.37          assert(bl && bl->value && bl->size);
    2.38  
    2.39 -        // workaround for Apple Mail bugs
    2.40 -        if (is_mime_type(bl, "application/x-apple-msg-attachment")) {
    2.41 -            if (is_fileending(bl, ".asc"))
    2.42 -                import_key(session, bl->value, bl->size);
    2.43 -        }
    2.44 -        else if (bl->mime_type == NULL ||
    2.45 -                    is_mime_type(bl, "application/octet-stream")) {
    2.46 -            if (is_fileending(bl, ".pgp") || is_fileending(bl, ".gpg") ||
    2.47 -                    is_fileending(bl, ".key") || is_fileending(bl, ".asc"))
    2.48 -                import_key(session, bl->value, bl->size);
    2.49 -        }
    2.50 -        else if (is_mime_type(bl, "application/pgp-keys")) {
    2.51 -            import_key(session, bl->value, bl->size);
    2.52 -        }
    2.53 -        else if (is_mime_type(bl, "text/plain")) {
    2.54 -            if (is_fileending(bl, ".pgp") || is_fileending(bl, ".gpg") ||
    2.55 -                    is_fileending(bl, ".key") || is_fileending(bl, ".asc"))
    2.56 -                import_key(session, bl->value, bl->size);
    2.57 +        if (_is_pgp_key(bl))
    2.58 +        {
    2.59 +            import_key(session, bl->value, bl->size, private_idents);
    2.60          }
    2.61      }
    2.62 -    if(msg->from && msg->from->user_id && msg->from->address)
    2.63 -        update_identity(session, msg->from);
    2.64  }
    2.65  
    2.66 -
    2.67  PEP_STATUS _attach_key(PEP_SESSION session, const char* fpr, message *msg)
    2.68  {
    2.69      char *keydata;
    2.70 @@ -1136,7 +1141,8 @@
    2.71          message *src,
    2.72          message **dst,
    2.73          stringlist_t **keylist,
    2.74 -        PEP_color *color
    2.75 +        PEP_color *color,
    2.76 +        PEP_decrypt_flags_t *flags 
    2.77      )
    2.78  {
    2.79      PEP_STATUS status = PEP_STATUS_OK;
    2.80 @@ -1157,7 +1163,14 @@
    2.81      if (!(session && src && dst && keylist && color))
    2.82          return PEP_ILLEGAL_VALUE;
    2.83  
    2.84 -    import_attached_keys(session, src);
    2.85 +    // Private key in an unencrypted mail... srsly ? -> NULL
    2.86 +    import_attached_keys(session, src, NULL);
    2.87 +
    2.88 +    // Update src->from in case we just imported a key
    2.89 +    // we would need to check signature
    2.90 +    if(src->from && src->from->user_id && src->from->address)
    2.91 +        update_identity(session, src->from);
    2.92 +
    2.93      PEP_cryptotech crypto = determine_encryption_format(src);
    2.94  
    2.95      *dst = NULL;
    2.96 @@ -1189,6 +1202,8 @@
    2.97  
    2.98      decrypt_status = status;
    2.99  
   2.100 +    char *imported_private_key_address = NULL; 
   2.101 +
   2.102      if (ptext) {
   2.103          switch (src->enc_format) {
   2.104              case PEP_enc_PGP_MIME:
   2.105 @@ -1321,14 +1336,31 @@
   2.106                  // BUG: must implement more
   2.107                  NOT_IMPLEMENTED
   2.108          }
   2.109 -        
   2.110 -        import_attached_keys(session, msg);
   2.111 -        
   2.112 +       
   2.113 +        // Only check for private key imported if
   2.114 +        // in decrypted message attachement
   2.115 +        identity_list *private_il = NULL;
   2.116 +        import_attached_keys(session, msg, &private_il);
   2.117 +        if (private_il && 
   2.118 +            identity_list_length(private_il) == 1 &&
   2.119 +            private_il->ident->address)
   2.120 +        {
   2.121 +            imported_private_key_address = 
   2.122 +                strdup(private_il->ident->address);
   2.123 +        }
   2.124 +        free_identity_list(private_il);
   2.125 +         
   2.126          if(decrypt_status == PEP_DECRYPTED){
   2.127 +
   2.128 +            // TODO optimize if import_attached_keys didn't import any key
   2.129              
   2.130              // In case message did decrypt, but no valid signature could be found
   2.131              // then retry decrypt+verify after importing key.
   2.132 -            // TODO optimize if import_attached_keys didn't import any key
   2.133 +
   2.134 +            // Update msg->from in case we just imported a key
   2.135 +            // we would need to check signature
   2.136 +            if(msg->from && msg->from->user_id && msg->from->address)
   2.137 +                 update_identity(session, msg->from);
   2.138              
   2.139              char *re_ptext = NULL;
   2.140              size_t re_psize;
   2.141 @@ -1384,9 +1416,33 @@
   2.142              }
   2.143          }
   2.144      }
   2.145 +        
   2.146 +    // Case of own key imported from own trusted message
   2.147 +    if (// Message have been reliably decrypted 
   2.148 +        msg &&
   2.149 +        *color >= PEP_rating_green &&
   2.150 +        imported_private_key_address &&
   2.151 +        // [from] == to
   2.152 +        identity_list_length(msg->to) == 1 &&
   2.153 +        msg->to->ident->address && msg->from->address &&
   2.154 +        strcmp(msg->from->address, msg->to->ident->address) == 0 &&
   2.155 +        // from is own
   2.156 +        msg->from->user_id &&
   2.157 +        strcmp(msg->from->user_id, PEP_OWN_USERID) == 0 &&
   2.158 +        // to is [own]
   2.159 +        msg->to->ident->user_id &&
   2.160 +        strcmp(msg->to->ident->user_id, PEP_OWN_USERID) == 0 &&
   2.161 +        // Contains one single private key with matching 
   2.162 +        strcmp(msg->from->address, imported_private_key_address) == 0)
   2.163 +    {
   2.164 +        *flags &= PEP_decrypt_flag_own_private_key;
   2.165 +    }
   2.166  
   2.167 -    if (msg)
   2.168 +    free(imported_private_key_address);
   2.169 +
   2.170 +    if (msg){
   2.171          decorate_message(msg, *color, _keylist);
   2.172 +    }
   2.173  
   2.174      *dst = msg;
   2.175      *keylist = _keylist;
   2.176 @@ -1397,12 +1453,39 @@
   2.177      status = PEP_OUT_OF_MEMORY;
   2.178  
   2.179  pep_error:
   2.180 +    free(imported_private_key_address);
   2.181      free_message(msg);
   2.182      free_stringlist(_keylist);
   2.183  
   2.184      return status;
   2.185  }
   2.186  
   2.187 +DYNAMIC_API PEP_STATUS own_message_private_key_details(
   2.188 +        PEP_SESSION session,
   2.189 +        message *msg,
   2.190 +        char **details,
   2.191 +        pEp_identity **ident 
   2.192 +    )
   2.193 +{
   2.194 +    PEP_STATUS status = PEP_STATUS_OK;
   2.195 +    assert(session);
   2.196 +    assert(msg);
   2.197 +    assert(details);
   2.198 +    assert(ident);
   2.199 +
   2.200 +    if (!(session && msg && details && ident))
   2.201 +        return PEP_ILLEGAL_VALUE;
   2.202 +
   2.203 +    message *dst; 
   2.204 +    stringlist_t *keylist;
   2.205 +    PEP_color color;
   2.206 +    PEP_decrypt_flags_t flags; 
   2.207 +
   2.208 +    status = decrypt_message(session, msg,  &dst, &keylist, &color, &flags);
   2.209 +
   2.210 +    return status;
   2.211 +}
   2.212 +
   2.213  DYNAMIC_API PEP_STATUS outgoing_message_color(
   2.214          PEP_SESSION session,
   2.215          message *msg,
     3.1 --- a/src/message_api.h	Thu Jun 09 19:19:46 2016 +0200
     3.2 +++ b/src/message_api.h	Wed Jun 08 01:32:10 2016 +0200
     3.3 @@ -10,7 +10,11 @@
     3.4  #endif
     3.5  
     3.6  
     3.7 -void import_attached_keys(PEP_SESSION session, const message *msg);
     3.8 +void import_attached_keys(
     3.9 +        PEP_SESSION session, 
    3.10 +        const message *msg,
    3.11 +        identity_list **private_idents
    3.12 +    );
    3.13  void attach_own_key(PEP_SESSION session, message *msg);
    3.14  PEP_cryptotech determine_encryption_format(message *msg);
    3.15  
    3.16 @@ -64,6 +68,12 @@
    3.17      PEP_rating_under_attack = -3
    3.18  } PEP_color;
    3.19  
    3.20 +typedef enum _PEP_decrypt_flags {
    3.21 +    PEP_decrypt_flag_own_private_key = 0x1
    3.22 +} PEP_decrypt_flags; 
    3.23 +
    3.24 +typedef uint32_t PEP_decrypt_flags_t;
    3.25 +
    3.26  // decrypt_message() - decrypt message in memory
    3.27  //
    3.28  //  parameters:
    3.29 @@ -72,6 +82,7 @@
    3.30  //      dst (out)           pointer to new decrypted message or NULL on failure
    3.31  //      keylist (out)       stringlist with keyids
    3.32  //      color (out)         color for the message
    3.33 +//      flags (out)         flags to signal special message features
    3.34  //
    3.35  //  return value:
    3.36  //      error status or PEP_STATUS_OK on success
    3.37 @@ -88,9 +99,39 @@
    3.38          message *src,
    3.39          message **dst,
    3.40          stringlist_t **keylist,
    3.41 -        PEP_color *color
    3.42 -    );
    3.43 +        PEP_color *color,
    3.44 +        PEP_decrypt_flags_t *flags 
    3.45 +);
    3.46  
    3.47 +// own_message_private_key_details() - details on own key in own message
    3.48 +//
    3.49 +//  parameters:
    3.50 +//      session (in)        session handle
    3.51 +//      msg (in)            message to decrypt
    3.52 +//      details (out)       text describing details
    3.53 +//      ident (out)         identity containing uid, address and fpr of key
    3.54 +//
    3.55 +//  note:
    3.56 +//      In order to obtain details about key to be possibly imported
    3.57 +//      as a replacement of key currently used as own identity, 
    3.58 +//      application passes message that have been previously flagged by 
    3.59 +//      decrypt_message() as own message containing own key to this function
    3.60 +//
    3.61 +//  return value:
    3.62 +//      error status or PEP_STATUS_OK on success
    3.63 +//
    3.64 +//	caveat:
    3.65 +//	    the ownership of msg remains with the caller
    3.66 +//	    the ownership of details goes to the caller
    3.67 +//	    the ownership of ident goes to the caller
    3.68 +//	    msg MUST be encrypted so that this function can check own signature
    3.69 +
    3.70 +DYNAMIC_API PEP_STATUS own_message_private_key_details(
    3.71 +        PEP_SESSION session,
    3.72 +        message *msg,
    3.73 +        char **details,
    3.74 +        pEp_identity **ident 
    3.75 +);
    3.76  
    3.77  // outgoing_message_color() - get color for an outgoing message
    3.78  //
     4.1 --- a/src/pEpEngine.c	Thu Jun 09 19:19:46 2016 +0200
     4.2 +++ b/src/pEpEngine.c	Wed Jun 08 01:32:10 2016 +0200
     4.3 @@ -1151,7 +1151,12 @@
     4.4      return session->cryptotech[PEP_crypt_OpenPGP].get_key_rating(session, fpr, comm_type);
     4.5  }
     4.6  
     4.7 -DYNAMIC_API PEP_STATUS import_key(PEP_SESSION session, const char *key_data, size_t size)
     4.8 +DYNAMIC_API PEP_STATUS import_key(
     4.9 +        PEP_SESSION session,
    4.10 +        const char *key_data,
    4.11 +        size_t size,
    4.12 +        identity_list **private_keys
    4.13 +    )
    4.14  {
    4.15      assert(session);
    4.16      assert(key_data);
    4.17 @@ -1159,7 +1164,7 @@
    4.18      if (!(session && key_data))
    4.19          return PEP_ILLEGAL_VALUE;
    4.20  
    4.21 -    return session->cryptotech[PEP_crypt_OpenPGP].import_key(session, key_data, size);
    4.22 +    return session->cryptotech[PEP_crypt_OpenPGP].import_key(session, key_data, size, private_keys);
    4.23  }
    4.24  
    4.25  DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern)
     5.1 --- a/src/pEpEngine.h	Thu Jun 09 19:19:46 2016 +0200
     5.2 +++ b/src/pEpEngine.h	Wed Jun 08 01:32:10 2016 +0200
     5.3 @@ -436,6 +436,7 @@
     5.4  
     5.5  DYNAMIC_API void free_identity(pEp_identity *identity);
     5.6  
     5.7 +#include "identity_list.h"
     5.8  
     5.9  // get_identity() - get identity information
    5.10  //
    5.11 @@ -550,7 +551,12 @@
    5.12  //      PEP_OUT_OF_MEMORY       out of memory
    5.13  //      PEP_ILLEGAL_VALUE       there is no key data to import
    5.14  
    5.15 -DYNAMIC_API PEP_STATUS import_key(PEP_SESSION session, const char *key_data, size_t size);
    5.16 +DYNAMIC_API PEP_STATUS import_key(
    5.17 +        PEP_SESSION session,
    5.18 +        const char *key_data,
    5.19 +        size_t size,
    5.20 +        identity_list **private_keys
    5.21 +    );
    5.22  
    5.23  
    5.24  // export_key() - export ascii armored key
     6.1 --- a/src/pgp_gpg.c	Thu Jun 09 19:19:46 2016 +0200
     6.2 +++ b/src/pgp_gpg.c	Wed Jun 08 01:32:10 2016 +0200
     6.3 @@ -257,6 +257,11 @@
     6.4              dlsym(gpgme, "gpgme_op_import");
     6.5          assert(gpg.gpgme_op_import);
     6.6  
     6.7 +        gpg.gpgme_op_import_result
     6.8 +            = (gpgme_op_import_result_t) (intptr_t) dlsym(gpgme,
     6.9 +            "gpgme_op_import_result");
    6.10 +        assert(gpg.gpgme_op_import_result);
    6.11 +
    6.12          gpg.gpgme_op_export = (gpgme_op_export_t) (intptr_t)
    6.13              dlsym(gpgme, "gpgme_op_export");
    6.14          assert(gpg.gpgme_op_export);
    6.15 @@ -456,8 +461,7 @@
    6.16                              // This is meant to get signer's primary 
    6.17                              // key fingerprint, using subkey's.
    6.18  
    6.19 -                            gpgme_key_t key;
    6.20 -                            memset(&key,0,sizeof(key));
    6.21 +                            gpgme_key_t key = NULL;
    6.22  
    6.23                              gpgme_error = gpg.gpgme_get_key(session->ctx,
    6.24                                  gpgme_signature->fpr, &key, 0);
    6.25 @@ -1012,13 +1016,17 @@
    6.26      return PEP_STATUS_OK;
    6.27  }
    6.28  
    6.29 -PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data, size_t size)
    6.30 +PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data,
    6.31 +                              size_t size, identity_list **private_idents)
    6.32  {
    6.33      gpgme_error_t gpgme_error;
    6.34      gpgme_data_t dh;
    6.35  
    6.36      assert(session);
    6.37      assert(key_data);
    6.38 +   
    6.39 +    if(private_idents) 
    6.40 +        *private_idents = NULL;
    6.41  
    6.42      gpgme_error = gpg.gpgme_data_new_from_mem(&dh, key_data, size, 0);
    6.43      gpgme_error = _GPGERR(gpgme_error);
    6.44 @@ -1036,10 +1044,67 @@
    6.45          return PEP_UNKNOWN_ERROR;
    6.46      }
    6.47  
    6.48 +    gpgme_import_result_t gpgme_import_result;
    6.49 +
    6.50      gpgme_error = gpg.gpgme_op_import(session->ctx, dh);
    6.51      gpgme_error = _GPGERR(gpgme_error);
    6.52      switch (gpgme_error) {
    6.53      case GPG_ERR_NO_ERROR:
    6.54 +        if(private_idents) 
    6.55 +        {
    6.56 +            gpgme_import_result =
    6.57 +                gpg.gpgme_op_import_result(session->ctx);
    6.58 +            assert(gpgme_import_result);
    6.59 +            gpgme_import_status_t import;
    6.60 +            for (import = gpgme_import_result->imports; 
    6.61 +                 import; 
    6.62 +                 import = import->next)
    6.63 +             {
    6.64 +                if (import &&
    6.65 +                    import->result == GPG_ERR_NO_ERROR &&
    6.66 +                    import->status & GPGME_IMPORT_SECRET )
    6.67 +                {
    6.68 +                    gpgme_key_t key = NULL;
    6.69 +
    6.70 +                    gpgme_error = gpg.gpgme_get_key(session->ctx,
    6.71 +                        import->fpr, &key, 0);
    6.72 +                    gpgme_error = _GPGERR(gpgme_error);
    6.73 +                    assert(gpgme_error != GPG_ERR_ENOMEM);
    6.74 +                    if (gpgme_error == GPG_ERR_ENOMEM) {
    6.75 +                        gpg.gpgme_data_release(dh);
    6.76 +                        return PEP_OUT_OF_MEMORY;
    6.77 +                    }
    6.78 +                    
    6.79 +                    if (gpgme_error == GPG_ERR_NO_ERROR &&  
    6.80 +                        key && key->uids && 
    6.81 +                        key->uids->email && key->uids->name)
    6.82 +                    {
    6.83 +                        pEp_identity *ident = new_identity(
    6.84 +                             key->uids->email, import->fpr, NULL, key->uids->name);
    6.85 +
    6.86 +                        gpg.gpgme_key_unref(key);
    6.87 +
    6.88 +                        if (ident == NULL) {
    6.89 +                            gpg.gpgme_data_release(dh);
    6.90 +                            return PEP_OUT_OF_MEMORY;
    6.91 +                        }
    6.92 +
    6.93 +                        *private_idents = identity_list_add(*private_idents, ident);
    6.94 +
    6.95 +                        if (*private_idents == NULL) {
    6.96 +                            gpg.gpgme_data_release(dh);
    6.97 +                            return PEP_OUT_OF_MEMORY;
    6.98 +                        }
    6.99 +                    }
   6.100 +                    else 
   6.101 +                    {
   6.102 +                        gpg.gpgme_key_unref(key);
   6.103 +                        gpg.gpgme_data_release(dh);
   6.104 +                        return PEP_UNKNOWN_ERROR;
   6.105 +                    }
   6.106 +                }
   6.107 +            }
   6.108 +        }
   6.109          break;
   6.110      case GPG_ERR_INV_VALUE:
   6.111          assert(0);
     7.1 --- a/src/pgp_gpg.h	Thu Jun 09 19:19:46 2016 +0200
     7.2 +++ b/src/pgp_gpg.h	Wed Jun 08 01:32:10 2016 +0200
     7.3 @@ -41,7 +41,10 @@
     7.4      );
     7.5  
     7.6  PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data,
     7.7 -        size_t size);
     7.8 +                              size_t size, identity_list **private_idents);
     7.9 +
    7.10 +PEP_STATUS pgp_import_private_keydata(PEP_SESSION session, const char *key_data,
    7.11 +                                      size_t size, identity_list **private_idents);
    7.12  
    7.13  PEP_STATUS pgp_recv_key(PEP_SESSION session, const char *pattern);
    7.14  PEP_STATUS pgp_send_key(PEP_SESSION session, const char *pattern);
     8.1 --- a/src/pgp_gpg_internal.h	Thu Jun 09 19:19:46 2016 +0200
     8.2 +++ b/src/pgp_gpg_internal.h	Wed Jun 08 01:32:10 2016 +0200
     8.3 @@ -55,6 +55,7 @@
     8.4      const gpgme_key_t KEY, int ALLOW_SECRET);
     8.5  typedef gpgme_error_t(*gpgme_op_import_t)(gpgme_ctx_t CTX,
     8.6      gpgme_data_t KEYDATA);
     8.7 +typedef gpgme_import_result_t(*gpgme_op_import_result_t)(gpgme_ctx_t CTX);
     8.8  typedef gpgme_error_t(*gpgme_op_export_t)(gpgme_ctx_t CTX,
     8.9      const char *PATTERN, gpgme_export_mode_t MODE, gpgme_data_t KEYDATA);
    8.10  typedef gpgme_error_t(*gpgme_set_keylist_mode_t)(gpgme_ctx_t CTX,
    8.11 @@ -106,6 +107,7 @@
    8.12      gpgme_op_genkey_result_t gpgme_op_genkey_result;
    8.13      gpgme_op_delete_t gpgme_op_delete;
    8.14      gpgme_op_import_t gpgme_op_import;
    8.15 +    gpgme_op_import_result_t gpgme_op_import_result;
    8.16      gpgme_op_export_t gpgme_op_export;
    8.17      gpgme_set_keylist_mode_t gpgme_set_keylist_mode;
    8.18      gpgme_get_keylist_mode_t gpgme_get_keylist_mode;
     9.1 --- a/test/message_api_test.cc	Thu Jun 09 19:19:46 2016 +0200
     9.2 +++ b/test/message_api_test.cc	Wed Jun 08 01:32:10 2016 +0200
     9.3 @@ -72,7 +72,9 @@
     9.4      message *msg4;
     9.5      stringlist_t *keylist4;
     9.6      PEP_color color;
     9.7 -    PEP_STATUS status4 = decrypt_message(session, enc_msg2, &msg4, &keylist4, &color);
     9.8 +    PEP_decrypt_flags_t flags;
     9.9 +    
    9.10 +    PEP_STATUS status4 = decrypt_message(session, enc_msg2, &msg4, &keylist4, &color, &flags);
    9.11      assert(status4 == PEP_STATUS_OK);
    9.12      assert(msg4);
    9.13      assert(keylist4);
    10.1 --- a/test/pEpEngineTest.cc	Thu Jun 09 19:19:46 2016 +0200
    10.2 +++ b/test/pEpEngineTest.cc	Wed Jun 08 01:32:10 2016 +0200
    10.3 @@ -88,7 +88,7 @@
    10.4          size_t k_user_length = 0;
    10.5          ReadFileIntoMem(*kf, k_user_buffer, k_user_length);
    10.6          cout << "import_key(" << *kf << ")\n";
    10.7 -        PEP_STATUS import_status = import_key(session, k_user_buffer, k_user_length);
    10.8 +        PEP_STATUS import_status = import_key(session, k_user_buffer, k_user_length, NULL);
    10.9          assert(import_status == PEP_STATUS_OK);
   10.10          cout << "successfully imported key\n";
   10.11          delete[] k_user_buffer;
   10.12 @@ -244,7 +244,7 @@
   10.13      assert(delete_status == PEP_STATUS_OK);
   10.14      
   10.15      cout << "import_key()\n";
   10.16 -    PEP_STATUS import_status = import_key(session, key_data, size);
   10.17 +    PEP_STATUS import_status = import_key(session, key_data, size, NULL);
   10.18      assert(import_status == PEP_STATUS_OK);
   10.19      cout << "successfully imported key\n";
   10.20