ENGINE-630: ENGINE-760: Works with decrypt message for older calls, but need to test and check those keylists. import_key_2.1
authorKrista 'DarthMama' Bennett <krista@pep.foundation>
Fri, 12 Jun 2020 13:48:31 +0200
branchimport_key_2.1
changeset 47378e7f6eb9ce94
parent 4734 9f03f332bedb
child 4738 b6811635c68f
ENGINE-630: ENGINE-760: Works with decrypt message for older calls, but need to test and check those keylists.
src/message_api.c
     1.1 --- a/src/message_api.c	Mon Jun 08 21:31:29 2020 +0200
     1.2 +++ b/src/message_api.c	Fri Jun 12 13:48:31 2020 +0200
     1.3 @@ -1517,7 +1517,7 @@
     1.4          PEP_SESSION session,
     1.5          message *msg,
     1.6          identity_list **private_idents, 
     1.7 -        stringlist_t** imported_keys,
     1.8 +        stringlist_t** imported_key_list,
     1.9          uint64_t* changed_keys
    1.10      )
    1.11  {
    1.12 @@ -1582,7 +1582,7 @@
    1.13              PEP_STATUS import_status = _import_key_with_fpr_return(
    1.14                                                    session, blob_value, blob_size, 
    1.15                                                    &local_private_idents,
    1.16 -                                                  imported_keys,
    1.17 +                                                  imported_key_list,
    1.18                                                    changed_keys);
    1.19              bloblist_t* to_delete = NULL;
    1.20              switch (import_status) {
    1.21 @@ -3087,18 +3087,18 @@
    1.22  // This is misleading - this imports ALL the keys!
    1.23  static PEP_STATUS import_keys_from_decrypted_msg(PEP_SESSION session,
    1.24                                                        message* msg,
    1.25 -                                                      bool* imported_keys,
    1.26 +                                                      bool* keys_were_imported,
    1.27                                                        bool* imported_private,
    1.28                                                        identity_list** private_il,
    1.29                                                        stringlist_t** keylist,
    1.30                                                        uint64_t* changed_keys)
    1.31  {
    1.32 -    assert(msg && imported_keys && imported_private);
    1.33 -    if (!(msg && imported_keys && imported_private))
    1.34 +    assert(msg && keys_were_imported && imported_private);
    1.35 +    if (!(msg && keys_were_imported && imported_private))
    1.36          return PEP_ILLEGAL_VALUE;
    1.37  
    1.38      PEP_STATUS status = PEP_STATUS_OK;
    1.39 -    *imported_keys = false;
    1.40 +    *keys_were_imported = false;
    1.41      *imported_private = false;
    1.42      if (private_il)
    1.43          *private_il = NULL;
    1.44 @@ -3106,7 +3106,7 @@
    1.45      // check for private key in decrypted message attachment while importing
    1.46      identity_list *_private_il = NULL;
    1.47  
    1.48 -    bool _imported_keys = import_attached_keys(session, msg, &_private_il, keylist, changed_keys);
    1.49 +    bool _keys_were_imported = import_attached_keys(session, msg, &_private_il, keylist, changed_keys);
    1.50      bool _imported_private = false;
    1.51      if (_private_il && _private_il->ident && _private_il->ident->address)
    1.52          _imported_private = true;
    1.53 @@ -3142,7 +3142,7 @@
    1.54      }
    1.55   
    1.56      if (!status) {
    1.57 -        *imported_keys = _imported_keys;
    1.58 +        *keys_were_imported = _keys_were_imported;
    1.59          *imported_private = _imported_private;
    1.60      }
    1.61  
    1.62 @@ -3406,7 +3406,7 @@
    1.63      return NULL;
    1.64  }
    1.65  
    1.66 -static bool import_header_keys(PEP_SESSION session, message* src, stringlist_t** imported_keys, uint64_t* changed_keys) {
    1.67 +static bool import_header_keys(PEP_SESSION session, message* src, stringlist_t** imported_key_list, uint64_t* changed_keys) {
    1.68      stringpair_list_t* header_keys = stringpair_list_find(src->opt_fields, "Autocrypt"); 
    1.69      if (!header_keys || !header_keys->value)
    1.70          return false;
    1.71 @@ -3425,7 +3425,7 @@
    1.72                                                      the_key->value, 
    1.73                                                      the_key->size, 
    1.74                                                      NULL, 
    1.75 -                                                    imported_keys, 
    1.76 +                                                    imported_key_list, 
    1.77                                                      changed_keys);
    1.78      free_bloblist(the_key);
    1.79      if (status == PEP_STATUS_OK || status == PEP_KEY_IMPORTED)
    1.80 @@ -3572,7 +3572,9 @@
    1.81          stringlist_t **keylist,
    1.82          PEP_rating *rating,
    1.83          PEP_decrypt_flags_t *flags,
    1.84 -        identity_list **private_il
    1.85 +        identity_list **private_il,
    1.86 +        stringlist_t** imported_key_fprs,
    1.87 +        uint64_t* changed_public_keys
    1.88      )
    1.89  {
    1.90      assert(session);
    1.91 @@ -3603,8 +3605,11 @@
    1.92      unsigned int major_ver = 0;
    1.93      unsigned int minor_ver = 0;
    1.94      
    1.95 -    stringlist_t* import_keylist = NULL;
    1.96 -    uint64_t changed_keys = 0;
    1.97 +    if (imported_key_fprs)
    1.98 +        *imported_key_fprs = NULL;
    1.99 +        
   1.100 +    stringlist_t* _imported_key_list = NULL;
   1.101 +    uint64_t _changed_keys = 0;
   1.102      
   1.103      stringpair_list_t* revoke_replace_pairs = NULL;
   1.104      
   1.105 @@ -3652,17 +3657,26 @@
   1.106      // We really need key used in signing to do anything further on the pEp comm_type.
   1.107      // So we can't adjust the rating of the sender just yet.
   1.108  
   1.109 -    /*** Begin Import any attached public keys and update identities accordingly ***/
   1.110 +    /*** Begin importing any keys attached an outer, undecrypted message - update identities accordingly ***/
   1.111      // Private key in unencrypted mail are ignored -> NULL
   1.112      //
   1.113      // This import is from the outermost message.
   1.114 -    // We don't do this for PGP_mime.
   1.115 -    bool imported_keys = false;
   1.116 +    // We don't do this for PGP_mime. -- KB: FIXME: I am pretty sure this was 
   1.117 +    // because of our overzealous import/remove process, but What does this do to enigmail messages 
   1.118 +    // if the keys are on the outside?? Are they ever?
   1.119 +    bool keys_were_imported = false;
   1.120 +    
   1.121      PEP_cryptotech enc_type = determine_encryption_format(src);
   1.122      if (enc_type != PEP_crypt_OpenPGP || !(src->enc_format == PEP_enc_PGP_MIME || src->enc_format == PEP_enc_PGP_MIME_Outlook1))
   1.123 -        imported_keys = import_attached_keys(session, src, NULL, &import_keylist, &changed_keys);
   1.124 +        keys_were_imported = import_attached_keys(session, 
   1.125 +                                                  src, NULL, 
   1.126 +                                                  (imported_key_fprs ? &_imported_key_list : NULL), 
   1.127 +                                                  (changed_public_keys ? &_changed_keys : NULL));
   1.128      
   1.129 -    import_header_keys(session, src, &import_keylist, &changed_keys);
   1.130 +    // In case there are header keys, also get those
   1.131 +    import_header_keys(session, src, 
   1.132 +                       (imported_key_fprs ? &_imported_key_list : NULL), 
   1.133 +                       (changed_public_keys ? &_changed_keys : NULL));
   1.134      
   1.135      // FIXME: is this really necessary here?
   1.136      // if (src->from) {
   1.137 @@ -3699,7 +3713,7 @@
   1.138          *rating = PEP_rating_unencrypted;
   1.139  
   1.140          // We remove these from the outermost source message
   1.141 -        // if (imported_keys)
   1.142 +        // if (keys_were_imported)
   1.143          //     remove_attached_keys(src);
   1.144                                      
   1.145          pull_up_attached_main_msg(src);
   1.146 @@ -3752,11 +3766,12 @@
   1.147                  // We are importing from the decrypted outermost message now.
   1.148                  //
   1.149                  status = import_keys_from_decrypted_msg(session, msg,
   1.150 -                                                             &imported_keys,
   1.151 -                                                             &imported_private_key_address,
   1.152 -                                                             private_il,
   1.153 -                                                             &import_keylist,
   1.154 -                                                             &changed_keys);
   1.155 +                                                        &keys_were_imported,
   1.156 +                                                        &imported_private_key_address,
   1.157 +                                                        private_il,
   1.158 +                                                        (imported_key_fprs ? &_imported_key_list : NULL), 
   1.159 +                                                        (changed_public_keys ? &_changed_keys : NULL));
   1.160 +                                                        
   1.161                  if (status != PEP_STATUS_OK)
   1.162                      goto pEp_error;            
   1.163  
   1.164 @@ -3997,11 +4012,12 @@
   1.165                              
   1.166                              // import keys from decrypted INNER source
   1.167                              status = import_keys_from_decrypted_msg(session, inner_message,
   1.168 -                                                                         &imported_keys,
   1.169 -                                                                         &imported_private_key_address,
   1.170 -                                                                         private_il,
   1.171 -                                                                         &import_keylist,
   1.172 -                                                                         &changed_keys);
   1.173 +                                                                    &keys_were_imported,
   1.174 +                                                                    &imported_private_key_address,
   1.175 +                                                                    private_il,
   1.176 +                                                                    (imported_key_fprs ? &_imported_key_list : NULL), 
   1.177 +                                                                    (changed_public_keys ? &_changed_keys : NULL));
   1.178 +                                                                    
   1.179                              if (status != PEP_STATUS_OK)
   1.180                                  goto pEp_error;            
   1.181                          }
   1.182 @@ -4149,7 +4165,7 @@
   1.183          decorate_message(msg, *rating, _keylist, false, false);
   1.184  
   1.185          // Maybe unnecessary
   1.186 -        // if (imported_keys)
   1.187 +        // if (keys_were_imported)
   1.188          //     remove_attached_keys(msg);
   1.189                      
   1.190          if (calculated_src->id && calculated_src != msg) {
   1.191 @@ -4392,6 +4408,11 @@
   1.192          }
   1.193      }
   1.194      
   1.195 +    if (imported_key_fprs)
   1.196 +        *imported_key_fprs = _imported_key_list;
   1.197 +    if (changed_public_keys)
   1.198 +        *changed_public_keys = _changed_keys;
   1.199 +    
   1.200      if (decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
   1.201          return PEP_STATUS_OK;
   1.202      else
   1.203 @@ -4431,7 +4452,13 @@
   1.204  
   1.205      if (!(*flags & PEP_decrypt_flag_untrusted_server))
   1.206          *keylist = NULL;
   1.207 -    PEP_STATUS status = _decrypt_message(session, src, dst, keylist, rating, flags, NULL);
   1.208 +        
   1.209 +    stringlist_t* imported_key_fprs = NULL;
   1.210 +    uint64_t changed_key_bitvec = 0;    
   1.211 +        
   1.212 +    PEP_STATUS status = _decrypt_message(session, src, dst, keylist, 
   1.213 +                                         rating, flags, NULL,
   1.214 +                                         &imported_key_fprs, &changed_key_bitvec);
   1.215  
   1.216      message *msg = *dst ? *dst : src;
   1.217  
   1.218 @@ -4476,6 +4503,7 @@
   1.219      //         free(sender_fpr);
   1.220      //     }
   1.221  
   1.222 +    free(imported_key_fprs);
   1.223      return status;
   1.224  }
   1.225  
   1.226 @@ -4500,7 +4528,11 @@
   1.227      *ident = NULL;
   1.228  
   1.229      identity_list *private_il = NULL;
   1.230 -    PEP_STATUS status = _decrypt_message(session, msg,  &dst, &keylist, &rating, &flags, &private_il);
   1.231 +    PEP_STATUS status = _decrypt_message(session, msg,  &dst, 
   1.232 +                                         &keylist, &rating, 
   1.233 +                                         &flags, &private_il,
   1.234 +                                         NULL, NULL); // FIXME - what do we do here? 
   1.235 +                                                      // I don't think we'd call this if this were still here
   1.236      free_message(dst);
   1.237      free_stringlist(keylist);
   1.238