IOSAD-103 merge in sync IOSAD-103
authorDirk Zimmermann <dz@pep.security>
Thu, 17 Jan 2019 08:43:22 +0100
branchIOSAD-103
changeset 32279207f5726b2f
parent 3219 96ff8b710a0b
parent 3225 e2dfdb612445
child 3238 980c6913d510
IOSAD-103 merge in sync
     1.1 --- a/src/keymanagement.c	Tue Jan 15 09:00:23 2019 +0100
     1.2 +++ b/src/keymanagement.c	Thu Jan 17 08:43:22 2019 +0100
     1.3 @@ -102,9 +102,14 @@
     1.4      return PEP_STATUS_OK;
     1.5  }
     1.6  
     1.7 +
     1.8 +// own_must_contain_private is usually true when calling;
     1.9 +// we only set it to false when we have the idea of
    1.10 +// possibly having an own pubkey that we need to check on its own
    1.11  static PEP_STATUS validate_fpr(PEP_SESSION session, 
    1.12                                 pEp_identity* ident,
    1.13 -                               bool check_blacklist) {
    1.14 +                               bool check_blacklist,
    1.15 +                               bool own_must_contain_private) {
    1.16      
    1.17      PEP_STATUS status = PEP_STATUS_OK;
    1.18      
    1.19 @@ -114,12 +119,14 @@
    1.20      char* fpr = ident->fpr;
    1.21      
    1.22      bool has_private = false;
    1.23 +    status = contains_priv_key(session, fpr, &has_private);
    1.24      
    1.25 -    if (ident->me) {
    1.26 -        status = contains_priv_key(session, fpr, &has_private);
    1.27 +    if (ident->me && own_must_contain_private) {
    1.28          if (status != PEP_STATUS_OK || !has_private)
    1.29              return PEP_KEY_UNSUITABLE;
    1.30      }
    1.31 +    else if (status != PEP_STATUS_OK && has_private) // should never happen
    1.32 +        has_private = false;
    1.33      
    1.34      status = get_trust(session, ident);
    1.35      if (status != PEP_STATUS_OK)
    1.36 @@ -195,7 +202,9 @@
    1.37          }
    1.38      }
    1.39              
    1.40 -    if (ident->me && (ct >= PEP_ct_strong_but_unconfirmed) && !revoked && expired) {
    1.41 +    if (ident->me && has_private && 
    1.42 +        (ct >= PEP_ct_strong_but_unconfirmed) && 
    1.43 +        !revoked && expired) {
    1.44          // extend key
    1.45          timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
    1.46          status = renew_key(session, fpr, ts);
    1.47 @@ -351,7 +360,7 @@
    1.48      // Input: stored identity retrieved from database
    1.49      // if stored identity contains a default key
    1.50      if (!EMPTYSTR(stored_fpr)) {
    1.51 -        status = validate_fpr(session, stored_identity, check_blacklist);    
    1.52 +        status = validate_fpr(session, stored_identity, check_blacklist, true);    
    1.53          if (status == PEP_STATUS_OK && !EMPTYSTR(stored_identity->fpr)) {
    1.54              *is_identity_default = *is_address_default = true;
    1.55              return status;
    1.56 @@ -371,7 +380,7 @@
    1.57      if (!EMPTYSTR(user_fpr)) {             
    1.58          // There exists a default key for user, so validate
    1.59          stored_identity->fpr = user_fpr;
    1.60 -        status = validate_fpr(session, stored_identity, check_blacklist);
    1.61 +        status = validate_fpr(session, stored_identity, check_blacklist, true);
    1.62          if (status == PEP_STATUS_OK && stored_identity->fpr) {
    1.63              *is_user_default = true;
    1.64              *is_address_default = key_matches_address(session, 
    1.65 @@ -388,7 +397,7 @@
    1.66      status = elect_pubkey(session, stored_identity, check_blacklist);
    1.67      if (status == PEP_STATUS_OK) {
    1.68          if (!EMPTYSTR(stored_identity->fpr))
    1.69 -            validate_fpr(session, stored_identity, false); // blacklist already filtered of needed
    1.70 +            validate_fpr(session, stored_identity, false, true); // blacklist already filtered of needed
    1.71      }    
    1.72      else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
    1.73          first_reject_status = status;
    1.74 @@ -1072,7 +1081,7 @@
    1.75      // check stored identity
    1.76      if (stored_identity && !EMPTYSTR(stored_identity->fpr)) {
    1.77          // Fall back / retrieve
    1.78 -        status = validate_fpr(session, stored_identity, false);
    1.79 +        status = validate_fpr(session, stored_identity, false, true);
    1.80          if (status == PEP_OUT_OF_MEMORY)
    1.81              goto pEp_free;
    1.82          if (status == PEP_STATUS_OK) {
    1.83 @@ -1381,7 +1390,9 @@
    1.84              EMPTYSTR(ident->fpr))
    1.85          return PEP_ILLEGAL_VALUE;
    1.86  
    1.87 -    //bool ident_has_trusted_default = false;
    1.88 +    if (is_me(session, ident))
    1.89 +        return PEP_ILLEGAL_VALUE;
    1.90 +        
    1.91      char* ident_default_fpr = NULL;
    1.92  
    1.93      // Before we do anything, be sure the input fpr is even eligible to be trusted
    1.94 @@ -1394,8 +1405,6 @@
    1.95      if (status != PEP_STATUS_OK)
    1.96          return status;
    1.97  
    1.98 -    bool me = is_me(session, ident);
    1.99 -
   1.100      pEp_identity* ident_copy = identity_dup(ident);
   1.101      char* cached_fpr = NULL;
   1.102  
   1.103 @@ -1404,31 +1413,14 @@
   1.104  
   1.105      // For later, in case we need to check the user default key
   1.106      pEp_identity* tmp_user_ident = NULL;
   1.107 -
   1.108 -    if (me) {
   1.109 -        bool has_private = false;
   1.110 -        // first of all, does this key even have a private component.
   1.111 -        status = contains_priv_key(session, ident->fpr, &has_private);
   1.112 -        if (status != PEP_STATUS_OK && status != PEP_KEY_NOT_FOUND)
   1.113 -            goto pEp_free;
   1.114 -            
   1.115 -        // if (has_private) {
   1.116 -        //     status = set_own_key(session, ident_copy, ident->fpr); 
   1.117 -        //     goto pEp_free;
   1.118 -        // }
   1.119 -    }
   1.120 -    
   1.121 -    // Either it's not me, or it's me but the key has no private key. 
   1.122 -    // We're only talking about pub keys here. Moving on.
   1.123 -    
   1.124 +        
   1.125      // Save the input fpr, which we already tested as non-NULL
   1.126      cached_fpr = strdup(ident->fpr);
   1.127  
   1.128      // Set up a temp trusted identity for the input fpr without a comm type;
   1.129      tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL);
   1.130      
   1.131 -    // ->me isn't set, even if this is an own identity, so this will work.
   1.132 -    status = validate_fpr(session, tmp_id, false);
   1.133 +    status = validate_fpr(session, tmp_id, false, true);
   1.134          
   1.135      if (status == PEP_STATUS_OK) {
   1.136          // Validate fpr gets trust DB or, when that fails, key comm type. we checked
   1.137 @@ -1436,10 +1428,7 @@
   1.138          tmp_id->comm_type = _MAX(tmp_id->comm_type, input_default_ct) | PEP_ct_confirmed;
   1.139  
   1.140          // Get the default identity without setting the fpr                                       
   1.141 -        if (me)
   1.142 -            status = _myself(session, ident_copy, false, true);
   1.143 -        else    
   1.144 -            status = update_identity(session, ident_copy);
   1.145 +        status = update_identity(session, ident_copy);
   1.146              
   1.147          ident_default_fpr = (EMPTYSTR(ident_copy->fpr) ? NULL : strdup(ident_copy->fpr));
   1.148  
   1.149 @@ -1447,13 +1436,13 @@
   1.150              bool trusted_default = false;
   1.151  
   1.152              // If there's no default, or the default is different from the input...
   1.153 -            if (me || EMPTYSTR(ident_default_fpr) || strcmp(cached_fpr, ident_default_fpr) != 0) {
   1.154 +            if (EMPTYSTR(ident_default_fpr) || strcmp(cached_fpr, ident_default_fpr) != 0) {
   1.155                  
   1.156                  // If the default fpr (if there is one) is trusted and key is strong enough,
   1.157                  // don't replace, we just set the trusted bit on this key for this user_id...
   1.158                  // (If there's no default fpr, this won't be true anyway.)
   1.159 -                if (me || (ident_copy->comm_type >= PEP_ct_strong_but_unconfirmed && 
   1.160 -                          (ident_copy->comm_type & PEP_ct_confirmed))) {                        
   1.161 +                if ((ident_copy->comm_type >= PEP_ct_strong_but_unconfirmed && 
   1.162 +                    (ident_copy->comm_type & PEP_ct_confirmed))) {                        
   1.163  
   1.164                      trusted_default = true;
   1.165                                      
   1.166 @@ -1491,7 +1480,7 @@
   1.167                      if (!tmp_user_ident)
   1.168                          status = PEP_OUT_OF_MEMORY;
   1.169                      else {
   1.170 -                        status = validate_fpr(session, tmp_user_ident, false);
   1.171 +                        status = validate_fpr(session, tmp_user_ident, false, true);
   1.172                          
   1.173                          if (status != PEP_STATUS_OK ||
   1.174                              tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed ||
   1.175 @@ -1515,6 +1504,45 @@
   1.176      return status;
   1.177  }
   1.178  
   1.179 +DYNAMIC_API PEP_STATUS trust_own_key(
   1.180 +        PEP_SESSION session,
   1.181 +        pEp_identity* ident
   1.182 +    ) 
   1.183 +{
   1.184 +    assert(session);
   1.185 +    assert(ident);
   1.186 +    assert(!EMPTYSTR(ident->address));
   1.187 +    assert(!EMPTYSTR(ident->user_id));
   1.188 +    assert(!EMPTYSTR(ident->fpr));
   1.189 +    
   1.190 +    if (!ident || EMPTYSTR(ident->address) || EMPTYSTR(ident->user_id) ||
   1.191 +            EMPTYSTR(ident->fpr))
   1.192 +        return PEP_ILLEGAL_VALUE;
   1.193 +
   1.194 +    if (!is_me(session, ident))
   1.195 +        return PEP_ILLEGAL_VALUE;
   1.196 +
   1.197 +    // don't check blacklist or require a private key
   1.198 +    PEP_STATUS status = validate_fpr(session, ident, false, false);
   1.199 +
   1.200 +    if (status != PEP_STATUS_OK)
   1.201 +        return status;
   1.202 +
   1.203 +    status = set_pgp_keypair(session, ident->fpr);
   1.204 +    if (status != PEP_STATUS_OK)
   1.205 +        return status;
   1.206 +            
   1.207 +    if (ident->comm_type < PEP_ct_strong_but_unconfirmed)
   1.208 +        return PEP_KEY_UNSUITABLE;
   1.209 +
   1.210 +    ident->comm_type |= PEP_ct_confirmed;
   1.211 +    
   1.212 +    status = set_trust(session, ident);
   1.213 +
   1.214 +    return status;
   1.215 +}
   1.216 +
   1.217 +
   1.218  DYNAMIC_API PEP_STATUS own_key_is_listed(
   1.219          PEP_SESSION session,
   1.220          const char *fpr,
   1.221 @@ -1764,7 +1792,7 @@
   1.222      if (!me->fpr)
   1.223          return PEP_OUT_OF_MEMORY;
   1.224  
   1.225 -    status = validate_fpr(session, me, false);
   1.226 +    status = validate_fpr(session, me, false, true);
   1.227      if (status)
   1.228          return status;
   1.229  
   1.230 @@ -1957,4 +1985,3 @@
   1.231      return status;
   1.232  }
   1.233  #endif // USE_GPG
   1.234 -
     2.1 --- a/src/keymanagement.h	Tue Jan 15 09:00:23 2019 +0100
     2.2 +++ b/src/keymanagement.h	Thu Jan 17 08:43:22 2019 +0100
     2.3 @@ -211,21 +211,50 @@
     2.4  //
     2.5  //  parameters:
     2.6  //      session (in)        session to use
     2.7 -//      ident (in)          person and key to trust in
     2.8 +//      ident (in)          person and key to trust in - this must not be an
     2.9 +//                          own_identity in which the .me flag is set or
    2.10 +//                          the user_id is an own user_id.
    2.11  //
    2.12  //  caveat:
    2.13  //      the fields user_id, address and fpr must be supplied
    2.14 +//      own identities will result in a return of PEP_ILLEGAL_VALUE.
    2.15  //      for non-own users, this will 1) set the trust bit on its comm type in the DB,
    2.16  //      2) set this key as the identity default if the current identity default
    2.17  //      is not trusted, and 3) set this key as the user default if the current
    2.18  //      user default is not trusted.
    2.19 -//      For an own user, this is simply a call to myself().
    2.20  
    2.21  DYNAMIC_API PEP_STATUS trust_personal_key(
    2.22          PEP_SESSION session,
    2.23          pEp_identity *ident
    2.24      );
    2.25  
    2.26 +// trust_own_key() - mark a key as trusted for self, generally
    2.27 +//                   used when we need to trust a public key
    2.28 +//                   associated with outselves for issues like
    2.29 +//                   manual key import
    2.30 +//  parameters:
    2.31 +//      session (in)        session to use
    2.32 +//      ident (in)          own ident containing fpr to trust
    2.33 +//
    2.34 +//  caveat:
    2.35 +//      if this is a public key only, keep in mind that if
    2.36 +//      the private part of the keypair is later added,
    2.37 +//      it will not undergo separate trust evaluation. This
    2.38 +//      is fine - even desired - as long as the semantics
    2.39 +//      of this function are understood as both trusting
    2.40 +//      the key and verifying it as an own key. This will
    2.41 +//      NEVER cause replacement of or setting of a default
    2.42 +//      *alone*. However, if a private key is ever associated
    2.43 +//      with this fpr, please keep in mind that trusting it
    2.44 +//      here makes it an eligible key for selection for    
    2.45 +//      encryption later. So use this function on purpose with
    2.46 +//      an understanding of what you're doing!
    2.47 +//
    2.48 +DYNAMIC_API PEP_STATUS trust_own_key(
    2.49 +        PEP_SESSION session,
    2.50 +        pEp_identity *ident
    2.51 +    );
    2.52 +
    2.53  
    2.54  // key_reset_trust() - reset trust bit or explicitly mistrusted status for an identity and
    2.55  //                     its accompanying key/user_id pair.
     3.1 --- a/test/src/SuiteMaker.cc	Tue Jan 15 09:00:23 2019 +0100
     3.2 +++ b/test/src/SuiteMaker.cc	Thu Jan 17 08:43:22 2019 +0100
     3.3 @@ -12,191 +12,191 @@
     3.4  #include "SuiteMaker.h"
     3.5  
     3.6  // Begin where we generate stuff
     3.7 -#include "DecorateTests.h"
     3.8 +#include "MimeTests.h"
     3.9 +#include "ExpiredSubkeyTests.h"
    3.10  #include "UserIdCollisionTests.h"
    3.11 -#include "ReencryptPlusExtraKeysTests.h"
    3.12 -#include "BlacklistTests.h"
    3.13 -#include "AppleMailTests.h"
    3.14 -#include "MessageTwoPointOhTests.h"
    3.15 +#include "Engine463Tests.h"
    3.16 +#include "BloblistTests.h"
    3.17 +#include "NewUpdateIdAndMyselfTests.h"
    3.18 +#include "I18nTests.h"
    3.19  #include "IdentityListTests.h"
    3.20 -#include "I18nTests.h"
    3.21 -#include "Engine463Tests.h"
    3.22 -#include "DecryptAttachPrivateKeyUntrustedTests.h"
    3.23 +#include "PgpBinaryTests.h"
    3.24 +#include "MessageNullFromTests.h"
    3.25 +#include "LeastCommonDenomColorTests.h"
    3.26 +#include "StringlistTests.h"
    3.27 +#include "PgpListKeysTests.h"
    3.28 +#include "MessageApiTests.h"
    3.29 +#include "EncryptMissingPrivateKeyTests.h"
    3.30 +#include "CaseAndDotAddressTests.h"
    3.31 +#include "UserIDAliasTests.h"
    3.32 +#include "SignOnlyTests.h"
    3.33  #include "BCCTests.h"
    3.34 -#include "LeastColorGroupTests.h"
    3.35  #include "Engine358Tests.h"
    3.36  #include "BlacklistAcceptNewKeyTests.h"
    3.37 -#include "MessageApiTests.h"
    3.38 -#include "StringlistTests.h"
    3.39 +#include "DecryptAttachPrivateKeyUntrustedTests.h"
    3.40 +#include "BlacklistTests.h"
    3.41 +#include "RevokeRegenAttachTests.h"
    3.42 +#include "PepSubjectReceivedTests.h"
    3.43 +#include "SequenceTests.h"
    3.44  #include "HeaderKeyImportTests.h"
    3.45 +#include "EncryptAttachPrivateKeyTests.h"
    3.46 +#include "ExternalRevokeTests.h"
    3.47 +#include "KeyeditTests.h"
    3.48 +#include "LeastColorGroupTests.h"
    3.49 +#include "DecryptAttachPrivateKeyTrustedTests.h"
    3.50 +#include "CheckRenewedExpiredKeyTrustStatusTests.h"
    3.51 +#include "TrustwordsTests.h"
    3.52 +#include "ReencryptPlusExtraKeysTests.h"
    3.53 +#include "MapAsn1Tests.h"
    3.54 +#include "DecorateTests.h"
    3.55 +#include "MessageTwoPointOhTests.h"
    3.56 +#include "CrashdumpTests.h"
    3.57  #include "StringpairListTests.h"
    3.58 +#include "EncryptForIdentityTests.h"
    3.59 +#include "KeyResetMessageTests.h"
    3.60  #include "TrustManipulationTests.h"
    3.61 -#include "SignOnlyTests.h"
    3.62 -#include "EncryptAttachPrivateKeyTests.h"
    3.63 -#include "BloblistTests.h"
    3.64 -#include "KeyResetMessageTests.h"
    3.65 -#include "SequenceTests.h"
    3.66 -#include "TrustwordsTests.h"
    3.67 -#include "RevokeRegenAttachTests.h"
    3.68 -#include "CheckRenewedExpiredKeyTrustStatusTests.h"
    3.69 -#include "EncryptMissingPrivateKeyTests.h"
    3.70 -#include "PepSubjectReceivedTests.h"
    3.71 -#include "KeyeditTests.h"
    3.72 -#include "MapAsn1Tests.h"
    3.73 -#include "PgpBinaryTests.h"
    3.74 -#include "DecryptAttachPrivateKeyTrustedTests.h"
    3.75 -#include "MessageNullFromTests.h"
    3.76 -#include "MimeTests.h"
    3.77 -#include "PgpListKeysTests.h"
    3.78 -#include "NewUpdateIdAndMyselfTests.h"
    3.79 -#include "EncryptForIdentityTests.h"
    3.80 -#include "CrashdumpTests.h"
    3.81 -#include "CaseAndDotAddressTests.h"
    3.82 -#include "ExpiredSubkeyTests.h"
    3.83 -#include "LeastCommonDenomColorTests.h"
    3.84 -#include "ExternalRevokeTests.h"
    3.85 -#include "UserIDAliasTests.h"
    3.86 +#include "AppleMailTests.h"
    3.87  
    3.88  
    3.89  const char* SuiteMaker::all_suites[] = {
    3.90 -    "DecorateTests",
    3.91 +    "MimeTests",
    3.92 +    "ExpiredSubkeyTests",
    3.93      "UserIdCollisionTests",
    3.94 -    "ReencryptPlusExtraKeysTests",
    3.95 -    "BlacklistTests",
    3.96 -    "AppleMailTests",
    3.97 -    "MessageTwoPointOhTests",
    3.98 +    "Engine463Tests",
    3.99 +    "BloblistTests",
   3.100 +    "NewUpdateIdAndMyselfTests",
   3.101 +    "I18nTests",
   3.102      "IdentityListTests",
   3.103 -    "I18nTests",
   3.104 -    "Engine463Tests",
   3.105 -    "DecryptAttachPrivateKeyUntrustedTests",
   3.106 +    "PgpBinaryTests",
   3.107 +    "MessageNullFromTests",
   3.108 +    "LeastCommonDenomColorTests",
   3.109 +    "StringlistTests",
   3.110 +    "PgpListKeysTests",
   3.111 +    "MessageApiTests",
   3.112 +    "EncryptMissingPrivateKeyTests",
   3.113 +    "CaseAndDotAddressTests",
   3.114 +    "UserIDAliasTests",
   3.115 +    "SignOnlyTests",
   3.116      "BCCTests",
   3.117 -    "LeastColorGroupTests",
   3.118      "Engine358Tests",
   3.119      "BlacklistAcceptNewKeyTests",
   3.120 -    "MessageApiTests",
   3.121 -    "StringlistTests",
   3.122 +    "DecryptAttachPrivateKeyUntrustedTests",
   3.123 +    "BlacklistTests",
   3.124 +    "RevokeRegenAttachTests",
   3.125 +    "PepSubjectReceivedTests",
   3.126 +    "SequenceTests",
   3.127      "HeaderKeyImportTests",
   3.128 +    "EncryptAttachPrivateKeyTests",
   3.129 +    "ExternalRevokeTests",
   3.130 +    "KeyeditTests",
   3.131 +    "LeastColorGroupTests",
   3.132 +    "DecryptAttachPrivateKeyTrustedTests",
   3.133 +    "CheckRenewedExpiredKeyTrustStatusTests",
   3.134 +    "TrustwordsTests",
   3.135 +    "ReencryptPlusExtraKeysTests",
   3.136 +    "MapAsn1Tests",
   3.137 +    "DecorateTests",
   3.138 +    "MessageTwoPointOhTests",
   3.139 +    "CrashdumpTests",
   3.140      "StringpairListTests",
   3.141 +    "EncryptForIdentityTests",
   3.142 +    "KeyResetMessageTests",
   3.143      "TrustManipulationTests",
   3.144 -    "SignOnlyTests",
   3.145 -    "EncryptAttachPrivateKeyTests",
   3.146 -    "BloblistTests",
   3.147 -    "KeyResetMessageTests",
   3.148 -    "SequenceTests",
   3.149 -    "TrustwordsTests",
   3.150 -    "RevokeRegenAttachTests",
   3.151 -    "CheckRenewedExpiredKeyTrustStatusTests",
   3.152 -    "EncryptMissingPrivateKeyTests",
   3.153 -    "PepSubjectReceivedTests",
   3.154 -    "KeyeditTests",
   3.155 -    "MapAsn1Tests",
   3.156 -    "PgpBinaryTests",
   3.157 -    "DecryptAttachPrivateKeyTrustedTests",
   3.158 -    "MessageNullFromTests",
   3.159 -    "MimeTests",
   3.160 -    "PgpListKeysTests",
   3.161 -    "NewUpdateIdAndMyselfTests",
   3.162 -    "EncryptForIdentityTests",
   3.163 -    "CrashdumpTests",
   3.164 -    "CaseAndDotAddressTests",
   3.165 -    "ExpiredSubkeyTests",
   3.166 -    "LeastCommonDenomColorTests",
   3.167 -    "ExternalRevokeTests",
   3.168 -    "UserIDAliasTests",
   3.169 +    "AppleMailTests",
   3.170  };
   3.171  
   3.172  // This file is generated, so magic constants are ok.
   3.173  int SuiteMaker::num_suites = 44;
   3.174  
   3.175  void SuiteMaker::suitemaker_build(const char* test_class_name, const char* test_home, Test::Suite** test_suite) {
   3.176 -    if (strcmp(test_class_name, "DecorateTests") == 0)
   3.177 -        *test_suite = new DecorateTests(test_class_name, test_home);
   3.178 +    if (strcmp(test_class_name, "MimeTests") == 0)
   3.179 +        *test_suite = new MimeTests(test_class_name, test_home);
   3.180 +    else if (strcmp(test_class_name, "ExpiredSubkeyTests") == 0)
   3.181 +        *test_suite = new ExpiredSubkeyTests(test_class_name, test_home);
   3.182      else if (strcmp(test_class_name, "UserIdCollisionTests") == 0)
   3.183          *test_suite = new UserIdCollisionTests(test_class_name, test_home);
   3.184 -    else if (strcmp(test_class_name, "ReencryptPlusExtraKeysTests") == 0)
   3.185 -        *test_suite = new ReencryptPlusExtraKeysTests(test_class_name, test_home);
   3.186 -    else if (strcmp(test_class_name, "BlacklistTests") == 0)
   3.187 -        *test_suite = new BlacklistTests(test_class_name, test_home);
   3.188 -    else if (strcmp(test_class_name, "AppleMailTests") == 0)
   3.189 -        *test_suite = new AppleMailTests(test_class_name, test_home);
   3.190 -    else if (strcmp(test_class_name, "MessageTwoPointOhTests") == 0)
   3.191 -        *test_suite = new MessageTwoPointOhTests(test_class_name, test_home);
   3.192 +    else if (strcmp(test_class_name, "Engine463Tests") == 0)
   3.193 +        *test_suite = new Engine463Tests(test_class_name, test_home);
   3.194 +    else if (strcmp(test_class_name, "BloblistTests") == 0)
   3.195 +        *test_suite = new BloblistTests(test_class_name, test_home);
   3.196 +    else if (strcmp(test_class_name, "NewUpdateIdAndMyselfTests") == 0)
   3.197 +        *test_suite = new NewUpdateIdAndMyselfTests(test_class_name, test_home);
   3.198 +    else if (strcmp(test_class_name, "I18nTests") == 0)
   3.199 +        *test_suite = new I18nTests(test_class_name, test_home);
   3.200      else if (strcmp(test_class_name, "IdentityListTests") == 0)
   3.201          *test_suite = new IdentityListTests(test_class_name, test_home);
   3.202 -    else if (strcmp(test_class_name, "I18nTests") == 0)
   3.203 -        *test_suite = new I18nTests(test_class_name, test_home);
   3.204 -    else if (strcmp(test_class_name, "Engine463Tests") == 0)
   3.205 -        *test_suite = new Engine463Tests(test_class_name, test_home);
   3.206 -    else if (strcmp(test_class_name, "DecryptAttachPrivateKeyUntrustedTests") == 0)
   3.207 -        *test_suite = new DecryptAttachPrivateKeyUntrustedTests(test_class_name, test_home);
   3.208 +    else if (strcmp(test_class_name, "PgpBinaryTests") == 0)
   3.209 +        *test_suite = new PgpBinaryTests(test_class_name, test_home);
   3.210 +    else if (strcmp(test_class_name, "MessageNullFromTests") == 0)
   3.211 +        *test_suite = new MessageNullFromTests(test_class_name, test_home);
   3.212 +    else if (strcmp(test_class_name, "LeastCommonDenomColorTests") == 0)
   3.213 +        *test_suite = new LeastCommonDenomColorTests(test_class_name, test_home);
   3.214 +    else if (strcmp(test_class_name, "StringlistTests") == 0)
   3.215 +        *test_suite = new StringlistTests(test_class_name, test_home);
   3.216 +    else if (strcmp(test_class_name, "PgpListKeysTests") == 0)
   3.217 +        *test_suite = new PgpListKeysTests(test_class_name, test_home);
   3.218 +    else if (strcmp(test_class_name, "MessageApiTests") == 0)
   3.219 +        *test_suite = new MessageApiTests(test_class_name, test_home);
   3.220 +    else if (strcmp(test_class_name, "EncryptMissingPrivateKeyTests") == 0)
   3.221 +        *test_suite = new EncryptMissingPrivateKeyTests(test_class_name, test_home);
   3.222 +    else if (strcmp(test_class_name, "CaseAndDotAddressTests") == 0)
   3.223 +        *test_suite = new CaseAndDotAddressTests(test_class_name, test_home);
   3.224 +    else if (strcmp(test_class_name, "UserIDAliasTests") == 0)
   3.225 +        *test_suite = new UserIDAliasTests(test_class_name, test_home);
   3.226 +    else if (strcmp(test_class_name, "SignOnlyTests") == 0)
   3.227 +        *test_suite = new SignOnlyTests(test_class_name, test_home);
   3.228      else if (strcmp(test_class_name, "BCCTests") == 0)
   3.229          *test_suite = new BCCTests(test_class_name, test_home);
   3.230 -    else if (strcmp(test_class_name, "LeastColorGroupTests") == 0)
   3.231 -        *test_suite = new LeastColorGroupTests(test_class_name, test_home);
   3.232      else if (strcmp(test_class_name, "Engine358Tests") == 0)
   3.233          *test_suite = new Engine358Tests(test_class_name, test_home);
   3.234      else if (strcmp(test_class_name, "BlacklistAcceptNewKeyTests") == 0)
   3.235          *test_suite = new BlacklistAcceptNewKeyTests(test_class_name, test_home);
   3.236 -    else if (strcmp(test_class_name, "MessageApiTests") == 0)
   3.237 -        *test_suite = new MessageApiTests(test_class_name, test_home);
   3.238 -    else if (strcmp(test_class_name, "StringlistTests") == 0)
   3.239 -        *test_suite = new StringlistTests(test_class_name, test_home);
   3.240 +    else if (strcmp(test_class_name, "DecryptAttachPrivateKeyUntrustedTests") == 0)
   3.241 +        *test_suite = new DecryptAttachPrivateKeyUntrustedTests(test_class_name, test_home);
   3.242 +    else if (strcmp(test_class_name, "BlacklistTests") == 0)
   3.243 +        *test_suite = new BlacklistTests(test_class_name, test_home);
   3.244 +    else if (strcmp(test_class_name, "RevokeRegenAttachTests") == 0)
   3.245 +        *test_suite = new RevokeRegenAttachTests(test_class_name, test_home);
   3.246 +    else if (strcmp(test_class_name, "PepSubjectReceivedTests") == 0)
   3.247 +        *test_suite = new PepSubjectReceivedTests(test_class_name, test_home);
   3.248 +    else if (strcmp(test_class_name, "SequenceTests") == 0)
   3.249 +        *test_suite = new SequenceTests(test_class_name, test_home);
   3.250      else if (strcmp(test_class_name, "HeaderKeyImportTests") == 0)
   3.251          *test_suite = new HeaderKeyImportTests(test_class_name, test_home);
   3.252 +    else if (strcmp(test_class_name, "EncryptAttachPrivateKeyTests") == 0)
   3.253 +        *test_suite = new EncryptAttachPrivateKeyTests(test_class_name, test_home);
   3.254 +    else if (strcmp(test_class_name, "ExternalRevokeTests") == 0)
   3.255 +        *test_suite = new ExternalRevokeTests(test_class_name, test_home);
   3.256 +    else if (strcmp(test_class_name, "KeyeditTests") == 0)
   3.257 +        *test_suite = new KeyeditTests(test_class_name, test_home);
   3.258 +    else if (strcmp(test_class_name, "LeastColorGroupTests") == 0)
   3.259 +        *test_suite = new LeastColorGroupTests(test_class_name, test_home);
   3.260 +    else if (strcmp(test_class_name, "DecryptAttachPrivateKeyTrustedTests") == 0)
   3.261 +        *test_suite = new DecryptAttachPrivateKeyTrustedTests(test_class_name, test_home);
   3.262 +    else if (strcmp(test_class_name, "CheckRenewedExpiredKeyTrustStatusTests") == 0)
   3.263 +        *test_suite = new CheckRenewedExpiredKeyTrustStatusTests(test_class_name, test_home);
   3.264 +    else if (strcmp(test_class_name, "TrustwordsTests") == 0)
   3.265 +        *test_suite = new TrustwordsTests(test_class_name, test_home);
   3.266 +    else if (strcmp(test_class_name, "ReencryptPlusExtraKeysTests") == 0)
   3.267 +        *test_suite = new ReencryptPlusExtraKeysTests(test_class_name, test_home);
   3.268 +    else if (strcmp(test_class_name, "MapAsn1Tests") == 0)
   3.269 +        *test_suite = new MapAsn1Tests(test_class_name, test_home);
   3.270 +    else if (strcmp(test_class_name, "DecorateTests") == 0)
   3.271 +        *test_suite = new DecorateTests(test_class_name, test_home);
   3.272 +    else if (strcmp(test_class_name, "MessageTwoPointOhTests") == 0)
   3.273 +        *test_suite = new MessageTwoPointOhTests(test_class_name, test_home);
   3.274 +    else if (strcmp(test_class_name, "CrashdumpTests") == 0)
   3.275 +        *test_suite = new CrashdumpTests(test_class_name, test_home);
   3.276      else if (strcmp(test_class_name, "StringpairListTests") == 0)
   3.277          *test_suite = new StringpairListTests(test_class_name, test_home);
   3.278 +    else if (strcmp(test_class_name, "EncryptForIdentityTests") == 0)
   3.279 +        *test_suite = new EncryptForIdentityTests(test_class_name, test_home);
   3.280 +    else if (strcmp(test_class_name, "KeyResetMessageTests") == 0)
   3.281 +        *test_suite = new KeyResetMessageTests(test_class_name, test_home);
   3.282      else if (strcmp(test_class_name, "TrustManipulationTests") == 0)
   3.283          *test_suite = new TrustManipulationTests(test_class_name, test_home);
   3.284 -    else if (strcmp(test_class_name, "SignOnlyTests") == 0)
   3.285 -        *test_suite = new SignOnlyTests(test_class_name, test_home);
   3.286 -    else if (strcmp(test_class_name, "EncryptAttachPrivateKeyTests") == 0)
   3.287 -        *test_suite = new EncryptAttachPrivateKeyTests(test_class_name, test_home);
   3.288 -    else if (strcmp(test_class_name, "BloblistTests") == 0)
   3.289 -        *test_suite = new BloblistTests(test_class_name, test_home);
   3.290 -    else if (strcmp(test_class_name, "KeyResetMessageTests") == 0)
   3.291 -        *test_suite = new KeyResetMessageTests(test_class_name, test_home);
   3.292 -    else if (strcmp(test_class_name, "SequenceTests") == 0)
   3.293 -        *test_suite = new SequenceTests(test_class_name, test_home);
   3.294 -    else if (strcmp(test_class_name, "TrustwordsTests") == 0)
   3.295 -        *test_suite = new TrustwordsTests(test_class_name, test_home);
   3.296 -    else if (strcmp(test_class_name, "RevokeRegenAttachTests") == 0)
   3.297 -        *test_suite = new RevokeRegenAttachTests(test_class_name, test_home);
   3.298 -    else if (strcmp(test_class_name, "CheckRenewedExpiredKeyTrustStatusTests") == 0)
   3.299 -        *test_suite = new CheckRenewedExpiredKeyTrustStatusTests(test_class_name, test_home);
   3.300 -    else if (strcmp(test_class_name, "EncryptMissingPrivateKeyTests") == 0)
   3.301 -        *test_suite = new EncryptMissingPrivateKeyTests(test_class_name, test_home);
   3.302 -    else if (strcmp(test_class_name, "PepSubjectReceivedTests") == 0)
   3.303 -        *test_suite = new PepSubjectReceivedTests(test_class_name, test_home);
   3.304 -    else if (strcmp(test_class_name, "KeyeditTests") == 0)
   3.305 -        *test_suite = new KeyeditTests(test_class_name, test_home);
   3.306 -    else if (strcmp(test_class_name, "MapAsn1Tests") == 0)
   3.307 -        *test_suite = new MapAsn1Tests(test_class_name, test_home);
   3.308 -    else if (strcmp(test_class_name, "PgpBinaryTests") == 0)
   3.309 -        *test_suite = new PgpBinaryTests(test_class_name, test_home);
   3.310 -    else if (strcmp(test_class_name, "DecryptAttachPrivateKeyTrustedTests") == 0)
   3.311 -        *test_suite = new DecryptAttachPrivateKeyTrustedTests(test_class_name, test_home);
   3.312 -    else if (strcmp(test_class_name, "MessageNullFromTests") == 0)
   3.313 -        *test_suite = new MessageNullFromTests(test_class_name, test_home);
   3.314 -    else if (strcmp(test_class_name, "MimeTests") == 0)
   3.315 -        *test_suite = new MimeTests(test_class_name, test_home);
   3.316 -    else if (strcmp(test_class_name, "PgpListKeysTests") == 0)
   3.317 -        *test_suite = new PgpListKeysTests(test_class_name, test_home);
   3.318 -    else if (strcmp(test_class_name, "NewUpdateIdAndMyselfTests") == 0)
   3.319 -        *test_suite = new NewUpdateIdAndMyselfTests(test_class_name, test_home);
   3.320 -    else if (strcmp(test_class_name, "EncryptForIdentityTests") == 0)
   3.321 -        *test_suite = new EncryptForIdentityTests(test_class_name, test_home);
   3.322 -    else if (strcmp(test_class_name, "CrashdumpTests") == 0)
   3.323 -        *test_suite = new CrashdumpTests(test_class_name, test_home);
   3.324 -    else if (strcmp(test_class_name, "CaseAndDotAddressTests") == 0)
   3.325 -        *test_suite = new CaseAndDotAddressTests(test_class_name, test_home);
   3.326 -    else if (strcmp(test_class_name, "ExpiredSubkeyTests") == 0)
   3.327 -        *test_suite = new ExpiredSubkeyTests(test_class_name, test_home);
   3.328 -    else if (strcmp(test_class_name, "LeastCommonDenomColorTests") == 0)
   3.329 -        *test_suite = new LeastCommonDenomColorTests(test_class_name, test_home);
   3.330 -    else if (strcmp(test_class_name, "ExternalRevokeTests") == 0)
   3.331 -        *test_suite = new ExternalRevokeTests(test_class_name, test_home);
   3.332 -    else if (strcmp(test_class_name, "UserIDAliasTests") == 0)
   3.333 -        *test_suite = new UserIDAliasTests(test_class_name, test_home);
   3.334 +    else if (strcmp(test_class_name, "AppleMailTests") == 0)
   3.335 +        *test_suite = new AppleMailTests(test_class_name, test_home);
   3.336  }
   3.337  
   3.338  void SuiteMaker::suitemaker_buildlist(const char** test_class_names, int num_to_run, const char* test_home, std::vector<Test::Suite*>& test_suites) {
     4.1 --- a/test/src/engine_tests/DecryptAttachPrivateKeyTrustedTests.cc	Tue Jan 15 09:00:23 2019 +0100
     4.2 +++ b/test/src/engine_tests/DecryptAttachPrivateKeyTrustedTests.cc	Thu Jan 17 08:43:22 2019 +0100
     4.3 @@ -45,40 +45,27 @@
     4.4      // 13A9F97964A2B52520CAA40E51BCA783C065A213    
     4.5      input_key = slurp("test_keys/pub/priv-key-import-test-main_0-0xC065A213_pub.asc");
     4.6      status = import_key(session, input_key.c_str(), input_key.length(), NULL);
     4.7 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
     4.8 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
     4.9  
    4.10      input_key = slurp("test_keys/priv/priv-key-import-test-main_0-0xC065A213_priv.asc");
    4.11      status = import_key(session, input_key.c_str(), input_key.length(), NULL);
    4.12 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
    4.13 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    4.14  
    4.15      // ensure there's no private key - doesn't work in automated tests, sadly. Uncommon when running script manually.
    4.16      bool has_priv = false;
    4.17 -    // status = contains_priv_key(session, fpr_same_addr_same_uid, &has_priv);
    4.18 -    // if (status == PEP_STATUS_OK && has_priv) {
    4.19 -    //     cout << "SORRY, have to delete keys here to run test correctly..." << endl;
    4.20 -    //     status = delete_keypair(session, fpr_same_addr_same_uid);
    4.21 -    //     if (status == PEP_STATUS_OK) {
    4.22 -    //         has_priv = false;
    4.23 -    //         status = contains_priv_key(session, fpr_same_addr_same_uid, &has_priv);
    4.24 -    //         TEST_ASSERT_MSG((has_priv == false), "has_priv == false");
    4.25 -    //         cout << "Successfully deleted keypair for " << fpr_same_addr_same_uid << " - will now import the public key only" << endl;
    4.26 -    //     }
    4.27 -    //     else
    4.28 -    //         cout << "Warning - delete keypair returned status " << tl_status_string(status) << ". This may or may not be an error, depending on what you expect." << endl;            
    4.29 -    // }
    4.30          
    4.31      // key with same address and user_id
    4.32      // 8AB616A3BD51DEF714B5E688EFFB540C3276D2E5
    4.33      input_key = slurp("test_keys/pub/priv-key-import-test-main_0-0x3276D2E5_pub.asc");
    4.34      status = import_key(session, input_key.c_str(), input_key.length(), NULL);
    4.35 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
    4.36 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    4.37  
    4.38      
    4.39      cout << "Setting up own identity with default key " << fpr_main_me << endl;
    4.40      // Own identity with default key etc
    4.41      main_me = new_identity(main_addr, fpr_main_me, own_uid, "PrivateKey Import Test");
    4.42      status = set_own_key(session, main_me, fpr_main_me);
    4.43 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
    4.44 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    4.45  
    4.46      TEST_ASSERT_MSG((strcmp(main_me->fpr, fpr_main_me) == 0), "strcmp(main_me->fpr, fpr_main_me) == 0");
    4.47      cout << "Done!" << endl << endl;
    4.48 @@ -86,8 +73,8 @@
    4.49      cout << "Setting up sender identities and resetting key trust." << endl;
    4.50      cout << "Same address, same user_id - address: " << main_addr << ", user_id: " << own_uid << ", fpr: " << fpr_same_addr_same_uid << endl;  
    4.51      same_addr_same_uid = new_identity(main_addr, fpr_same_addr_same_uid, own_uid, "PrivateKey Import Test");
    4.52 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK || status == PEP_CANNOT_FIND_IDENTITY), "status == PEP_STATUS_OK || status == PEP_CANNOT_FIND_IDENTITY");
    4.53 -    TEST_ASSERT_MSG(((same_addr_same_uid->comm_type & PEP_ct_confirmed) != PEP_ct_confirmed), "(same_addr_same_uid->comm_type & PEP_ct_confirmed) != PEP_ct_confirmed");
    4.54 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK || status == PEP_CANNOT_FIND_IDENTITY), tl_status_string(status));
    4.55 +    TEST_ASSERT_MSG(((same_addr_same_uid->comm_type & PEP_ct_confirmed) != PEP_ct_confirmed), tl_ct_string(same_addr_same_uid->comm_type));
    4.56  
    4.57      status = key_reset_trust(session, same_addr_same_uid);
    4.58      
    4.59 @@ -107,10 +94,10 @@
    4.60      PEP_decrypt_flags_t flags = 0;
    4.61      char* modified_src = NULL;
    4.62      
    4.63 -    cout << "Trusting personal key for " << same_addr_same_uid->user_id << " and " << same_addr_same_uid->fpr << endl;
    4.64 -    status = trust_personal_key(session, same_addr_same_uid);
    4.65 +    cout << "Trusting own key for " << same_addr_same_uid->user_id << " and " << same_addr_same_uid->fpr << endl;
    4.66 +    status = trust_own_key(session, same_addr_same_uid);
    4.67      cout << "Status is " << tl_status_string(status) << endl;  
    4.68 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
    4.69 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    4.70      free(decrypted_text);
    4.71      decrypted_text = NULL;
    4.72  
    4.73 @@ -135,7 +122,7 @@
    4.74                                    &modified_src);
    4.75      
    4.76      cout << "Status: " << tl_status_string(status) << endl;
    4.77 -    TEST_ASSERT_MSG((status == PEP_STATUS_OK), "status == PEP_STATUS_OK");
    4.78 +    TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    4.79  
    4.80      cout << decrypted_text << endl;
    4.81      
     5.1 --- a/test/src/engine_tests/EncryptAttachPrivateKeyTests.cc	Tue Jan 15 09:00:23 2019 +0100
     5.2 +++ b/test/src/engine_tests/EncryptAttachPrivateKeyTests.cc	Thu Jan 17 08:43:22 2019 +0100
     5.3 @@ -161,7 +161,7 @@
     5.4      // Case 2:
     5.5      // Same address, same_user_id, trusted
     5.6      cout << "Case 2: Same address, same user_id, trusted" << endl;
     5.7 -    status = trust_personal_key(session, same_addr_same_uid);
     5.8 +    status = trust_own_key(session, same_addr_same_uid);
     5.9      cout << "Trust personal key for " << same_addr_same_uid << " gives status " << tl_status_string(status) << " (" << status << ")" << endl;
    5.10      TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    5.11      message* enc_same_addr_same_uid_trusted = NULL;
    5.12 @@ -197,7 +197,7 @@
    5.13      // Case 4:
    5.14      // Different address, same user_id, trusted
    5.15      cout << "Case 4: Different address, same user_id, trusted" << endl;
    5.16 -    status = trust_personal_key(session, diff_addr_same_uid);
    5.17 +    status = trust_own_key(session, diff_addr_same_uid);
    5.18      TEST_ASSERT_MSG((status == PEP_STATUS_OK), tl_status_string(status));
    5.19      message* enc_diff_addr_same_uid_trusted = NULL;
    5.20      status = encrypt_message_and_add_priv_key(session,