Merged the mistrust fixes into branch for merging database changes before adding to default database_change_branch
authorKrista Bennett <krista@pep-project.org>
Sun, 04 Feb 2018 03:38:28 +0100
branchdatabase_change_branch
changeset 2472ebe750121b3d
parent 2466 339399330a9b
parent 2471 4f1c2d62b2dd
child 2473 6ca62f99148e
Merged the mistrust fixes into branch for merging database changes before adding to default
     1.1 --- a/src/keymanagement.c	Mon Jan 29 16:52:54 2018 +0100
     1.2 +++ b/src/keymanagement.c	Sun Feb 04 03:38:28 2018 +0100
     1.3 @@ -77,8 +77,11 @@
     1.4                      _comm_type_key > identity->comm_type)
     1.5                  {
     1.6                      bool blacklisted;
     1.7 -                    status = blacklist_is_listed(session, _keylist->value, &blacklisted);
     1.8 -                    if (status == PEP_STATUS_OK && !blacklisted) {
     1.9 +                    bool mistrusted;
    1.10 +                    status = is_mistrusted_key(session, _keylist->value, &mistrusted);
    1.11 +                    if (status == PEP_STATUS_OK)
    1.12 +                        status = blacklist_is_listed(session, _keylist->value, &blacklisted);
    1.13 +                    if (status == PEP_STATUS_OK && !mistrusted && !blacklisted) {
    1.14                          identity->comm_type = _comm_type_key;
    1.15                          _fpr = _keylist->value;
    1.16                      }
    1.17 @@ -88,10 +91,14 @@
    1.18      }
    1.19      free(identity->fpr);
    1.20  
    1.21 -    identity->fpr = strdup(_fpr);
    1.22 -    if (identity->fpr == NULL) {
    1.23 -        free_stringlist(keylist);
    1.24 -        return PEP_OUT_OF_MEMORY;
    1.25 +    if (!_fpr || _fpr[0] == '\0')
    1.26 +        identity->fpr = NULL;
    1.27 +    else {    
    1.28 +        identity->fpr = strdup(_fpr);
    1.29 +        if (identity->fpr == NULL) {
    1.30 +            free_stringlist(keylist);
    1.31 +            return PEP_OUT_OF_MEMORY;
    1.32 +        }
    1.33      }
    1.34      
    1.35      free_stringlist(keylist);
    1.36 @@ -199,6 +206,7 @@
    1.37              status = update_trust_for_fpr(session, 
    1.38                                            fpr, 
    1.39                                            ct);
    1.40 +        case PEP_ct_mistrusted:                                  
    1.41              free(ident->fpr);
    1.42              ident->fpr = NULL;
    1.43              ident->comm_type = ct;            
    1.44 @@ -369,14 +377,15 @@
    1.45              stored_ident->comm_type = ct;
    1.46          }
    1.47      }
    1.48 +    else {
    1.49 +        if (stored_ident->comm_type == PEP_ct_unknown)
    1.50 +            stored_ident->comm_type = PEP_ct_key_not_found;
    1.51 +    }
    1.52      free(return_id->fpr);
    1.53      return_id->fpr = NULL;
    1.54      if (status == PEP_STATUS_OK && !EMPTYSTR(stored_ident->fpr))
    1.55          return_id->fpr = strdup(stored_ident->fpr);
    1.56          
    1.57 -    // This is outside the if block ON PURPOSE - we return an empty FPR +
    1.58 -    // the reason why a key wasn't used in the comm_type string if we can't
    1.59 -    // find or use one.
    1.60      return_id->comm_type = stored_ident->comm_type;
    1.61                  
    1.62      // We patch the DB with the input username, but if we didn't have
    1.63 @@ -1064,6 +1073,8 @@
    1.64              status = mark_as_compromized(session, ident->fpr);
    1.65          if (status == PEP_STATUS_OK)
    1.66              status = remove_fpr_as_default(session, ident->fpr);
    1.67 +        if (status == PEP_STATUS_OK)
    1.68 +            status = add_mistrusted_key(session, ident->fpr);
    1.69      }
    1.70  
    1.71      return status;
    1.72 @@ -1082,12 +1093,15 @@
    1.73      if (!cached_ident)
    1.74          status = PEP_CANNOT_FIND_IDENTITY;
    1.75      else {
    1.76 -        status = set_identity(session, cached_ident);            
    1.77 -        free_identity(session->cached_mistrusted);
    1.78 +        status = delete_mistrusted_key(session, cached_ident->fpr);
    1.79 +        if (status == PEP_STATUS_OK) {
    1.80 +            status = set_identity(session, cached_ident);            
    1.81 +            free_identity(session->cached_mistrusted);
    1.82 +        }
    1.83      }
    1.84      
    1.85      session->cached_mistrusted = NULL;
    1.86 -
    1.87 +    
    1.88      return status;
    1.89  }
    1.90  
    1.91 @@ -1128,7 +1142,19 @@
    1.92      if (status != PEP_STATUS_OK)
    1.93          goto pep_free;
    1.94  
    1.95 +    bool mistrusted_key = false;
    1.96          
    1.97 +    status = is_mistrusted_key(session, ident->fpr, &mistrusted_key);
    1.98 +
    1.99 +    if (status != PEP_STATUS_OK)
   1.100 +        goto pep_free;
   1.101 +    
   1.102 +    if (mistrusted_key)
   1.103 +        status = delete_mistrusted_key(session, ident->fpr);
   1.104 +
   1.105 +    if (status != PEP_STATUS_OK)
   1.106 +        goto pep_free;
   1.107 +    
   1.108      input_copy->comm_type = new_trust;
   1.109          
   1.110      tmp_ident = new_identity(ident->address, NULL, ident->user_id, NULL);
   1.111 @@ -1568,3 +1594,80 @@
   1.112  
   1.113      return session->cryptotech[PEP_crypt_OpenPGP].contains_priv_key(session, fpr, has_private);
   1.114  }
   1.115 +
   1.116 +PEP_STATUS add_mistrusted_key(PEP_SESSION session, const char* fpr)
   1.117 +{
   1.118 +    int result;
   1.119 +
   1.120 +    assert(!EMPTYSTR(fpr));
   1.121 +    
   1.122 +    if (!(session) || EMPTYSTR(fpr))
   1.123 +        return PEP_ILLEGAL_VALUE;
   1.124 +
   1.125 +    sqlite3_reset(session->add_mistrusted_key);
   1.126 +    sqlite3_bind_text(session->add_mistrusted_key, 1, fpr, -1,
   1.127 +            SQLITE_STATIC);
   1.128 +
   1.129 +    result = sqlite3_step(session->add_mistrusted_key);
   1.130 +    sqlite3_reset(session->add_mistrusted_key);
   1.131 +
   1.132 +    if (result != SQLITE_DONE)
   1.133 +        return PEP_CANNOT_SET_PGP_KEYPAIR; // FIXME: Better status?
   1.134 +
   1.135 +    return PEP_STATUS_OK;
   1.136 +}
   1.137 +
   1.138 +PEP_STATUS delete_mistrusted_key(PEP_SESSION session, const char* fpr)
   1.139 +{
   1.140 +    int result;
   1.141 +
   1.142 +    assert(!EMPTYSTR(fpr));
   1.143 +    
   1.144 +    if (!(session) || EMPTYSTR(fpr))
   1.145 +        return PEP_ILLEGAL_VALUE;
   1.146 +
   1.147 +    sqlite3_reset(session->delete_mistrusted_key);
   1.148 +    sqlite3_bind_text(session->delete_mistrusted_key, 1, fpr, -1,
   1.149 +            SQLITE_STATIC);
   1.150 +
   1.151 +    result = sqlite3_step(session->delete_mistrusted_key);
   1.152 +    sqlite3_reset(session->delete_mistrusted_key);
   1.153 +
   1.154 +    if (result != SQLITE_DONE)
   1.155 +        return PEP_UNKNOWN_ERROR; // FIXME: Better status?
   1.156 +
   1.157 +    return PEP_STATUS_OK;
   1.158 +}
   1.159 +
   1.160 +PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr,
   1.161 +                             bool* mistrusted)
   1.162 +{
   1.163 +    PEP_STATUS status = PEP_STATUS_OK;
   1.164 +
   1.165 +    assert(session);
   1.166 +    assert(!EMPTYSTR(fpr));
   1.167 +
   1.168 +    if (!(session && fpr))
   1.169 +        return PEP_ILLEGAL_VALUE;
   1.170 +
   1.171 +    *mistrusted = false;
   1.172 +
   1.173 +    sqlite3_reset(session->is_mistrusted_key);
   1.174 +    sqlite3_bind_text(session->is_mistrusted_key, 1, fpr, -1, SQLITE_STATIC);
   1.175 +
   1.176 +    int result;
   1.177 +
   1.178 +    result = sqlite3_step(session->is_mistrusted_key);
   1.179 +    switch (result) {
   1.180 +    case SQLITE_ROW:
   1.181 +        *mistrusted = sqlite3_column_int(session->is_mistrusted_key, 0);
   1.182 +        status = PEP_STATUS_OK;
   1.183 +        break;
   1.184 +
   1.185 +    default:
   1.186 +        status = PEP_UNKNOWN_ERROR;
   1.187 +    }
   1.188 +
   1.189 +    sqlite3_reset(session->is_mistrusted_key);
   1.190 +    return status;
   1.191 +}
     2.1 --- a/src/keymanagement.h	Mon Jan 29 16:52:54 2018 +0100
     2.2 +++ b/src/keymanagement.h	Sun Feb 04 03:38:28 2018 +0100
     2.3 @@ -344,6 +344,11 @@
     2.4  
     2.5  PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
     2.6  
     2.7 +PEP_STATUS add_mistrusted_key(PEP_SESSION session, const char* fpr);
     2.8 +PEP_STATUS delete_mistrusted_key(PEP_SESSION session, const char* fpr);
     2.9 +PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr, bool* mistrusted);
    2.10 +
    2.11 +
    2.12  #ifdef __cplusplus
    2.13  }
    2.14  #endif
     3.1 --- a/src/message_api.c	Mon Jan 29 16:52:54 2018 +0100
     3.2 +++ b/src/message_api.c	Sun Feb 04 03:38:28 2018 +0100
     3.3 @@ -20,6 +20,12 @@
     3.4  #define _MAX(A, B) ((B) > (A) ? (B) : (A))
     3.5  #endif
     3.6  
     3.7 +// These are globals used in generating message IDs and should only be
     3.8 +// computed once, as they're either really constants or OS-dependent
     3.9 +
    3.10 +int _pEp_rand_max_bits;
    3.11 +double _pEp_log2_36;
    3.12 +
    3.13  static bool is_a_pEpmessage(const message *msg)
    3.14  {
    3.15      for (stringpair_list_t *i = msg->opt_fields; i && i->value ; i=i->next) {
     4.1 --- a/src/pEpEngine.c	Mon Jan 29 16:52:54 2018 +0100
     4.2 +++ b/src/pEpEngine.c	Sun Feb 04 03:38:28 2018 +0100
     4.3 @@ -294,6 +294,17 @@
     4.4      "select default_id from alternate_user_id "
     4.5      "   where alternate_id = ?1 ; ";
     4.6  
     4.7 +// Revocation tracking
     4.8 +static const char *sql_add_mistrusted_key =
     4.9 +    "insert or replace into mistrusted_keys (fpr) "
    4.10 +    "   values (upper(replace(?1,' ',''))) ;";
    4.11 +        
    4.12 +static const char *sql_delete_mistrusted_key = 
    4.13 +    "delete from blacklist_keys where fpr = upper(replace(?1,' ','')) ;";
    4.14 +
    4.15 +static const char *sql_is_mistrusted_key = 
    4.16 +    "select count(*) from mistrusted_keys where fpr = upper(replace(?1,' ','')) ;";
    4.17 +
    4.18  static const char *sql_add_userid_alias =
    4.19      "insert or replace into alternate_user_id (default_id, alternate_id) "
    4.20      "values (?1, ?2) ;";
    4.21 @@ -468,7 +479,7 @@
    4.22      sqlite3_busy_timeout(_session->system_db, 1000);
    4.23  
    4.24  // increment this when patching DDL
    4.25 -#define _DDL_USER_VERSION "6"
    4.26 +#define _DDL_USER_VERSION "7"
    4.27  
    4.28      if (in_first) {
    4.29  
    4.30 @@ -564,6 +575,10 @@
    4.31                  "       on delete cascade on update cascade,\n"
    4.32                  "    alternate_id text primary key\n"
    4.33                  ");\n"
    4.34 +                // mistrusted keys
    4.35 +                "create table if not exists mistrusted_keys (\n"
    4.36 +                "    fpr text primary key\n"
    4.37 +                ");\n"
    4.38                  ,
    4.39              NULL,
    4.40              NULL,
    4.41 @@ -777,6 +792,17 @@
    4.42                  );
    4.43                  assert(int_result == SQLITE_OK);    
    4.44              }
    4.45 +            if (version < 7) {
    4.46 +                int_result = sqlite3_exec(
    4.47 +                    _session->db,
    4.48 +                    "create table if not exists mistrusted_keys (\n"
    4.49 +                    "    fpr text primary key\n"
    4.50 +                    ");\n",            
    4.51 +                    NULL,
    4.52 +                    NULL,
    4.53 +                    NULL
    4.54 +                );
    4.55 +            }
    4.56          }
    4.57          else { 
    4.58              // Version from DB was 0, it means this is initial setup.
    4.59 @@ -1000,6 +1026,18 @@
    4.60              (int)strlen(sql_get_revoked), &_session->get_revoked, NULL);
    4.61      assert(int_result == SQLITE_OK);
    4.62      
    4.63 +    int_result = sqlite3_prepare_v2(_session->db, sql_add_mistrusted_key,
    4.64 +            (int)strlen(sql_add_mistrusted_key), &_session->add_mistrusted_key, NULL);
    4.65 +    assert(int_result == SQLITE_OK);
    4.66 +
    4.67 +    int_result = sqlite3_prepare_v2(_session->db, sql_delete_mistrusted_key,
    4.68 +            (int)strlen(sql_delete_mistrusted_key), &_session->delete_mistrusted_key, NULL);
    4.69 +    assert(int_result == SQLITE_OK);
    4.70 +
    4.71 +    int_result = sqlite3_prepare_v2(_session->db, sql_is_mistrusted_key,
    4.72 +            (int)strlen(sql_is_mistrusted_key), &_session->is_mistrusted_key, NULL);
    4.73 +    assert(int_result == SQLITE_OK);
    4.74 +    
    4.75      status = init_cryptotech(_session, in_first);
    4.76      if (status != PEP_STATUS_OK)
    4.77          goto pep_error;
    4.78 @@ -1159,6 +1197,13 @@
    4.79              if (session->get_revoked)
    4.80                  sqlite3_finalize(session->get_revoked);
    4.81  
    4.82 +            if (session->add_mistrusted_key)
    4.83 +                sqlite3_finalize(session->add_mistrusted_key);
    4.84 +            if (session->delete_mistrusted_key)
    4.85 +                sqlite3_finalize(session->delete_mistrusted_key);
    4.86 +            if (session->is_mistrusted_key)
    4.87 +                sqlite3_finalize(session->is_mistrusted_key);
    4.88 +
    4.89              if (session->db)
    4.90                  sqlite3_close_v2(session->db);
    4.91              if (session->system_db)
     5.1 --- a/src/pEp_internal.h	Mon Jan 29 16:52:54 2018 +0100
     5.2 +++ b/src/pEp_internal.h	Sun Feb 04 03:38:28 2018 +0100
     5.3 @@ -173,6 +173,11 @@
     5.4      sqlite3_stmt *set_revoked;
     5.5      sqlite3_stmt *get_revoked;
     5.6  
     5.7 +    // mistrusted
     5.8 +    sqlite3_stmt* add_mistrusted_key;
     5.9 +    sqlite3_stmt* is_mistrusted_key;    
    5.10 +    sqlite3_stmt* delete_mistrusted_key;
    5.11 +    
    5.12      // aliases
    5.13      sqlite3_stmt *get_userid_alias_default;
    5.14      sqlite3_stmt *add_userid_alias;
    5.15 @@ -405,8 +410,8 @@
    5.16  // These are globals used in generating message IDs and should only be
    5.17  // computed once, as they're either really constants or OS-dependent
    5.18  
    5.19 -int _pEp_rand_max_bits;
    5.20 -double _pEp_log2_36;
    5.21 +extern int _pEp_rand_max_bits;
    5.22 +extern double _pEp_log2_36;
    5.23  
    5.24  static inline void _init_globals() {
    5.25      _pEp_rand_max_bits = ceil(log2(RAND_MAX));
     6.1 --- a/test/mistrust_undo_test.cc	Mon Jan 29 16:52:54 2018 +0100
     6.2 +++ b/test/mistrust_undo_test.cc	Sun Feb 04 03:38:28 2018 +0100
     6.3 @@ -58,8 +58,12 @@
     6.4      assert(status == PEP_STATUS_OK);
     6.5      status = update_identity(session,recip1);
     6.6      assert(status == PEP_STATUS_OK);
     6.7 +    assert(recip1->comm_type == PEP_ct_key_not_found);
     6.8 +    recip1->fpr = strdup("BACC7A60A88A39A25D99B4A545D7542F39E5DAB5");
     6.9 +    status = get_trust(session, recip1);
    6.10      assert(recip1->comm_type == PEP_ct_mistrusted);
    6.11 -    cout << "Mistrusted mistrust.undo.test@pep-project.org (BACC7A60A88A39A25D99B4A545D7542F39E5DAB5) and comm_type set to PEP_ct_mistrusted)." << endl  << endl;    
    6.12 +     
    6.13 +    cout << "Mistrusted mistrust.undo.test@pep-project.org (BACC7A60A88A39A25D99B4A545D7542F39E5DAB5) and comm_type IN DB set to PEP_ct_mistrusted)." << endl  << endl;    
    6.14      
    6.15      cout << "Undo mistrust (restore identity and trust in DB)" << endl;
    6.16      // Undo it
     7.1 --- a/test/new_update_id_and_myself_test.cc	Mon Jan 29 16:52:54 2018 +0100
     7.2 +++ b/test/new_update_id_and_myself_test.cc	Sun Feb 04 03:38:28 2018 +0100
     7.3 @@ -38,7 +38,7 @@
     7.4      
     7.5      cout << uniqname << "\n";
     7.6      
     7.7 -    const char* own_user_id = "FineOwnIdentitiesOfBuckTFerris";
     7.8 +    const char* own_user_id = get_new_uuid();
     7.9      const char* start_username = "Unser Testkandidat";
    7.10  
    7.11      pEp_identity * new_me = new_identity(uniqname, NULL, own_user_id, start_username);
    7.12 @@ -481,28 +481,130 @@
    7.13  
    7.14  
    7.15      cout << "****************************************************************************************" << endl;
    7.16 -    cout << "* III: 2. key election: get identity for user with only revoked keys " << endl;
    7.17 +    cout << "* III: 2. key election: get identity for user with only revoked or mistrusted keys " << endl;
    7.18      cout << "****************************************************************************************" << endl << endl;
    7.19 +
    7.20 +    // Create id with no key
    7.21 +    cout << "Creating new id with no key for : ";
    7.22 +    char *uniqname_10000 = strdup("AAAAtestuser@testdomain.org");
    7.23 +    srandom(time(NULL));
    7.24 +    for(int i=0; i < 4;i++)
    7.25 +        uniqname_10000[i] += random() & 0xf;
    7.26      
    7.27 -    status = revoke_key(session, new_fpr, "Because it's more fun to revoke ALL of someone's keys");
    7.28 +    cout << uniqname_10000 << "\n";
    7.29 +
    7.30 +    char* revoke_uuid = get_new_uuid();
    7.31 +
    7.32 +    pEp_identity * revokemaster_3000 = new_identity(uniqname_10000, NULL, revoke_uuid, start_username);
    7.33 +    
    7.34 +    cout << "Generate three keys for "  << uniqname_10000 << " who has user_id " << revoke_uuid << endl; 
    7.35 +
    7.36 +    char* revoke_fpr_arr[3];
    7.37 +    
    7.38 +    status = generate_keypair(session, revokemaster_3000);
    7.39 +    assert(status == PEP_STATUS_OK && revokemaster_3000->fpr);
    7.40 +    revoke_fpr_arr[0] = strdup(revokemaster_3000->fpr);
    7.41 +    free(revokemaster_3000->fpr);
    7.42 +    revokemaster_3000->fpr = NULL;
    7.43 +    
    7.44 +    status = generate_keypair(session, revokemaster_3000);
    7.45 +    assert(status == PEP_STATUS_OK && revokemaster_3000->fpr);
    7.46 +    revoke_fpr_arr[1] = strdup(revokemaster_3000->fpr);
    7.47 +    free(revokemaster_3000->fpr);
    7.48 +    revokemaster_3000->fpr = NULL;
    7.49 +    
    7.50 +    status = generate_keypair(session, revokemaster_3000);
    7.51 +    assert(status == PEP_STATUS_OK && revokemaster_3000->fpr);
    7.52 +    revoke_fpr_arr[2] = strdup(revokemaster_3000->fpr);
    7.53 +    free(revokemaster_3000->fpr);
    7.54 +    revokemaster_3000->fpr = NULL;
    7.55 +    
    7.56 +    cout << "Trust "  << revoke_fpr_arr[2] << " (default for identity) and " << revoke_fpr_arr[0] << endl;
    7.57 +    
    7.58 +    free(revokemaster_3000->fpr);
    7.59 +    revokemaster_3000->fpr = strdup(revoke_fpr_arr[2]);
    7.60 +    status = trust_personal_key(session, revokemaster_3000);
    7.61 +    assert(status == PEP_STATUS_OK); 
    7.62 +    assert(revokemaster_3000->comm_type & PEP_ct_confirmed);
    7.63 +
    7.64 +    free(revokemaster_3000->fpr);
    7.65 +    revokemaster_3000->fpr = strdup(revoke_fpr_arr[0]);
    7.66 +    status = trust_personal_key(session, revokemaster_3000);
    7.67 +    assert(status == PEP_STATUS_OK);
    7.68 +    assert(revokemaster_3000->comm_type & PEP_ct_confirmed);
    7.69 +    
    7.70 +    status = update_identity(session, revokemaster_3000);
    7.71 +    assert(status == PEP_STATUS_OK);
    7.72 +    assert(revokemaster_3000->fpr);
    7.73 +    assert(strcmp(revokemaster_3000->fpr, revoke_fpr_arr[2]) == 0);
    7.74 +    assert(revokemaster_3000->comm_type & PEP_ct_confirmed);
    7.75 +
    7.76 +    cout << "update_identity returns the correct identity default." << endl;
    7.77 +    
    7.78 +    cout << "Ok, now... we revoke the default..." << endl;
    7.79 +    
    7.80 +    cout << "Revoking " << revoke_fpr_arr[2] << endl;
    7.81 +
    7.82 +    status = revoke_key(session, revoke_fpr_arr[2], "This little pubkey went to market");
    7.83      assert (status == PEP_STATUS_OK);
    7.84 +
    7.85 +    bool is_revoked;
    7.86 +    status = key_revoked(session, revokemaster_3000->fpr, &is_revoked);    
    7.87 +    assert(status == PEP_STATUS_OK);
    7.88 +    assert(is_revoked);
    7.89 +
    7.90 +    cout << "Success revoking " << revoke_fpr_arr[2] << "!!! get_trust for this fpr gives us " << revokemaster_3000->comm_type << endl;
    7.91      
    7.92 -    new_me = new_identity(uniqname, NULL, NULL, NULL);
    7.93 +    cout << "Now see if update_identity gives us " << revoke_fpr_arr[0] << ", the only trusted key left." << endl;
    7.94 +    status = update_identity(session, revokemaster_3000);
    7.95 +    assert(status == PEP_STATUS_OK);
    7.96 +    assert(revokemaster_3000->fpr);
    7.97 +    assert(strcmp(revokemaster_3000->fpr, revoke_fpr_arr[0]) == 0);
    7.98 +    assert(revokemaster_3000->comm_type & PEP_ct_confirmed);    
    7.99      
   7.100 -    status = update_identity(session, new_me);
   7.101 +    cout << "Success! So let's mistrust it, because seriously, that key was so uncool." << endl;
   7.102 +    
   7.103 +    status = key_mistrusted(session, revokemaster_3000);
   7.104 +    assert(status == PEP_STATUS_OK);
   7.105 +
   7.106 +    status = get_trust(session, revokemaster_3000);
   7.107 +    assert(status == PEP_STATUS_OK);
   7.108 +    assert(revokemaster_3000->comm_type == PEP_ct_mistrusted);
   7.109 +    
   7.110 +    cout << "Success! get_trust for this fpr gives us " << revokemaster_3000->comm_type << endl;
   7.111 +
   7.112 +    cout << "The only fpr left is an untrusted one - let's make sure this is what we get from update_identity." << endl;
   7.113 +
   7.114 +    status = update_identity(session, revokemaster_3000);
   7.115 +    assert(status == PEP_STATUS_OK);
   7.116 +    assert(revokemaster_3000->fpr);
   7.117 +    assert(strcmp(revokemaster_3000->fpr, revoke_fpr_arr[1]) == 0);
   7.118 +    assert(!(revokemaster_3000->comm_type & PEP_ct_confirmed));    
   7.119 +
   7.120 +    cout << "Success! We got " << revoke_fpr_arr[1] << "as the fpr with comm_type " << revokemaster_3000->comm_type << endl;
   7.121 +    
   7.122 +    cout << "But, you know... let's revoke that one too and see what update_identity gives us." << endl;
   7.123 +
   7.124 +    status = revoke_key(session, revoke_fpr_arr[1], "Because it's more fun to revoke ALL of someone's keys");
   7.125 +    assert (status == PEP_STATUS_OK);
   7.126 +
   7.127 +    status = key_revoked(session, revokemaster_3000->fpr, &is_revoked);    
   7.128 +    assert(status == PEP_STATUS_OK);
   7.129 +    assert(is_revoked);
   7.130 +    
   7.131 +    cout << "Success! get_trust for this fpr gives us " << revokemaster_3000->comm_type << endl;
   7.132 +
   7.133 +    cout << "Call update_identity - we expect nothing, plus an error comm type." << endl;
   7.134 +
   7.135 +    status = update_identity(session, revokemaster_3000);
   7.136      assert(status != PEP_STATUS_OK);
   7.137 -    assert(!new_me->fpr);
   7.138 -    assert(new_me->username);
   7.139 -    assert(strcmp(new_me->username, start_username) == 0);
   7.140 -    assert(new_me->user_id);
   7.141 -    assert(strcmp(new_me->user_id, default_own_id) == 0);
   7.142 -    assert(new_me->me);
   7.143 -    assert(new_me->comm_type == PEP_ct_key_revoked);
   7.144 -    
   7.145 -    cout << "PASS: update_identity() correctly rejected two revoked keys with PEP_KEY_UNSUITABLE and PEP_ct_key_revoked";
   7.146 -    cout << endl << endl;
   7.147 +    assert(!revokemaster_3000->fpr);
   7.148 +    assert(revokemaster_3000->username);
   7.149 +    assert(strcmp(revokemaster_3000->user_id, revoke_uuid) == 0);
   7.150 +    assert(revokemaster_3000->comm_type == PEP_ct_key_not_found);
   7.151 +    cout << "Success! No key found. The comm_status error was " << revokemaster_3000->comm_type << "and the return status was " << tl_status_string(status) << endl;
   7.152  
   7.153 -    free_identity(new_me);
   7.154 +    free_identity(revokemaster_3000);
   7.155  
   7.156      cout << "****************************************************************************************" << endl;
   7.157      cout << "* III: 100000000. key election: more to come " << endl;