ENGINE-310: Fixed rather obscure verification problem due to key import in encrypted-signed text.
authorKrista Bennett <krista@pep-project.org>
Thu, 09 Nov 2017 11:33:42 +0100
changeset 2282eed4a7047201
parent 2281 7f826b2f0abd
child 2283 b474e41e685b
ENGINE-310: Fixed rather obscure verification problem due to key import in encrypted-signed text.
src/message_api.c
test/test_util.cc
test/test_util.h
     1.1 --- a/src/message_api.c	Wed Nov 08 12:55:17 2017 +0100
     1.2 +++ b/src/message_api.c	Thu Nov 09 11:33:42 2017 +0100
     1.3 @@ -29,8 +29,6 @@
     1.4      return false;
     1.5  }
     1.6  
     1.7 -// update comm_type to pEp_ct_pEp if needed
     1.8 -
     1.9  static bool is_wrapper(message* src) {
    1.10      bool retval = false;
    1.11      
    1.12 @@ -2093,16 +2091,49 @@
    1.13  
    1.14  }
    1.15  
    1.16 +static PEP_STATUS get_crypto_text(message* src, char** crypto_text, size_t* text_size) {
    1.17 +                
    1.18 +    // this is only here because of how NOT_IMPLEMENTED works            
    1.19 +    PEP_STATUS status = PEP_STATUS_OK;
    1.20 +                    
    1.21 +    switch (src->enc_format) {
    1.22 +        case PEP_enc_PGP_MIME:
    1.23 +            *crypto_text = src->attachments->next->value;
    1.24 +            *text_size = src->attachments->next->size;
    1.25 +            break;
    1.26 +
    1.27 +        case PEP_enc_PGP_MIME_Outlook1:
    1.28 +            *crypto_text = src->attachments->value;
    1.29 +            *text_size = src->attachments->size;
    1.30 +            break;
    1.31 +
    1.32 +        case PEP_enc_pieces:
    1.33 +            *crypto_text = src->longmsg;
    1.34 +            *text_size = strlen(*crypto_text);
    1.35 +            break;
    1.36 +
    1.37 +        default:
    1.38 +            NOT_IMPLEMENTED
    1.39 +    }
    1.40 +    
    1.41 +    return status;
    1.42 +}
    1.43 +
    1.44 +
    1.45  static PEP_STATUS verify_decrypted(PEP_SESSION session,
    1.46 +                                   message* src,
    1.47                                     message* msg, 
    1.48 -                                   pEp_identity* sender,
    1.49                                     char* plaintext, 
    1.50                                     size_t plaintext_size,
    1.51                                     stringlist_t** keylist,
    1.52                                     PEP_STATUS* decrypt_status,
    1.53                                     PEP_cryptotech crypto) {
    1.54 +                                       
    1.55 +    pEp_identity* sender = src->from;
    1.56 +
    1.57      bloblist_t* detached_sig = NULL;
    1.58      PEP_STATUS status = _get_detached_signature(msg, &detached_sig);
    1.59 +    stringlist_t *verify_keylist = NULL;
    1.60      
    1.61      if (detached_sig) {
    1.62          char* dsig_text = detached_sig->value;
    1.63 @@ -2111,21 +2142,36 @@
    1.64          char* stext = NULL;
    1.65  
    1.66          status = _get_signed_text(plaintext, plaintext_size, &stext, &ssize);
    1.67 -        stringlist_t *verify_keylist = NULL;
    1.68  
    1.69          if (ssize > 0 && stext) {
    1.70              status = cryptotech[crypto].verify_text(session, stext,
    1.71                                                      ssize, dsig_text, dsig_size,
    1.72                                                      &verify_keylist);
    1.73 -
    1.74 -            if (status == PEP_VERIFIED || status == PEP_VERIFIED_AND_TRUSTED)
    1.75 -            {
    1.76 -                *decrypt_status = PEP_DECRYPTED_AND_VERIFIED;
    1.77 -            
    1.78 -                status = combine_keylists(session, &verify_keylist, keylist, sender);
    1.79 -            }
    1.80 +        }
    1.81 +        
    1.82 +        if (status == PEP_VERIFIED || status == PEP_VERIFIED_AND_TRUSTED)
    1.83 +        {
    1.84 +            *decrypt_status = PEP_DECRYPTED_AND_VERIFIED;
    1.85 +        
    1.86 +            status = combine_keylists(session, &verify_keylist, keylist, sender);
    1.87          }
    1.88      }
    1.89 +    else {
    1.90 +        size_t csize, psize;
    1.91 +        char* ctext;
    1.92 +        char* ptext;
    1.93 +        get_crypto_text(src, &ctext, &csize);
    1.94 +        // reverify - we may have imported a key in the meantime
    1.95 +        // status = cryptotech[crypto].verify_text(session, ctext,
    1.96 +        //                                         csize, NULL, 0,
    1.97 +        //                                         &verify_keylist);
    1.98 +        free_stringlist(*keylist);
    1.99 +        *decrypt_status = decrypt_and_verify(session, ctext, csize,
   1.100 +                                            NULL, 0,
   1.101 +                                            &ptext, &psize, keylist);
   1.102 +        return PEP_STATUS_OK;
   1.103 +    }
   1.104 +
   1.105      return status;
   1.106  }
   1.107  
   1.108 @@ -2224,34 +2270,6 @@
   1.109      return status;
   1.110  }
   1.111  
   1.112 -static PEP_STATUS get_crypto_text(message* src, char** crypto_text, size_t* text_size) {
   1.113 -                
   1.114 -    // this is only here because of how NOT_IMPLEMENTED works            
   1.115 -    PEP_STATUS status = PEP_STATUS_OK;
   1.116 -                    
   1.117 -    switch (src->enc_format) {
   1.118 -        case PEP_enc_PGP_MIME:
   1.119 -            *crypto_text = src->attachments->next->value;
   1.120 -            *text_size = src->attachments->next->size;
   1.121 -            break;
   1.122 -
   1.123 -        case PEP_enc_PGP_MIME_Outlook1:
   1.124 -            *crypto_text = src->attachments->value;
   1.125 -            *text_size = src->attachments->size;
   1.126 -            break;
   1.127 -
   1.128 -        case PEP_enc_pieces:
   1.129 -            *crypto_text = src->longmsg;
   1.130 -            *text_size = strlen(*crypto_text);
   1.131 -            break;
   1.132 -
   1.133 -        default:
   1.134 -            NOT_IMPLEMENTED
   1.135 -    }
   1.136 -    
   1.137 -    return status;
   1.138 -}
   1.139 -
   1.140  static PEP_STATUS import_priv_keys_from_decrypted_msg(PEP_SESSION session,
   1.141                                                        message* src, 
   1.142                                                        message* msg,
   1.143 @@ -2405,7 +2423,7 @@
   1.144                          GOTO(pep_error);            
   1.145                                                                   
   1.146                      status = verify_decrypted(session,
   1.147 -                                              msg, src->from,
   1.148 +                                              src, msg,
   1.149                                                ptext, psize,
   1.150                                                &_keylist,
   1.151                                                &decrypt_status,
   1.152 @@ -3103,7 +3121,8 @@
   1.153          GOTO(pep_error);
   1.154      }
   1.155  
   1.156 -    status = _mime_encode_message_internal(dec_msg, false, mime_plaintext, true);
   1.157 +    // FIXME: test with att
   1.158 +    status = _mime_encode_message_internal(dec_msg, false, mime_plaintext, false);
   1.159  
   1.160      if (status == PEP_STATUS_OK)
   1.161      {
     2.1 --- a/test/test_util.cc	Wed Nov 08 12:55:17 2017 +0100
     2.2 +++ b/test/test_util.cc	Thu Nov 09 11:33:42 2017 +0100
     2.3 @@ -18,6 +18,19 @@
     2.4  	return sstr.str();
     2.5  }
     2.6  
     2.7 +void dump_out(const char* filename, const char* outdata)
     2.8 +{
     2.9 +	std::ofstream outfile(filename);
    2.10 +	if(!outfile)
    2.11 +	{
    2.12 +		throw std::runtime_error("Cannot open output file!");
    2.13 +	}
    2.14 +	
    2.15 +	outfile << outdata;
    2.16 +    outfile.close();
    2.17 +}
    2.18 +
    2.19 +
    2.20  const char* tl_status_string(PEP_STATUS status) {
    2.21      switch (status) {
    2.22          case PEP_STATUS_OK:
     3.1 --- a/test/test_util.h	Wed Nov 08 12:55:17 2017 +0100
     3.2 +++ b/test/test_util.h	Thu Nov 09 11:33:42 2017 +0100
     3.3 @@ -6,6 +6,10 @@
     3.4  // throws std::runtime_error() if the file cannot be read. Empty file is not an error.
     3.5  std::string slurp(const std::string& filename);
     3.6  
     3.7 +// dumps char* to file
     3.8 +// throws std::runtime_error() if the file cannot be opened.
     3.9 +void dump_out(const char* filename, const char* outdata);
    3.10 +
    3.11  // Returns the string value of the input rating enum value. 
    3.12  const char* tl_rating_string(PEP_rating rating);
    3.13