merge sync IOSAD-111
authorDirk Zimmermann <dz@pep.security>
Fri, 03 May 2019 12:41:06 +0200
branchIOSAD-111
changeset 3613f330f7da89c5
parent 3582 f7ecbde8ba3a
parent 3611 95a05d4cf872
child 3618 d486cda725b1
merge sync
     1.1 --- a/Makefile	Tue Apr 30 07:49:02 2019 +0200
     1.2 +++ b/Makefile	Fri May 03 12:41:06 2019 +0200
     1.3 @@ -19,6 +19,13 @@
     1.4      $(info ================================================)
     1.5  endif
     1.6  
     1.7 +ifneq ($(MAKE_VERSION),$(word 2,$(sort $(MAKE_VERSION) 4)))
     1.8 +    $(warning ================================================)
     1.9 +    $(warning You are using a make version older than 4. This might cause problems.)
    1.10 +    $(warning ================================================)
    1.11 +endif
    1.12 +
    1.13 +
    1.14  .PHONY: all sync asn1 build install dbinstall uninstall clean tags test package db
    1.15  
    1.16  build: asn1
     2.1 --- a/asn.1/Makefile	Tue Apr 30 07:49:02 2019 +0200
     2.2 +++ b/asn.1/Makefile	Fri May 03 12:41:06 2019 +0200
     2.3 @@ -21,9 +21,6 @@
     2.4  	$(ASN1C) -gen-PER -fincludes-quoted -fcompound-names -pdu=auto pEp.asn1 keysync.asn1 $<
     2.5  	rm -f converter-sample.c
     2.6  
     2.7 -sync.asn1 keysync.asn1 pEp.asn1:
     2.8 -	cp -f ../sync/generated/*.asn1 ../asn.1
     2.9 -
    2.10  clean:
    2.11  	rm -f *.a *.o *.c *.h *.sample sync.asn1 keysync.asn1
    2.12  
     3.1 --- a/src/keymanagement.c	Tue Apr 30 07:49:02 2019 +0200
     3.2 +++ b/src/keymanagement.c	Fri May 03 12:41:06 2019 +0200
     3.3 @@ -1737,7 +1737,8 @@
     3.4  PEP_STATUS _own_keys_retrieve(
     3.5          PEP_SESSION session,
     3.6          stringlist_t **keylist,
     3.7 -        identity_flags_t excluded_flags
     3.8 +        identity_flags_t excluded_flags,
     3.9 +        bool private_only
    3.10        )
    3.11  {
    3.12      PEP_STATUS status = PEP_STATUS_OK;
    3.13 @@ -1752,7 +1753,6 @@
    3.14      sqlite3_reset(session->own_keys_retrieve);
    3.15      
    3.16      int result;
    3.17 -    char *fpr = NULL;
    3.18      
    3.19      stringlist_t *_bl = _keylist;
    3.20      sqlite3_bind_int(session->own_keys_retrieve, 1, excluded_flags);
    3.21 @@ -1761,18 +1761,12 @@
    3.22          result = sqlite3_step(session->own_keys_retrieve);
    3.23          switch (result) {
    3.24              case SQLITE_ROW:
    3.25 -                fpr = strdup((const char *) sqlite3_column_text(session->own_keys_retrieve, 0));
    3.26 -                if(fpr == NULL)
    3.27 +                _bl = stringlist_add(_bl, (const char *)
    3.28 +                        sqlite3_column_text(session->own_keys_retrieve, 0));
    3.29 +                if (_bl == NULL)
    3.30                      goto enomem;
    3.31 -
    3.32 -                _bl = stringlist_add(_bl, fpr);
    3.33 -                if (_bl == NULL) {
    3.34 -                    free(fpr);
    3.35 -                    goto enomem;
    3.36 -                }
    3.37                  if (_keylist == NULL)
    3.38                      _keylist = _bl;
    3.39 -                
    3.40                  break;
    3.41                  
    3.42              case SQLITE_DONE:
    3.43 @@ -1785,8 +1779,33 @@
    3.44      } while (result != SQLITE_DONE);
    3.45      
    3.46      sqlite3_reset(session->own_keys_retrieve);
    3.47 -    if (status == PEP_STATUS_OK)
    3.48 +    if (status == PEP_STATUS_OK) {
    3.49 +        dedup_stringlist(_keylist);
    3.50 +        if (private_only) {
    3.51 +            stringlist_t* _kl = _keylist;
    3.52 +            stringlist_t* _kl_prev = NULL;
    3.53 +            while (_kl) {
    3.54 +                bool has_private = false;
    3.55 +                contains_priv_key(session, _kl->value, &has_private);
    3.56 +                if (!has_private) {
    3.57 +                    stringlist_t* _kl_tmp = _kl;
    3.58 +                    if (_kl_prev)
    3.59 +                        _kl_prev->next = _kl->next;
    3.60 +                    else 
    3.61 +                        _keylist = _kl->next;
    3.62 +                        
    3.63 +                    _kl = _kl->next;
    3.64 +                    
    3.65 +                    _kl_tmp->next = NULL;
    3.66 +                    free_stringlist(_kl_tmp);
    3.67 +                    continue;
    3.68 +                }
    3.69 +                _kl_prev = _kl;
    3.70 +                _kl = _kl->next;
    3.71 +            }
    3.72 +        }
    3.73          *keylist = _keylist;
    3.74 +    }
    3.75      else
    3.76          free_stringlist(_keylist);
    3.77      
    3.78 @@ -1802,7 +1821,7 @@
    3.79  
    3.80  DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **keylist)
    3.81  {
    3.82 -    return _own_keys_retrieve(session, keylist, 0);
    3.83 +    return _own_keys_retrieve(session, keylist, 0, true);
    3.84  }
    3.85  
    3.86  DYNAMIC_API PEP_STATUS set_own_key(
     4.1 --- a/src/keymanagement.h	Tue Apr 30 07:49:02 2019 +0200
     4.2 +++ b/src/keymanagement.h	Fri May 03 12:41:06 2019 +0200
     4.3 @@ -330,17 +330,19 @@
     4.4  //  parameters:
     4.5  //      session (in)            session to use
     4.6  //      keylist (out)           list of fingerprints
     4.7 -//      excluded_flags (int)    flags to exclude from results
     4.8 -//
     4.9 +//      excluded_flags (in)     flags to exclude from results
    4.10 +//      private_only (in)       if true, return only fprs for
    4.11 +//                              which we have the secret part
    4.12  //  caveat:
    4.13  //      the ownership of the list goes to the caller
    4.14  DYNAMIC_API PEP_STATUS _own_keys_retrieve(
    4.15          PEP_SESSION session,
    4.16          stringlist_t **keylist,
    4.17 -        identity_flags_t excluded_flags
    4.18 +        identity_flags_t excluded_flags,
    4.19 +        bool private_only
    4.20        );
    4.21  
    4.22 -// own_keys_retrieve() - retrieve all flagged keypair fingerprints 
    4.23 +// own_keys_retrieve() - retrieve all flagged public/private keypair fingerprints 
    4.24  //
    4.25  //  parameters:
    4.26  //      session (in)            session to use
    4.27 @@ -348,6 +350,8 @@
    4.28  //
    4.29  //  caveat:
    4.30  //      the ownership of the list goes to the caller
    4.31 +//      this function does not return keys without a private key part
    4.32 +//
    4.33  DYNAMIC_API PEP_STATUS own_keys_retrieve(
    4.34          PEP_SESSION session,
    4.35          stringlist_t **keylist
     5.1 --- a/src/pEpEngine.c	Tue Apr 30 07:49:02 2019 +0200
     5.2 +++ b/src/pEpEngine.c	Fri May 03 12:41:06 2019 +0200
     5.3 @@ -1594,14 +1594,6 @@
     5.4              &_session->get_own_address_binding_from_contact, NULL);
     5.5      assert(int_result == SQLITE_OK);
     5.6  
     5.7 -    // int_result = sqlite3_prepare_v2(_session->db, sql_set_device_group,
     5.8 -    //         (int)strlen(sql_set_device_group), &_session->set_device_group, NULL);
     5.9 -    // assert(int_result == SQLITE_OK);
    5.10 -    // 
    5.11 -    // int_result = sqlite3_prepare_v2(_session->db, sql_get_device_group,
    5.12 -    //         (int)strlen(sql_get_device_group), &_session->get_device_group, NULL);
    5.13 -    // assert(int_result == SQLITE_OK);
    5.14 -
    5.15      int_result = sqlite3_prepare_v2(_session->db, sql_set_pgp_keypair,
    5.16              (int)strlen(sql_set_pgp_keypair), &_session->set_pgp_keypair,
    5.17              NULL);
    5.18 @@ -1885,10 +1877,6 @@
    5.19                  sqlite3_finalize(session->was_id_for_revoke_contacted);   
    5.20              if (session->get_last_contacted)
    5.21                  sqlite3_finalize(session->get_last_contacted);                                       
    5.22 -            // if (session->set_device_group)
    5.23 -            //     sqlite3_finalize(session->set_device_group);
    5.24 -            // if (session->get_device_group)
    5.25 -            //     sqlite3_finalize(session->get_device_group);
    5.26              if (session->set_pgp_keypair)
    5.27                  sqlite3_finalize(session->set_pgp_keypair);
    5.28              if (session->exists_identity_entry)
    5.29 @@ -3421,94 +3409,6 @@
    5.30      return PEP_STATUS_OK;
    5.31  }
    5.32  
    5.33 -// DYNAMIC_API PEP_STATUS set_device_group(
    5.34 -//         PEP_SESSION session,
    5.35 -//         const char *group_name
    5.36 -//     )
    5.37 -// {
    5.38 -//     int result;
    5.39 -// 
    5.40 -//     assert(session);
    5.41 -// 
    5.42 -//     if (!(session && group_name))
    5.43 -//         return PEP_ILLEGAL_VALUE;
    5.44 -// 
    5.45 -//     // 1. Get own user_id
    5.46 -//     char* user_id = NULL;
    5.47 -//     PEP_STATUS status = get_default_own_userid(session, &user_id);
    5.48 -// 
    5.49 -//     // No user_id is returned in this case, no need to free;
    5.50 -//     if (status != PEP_STATUS_OK)
    5.51 -//         return status;
    5.52 -// 
    5.53 -//     // 2. Set device group
    5.54 -//     sqlite3_reset(session->set_device_group);
    5.55 -//     if(group_name){
    5.56 -//         sqlite3_bind_text(session->set_device_group, 1, group_name, -1,
    5.57 -//                 SQLITE_STATIC);
    5.58 -//     } else {
    5.59 -//         sqlite3_bind_null(session->set_device_group, 1);
    5.60 -//     }
    5.61 -// 
    5.62 -//     sqlite3_bind_text(session->set_device_group, 2, user_id, -1,
    5.63 -//             SQLITE_STATIC);
    5.64 -// 
    5.65 -//     result = sqlite3_step(session->set_device_group);
    5.66 -//     sqlite3_reset(session->set_device_group);
    5.67 -// 
    5.68 -//     free(user_id);
    5.69 -// 
    5.70 -//     if (result != SQLITE_DONE)
    5.71 -//         return PEP_CANNOT_SET_PERSON;
    5.72 -// 
    5.73 -//     return PEP_STATUS_OK;
    5.74 -// }
    5.75 -// 
    5.76 -// DYNAMIC_API PEP_STATUS get_device_group(PEP_SESSION session, char **group_name)
    5.77 -// {
    5.78 -//     PEP_STATUS status = PEP_STATUS_OK;
    5.79 -//     int result;
    5.80 -// 
    5.81 -//     assert(session);
    5.82 -//     assert(group_name);
    5.83 -// 
    5.84 -//     if (!(session && group_name))
    5.85 -//         return PEP_ILLEGAL_VALUE;
    5.86 -// 
    5.87 -//     // 1. Get own user_id
    5.88 -//     char* user_id = NULL;
    5.89 -//     status = get_default_own_userid(session, &user_id);
    5.90 -// 
    5.91 -//     // No user_id is returned in this case, no need to free;
    5.92 -//     if (status != PEP_STATUS_OK)
    5.93 -//         return status;
    5.94 -// 
    5.95 -//     // 2. get device group
    5.96 -//     sqlite3_reset(session->get_device_group);
    5.97 -//     sqlite3_bind_text(session->get_device_group, 1, user_id, -1,
    5.98 -//             SQLITE_STATIC);
    5.99 -// 
   5.100 -//     result = sqlite3_step(session->get_device_group);
   5.101 -//     switch (result) {
   5.102 -//     case SQLITE_ROW: {
   5.103 -//         const char *_group_name = (const char *)sqlite3_column_text(session->get_device_group, 0);
   5.104 -//         if(_group_name){
   5.105 -//             *group_name = strdup(_group_name);
   5.106 -//                 if(*group_name == NULL)
   5.107 -//                     status = PEP_OUT_OF_MEMORY;
   5.108 -//         }
   5.109 -//         break;
   5.110 -//     }
   5.111 -// 
   5.112 -//     default:
   5.113 -//         status = PEP_RECORD_NOT_FOUND;
   5.114 -//     }
   5.115 -// 
   5.116 -//     free(user_id);
   5.117 -//     sqlite3_reset(session->get_device_group);
   5.118 -//     return status;
   5.119 -// }
   5.120 -
   5.121  DYNAMIC_API PEP_STATUS set_identity_flags(
   5.122          PEP_SESSION session,
   5.123          pEp_identity *identity,
     6.1 --- a/src/pEpEngine.h	Tue Apr 30 07:49:02 2019 +0200
     6.2 +++ b/src/pEpEngine.h	Fri May 03 12:41:06 2019 +0200
     6.3 @@ -865,40 +865,6 @@
     6.4          const char* default_id,
     6.5          const char* alias_id);
     6.6  
     6.7 -
     6.8 -// // set_device_group() - update own person's device group
     6.9 -// //
    6.10 -// //    parameters:
    6.11 -// //        session (in)        session handle
    6.12 -// //        group_name (in)     new group name
    6.13 -// //
    6.14 -// //    return value:
    6.15 -// //        PEP_STATUS_OK = 0             device group was updated
    6.16 -// //        PEP_CANNOT_SET_PERSON         update failed
    6.17 -// 
    6.18 -// DYNAMIC_API PEP_STATUS set_device_group(
    6.19 -//         PEP_SESSION session,
    6.20 -//         const char *group_name
    6.21 -//     );
    6.22 -// 
    6.23 -// // get_device_group() - get own person's device group
    6.24 -// //
    6.25 -// //    parameters:
    6.26 -// //        session (in)        session handle
    6.27 -// //        group_name (in)     new group name
    6.28 -// //
    6.29 -// //    return value:
    6.30 -// //        PEP_STATUS_OK = 0             couldn't get device group
    6.31 -// //        PEP_RECORD_NOT_FOUND          update failed
    6.32 -// //
    6.33 -// //    caveat:
    6.34 -// //        the ownerships of group_name is going to the caller
    6.35 -// 
    6.36 -// DYNAMIC_API PEP_STATUS get_device_group(
    6.37 -//         PEP_SESSION session, 
    6.38 -//         char **group_name
    6.39 -//     );
    6.40 -
    6.41  // set_identity_flags() - update identity flags on existing identity
    6.42  //
    6.43  //    parameters:
    6.44 @@ -1519,8 +1485,6 @@
    6.45                       char **sign, 
    6.46                       size_t *sign_size);
    6.47  
    6.48 -const char *get_device_name(PEP_SESSION session);
    6.49 -
    6.50  #ifdef __cplusplus
    6.51  }
    6.52  #endif
     7.1 --- a/src/pgp_gpg.c	Tue Apr 30 07:49:02 2019 +0200
     7.2 +++ b/src/pgp_gpg.c	Fri May 03 12:41:06 2019 +0200
     7.3 @@ -1615,7 +1615,7 @@
     7.4      gpgme_error_t gpgme_error;
     7.5      gpgme_data_t dh;
     7.6      size_t _size;
     7.7 -    char *buffer;
     7.8 +    char *buffer = NULL;
     7.9      int reading;
    7.10  
    7.11      assert(session);
    7.12 @@ -1666,6 +1666,16 @@
    7.13      assert(_size != -1);
    7.14      gpg.gpgme_data_seek(dh, 0, SEEK_SET);
    7.15  
    7.16 +    // Unfortunately, gpgme doesn't give us an error
    7.17 +    // when no key is found, so we end up with an 
    7.18 +    // empty string. So we need to do this:
    7.19 +    if (_size == 0) {
    7.20 +        *key_data = NULL;
    7.21 +        *size = 0;
    7.22 +        gpg.gpgme_data_release(dh);
    7.23 +        return PEP_KEY_NOT_FOUND;
    7.24 +    }
    7.25 +        
    7.26      buffer = malloc(_size + 1);
    7.27      assert(buffer);
    7.28      if (buffer == NULL) {
     8.1 --- a/src/pgp_sequoia.c	Tue Apr 30 07:49:02 2019 +0200
     8.2 +++ b/src/pgp_sequoia.c	Fri May 03 12:41:06 2019 +0200
     8.3 @@ -1668,7 +1668,7 @@
     8.4  
     8.5      // If the caller asks for a secret key and we only have a
     8.6      // public key, then we return an error.
     8.7 -    status = tpk_find_by_fpr_hex(session, fpr, true, &tpk, NULL);
     8.8 +    status = tpk_find_by_fpr_hex(session, fpr, secret, &tpk, NULL);
     8.9      ERROR_OUT(NULL, status, "Looking up TSK for %s", fpr);
    8.10  
    8.11      pgp_writer_t memory_writer = pgp_writer_alloc((void **) key_data, size);
     9.1 --- a/src/stringlist.c	Tue Apr 30 07:49:02 2019 +0200
     9.2 +++ b/src/stringlist.c	Fri May 03 12:41:06 2019 +0200
     9.3 @@ -18,7 +18,7 @@
     9.4      if (result && value) {
     9.5          result->value = strdup(value);
     9.6          assert(result->value);
     9.7 -        if (result->value == 0) {
     9.8 +        if (!result->value) {
     9.9              free(result);
    9.10              return NULL;
    9.11          }
    10.1 --- a/sync/Makefile	Tue Apr 30 07:49:02 2019 +0200
    10.2 +++ b/sync/Makefile	Fri May 03 12:41:06 2019 +0200
    10.3 @@ -29,6 +29,7 @@
    10.4  
    10.5  .copy: .actions .statemachines .codecs .messages
    10.6  	cp -f generated/*.c generated/*.h ../src
    10.7 +	cp -f generated/*.asn1 ../asn.1
    10.8  	touch .copy
    10.9  
   10.10  %.xml: %.fsm
    11.1 --- a/sync/cond_act_sync.yml2	Tue Apr 30 07:49:02 2019 +0200
    11.2 +++ b/sync/cond_act_sync.yml2	Fri May 03 12:41:06 2019 +0200
    11.3 @@ -50,9 +50,24 @@
    11.4      TID_t *t1 = &session->sync_state.keysync.negotiation;
    11.5      TID_t *t2 = &session->own_sync_state.negotiation;
    11.6  
    11.7 +    // test if TID is identical
    11.8      *result = t1->size == t2->size && memcmp(t1->buf, t2->buf, t1->size) == 0;
    11.9  ||
   11.10  
   11.11 +condition sameTransactionAndPartner
   11.12 +||
   11.13 +    TID_t *t1 = &session->sync_state.keysync.negotiation;
   11.14 +    TID_t *t2 = &session->own_sync_state.negotiation;
   11.15 +
   11.16 +    const char *s1 = session->sync_state.common.signature_fpr;
   11.17 +    const char *s2 = session->own_sync_state.signature_fpr;
   11.18 +
   11.19 +    // test if TID is identical
   11.20 +    *result = t1->size == t2->size && memcmp(t1->buf, t2->buf, t1->size) == 0
   11.21 +    // and test if we're talking to the same sender
   11.22 +            && s1 && s2 && strcmp(s1, s2) == 0;
   11.23 +||
   11.24 +
   11.25  condition keyElectionWon
   11.26  ||
   11.27      pEp_identity *from = session->sync_state.common.from;
   11.28 @@ -96,44 +111,106 @@
   11.29  function "copy_UUID" {
   11.30      param "src", param "dst";
   11.31      ||
   11.32 -        TID_t *src = «$src»;
   11.33 -        TID_t *dst = «$dst»;
   11.34 +        {
   11.35 +            TID_t *src = «$src»;
   11.36 +            TID_t *dst = «$dst»;
   11.37  
   11.38 -        assert(src->size == 16);
   11.39 -        if (!(src->size == 16))
   11.40 -            return PEP_UNKNOWN_ERROR;
   11.41 +            assert(src->size == 16);
   11.42 +            if (!(src->size == 16))
   11.43 +                return PEP_UNKNOWN_ERROR;
   11.44  
   11.45 -        OCTET_STRING_fromBuf(dst, (char *) src->buf, src->size);
   11.46 +            OCTET_STRING_fromBuf(dst, (char *) src->buf, src->size);
   11.47 +        }
   11.48      ||
   11.49  }
   11.50  
   11.51 -action newChallenge
   11.52 +function "xor_UUID" {
   11.53 +    param "src", param "dst";
   11.54 +    ||
   11.55 +        {
   11.56 +            TID_t *src = «$src»;
   11.57 +            TID_t *dst = «$dst»;
   11.58 +
   11.59 +            assert(src->size == 16 && dst->size == 16);
   11.60 +            if (!(src->size == 16 && dst->size == 16))
   11.61 +                return PEP_UNKNOWN_ERROR;
   11.62 +
   11.63 +            for (int i=0; i < src->size; ++i)
   11.64 +                dst->buf[i] ^= src->buf[i];
   11.65 +        }
   11.66 +    ||
   11.67 +}
   11.68 +
   11.69 +action newChallenge {
   11.70 +    // random new challenge
   11.71      call "new_UUID" with "dst" > &session->own_sync_state.challenge
   11.72 +    // store a copy of this challenge
   11.73 +    call "copy_UUID" {
   11.74 +        with "src" > &session->own_sync_state.challenge
   11.75 +        with "dst" > &session->sync_state.common.challenge
   11.76 +    }
   11.77 +}
   11.78  
   11.79 -action storeChallenge call "copy_UUID" {
   11.80 +action replyChallenge call "copy_UUID" {
   11.81      with "src" > &session->sync_state.keysync.challenge
   11.82      with "dst" > &session->own_sync_state.challenge
   11.83  }
   11.84  
   11.85 -action openTransaction {
   11.86 +action useOwnChallenge call "copy_UUID" {
   11.87 +    with "src" > &session->sync_state.common.challenge
   11.88 +    with "dst" > &session->own_sync_state.challenge
   11.89 +}
   11.90 +
   11.91 +action newTransaction {
   11.92  ||
   11.93 -    for (int i=0; i<session->sync_state.keysync.negotiation.size; ++i) {
   11.94 -        if (session->sync_state.keysync.negotiation.buf[i])
   11.95 -            return PEP_STATUS_OK;
   11.96 +    // sender key must be stable while transaction
   11.97 +    assert(session->sync_state.common.signature_fpr);
   11.98 +    free(session->own_sync_state.signature_fpr);
   11.99 +    session->own_sync_state.signature_fpr
  11.100 +            = strdup(session->sync_state.common.signature_fpr);
  11.101 +    assert(session->own_sync_state.signature_fpr);
  11.102 +    if (!session->own_sync_state.signature_fpr)
  11.103 +        return PEP_OUT_OF_MEMORY;
  11.104 +
  11.105 +||
  11.106 +    call "copy_UUID" {
  11.107 +        with "src" > &session->sync_state.keysync.challenge
  11.108 +        with "dst" > &session->sync_state.keysync.negotiation
  11.109      }
  11.110 -||
  11.111 -    call "new_UUID" with "dst" > &session->sync_state.keysync.negotiation
  11.112 +    call "xor_UUID" {
  11.113 +        with "src" > &session->own_sync_state.challenge
  11.114 +        with "dst" > &session->sync_state.keysync.negotiation
  11.115 +    }
  11.116 +    call "copy_UUID" {
  11.117 +        with "src" > &session->sync_state.keysync.negotiation
  11.118 +        with "dst" > &session->own_sync_state.negotiation
  11.119 +    }
  11.120  }
  11.121  
  11.122  action closeTransaction
  11.123  ||
  11.124      memset(session->sync_state.keysync.negotiation.buf, 0,
  11.125              session->sync_state.keysync.negotiation.size);
  11.126 +    memset(session->own_sync_state.negotiation.buf, 0,
  11.127 +            session->own_sync_state.negotiation.size);
  11.128  ||
  11.129  
  11.130 -action storeTransaction call "copy_UUID" {
  11.131 -    with "src" > &session->sync_state.keysync.negotiation
  11.132 -    with "dst" > &session->own_sync_state.negotiation
  11.133 +action storeTransaction {
  11.134 +||
  11.135 +    // sender key must be stable while transaction
  11.136 +    assert(session->sync_state.common.signature_fpr);
  11.137 +    free(session->own_sync_state.signature_fpr);
  11.138 +    session->own_sync_state.signature_fpr
  11.139 +            = strdup(session->sync_state.common.signature_fpr);
  11.140 +    assert(session->own_sync_state.signature_fpr);
  11.141 +    if (!session->own_sync_state.signature_fpr)
  11.142 +        return PEP_OUT_OF_MEMORY;
  11.143 +
  11.144 +||
  11.145 +    call "copy_UUID" {
  11.146 +        with "src" > &session->sync_state.keysync.negotiation
  11.147 +        with "dst" > &session->own_sync_state.negotiation
  11.148 +    }
  11.149  }
  11.150  
  11.151  function "show_handshake" {
  11.152 @@ -233,13 +310,13 @@
  11.153  action prepareOwnKeys
  11.154  ||
  11.155      stringlist_t *own_keys;
  11.156 -    PEP_STATUS status = _own_keys_retrieve(session, &own_keys, PEP_idf_not_for_sync);
  11.157 +    PEP_STATUS status = _own_keys_retrieve(session, &own_keys, PEP_idf_not_for_sync, true);
  11.158      if (status)
  11.159          return status;
  11.160  
  11.161 -    if (session->sync_state.common.own_keys)
  11.162 -        free_stringlist(session->sync_state.common.own_keys);
  11.163 -    session->sync_state.common.own_keys = own_keys;
  11.164 +    if (session->own_sync_state.own_keys)
  11.165 +        free_stringlist(session->own_sync_state.own_keys);
  11.166 +    session->own_sync_state.own_keys = own_keys;
  11.167  
  11.168      identity_list *il;
  11.169      status = _own_identities_retrieve(session, &il, PEP_idf_not_for_sync);
  11.170 @@ -247,6 +324,7 @@
  11.171          return status;
  11.172  
  11.173      IdentityList_from_identity_list(il, &session->sync_state.keysync.ownIdentities);
  11.174 +    free_identity_list(il);
  11.175  ||
  11.176  
  11.177  action saveGroupKeys
  11.178 @@ -272,7 +350,7 @@
  11.179      PEP_STATUS status = PEP_STATUS_OK;
  11.180  
  11.181      // set flag for current keys
  11.182 -    for (identity_list *il = session->sync_state.common.own_identities; il && il->ident ; il = il->next) {
  11.183 +    for (identity_list *il = session->own_sync_state.own_identities; il && il->ident ; il = il->next) {
  11.184          if (!(il->ident->flags && PEP_idf_not_for_sync)) {
  11.185              status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
  11.186              if (status)
  11.187 @@ -286,7 +364,7 @@
  11.188      PEP_STATUS status = PEP_STATUS_OK;
  11.189  
  11.190      // set flag for current keys
  11.191 -    for (identity_list *il = session->sync_state.common.own_identities; il && il->ident ; il = il->next) {
  11.192 +    for (identity_list *il = session->own_sync_state.own_identities; il && il->ident ; il = il->next) {
  11.193          if (!(il->ident->flags && PEP_idf_not_for_sync)) {
  11.194              status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
  11.195              if (status)
  11.196 @@ -298,7 +376,7 @@
  11.197      if (!il)
  11.198          return PEP_OUT_OF_MEMORY;
  11.199  
  11.200 -    for (il = session->sync_state.common.own_identities; il && il->ident ; il = il->next) {
  11.201 +    for (il = session->own_sync_state.own_identities; il && il->ident ; il = il->next) {
  11.202          // replace partner's user_id with own user_id
  11.203          free(il->ident->user_id);
  11.204          il->ident->user_id = strdup(session->sync_state.common.from->user_id);
    12.1 --- a/sync/gen_message_func.ysl2	Tue Apr 30 07:49:02 2019 +0200
    12.2 +++ b/sync/gen_message_func.ysl2	Fri May 03 12:41:06 2019 +0200
    12.3 @@ -39,18 +39,30 @@
    12.4  // state
    12.5  
    12.6  struct «@name»_state_s {
    12.7 +    // common buffer for all types of «@name» messages
    12.8 +
    12.9      struct common_state_s {
   12.10 +        // intermediate store own challenge
   12.11 +        TID_t challenge;
   12.12 +
   12.13 +        // transport data
   12.14          pEp_identity *from;
   12.15          char *signature_fpr;
   12.16 -        stringlist_t *own_keys;
   12.17 -        identity_list *own_identities;
   12.18      } common;
   12.19 -
   12.20      `` apply "fsm", mode=state
   12.21  };
   12.22  
   12.23 +// own state
   12.24 +
   12.25  struct own_«@name»_state_s {
   12.26 +    stringlist_t *own_keys;
   12.27 +    identity_list *own_identities;
   12.28 +
   12.29 +    `` if "func:distinctName(fsm/message/field[@type='TID'])" |> // active TIDs
   12.30      `` for "func:distinctName(fsm/message/field[@type='TID'])" |> «func:ctype()» «@name»;
   12.31 +
   12.32 +    // transport data
   12.33 +    char *signature_fpr;
   12.34  };
   12.35  
   12.36  void free_«@name»_state(PEP_SESSION session);
   12.37 @@ -73,6 +85,9 @@
   12.38  
   12.39  template "fsm", mode=state
   12.40  ||
   12.41 +
   12.42 +// buffer for «@name» messages
   12.43 +
   12.44  struct _«@name»_state_s {
   12.45      int state;
   12.46  
   12.47 @@ -100,8 +115,8 @@
   12.48  
   12.49      free_identity(session->«yml:lcase(@name)»_state.common.from);
   12.50      free(session->«yml:lcase(@name)»_state.common.signature_fpr);
   12.51 -    free_stringlist(session->«yml:lcase(@name)»_state.common.own_keys);
   12.52 -    free_identity_list(session->«yml:lcase(@name)»_state.common.own_identities);
   12.53 +    free_stringlist(session->own_«yml:lcase(@name)»_state.own_keys);
   12.54 +    free_identity_list(session->own_«yml:lcase(@name)»_state.own_identities);
   12.55  
   12.56  ||
   12.57  for "fsm"
    13.1 --- a/sync/gen_statemachine.ysl2	Tue Apr 30 07:49:02 2019 +0200
    13.2 +++ b/sync/gen_statemachine.ysl2	Fri May 03 12:41:06 2019 +0200
    13.3 @@ -40,7 +40,6 @@
    13.4              pEp_identity *from;
    13.5              char *signature_fpr;
    13.6  
    13.7 -            // identities to sync
    13.8              identity_list *own_identities;
    13.9          } «@name»_event_t;
   13.10  
   13.11 @@ -349,6 +348,7 @@
   13.12  
   13.13                  «@name»_PR fsm = msg->present;
   13.14                  int event = 0;
   13.15 +                bool is_own_key = false;
   13.16  
   13.17                  switch (fsm) {
   13.18                      `` apply "fsm", 2, mode=signal_message
   13.19 @@ -417,6 +417,8 @@
   13.20                  identity_list *channels = NULL;
   13.21                  char *key_data = NULL;
   13.22                  size_t key_data_size = 0;
   13.23 +                stringlist_t *extra = NULL;
   13.24 +                bool transaction;
   13.25  
   13.26                  status = update_«@name»_message(session, msg);
   13.27                  if (status)
   13.28 @@ -497,8 +499,6 @@
   13.29                      }
   13.30                      memcpy(_data, data, size);
   13.31  
   13.32 -                    stringlist_t *extra = NULL;
   13.33 -
   13.34                      switch (message_type) {
   13.35                      `` for "fsm/message[@security='unencrypted']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
   13.36                              status = base_prepare_message(
   13.37 @@ -518,22 +518,76 @@
   13.38                              m = _m;
   13.39                              break;
   13.40  
   13.41 -                    `` for "fsm/message[@security='attach_own_keys']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
   13.42 -                            assert(session->«yml:lcase(@name)»_state.common.signature_fpr &&
   13.43 -                                session->«yml:lcase(@name)»_state.common.from &&
   13.44 -                                session->«yml:lcase(@name)»_state.common.from->user_id);
   13.45 -                            if (!(session->«yml:lcase(@name)»_state.common.signature_fpr &&
   13.46 -                                    session->«yml:lcase(@name)»_state.common.from &&
   13.47 -                                    session->«yml:lcase(@name)»_state.common.from->user_id))
   13.48 -                            {
   13.49 +                    `` for "fsm/message[@security='untrusted']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
   13.50 +                            // add fpr of key of comm partner
   13.51 +
   13.52 +                            assert(session->«yml:lcase(@name)»_state.common.signature_fpr);
   13.53 +                            if (!session->«yml:lcase(@name)»_state.common.signature_fpr) {
   13.54                                  status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
   13.55                                  goto the_end;
   13.56                              }
   13.57 +
   13.58 +                            extra = new_stringlist(session->«yml:lcase(@name)»_state.common.signature_fpr);
   13.59 +                            if (!extra) {
   13.60 +                                status = PEP_OUT_OF_MEMORY;
   13.61 +                                goto the_end;
   13.62 +                            }
   13.63 +
   13.64 +                            status = base_prepare_message(
   13.65 +                                    session,
   13.66 +                                    li->ident,
   13.67 +                                    li->ident,
   13.68 +                                    _data,
   13.69 +                                    size,
   13.70 +                                    NULL,
   13.71 +                                    &_m
   13.72 +                                );
   13.73 +                            if (status) {
   13.74 +                                free(_data);
   13.75 +                                goto the_end;
   13.76 +                            }
   13.77 +
   13.78 +                            status = encrypt_message(session, _m, extra, &m, PEP_enc_PEP, 0);
   13.79 +                            if (status) {
   13.80 +                                status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
   13.81 +                                goto the_end;
   13.82 +                            }
   13.83 +                            free_message(_m);
   13.84 +                            break;
   13.85 +
   13.86 +                    `` for "fsm/message[@security='attach_own_keys']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
   13.87 +                            // check if this is the key of a former negotiation
   13.88 +
   13.89 +                            transaction = false;
   13.90 +                            for (int i=0; i < session->own_«yml:lcase(@name)»_state.negotiation.size; i++) {
   13.91 +                                if (session->own_«yml:lcase(@name)»_state.negotiation.buf[i]) {
   13.92 +                                    transaction = true;
   13.93 +                                    break;
   13.94 +                                }
   13.95 +                            }
   13.96 +    
   13.97 +                            // if it is a former negotiation check if the key
   13.98 +                            // is fully trusted and the sender key of this
   13.99 +                            // transaction; if so add the sender key to extra
  13.100 +                            // keys allowing this new partner to read the
  13.101 +                            // secret keys
  13.102 +
  13.103 +                            if (transaction) {
  13.104 +                                assert(session->own_«yml:lcase(@name)»_state.signature_fpr &&
  13.105 +                                    session->«yml:lcase(@name)»_state.common.from &&
  13.106 +                                    session->«yml:lcase(@name)»_state.common.from->user_id);
  13.107 +                                if (!(session->own_«yml:lcase(@name)»_state.signature_fpr &&
  13.108 +                                        session->«yml:lcase(@name)»_state.common.from &&
  13.109 +                                        session->«yml:lcase(@name)»_state.common.from->user_id))
  13.110 +                                {
  13.111 +                                    status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
  13.112 +                                    goto the_end;
  13.113 +                                }
  13.114                              
  13.115 -                            // double check if we fully trust this comm partner
  13.116 -                            {
  13.117 +                                // test if this is a green channel
  13.118 +
  13.119                                  pEp_identity *ident = new_identity(NULL,
  13.120 -                                        session->«yml:lcase(@name)»_state.common.signature_fpr,
  13.121 +                                        session->own_«yml:lcase(@name)»_state.signature_fpr,
  13.122                                          session->«yml:lcase(@name)»_state.common.from->user_id,
  13.123                                          NULL
  13.124                                      );
  13.125 @@ -553,8 +607,31 @@
  13.126                                      goto the_end;
  13.127                                  }
  13.128                                  free_identity(ident);
  13.129 +
  13.130 +                                // test if we accepted this as own key already
  13.131 +
  13.132 +                                bool is_own_key = false;
  13.133 +                                status = own_key_is_listed(session,
  13.134 +                                        session->own_«yml:lcase(@name)»_state.signature_fpr,
  13.135 +                                        &is_own_key);
  13.136 +                                assert(!status);
  13.137 +                                if (status)
  13.138 +                                    goto the_end;
  13.139 +                                assert(is_own_key);
  13.140 +                                if (!is_own_key) {
  13.141 +                                    status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
  13.142 +                                    goto the_end;
  13.143 +                                }
  13.144 +
  13.145 +                                // if so add key of comm partner to extra keys
  13.146 +
  13.147 +                                extra = new_stringlist(session->own_«yml:lcase(@name)»_state.signature_fpr);
  13.148 +                                if (!extra) {
  13.149 +                                    status = PEP_OUT_OF_MEMORY;
  13.150 +                                    goto the_end;
  13.151 +                                }
  13.152                              }
  13.153 -
  13.154 +                            
  13.155                              status = base_prepare_message(
  13.156                                      session,
  13.157                                      li->ident,
  13.158 @@ -581,7 +658,7 @@
  13.159                              }
  13.160                              key_data_size = 1;
  13.161  
  13.162 -                            for (stringlist_t *sl = session->«yml:lcase(@name)»_state.common.own_keys;
  13.163 +                            for (stringlist_t *sl = session->own_«yml:lcase(@name)»_state.own_keys;
  13.164                                      sl && sl->value ; sl = sl->next)
  13.165                              {
  13.166                                  char *_key_data = NULL;
  13.167 @@ -644,16 +721,7 @@
  13.168                              }
  13.169                              key_data = NULL;
  13.170  
  13.171 -                            // add fpr of key of comm partner
  13.172 -
  13.173 -                            extra = new_stringlist(session->«yml:lcase(@name)»_state.common.signature_fpr);
  13.174 -                            if (extra) {
  13.175 -                                status = encrypt_message(session, _m, extra, &m, PEP_enc_PEP, 0);
  13.176 -                                free_stringlist(extra);
  13.177 -                            }
  13.178 -                            else {
  13.179 -                                status = PEP_OUT_OF_MEMORY;
  13.180 -                            }
  13.181 +                            status = encrypt_message(session, _m, extra, &m, PEP_enc_PEP, 0);
  13.182                              if (status) {
  13.183                                  status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
  13.184                                  goto the_end;
  13.185 @@ -661,7 +729,7 @@
  13.186                              free_message(_m);
  13.187                              break;
  13.188  
  13.189 -                        default:
  13.190 +                        default: // security=trusted only
  13.191                              status = base_prepare_message(
  13.192                                      session,
  13.193                                      li->ident,
  13.194 @@ -676,20 +744,7 @@
  13.195                                  goto the_end;
  13.196                              }
  13.197  
  13.198 -                            assert(session->«yml:lcase(@name)»_state.common.signature_fpr);
  13.199 -                            if (!session->«yml:lcase(@name)»_state.common.signature_fpr) {
  13.200 -                                status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
  13.201 -                                goto the_end;
  13.202 -                            }
  13.203 -
  13.204 -                            stringlist_t *extra = new_stringlist(session->«yml:lcase(@name)»_state.common.signature_fpr);
  13.205 -                            if (extra) {
  13.206 -                                status = encrypt_message(session, _m, extra, &m, PEP_enc_PEP, 0);
  13.207 -                                free_stringlist(extra);
  13.208 -                            }
  13.209 -                            else {
  13.210 -                                status = PEP_OUT_OF_MEMORY;
  13.211 -                            }
  13.212 +                            status = encrypt_message(session, _m, NULL, &m, PEP_enc_PEP, 0);
  13.213                              if (status) {
  13.214                                  status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
  13.215                                  goto the_end;
  13.216 @@ -702,6 +757,7 @@
  13.217                  }
  13.218  
  13.219              the_end:
  13.220 +                free_stringlist(extra);
  13.221                  free_identity_list(channels);
  13.222                  free_message(m);
  13.223                  free(data);
  13.224 @@ -761,8 +817,8 @@
  13.225                  // update own identities
  13.226  
  13.227                  if (ev->own_identities && ev->own_identities->ident) {
  13.228 -                    free_identity_list(session->«yml:lcase(@name)»_state.common.own_identities);
  13.229 -                    session->«yml:lcase(@name)»_state.common.own_identities = ev->own_identities;
  13.230 +                    free_identity_list(session->own_«yml:lcase(@name)»_state.own_identities);
  13.231 +                    session->own_«yml:lcase(@name)»_state.own_identities = ev->own_identities;
  13.232                      ev->own_identities = NULL;
  13.233                  }
  13.234  
  13.235 @@ -870,6 +926,13 @@
  13.236                          status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
  13.237                          goto the_end;
  13.238                      }
  13.239 +                    status = own_key_is_listed(session, signature_fpr, &is_own_key);
  13.240 +                    if (status)
  13.241 +                        goto the_end;
  13.242 +                    if (!is_own_key) {
  13.243 +                        status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
  13.244 +                        goto the_end;
  13.245 +                    }
  13.246                      event = «@name»;
  13.247                      break;
  13.248  
  13.249 @@ -1126,7 +1189,7 @@
  13.250                  `` apply "event", 2, mode=fsm
  13.251                  default:
  13.252                      // ignore events not handled here
  13.253 -                    «../@name»_SERVICE_LOG("ignoring event", KeySync_event_name(event));
  13.254 +                    «../@name»_SERVICE_LOG("ignoring event", «../@name»_event_name(event));
  13.255                      return invalid_event;
  13.256              }
  13.257              break;
    14.1 --- a/sync/sync.fsm	Tue Apr 30 07:49:02 2019 +0200
    14.2 +++ b/sync/sync.fsm	Fri May 03 12:41:06 2019 +0200
    14.3 @@ -23,53 +23,57 @@
    14.4  
    14.5          state Sole timeout=off {
    14.6              on Init {
    14.7 +                do closeTransaction;
    14.8 +                do newChallenge;
    14.9                  do showBeingSole;
   14.10 -                do newChallenge;
   14.11 -                do closeTransaction;
   14.12                  send Beacon;
   14.13              }
   14.14  
   14.15 -            on KeyGen
   14.16 +            on KeyGen {
   14.17                  send Beacon;
   14.18 +            }
   14.19  
   14.20 -            on CannotDecrypt // cry baby
   14.21 +            on CannotDecrypt { // cry baby
   14.22                  send Beacon;
   14.23 +            }
   14.24  
   14.25              on Beacon {
   14.26                  if sameChallenge {
   14.27 -                    // this is our own beacon; ignore
   14.28 +                    // this is our own Beacon; ignore
   14.29                  }
   14.30                  else {
   14.31                      if weAreFirst {
   14.32                          send Beacon;
   14.33                      }
   14.34                      else /* we are second */ {
   14.35 -                        do storeChallenge; // partner's challenge
   14.36 -                        do openTransaction; // NOP if negotiation already open
   14.37 -                        do storeTransaction;
   14.38 +                        do newTransaction;
   14.39                          do tellWeAreNotGrouped;
   14.40                          // second is sending NegotiationRequest
   14.41 +                        do replyChallenge; // partner's challenge
   14.42                          send NegotiationRequest;
   14.43 +                        do useOwnChallenge;
   14.44                      }
   14.45                  }
   14.46              }
   14.47  
   14.48 -            on NegotiationRequest if challengeAccepted {
   14.49 -                if sameTransaction {
   14.50 -                    // this is our own handshake request; ignore
   14.51 -                }
   14.52 -                else {
   14.53 -                    // first is receiving NegotiationRequest
   14.54 -                    do storeTransaction;
   14.55 -                    // first is sending NegotiationOpen
   14.56 -                    send NegotiationOpen;
   14.57 -                    if partnerIsGrouped
   14.58 -                        go HandshakingWithGroup;
   14.59 -                    go HandshakingNewFirst;
   14.60 +            on NegotiationRequest {
   14.61 +                if challengeAccepted {
   14.62 +                    if sameTransaction {
   14.63 +                        // this is our own NegotiationRequest; ignore
   14.64 +                    }
   14.65 +                    else {
   14.66 +                        // first is receiving NegotiationRequest
   14.67 +                        do storeTransaction;
   14.68 +                        // first is sending NegotiationOpen
   14.69 +                        send NegotiationOpen;
   14.70 +                        if partnerIsGrouped
   14.71 +                            go HandshakingWithGroup;
   14.72 +                        go HandshakingNewFirst;
   14.73 +                    }
   14.74                  }
   14.75              }
   14.76  
   14.77 -            on NegotiationOpen if sameTransaction {
   14.78 +            on NegotiationOpen if sameTransactionAndPartner {
   14.79                  // second is receiving NegotiationOpen
   14.80                  go HandshakingNewSecond;
   14.81              }
   14.82 @@ -86,7 +90,7 @@
   14.83                  go Sole;
   14.84              }
   14.85  
   14.86 -            on Rollback if sameTransaction
   14.87 +            on Rollback if sameTransactionAndPartner
   14.88                  go Sole;
   14.89  
   14.90              // Reject is CommitReject
   14.91 @@ -96,7 +100,7 @@
   14.92                  go End;
   14.93              }
   14.94  
   14.95 -            on CommitReject if sameTransaction {
   14.96 +            on CommitReject if sameTransactionAndPartner {
   14.97                  do disable;
   14.98                  go End;
   14.99              }
  14.100 @@ -109,7 +113,7 @@
  14.101              }
  14.102  
  14.103              // got a CommitAccept from second
  14.104 -            on CommitAcceptSecond if sameTransaction
  14.105 +            on CommitAcceptSecond if sameTransactionAndPartner
  14.106                  go HandshakingNewPhase2First;
  14.107          }
  14.108  
  14.109 @@ -124,7 +128,7 @@
  14.110                  go Sole;
  14.111              }
  14.112  
  14.113 -            on Rollback if sameTransaction
  14.114 +            on Rollback if sameTransactionAndPartner
  14.115                  go Sole;
  14.116  
  14.117              // Reject is CommitReject
  14.118 @@ -134,7 +138,7 @@
  14.119                  go End;
  14.120              }
  14.121  
  14.122 -            on CommitReject if sameTransaction {
  14.123 +            on CommitReject if sameTransactionAndPartner {
  14.124                  do disable;
  14.125                  go End;
  14.126              }
  14.127 @@ -147,40 +151,40 @@
  14.128              }
  14.129  
  14.130              // got a CommitAccept from first
  14.131 -            on CommitAcceptFirst if sameTransaction
  14.132 +            on CommitAcceptFirst if sameTransactionAndPartner
  14.133                  go HandshakingNewPhase2Second;
  14.134          }
  14.135  
  14.136          state HandshakingNewPhase1First {
  14.137 -            on Rollback if sameTransaction {
  14.138 +            on Rollback if sameTransactionAndPartner {
  14.139                  do untrustThisKey;
  14.140                  go Sole;
  14.141              }
  14.142              
  14.143 -            on CommitReject if sameTransaction {
  14.144 +            on CommitReject if sameTransactionAndPartner {
  14.145                  do untrustThisKey;
  14.146                  do disable;
  14.147                  go End;
  14.148              }
  14.149  
  14.150 -            on CommitAcceptSecond if sameTransaction {
  14.151 +            on CommitAcceptSecond if sameTransactionAndPartner {
  14.152                  go NewGroupFirst;
  14.153              }
  14.154          }
  14.155  
  14.156          state HandshakingNewPhase1Second {
  14.157 -            on Rollback if sameTransaction {
  14.158 +            on Rollback if sameTransactionAndPartner {
  14.159                  do untrustThisKey;
  14.160                  go Sole;
  14.161              }
  14.162              
  14.163 -            on CommitReject if sameTransaction {
  14.164 +            on CommitReject if sameTransactionAndPartner {
  14.165                  do untrustThisKey;
  14.166                  do disable;
  14.167                  go End;
  14.168              }
  14.169  
  14.170 -            on CommitAcceptFirst if sameTransaction {
  14.171 +            on CommitAcceptFirst if sameTransactionAndPartner {
  14.172                  go NewGroupSecond;
  14.173              }
  14.174          }
  14.175 @@ -225,7 +229,6 @@
  14.176  
  14.177          state NewGroupFirst {
  14.178              on Init {
  14.179 -                do closeTransaction;
  14.180                  do prepareOwnKeys;
  14.181                  send OwnKeysFirst; // we're not grouped yet, this is our own keys
  14.182              }
  14.183 @@ -244,7 +247,6 @@
  14.184  
  14.185          state NewGroupSecond {
  14.186              on Init {
  14.187 -                do closeTransaction;
  14.188                  do prepareOwnKeys;
  14.189                  send OwnKeysSecond; // we're not grouped yet, this is our own keys
  14.190              }
  14.191 @@ -263,8 +265,9 @@
  14.192  
  14.193          state Grouped timeout=off {
  14.194              on Init {
  14.195 +                do closeTransaction;
  14.196 +                do newChallenge;
  14.197                  do showBeingInGroup;
  14.198 -                do closeTransaction;
  14.199              }
  14.200  
  14.201              on GroupKeys
  14.202 @@ -276,14 +279,14 @@
  14.203              }
  14.204  
  14.205              on Beacon {
  14.206 -                do storeChallenge;
  14.207 -                do openTransaction;
  14.208 -                do storeTransaction;
  14.209 +                do newTransaction;
  14.210                  do tellWeAreGrouped;
  14.211 +                do replyChallenge; // partner's challenge
  14.212                  send NegotiationRequest;
  14.213 +                do useOwnChallenge;
  14.214              }
  14.215  
  14.216 -            on NegotiationOpen if sameTransaction
  14.217 +            on NegotiationOpen if sameTransactionAndPartner
  14.218                  go HandshakingGrouped;
  14.219  
  14.220              on GroupTrustThisKey {
  14.221 @@ -302,7 +305,7 @@
  14.222                  go Sole;
  14.223              }
  14.224  
  14.225 -            on Rollback if sameTransaction
  14.226 +            on Rollback if sameTransactionAndPartner
  14.227                  go Sole;
  14.228  
  14.229              // Reject is CommitReject
  14.230 @@ -312,7 +315,7 @@
  14.231                  go End;
  14.232              }
  14.233  
  14.234 -            on CommitReject if sameTransaction {
  14.235 +            on CommitReject if sameTransactionAndPartner {
  14.236                  do disable;
  14.237                  go End;
  14.238              }
  14.239 @@ -324,20 +327,20 @@
  14.240                  go HandshakingJoinPhase1;
  14.241              }
  14.242  
  14.243 -            on CommitAcceptForGroup if sameTransaction
  14.244 +            on CommitAcceptForGroup if sameTransactionAndPartner
  14.245                  go HandshakingJoinPhase2;
  14.246          }
  14.247  
  14.248          state HandshakingJoinPhase1 {
  14.249 -            on Rollback if sameTransaction
  14.250 +            on Rollback if sameTransactionAndPartner
  14.251                  go Sole;
  14.252              
  14.253 -            on CommitReject if sameTransaction {
  14.254 +            on CommitReject if sameTransactionAndPartner {
  14.255                  do disable;
  14.256                  go End;
  14.257              }
  14.258  
  14.259 -            on CommitAcceptForGroup if sameTransaction {
  14.260 +            on CommitAcceptForGroup if sameTransactionAndPartner {
  14.261                  go JoinGroup;
  14.262              }
  14.263          }
  14.264 @@ -362,7 +365,6 @@
  14.265  
  14.266          state JoinGroup {
  14.267              on Init {
  14.268 -                do closeTransaction;
  14.269                  do prepareOwnKeys;
  14.270                  send OwnKeys;
  14.271              }
  14.272 @@ -385,7 +387,7 @@
  14.273                  go Grouped;
  14.274              }
  14.275  
  14.276 -            on Rollback if sameTransaction
  14.277 +            on Rollback if sameTransactionAndPartner
  14.278                  go Grouped;
  14.279  
  14.280              // Reject is CommitReject
  14.281 @@ -394,7 +396,7 @@
  14.282                  go Grouped;
  14.283              }
  14.284  
  14.285 -            on CommitReject if sameTransaction
  14.286 +            on CommitReject if sameTransactionAndPartner
  14.287                  go Grouped;
  14.288  
  14.289              // Accept is Phase1Commit
  14.290 @@ -405,7 +407,7 @@
  14.291                  go HandshakingGroupedPhase1;
  14.292              }
  14.293  
  14.294 -            on CommitAccept if sameTransaction
  14.295 +            on CommitAccept if sameTransactionAndPartner
  14.296                  go HandshakingGroupedPhase2;
  14.297  
  14.298              on GroupTrustThisKey {
  14.299 @@ -415,7 +417,7 @@
  14.300  
  14.301              on CommitAcceptForGroup {
  14.302                  do showDeviceAdded;
  14.303 -                if sameTransaction {
  14.304 +                if sameTransactionAndPartner {
  14.305                      do hideHandshakeDialog;
  14.306                      go Grouped;
  14.307                  }
  14.308 @@ -426,13 +428,13 @@
  14.309          }
  14.310  
  14.311          state HandshakingGroupedPhase1 {
  14.312 -            on Rollback if sameTransaction
  14.313 +            on Rollback if sameTransactionAndPartner
  14.314                  go Grouped;
  14.315  
  14.316 -            on CommitReject if sameTransaction
  14.317 +            on CommitReject if sameTransactionAndPartner
  14.318                  go Grouped;
  14.319  
  14.320 -            on CommitAccept if sameTransaction {
  14.321 +            on CommitAccept if sameTransactionAndPartner {
  14.322                  send GroupKeys;
  14.323                  go Grouped;
  14.324              }
  14.325 @@ -443,7 +445,7 @@
  14.326  
  14.327              on CommitAcceptForGroup {
  14.328                  do showDeviceAdded;
  14.329 -                if sameTransaction
  14.330 +                if sameTransactionAndPartner
  14.331                      go Grouped;
  14.332              }
  14.333  
  14.334 @@ -475,7 +477,7 @@
  14.335  
  14.336              on CommitAcceptForGroup {
  14.337                  do showDeviceAdded;
  14.338 -                if sameTransaction {
  14.339 +                if sameTransactionAndPartner {
  14.340                      do hideHandshakeDialog;
  14.341                      go Grouped;
  14.342                  }
  14.343 @@ -537,7 +539,7 @@
  14.344              field Hash key;
  14.345          }
  14.346  
  14.347 -        // security=attach_own_keys implies security=trusted
  14.348 +        // trust in future
  14.349          message GroupKeys 12, security=attach_own_keys {
  14.350              field IdentityList ownIdentities;
  14.351          }
    15.1 --- a/sync/sync_protocol.md	Tue Apr 30 07:49:02 2019 +0200
    15.2 +++ b/sync/sync_protocol.md	Fri May 03 12:41:06 2019 +0200
    15.3 @@ -47,7 +47,8 @@
    15.4  
    15.5  ### Negotiation
    15.6  
    15.7 -A Negotiation is a Transaction identified by a TID.
    15.8 +A Negotiation is a Transaction identified by a TID. The Negotiation's TID is
    15.9 +the XOR of the two Challenge TIDs of the two devices, respectively.
   15.10  
   15.11  ## Roles and Keys
   15.12  
    16.1 --- a/test/gentestshell.py	Tue Apr 30 07:49:02 2019 +0200
    16.2 +++ b/test/gentestshell.py	Fri May 03 12:41:06 2019 +0200
    16.3 @@ -86,7 +86,10 @@
    16.4  
    16.5  if not args.no_src:
    16.6      src_inc = ('#include <stdlib.h>\n'
    16.7 +               '#include <cstring>\n'
    16.8                 '#include <string>\n\n'
    16.9 +               '#include <cpptest.h>\n'
   16.10 +               '#include "test_util.h"\n\n'
   16.11                 '#include "pEpEngine.h"\n\n'
   16.12                 '#include "' + superclass +'.h"\n'
   16.13                 '#include "' + test_suite + '.h"\n\n')
    17.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    17.2 +++ b/test/include/ExportKeyTests.h	Fri May 03 12:41:06 2019 +0200
    17.3 @@ -0,0 +1,22 @@
    17.4 +// This file is under GNU General Public License 3.0
    17.5 +// see LICENSE.txt
    17.6 +
    17.7 +#ifndef EXPORT_KEY_H
    17.8 +#define EXPORT_KEY_H
    17.9 +
   17.10 +#include <string>
   17.11 +#include "EngineTestIndividualSuite.h"
   17.12 +
   17.13 +using namespace std;
   17.14 +
   17.15 +class ExportKeyTests : public EngineTestIndividualSuite {
   17.16 +    public:
   17.17 +        ExportKeyTests(string test_suite, string test_home_dir);
   17.18 +    private:
   17.19 +        void check_export_key_no_key();
   17.20 +        void check_export_key_pubkey();
   17.21 +        void check_export_key_secret_key();
   17.22 +        void check_export_key_no_secret_key();
   17.23 +};
   17.24 +
   17.25 +#endif
    18.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    18.2 +++ b/test/include/OwnKeysRetrieveTests.h	Fri May 03 12:41:06 2019 +0200
    18.3 @@ -0,0 +1,25 @@
    18.4 +// This file is under GNU General Public License 3.0
    18.5 +// see LICENSE.txt
    18.6 +
    18.7 +#ifndef OWN_KEYS_RETRIEVE_H
    18.8 +#define OWN_KEYS_RETRIEVE_H
    18.9 +
   18.10 +#include <string>
   18.11 +#include "EngineTestIndividualSuite.h"
   18.12 +
   18.13 +using namespace std;
   18.14 +
   18.15 +class OwnKeysRetrieveTests : public EngineTestIndividualSuite {
   18.16 +    public:
   18.17 +        OwnKeysRetrieveTests(string test_suite, string test_home_dir);
   18.18 +    private:
   18.19 +        void check_own_keys_retrieve_single_private();
   18.20 +        void check_own_keys_retrieve_single_private_single_pub();
   18.21 +        void check_own_keys_retrieve_multiple_private();
   18.22 +        void check_own_keys_retrieve_multiple_private_and_pub();
   18.23 +        void check_own_keys_retrieve_multi_pub_only();
   18.24 +        void check_own_keys_retrieve_no_own();
   18.25 +        void check_own_keys_retrieve_multi_idents_one_key();
   18.26 +        void check_own_keys_retrieve_multi_idents_one_priv_key_multi_pub();
   18.27 +};
   18.28 +#endif
    19.1 --- a/test/src/SuiteMaker.cc	Tue Apr 30 07:49:02 2019 +0200
    19.2 +++ b/test/src/SuiteMaker.cc	Fri May 03 12:41:06 2019 +0200
    19.3 @@ -25,6 +25,7 @@
    19.4  #include "PgpBinaryTests.h"
    19.5  #include "SubkeyRatingEvalTests.h"
    19.6  #include "MessageNullFromTests.h"
    19.7 +#include "ExportKeyTests.h"
    19.8  #include "LeastCommonDenomColorTests.h"
    19.9  #include "StringlistTests.h"
   19.10  #include "PgpListKeysTests.h"
   19.11 @@ -61,6 +62,7 @@
   19.12  #include "KeyResetMessageTests.h"
   19.13  #include "DeleteKeyTests.h"
   19.14  #include "KeyAttachmentTests.h"
   19.15 +#include "OwnKeysRetrieveTests.h"
   19.16  #include "TrustManipulationTests.h"
   19.17  #include "SyncTests.h"
   19.18  #include "AppleMailTests.h"
   19.19 @@ -80,6 +82,7 @@
   19.20      "PgpBinaryTests",
   19.21      "SubkeyRatingEvalTests",
   19.22      "MessageNullFromTests",
   19.23 +    "ExportKeyTests",
   19.24      "LeastCommonDenomColorTests",
   19.25      "StringlistTests",
   19.26      "PgpListKeysTests",
   19.27 @@ -116,13 +119,14 @@
   19.28      "KeyResetMessageTests",
   19.29      "DeleteKeyTests",
   19.30      "KeyAttachmentTests",
   19.31 +    "OwnKeysRetrieveTests",
   19.32      "TrustManipulationTests",
   19.33      "SyncTests",
   19.34      "AppleMailTests",
   19.35  };
   19.36  
   19.37  // This file is generated, so magic constants are ok.
   19.38 -int SuiteMaker::num_suites = 52;
   19.39 +int SuiteMaker::num_suites = 54;
   19.40  
   19.41  void SuiteMaker::suitemaker_build(const char* test_class_name, const char* test_home, Test::Suite** test_suite) {
   19.42      if (strcmp(test_class_name, "MimeTests") == 0)
   19.43 @@ -151,6 +155,8 @@
   19.44          *test_suite = new SubkeyRatingEvalTests(test_class_name, test_home);
   19.45      else if (strcmp(test_class_name, "MessageNullFromTests") == 0)
   19.46          *test_suite = new MessageNullFromTests(test_class_name, test_home);
   19.47 +    else if (strcmp(test_class_name, "ExportKeyTests") == 0)
   19.48 +        *test_suite = new ExportKeyTests(test_class_name, test_home);
   19.49      else if (strcmp(test_class_name, "LeastCommonDenomColorTests") == 0)
   19.50          *test_suite = new LeastCommonDenomColorTests(test_class_name, test_home);
   19.51      else if (strcmp(test_class_name, "StringlistTests") == 0)
   19.52 @@ -223,6 +229,8 @@
   19.53          *test_suite = new DeleteKeyTests(test_class_name, test_home);
   19.54      else if (strcmp(test_class_name, "KeyAttachmentTests") == 0)
   19.55          *test_suite = new KeyAttachmentTests(test_class_name, test_home);
   19.56 +    else if (strcmp(test_class_name, "OwnKeysRetrieveTests") == 0)
   19.57 +        *test_suite = new OwnKeysRetrieveTests(test_class_name, test_home);
   19.58      else if (strcmp(test_class_name, "TrustManipulationTests") == 0)
   19.59          *test_suite = new TrustManipulationTests(test_class_name, test_home);
   19.60      else if (strcmp(test_class_name, "SyncTests") == 0)
    20.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    20.2 +++ b/test/src/engine_tests/ExportKeyTests.cc	Fri May 03 12:41:06 2019 +0200
    20.3 @@ -0,0 +1,128 @@
    20.4 +// This file is under GNU General Public License 3.0
    20.5 +// see LICENSE.txt
    20.6 +
    20.7 +#include <stdlib.h>
    20.8 +#include <cstring>
    20.9 +#include <string>
   20.10 +
   20.11 +#include <cpptest.h>
   20.12 +#include "test_util.h"
   20.13 +
   20.14 +#include "pEpEngine.h"
   20.15 +
   20.16 +#include "EngineTestIndividualSuite.h"
   20.17 +#include "ExportKeyTests.h"
   20.18 +
   20.19 +using namespace std;
   20.20 +
   20.21 +ExportKeyTests::ExportKeyTests(string suitename, string test_home_dir) :
   20.22 +    EngineTestIndividualSuite::EngineTestIndividualSuite(suitename, test_home_dir) {
   20.23 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("ExportKeyTests::check_export_key_no_key"),
   20.24 +                                                                      static_cast<Func>(&ExportKeyTests::check_export_key_no_key)));
   20.25 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("ExportKeyTests::check_export_key_pubkey"),
   20.26 +                                                                      static_cast<Func>(&ExportKeyTests::check_export_key_pubkey)));
   20.27 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("ExportKeyTests::check_export_key_no_secret_key"),
   20.28 +                                                                      static_cast<Func>(&ExportKeyTests::check_export_key_no_secret_key)));
   20.29 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("ExportKeyTests::check_export_key_no_secret_key"),
   20.30 +                                                                      static_cast<Func>(&ExportKeyTests::check_export_key_no_secret_key)));
   20.31 +}
   20.32 +
   20.33 +void ExportKeyTests::check_export_key_no_key() {
   20.34 +    char* keydata = NULL;
   20.35 +    size_t keysize = 0;
   20.36 +    PEP_STATUS status = export_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
   20.37 +                                   &keydata, &keysize);
   20.38 +    TEST_ASSERT_MSG(status == PEP_KEY_NOT_FOUND, tl_status_string(status));
   20.39 +    free(keydata);
   20.40 +    keydata = NULL;
   20.41 +    keysize = 0;
   20.42 +    status = export_secret_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
   20.43 +                                   &keydata, &keysize);
   20.44 +    TEST_ASSERT_MSG(status == PEP_KEY_NOT_FOUND, tl_status_string(status));
   20.45 +    free(keydata);
   20.46 +
   20.47 +    TEST_ASSERT(true);
   20.48 +}
   20.49 +
   20.50 +void ExportKeyTests::check_export_key_pubkey() {
   20.51 +    // Own pub key
   20.52 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc"),
   20.53 +                    "Unable to import test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc");
   20.54 +
   20.55 +    char* keydata = NULL;
   20.56 +    size_t keysize = 0;
   20.57 +    stringlist_t* keylist = NULL;
   20.58 +    PEP_STATUS status = find_keys(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", &keylist);
   20.59 +    TEST_ASSERT(keylist && keylist->value);
   20.60 +    TEST_ASSERT(strcmp(keylist->value, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39") == 0);
   20.61 +    free_stringlist(keylist);
   20.62 +
   20.63 +    status = export_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
   20.64 +                                   &keydata, &keysize);
   20.65 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   20.66 +    TEST_ASSERT(keydata);
   20.67 +    TEST_ASSERT(keysize > 0);
   20.68 +    
   20.69 +    free(keydata);
   20.70 +}
   20.71 +
   20.72 +void ExportKeyTests::check_export_key_secret_key() {
   20.73 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc"),
   20.74 +                    "Unable to import test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc");
   20.75 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/priv/pep-test-bob-0xC9C2EE39_priv.asc"),
   20.76 +                    "Unable to import test_keys/priv/pep-test-bob-0xC9C2EE39_priv.asc");
   20.77 +    char* keydata = NULL;
   20.78 +    size_t keysize = 0;
   20.79 +    stringlist_t* keylist = NULL;
   20.80 +    PEP_STATUS status = find_keys(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", &keylist);
   20.81 +    TEST_ASSERT(keylist && keylist->value);
   20.82 +    TEST_ASSERT(strcmp(keylist->value, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39") == 0);
   20.83 +    free_stringlist(keylist);
   20.84 +    keylist = NULL;
   20.85 +    
   20.86 +    bool has_private = false;
   20.87 +    contains_priv_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", &has_private);
   20.88 +    TEST_ASSERT_MSG(has_private, "Secret key not found.")
   20.89 +    
   20.90 +    status = export_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
   20.91 +                                   &keydata, &keysize);
   20.92 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   20.93 +    TEST_ASSERT(keydata);
   20.94 +    TEST_ASSERT(keysize > 0);
   20.95 +
   20.96 +    free(keydata);
   20.97 +    keydata = NULL;
   20.98 +    keysize = 0;
   20.99 +    status = export_secret_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
  20.100 +                                   &keydata, &keysize);
  20.101 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  20.102 +
  20.103 +    free(keydata);
  20.104 +    TEST_ASSERT(true);
  20.105 +}
  20.106 +
  20.107 +
  20.108 +void ExportKeyTests::check_export_key_no_secret_key() {
  20.109 +    // Own pub key
  20.110 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc"),
  20.111 +                    "Unable to import test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc");
  20.112 +
  20.113 +    char* keydata = NULL;
  20.114 +    size_t keysize = 0;
  20.115 +    stringlist_t* keylist = NULL;
  20.116 +    PEP_STATUS status = find_keys(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", &keylist);
  20.117 +    TEST_ASSERT(keylist && keylist->value);
  20.118 +    TEST_ASSERT(strcmp(keylist->value, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39") == 0);
  20.119 +
  20.120 +    status = export_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
  20.121 +                                   &keydata, &keysize);
  20.122 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  20.123 +    free(keydata);
  20.124 +    keydata = NULL;
  20.125 +    keysize = 0;
  20.126 +    status = export_secret_key(session, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39", 
  20.127 +                                   &keydata, &keysize);
  20.128 +    TEST_ASSERT_MSG(status == PEP_KEY_NOT_FOUND, tl_status_string(status));
  20.129 +    free(keydata);
  20.130 +    TEST_ASSERT(true);
  20.131 +}
    21.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    21.2 +++ b/test/src/engine_tests/OwnKeysRetrieveTests.cc	Fri May 03 12:41:06 2019 +0200
    21.3 @@ -0,0 +1,639 @@
    21.4 +// This file is under GNU General Public License 3.0
    21.5 +// see LICENSE.txt
    21.6 +
    21.7 +#include <stdlib.h>
    21.8 +#include <cstring>
    21.9 +#include <string>
   21.10 +
   21.11 +#include <cpptest.h>
   21.12 +#include "test_util.h"
   21.13 +
   21.14 +#include "pEpEngine.h"
   21.15 +
   21.16 +#include "EngineTestIndividualSuite.h"
   21.17 +#include "OwnKeysRetrieveTests.h"
   21.18 +
   21.19 +using namespace std;
   21.20 +
   21.21 +OwnKeysRetrieveTests::OwnKeysRetrieveTests(string suitename, string test_home_dir) :
   21.22 +    EngineTestIndividualSuite::EngineTestIndividualSuite(suitename, test_home_dir) {
   21.23 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_single_private"),
   21.24 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_single_private)));
   21.25 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_single_private_single_pub"),
   21.26 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_single_private_single_pub)));
   21.27 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_multiple_private"),
   21.28 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_multiple_private)));
   21.29 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_multiple_private_and_pub"),
   21.30 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_multiple_private_and_pub)));
   21.31 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_multi_pub_only"),
   21.32 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_multi_pub_only)));
   21.33 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_no_own"),
   21.34 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_no_own)));
   21.35 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_multi_idents_one_key"),
   21.36 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_multi_idents_one_key)));
   21.37 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("OwnKeysRetrieveTests::check_own_keys_retrieve_multi_idents_one_priv_key_multi_pub"),
   21.38 +                                                                      static_cast<Func>(&OwnKeysRetrieveTests::check_own_keys_retrieve_multi_idents_one_priv_key_multi_pub)));
   21.39 +}
   21.40 +
   21.41 +void OwnKeysRetrieveTests::check_own_keys_retrieve_single_private() {
   21.42 +    // Setup own identity
   21.43 +    PEP_STATUS status = read_file_and_import_key(session,
   21.44 +                "test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc");
   21.45 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
   21.46 +    status = set_up_ident_from_scratch(session,
   21.47 +                "test_keys/priv/pep-test-alice-0x6FF00E97_priv.asc",
   21.48 +                "pep.test.alice@pep-project.org", "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97", 
   21.49 +                PEP_OWN_USERID, "Alice in Wonderland", NULL, true
   21.50 +            );
   21.51 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   21.52 +
   21.53 +    // Ok, see if we get it back.
   21.54 +    stringlist_t* keylist = NULL;
   21.55 +    
   21.56 +    status = _own_keys_retrieve(session, &keylist, 0, true);
   21.57 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   21.58 +    TEST_ASSERT(keylist);
   21.59 +    TEST_ASSERT(keylist->value);
   21.60 +    TEST_ASSERT(!keylist->next);
   21.61 +
   21.62 +    TEST_ASSERT(strcmp(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97") == 0);
   21.63 +}
   21.64 +
   21.65 +void OwnKeysRetrieveTests::check_own_keys_retrieve_single_private_single_pub() {
   21.66 +    // Set up an own idea that only has a public key
   21.67 +    PEP_STATUS status = set_up_ident_from_scratch(session,
   21.68 +                "test_keys/pub/pep-test-bob-0xC9C2EE39_pub.asc",
   21.69 +                "pep.test.bob@pep-project.org", NULL, PEP_OWN_USERID, "Bob's Burgers",
   21.70 +                NULL, false
   21.71 +            );
   21.72 +    TEST_ASSERT(status == PEP_STATUS_OK);
   21.73 +
   21.74 +    // Make it an own identity in the DB
   21.75 +    pEp_identity* me_bob = new_identity("pep.test.bob@pep-project.org", NULL, PEP_OWN_USERID, NULL);
   21.76 +    status = update_identity(session, me_bob);
   21.77 +    TEST_ASSERT(status == PEP_STATUS_OK);
   21.78 +    TEST_ASSERT(strcmp(me_bob->fpr, "BFCDB7F301DEEEBBF947F29659BFF488C9C2EE39") == 0);
   21.79 +    status = trust_personal_key(session, me_bob);
   21.80 +    TEST_ASSERT(status == PEP_STATUS_OK);
   21.81 +    
   21.82 +    me_bob->me = true;
   21.83 +    status = set_identity(session, me_bob);
   21.84 +    free_identity(me_bob);
   21.85 +    me_bob = NULL;
   21.86 +    TEST_ASSERT(status == PEP_STATUS_OK);
   21.87 +    
   21.88 +    // Setup own identity
   21.89 +    status = read_file_and_import_key(session,
   21.90 +                "test_keys/pub/pep-test-alice-0x6FF00E97_pub.asc");
   21.91 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
   21.92 +    status = set_up_ident_from_scratch(session,
   21.93 +                "test_keys/priv/pep-test-alice-0x6FF00E97_priv.asc",
   21.94 +                "pep.test.alice@pep-project.org", "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97", 
   21.95 +                PEP_OWN_USERID, "Alice in Wonderland", NULL, true
   21.96 +            );
   21.97 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   21.98 +
   21.99 +    // Ok, see if we get it back.
  21.100 +    stringlist_t* keylist = NULL;
  21.101 +    
  21.102 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.103 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.104 +    TEST_ASSERT(keylist);
  21.105 +    TEST_ASSERT(keylist->value);
  21.106 +    TEST_ASSERT(!keylist->next);
  21.107 +
  21.108 +    TEST_ASSERT(strcmp(keylist->value, "4ABE3AAF59AC32CFE4F86500A9411D176FF00E97") == 0);
  21.109 +}
  21.110 +
  21.111 +void OwnKeysRetrieveTests::check_own_keys_retrieve_multiple_private() {
  21.112 +    // Setup own identity
  21.113 +    PEP_STATUS status = read_file_and_import_key(session,
  21.114 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.115 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.116 +    status = set_up_ident_from_scratch(session,
  21.117 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.118 +                "pep.test.xander@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.119 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.120 +            );
  21.121 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.122 +
  21.123 +    // Setup own identity
  21.124 +    status = read_file_and_import_key(session,
  21.125 +                "test_keys/pub/pep.test.alexander1-0x541260F6_pub.asc");
  21.126 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.127 +    status = set_up_ident_from_scratch(session,
  21.128 +                "test_keys/priv/pep.test.alexander1-0x541260F6_priv.asc",
  21.129 +                "pep.test.xander@pep-project.org", "59AF4C51492283522F6904531C09730A541260F6", 
  21.130 +                PEP_OWN_USERID, "Xander2", NULL, true
  21.131 +            );
  21.132 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.133 +
  21.134 +    // Setup own identity
  21.135 +    status = read_file_and_import_key(session,
  21.136 +                "test_keys/pub/pep.test.alexander2-0xA6512F30_pub.asc");
  21.137 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.138 +    status = set_up_ident_from_scratch(session,
  21.139 +                "test_keys/priv/pep.test.alexander2-0xA6512F30_priv.asc",
  21.140 +                "pep.test.xander.work@pep-project.org", "46A994F19077C05610870273C4B8AB0BA6512F30", 
  21.141 +                PEP_OWN_USERID, "Xander3", NULL, true
  21.142 +            );
  21.143 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.144 +
  21.145 +    // Setup own identity
  21.146 +    status = read_file_and_import_key(session,
  21.147 +                "test_keys/pub/pep.test.alexander3-0x724B3975_pub.asc");
  21.148 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.149 +    status = set_up_ident_from_scratch(session,
  21.150 +                "test_keys/priv/pep.test.alexander3-0x724B3975_priv.asc",
  21.151 +                "pep.test.xander@pep-project.org", "5F7076BBD92E14EA49F0DF7C2CE49419724B3975", 
  21.152 +                PEP_OWN_USERID, "Xander4", NULL, true
  21.153 +            );
  21.154 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.155 +
  21.156 +    // Setup own identity
  21.157 +    status = read_file_and_import_key(session,
  21.158 +                "test_keys/pub/pep.test.alexander4-0x844B9DCF_pub.asc");
  21.159 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.160 +    status = set_up_ident_from_scratch(session,
  21.161 +                "test_keys/priv/pep.test.alexander4-0x844B9DCF_priv.asc",
  21.162 +                "pep.test.xander.home@pep-project.org", "E95FFF95B8E2FDD4A12C3374395F1485844B9DCF", 
  21.163 +                PEP_OWN_USERID, "Xander in Wonderland Again", NULL, true
  21.164 +            );
  21.165 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.166 +    
  21.167 +    // Ok, see if we get it back.
  21.168 +    stringlist_t* keylist = NULL;
  21.169 +    
  21.170 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.171 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.172 +    TEST_ASSERT(keylist);
  21.173 +
  21.174 +    int fpr_count = 0;
  21.175 +
  21.176 +    const char* fpr_list[5];
  21.177 +    
  21.178 +    bool* found_list = (bool*)calloc(5, sizeof(bool));
  21.179 +    fpr_list[0] = "F4598A17D4690EB3B5B0F6A344F04E963B7302DB"; 
  21.180 +    fpr_list[1] = "59AF4C51492283522F6904531C09730A541260F6"; 
  21.181 +    fpr_list[2] = "46A994F19077C05610870273C4B8AB0BA6512F30"; 
  21.182 +    fpr_list[3] = "5F7076BBD92E14EA49F0DF7C2CE49419724B3975"; 
  21.183 +    fpr_list[4] = "E95FFF95B8E2FDD4A12C3374395F1485844B9DCF"; 
  21.184 +     
  21.185 +    for (stringlist_t* _kl = keylist; _kl; _kl = _kl->next) {
  21.186 +        TEST_ASSERT(_kl->value);
  21.187 +        fpr_count++;
  21.188 +        
  21.189 +        for (int j = 0; j < 5; j++) {
  21.190 +            if (strcmp(_kl->value, fpr_list[j]) == 0) {
  21.191 +                found_list[j] = true;
  21.192 +                break;
  21.193 +            }
  21.194 +        }
  21.195 +    }
  21.196 +    TEST_ASSERT_MSG(fpr_count == 5, "Returned keylist does not have the correct number of keys.");
  21.197 +    for (int j = 0; j < 5; j++) {
  21.198 +        TEST_ASSERT_MSG(found_list[j], (string(fpr_list[j]) + " was not found.").c_str());
  21.199 +    }    
  21.200 +    free(found_list);
  21.201 +    free_stringlist(keylist);
  21.202 +}
  21.203 +
  21.204 +void OwnKeysRetrieveTests::check_own_keys_retrieve_multiple_private_and_pub() {
  21.205 +    // Setup own identity
  21.206 +    PEP_STATUS status = read_file_and_import_key(session,
  21.207 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.208 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.209 +    status = set_up_ident_from_scratch(session,
  21.210 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.211 +                "pep.test.xander@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.212 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.213 +            );
  21.214 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.215 +
  21.216 +    // Own pub key
  21.217 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc"),
  21.218 +                    "Unable to import test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc");
  21.219 +    
  21.220 +    // Make it an own identity in the DB
  21.221 +    pEp_identity* me_pub = new_identity("pep.test.xander@pep-project.org", "58BCC2BF2AE1E3C4FBEAB89AD7838ACA0773CD29", PEP_OWN_USERID, NULL);
  21.222 +    me_pub->comm_type = PEP_ct_pEp;
  21.223 +    status = set_trust(session, me_pub);
  21.224 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.225 +    free_identity(me_pub);
  21.226 +    me_pub = NULL;
  21.227 +
  21.228 +    // Setup own identity
  21.229 +    status = read_file_and_import_key(session,
  21.230 +                "test_keys/pub/pep.test.alexander1-0x541260F6_pub.asc");
  21.231 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.232 +    status = set_up_ident_from_scratch(session,
  21.233 +                "test_keys/priv/pep.test.alexander1-0x541260F6_priv.asc",
  21.234 +                "pep.test.xander@pep-project.org", "59AF4C51492283522F6904531C09730A541260F6", 
  21.235 +                PEP_OWN_USERID, "Xander2", NULL, true
  21.236 +            );
  21.237 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.238 +
  21.239 +    // Own pub key
  21.240 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc"),
  21.241 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc");
  21.242 +    
  21.243 +    // Make it an own identity in the DB
  21.244 +    me_pub = new_identity("pep.test.xander@pep-project.org", "74D79B4496E289BD8A71B70BA8E2C4530019697D", PEP_OWN_USERID, NULL);
  21.245 +    me_pub->comm_type = PEP_ct_pEp;
  21.246 +    status = set_trust(session, me_pub);
  21.247 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.248 +    free_identity(me_pub);
  21.249 +    me_pub = NULL;
  21.250 +
  21.251 +
  21.252 +    // Setup own identity
  21.253 +    status = read_file_and_import_key(session,
  21.254 +                "test_keys/pub/pep.test.alexander2-0xA6512F30_pub.asc");
  21.255 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.256 +    status = set_up_ident_from_scratch(session,
  21.257 +                "test_keys/priv/pep.test.alexander2-0xA6512F30_priv.asc",
  21.258 +                "pep.test.xander.work@pep-project.org", "46A994F19077C05610870273C4B8AB0BA6512F30", 
  21.259 +                PEP_OWN_USERID, "Xander3", NULL, true
  21.260 +            );
  21.261 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.262 +
  21.263 +    // Own pub key
  21.264 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc"),
  21.265 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc");
  21.266 +    
  21.267 +    // Make it an own identity in the DB
  21.268 +    me_pub = new_identity("pep.test.xander@pep-project.org", "2E21325D202A44BFD9C607FCF095B202503B14D8", PEP_OWN_USERID, NULL);
  21.269 +    me_pub->comm_type = PEP_ct_pEp;
  21.270 +    status = set_trust(session, me_pub);
  21.271 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.272 +    free_identity(me_pub);
  21.273 +    me_pub = NULL;
  21.274 +
  21.275 +
  21.276 +    // Setup own identity
  21.277 +    status = read_file_and_import_key(session,
  21.278 +                "test_keys/pub/pep.test.alexander3-0x724B3975_pub.asc");
  21.279 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.280 +    status = set_up_ident_from_scratch(session,
  21.281 +                "test_keys/priv/pep.test.alexander3-0x724B3975_priv.asc",
  21.282 +                "pep.test.xander@pep-project.org", "5F7076BBD92E14EA49F0DF7C2CE49419724B3975", 
  21.283 +                PEP_OWN_USERID, "Xander4", NULL, true
  21.284 +            );
  21.285 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.286 +
  21.287 +    // Own pub key
  21.288 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc"),
  21.289 +                    "Unable to import test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc");
  21.290 +    
  21.291 +    // Make it an own identity in the DB
  21.292 +    me_pub = new_identity("pep.test.xander@pep-project.org", "3C1E713D8519D7F907E3142D179EAA24A216E95A", PEP_OWN_USERID, NULL);
  21.293 +    me_pub->comm_type = PEP_ct_pEp;
  21.294 +    status = set_trust(session, me_pub);
  21.295 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.296 +    free_identity(me_pub);
  21.297 +    me_pub = NULL;
  21.298 +
  21.299 +    // Setup own identity
  21.300 +    status = read_file_and_import_key(session,
  21.301 +                "test_keys/pub/pep.test.alexander4-0x844B9DCF_pub.asc");
  21.302 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.303 +    status = set_up_ident_from_scratch(session,
  21.304 +                "test_keys/priv/pep.test.alexander4-0x844B9DCF_priv.asc",
  21.305 +                "pep.test.xander.home@pep-project.org", "E95FFF95B8E2FDD4A12C3374395F1485844B9DCF", 
  21.306 +                PEP_OWN_USERID, "Xander in Wonderland Again", NULL, true
  21.307 +            );
  21.308 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.309 +    
  21.310 +    // Ok, see if we get it back.
  21.311 +    stringlist_t* keylist = NULL;
  21.312 +    
  21.313 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.314 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.315 +    TEST_ASSERT(keylist);
  21.316 +
  21.317 +    int fpr_count = 0;
  21.318 +
  21.319 +    const char* fpr_list[5];
  21.320 +    
  21.321 +    bool* found_list = (bool*)calloc(5, sizeof(bool));
  21.322 +    fpr_list[0] = "F4598A17D4690EB3B5B0F6A344F04E963B7302DB"; 
  21.323 +    fpr_list[1] = "59AF4C51492283522F6904531C09730A541260F6"; 
  21.324 +    fpr_list[2] = "46A994F19077C05610870273C4B8AB0BA6512F30"; 
  21.325 +    fpr_list[3] = "5F7076BBD92E14EA49F0DF7C2CE49419724B3975"; 
  21.326 +    fpr_list[4] = "E95FFF95B8E2FDD4A12C3374395F1485844B9DCF"; 
  21.327 +     
  21.328 +    for (stringlist_t* _kl = keylist; _kl; _kl = _kl->next) {
  21.329 +        TEST_ASSERT(_kl->value);
  21.330 +        fpr_count++;
  21.331 +        
  21.332 +        for (int j = 0; j < 5; j++) {
  21.333 +            if (strcmp(_kl->value, fpr_list[j]) == 0) {
  21.334 +                found_list[j] = true;
  21.335 +                break;
  21.336 +            }
  21.337 +        }
  21.338 +    }
  21.339 +    TEST_ASSERT_MSG(fpr_count == 5, "Returned keylist does not have the correct number of keys.");
  21.340 +    for (int j = 0; j < 5; j++) {
  21.341 +        TEST_ASSERT_MSG(found_list[j], (string(fpr_list[j]) + " was not found.").c_str());
  21.342 +    }    
  21.343 +    free(found_list);
  21.344 +    free_stringlist(keylist);
  21.345 +}
  21.346 +
  21.347 +void OwnKeysRetrieveTests::check_own_keys_retrieve_multi_pub_only() {
  21.348 +        
  21.349 +    PEP_STATUS status = set_up_ident_from_scratch(session,
  21.350 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc",
  21.351 +                "pep.test.alexander0@darthmama.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.352 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, false
  21.353 +            );
  21.354 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.355 +    // Make it an own identity in the DB
  21.356 +    pEp_identity* me_pub = new_identity("pep.test.alexander0@darthmama.org", NULL, PEP_OWN_USERID, NULL);
  21.357 +    status = update_identity(session, me_pub);
  21.358 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.359 +    TEST_ASSERT(strcmp(me_pub->fpr, "F4598A17D4690EB3B5B0F6A344F04E963B7302DB") == 0);
  21.360 +    status = trust_personal_key(session, me_pub);
  21.361 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.362 +    
  21.363 +    me_pub->me = true;
  21.364 +    status = set_identity(session, me_pub);
  21.365 +    free_identity(me_pub);
  21.366 +    me_pub = NULL;
  21.367 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.368 +
  21.369 +
  21.370 +    // Own pub key
  21.371 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc"),
  21.372 +                    "Unable to import test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc");
  21.373 +    
  21.374 +    // Make it an own identity in the DB
  21.375 +    me_pub = new_identity("pep.test.alexander0@darthmama.org", "58BCC2BF2AE1E3C4FBEAB89AD7838ACA0773CD29", PEP_OWN_USERID, NULL);
  21.376 +    me_pub->comm_type = PEP_ct_pEp;
  21.377 +    status = set_trust(session, me_pub);
  21.378 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.379 +    free_identity(me_pub);
  21.380 +    me_pub = NULL;
  21.381 +
  21.382 +    // Own pub key
  21.383 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc"),
  21.384 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc");
  21.385 +    
  21.386 +    // Make it an own identity in the DB
  21.387 +    me_pub = new_identity("pep.test.alexander0@darthmama.org", "74D79B4496E289BD8A71B70BA8E2C4530019697D", PEP_OWN_USERID, NULL);
  21.388 +    me_pub->comm_type = PEP_ct_pEp;
  21.389 +    status = set_trust(session, me_pub);
  21.390 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.391 +    free_identity(me_pub);
  21.392 +    me_pub = NULL;
  21.393 +
  21.394 +    // Own pub key
  21.395 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc"),
  21.396 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc");
  21.397 +    
  21.398 +    // Make it an own identity in the DB
  21.399 +    me_pub = new_identity("pep.test.alexander0@darthmama.org", "2E21325D202A44BFD9C607FCF095B202503B14D8", PEP_OWN_USERID, NULL);
  21.400 +    me_pub->comm_type = PEP_ct_pEp;
  21.401 +    status = set_trust(session, me_pub);
  21.402 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.403 +    free_identity(me_pub);
  21.404 +    me_pub = NULL;
  21.405 +
  21.406 +    // Own pub key
  21.407 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc"),
  21.408 +                    "Unable to import test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc");
  21.409 +    
  21.410 +    // Make it an own identity in the DB
  21.411 +    me_pub = new_identity("pep.test.alexander0@darthmama.org", "3C1E713D8519D7F907E3142D179EAA24A216E95A", PEP_OWN_USERID, NULL);
  21.412 +    me_pub->comm_type = PEP_ct_pEp;
  21.413 +    status = set_trust(session, me_pub);
  21.414 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.415 +    free_identity(me_pub);
  21.416 +    me_pub = NULL;
  21.417 +    
  21.418 +    // Ok, see if we get anything back.
  21.419 +    stringlist_t* keylist = NULL;
  21.420 +    
  21.421 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.422 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.423 +    TEST_ASSERT(!keylist);
  21.424 +
  21.425 +    free_stringlist(keylist);
  21.426 +}
  21.427 +
  21.428 +void OwnKeysRetrieveTests::check_own_keys_retrieve_no_own() {
  21.429 +    PEP_STATUS status = set_up_ident_from_scratch(session,
  21.430 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc",
  21.431 +                "pep.test.alexander0@darthmama.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.432 +                "NotMe", "Xander in Wonderland", NULL, false
  21.433 +            );
  21.434 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.435 +
  21.436 +    pEp_identity* a_pub = new_identity("pep.test.alexander0@darthmama.org", NULL, "NotMe", NULL);
  21.437 +    status = update_identity(session, a_pub);
  21.438 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.439 +    TEST_ASSERT(strcmp(a_pub->fpr, "F4598A17D4690EB3B5B0F6A344F04E963B7302DB") == 0);
  21.440 +    status = trust_personal_key(session, a_pub);
  21.441 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.442 +    free_identity(a_pub);
  21.443 +    a_pub = NULL;
  21.444 +
  21.445 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc"),
  21.446 +                    "Unable to import test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc");
  21.447 +    
  21.448 +    a_pub = new_identity("pep.test.alexander0@darthmama.org", "58BCC2BF2AE1E3C4FBEAB89AD7838ACA0773CD29", "NotMe", NULL);
  21.449 +    a_pub->comm_type = PEP_ct_pEp;
  21.450 +    status = set_trust(session, a_pub);
  21.451 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.452 +    free_identity(a_pub);
  21.453 +    a_pub = NULL;
  21.454 +
  21.455 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc"),
  21.456 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc");
  21.457 +    
  21.458 +    a_pub = new_identity("pep.test.alexander0@darthmama.org", "74D79B4496E289BD8A71B70BA8E2C4530019697D", "NotMe", NULL);
  21.459 +    a_pub->comm_type = PEP_ct_pEp;
  21.460 +    status = set_trust(session, a_pub);
  21.461 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.462 +    free_identity(a_pub);
  21.463 +    a_pub = NULL;
  21.464 +
  21.465 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc"),
  21.466 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc");
  21.467 +    
  21.468 +    a_pub = new_identity("pep.test.alexander0@darthmama.org", "2E21325D202A44BFD9C607FCF095B202503B14D8", "NotMe", NULL);
  21.469 +    a_pub->comm_type = PEP_ct_pEp;
  21.470 +    status = set_trust(session, a_pub);
  21.471 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.472 +    free_identity(a_pub);
  21.473 +    a_pub = NULL;
  21.474 +
  21.475 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc"),
  21.476 +                    "Unable to import test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc");
  21.477 +    
  21.478 +    a_pub = new_identity("pep.test.alexander0@darthmama.org", "3C1E713D8519D7F907E3142D179EAA24A216E95A", "NotMe", NULL);
  21.479 +    a_pub->comm_type = PEP_ct_pEp;
  21.480 +    status = set_trust(session, a_pub);
  21.481 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.482 +    free_identity(a_pub);
  21.483 +    a_pub = NULL;
  21.484 +    
  21.485 +    // Ok, see if we get anything back.
  21.486 +    stringlist_t* keylist = NULL;
  21.487 +    
  21.488 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.489 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.490 +    TEST_ASSERT(!keylist);
  21.491 +
  21.492 +    free_stringlist(keylist);
  21.493 +}
  21.494 +
  21.495 +void OwnKeysRetrieveTests::check_own_keys_retrieve_multi_idents_one_key() {
  21.496 +    // Setup own identity
  21.497 +    PEP_STATUS status = read_file_and_import_key(session,
  21.498 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.499 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.500 +    status = set_up_ident_from_scratch(session,
  21.501 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.502 +                "pep.test.xander@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.503 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.504 +            );
  21.505 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.506 +
  21.507 +    // Setup own identity
  21.508 +    status = read_file_and_import_key(session,
  21.509 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.510 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.511 +    status = set_up_ident_from_scratch(session,
  21.512 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.513 +                "pep.test.xander1@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.514 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.515 +            );
  21.516 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.517 +
  21.518 +    // Setup own identity
  21.519 +    status = read_file_and_import_key(session,
  21.520 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.521 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.522 +    status = set_up_ident_from_scratch(session,
  21.523 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.524 +                "pep.test.xander2@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.525 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.526 +            );
  21.527 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.528 +
  21.529 +    // Ok, see if we get one back.
  21.530 +    stringlist_t* keylist = NULL;
  21.531 +    
  21.532 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.533 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.534 +    TEST_ASSERT(keylist);
  21.535 +    TEST_ASSERT(keylist->value);
  21.536 +    TEST_ASSERT(!keylist->next);
  21.537 +
  21.538 +    TEST_ASSERT(strcmp(keylist->value, "F4598A17D4690EB3B5B0F6A344F04E963B7302DB") == 0);
  21.539 +
  21.540 +}
  21.541 +
  21.542 +void OwnKeysRetrieveTests::check_own_keys_retrieve_multi_idents_one_priv_key_multi_pub() {
  21.543 +    PEP_STATUS status = set_up_ident_from_scratch(session,
  21.544 +                "test_keys/pub/pep.test.alexander5-0x0773CD29_pub.asc",
  21.545 +                "pep.test.alexander5@darthmama.org", "58BCC2BF2AE1E3C4FBEAB89AD7838ACA0773CD29", 
  21.546 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, false
  21.547 +            );
  21.548 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.549 +    // Make it an own identity in the DB
  21.550 +    pEp_identity* me_pub = new_identity("pep.test.alexander5@darthmama.org", NULL, PEP_OWN_USERID, NULL);
  21.551 +    status = update_identity(session, me_pub);
  21.552 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.553 +    TEST_ASSERT(strcmp(me_pub->fpr, "58BCC2BF2AE1E3C4FBEAB89AD7838ACA0773CD29") == 0);
  21.554 +    status = trust_personal_key(session, me_pub);
  21.555 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.556 +    
  21.557 +    me_pub->me = true;
  21.558 +    status = set_identity(session, me_pub);
  21.559 +    free_identity(me_pub);
  21.560 +    me_pub = NULL;
  21.561 +    TEST_ASSERT(status == PEP_STATUS_OK);
  21.562 +    
  21.563 +    // Own pub key
  21.564 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc"),
  21.565 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x0019697D_pub.asc");
  21.566 +    
  21.567 +    // Make it an own identity in the DB
  21.568 +    me_pub = new_identity("pep.test.alexander5@darthmama.org", "74D79B4496E289BD8A71B70BA8E2C4530019697D", PEP_OWN_USERID, NULL);
  21.569 +    me_pub->comm_type = PEP_ct_pEp;
  21.570 +    status = set_trust(session, me_pub);
  21.571 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.572 +    free_identity(me_pub);
  21.573 +    me_pub = NULL;
  21.574 +
  21.575 +    // Own pub key
  21.576 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc"),
  21.577 +                    "Unable to import test_keys/pub/pep.test.alexander6-0x503B14D8_pub.asc");
  21.578 +    
  21.579 +    // Make it an own identity in the DB
  21.580 +    me_pub = new_identity("pep.test.alexander5@darthmama.org", "2E21325D202A44BFD9C607FCF095B202503B14D8", PEP_OWN_USERID, NULL);
  21.581 +    me_pub->comm_type = PEP_ct_pEp;
  21.582 +    status = set_trust(session, me_pub);
  21.583 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.584 +    free_identity(me_pub);
  21.585 +    me_pub = NULL;
  21.586 +
  21.587 +    // Own pub key
  21.588 +    TEST_ASSERT_MSG(slurp_and_import_key(session, "test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc"),
  21.589 +                    "Unable to import test_keys/pub/pep.test.alexander6-0xA216E95A_pub.asc");
  21.590 +    
  21.591 +    // Make it an own identity in the DB
  21.592 +    me_pub = new_identity("pep.test.alexander5@darthmama.org", "3C1E713D8519D7F907E3142D179EAA24A216E95A", PEP_OWN_USERID, NULL);
  21.593 +    me_pub->comm_type = PEP_ct_pEp;
  21.594 +    status = set_trust(session, me_pub);
  21.595 +    TEST_ASSERT(status == PEP_STATUS_OK);    
  21.596 +    free_identity(me_pub);
  21.597 +    me_pub = NULL;
  21.598 +
  21.599 +    // Setup own identity
  21.600 +    status = read_file_and_import_key(session,
  21.601 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.602 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.603 +    status = set_up_ident_from_scratch(session,
  21.604 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.605 +                "pep.test.xander@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.606 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.607 +            );
  21.608 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.609 +
  21.610 +    // Setup own identity
  21.611 +    status = read_file_and_import_key(session,
  21.612 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.613 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.614 +    status = set_up_ident_from_scratch(session,
  21.615 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.616 +                "pep.test.xander1@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.617 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.618 +            );
  21.619 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.620 +
  21.621 +    // Setup own identity
  21.622 +    status = read_file_and_import_key(session,
  21.623 +                "test_keys/pub/pep.test.alexander0-0x3B7302DB_pub.asc");
  21.624 +    TEST_ASSERT(status == PEP_KEY_IMPORTED);
  21.625 +    status = set_up_ident_from_scratch(session,
  21.626 +                "test_keys/priv/pep.test.alexander0-0x3B7302DB_priv.asc",
  21.627 +                "pep.test.xander2@pep-project.org", "F4598A17D4690EB3B5B0F6A344F04E963B7302DB", 
  21.628 +                PEP_OWN_USERID, "Xander in Wonderland", NULL, true
  21.629 +            );
  21.630 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.631 +
  21.632 +    // Ok, see if we get one back.
  21.633 +    stringlist_t* keylist = NULL;
  21.634 +    
  21.635 +    status = _own_keys_retrieve(session, &keylist, 0, true);
  21.636 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
  21.637 +    TEST_ASSERT(keylist);
  21.638 +    TEST_ASSERT(keylist->value);
  21.639 +    TEST_ASSERT(!keylist->next);
  21.640 +
  21.641 +    TEST_ASSERT(strcmp(keylist->value, "F4598A17D4690EB3B5B0F6A344F04E963B7302DB") == 0);
  21.642 +}