Adding upstream version 0.17.0.upstream/0.17.0

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 223 insertions, 0 deletions

diff --git a/src/tests/key-add-userid.cpp b/src/tests/key-add-userid.cpp
new file mode 100644
index 0000000..b80dbb6
--- /dev/null
+++ b/src/tests/key-add-userid.cpp
@@ -0,0 +1,223 @@
+/*
+ * Copyright (c) 2017-2019 [Ribose Inc](https://www.ribose.com).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1.  Redistributions of source code must retain the above copyright notice,
+ *     this list of conditions and the following disclaimer.
+ *
+ * 2.  Redistributions in binary form must reproduce the above copyright notice,
+ *     this list of conditions and the following disclaimer in the documentation
+ *     and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "../librekey/key_store_pgp.h"
+#include "pgp-key.h"
+#include "rnp_tests.h"
+#include "support.h"
+
+/* This test loads a pgp keyring and adds a few userids to the key.
+ */
+TEST_F(rnp_tests, test_key_add_userid)
+{
+    pgp_key_t *        key = NULL;
+    pgp_source_t       src = {};
+    pgp_dest_t         dst = {};
+    const uint32_t     base_expiry = 1234567890;
+    static const char *keyids[] = {"7bc6709b15c23a4a", // primary
+                                   "1ed63ee56fadc34d",
+                                   "1d7e8a5393c997a8",
+                                   "8a05b89fad5aded1",
+                                   "2fcadf05ffa501bb", // primary
+                                   "54505a936a4a970e",
+                                   "326ef111425d14a5"};
+
+    rnp_key_store_t *ks = new rnp_key_store_t(global_ctx);
+
+    assert_rnp_success(init_file_src(&src, "data/keyrings/1/secring.gpg"));
+    assert_rnp_success(rnp_key_store_pgp_read_from_src(ks, &src));
+    src_close(&src);
+
+    // locate our key
+    assert_non_null(key = rnp_tests_get_key_by_id(ks, keyids[0]));
+    assert_non_null(key);
+
+    // unlock the key
+    pgp_password_provider_t pprov(string_copy_password_callback, (void *) "password");
+    assert_true(key->unlock(pprov));
+
+    // save the counts for a few items
+    unsigned uidc = key->uid_count();
+    unsigned subsigc = key->sig_count();
+
+    // add first, non-primary userid
+    rnp_selfsig_cert_info_t selfsig0;
+    selfsig0.userid = "added0";
+    selfsig0.key_flags = 0x2;
+    selfsig0.key_expiration = base_expiry;
+    selfsig0.primary = false;
+    key->add_uid_cert(selfsig0, PGP_HASH_SHA1, global_ctx);
+    // attempt to add sha1-signed uid and make sure it succeeds now and fails after the cutoff
+    // date in 2024
+    assert_int_equal(base_expiry, key->expiration());
+    assert_int_equal(0x2, key->flags());
+    assert_true(key->get_uid(uidc).valid);
+    // delete new uid and add one in the future
+    key->del_uid(uidc);
+    global_ctx.set_time(SHA1_KEY_FROM + 2);
+    key->add_uid_cert(selfsig0, PGP_HASH_SHA1, global_ctx);
+    assert_int_equal(0, key->expiration());
+    assert_int_equal(0x3, key->flags());
+    assert_false(key->get_uid(uidc).valid);
+    global_ctx.set_time(0);
+    key->del_uid(uidc);
+    assert_int_equal(uidc, key->uid_count());
+    assert_int_equal(subsigc, key->sig_count());
+    key->add_uid_cert(selfsig0, PGP_HASH_SHA256, global_ctx);
+    // make sure this userid has not been marked as primary
+    assert_false(key->has_primary_uid());
+    // make sure key expiration and flags are set
+    assert_int_equal(base_expiry, key->expiration());
+    assert_int_equal(0x2, key->flags());
+    assert_true(key->get_uid(uidc).valid);
+
+    // add a primary userid
+    rnp_selfsig_cert_info_t selfsig1;
+    selfsig1.userid = "added1";
+    selfsig1.key_flags = 0xAB;
+    selfsig1.key_expiration = base_expiry + 1;
+    selfsig1.primary = 1;
+    key->add_uid_cert(selfsig1, PGP_HASH_SHA256, global_ctx);
+
+    // make sure this userid has been marked as primary
+    assert_int_equal(key->uid_count() - 1, key->get_primary_uid());
+    // make sure key expiration and flags are set
+    assert_int_equal(base_expiry + 1, key->expiration());
+    assert_int_equal(0xAB, key->flags());
+    assert_true(key->get_uid(uidc + 1).valid);
+
+    // try to add the same userid (should fail)
+    rnp_selfsig_cert_info_t dup_selfsig;
+    dup_selfsig.userid = "added1";
+    assert_throw(key->add_uid_cert(dup_selfsig, PGP_HASH_SHA256, global_ctx));
+
+    // try to add another primary userid (should fail)
+    rnp_selfsig_cert_info_t selfsig2;
+    selfsig2.userid = "added2";
+    selfsig2.primary = 1;
+    assert_throw(key->add_uid_cert(selfsig2, PGP_HASH_SHA256, global_ctx));
+
+    selfsig2.userid = "added2";
+    selfsig2.key_flags = 0xCD;
+    selfsig2.primary = 0;
+
+    // actually add another userid
+    key->add_uid_cert(selfsig2, PGP_HASH_SHA256, global_ctx);
+
+    // confirm that the counts have increased as expected
+    assert_int_equal(key->uid_count(), uidc + 3);
+    assert_int_equal(key->sig_count(), subsigc + 3);
+    assert_true(key->get_uid(uidc + 2).valid);
+
+    // make sure key expiration and flags are not updated as they are picked from the primary
+    assert_int_equal(base_expiry + 1, key->expiration());
+    assert_int_equal(0xAB, key->flags());
+    // check the userids array
+    // added0
+    assert_string_equal(key->get_uid(uidc).str.c_str(), "added0");
+    assert_int_equal(uidc, key->get_sig(subsigc).uid);
+    assert_int_equal(0x2, key->get_sig(subsigc).key_flags);
+    // added1
+    assert_string_equal(key->get_uid(uidc + 1).str.c_str(), "added1");
+    assert_int_equal(uidc + 1, key->get_sig(subsigc + 1).uid);
+    assert_int_equal(0xAB, key->get_sig(subsigc + 1).key_flags);
+    // added2
+    assert_string_equal(key->get_uid(uidc + 2).str.c_str(), "added2");
+    assert_int_equal(uidc + 2, key->get_sig(subsigc + 2).uid);
+    assert_int_equal(0xCD, key->get_sig(subsigc + 2).key_flags);
+
+    // save the raw packets for the key (to reload later)
+    assert_rnp_success(init_mem_dest(&dst, NULL, 0));
+    key->write(dst);
+    // cleanup
+    delete ks;
+    key = NULL;
+
+    // start over
+    ks = new rnp_key_store_t(global_ctx);
+    assert_non_null(ks);
+    // read from the saved packets
+    assert_rnp_success(init_mem_src(&src, mem_dest_get_memory(&dst), dst.writeb, false));
+    assert_rnp_success(rnp_key_store_pgp_read_from_src(ks, &src));
+    src_close(&src);
+    dst_close(&dst, true);
+    assert_non_null(key = rnp_tests_get_key_by_id(ks, keyids[0]));
+
+    // confirm that the counts have increased as expected
+    assert_int_equal(key->uid_count(), uidc + 3);
+    assert_int_equal(key->sig_count(), subsigc + 3);
+
+    // make sure correct key expiration and flags are set
+    assert_int_equal(base_expiry + 1, key->expiration());
+    assert_int_equal(0xAB, key->flags());
+
+    // check the userids array
+    // added0
+    assert_string_equal(key->get_uid(uidc).str.c_str(), "added0");
+    assert_int_equal(uidc, key->get_sig(subsigc).uid);
+    assert_int_equal(0x2, key->get_sig(subsigc).key_flags);
+    assert_true(key->get_uid(uidc).valid);
+    // added1
+    assert_string_equal(key->get_uid(uidc + 1).str.c_str(), "added1");
+    assert_int_equal(uidc + 1, key->get_sig(subsigc + 1).uid);
+    assert_int_equal(0xAB, key->get_sig(subsigc + 1).key_flags);
+    assert_true(key->get_uid(uidc + 1).valid);
+    // added2
+    assert_string_equal(key->get_uid(uidc + 2).str.c_str(), "added2");
+    assert_int_equal(uidc + 2, key->get_sig(subsigc + 2).uid);
+    assert_int_equal(0xCD, key->get_sig(subsigc + 2).key_flags);
+    assert_true(key->get_uid(uidc + 2).valid);
+    // delete primary userid and see how flags/expiration changes
+    key->del_uid(uidc + 1);
+    key->revalidate(*ks);
+    assert_string_equal(key->get_uid(uidc + 1).str.c_str(), "added2");
+    assert_int_equal(uidc + 1, key->get_sig(subsigc + 1).uid);
+    assert_int_equal(0xCD, key->get_sig(subsigc + 1).key_flags);
+    assert_int_equal(key->expiration(), 0);
+    assert_int_equal(key->flags(), 0xCD);
+    // delete first uid
+    key->del_uid(0);
+    key->revalidate(*ks);
+    assert_string_equal(key->get_uid(uidc).str.c_str(), "added2");
+    assert_int_equal(uidc, key->get_sig(subsigc).uid);
+    assert_int_equal(0xCD, key->get_sig(subsigc).key_flags);
+    assert_int_equal(key->expiration(), 0);
+    assert_int_equal(key->flags(), 0xCD);
+    // delete last uid, leaving added0 only
+    key->del_uid(uidc);
+    key->revalidate(*ks);
+    assert_string_equal(key->get_uid(uidc - 1).str.c_str(), "added0");
+    assert_int_equal(uidc - 1, key->get_sig(subsigc - 1).uid);
+    assert_int_equal(0x2, key->get_sig(subsigc - 1).key_flags);
+    assert_int_equal(key->expiration(), base_expiry);
+    assert_int_equal(key->flags(), 0x2);
+    // delete added0
+    key->del_uid(0);
+    key->revalidate(*ks);
+
+    // cleanup
+    delete ks;
+}