Commit 6a46cfbe authored by johan's avatar johan Committed by jehan
Browse files

Manage dummy Ik stored in db when status is set to unsafe

- update the invalid key with correct one when provided instead of raising an exception
parent c5f5adfb
......@@ -76,6 +76,7 @@ namespace settings {
constexpr int DBuserVersion=0x000001;
constexpr uint16_t DBInactiveUserBit = 0x0100;
constexpr uint16_t DBCurveIdByte = 0x00FF;
constexpr uint8_t DBInvalidIk = 0x00;
/******************************************************************************/
/* */
......
......@@ -350,7 +350,9 @@ void Db::set_peerDeviceStatus(const std::string &peerDeviceId, const std::vector
return;
}
uint8_t statusInteger = static_cast<uint8_t>(status);
LIME_LOGD << "Set status trusted for peer device "<<peerDeviceId;
const uint8_t statusInteger = static_cast<uint8_t>(lime::PeerDeviceStatus::trusted);
// Do we have this peerDevice in lime_PeerDevices
blob Ik_blob(sql);
......@@ -362,17 +364,19 @@ void Db::set_peerDeviceStatus(const std::string &peerDeviceId, const std::vector
storedIk.resize(IkSize);
Ik_blob.read(0, (char *)(storedIk.data()), IkSize); // Read the public key
if (storedIk == Ik) {
sql<<"UPDATE Lime_PeerDevices SET Status = :Status WHERE Did = :id;", use(statusInteger), use(id);
} else if (IkSize == 1 && storedIk[0] == lime::settings::DBInvalidIk) { // If storedIk is the invalid_Ik, we got it from a setting to unsafe, just replace it with the given one
blob Ik_update_blob(sql);
Ik_update_blob.write(0, (char *)(Ik.data()), Ik.size());
sql<<"UPDATE Lime_PeerDevices SET Status = :Status, Ik = :Ik WHERE Did = :id;", use(statusInteger), use(Ik_update_blob), use(id);
LIME_LOGW << "Set status trusted for peer device "<<peerDeviceId<<" already present in base without Ik, updated the Ik with provided one";
} else { // Ik in local Storage differs than the one given... raise an exception
throw BCTBX_EXCEPTION << "Trying to insert an Identity key for peer device "<<peerDeviceId<<" which differs from one already in local storage";
}
} else { // peer is not in local Storage
if (status != lime::PeerDeviceStatus::untrusted) { // insert it only if status is trusted or unsafe just ignore the request
blob Ik_insert_blob(sql);
Ik_insert_blob.write(0, (char *)(Ik.data()), Ik.size());
sql<<"INSERT INTO Lime_PeerDevices(DeviceId, Ik, Status) VALUES(:peerDeviceId, :Ik, :Status);", use(peerDeviceId), use(Ik_insert_blob), use(statusInteger);
}
} else { // peer is not in local Storage, insert it
blob Ik_insert_blob(sql);
Ik_insert_blob.write(0, (char *)(Ik.data()), Ik.size());
sql<<"INSERT INTO Lime_PeerDevices(DeviceId, Ik, Status) VALUES(:peerDeviceId, :Ik, :Status);", use(peerDeviceId), use(Ik_insert_blob), use(statusInteger);
}
}
......@@ -389,13 +393,14 @@ void Db::set_peerDeviceStatus(const std::string &peerDeviceId, lime::PeerDeviceS
LIME_LOGE << "Trying to set a status for peer device "<<peerDeviceId<<" without providing a Ik which is not acceptable (differs from unsafe or untrusted)";
return;
}
LIME_LOGD << "Set status "<<((status==lime::PeerDeviceStatus::unsafe)?"unsafe":"untrusted")<<" for peer device "<<peerDeviceId;
uint8_t statusInteger = static_cast<uint8_t>(status);
// is this peerDevice already in local storage?
bool inLocalStorage = false;
long long id;
int currentStatus;
int currentStatus = static_cast<uint8_t>(lime::PeerDeviceStatus::unsafe);
sql<<"SELECT Did, Status FROM Lime_PeerDevices WHERE DeviceId = :peerDeviceId;", into(id), into(currentStatus), use(peerDeviceId);
inLocalStorage = sql.got_data();
......@@ -406,6 +411,11 @@ void Db::set_peerDeviceStatus(const std::string &peerDeviceId, lime::PeerDeviceS
LIME_LOGW << "Trying to set a status untrusted for peer device "<<peerDeviceId<<" not present in local storage, ignore that call)";
return;
}
// and the current status in local storage is already untrusted, do nothing
if (currentStatus == static_cast<uint8_t>(lime::PeerDeviceStatus::untrusted)) {
LIME_LOGD << "Set a status untrusted for peer device "<<peerDeviceId<<" but its current status is already untrusted, ignore that call)";
return;
}
// and the current status in local storage is unsafe, keep unsafe
if (currentStatus == static_cast<uint8_t>(lime::PeerDeviceStatus::unsafe)) {
LIME_LOGW << "Trying to set a status untrusted for peer device "<<peerDeviceId<<" but its current status is unsafe, ignore that call)";
......@@ -417,10 +427,9 @@ void Db::set_peerDeviceStatus(const std::string &peerDeviceId, lime::PeerDeviceS
if (inLocalStorage) {
sql<<"UPDATE Lime_PeerDevices SET Status = :Status WHERE Did = :id;", use(statusInteger), use(id);
} else {
// this constant is set into lime_peerDevices table, Ik field when it is not provided by set_peerDeviceStatus as this field can't be set to NULL in older version of the database
constexpr uint8_t invalid_Ik = 0x00;
// the lime::settings::DBInvalidIk constant is set into lime_peerDevices table, Ik field when it is not provided by set_peerDeviceStatus as this field can't be set to NULL in older version of the database
blob Ik_insert_blob(sql);
Ik_insert_blob.write(0, (char *)(&invalid_Ik), sizeof(invalid_Ik));
Ik_insert_blob.write(0, (char *)(&lime::settings::DBInvalidIk), sizeof(lime::settings::DBInvalidIk));
sql<<"INSERT INTO Lime_PeerDevices(DeviceId, Ik, Status) VALUES(:peerDeviceId, :Ik, :Status);", use(peerDeviceId), use(Ik_insert_blob), use(statusInteger);
}
}
......@@ -484,13 +493,14 @@ void Db::delete_peerDevice(const std::string &peerDeviceId) {
*
* @param[in] peerDeviceId The device id to check
* @param[in] peerIk The public EDDSA identity key of this device
* @param[in] updateInvalid When true, will update the Ik with the given one if the stored one is lime:settings::DBInvalidIk and returns its id.
*
* @throws BCTBX_EXCEPTION if the device is found in local storage but with a different Ik
* @throws BCTBX_EXCEPTION if the device is found in local storage but with a different Ik (if Ik is lime::settings::DBInvalidIk, just pretend we never found the device)
*
* @return the id internally used by db to store this row, 0 if this device is not in the local storage
* @return the id internally used by db to store this row. 0 if this device is not in the local storage or have Ik set to lime::settings::DBInvalidIk
*/
template <typename Curve>
long int Db::check_peerDevice(const std::string &peerDeviceId, const DSA<Curve, lime::DSAtype::publicKey> &peerIk) {
long int Db::check_peerDevice(const std::string &peerDeviceId, const DSA<Curve, lime::DSAtype::publicKey> &peerIk, const bool updateInvalid) {
std::lock_guard<std::recursive_mutex> lock(*m_db_mutex);
try {
blob Ik_blob(sql);
......@@ -499,11 +509,28 @@ long int Db::check_peerDevice(const std::string &peerDeviceId, const DSA<Curve,
// make sure this device wasn't already here, if it was, check they have the same Ik
sql<<"SELECT Ik,Did FROM lime_PeerDevices WHERE DeviceId = :DeviceId LIMIT 1;", into(Ik_blob), into(Did), use(peerDeviceId);
if (sql.got_data()) { // Found one
DSA<Curve, lime::DSAtype::publicKey> stored_Ik;
if (Ik_blob.get_len() != stored_Ik.size()) { // can't match they are not the same size
const auto stored_Ik_size = Ik_blob.get_len();
if (stored_Ik_size == 1) { //Ik seems to be lime::settings::DBInvalidIk, check that
uint8_t stored_Invalid_Ik = ~lime::settings::DBInvalidIk; // make sure the initial value is not the one we test against
Ik_blob.read(0, (char *)(&stored_Invalid_Ik), 1); // Read it
if (stored_Invalid_Ik == lime::settings::DBInvalidIk) { // we stored the invalid Ik
if (updateInvalid == true) { // We shall update the value with the given Ik and return the Did
blob Ik_update_blob(sql);
Ik_update_blob.write(0, (char *)(peerIk.data()), peerIk.size());
sql<<"UPDATE Lime_PeerDevices SET Ik = :Ik WHERE Did = :id;", use(Ik_update_blob), use(Did);
LIME_LOGW << "Check peer device status updated empty/invalid Ik for peer device "<<peerDeviceId;
return Did;
} else { // just proceed as the key were not in base
return 0;
}
}
}
if (stored_Ik_size != peerIk.size()) { // can't match they are not the same size
LIME_LOGE<<"It appears that peer device "<<peerDeviceId<<" was known with an identity key but is trying to use another one now";
throw BCTBX_EXCEPTION << "Peer device "<<peerDeviceId<<" changed its Ik";
}
DSA<Curve, lime::DSAtype::publicKey> stored_Ik;
Ik_blob.read(0, (char *)(stored_Ik.data()), stored_Ik.size()); // Read it to compare it to the given one
if (stored_Ik == peerIk) { // they match, so we just return the Did
return Did;
......@@ -539,7 +566,7 @@ long int Db::store_peerDevice(const std::string &peerDeviceId, const DSA<Curve,
long int Did=0;
// make sure this device wasn't already here, if it was, check they have the same Ik
Did = check_peerDevice(peerDeviceId, peerIk); // perform checks on peer device and returns its Id if found in local storage already
Did = check_peerDevice(peerDeviceId, peerIk, true); // perform checks on peer device and returns its Id if found in local storage already
if (Did != 0) {
return Did;
} else { // not found in local Storage
......@@ -568,12 +595,12 @@ void Db::delete_LimeUser(const std::string &deviceId)
/* template instanciations for Curves 25519 and 448 */
#ifdef EC25519_ENABLED
template long int Db::check_peerDevice<C255>(const std::string &peerDeviceId, const DSA<C255, lime::DSAtype::publicKey> &Ik);
template long int Db::check_peerDevice<C255>(const std::string &peerDeviceId, const DSA<C255, lime::DSAtype::publicKey> &Ik, const bool updateInvalid);
template long int Db::store_peerDevice<C255>(const std::string &peerDeviceId, const DSA<C255, lime::DSAtype::publicKey> &Ik);
#endif
#ifdef EC448_ENABLED
template long int Db::check_peerDevice<C448>(const std::string &peerDeviceId, const DSA<C448, lime::DSAtype::publicKey> &Ik);
template long int Db::check_peerDevice<C448>(const std::string &peerDeviceId, const DSA<C448, lime::DSAtype::publicKey> &Ik, const bool updateInvalid);
template long int Db::store_peerDevice<C448>(const std::string &peerDeviceId, const DSA<C448, lime::DSAtype::publicKey> &Ik);
#endif
......
......@@ -60,19 +60,19 @@ namespace lime {
bool is_localUser(const std::string &deviceId);
void delete_peerDevice(const std::string &peerDeviceId);
template <typename Curve>
long int check_peerDevice(const std::string &peerDeviceId, const DSA<Curve, lime::DSAtype::publicKey> &peerIk);
long int check_peerDevice(const std::string &peerDeviceId, const DSA<Curve, lime::DSAtype::publicKey> &peerIk, const bool updateInvalid=false);
template <typename Curve>
long int store_peerDevice(const std::string &peerDeviceId, const DSA<Curve, lime::DSAtype::publicKey> &peerIk);
};
/* this templates are instanciated once in the lime_localStorage.cpp file, explicitly tell anyone including this header that there is no need to re-instanciate them */
#ifdef EC25519_ENABLED
extern template long int Db::check_peerDevice<C255>(const std::string &peerDeviceId, const DSA<C255, lime::DSAtype::publicKey> &Ik);
extern template long int Db::check_peerDevice<C255>(const std::string &peerDeviceId, const DSA<C255, lime::DSAtype::publicKey> &Ik, const bool updateInvalid);
extern template long int Db::store_peerDevice<C255>(const std::string &peerDeviceId, const DSA<C255, lime::DSAtype::publicKey> &Ik);
#endif
#ifdef EC448_ENABLED
extern template long int Db::check_peerDevice<C448>(const std::string &peerDeviceId, const DSA<C448, lime::DSAtype::publicKey> &Ik);
extern template long int Db::check_peerDevice<C448>(const std::string &peerDeviceId, const DSA<C448, lime::DSAtype::publicKey> &Ik, const bool updateInvalid);
extern template long int Db::store_peerDevice<C448>(const std::string &peerDeviceId, const DSA<C448, lime::DSAtype::publicKey> &Ik);
#endif
......
......@@ -843,7 +843,12 @@ static void lime_identityVerifiedStatus_test(const lime::CurveId curve, const st
} catch (BctbxException &) {
BC_PASS("");
gotException = true;
}
BC_ASSERT_TRUE(gotException);
gotException = false;
try {
// Now delete the alice device from Bob's cache and check its status is now back to unknown
bobManager->delete_peerDevice(*aliceDeviceId);
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::unknown);
......@@ -855,24 +860,19 @@ static void lime_identityVerifiedStatus_test(const lime::CurveId curve, const st
// set the device with the fake Ik but to unsafe so the key shall not be registered in base but the user will
bobManager->set_peerDeviceStatus(*aliceDeviceId, fakeIk, lime::PeerDeviceStatus::unsafe);
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::unsafe);
}
BC_ASSERT_TRUE(gotException);
gotException = false;
try {
// try to set it to trusted, still using the fake Ik, it shall generate an exception as the Ik is invalid in storage
// Set it to trusted, still using the fake Ik, it shall replace the invalid/empty Ik replacing it with the fake one
bobManager->set_peerDeviceStatus(*aliceDeviceId, fakeIk, lime::PeerDeviceStatus::trusted);
} catch (BctbxException &) {
BC_PASS("");
gotException = true;
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::trusted);
bobManager->set_peerDeviceStatus(*aliceDeviceId, fakeIk, lime::PeerDeviceStatus::trusted); // do it twice so we're sure the store Ik is the fake one
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::trusted);
} catch (BctbxException &e) {
LIME_LOGE << e;
BC_FAIL("");
}
BC_ASSERT_TRUE(gotException);
gotException = false;
try {
// same than above but using the actual key : try to set it to trusted, still using the fake Ik, it shall generate an exception as the Ik is invalid in storage
// same than above but using the actual key : try to set it to trusted, it shall generate an exception as the Ik is the fake one in storage
bobManager->set_peerDeviceStatus(*aliceDeviceId, aliceIk, lime::PeerDeviceStatus::trusted);
} catch (BctbxException &) {
BC_PASS("");
......@@ -883,6 +883,9 @@ static void lime_identityVerifiedStatus_test(const lime::CurveId curve, const st
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::unknown);
}
BC_ASSERT_TRUE(gotException);
gotException = false;
try {
// Bob encrypts a message for Alice, alice device status shall be : unknown(it is the first message bob sends and alice is not in cache)
auto bobRecipients = make_shared<std::vector<RecipientData>>();
......@@ -915,7 +918,7 @@ static void lime_identityVerifiedStatus_test(const lime::CurveId curve, const st
BC_ASSERT_TRUE(lime_tester::wait_for(bc_stack,&counters.operation_success,++expected_success,lime_tester::wait_for_timeout));
BC_ASSERT_TRUE((*bobRecipients)[0].peerStatus == lime::PeerDeviceStatus::trusted);
// set a fake bob key in alice context(set is as verified otherwise the request is just ignored)
// set a fake bob key in alice context(set is as trusted otherwise the request is just ignored)
fakeIk = bobIk;
fakeIk[0] ^= 0xFF;
aliceManager->set_peerDeviceStatus(*bobDeviceId, fakeIk, lime::PeerDeviceStatus::trusted);
......@@ -951,18 +954,9 @@ static void lime_identityVerifiedStatus_test(const lime::CurveId curve, const st
BC_ASSERT_TRUE(lime_tester::wait_for(bc_stack,&counters.operation_success,++expected_success,lime_tester::wait_for_timeout));
BC_ASSERT_TRUE((*bobRecipients)[0].peerStatus == lime::PeerDeviceStatus::unknown);
// alice tries again to decrypt but it will fail as the identity key in X3DH init packet is not matching the invalid one set in base by setting its status to unsafe
// alice decrypts, this will update the empty Bob's Ik in storage using the X3DH init packet but shall give an unsafe status
receivedMessage.clear();
BC_ASSERT_TRUE(aliceManager->decrypt(*aliceDeviceId, "alice", *bobDeviceId, (*bobRecipients)[0].DRmessage, *bobCipherMessage, receivedMessage) == lime::PeerDeviceStatus::fail);
// alice fails again to encrypt to Bob as key fetched from X3DH server won't match the one we assert as verified
aliceRecipients = make_shared<std::vector<RecipientData>>();
aliceRecipients->emplace_back(*bobDeviceId);
aliceMessage = make_shared<const std::vector<uint8_t>>(lime_tester::messages_pattern[3].begin(), lime_tester::messages_pattern[3].end());
aliceCipherMessage = make_shared<std::vector<uint8_t>>();
aliceManager->encrypt(*aliceDeviceId, make_shared<const std::string>("bob"), aliceRecipients, aliceMessage, aliceCipherMessage, callback);
BC_ASSERT_TRUE(lime_tester::wait_for(bc_stack,&counters.operation_failed,++expected_failure,lime_tester::wait_for_timeout));
BC_ASSERT_TRUE(aliceManager->decrypt(*aliceDeviceId, "alice", *bobDeviceId, (*bobRecipients)[0].DRmessage, *bobCipherMessage, receivedMessage) == lime::PeerDeviceStatus::unsafe);
// delete bob's key from alice context
aliceManager->delete_peerDevice(*bobDeviceId);
......@@ -1091,8 +1085,12 @@ static void lime_peerDeviceStatus_test(const lime::CurveId curve, const std::str
carolManager->get_selfIdentityKey(*carolDeviceId, carolIk);
daveManager->get_selfIdentityKey(*daveDeviceId, daveIk);
// set alice as untrusted in bob local storage, so it will store it with an invalid/empty Ik
bobManager->set_peerDeviceStatus(*aliceDeviceId, lime::PeerDeviceStatus::unsafe);
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::unsafe);
// exchange trust between alice and bob
bobManager->set_peerDeviceStatus(*aliceDeviceId, aliceIk, lime::PeerDeviceStatus::trusted);
bobManager->set_peerDeviceStatus(*aliceDeviceId, aliceIk, lime::PeerDeviceStatus::trusted); // this one will replace the invalid/empty Ik by the given one
aliceManager->set_peerDeviceStatus(*bobDeviceId, bobIk, lime::PeerDeviceStatus::trusted);
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::trusted);
BC_ASSERT_TRUE(aliceManager->get_peerDeviceStatus(*bobDeviceId) == lime::PeerDeviceStatus::trusted);
......@@ -1211,6 +1209,97 @@ static void lime_peerDeviceStatus() {
#endif
}
/**
* Scenario
* - Create managers and DB for alice, bob
* - Set Bob as unsafe in Alice's base, so Alice would store an empty/invalid identity key for Bob
* - Set Alice as unsafe in Bob's base, so Bob would store an empty/invalid identity key for Alice
* - Alice encrypts a message to bob(so it would fetch Bob's Identity key and replace the empty/invalid one in its DB) but encrypt shall give a unsafe peer device status for Bob
* - Bob decrypt Alice message and check we have the expected Alice status: unsafe. Bob shall replace the invalid key in its local storage for Alice by the one found in the incoming message
*/
static void lime_encryptToUnsafe_test(const lime::CurveId curve, const std::string &dbBaseFilename, const std::string &x3dh_server_url) {
// create DB
std::string dbFilenameAlice{dbBaseFilename};
std::string dbFilenameBob{dbBaseFilename};
dbFilenameAlice.append(".alice.").append((curve==CurveId::c25519)?"C25519":"C448").append(".sqlite3");
dbFilenameBob.append(".bob.").append((curve==CurveId::c25519)?"C25519":"C448").append(".sqlite3");
remove(dbFilenameAlice.data()); // delete the database file if already exists
remove(dbFilenameBob.data()); // delete the database file if already exists
lime_tester::events_counters_t counters={};
int expected_success=0;
limeCallback callback([&counters](lime::CallbackReturn returnCode, std::string anythingToSay) {
if (returnCode == lime::CallbackReturn::success) {
counters.operation_success++;
} else {
counters.operation_failed++;
LIME_LOGE<<"Lime operation failed : "<<anythingToSay;
}
});
try {
// create Manager and devices
auto aliceManager = std::unique_ptr<LimeManager>(new LimeManager(dbFilenameAlice, X3DHServerPost));
auto aliceDeviceId = lime_tester::makeRandomDeviceName("alice.");
aliceManager->create_user(*aliceDeviceId, x3dh_server_url, curve, lime_tester::OPkInitialBatchSize, callback);
auto bobManager = std::unique_ptr<LimeManager>(new LimeManager(dbFilenameBob, X3DHServerPost));
auto bobDeviceId = lime_tester::makeRandomDeviceName("bob.");
bobManager->create_user(*bobDeviceId, x3dh_server_url, curve, lime_tester::OPkInitialBatchSize, callback);
expected_success += 2;
BC_ASSERT_TRUE(lime_tester::wait_for(bc_stack,&counters.operation_success, expected_success,lime_tester::wait_for_timeout));
// set each of them to unsafe for the other
bobManager->set_peerDeviceStatus(*aliceDeviceId, lime::PeerDeviceStatus::unsafe);
aliceManager->set_peerDeviceStatus(*bobDeviceId, lime::PeerDeviceStatus::unsafe);
BC_ASSERT_TRUE(bobManager->get_peerDeviceStatus(*aliceDeviceId) == lime::PeerDeviceStatus::unsafe);
BC_ASSERT_TRUE(aliceManager->get_peerDeviceStatus(*bobDeviceId) == lime::PeerDeviceStatus::unsafe);
// Alice encrypts a message for Bob
auto aliceRecipients = make_shared<std::vector<RecipientData>>();
aliceRecipients->emplace_back(*bobDeviceId);
auto aliceMessage = make_shared<const std::vector<uint8_t>>(lime_tester::messages_pattern[0].begin(), lime_tester::messages_pattern[0].end());
auto aliceCipherMessage = make_shared<std::vector<uint8_t>>();
aliceManager->encrypt(*aliceDeviceId, make_shared<const std::string>("my friends group"), aliceRecipients, aliceMessage, aliceCipherMessage, callback);
BC_ASSERT_TRUE(lime_tester::wait_for(bc_stack,&counters.operation_success,++expected_success,lime_tester::wait_for_timeout));
BC_ASSERT_TRUE((*aliceRecipients)[0].peerStatus == lime::PeerDeviceStatus::unsafe); // recipient 0 is Bob: unsafe
// recipients decrypt
std::vector<uint8_t> receivedMessage{};
// bob shall return unsafe
BC_ASSERT_TRUE(bobManager->decrypt(*bobDeviceId, "my friends group", *aliceDeviceId, (*aliceRecipients)[0].DRmessage, *aliceCipherMessage, receivedMessage) == lime::PeerDeviceStatus::unsafe);
auto receivedMessageString = std::string{receivedMessage.begin(), receivedMessage.end()};
BC_ASSERT_TRUE(receivedMessageString == lime_tester::messages_pattern[0]);
if (cleanDatabase) {
aliceManager->delete_user(*aliceDeviceId, callback);
bobManager->delete_user(*bobDeviceId, callback);
BC_ASSERT_TRUE(lime_tester::wait_for(bc_stack,&counters.operation_success,expected_success+2,lime_tester::wait_for_timeout));
remove(dbFilenameAlice.data());
remove(dbFilenameBob.data());
}
} catch (BctbxException &e) {
LIME_LOGE << e;
BC_FAIL("");
}
}
static void lime_encryptToUnsafe() {
#ifdef EC25519_ENABLED
lime_encryptToUnsafe_test(lime::CurveId::c25519, "lime_encryptToUnsafe", std::string("https://").append(lime_tester::test_x3dh_server_url).append(":").append(lime_tester::test_x3dh_c25519_server_port).data());
#endif
#ifdef EC448_ENABLED
lime_encryptToUnsafe_test(lime::CurveId::c448, "lime_encryptToUnsafe", std::string("https://").append(lime_tester::test_x3dh_server_url).append(":").append(lime_tester::test_x3dh_c448_server_port).data());
#endif
}
/**
* scenario :
* - check the Ik in pattern_db is retrieved as expected
......@@ -3915,6 +4004,7 @@ static test_t tests[] = {
TEST_NO_TAG("get self Identity Key", lime_getSelfIk),
TEST_NO_TAG("Verified Status", lime_identityVerifiedStatus),
TEST_NO_TAG("Peer Device Status", lime_peerDeviceStatus),
TEST_NO_TAG("Encrypt to unsafe", lime_encryptToUnsafe),
TEST_NO_TAG("Encryption Policy", lime_encryptionPolicy),
TEST_NO_TAG("Encryption Policy Error", lime_encryptionPolicyError),
TEST_NO_TAG("Identity theft", lime_identity_theft),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment