bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch/* Copyright (c) 2016-2018 Dovecot authors, see the included COPYING file */
b7324e421e2132cbbf753e6fdbe675bbaecdf929Timo Sirainen static const struct {
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi { "2b7e151628aed2a6abf7158809cf4f3c", "000102030405060708090a0b0c0d0e0f", "6bc1bee22e409f96e93d7e117393172a", "7649abac8119b246cee98e9b12e9197d" },
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi { "2b7e151628aed2a6abf7158809cf4f3c", "7649ABAC8119B246CEE98E9B12E9197D", "ae2d8a571e03ac9c9eb76fac45af8e51", "5086cb9b507219ee95db113a917678b2" }
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi if (!dcrypt_ctx_sym_create("AES-128-CBC", DCRYPT_MODE_ENCRYPT, &ctx, NULL)) {
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_failed("dcrypt_ctx_sym_create", __FILE__, __LINE__-1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_key(ctx, key->data, key->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_ctx_sym_init(ctx, NULL), i);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_ctx_sym_update(ctx, pt->data, pt->used, res_enc, NULL), i);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_ctx_sym_final(ctx, res_enc, NULL), i);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi if (!dcrypt_ctx_sym_create("AES-128-CBC", DCRYPT_MODE_DECRYPT, &ctx, NULL)) {
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_failed("dcrypt_ctx_sym_create", __FILE__, __LINE__-1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_key(ctx, key->data, key->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_ctx_sym_init(ctx, NULL), i);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_ctx_sym_update(ctx, res_enc->data, res_enc->used, res_dec, NULL), i);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_ctx_sym_final(ctx, res_dec, NULL), i);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi if (!dcrypt_ctx_sym_create("aes-128-gcm", DCRYPT_MODE_ENCRYPT, &ctx, &error)) {
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_failed("dcrypt_ctx_sym_create", __FILE__, __LINE__-1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi buffer_t *key, *iv, *aad, *pt, *ct, *tag, *tag_res, *res;
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("feffe9928665731c6d6a8f9467308308", key);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255", pt);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985", ct);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("4d5c2af327cd64a62cf35abd2ba6fab4", tag);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_key(ctx, key->data, key->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_aad(ctx, aad->data, aad->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(dcrypt_ctx_sym_update(ctx, pt->data, pt->used, res, &error));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(dcrypt_ctx_sym_final(ctx, res, &error));
6b136bb200a5f803d0ef5af225ad891e862b6b75Timo Sirainen test_assert(dcrypt_ctx_sym_get_tag(ctx, tag_res));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi if (!dcrypt_ctx_sym_create("aes-128-gcm", DCRYPT_MODE_DECRYPT, &ctx, &error)) {
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_failed("dcrypt_ctx_sym_create", __FILE__, __LINE__-1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_key(ctx, key->data, key->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_aad(ctx, aad->data, aad->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_sym_set_tag(ctx, tag->data, tag->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(dcrypt_ctx_sym_update(ctx, ct->data, ct->used, res, &error));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(dcrypt_ctx_sym_final(ctx, res, &error));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", key);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", pt);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi hex_to_binary("773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe", res);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi if (!dcrypt_ctx_hmac_create("sha256", &hctx, NULL)) {
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_failed("dcrypt_ctx_hmac_create", __FILE__, __LINE__-1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_ctx_hmac_set_key(hctx, key->data, key->used);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(dcrypt_ctx_hmac_update(hctx, pt->data, pt->used, NULL));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(dcrypt_ctx_hmac_final(hctx, ct, NULL));
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi const char *data1 = "1\t716\t1\t0567e6bf9579813ae967314423b0fceb14bda24749303923de9a9bb9370e0026f995901a57e63113eeb2baf0c940e978d00686cbb52bd5014bc318563375876255\t0300E46DA2125427BE968EB3B649910CDC4C405E5FFDE18D433A97CABFEE28CEEFAE9EE356C792004FFB80981D67E741B8CC036A34235A8D2E1F98D1658CFC963D07EB\td0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0\t7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f";
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi bool ret = dcrypt_key_string_get_info(data1, &format, &version,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_KEY);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(strcmp(encryption_key_hash, "d0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0") == 0);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(strcmp(key_hash, "7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f") == 0);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi const char* data2 = "1\t716\t0301EB00973C4EFC8FCECA4EA33E941F50B561199A5159BCB6C2EED9DD1D62D65E38A254979D89E28F0C28883E71EE2AD264CD16B863FA094A8F6F69A56B62E8918040\t7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f";
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_key_string_get_info(data2, &format, &version,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(strcmp(key_hash, "7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f") == 0);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi /* This is the key that should be able to decrypt key1 */
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi const char *data3 = "1\t716\t0\t048FD04FD3612B22D32790C592CF21CEF417EFD2EA34AE5F688FA5B51BED29E05A308B68DA78E16E90B47A11E133BD9A208A2894FD01B0BEE865CE339EA3FB17AC\td0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0";
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_key_string_get_info(data3, &format, &version,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(strcmp(key_hash, "d0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0") == 0);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi /* key3's key_hash should and does match key1's encryption_key_hash */
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi ret = dcrypt_key_load_private(&pkey2, data3, NULL, NULL, &error);
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi ret = dcrypt_key_load_private(&pkey, data1, NULL, pkey2, &error);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi struct dcrypt_private_key *pkey = NULL, *pkey2 = NULL;
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi test_assert(dcrypt_key_load_private(&pkey, "1\t716\t0\t048FD04FD3612B22D32790C592CF21CEF417EFD2EA34AE5F688FA5B51BED29E05A308B68DA78E16E90B47A11E133BD9A208A2894FD01B0BEE865CE339EA3FB17AC\td0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0", NULL, NULL, &error));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi /* check that key_id matches */
955c276b9de538cfbfe4cff19f2a610f57e8d5c7Timo Sirainen dcrypt_key_convert_private_to_public(pkey, &pubkey);
6b136bb200a5f803d0ef5af225ad891e862b6b75Timo Sirainen test_assert(dcrypt_key_store_public(pubkey, DCRYPT_FORMAT_DOVECOT, key_1, NULL));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi dcrypt_key_id_public(pubkey, "sha256", key_1, &error);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(strcmp("792caad4d38c9eb2134a0cbc844eae386116de096a0ccafc98479825fc99b6a1", binary_to_hex(key_1->data, key_1->used)) == 0);
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi test_assert(dcrypt_key_load_private(&pkey2, "1\t716\t1\t0567e6bf9579813ae967314423b0fceb14bda24749303923de9a9bb9370e0026f995901a57e63113eeb2baf0c940e978d00686cbb52bd5014bc318563375876255\t0300E46DA2125427BE968EB3B649910CDC4C405E5FFDE18D433A97CABFEE28CEEFAE9EE356C792004FFB80981D67E741B8CC036A34235A8D2E1F98D1658CFC963D07EB\td0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0\t7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f", NULL, pkey, &error));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi /* check that key_id matches */
955c276b9de538cfbfe4cff19f2a610f57e8d5c7Timo Sirainen dcrypt_key_convert_private_to_public(pkey2, &pubkey);
6b136bb200a5f803d0ef5af225ad891e862b6b75Timo Sirainen test_assert(dcrypt_key_store_public(pubkey, DCRYPT_FORMAT_DOVECOT, key_1, NULL));
6b136bb200a5f803d0ef5af225ad891e862b6b75Timo Sirainen test_assert(dcrypt_key_id_public_old(pubkey, key_1, &error));
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert(strcmp("7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f", binary_to_hex(key_1->data, key_1->used)) == 0);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi const char* data1 = "1\t716\t030131D8A5FD5167947A0AE9CB112ADED6526654635AA5887051EE2364414B60FF32EBA8FA0BBE9485DBDE8794BBBCB44BBFC0D662A4287A848BA570D4E5E45A11FE0F\td0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0";
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi bool ret = dcrypt_key_string_get_info(data1, &format, &version,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
bd5684768b6084ddca07c210fd4dbb6372acc56aTimo Sirainen test_assert(key_hash != NULL && strcmp(key_hash, "d0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0") == 0);
fadd4c92940c10a01556e1ebcb2f17890b35d7bcMartti Rannanjärvi ret = dcrypt_key_load_public(&pub_key, data1, &error);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(dcrypt_key_type_public(pub_key) == DCRYPT_KEY_EC);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi "-----BEGIN PRIVATE KEY-----\n" \
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi"MGcCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcETTBLAgEBBCC25AkD65uhlZXCAdwN\n" \
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi"yLJV2ui8A/CUyqyEMrezvwgMO6EkAyIAAybRUR3MsH0+0PQcDwkrXOJ9aePwzTQV\n" \
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi"DN51+n1JCxbI\n" \
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi"-----END PRIVATE KEY-----\n",
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi "2:1.2.840.10045.3.1.7:0:0000002100b6e40903eb9ba19595c201dc0dc8b255dae8bc03f094caac8432b7b3bf080c3b:ab13d251976dedab546b67354e7678821740dd534b749c2857f66bf62bbaddfd",
902677f2ed8089011ca0badee0b04b108d1cbdc1Aki Tuomi "2:1.2.840.10045.3.1.7:2:aes-256-ctr:483bd74fd3d91763:sha256:2048:d44ae35d3af7a2febcb15cde0c3693e7ed98595665ed655a97fa918d346d5c661a6e2339f4:ab13d251976dedab546b67354e7678821740dd534b749c2857f66bf62bbaddfd",
902677f2ed8089011ca0badee0b04b108d1cbdc1Aki Tuomi "2:1.2.840.10045.3.1.7:1:aes-256-ctr:2574c10be28a4c09:sha256:2048:a750ec9dea91999f108f943485a20f273f40f75c37fc9bcccdedda514c8243e550d69ce1bd:02237a199d7d945aa6492275a02881071eceec5749caf2485da8c64fb601229098:ab13d251976dedab546b67354e7678821740dd534b749c2857f66bf62bbaddfd:ab13d251976dedab546b67354e7678821740dd534b749c2857f66bf62bbaddfd"
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi buffer_t *tmp = buffer_create_dynamic(default_pool, 256);
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi test_assert_idx(dcrypt_key_load_private(&priv2, keys[0], NULL, NULL, &error), 0);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_key_store_private(priv2, DCRYPT_FORMAT_PEM, NULL, tmp, NULL, NULL, &error), 0);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(strcmp(str_c(tmp), keys[0])==0, 0);
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi test_assert_idx(dcrypt_key_load_private(&priv, keys[1], NULL, NULL, &error), 1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_key_store_private(priv, DCRYPT_FORMAT_DOVECOT, NULL, tmp, NULL, NULL, &error), 1);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(strcmp(str_c(tmp), keys[1])==0, 1);
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi test_assert_idx(dcrypt_key_load_private(&priv, keys[2], "This Is Sparta", NULL, &error), 2);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_key_store_private(priv, DCRYPT_FORMAT_DOVECOT, "aes-256-ctr", tmp, "This Is Sparta", NULL, &error), 2);
955c276b9de538cfbfe4cff19f2a610f57e8d5c7Timo Sirainen dcrypt_key_convert_private_to_public(priv2, &pub);
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi test_assert_idx(dcrypt_key_load_private(&priv, keys[3], NULL, priv2, &error), 3);
316cbe323513a0f20d1cf519fe9405e231d633e2Aki Tuomi test_assert_idx(dcrypt_key_store_private(priv, DCRYPT_FORMAT_DOVECOT, "ecdh-aes-256-ctr", tmp, NULL, pub, &error), 3);
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi const char *key = "2:3058301006072a8648ce3d020106052b810400230344000301c50954e734dd8b410a607764a7057065a45510da52f2c6e28e0cb353b9c389fa8cb786943ae991fce9befed78fb162fbbc615415f06af06c8cc80c37f4e94ff6c7:185a7212542782e239111f9c19d126ad55b18ddaf4883d66afe8d9627c3607d8";
fadd4c92940c10a01556e1ebcb2f17890b35d7bcMartti Rannanjärvi test_assert(dcrypt_key_load_public(&pub, key, &error));
1471b423978eee881844419e1bff8c9895a59ea1Aki Tuomi buffer_t *tmp = buffer_create_dynamic(default_pool, 256);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(dcrypt_key_store_public(pub, DCRYPT_FORMAT_DOVECOT, tmp, &error));
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi const char *key = "2:305e301006072a8648ce3d020106052b81040026034a000203fcc90034fa03d6fb79a0fc8b3b43c3398f68e76029307360cdcb9e27bb7e84b3c19dfb7244763bc4d442d216f09b7b7945ed9d182f3156550e9ee30b237a0217dbf79d28975f31:86706b69d1f640011a65d26a42f2ba20a619173644e1cc7475eb1d90966e84dc";
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi enum dcrypt_key_version version = DCRYPT_KEY_VERSION_NA;
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi enum dcrypt_key_encryption_type encryption_type;
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(dcrypt_key_string_get_info(key, &format, &version,
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi &kind, &encryption_type, &encryption_key_hash,
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(format == DCRYPT_FORMAT_DOVECOT);
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(version == DCRYPT_KEY_VERSION_2);
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(kind == DCRYPT_KEY_KIND_PUBLIC);
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(encryption_key_hash == NULL);
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi test_assert(key_hash != NULL && strcmp(key_hash,
fba8aa9864290ef74486cb2333220180f6bd1de9Martti Rannanjärvi "86706b69d1f640011a65d26a42f2ba20a619173644e1cc7475eb1d90966e84dc") == 0);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_keypair_generate(&pair, DCRYPT_KEY_RSA, 1024, NULL, NULL);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi /* test public key */
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_key_store_public(pair.pub, DCRYPT_FORMAT_PEM, buf,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_key_string_get_info(str_c(buf), &format, &version,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi /* test private key */
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_key_store_private(pair.priv, DCRYPT_FORMAT_PEM, NULL,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi ret = dcrypt_key_string_get_info(str_c(buf), &format, &version,
5efce910194a73988c098c31098576cb1fcb1c8bAki Tuomi test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi test_begin("test_get_info_rsa_private_key");
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi const char *key = "-----BEGIN RSA PRIVATE KEY-----\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"MIICXQIBAAKBgQC89q02I9NezBLQ+otn5XLYE7S+GsKUz59ogr45DA/6MI9jey0W\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"56SeWQ1FJD1vDhAx/TRBMfOmhcIPsBjc5sakYOawPdoiqLjOIlO+iHwnbbmLuMsq\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"ue09vgvZsKjuTr2F5DOFQY43Bq/Nd+4bjHJItdOM58+xwA2I/8vDbtI8jwIDAQAB\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"AoGBAJCUrTMfdjqyKjN7f+6ewKBTc5eBIiB6O53ba3B6qj7jqNKVDIrZ8jq2KFEe\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"yWKPgBS/h5vafHKNJU6bjmp2qMUJPB7PTA876eDo0cq9PplUqihiTlXJFwNQYtF+\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"o27To5t25+5qdSAj657+lQfFT9Xn9fzYHDmotURxH10FgFkBAkEA+7Ny6lBTeb3W\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"LnP0UPfPzQLilEr8u81PLWe69RGtsEaMQHGpHOl4e+bvvVYbG1cgxwxI1m01uR9r\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"qpD3qLUdrQJBAMAw6UvN8R+opYTZzwqK7Nliil2QZMPmXM04SV1iFq26NM60w2Fm\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"HqOOh0EbpSWsFtIgxJFWoZOtrguxqCJuUqsCQF3EoXf3StHczhDqM8eCOpD2lTCH\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"qxXPy8JvlW+9EUbNUWykq0rRE4idJQ0VKe4KjHR6+Buh/dSkhvi5Hvpj1tUCQHRv\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"LWeXZLVhXqWVrzEb6VHpuRnmGKX2MdLCfu/sNQEbBlMUgCnJzFYaSybOsMaZ81lq\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"MKw8Z7coSYEcKFhzrfECQQD7l+4Bhy8Zuz6VoGGIZwIhxkJrImBFmaUwx8N6jg20\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"sgDRYwCoGkGd7B8uIHZLJoWzSSutHiu5i5PYUy5VT1yT\n"
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi"-----END RSA PRIVATE KEY-----\n";
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi test_assert(!dcrypt_key_string_get_info(key, NULL, NULL,
58562739e57d14eeced3bc5923d7f907b6df4ab2Martti Rannanjärvi test_assert(error != NULL && strstr(error, "pkey") != NULL);
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi test_begin("test_get_info_invalid_keys");
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi const char *key = "1:716:030131D8A5FD5167947A0AE9CB112ADED6526654635AA5887051EE2364414B60FF32EBA8FA0BBE9485DBDE8794BBBCB44BBFC0D662A4287A848BA570D4E5E45A11FE0F:d0cfaca5d335f9edc41c84bb47465184cb0e2ec3931bebfcea4dd433615e77a0";
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi test_assert(dcrypt_key_string_get_info(key, NULL, NULL,
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi NULL, NULL, NULL, NULL, &error) == FALSE);
7e3adf79eb8ef4ec9d733e014e6adb0f7d156974Martti Rannanjärvi test_assert(error != NULL && strstr(error, "tab") != NULL);
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi key = "2\t305e301006072a8648ce3d020106052b81040026034a000203fcc90034fa03d6fb79a0fc8b3b43c3398f68e76029307360cdcb9e27bb7e84b3c19dfb7244763bc4d442d216f09b7b7945ed9d182f3156550e9ee30b237a0217dbf79d28975f31\t86706b69d1f640011a65d26a42f2ba20a619173644e1cc7475eb1d90966e84dc";
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi test_assert(dcrypt_key_string_get_info(key, NULL, NULL,
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi NULL, NULL, NULL, NULL, &error) == FALSE);
7e3adf79eb8ef4ec9d733e014e6adb0f7d156974Martti Rannanjärvi test_assert(error != NULL && strstr(error, "colon") != NULL);
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi test_assert(dcrypt_key_string_get_info(key, NULL, NULL,
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi NULL, NULL, NULL, NULL, &error) == FALSE);
7e3adf79eb8ef4ec9d733e014e6adb0f7d156974Martti Rannanjärvi test_assert(error != NULL && strstr(error, "Unknown") != NULL);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_begin("test_get_info_key_encrypted");
e13d38a112072c65f8872e289593b3a611631b70Martti Rannanjärvi bool ret = dcrypt_keypair_generate(&p1, DCRYPT_KEY_EC, 0, "secp521r1", &error);
e13d38a112072c65f8872e289593b3a611631b70Martti Rannanjärvi ret = dcrypt_keypair_generate(&p2, DCRYPT_KEY_EC, 0, "secp521r1", &error);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi ret = dcrypt_key_store_private(p1.priv, DCRYPT_FORMAT_DOVECOT, "ecdh-aes-256-ctr", buf, NULL, p2.pub, &error);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi enum dcrypt_key_encryption_type enc_type;
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi ret = dcrypt_key_string_get_info(str_c(buf), &format, &version,
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi &kind, &enc_type, &enc_hash, &key_hash, &error);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(format == DCRYPT_FORMAT_DOVECOT);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(version == DCRYPT_KEY_VERSION_2);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(kind == DCRYPT_KEY_KIND_PRIVATE);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_KEY);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_begin("test_get_info_pw_encrypted");
e13d38a112072c65f8872e289593b3a611631b70Martti Rannanjärvi bool ret = dcrypt_keypair_generate(&p1, DCRYPT_KEY_EC, 0, "secp521r1", &error);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi ret = dcrypt_key_store_private(p1.priv, DCRYPT_FORMAT_DOVECOT, "aes-256-ctr", buf, "pw", NULL, &error);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi enum dcrypt_key_encryption_type enc_type;
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi ret = dcrypt_key_string_get_info(str_c(buf), &format, &version,
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi &kind, &enc_type, &enc_hash, &key_hash, &error);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(format == DCRYPT_FORMAT_DOVECOT);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(version == DCRYPT_KEY_VERSION_2);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(kind == DCRYPT_KEY_KIND_PRIVATE);
c42c9ff351eadcc0bcfb73cb272b112198bbf756Martti Rannanjärvi test_assert(enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_PASSWORD);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi bool ret = dcrypt_keypair_generate(&orig, DCRYPT_KEY_EC, 0, "secp521r1", &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_key_store_private(orig.priv, DCRYPT_FORMAT_DOVECOT, "aes-256-ctr", buf, pw1, NULL, &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi /* load the pw-encrypted key */
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi struct dcrypt_private_key *k1_priv = NULL;
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_key_load_private(&k1_priv, str_c(buf), pw1, NULL, &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi /* encrypt a key with the pw-encrypted key k1 */
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_keypair_generate(&k2, DCRYPT_KEY_EC, 0, "secp521r1", &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi dcrypt_key_convert_private_to_public(k1_priv, &k1_pub);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_key_store_private(k2.priv, DCRYPT_FORMAT_DOVECOT, "ecdh-aes-256-ctr", buf2, NULL, k1_pub, &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi /* change the password */
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi /* encrypt k1 with pw2 */
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_key_store_private(k1_priv, DCRYPT_FORMAT_DOVECOT, "aes-256-ctr", buf3, pw2, NULL, &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi /* load the pw2 encrypted key */
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi struct dcrypt_private_key *k2_priv = NULL;
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_key_load_private(&k2_priv, str_c(buf3), pw2, NULL, &error);
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi /* load the key that was encrypted with pw1 using the pw2 encrypted key */
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi struct dcrypt_private_key *k3_priv = NULL;
b594d84b9f44f875e75099ee0abe843bd826842fMartti Rannanjärvi ret = dcrypt_key_load_private(&k3_priv, str_c(buf2), NULL, k2_priv, &error);
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi const char *key = "1:716:0301EB00973C4EFC8FCECA4EA33E941F50B561199A5159BCB6C2EED9DD1D62D65E38A254979D89E28F0C28883E71EE2AD264CD16B863FA094A8F6F69A56B62E8918040:7c9a1039ea2e4fed73e81dd3ffc3fa22ea4a28352939adde7bf8ea858b00fa4f";
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi struct dcrypt_public_key *pub_key = NULL;
fadd4c92940c10a01556e1ebcb2f17890b35d7bcMartti Rannanjärvi bool ret = dcrypt_key_load_public(&pub_key, key, &error);
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi key = "2:305e301006072a8648ce3d020106052b81040026034a000203fcc90034fa03d6fb79a0fc8b3b43c3398f68e76029307360cdcb9e27bb7e84b3c19dfb7244763bc4d442d216f09b7b7945ed9d182f3156550e9ee30b237a0217dbf79d28975f31:86706b69d1f640011a65d26a42f2ba20a619173644e1cc7475eb1d90966e84dc";
0be99975517967a2a074bf55de39aae65fe893c6Martti Rannanjärvi struct dcrypt_private_key *priv_key = NULL;
401160c5ca4c3c8f122f437d00f5e4498243d7bfMartti Rannanjärvi ret = dcrypt_key_load_private(&priv_key, key, NULL, NULL, &error);
5fc85eac8aa8b5663e62e3321c6617c27d670630Timo Sirainen i_error("No functional dcrypt backend found - skipping tests: %s", error);
baf3e87e186453fda13bd21f7cbcb2efc8492e8bTimo Sirainen static void (*const test_functions[])(void) = {