plugins/mail-crypt/test-mail-global-key.c

bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch/* Copyright (c) 2015-2018 Dovecot authors, see the included COPYING file */
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "lib.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "test-common.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "randgen.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "array.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "dcrypt.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "hex-binary.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "mail-crypt-common.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "mail-crypt-key.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "fs-crypt-settings.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "mail-crypt-pluginenv.c"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomistatic struct fs_crypt_settings fs_set;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomistatic const char *settings[] = {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "mail_crypt_global_private_key",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JR0hBZ0VBTUJNR0J5cUdTTTQ5QWdFR0NDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ1lJdWZKWlplMlk2aUZ6NXgKa29Jb3lzYjNkWkxaV3N5ZWtqT2MvR2pzTGQyaFJBTkNBQVNuSVdnUXVoRThqcUFMY21maXVuUnlFazd2a3EveQphOXZZSzUwYjNjRmhDc0xVNHRmVlRMa0IxWS82VmxaajYzUUtNelhOdms1RzVPRDFvZkVsY3B5agotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "mail_crypt_global_public_key",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFcHlGb0VMb1JQSTZnQzNKbjRycDBjaEpPNzVLdgo4bXZiMkN1ZEc5M0JZUXJDMU9MWDFVeTVBZFdQK2xaV1krdDBDak0xemI1T1J1VGc5YUh4SlhLY293PT0KLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg==",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "mail_crypt_global_private_key2",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQpNSUhlTUVrR0NTcUdTSWIzRFFFRkRUQThNQnNHQ1NxR1NJYjNEUUVGRERBT0JBaXA2cUpja1FET3F3SUNDQUF3CkhRWUpZSVpJQVdVREJBRXFCQkFXN09oUFRlU0xSOExLcGYwZjZHa3ZCSUdRZk5rYUpodnM2VWVWS2RkN2NzdFMKMURSNXJYTWtON09FbVNjTTljRlk2UDVrMzdnY1VJUFZudTQrOTFYZUE1MTU2cnBpUEpycEdkZnprcjhPNVFqZApsMWRycmR6Z0hqZHE4T2VmbUR1MEEzMjRZd25SS3hGRExUcjlHMkxVMkhoYmV6a0xjV1FwMVJISDZsNXRRcUtwCjZid05iMnc3OXhCb01YSjN6MVZqcElOZk9wRnJ6M3lucVlqUXhseTIrQjg2Ci0tLS0tRU5EIEVOQ1JZUFRFRCBQUklWQVRFIEtFWS0tLS0tCg==",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "mail_crypt_global_private_key2_password",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    "password",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi};
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomiint
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomimail_crypt_load_global_private_keys(const struct fs_crypt_settings *set,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    const char *set_prefix,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    struct mail_crypt_global_keys *global_keys,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    const char **error_r);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomistatic void test_setup(void)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi{
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    struct dcrypt_settings set = {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        .module_dir = top_builddir "/src/lib-dcrypt/.libs"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    };
beec8b0a6a3ece557c9acec524e82542a9641662Aki Tuomi    if (!dcrypt_initialize(NULL, &set, NULL)) {
beec8b0a6a3ece557c9acec524e82542a9641662Aki Tuomi        i_info("No functional dcrypt backend found - skipping tests");
beec8b0a6a3ece557c9acec524e82542a9641662Aki Tuomi        test_exit(0);
beec8b0a6a3ece557c9acec524e82542a9641662Aki Tuomi    }
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    i_array_init(&fs_set.plugin_envs, 8);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    array_append(&fs_set.plugin_envs, settings, N_ELEMENTS(settings));
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi}
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomistatic void test_try_load_keys(void)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi{
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *pubid1 = "c79e262924842de291a8bcd413f4122a570abd033adeff7c1cdfdc9d05998c75";
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *pubid2 = "aaf927444bff8b63425e852c6b3f769e8221b952b42cf886fae7d326c5be098e";
c147bff818798a979d93537f72f5c1f68f5d5ba8Aki Tuomi    buffer_t *key_id = t_buffer_create(128);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *error = NULL;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    test_begin("try_load_keys");
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    struct mail_crypt_global_keys keys;
efe78d3ba24fc866af1c79b9223dc0809ba26cadStephan Bosch    i_zero(&keys);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    mail_crypt_global_keys_init(&keys);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *set_prefix = "mail_crypt_global";
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *set_key = t_strconcat(set_prefix, "_public_key", NULL);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *key_data = mail_crypt_plugin_getenv(&fs_set, set_key);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    test_assert(key_data != NULL);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    if (key_data != NULL) {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(mail_crypt_load_global_public_key(set_key, key_data,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                                  &keys, &error) == 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(mail_crypt_load_global_private_keys(&fs_set, set_prefix,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                                &keys, &error) == 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        /* did we get two private keys? */
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(array_count(&keys.private_keys) == 2);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        /* public key id checks */
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        buffer_set_used_size(key_id, 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(dcrypt_key_id_public(keys.public_key, MAIL_CRYPT_KEY_ID_ALGORITHM, key_id, &error) == TRUE);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(strcmp(binary_to_hex(key_id->data, key_id->used), pubid1) == 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        const struct mail_crypt_global_private_key *key =
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi            array_idx(&keys.private_keys, 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        buffer_set_used_size(key_id, 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(dcrypt_key_id_private(key->key, MAIL_CRYPT_KEY_ID_ALGORITHM, key_id, &error) == TRUE);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(strcmp(binary_to_hex(key_id->data, key_id->used), pubid1) == 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        key = array_idx(&keys.private_keys, 1);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        buffer_set_used_size(key_id, 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(dcrypt_key_id_private(key->key, MAIL_CRYPT_KEY_ID_ALGORITHM, key_id, &error) == TRUE);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_assert(strcmp(binary_to_hex(key_id->data, key_id->used), pubid2) == 0);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    }
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    mail_crypt_global_keys_free(&keys);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    test_end();
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi}
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomistatic void test_empty_keyset(void)
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi{
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi    test_begin("test_empty_keyset");
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi    /* this should not crash */
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi    struct mail_crypt_global_keys keys;
efe78d3ba24fc866af1c79b9223dc0809ba26cadStephan Bosch    i_zero(&keys);
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi    test_assert(mail_crypt_global_key_find(&keys, "423423423423") == NULL);
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi    test_end();
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi}
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomistatic void test_teardown(void)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi{
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    array_free(&fs_set.plugin_envs);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    dcrypt_deinitialize();
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi}
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomiint main(void)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi{
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    void (*tests[])(void)  = {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_setup,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_try_load_keys,
e41e5d5456fb6c78693a385239ef5b0cbbd57408Aki Tuomi        test_empty_keyset,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        test_teardown,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        NULL
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    };
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    int ret = test_run(tests);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    return ret;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi}