Mercurial > dovecot > core-2.2

diff src/lib-dcrypt/test-crypto.c @ 20871:536d185e3794

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib-dcrypt: enc_key and pw must be NULL on storing unencrypted private key Add tests for password and key encryption, and get_info on them. Also give examples of valid cipher values for password and key encryption in dcrypt.h comment.
author Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
date Thu, 13 Oct 2016 23:38:36 +0300
parents 90d375d8878e
children 4c571ff37f8f
line wrap: on
line diff
--- a/src/lib-dcrypt/test-crypto.c	Wed Oct 12 21:29:51 2016 +0300
+++ b/src/lib-dcrypt/test-crypto.c	Thu Oct 13 23:38:36 2016 +0300
@@ -592,6 +592,81 @@
 }
 
 static
+void test_get_info_key_encrypted(void) {
+	test_begin("test_get_info_key_encrypted");
+
+	struct dcrypt_keypair p1, p2;
+	const char *error = NULL;
+	bool ret = dcrypt_keypair_generate(&p1, DCRYPT_KEY_EC, 0, "sect571k1", &error);
+	test_assert(ret == TRUE);
+	ret = dcrypt_keypair_generate(&p2, DCRYPT_KEY_EC, 0, "sect571k1", &error);
+	test_assert(ret == TRUE);
+
+	string_t* buf = str_new(default_pool, 4096);
+
+	buffer_set_used_size(buf, 0);
+	ret = dcrypt_key_store_private(p1.priv, DCRYPT_FORMAT_DOVECOT, "ecdh-aes-256-ctr", buf, NULL, p2.pub, &error);
+	test_assert(ret == TRUE);
+
+	enum dcrypt_key_format format;
+	enum dcrypt_key_version version;
+	enum dcrypt_key_kind kind;
+	enum dcrypt_key_encryption_type enc_type;
+	const char *enc_hash;
+	const char *key_hash;
+
+	ret = dcrypt_key_string_get_info(str_c(buf), &format, &version,
+			&kind, &enc_type, &enc_hash, &key_hash, &error);
+	test_assert(ret == TRUE);
+	test_assert(format == DCRYPT_FORMAT_DOVECOT);
+	test_assert(version == DCRYPT_KEY_VERSION_2);
+	test_assert(kind == DCRYPT_KEY_KIND_PRIVATE);
+	test_assert(enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_KEY);
+	test_assert(enc_hash != NULL);
+	test_assert(key_hash != NULL);
+
+	dcrypt_keypair_unref(&p1);
+	dcrypt_keypair_unref(&p2);
+
+	test_end();
+}
+
+static
+void test_get_info_pw_encrypted(void) {
+	test_begin("test_get_info_pw_encrypted");
+
+	struct dcrypt_keypair p1;
+	const char *error;
+	bool ret = dcrypt_keypair_generate(&p1, DCRYPT_KEY_EC, 0, "sect571k1", &error);
+	test_assert(ret == TRUE);
+
+	string_t* buf = str_new(default_pool, 4096);
+	ret = dcrypt_key_store_private(p1.priv, DCRYPT_FORMAT_DOVECOT, "aes-256-ctr", buf, "pw", NULL, &error);
+	test_assert(ret == TRUE);
+
+	enum dcrypt_key_format format;
+	enum dcrypt_key_version version;
+	enum dcrypt_key_kind kind;
+	enum dcrypt_key_encryption_type enc_type;
+	const char *enc_hash;
+	const char *key_hash;
+
+	ret = dcrypt_key_string_get_info(str_c(buf), &format, &version,
+			&kind, &enc_type, &enc_hash, &key_hash, &error);
+	test_assert(ret == TRUE);
+	test_assert(format == DCRYPT_FORMAT_DOVECOT);
+	test_assert(version == DCRYPT_KEY_VERSION_2);
+	test_assert(kind == DCRYPT_KEY_KIND_PRIVATE);
+	test_assert(enc_type == DCRYPT_KEY_ENCRYPTION_TYPE_PASSWORD);
+	test_assert(enc_hash == NULL);
+	test_assert(key_hash != NULL);
+
+	dcrypt_keypair_unref(&p1);
+
+	test_end();
+}
+
+static
 void test_load_invalid_keys(void) {
 	test_begin("test_load_invalid_keys");
 
@@ -634,6 +709,8 @@
 		test_gen_and_get_info_rsa_pem,
 		test_get_info_rsa_private_key,
 		test_get_info_invalid_keys,
+		test_get_info_key_encrypted,
+		test_get_info_pw_encrypted,
 		test_load_invalid_keys,
 		NULL
 	};