Mercurial > dovecot > core-2.2

changeset 20598:5b6e44fc3626

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doveadm: add doveadm dump dcrypt-file
author Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
date Wed, 03 Aug 2016 12:46:21 +0300
parents 261d2ff2e173
children ad69150c10f9
files doc/man/doveadm-dump.1.in src/doveadm/Makefile.am src/doveadm/doveadm-dump-dcrypt-file.c src/doveadm/doveadm-dump.c src/doveadm/doveadm-dump.h
diffstat 5 files changed, 100 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/doc/man/doveadm-dump.1.in	Sat Aug 06 22:12:13 2016 +0300
+++ b/doc/man/doveadm-dump.1.in	Wed Aug 03 12:46:21 2016 +0300
@@ -55,6 +55,9 @@
 Uncompress an IMAP traffic log, which contains data compressed using the
 IMAP COMPRESSION extension.
 .TP
+.B dcrypt-file
+Dump metadata of a dcrypt encrypted file.
+.TP
 .B index
 \(rA dovecot.index, dovecot.map.index
 .TP
--- a/src/doveadm/Makefile.am	Sat Aug 06 22:12:13 2016 +0300
+++ b/src/doveadm/Makefile.am	Wed Aug 03 12:46:21 2016 +0300
@@ -22,6 +22,7 @@
 	-I$(top_srcdir)/src/lib-storage \
 	-I$(top_srcdir)/src/lib-imap-storage \
 	-I$(top_srcdir)/src/lib-http \
+	-I$(top_srcdir)/src/lib-dcrypt \
 	-I$(top_srcdir)/src/auth \
 	-DMODULEDIR=\""$(moduledir)"\" \
 	-DAUTH_MODULE_DIR=\""$(moduledir)/auth"\" \
@@ -112,6 +113,7 @@
 	doveadm-dump-log.c \
 	doveadm-dump-mailboxlog.c \
 	doveadm-dump-thread.c \
+	doveadm-dump-dcrypt-file.c \
 	doveadm-zlib.c
 
 common = \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/doveadm/doveadm-dump-dcrypt-file.c	Wed Aug 03 12:46:21 2016 +0300
@@ -0,0 +1,92 @@
+/* Copyright (c) 2016 Dovecot authors, see the included COPYING file */
+
+#include "lib.h"
+#include "dcrypt.h"
+#include "istream.h"
+#include "istream-decrypt.h"
+#include "dcrypt-iostream.h"
+#include "doveadm-dump.h"
+#include <stdio.h>
+
+static int get_digest(const char *digest,
+		struct dcrypt_private_key **priv_key_r ATTR_UNUSED,
+		const char **error_r ATTR_UNUSED,
+		void *context)
+{
+	const char **digest_r = (const char**)context;
+	*digest_r = t_strdup(digest);
+	return 0;
+}
+
+static void dcrypt_istream_dump_metadata(const struct istream *stream)
+{
+	enum io_stream_encrypt_flags flags = i_stream_encrypt_get_flags(stream);
+	if ((flags & IO_STREAM_ENC_INTEGRITY_HMAC) != 0)
+		printf("flags: IO_STREAM_ENC_INTEGRITY_HMAC\n");
+	if ((flags & IO_STREAM_ENC_INTEGRITY_AEAD) != 0)
+		printf("flags: IO_STREAM_ENC_INTEGRITY_AEAD\n");
+	if ((flags & IO_STREAM_ENC_INTEGRITY_NONE) != 0)
+		printf("flags: IO_STREAM_ENC_INTEGRITY_NONE\n");
+	if ((flags & IO_STREAM_ENC_VERSION_1) != 0)
+		printf("flags: IO_STREAM_ENC_VERSION_1\n");
+
+	enum decrypt_istream_format format = i_stream_encrypt_get_format(stream);
+	switch (format) {
+	case DECRYPT_FORMAT_V1:
+		printf("format: DECRYPT_FORMAT_V1\n");
+		break;
+	case DECRYPT_FORMAT_V2:
+		printf("format: DECRYPT_FORMAT_V2\n");
+		break;
+	}
+}
+
+static int dcrypt_file_dump_metadata(const char *filename, bool print)
+{
+	bool ret = FALSE;
+	struct istream *is = i_stream_create_file(filename, IO_BLOCK_SIZE);
+	const char *key_digest = NULL;
+	struct istream *ds = i_stream_create_decrypt_callback(is,
+			get_digest, &key_digest);
+
+	ssize_t size = i_stream_read(ds);
+	i_assert(size < 0);
+
+	if (key_digest != NULL) {
+		ret = TRUE;
+		if (print) {
+			dcrypt_istream_dump_metadata(ds);
+			printf("decrypt key digest: %s\n", key_digest);
+		}
+	} else if (print) {
+		i_error("%s", i_stream_get_error(ds));
+	}
+
+	i_stream_unref(&ds);
+	i_stream_unref(&is);
+	return ret;
+}
+
+static bool test_dump_dcrypt_file(const char *path)
+{
+	if (!dcrypt_initialize("openssl", NULL, NULL))
+		return FALSE;
+	bool ret = dcrypt_file_dump_metadata(path, FALSE);
+	dcrypt_deinitialize();
+	return ret;
+}
+
+static void cmd_dump_dcrypt_file(int argc ATTR_UNUSED, char *argv[])
+{
+	const char *error = NULL;
+	if (!dcrypt_initialize("openssl", NULL, &error))
+		i_fatal("dcrypt_initialize: %s", error);
+	(void)dcrypt_file_dump_metadata(argv[1], TRUE);
+	dcrypt_deinitialize();
+}
+
+struct doveadm_cmd_dump doveadm_cmd_dump_dcrypt_file = {
+	"dcrypt-file",
+	test_dump_dcrypt_file,
+	cmd_dump_dcrypt_file
+};
--- a/src/doveadm/doveadm-dump.c	Sat Aug 06 22:12:13 2016 +0300
+++ b/src/doveadm/doveadm-dump.c	Wed Aug 03 12:46:21 2016 +0300
@@ -87,7 +87,8 @@
 	&doveadm_cmd_dump_log,
 	&doveadm_cmd_dump_mailboxlog,
 	&doveadm_cmd_dump_thread,
-	&doveadm_cmd_dump_zlib
+	&doveadm_cmd_dump_zlib,
+	&doveadm_cmd_dump_dcrypt_file
 };
 
 void print_dump_types(void)
--- a/src/doveadm/doveadm-dump.h	Sat Aug 06 22:12:13 2016 +0300
+++ b/src/doveadm/doveadm-dump.h	Wed Aug 03 12:46:21 2016 +0300
@@ -15,6 +15,7 @@
 extern struct doveadm_cmd_dump doveadm_cmd_dump_mailboxlog;
 extern struct doveadm_cmd_dump doveadm_cmd_dump_thread;
 extern struct doveadm_cmd_dump doveadm_cmd_dump_zlib;
+extern struct doveadm_cmd_dump doveadm_cmd_dump_dcrypt_file;
 
 void doveadm_dump_register(const struct doveadm_cmd_dump *dump);