Mercurial > dovecot > core-2.2

changeset 20429:ba3484993516

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib-dcrypt: correctly set version 2 on key info Dovecot format version 2 keys were incorrectly reported as version 1 before.
author Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
date Tue, 28 Jun 2016 13:24:09 +0300
parents fe61bfdf25ac
children d811f058748d
files src/lib-dcrypt/dcrypt-openssl.c src/lib-dcrypt/test-crypto.c
diffstat 2 files changed, 35 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-dcrypt/dcrypt-openssl.c	Wed Jun 29 14:16:58 2016 +0300
+++ b/src/lib-dcrypt/dcrypt-openssl.c	Tue Jun 28 13:24:09 2016 +0300
@@ -1809,7 +1809,7 @@
 				return FALSE;
 			}
 		} else if (strcmp(fields[0], "2") == 0) {
-			version = DCRYPT_KEY_VERSION_1;
+			version = DCRYPT_KEY_VERSION_2;
 			if (nfields == 3) {
 				kind = DCRYPT_KEY_KIND_PUBLIC;
 			} else if (nfields == 5 && strcmp(fields[2],"0") == 0) {
@@ -1828,6 +1828,10 @@
 					*error_r = "Invalid dovecot v2 encoding";
 				return FALSE;
 			}
+		} else {
+			if (error_r != NULL)
+				*error_r = "Invalid dovecot key version";
+			return FALSE;
 		}
 
 		/* last field is always key hash */
--- a/src/lib-dcrypt/test-crypto.c	Wed Jun 29 14:16:58 2016 +0300
+++ b/src/lib-dcrypt/test-crypto.c	Tue Jun 28 13:24:09 2016 +0300
@@ -441,6 +441,35 @@
 }
 
 static
+void test_get_info_v2_key(void) {
+	test_begin("test_get_info_v2_key");
+
+	const char *key = "2\t305e301006072a8648ce3d020106052b81040026034a000203fcc90034fa03d6fb79a0fc8b3b43c3398f68e76029307360cdcb9e27bb7e84b3c19dfb7244763bc4d442d216f09b7b7945ed9d182f3156550e9ee30b237a0217dbf79d28975f31\t86706b69d1f640011a65d26a42f2ba20a619173644e1cc7475eb1d90966e84dc";
+	enum dcrypt_key_format format;
+	enum dcrypt_key_version version = DCRYPT_KEY_VERSION_NA;
+	enum dcrypt_key_kind kind;
+	enum dcrypt_key_encryption_type encryption_type;
+	const char *encryption_key_hash = NULL;
+	const char *key_hash = NULL;
+	const char *error = NULL;
+
+	test_assert(dcrypt_key_string_get_info(key, &format, &version,
+			&kind, &encryption_type, &encryption_key_hash,
+			&key_hash, &error));
+	test_assert(error == NULL);
+	test_assert(format == DCRYPT_FORMAT_DOVECOT);
+	test_assert(version == DCRYPT_KEY_VERSION_2);
+
+	test_assert(kind == DCRYPT_KEY_KIND_PUBLIC);
+	test_assert(encryption_type == DCRYPT_KEY_ENCRYPTION_TYPE_NONE);
+	test_assert(encryption_key_hash == NULL);
+	test_assert(key_hash != NULL && strcmp(key_hash,
+		"86706b69d1f640011a65d26a42f2ba20a619173644e1cc7475eb1d90966e84dc") == 0);
+
+	test_end();
+}
+
+static
 void test_gen_and_get_info_rsa_pem(void)
 {
 	test_begin("test_gen_and_get_info_rsa_pem");
@@ -517,6 +546,7 @@
 		test_load_v1_public_key,
 		test_load_v2_key,
 		test_load_v2_public_key,
+		test_get_info_v2_key,
 		test_gen_and_get_info_rsa_pem,
 		NULL
 	};