diff options
| author | Ivan Stakhov <50211739+left-try@users.noreply.github.com> | 2024-09-18 19:10:59 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-18 17:10:59 +0100 |
| commit | 92b679d17ca41f85009c9e33cdd5967f955b5557 (patch) | |
| tree | eeef4e285e0f00b1ec5a55338e2af33db802249b /test | |
| parent | 206195f2197631a3625a0c6b7d17eb55da86ce46 (diff) | |
| download | rspamd-92b679d17ca41f85009c9e33cdd5967f955b5557.tar.gz rspamd-92b679d17ca41f85009c9e33cdd5967f955b5557.zip | |
[Feature] Add rspamadm secretbox command
* [Minor] Small fix for error messages
* [Feature] Create rspamadm util to decrypt header
* [Feature] Create python example to encrypt/decrypt header
* [Minor] Small clean up
* [Minor] Change c-rspamadm util to lua-rspamadm util
* [Minor] Small clean up
* [Minor] Add some debug
* [Feature] Add secretbox command
* [Minor] Debug
* [Minor] Add additional return for encrypted string(noce + encrypted string
* [Minor] Small debug
* [Minor] Add a way to provide encrypted text concatenated with nonce
* [Minor] Add nonce to encrypt text
* [Minor] Clean up
* [Minor] Clean up unused variable
* [Minor] Small fix
* [Minor] Fix return issue
* [Minor] Add blake2b for key derivation
* [Minor] Small upgrade to debug
* [Minor] Small clean up
* [Minor] Change return to more convenient form
* [Minor] Change print to test form
* [Test] Provide tests for encrypt/decrypt with rspamadm util and python script
* [Minor] Change python to python3
* [Minor] Add stderr check
* [Minor] Make the function return nonce+text
* [Minor] Change unit tests to new return format
* [Minor] Add flag to manage encodings
* [Minor] Add --encoding argument to manage encodings
* [Minor] Change tests for new input format
* [Minor] Fix lua format
* [Minor] Small fix
* [Minor] Provide full support for new return format of maybe_encrypt_header
* [Test] Test small fix
* [Test] Small fix
* [Minor] Clean up
* [Minor] Small fix for name of variable
* [Minor] Small clean up
* [Minor] Change format of command to a mre convenient
* [Minor] Change tests to be same as a format of a command
* [Minor] Change description of flags
* [Minor] Small fix
---------
Co-authored-by: Ivan Stakhov <50211739+LeftTry@users.noreply.github.com>
Diffstat (limited to 'test')
| -rw-r--r-- | test/functional/cases/150_rspamadm.robot | 47 | ||||
| -rw-r--r-- | test/lua/unit/lua_util.maybe_encrypt_decrypt_header.lua | 11 |
2 files changed, 54 insertions, 4 deletions
diff --git a/test/functional/cases/150_rspamadm.robot b/test/functional/cases/150_rspamadm.robot index 6bff14b2e..257b0b501 100644 --- a/test/functional/cases/150_rspamadm.robot +++ b/test/functional/cases/150_rspamadm.robot @@ -4,6 +4,13 @@ Suite Teardown Rspamadm Teardown Library ${RSPAMD_TESTDIR}/lib/rspamd.py Resource ${RSPAMD_TESTDIR}/lib/rspamd.robot +*** Variables *** +${TEXT} text +${KEY} 12345678901234567890123456789012 +${NONCE} 9pyeEd986hrjcpozCIZ41jEo6dCDbgjg +${ENCRYPTED_TEXT} 8KGF6VLI7vnweUdR8FuQZuT+ID8= +${PYTHON_SCRIPT} ${RSPAMD_TESTDIR}/../../utils/encrypt_decrypt_header.py + *** Test Cases *** Config Test ${result} = Rspamadm configtest @@ -46,3 +53,43 @@ Verbose mode Should Match Regexp ${result.stderr} ^$ Should Match Regexp ${result.stdout} hello world\n Should Be Equal As Integers ${result.rc} 0 + +SecretBox rspamadm encrypt/decrypt + ${result} = Rspamadm secret_box -B encrypt -t ${TEXT} -k ${KEY} -n ${NONCE} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${result.stdout} ${NONCE}${ENCRYPTED_TEXT} + ${result1} = Rspamadm secret_box -B decrypt -t ${ENCRYPTED_TEXT} -k ${KEY} -n ${NONCE} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${result1.stdout} ${TEXT} + +SecretBox python encrypt/decrypt + ${result} = Run Process python3 ${PYTHON_SCRIPT} -B encrypt -t ${TEXT} -k ${KEY} -n ${NONCE} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${result.stdout} ${NONCE}${ENCRYPTED_TEXT} + ${result1} = Run Process python3 ${PYTHON_SCRIPT} -B decrypt -t ${NONCE}${ENCRYPTED_TEXT} -k ${KEY} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${result1.stdout} ${TEXT} + +SecretBox encrypt python with nonce decrypt rspamadm + ${result} = Run Process python3 ${PYTHON_SCRIPT} -B encrypt -t ${TEXT} -k ${KEY} -n ${NONCE} + ${result1} = Rspamadm secret_box -B decrypt -t ${result.stdout} -k ${KEY} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${TEXT} ${result1.stdout} + +SecretBox encrypt python without nonce decrypt rspamadm + ${result} = Run Process python3 ${PYTHON_SCRIPT} -B encrypt -t ${TEXT} -k ${KEY} + ${result1} = Rspamadm secret_box -B decrypt -t ${result.stdout} -k ${KEY} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${TEXT} ${result1.stdout} + +SecretBox encrypt rspamadm with nonce decrypt python + ${result} = Rspamadm secret_box -B encrypt -t ${TEXT} -k ${KEY} -n ${NONCE} + ${result1} = Run Process python3 ${PYTHON_SCRIPT} -B decrypt -t ${result.stdout} -k ${KEY} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${TEXT} ${result1.stdout} + +SecretBox encrypt rspamadm without nonce decrypt python + ${result} = Rspamadm secret_box -B encrypt -t ${TEXT} -k ${KEY} + ${result1} = Run Process python3 ${PYTHON_SCRIPT} -B decrypt -t ${result.stdout} -k ${KEY} + Should Match Regexp ${result.stderr} ^$ + Should Be Equal As Strings ${TEXT} ${result1.stdout} diff --git a/test/lua/unit/lua_util.maybe_encrypt_decrypt_header.lua b/test/lua/unit/lua_util.maybe_encrypt_decrypt_header.lua index 613101068..ef31f5e9b 100644 --- a/test/lua/unit/lua_util.maybe_encrypt_decrypt_header.lua +++ b/test/lua/unit/lua_util.maybe_encrypt_decrypt_header.lua @@ -15,7 +15,8 @@ context("Lua util - maybe encrypt/decrypt header", function() assert_true(false, 'Failed to encrypt header') end - local decrypted_header = util.maybe_decrypt_header(encrypted_header, settings, settings.prefix) + local text = string.sub(tostring(encrypted_header), 6) + local decrypted_header = util.maybe_decrypt_header(text, settings, settings.prefix) if decrypted_header == encrypted_header or decrypted_header == nil then assert_true(false, 'Failed to decrypt header') end @@ -36,13 +37,15 @@ context("Lua util - maybe encrypt/decrypt header", function() prefix_key = 'key' } - local encrypted_header, nonce = util.maybe_encrypt_header(header, settings, settings.prefix) + local encrypted_header = util.maybe_encrypt_header(header, settings, settings.prefix) if encrypted_header == header or encrypted_header == nil then assert_true(false, 'Failed to encrypt header') end - local decrypted_header = util.maybe_decrypt_header(encrypted_header, settings, - settings.prefix, nonce) + local nonce = string.sub(tostring(encrypted_header), 1, 24) + local text = string.sub(tostring(encrypted_header), 25) + local decrypted_header = util.maybe_decrypt_header(text, settings, settings.prefix, nonce) + if decrypted_header == encrypted_header or decrypted_header == nil then assert_true(false, 'Failed to decrypt header') end |