diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..d7bbaf1 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +*.age binary +age/tests/testdata/testkit/* binary diff --git a/Cargo.lock b/Cargo.lock index 56ebcdd..e59bcb4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -58,6 +58,7 @@ dependencies = [ "curve25519-dalek", "futures", "futures-test", + "hex", "hkdf", "hmac", "i18n-embed", @@ -79,6 +80,7 @@ dependencies = [ "sha2 0.10.2", "sha2 0.9.9", "subtle", + "test-case", "web-sys", "which", "wsl", @@ -1044,6 +1046,12 @@ dependencies = [ "libc", ] +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + [[package]] name = "hkdf" version = "0.12.3" @@ -2315,6 +2323,28 @@ dependencies = [ "winapi", ] +[[package]] +name = "test-case" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "196e8a70562e252cc51eaaaee3ecddc39803d9b7fd4a772b7c7dae7cdf42a859" +dependencies = [ + "test-case-macros", +] + +[[package]] +name = "test-case-macros" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8dd461f47ade621665c9f4e44b20449341769911c253275dc5cb03726cbb852c" +dependencies = [ + "cfg-if", + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "textwrap" version = "0.11.0" diff --git a/age/Cargo.toml b/age/Cargo.toml index 2961fc0..3a29414 100644 --- a/age/Cargo.toml +++ b/age/Cargo.toml @@ -93,9 +93,11 @@ wsl = { version = "0.1", optional = true } criterion = "0.3" criterion-cycles-per-byte = "0.1" futures-test = "0.3" +hex = "0.4" i18n-embed = { version = "0.13", features = ["desktop-requester", "fluent-system"] } quickcheck = "1" quickcheck_macros = "1" +test-case = "2" [target.'cfg(unix)'.dev-dependencies] pprof = { version = "0.8", features = ["criterion", "flamegraph"] } diff --git a/age/tests/testdata/testkit/header_crlf b/age/tests/testdata/testkit/header_crlf new file mode 100644 index 0000000..69cafae --- /dev/null +++ b/age/tests/testdata/testkit/header_crlf @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: lines in the header end with CRLF instead of LF + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- 2KIGb7ye32MWtUuEVWkO3MP6qCDLzOvT9wF06lelBSI +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_bad b/age/tests/testdata/testkit/hmac_bad new file mode 100644 index 0000000..5021bb6 --- /dev/null +++ b/age/tests/testdata/testkit/hmac_bad @@ -0,0 +1,9 @@ +expect: HMAC failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- 8McE3ix9R34E/vLrQv3yepsHjo/LXhfs22Ab3UyInmg +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_extra_space b/age/tests/testdata/testkit/hmac_extra_space new file mode 100644 index 0000000..f3bfd1e --- /dev/null +++ b/age/tests/testdata/testkit/hmac_extra_space @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- WyJp9F/9FOZh7gJdheq2WIJcwHgYc8NIVh3ddwhrcNg +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_garbage b/age/tests/testdata/testkit/hmac_garbage new file mode 100644 index 0000000..29e54ab --- /dev/null +++ b/age/tests/testdata/testkit/hmac_garbage @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- WyJp9F/9FOZh7gJdheq2WIJcwHgYc8NIVh3ddwhrcNgAAA +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_missing b/age/tests/testdata/testkit/hmac_missing new file mode 100644 index 0000000..6ecea2a --- /dev/null +++ b/age/tests/testdata/testkit/hmac_missing @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_no_space b/age/tests/testdata/testkit/hmac_no_space new file mode 100644 index 0000000..9f1d80d --- /dev/null +++ b/age/tests/testdata/testkit/hmac_no_space @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +---WyJp9F/9FOZh7gJdheq2WIJcwHgYc8NIVh3ddwhrcNg +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_not_canonical b/age/tests/testdata/testkit/hmac_not_canonical new file mode 100644 index 0000000..fd18cda --- /dev/null +++ b/age/tests/testdata/testkit/hmac_not_canonical @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: the base64 encoding of the HMAC is not canonical + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- WyJp9F/9FOZh7gJdheq2WIJcwHgYc8NIVh3ddwhrcNh +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_trailing_space b/age/tests/testdata/testkit/hmac_trailing_space new file mode 100644 index 0000000..2e216bd --- /dev/null +++ b/age/tests/testdata/testkit/hmac_trailing_space @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- WyJp9F/9FOZh7gJdheq2WIJcwHgYc8NIVh3ddwhrcNg +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/hmac_truncated b/age/tests/testdata/testkit/hmac_truncated new file mode 100644 index 0000000..e7f7196 --- /dev/null +++ b/age/tests/testdata/testkit/hmac_truncated @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- WyJp +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/scrypt b/age/tests/testdata/testkit/scrypt new file mode 100644 index 0000000..57dd08f Binary files /dev/null and b/age/tests/testdata/testkit/scrypt differ diff --git a/age/tests/testdata/testkit/scrypt_and_x25519 b/age/tests/testdata/testkit/scrypt_and_x25519 new file mode 100644 index 0000000..c479d3b --- /dev/null +++ b/age/tests/testdata/testkit/scrypt_and_x25519 @@ -0,0 +1,12 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +passphrase: password +comment: scrypt stanzas must be alone in the header + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +-> scrypt 7s9ix86RtDMnTmjU8vkTTA 10 +0U4Pbxsl9pr9g4nHjPgkvtYkNrGiYJ43x1vbM5X5mhg +--- f2AoyFXU2R5Cn7s38vH1pFkuKqzPh3ibwwHc/7y6RRU +[. #wυ=aYkz66ڦRL \ No newline at end of file diff --git a/age/tests/testdata/testkit/scrypt_long_file_key b/age/tests/testdata/testkit/scrypt_long_file_key new file mode 100644 index 0000000..669c222 Binary files /dev/null and b/age/tests/testdata/testkit/scrypt_long_file_key differ diff --git a/age/tests/testdata/testkit/scrypt_no_match b/age/tests/testdata/testkit/scrypt_no_match new file mode 100644 index 0000000..994d647 Binary files /dev/null and b/age/tests/testdata/testkit/scrypt_no_match differ diff --git a/age/tests/testdata/testkit/scrypt_work_factor_23 b/age/tests/testdata/testkit/scrypt_work_factor_23 new file mode 100644 index 0000000..c37ca07 --- /dev/null +++ b/age/tests/testdata/testkit/scrypt_work_factor_23 @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +comment: work factor is very high, would take a long time to compute + +age-encryption.org/v1 +-> scrypt rF0/NwblUHHTpgQgRpe5CQ 23 +qW9eVsT0NVb/Vswtw8kPIxUnaYmm9Px1dYmq2+4+qZA +--- 38TpQMxQRRNMfmYYpBX6DDrPx4/QY5UmJnhPyVoX/cw +]?7PqӦ F ۮ z(r| \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_bad_start b/age/tests/testdata/testkit/stanza_bad_start new file mode 100644 index 0000000..d040d65 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_bad_start @@ -0,0 +1,11 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-- stanza + +--- lpxzkyQGe/sA7F1yh4c6KVZV7//jANm5lYefTToioXs +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_base64_padding b/age/tests/testdata/testkit/stanza_base64_padding new file mode 100644 index 0000000..18ad2d2 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_base64_padding @@ -0,0 +1,12 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUE= +--- OtG7IuNHaf2SHZuowmxg/fhbhtz0/DI5g5OGd7WH7S0 +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_empty_argument b/age/tests/testdata/testkit/stanza_empty_argument new file mode 100644 index 0000000..cb9ef0b --- /dev/null +++ b/age/tests/testdata/testkit/stanza_empty_argument @@ -0,0 +1,11 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza argument + +--- bosBxVRBzKF9emyxQ9BERq7+D5JKU+lvbEsL8UHJ/SA +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_empty_body b/age/tests/testdata/testkit/stanza_empty_body new file mode 100644 index 0000000..cf8ec9b --- /dev/null +++ b/age/tests/testdata/testkit/stanza_empty_body @@ -0,0 +1,12 @@ +expect: success +payload: 013f54400c82da08037759ada907a8b864e97de81c088a182062c4b5622fd2ab +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> empty + +--- 697zSC9pa/ZLNIaXGtuwcUobmxv+Dpx48Hv0papk5c0 +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_empty_last_line b/age/tests/testdata/testkit/stanza_empty_last_line new file mode 100644 index 0000000..30a6c8f --- /dev/null +++ b/age/tests/testdata/testkit/stanza_empty_last_line @@ -0,0 +1,14 @@ +expect: success +payload: 013f54400c82da08037759ada907a8b864e97de81c088a182062c4b5622fd2ab +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB + +--- cb4SqtunSJzXKDGjqeYxuva9Be80QXEDKDn2aKBaCsw +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_invalid_character b/age/tests/testdata/testkit/stanza_invalid_character new file mode 100644 index 0000000..d5c8b43 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_invalid_character @@ -0,0 +1,11 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza è + +--- sTIB/0Fc74rhpjC4RAxoR3E01eVTTnWruaD+c5QWjKI +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_long_line b/age/tests/testdata/testkit/stanza_long_line new file mode 100644 index 0000000..5435260 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_long_line @@ -0,0 +1,13 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: a body line is longer than 64 columns + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA + +--- tnRUR2vmmU92czsjnioF5ujgXUetUhzUoQPPGT9wmug +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_missing_body b/age/tests/testdata/testkit/stanza_missing_body new file mode 100644 index 0000000..4c184c7 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_missing_body @@ -0,0 +1,11 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: every stanza must end with a short body line, even if empty + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> empty +--- CDgFIIJ1wE4CpW6zG+LVZ6/G/RCNTH6ZUVGp2NbeIkU +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_missing_final_line b/age/tests/testdata/testkit/stanza_missing_final_line new file mode 100644 index 0000000..58774f4 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_missing_final_line @@ -0,0 +1,12 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: every stanza must end with a short body line + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +--- GRjUy1ShNhFoV3cQikdtUZqDeDEZSrbtNXUgDtDbwC8 +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_multiple_short_lines b/age/tests/testdata/testkit/stanza_multiple_short_lines new file mode 100644 index 0000000..e191764 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_multiple_short_lines @@ -0,0 +1,13 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: a short body line ends the stanza + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +--- ct87HSIMoTC4nUsQva+8AeKc2bK2q8b9sPjRhjuf1us +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_no_arguments b/age/tests/testdata/testkit/stanza_no_arguments new file mode 100644 index 0000000..a667ad9 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_no_arguments @@ -0,0 +1,11 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> + +--- B0qjnUjVajTa8I4Uia49g1c4DMQQN6u9m9QOSS1HLks +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_not_canonical b/age/tests/testdata/testkit/stanza_not_canonical new file mode 100644 index 0000000..f7794aa --- /dev/null +++ b/age/tests/testdata/testkit/stanza_not_canonical @@ -0,0 +1,12 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB +QUF +--- nQM2VCzmNLPrUurNWN+SW9wVp/9uTMQ/6CTUM7l8c84 +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_spurious_cr b/age/tests/testdata/testkit/stanza_spurious_cr new file mode 100644 index 0000000..b85c2ce --- /dev/null +++ b/age/tests/testdata/testkit/stanza_spurious_cr @@ -0,0 +1,11 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> stanza +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +--- MZaFAh8ldzU0F88NJjLx5yd7fnd57XS5COowmgvQtXQ +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stanza_valid_characters b/age/tests/testdata/testkit/stanza_valid_characters new file mode 100644 index 0000000..c506f30 --- /dev/null +++ b/age/tests/testdata/testkit/stanza_valid_characters @@ -0,0 +1,14 @@ +expect: success +payload: 013f54400c82da08037759ada907a8b864e97de81c088a182062c4b5622fd2ab +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> !"#$%&' ()*+,-./ 01234567 89:;<=>? @ABCDEFG HIJKLMNO + +-> PQRSTUVW XYZ[\]^_ `abcdefg hijklmno pqrstuvw xyz{|}~ + +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- x538z9xJq9XEK1aTTTv80aWDVvVdROvaXn2tpqXPC8g +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/stream_empty_payload b/age/tests/testdata/testkit/stream_empty_payload new file mode 100644 index 0000000..6ec1c83 --- /dev/null +++ b/age/tests/testdata/testkit/stream_empty_payload @@ -0,0 +1,10 @@ +expect: success +payload: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- Vn+54jqiiUCE+WZcEVY3f1sqHjlu/z1LCQ/T7Xm7qI0 +bΑ3'NhL.O>RA0ޫC6U \ No newline at end of file diff --git a/age/tests/testdata/testkit/stream_last_chunk_empty b/age/tests/testdata/testkit/stream_last_chunk_empty new file mode 100644 index 0000000..0795d14 Binary files /dev/null and b/age/tests/testdata/testkit/stream_last_chunk_empty differ diff --git a/age/tests/testdata/testkit/stream_last_chunk_full b/age/tests/testdata/testkit/stream_last_chunk_full new file mode 100644 index 0000000..bc4baae Binary files /dev/null and b/age/tests/testdata/testkit/stream_last_chunk_full differ diff --git a/age/tests/testdata/testkit/version_unsupported b/age/tests/testdata/testkit/version_unsupported new file mode 100644 index 0000000..e7a7ddf --- /dev/null +++ b/age/tests/testdata/testkit/version_unsupported @@ -0,0 +1,9 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1234 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- 38AL8Mr4VwmS6CNbM4bc7u3WwGBDqsMTRHOuYJ9ckqs +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519 b/age/tests/testdata/testkit/x25519 new file mode 100644 index 0000000..c7bb509 --- /dev/null +++ b/age/tests/testdata/testkit/x25519 @@ -0,0 +1,10 @@ +expect: success +payload: 013f54400c82da08037759ada907a8b864e97de81c088a182062c4b5622fd2ab +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- Vn+54jqiiUCE+WZcEVY3f1sqHjlu/z1LCQ/T7Xm7qI0 +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_bad_tag b/age/tests/testdata/testkit/x25519_bad_tag new file mode 100644 index 0000000..9a08745 --- /dev/null +++ b/age/tests/testdata/testkit/x25519_bad_tag @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: the ChaCha20Poly1305 authentication tag on the body of the X25519 stanza is wrong + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw0o +--- tG0k9bg4iIuBdMWb13n7FFYDzoBbtsLppNLhbh22aKg +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_extra_argument b/age/tests/testdata/testkit/x25519_extra_argument new file mode 100644 index 0000000..198389b --- /dev/null +++ b/age/tests/testdata/testkit/x25519_extra_argument @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: the base64 encoding of the share is not canonical + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc 1234 +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- hQQySEUXL8pOuIOuw0qXzi66RphDJP9IKMNEChNJIPk +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_grease b/age/tests/testdata/testkit/x25519_grease new file mode 100644 index 0000000..aa212d9 --- /dev/null +++ b/age/tests/testdata/testkit/x25519_grease @@ -0,0 +1,14 @@ +expect: success +payload: 013f54400c82da08037759ada907a8b864e97de81c088a182062c4b5622fd2ab +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> grease + +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +-> grease + +--- 7NLrfbRUZt6qK0pdtARUf59dHwo12ReldjJKjMlbE3I +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_identity b/age/tests/testdata/testkit/x25519_identity new file mode 100644 index 0000000..eb254e7 --- /dev/null +++ b/age/tests/testdata/testkit/x25519_identity @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: the X25519 share is a low-order point, so the shared secret is the disallowed all-zero value + +age-encryption.org/v1 +-> X25519 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +W3E/OCRme9TiTY97JoK31Z71arNur77WIIdB90XnN3M +--- Pne3IPMDvBj7wRbPMcNViffpVZAx814tgMxp8AwyMhs +]?7PqӦ F ۮ z(r| \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_long_file_key b/age/tests/testdata/testkit/x25519_long_file_key new file mode 100644 index 0000000..30dc440 --- /dev/null +++ b/age/tests/testdata/testkit/x25519_long_file_key @@ -0,0 +1,10 @@ +expect: header failure +file key: 41204c4f4e4745522059454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: the file key must be checked to be 16 bytes before decrypting it + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +nlObGn0CSA4pxiaG3W6nLlaFFuHmqW+bFC6sJmbsJ9yFesgSok1K0AI +--- C49Jo3+j4I6jWB2tldSs1jVAXbv0mOTAnwdT+5vOiBg +bΑ3'NhLc( tǏP)x1 \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_long_share b/age/tests/testdata/testkit/x25519_long_share new file mode 100644 index 0000000..a2f3a04 --- /dev/null +++ b/age/tests/testdata/testkit/x25519_long_share @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: a trailing zero is missing from the X25519 share + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCcA +hjabGXwSLQ9c3S6Lw2i+S2Tu2fiwQHHslbBN6B41FLE +--- QbEwdWirchS37UUOPh7uVddRiOaWjFwRUpaQ4Q+Z1RE +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_low_order b/age/tests/testdata/testkit/x25519_low_order new file mode 100644 index 0000000..f528a0d --- /dev/null +++ b/age/tests/testdata/testkit/x25519_low_order @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: the X25519 share is a low-order point, so the shared secretis the disallowed all-zero value + +age-encryption.org/v1 +-> X25519 X5yVvKNQjCSx0LFVnIPvWwREXMRYHI6G2CJO3dCfEdc +3E0NpFans/m0WLWF7+54ZBdNj3iqQqpraGDFiaRkvBA +--- sXw327YMT1/ULXe+ZyRMbMY0Z2jnWHGgI9j1we6yQ8A +]?7PqӦ F ۮ z(r| \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_lowercase b/age/tests/testdata/testkit/x25519_lowercase new file mode 100644 index 0000000..853d408 --- /dev/null +++ b/age/tests/testdata/testkit/x25519_lowercase @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: the first argument in the X25519 stanza is lowercase + +age-encryption.org/v1 +-> x25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- SwXKO3dXLh9l5QiSgMWgPhCkwstT8oB4jLDv7aBgC+c +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_multiple_recipients b/age/tests/testdata/testkit/x25519_multiple_recipients new file mode 100644 index 0000000..27c772c --- /dev/null +++ b/age/tests/testdata/testkit/x25519_multiple_recipients @@ -0,0 +1,12 @@ +expect: success +payload: 013f54400c82da08037759ada907a8b864e97de81c088a182062c4b5622fd2ab +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 + +age-encryption.org/v1 +-> X25519 ajtqAvDEkVNr2B7zUOtq2mAQXDSBlNrVAuM/dKb5sT4 +0evrK/HQXVsQ4YaDe+659l5OQzvAzD2ytLGHQLQiqxg +-> X25519 0qC7u6AbLxuwnM8tPFOWVtWZn/ZZe7z7gcsP5kgA0FI +T/PZg76MmVt2IaLntrxppzDnzeFDYHsHFcnTnhbRLQ8 +--- 7W07ef2PhsTAl74pn+9vSj/Xzukwa6SuTqMc16cdBk0 +5TB9 Kom^OY X25519 ajtqAvDEkVNr2B7zUOtq2mAQXDSBlNrVAuM/dKb5sT4 +HUKtz0R2j5Bl2ER7HhAZrURikCFpiIjNa0KjHcjbAGU +--- rrpTlvKEKrK3EqhoOPJeP1KE8O1d2arrRez77mwekRc +roW= 1$!ox-yG^^ \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_not_canonical_body b/age/tests/testdata/testkit/x25519_not_canonical_body new file mode 100644 index 0000000..11138db --- /dev/null +++ b/age/tests/testdata/testkit/x25519_not_canonical_body @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: the base64 encoding of the share is not canonical + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCc +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7V +--- eSjjCjQyp30yHDPwCztKS+1txs+aoCa5ERz8jeEp+9A +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_not_canonical_share b/age/tests/testdata/testkit/x25519_not_canonical_share new file mode 100644 index 0000000..0b2a08d --- /dev/null +++ b/age/tests/testdata/testkit/x25519_not_canonical_share @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1XMWWC06LY3EE5RYTXM9MFLAZ2U56JJJ36S0MYPDRWSVLUL66MV4QX3S7F6 +comment: the base64 encoding of the share is not canonical + +age-encryption.org/v1 +-> X25519 TEiF0ypqr+bpvcqXNyCVJpL7OuwPdVwPL7KQEbFDOCd +EmECAEcKN+n/Vs9SbWiV+Hu0r+E8R77DdWYyd83nw7U +--- AO6haEGU6BGJ8Tzeqnr2fSLEo31JrWodGtZuCZmijI8 +bΑ3'NhLL[R,1f \ No newline at end of file diff --git a/age/tests/testdata/testkit/x25519_short_share b/age/tests/testdata/testkit/x25519_short_share new file mode 100644 index 0000000..7feb27e --- /dev/null +++ b/age/tests/testdata/testkit/x25519_short_share @@ -0,0 +1,10 @@ +expect: header failure +file key: 59454c4c4f57205355424d4152494e45 +identity: AGE-SECRET-KEY-1EGTZVFFV20835NWYV6270LXYVK2VKNX2MMDKWYKLMGR48UAWX40Q2P2LM0 +comment: a trailing zero is missing from the X25519 share + +age-encryption.org/v1 +-> X25519 l7o4oTX9X5E3/KODa/7CQ0CrA9fKMWsm9IJjYzSlJg +yUGP5aPob6YJ+vzRfBtDT9D1K/wmyheZE/Xl/mDSKA4 +--- Zn1/VRtHpD93HtIXSv1S++POXeKcQF7w1+hpXhMiAbk +]?7PqӦ F ۮ z(r| \ No newline at end of file diff --git a/age/tests/testkit.rs b/age/tests/testkit.rs new file mode 100644 index 0000000..3ebb172 --- /dev/null +++ b/age/tests/testkit.rs @@ -0,0 +1,222 @@ +use std::{ + fs::File, + io::{self, BufRead, BufReader, Read}, + str::FromStr, +}; + +use age::{x25519, DecryptError, Decryptor, Identity}; +use sha2::{Digest, Sha256}; +use test_case::test_case; + +#[test_case("header_crlf")] +#[test_case("hmac_bad")] +#[test_case("hmac_extra_space")] +#[test_case("hmac_garbage")] +#[test_case("hmac_missing")] +#[test_case("hmac_no_space")] +#[test_case("hmac_not_canonical")] +#[test_case("hmac_trailing_space")] +#[test_case("hmac_truncated")] +#[test_case("scrypt")] +#[test_case("scrypt_and_x25519")] +#[test_case("scrypt_long_file_key")] +#[test_case("scrypt_no_match")] +#[test_case("scrypt_work_factor_23")] +#[test_case("stanza_bad_start")] +#[test_case("stanza_base64_padding")] +#[test_case("stanza_empty_argument")] +#[test_case("stanza_empty_body")] +#[test_case("stanza_empty_last_line")] +#[test_case("stanza_invalid_character")] +#[test_case("stanza_long_line")] +#[test_case("stanza_missing_body")] +#[test_case("stanza_missing_final_line")] +#[test_case("stanza_multiple_short_lines")] +#[test_case("stanza_no_arguments")] +#[test_case("stanza_not_canonical")] +#[test_case("stanza_spurious_cr")] +#[test_case("stanza_valid_characters")] +#[test_case("stream_empty_payload")] +#[test_case("stream_last_chunk_empty")] +#[test_case("stream_last_chunk_full")] +#[test_case("version_unsupported")] +#[test_case("x25519")] +#[test_case("x25519_bad_tag")] +#[test_case("x25519_extra_argument")] +#[test_case("x25519_grease")] +#[test_case("x25519_identity")] +#[test_case("x25519_long_file_key")] +#[test_case("x25519_long_share")] +#[test_case("x25519_lowercase")] +#[test_case("x25519_low_order")] +#[test_case("x25519_multiple_recipients")] +#[test_case("x25519_no_match")] +#[test_case("x25519_not_canonical_body")] +#[test_case("x25519_not_canonical_share")] +#[test_case("x25519_short_share")] +fn testkit(filename: &str) { + let testfile = TestFile::parse(filename); + let comment = testfile + .comment + .map(|c| format!(" ({})", c)) + .unwrap_or_default(); + + match Decryptor::new(&testfile.age_file[..]).and_then(|d| match d { + Decryptor::Recipients(d) => { + assert_eq!(testfile.passphrases.len(), 0); + let identities: Vec = testfile + .identities + .iter() + .map(|s| s.as_str()) + .map(x25519::Identity::from_str) + .collect::>() + .unwrap(); + d.decrypt(identities.iter().map(|i| i as &dyn Identity)) + } + Decryptor::Passphrase(d) => { + assert_eq!(testfile.identities.len(), 0); + match testfile.passphrases.len() { + 0 => panic!("Test file is missing passphrase{}", comment), + 1 => d.decrypt( + &testfile.passphrases.get(0).cloned().unwrap().into(), + Some(16), + ), + n => panic!("Too many passphrases ({}){}", n, comment), + } + } + }) { + Ok(mut r) => { + let mut payload = vec![]; + let res = r.read_to_end(&mut payload); + match (res, testfile.expect) { + (Ok(_), Expect::Success { payload_sha256 }) => { + assert_eq!(Sha256::digest(&payload)[..], payload_sha256); + } + // These testfile failures are expected, because we maintains support for + // parsing legacy age stanzas without an explicit short final line. + (Ok(_), Expect::HeaderFailure) + if ["stanza_missing_body", "stanza_missing_final_line"].contains(&filename) => { + } + (Err(e), Expect::PayloadFailure) => { + assert_eq!(e.kind(), io::ErrorKind::InvalidData) + } + (actual, expected) => panic!( + "Expected {:?}, got {}{}", + expected, + if actual.is_ok() { + format!("payload '{}'", String::from_utf8_lossy(&payload)) + } else { + format!("{:?}", actual) + }, + comment, + ), + } + } + Err(e) => match e { + DecryptError::DecryptionFailed + | DecryptError::ExcessiveWork { .. } + | DecryptError::InvalidHeader + | DecryptError::Io(_) + | DecryptError::UnknownFormat => { + assert_eq!(testfile.expect, Expect::HeaderFailure) + } + // Temporary workaround for the testkit test files not distinguishing header + // failures from "no matching keys". + DecryptError::NoMatchingKeys + if ["x25519_bad_tag", "x25519_no_match", "x25519_lowercase"] + .contains(&filename) => + { + assert_eq!(testfile.expect, Expect::HeaderFailure) + } + DecryptError::InvalidMac => assert_eq!(testfile.expect, Expect::HmacFailure), + DecryptError::KeyDecryptionFailed => todo!(), + #[cfg(feature = "plugin")] + DecryptError::MissingPlugin { .. } => todo!(), + DecryptError::NoMatchingKeys => todo!(), + #[cfg(feature = "plugin")] + DecryptError::Plugin(_) => todo!(), + }, + } +} + +#[derive(Debug, PartialEq, Eq)] +enum Expect { + Success { payload_sha256: [u8; 32] }, + HeaderFailure, + HmacFailure, + PayloadFailure, +} + +struct TestFile { + expect: Expect, + identities: Vec, + passphrases: Vec, + comment: Option, + age_file: Vec, +} + +impl TestFile { + fn parse(filename: &str) -> Self { + let file = File::open(format!("./tests/testdata/testkit/{}", filename)).unwrap(); + let mut r = BufReader::new(file); + let mut line = String::new(); + + fn data<'l>(line: &'l str, prefix: &str) -> &'l str { + line.strip_prefix(prefix).unwrap().trim() + } + + let expect = { + r.read_line(&mut line).unwrap(); + match data(&line, "expect:") { + "success" => { + line.clear(); + r.read_line(&mut line).unwrap(); + let payload = data(&line, "payload:"); + Expect::Success { + payload_sha256: hex::decode(payload).unwrap().try_into().unwrap(), + } + } + "header failure" => Expect::HeaderFailure, + "payload failure" => Expect::PayloadFailure, + "HMAC failure" => Expect::HmacFailure, + e => panic!("Unknown testkit failure '{}'", e), + } + }; + + let _file_key = { + line.clear(); + r.read_line(&mut line).unwrap(); + hex::decode(data(&line, "file key: ")).unwrap() + }; + + let mut identities = vec![]; + let mut passphrases = vec![]; + let mut comment = None; + loop { + line.clear(); + r.read_line(&mut line).unwrap(); + if line.trim().is_empty() { + break; + } + + let (prefix, data) = line.trim().split_once(": ").unwrap(); + match prefix { + "identity" => identities.push(data.to_owned()), + "passphrase" => passphrases.push(data.to_owned()), + "comment" => comment = Some(data.to_owned()), + _ => panic!("Unknown testkit metadata '{}'", prefix), + } + } + + let mut age_file = vec![]; + r.read_to_end(&mut age_file).unwrap(); + + Self { + expect, + identities, + passphrases, + comment, + age_file, + } + } +}