1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
/* Copyright (c) 2016-2018 Dovecot authors, see the included COPYING file */
#include "lib.h"
#include "dcrypt.h"
#include "istream.h"
#include "istream-decrypt.h"
#include "dcrypt-iostream.h"
#include "doveadm-dump.h"
#include <stdio.h>
static int get_digest(const char *digest,
struct dcrypt_private_key **priv_key_r ATTR_UNUSED,
const char **error_r ATTR_UNUSED,
void *context)
{
const char **digest_r = (const char**)context;
*digest_r = t_strdup(digest);
return 0;
}
static void dcrypt_istream_dump_metadata(const struct istream *stream)
{
enum io_stream_encrypt_flags flags = i_stream_encrypt_get_flags(stream);
if ((flags & IO_STREAM_ENC_INTEGRITY_HMAC) != 0)
printf("flags: IO_STREAM_ENC_INTEGRITY_HMAC\n");
if ((flags & IO_STREAM_ENC_INTEGRITY_AEAD) != 0)
printf("flags: IO_STREAM_ENC_INTEGRITY_AEAD\n");
if ((flags & IO_STREAM_ENC_INTEGRITY_NONE) != 0)
printf("flags: IO_STREAM_ENC_INTEGRITY_NONE\n");
if ((flags & IO_STREAM_ENC_VERSION_1) != 0)
printf("flags: IO_STREAM_ENC_VERSION_1\n");
enum decrypt_istream_format format = i_stream_encrypt_get_format(stream);
switch (format) {
case DECRYPT_FORMAT_V1:
printf("format: DECRYPT_FORMAT_V1\n");
break;
case DECRYPT_FORMAT_V2:
printf("format: DECRYPT_FORMAT_V2\n");
break;
}
}
static bool dcrypt_file_dump_metadata(const char *filename, bool print)
{
bool ret = FALSE;
struct istream *is = i_stream_create_file(filename, IO_BLOCK_SIZE);
const char *key_digest = NULL;
struct istream *ds = i_stream_create_decrypt_callback(is,
get_digest, &key_digest);
ssize_t size = i_stream_read(ds);
i_assert(size < 0);
if (key_digest != NULL) {
ret = TRUE;
if (print) {
dcrypt_istream_dump_metadata(ds);
printf("decrypt key digest: %s\n", key_digest);
}
} else if (print && ds->stream_errno != 0) {
i_error("read(%s) failed: %s",
i_stream_get_name(ds),
i_stream_get_error(ds));
}
i_stream_unref(&ds);
i_stream_unref(&is);
return ret;
}
static bool test_dump_dcrypt_file(const char *path)
{
if (!dcrypt_initialize("openssl", NULL, NULL))
return FALSE;
bool ret = dcrypt_file_dump_metadata(path, FALSE);
return ret;
}
static void
cmd_dump_dcrypt_file(const char *path, const char *const *args ATTR_UNUSED)
{
const char *error = NULL;
if (!dcrypt_initialize("openssl", NULL, &error))
i_fatal("dcrypt_initialize failed: %s", error);
(void)dcrypt_file_dump_metadata(path, TRUE);
}
struct doveadm_cmd_dump doveadm_cmd_dump_dcrypt_file = {
"dcrypt-file",
test_dump_dcrypt_file,
cmd_dump_dcrypt_file
};
|
