patch 9.0.1481: decrypting with libsodium may fail if the library changes

Problem: Decrypting with libsodium may fail if the library changes. Solution: Add parameters used to the encrypted file header. (Christian Brabandt, closes #12279)
2023-04-23 17:50:22 +01:00
parent dcd40cfca0
commit aae583441b
16 changed files with 422 additions and 121 deletions
--- a/src/testdir/test_crypt.vim
+++ b/src/testdir/test_crypt.vim
@@ -81,6 +81,11 @@ func Test_crypt_sodium()
  call Crypt_uncrypt('xchacha20')
 endfunc

+func Test_crypt_sodium_v2()
+  CheckFeature sodium
+  call Crypt_uncrypt('xchacha20v2')
+endfunc
+
 func Uncrypt_stable(method, crypted_text, key, uncrypted_text)
  split Xtest.txt
  set bin noeol key= fenc=latin1
@@ -96,13 +101,15 @@ func Uncrypt_stable(method, crypted_text, key, uncrypted_text)
  set key=
 endfunc

-func Uncrypt_stable_xxd(method, hex, key, uncrypted_text)
+func Uncrypt_stable_xxd(method, hex, key, uncrypted_text, verbose)
  if empty(s:xxd_cmd)
    throw 'Skipped: xxd program missing'
  endif
  " use xxd to write the binary content
  call system(s:xxd_cmd .. ' -r >Xtest.txt', a:hex)
-  call feedkeys(":split Xtest.txt\<CR>" . a:key . "\<CR>", 'xt')
+  let cmd = (a:verbose ? ':verbose' : '') ..
+        \ ":split Xtest.txt\<CR>" . a:key . "\<CR>"
+  call feedkeys(cmd, 'xt')
  call assert_equal(a:uncrypted_text, getline(1, len(a:uncrypted_text)))
  bwipe!
  call delete('Xtest.txt')
@@ -138,7 +145,40 @@ func Test_uncrypt_xchacha20()
        \  '00000080: 72be 0136 84a1 d3                        r..6...']
  " the file should be in latin1 encoding, this makes sure that readfile()
  " retries several times converting the multi-byte characters
-  call Uncrypt_stable_xxd('xchacha20', hex, "sodium_crypt", ["abcdefghijklmnopqrstuvwxyzäöü", "ZZZ_äüöÄÜÖ_!@#$%^&*()_+=-`~"])
+  call Uncrypt_stable_xxd('xchacha20', hex, "sodium_crypt", ["abcdefghijklmnopqrstuvwxyzäöü", "ZZZ_äüöÄÜÖ_!@#$%^&*()_+=-`~"], 0)
+endfunc
+
+func Test_uncrypt_xchacha20v2_custom()
+  CheckFeature sodium
+  " Test, reading xchacha20v2 with custom encryption parameters
+  let hex = ['00000000: 5669 6d43 7279 7074 7e30 3521 934b f288  VimCrypt~05!.K..',
+        \ '00000010: 10ba 8bc9 25a0 8876 f85c f135 6fb8 518b  ....%..v.\.5o.Q.',
+        \ '00000020: b133 9af1 0300 0000 0000 0000 0000 0010  .3..............',
+        \ '00000030: 0000 0000 0200 0000 b973 5f33 80e9 54fc  .........s_3..T.',
+        \ '00000040: 138f ba3e 046b 3135 90b7 7783 5eac 7fe3  ...>.k15..w.^...',
+        \ '00000050: 0cd2 14df ed75 4b65 8763 8205 035c ec81  .....uKe.c...\..',
+        \ "00000060: a4cf 33d2 7507 ec38 ba62 a327 9068 d8ad  ..3.u..8.b.'.h..",
+        \ '00000070: 2607 3fa6 f95d 7ea8 9799 f997 4820 0c    &.?..]~.....H .']
+  call Uncrypt_stable_xxd('xchacha20v2', hex, "foobar", ["", "foo", "bar", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10"], 1)
+  call assert_match('xchacha20v2: using custom \w\+ "\d\+" for Key derivation.', execute(':messages'))
+endfunc
+
+func Test_uncrypt_xchacha20v2()
+  CheckFeature sodium
+  " Test, reading xchacha20v2
+  let hex = [
+        \ '00000000: 5669 6d43 7279 7074 7e30 3521 9f20 4e14  VimCrypt~05!. N.',
+        \ '00000010: c7da c1bd 7dea 8fbc db6c 38e6 7a77 6fef  ....}....l8.zwo.',
+        \ '00000020: 82dd 964b 0300 0000 0000 0000 0000 0010  ...K............',
+        \ '00000030: 0000 0000 0200 0000 a97c 2f00 0b9d 19eb  .........|/.....',
+        \ '00000040: 1d92 1ea5 3f22 c179 4b3e 870a eb19 6380  ....?".yK>....c.',
+        \ '00000050: 63f8 222d b5d1 3c73 7be5 d580 47ea 44cc  c."-..<s{...G.D.',
+        \ '00000060: 6c25 8078 3fd5 d836 c700 0122 bb30 7a59  l%.x?..6...".0zY',
+        \ '00000070: b184 2ae8 e7db 113a f732 938f 7a34 1333  ..*....:.2..z4.3',
+        \ '00000080: dc89 1491 51a0 67b9 0f3a b56c 1f9d 53b0  ....Q.g..:.l..S.',
+        \ '00000090: 2416 205a 8c4c 5fde 4dac 2611 8a48 24f0  $. Z.L_.M.&..H$.',
+        \ '000000a0: ba00 92c1 60                             ....`']
+  call Uncrypt_stable_xxd('xchacha20v2', hex, "foo1234", ["abcdefghijklmnopqrstuvwxyzäöü", 'ZZZ_äüöÄÜÖ_!@#$%^&*()_+=-`~"'], 0)
 endfunc

 func Test_uncrypt_xchacha20_invalid()
@@ -165,7 +205,7 @@ func Test_uncrypt_xchacha20_2()

  sp Xcrypt_sodium.txt
  " Create a larger file, so that Vim will write in several blocks
-  call setline(1, range(1,4000))
+  call setline(1, range(1, 4000))
  call assert_equal(1, &swapfile)
  set cryptmethod=xchacha20
  call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt')
@@ -186,38 +226,73 @@ func Test_uncrypt_xchacha20_2()
  bw!
  call delete('Xcrypt_sodium.txt')
  set cryptmethod&vim
+
+endfunc
+
+func Test_uncrypt_xchacha20v2_2()
+  CheckFeature sodium
+
+  sp Xcrypt_sodium_v2.txt
+  " Create a larger file, so that Vim will write in several blocks
+  call setline(1, range(1, 4000))
+  call assert_equal(1, &swapfile)
+  set cryptmethod=xchacha20v2
+  call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt')
+  " swapfile disabled
+  call assert_equal(0, &swapfile)
+  call assert_match("Note: Encryption of swapfile not supported, disabling swap file", execute(':messages'))
+  w!
+  " encrypted using xchacha20
+  call assert_match("\[xchachav2\]", execute(':messages'))
+  bw!
+  call feedkeys(":verbose :sp Xcrypt_sodium_v2.txt\<CR>sodium\<CR>", 'xt')
+  " successfully decrypted
+  call assert_equal(range(1, 4000)->map( {_, v -> string(v)}), getline(1,'$'))
+  call assert_match('xchacha20v2: using default \w\+ "\d\+" for Key derivation.', execute(':messages'))
+  set key=
+  w! ++ff=unix
+  " encryption removed (on MS-Windows the .* matches [unix])
+  call assert_match('"Xcrypt_sodium_v2.txt".*4000L, 18893B written', execute(':message'))
+  bw!
+  call delete('Xcrypt_sodium_v2.txt')
+  set cryptmethod&vim
+
 endfunc

 func Test_uncrypt_xchacha20_3_persistent_undo()
  CheckFeature sodium
  CheckFeature persistent_undo

-  sp Xcrypt_sodium_undo.txt
-  set cryptmethod=xchacha20 undofile
-  call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt')
-  call assert_equal(1, &undofile)
-  let ufile=undofile(@%)
-  call append(0, ['monday', 'tuesday', 'wednesday', 'thursday', 'friday'])
-  call cursor(1, 1)
+  for meth in ['xchacha20', 'xchacha20v2']

-  set undolevels=100
-  normal dd
-  set undolevels=100
-  normal dd
-  set undolevels=100
-  normal dd
-  set undolevels=100
-  w!
-  call assert_equal(0, &undofile)
-  bw!
-  call feedkeys(":sp Xcrypt_sodium_undo.txt\<CR>sodium\<CR>", 'xt')
-  " should fail
-  norm! u
-  call assert_match('Already at oldest change', execute(':1mess'))
-  call assert_fails('verbose rundo ' .. fnameescape(ufile), 'E822')
-  bw!
-  set undolevels& cryptmethod& undofile&
-  call delete('Xcrypt_sodium_undo.txt')
+    sp Xcrypt_sodium_undo.txt
+    exe "set cryptmethod=" .. meth .. " undofile"
+    call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt')
+    call assert_equal(1, &undofile)
+    let ufile=undofile(@%)
+    call append(0, ['monday', 'tuesday', 'wednesday', 'thursday', 'friday'])
+    call cursor(1, 1)
+
+    set undolevels=100
+    normal dd
+    set undolevels=100
+    normal dd
+    set undolevels=100
+    normal dd
+    set undolevels=100
+    w!
+    call assert_equal(0, &undofile)
+    bw!
+    call feedkeys(":sp Xcrypt_sodium_undo.txt\<CR>sodium\<CR>", 'xt')
+    " should fail
+    norm! u
+    call assert_match('Already at oldest change', execute(':1mess'))
+    call assert_fails('verbose rundo ' .. fnameescape(ufile), 'E822')
+    bw!
+    set undolevels& cryptmethod& undofile&
+    call delete('Xcrypt_sodium_undo.txt')
+
+  endfor
 endfunc

 func Test_encrypt_xchacha20_missing()
@@ -226,6 +301,7 @@ func Test_encrypt_xchacha20_missing()
  endif
  sp Xcrypt_sodium_undo.txt
  call assert_fails(':set cryptmethod=xchacha20', 'E474')
+  call assert_fails(':set cryptmethod=xchacha20v2', 'E474')
  bw!
  set cm&
 endfunc