Mercurial > vim
view src/testdir/test_crypt.vim @ 33420:aa7cd2253130 v9.0.1968
patch 9.0.1968: cmdline completion should consider key option
Commit: https://github.com/vim/vim/commit/6ee7b521fa7531ef356ececc8be7575c3800f872
Author: Yee Cheng Chin <ychin.git@gmail.com>
Date: Sun Oct 1 09:13:22 2023 +0200
patch 9.0.1968: cmdline completion should consider key option
Problem: cmdline completion should consider key option
Solution: Disable cmdline completion for key option, slightly
refactor how P_NO_CMD_EXPAND is handled
Harden crypto 'key' option: turn off cmdline completion, disable set-=
"set-=" can be used maliciously with a crypto key, as it allows an
attacker (who either has access to the computer or a plugin author) to
guess a substring by observing the modified state. Simply turn off
set+=/-=/^= for this option as there is no good reason for them to be
used.
Update docs to make that clear as well.
Also, don't allow cmdline completion for 'key' as it just shows *****
which is not useful and confusing to the user what it means (if the user
accidentally hits enter they will have replaced their key with "*****"
instead).
Move logic to better location, don't use above 32-bit for flags
Move P_NO_CMD_EXPAND to use the unused 0x20 instead of going above
32-bits, as currently the flags parameter is only 32-bits on some
systems. Left a comment to warn that future additions will need to
change how the flags work either by making it 64-bit or split into two
member vars.
Also, move the logic for detecting P_NO_CMD_EXPAND earlier so it's not
up to each handler to decide, and you won't see the temporary "..." that
Vim shows while waiting for completion handler to complete.
closes: #13224
Signed-off-by: Christian Brabandt <cb@256bit.org>
Co-authored-by: Yee Cheng Chin <ychin.git@gmail.com>
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Sun, 01 Oct 2023 09:30:03 +0200 |
parents | bf37770e5952 |
children |
line wrap: on
line source
" Tests for encryption. source shared.vim source check.vim CheckFeature cryptv " Use the xxd command from: " 1: $XXDPROG if set and it is executable " 2: the ../xxd directory if the executable is found there if !empty($XXDPROG) && executable($XXDPROG) let s:xxd_cmd = $XXDPROG elseif executable('..\xxd\xxd.exe') " we're on MS-Windows let s:xxd_cmd = '..\xxd\xxd.exe' elseif executable('../xxd/xxd') " we're on something like Unix let s:xxd_cmd = '../xxd/xxd' else " looks like xxd wasn't build (yet) let s:xxd_cmd = '' endif func Common_head_only(text) " This was crashing Vim split Xtest_head.txt call setline(1, a:text) wq call feedkeys(":split Xtest_head.txt\<CR>foobar\<CR>", "tx") call delete('Xtest_head.txt') call assert_match('VimCrypt', getline(1)) bwipe! endfunc func Test_head_only_2() call Common_head_only('VimCrypt~02!abc') endfunc func Test_head_only_3() call Common_head_only('VimCrypt~03!abc') endfunc func Test_head_only_4() CheckFeature sodium call Common_head_only('VimCrypt~04!abc') endfunc func Crypt_uncrypt(method) exe "set cryptmethod=" . a:method " If the blowfish test fails 'cryptmethod' will be 'zip' now. call assert_equal(a:method, &cryptmethod) split Xtest_uncrypt.txt let text =<< trim END 01234567890123456789012345678901234567, line 2 foo bar blah, line 3 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx END call setline(1, text) call feedkeys(":X\<CR>foobar\<CR>foobar\<CR>", 'xt') call assert_equal('*****', &key) w! bwipe! call feedkeys(":split Xtest_uncrypt.txt\<CR>foobar\<CR>", 'xt') call assert_equal(text, getline(1, 3)) set key= cryptmethod& bwipe! call delete('Xtest_uncrypt.txt') endfunc func Test_crypt_zip() call Crypt_uncrypt('zip') endfunc func Test_crypt_blowfish() call Crypt_uncrypt('blowfish') endfunc func Test_crypt_blowfish2() call Crypt_uncrypt('blowfish2') endfunc func Test_crypt_sodium() CheckFeature sodium call Crypt_uncrypt('xchacha20') endfunc func Test_crypt_sodium_v2() CheckFeature sodium call Crypt_uncrypt('xchacha20v2') endfunc func Test_crypt_sodium_v2_startup() CheckFeature sodium CheckRunVimInTerminal let buf = RunVimInTerminal('--cmd "set cm=xchacha20v2" -x Xfoo', #{wait_for_ruler: 0, rows: 6}) call g:TermWait(buf, g:RunningWithValgrind() ? 1000 : 50) call term_sendkeys(buf, "foo\<CR>foo\<CR>") call term_sendkeys(buf, "ifoo\<Esc>") call term_sendkeys(buf, "ZZ") call TermWait(buf) " Wait for Vim to write the file and exit. Then wipe out the terminal buffer. call WaitForAssert({-> assert_equal("finished", term_getstatus(buf))}) exe buf .. 'bwipe!' call assert_true(filereadable('Xfoo')) let buf = RunVimInTerminal('--cmd "set ch=3 cm=xchacha20v2 key=foo" Xfoo', #{wait_for_ruler: 0, rows: 10}) call g:TermWait(buf, g:RunningWithValgrind() ? 1000 : 50) call StopVimInTerminal(buf) call delete('Xfoo') endfunc func Uncrypt_stable(method, crypted_text, key, uncrypted_text) split Xtest_stable.txt set bin noeol key= fenc=latin1 exe "set cryptmethod=" . a:method call setline(1, a:crypted_text) w! bwipe! set nobin call feedkeys(":split Xtest_stable.txt\<CR>" . a:key . "\<CR>", 'xt') call assert_equal(a:uncrypted_text, getline(1, len(a:uncrypted_text))) bwipe! call delete('Xtest_stable.txt') set key= endfunc func Uncrypt_stable_xxd(method, hex, key, uncrypted_text, verbose) if empty(s:xxd_cmd) throw 'Skipped: xxd program missing' endif " use xxd to write the binary content call system(s:xxd_cmd .. ' -r >Xtest_stable_xxd.txt', a:hex) let cmd = (a:verbose ? ':verbose' : '') .. \ ":split Xtest_stable_xxd.txt\<CR>" . a:key . "\<CR>" call feedkeys(cmd, 'xt') call assert_equal(a:uncrypted_text, getline(1, len(a:uncrypted_text))) bwipe! call delete('Xtest_stable_xxd.txt') set key= endfunc func Test_uncrypt_zip() call Uncrypt_stable('zip', "VimCrypt~01!\u0006\u001clV'\u00de}Mg\u00a0\u00ea\u00a3V\u00a9\u00e7\u0007E#3\u008e2U\u00e9\u0097", "foofoo", ["1234567890", "aábbccddeëff"]) endfunc func Test_uncrypt_blowfish() call Uncrypt_stable('blowfish', "VimCrypt~02!k)\u00be\u0017\u0097#\u0016\u00ddS\u009c\u00f5=\u00ba\u00e0\u00c8#\u00a5M\u00b4\u0086J\u00c3A\u00cd\u00a5M\u00b4\u0086!\u0080\u0015\u009b\u00f5\u000f\u00e1\u00d2\u0019\u0082\u0016\u0098\u00f7\u000d\u00da", "barbar", ["asdfasdfasdf", "0001112223333"]) endfunc func Test_uncrypt_blowfish2a() call Uncrypt_stable('blowfish', "VimCrypt~03!\u001e\u00d1N\u00e3;\u00d3\u00c0\u00a0^C)\u0004\u00f7\u007f.\u00b6\u00abF\u000eS\u0019\u00e0\u008b6\u00d2[T\u00cb\u00a7\u0085\u00d8\u00be9\u000b\u00812\u000bQ\u00b3\u00cc@\u0097\u000f\u00df\u009a\u00adIv\u00aa.\u00d8\u00c9\u00ee\u009e`\u00bd$\u00af%\u00d0", "barburp", ["abcdefghijklmnopqrstuvwxyz", "!@#$%^&*()_+=-`~"]) endfunc func Test_uncrypt_blowfish2() call Uncrypt_stable('blowfish2', "VimCrypt~03!\u001e\u00d1N\u00e3;\u00d3\u00c0\u00a0^C)\u0004\u00f7\u007f.\u00b6\u00abF\u000eS\u0019\u00e0\u008b6\u00d2[T\u00cb\u00a7\u0085\u00d8\u00be9\u000b\u00812\u000bQ\u00b3\u00cc@\u0097\u000f\u00df\u009a\u00adIv\u00aa.\u00d8\u00c9\u00ee\u009e`\u00bd$\u00af%\u00d0", "barburp", ["abcdefghijklmnopqrstuvwxyz", "!@#$%^&*()_+=-`~"]) endfunc func Test_uncrypt_xchacha20() CheckFeature sodium let hex =<< trim END 00000000: 5669 6d43 7279 7074 7e30 3421 6b7d e607 vimCrypt~04!k}.. 00000010: 4ea4 e99f 923e f67f 7b59 a80d 3bca 2f06 N....>..{Y..;./. 00000020: fa11 b951 8d09 0dc9 470f e7cf 8b90 4310 ...Q....G.....C. 00000030: 653b b83b e493 378b 0390 0e38 f912 626b e;.;..7....8..bk 00000040: a02e 4697 0254 2625 2d8e 3a0b 784b e89c ..F..T&%-.:.xK.. 00000050: 0c67 a975 3c17 9319 8ffd 1463 7783 a1f3 .g.u<......cw... 00000060: d917 dcb3 8b3e ecd7 c7d4 086b 6059 7ead .....>.....k`Y~. 00000070: 9b07 f96b 5c1b 4d08 cd91 f208 5221 7484 ...k\.M.....R!t. 00000080: 72be 0136 84a1 d3 r..6... END " the file should be in latin1 encoding, this makes sure that readfile() " retries several times converting the multi-byte characters call Uncrypt_stable_xxd('xchacha20', hex, "sodium_crypt", ["abcdefghijklmnopqrstuvwxyzäöü", "ZZZ_äüöÄÜÖ_!@#$%^&*()_+=-`~"], 0) endfunc func Test_uncrypt_xchacha20v2_custom() CheckFeature sodium " Test, reading xchacha20v2 with custom encryption parameters let hex =<< trim END 00000000: 5669 6d43 7279 7074 7e30 3521 934b f288 VimCrypt~05!.K.. 00000010: 10ba 8bc9 25a0 8876 f85c f135 6fb8 518b ....%..v.\.5o.Q. 00000020: b133 9af1 0300 0000 0000 0000 0000 0010 .3.............. 00000030: 0000 0000 0200 0000 b973 5f33 80e9 54fc .........s_3..T. 00000040: 138f ba3e 046b 3135 90b7 7783 5eac 7fe3 ...>.k15..w.^... 00000050: 0cd2 14df ed75 4b65 8763 8205 035c ec81 .....uKe.c...\.. 00000060: a4cf 33d2 7507 ec38 ba62 a327 9068 d8ad ..3.u..8.b.'.h.. 00000070: 2607 3fa6 f95d 7ea8 9799 f997 4820 0c &.?..]~.....H . END try call Uncrypt_stable_xxd('xchacha20v2', hex, "foobar", ["", "foo", "bar", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10"], 1) catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' endtry call assert_match('xchacha20v2: using custom \w\+ "\d\+" for Key derivation.', execute(':messages')) endfunc func Test_uncrypt_xchacha20v2() CheckFeature sodium " Test, reading xchacha20v2 let hex =<< trim END 00000000: 5669 6d43 7279 7074 7e30 3521 9f20 4e14 VimCrypt~05!. N. 00000010: c7da c1bd 7dea 8fbc db6c 38e6 7a77 6fef ....}....l8.zwo. 00000020: 82dd 964b 0300 0000 0000 0000 0000 0010 ...K............ 00000030: 0000 0000 0200 0000 a97c 2f00 0b9d 19eb .........|/..... 00000040: 1d92 1ea5 3f22 c179 4b3e 870a eb19 6380 ....?".yK>....c. 00000050: 63f8 222d b5d1 3c73 7be5 d580 47ea 44cc c."-..<s{...G.D. 00000060: 6c25 8078 3fd5 d836 c700 0122 bb30 7a59 l%.x?..6...".0zY 00000070: b184 2ae8 e7db 113a f732 938f 7a34 1333 ..*....:.2..z4.3 00000080: dc89 1491 51a0 67b9 0f3a b56c 1f9d 53b0 ....Q.g..:.l..S. 00000090: 2416 205a 8c4c 5fde 4dac 2611 8a48 24f0 $. Z.L_.M.&..H$. 000000a0: ba00 92c1 60 ....` END try call Uncrypt_stable_xxd('xchacha20v2', hex, "foo1234", ["abcdefghijklmnopqrstuvwxyzäöü", 'ZZZ_äüöÄÜÖ_!@#$%^&*()_+=-`~"'], 0) catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' endtry endfunc func Test_uncrypt_xchacha20_invalid() CheckFeature sodium " load an invalid encrypted file and verify it can be decrypted with an " error message try call feedkeys(":split samples/crypt_sodium_invalid.txt\<CR>sodium\<CR>", 'xt') call assert_false(1, 'should not happen') catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' catch call assert_exception('pre-mature') endtry call assert_match("Note: Encryption of swapfile not supported, disabling swap file", execute(':5messages')) call assert_equal(0, &swapfile) call assert_equal("xchacha20", &cryptmethod) call assert_equal('311111111111111111111111', getline('$')) bw! endfunc func Test_uncrypt_xchacha20_2() CheckFeature sodium sp Xcrypt_sodium.txt " Create a larger file, so that Vim will write in several blocks call setline(1, range(1, 4000)) call assert_equal(1, &swapfile) set cryptmethod=xchacha20 call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt') " swapfile disabled call assert_equal(0, &swapfile) call assert_match("Note: Encryption of swapfile not supported, disabling swap file", execute(':messages')) w! " encrypted using xchacha20 call assert_match('\[xchacha20\]', execute(':messages')) bw! call feedkeys(":sp Xcrypt_sodium.txt\<CR>sodium\<CR>", 'xt') " successfully decrypted call assert_equal(range(1, 4000)->map( {_, v -> string(v)}), getline(1,'$')) set key= w! ++ff=unix " encryption removed (on MS-Windows the .* matches [unix]) call assert_match('"Xcrypt_sodium.txt".*4000L, 18893B written', execute(':message')) bw! call delete('Xcrypt_sodium.txt') set cryptmethod&vim endfunc func Test_uncrypt_xchacha20v2_2() CheckFeature sodium sp Xcrypt_sodium_v2.txt " Create a larger file, so that Vim will write in several blocks call setline(1, range(1, 4000)) call assert_equal(1, &swapfile) set cryptmethod=xchacha20v2 call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt') " swapfile disabled call assert_equal(0, &swapfile) call assert_match("Note: Encryption of swapfile not supported, disabling swap file", execute(':messages')) try w! catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' endtry " encrypted using xchacha20 call assert_match('\[xchacha20v2\]', execute(':messages')) bw! try call feedkeys(":verbose :sp Xcrypt_sodium_v2.txt\<CR>sodium\<CR>", 'xt') catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' endtry " successfully decrypted call assert_equal(range(1, 4000)->map( {_, v -> string(v)}), getline(1,'$')) call assert_match('xchacha20v2: using default \w\+ "\d\+" for Key derivation.', execute(':messages')) set key= w! ++ff=unix " encryption removed (on MS-Windows the .* matches [unix]) call assert_match('"Xcrypt_sodium_v2.txt".*4000L, 18893B written', execute(':message')) bw! call delete('Xcrypt_sodium_v2.txt') set cryptmethod&vim endfunc func Test_uncrypt_xchacha20_3_persistent_undo() CheckFeature sodium CheckFeature persistent_undo for meth in ['xchacha20', 'xchacha20v2'] sp Xcrypt_sodium_undo.txt exe "set cryptmethod=" .. meth .. " undofile" call feedkeys(":X\<CR>sodium\<CR>sodium\<CR>", 'xt') call assert_equal(1, &undofile) let ufile=undofile(@%) call append(0, ['monday', 'tuesday', 'wednesday', 'thursday', 'friday']) call cursor(1, 1) set undolevels=100 normal dd set undolevels=100 normal dd set undolevels=100 normal dd set undolevels=100 try w! catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' endtry call assert_equal(0, &undofile) bw! try call feedkeys(":sp Xcrypt_sodium_undo.txt\<CR>sodium\<CR>", 'xt') catch /^Vim\%((\a\+)\)\=:E1230:/ " sodium_mlock() not possible, may happen at Github CI throw 'Skipped: sodium_mlock() not possible' endtry " should fail norm! u call assert_match('Already at oldest change', execute(':1mess')) call assert_fails('verbose rundo ' .. fnameescape(ufile), 'E822') bw! set undolevels& cryptmethod& undofile& call delete('Xcrypt_sodium_undo.txt') endfor endfunc func Test_encrypt_xchacha20_missing() if has("sodium") return endif sp Xcrypt_sodium_undo.txt call assert_fails(':set cryptmethod=xchacha20', 'E474') call assert_fails(':set cryptmethod=xchacha20v2', 'E474') bw! set cm& endfunc func Test_uncrypt_unknown_method() split Xuncrypt_unknown.txt set bin noeol key= fenc=latin1 call setline(1, "VimCrypt~93!\u001e\u00d1") w! bwipe! set nobin call assert_fails(":split Xuncrypt_unknown.txt", 'E821:') bwipe! call delete('Xuncrypt_unknown.txt') set key= endfunc func Test_crypt_key_mismatch() set cryptmethod=blowfish split Xtest_mismatch.txt call setline(1, 'nothing') call feedkeys(":X\<CR>foobar\<CR>nothing\<CR>", 'xt') call assert_match("Keys don't match!", execute(':2messages')) call assert_equal('', &key) call feedkeys("\<CR>\<CR>", 'xt') set cryptmethod& bwipe! endfunc func Test_crypt_set_key_changes_buffer() new Xtest1.txt call setline(1, 'nothing') set cryptmethod=blowfish2 call feedkeys(":X\<CR>foobar\<CR>foobar\<CR>", 'xt') call assert_fails(":q", "E37:") w set key=anotherkey call assert_fails(":bw") w call feedkeys(":X\<CR>foobar\<CR>foobar\<CR>", 'xt') call assert_fails(":bw") w let winnr = winnr() wincmd p call setwinvar(winnr, '&key', 'yetanotherkey') wincmd p call assert_fails(":bw") w set cryptmethod& set key= bwipe! call delete('Xtest1.txt') endfunc func Test_crypt_set_key_segfault() CheckFeature sodium defer delete('Xtest2.txt') new Xtest2.txt call setline(1, 'nothing') set cryptmethod=xchacha20 set key=foobar w new Xtest3 put ='other content' setl modified sil! preserve bwipe! set cryptmethod& set key= bwipe! endfunc func Test_crypt_set_key_disallow_append_subtract() new Xtest4 set key=foobar call assert_true(&modified) setl nomodified call assert_fails('set key-=foo', 'E474:') call assert_fails('set key-=bar', 'E474:') call assert_fails('set key-=foobar', 'E474:') call assert_fails('set key-=test1', 'E474:') call assert_false(&modified) call assert_equal('*****', &key) call assert_fails('set key+=test2', 'E474:') call assert_fails('set key^=test3', 'E474:') call assert_false(&modified) set key= bwipe! endfunc " vim: shiftwidth=2 sts=2 expandtab