diff options
Diffstat (limited to 'qemu/tests/test-crypto-block.c')
-rw-r--r-- | qemu/tests/test-crypto-block.c | 363 |
1 files changed, 0 insertions, 363 deletions
diff --git a/qemu/tests/test-crypto-block.c b/qemu/tests/test-crypto-block.c deleted file mode 100644 index a38110d3f..000000000 --- a/qemu/tests/test-crypto-block.c +++ /dev/null @@ -1,363 +0,0 @@ -/* - * QEMU Crypto block encryption - * - * Copyright (c) 2016 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/>. - * - */ - -#include "qemu/osdep.h" -#include "qapi/error.h" -#include "crypto/init.h" -#include "crypto/block.h" -#include "qemu/buffer.h" -#include "crypto/secret.h" -#ifndef _WIN32 -#include <sys/resource.h> -#endif - -#if defined(CONFIG_UUID) && (defined(_WIN32) || defined RUSAGE_THREAD) -#define TEST_LUKS -#else -#undef TEST_LUKS -#endif - -static QCryptoBlockCreateOptions qcow_create_opts = { - .format = Q_CRYPTO_BLOCK_FORMAT_QCOW, - .u.qcow = { - .has_key_secret = true, - .key_secret = (char *)"sec0", - }, -}; - -static QCryptoBlockOpenOptions qcow_open_opts = { - .format = Q_CRYPTO_BLOCK_FORMAT_QCOW, - .u.qcow = { - .has_key_secret = true, - .key_secret = (char *)"sec0", - }, -}; - - -#ifdef TEST_LUKS -static QCryptoBlockOpenOptions luks_open_opts = { - .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, - .u.luks = { - .has_key_secret = true, - .key_secret = (char *)"sec0", - }, -}; - - -/* Creation with all default values */ -static QCryptoBlockCreateOptions luks_create_opts_default = { - .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, - .u.luks = { - .has_key_secret = true, - .key_secret = (char *)"sec0", - }, -}; - - -/* ...and with explicit values */ -static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_plain64 = { - .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, - .u.luks = { - .has_key_secret = true, - .key_secret = (char *)"sec0", - .has_cipher_alg = true, - .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, - .has_cipher_mode = true, - .cipher_mode = QCRYPTO_CIPHER_MODE_CBC, - .has_ivgen_alg = true, - .ivgen_alg = QCRYPTO_IVGEN_ALG_PLAIN64, - }, -}; - - -static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_essiv = { - .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, - .u.luks = { - .has_key_secret = true, - .key_secret = (char *)"sec0", - .has_cipher_alg = true, - .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, - .has_cipher_mode = true, - .cipher_mode = QCRYPTO_CIPHER_MODE_CBC, - .has_ivgen_alg = true, - .ivgen_alg = QCRYPTO_IVGEN_ALG_ESSIV, - .has_ivgen_hash_alg = true, - .ivgen_hash_alg = QCRYPTO_HASH_ALG_SHA256, - .has_hash_alg = true, - .hash_alg = QCRYPTO_HASH_ALG_SHA1, - }, -}; -#endif /* TEST_LUKS */ - - -static struct QCryptoBlockTestData { - const char *path; - QCryptoBlockCreateOptions *create_opts; - QCryptoBlockOpenOptions *open_opts; - - bool expect_header; - - QCryptoCipherAlgorithm cipher_alg; - QCryptoCipherMode cipher_mode; - QCryptoHashAlgorithm hash_alg; - - QCryptoIVGenAlgorithm ivgen_alg; - QCryptoHashAlgorithm ivgen_hash; - - bool slow; -} test_data[] = { - { - .path = "/crypto/block/qcow", - .create_opts = &qcow_create_opts, - .open_opts = &qcow_open_opts, - - .expect_header = false, - - .cipher_alg = QCRYPTO_CIPHER_ALG_AES_128, - .cipher_mode = QCRYPTO_CIPHER_MODE_CBC, - - .ivgen_alg = QCRYPTO_IVGEN_ALG_PLAIN64, - }, -#ifdef TEST_LUKS - { - .path = "/crypto/block/luks/default", - .create_opts = &luks_create_opts_default, - .open_opts = &luks_open_opts, - - .expect_header = true, - - .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, - .cipher_mode = QCRYPTO_CIPHER_MODE_XTS, - .hash_alg = QCRYPTO_HASH_ALG_SHA256, - - .ivgen_alg = QCRYPTO_IVGEN_ALG_PLAIN64, - - .slow = true, - }, - { - .path = "/crypto/block/luks/aes-256-cbc-plain64", - .create_opts = &luks_create_opts_aes256_cbc_plain64, - .open_opts = &luks_open_opts, - - .expect_header = true, - - .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, - .cipher_mode = QCRYPTO_CIPHER_MODE_CBC, - .hash_alg = QCRYPTO_HASH_ALG_SHA256, - - .ivgen_alg = QCRYPTO_IVGEN_ALG_PLAIN64, - - .slow = true, - }, - { - .path = "/crypto/block/luks/aes-256-cbc-essiv", - .create_opts = &luks_create_opts_aes256_cbc_essiv, - .open_opts = &luks_open_opts, - - .expect_header = true, - - .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, - .cipher_mode = QCRYPTO_CIPHER_MODE_CBC, - .hash_alg = QCRYPTO_HASH_ALG_SHA1, - - .ivgen_alg = QCRYPTO_IVGEN_ALG_ESSIV, - .ivgen_hash = QCRYPTO_HASH_ALG_SHA256, - - .slow = true, - }, -#endif -}; - - -static ssize_t test_block_read_func(QCryptoBlock *block, - size_t offset, - uint8_t *buf, - size_t buflen, - Error **errp, - void *opaque) -{ - Buffer *header = opaque; - - g_assert_cmpint(offset + buflen, <=, header->capacity); - - memcpy(buf, header->buffer + offset, buflen); - - return buflen; -} - - -static ssize_t test_block_init_func(QCryptoBlock *block, - size_t headerlen, - Error **errp, - void *opaque) -{ - Buffer *header = opaque; - - g_assert_cmpint(header->capacity, ==, 0); - - buffer_reserve(header, headerlen); - - return headerlen; -} - - -static ssize_t test_block_write_func(QCryptoBlock *block, - size_t offset, - const uint8_t *buf, - size_t buflen, - Error **errp, - void *opaque) -{ - Buffer *header = opaque; - - g_assert_cmpint(buflen + offset, <=, header->capacity); - - memcpy(header->buffer + offset, buf, buflen); - header->offset = offset + buflen; - - return buflen; -} - - -static Object *test_block_secret(void) -{ - return object_new_with_props( - TYPE_QCRYPTO_SECRET, - object_get_objects_root(), - "sec0", - &error_abort, - "data", "123456", - NULL); -} - -static void test_block_assert_setup(const struct QCryptoBlockTestData *data, - QCryptoBlock *blk) -{ - QCryptoIVGen *ivgen; - QCryptoCipher *cipher; - - ivgen = qcrypto_block_get_ivgen(blk); - cipher = qcrypto_block_get_cipher(blk); - - g_assert(ivgen); - g_assert(cipher); - - g_assert_cmpint(data->cipher_alg, ==, cipher->alg); - g_assert_cmpint(data->cipher_mode, ==, cipher->mode); - g_assert_cmpint(data->hash_alg, ==, - qcrypto_block_get_kdf_hash(blk)); - - g_assert_cmpint(data->ivgen_alg, ==, - qcrypto_ivgen_get_algorithm(ivgen)); - g_assert_cmpint(data->ivgen_hash, ==, - qcrypto_ivgen_get_hash(ivgen)); -} - - -static void test_block(gconstpointer opaque) -{ - const struct QCryptoBlockTestData *data = opaque; - QCryptoBlock *blk; - Buffer header; - Object *sec = test_block_secret(); - - memset(&header, 0, sizeof(header)); - buffer_init(&header, "header"); - - blk = qcrypto_block_create(data->create_opts, - test_block_init_func, - test_block_write_func, - &header, - &error_abort); - g_assert(blk); - - if (data->expect_header) { - g_assert_cmpint(header.capacity, >, 0); - } else { - g_assert_cmpint(header.capacity, ==, 0); - } - - test_block_assert_setup(data, blk); - - qcrypto_block_free(blk); - object_unparent(sec); - - /* Ensure we can't open without the secret */ - blk = qcrypto_block_open(data->open_opts, - test_block_read_func, - &header, - 0, - NULL); - g_assert(blk == NULL); - - /* Ensure we can't open without the secret, unless NO_IO */ - blk = qcrypto_block_open(data->open_opts, - test_block_read_func, - &header, - QCRYPTO_BLOCK_OPEN_NO_IO, - &error_abort); - - g_assert(qcrypto_block_get_cipher(blk) == NULL); - g_assert(qcrypto_block_get_ivgen(blk) == NULL); - - qcrypto_block_free(blk); - - - /* Now open for real with secret */ - sec = test_block_secret(); - blk = qcrypto_block_open(data->open_opts, - test_block_read_func, - &header, - 0, - &error_abort); - g_assert(blk); - - test_block_assert_setup(data, blk); - - qcrypto_block_free(blk); - - object_unparent(sec); - - buffer_free(&header); -} - - -int main(int argc, char **argv) -{ - gsize i; - - module_call_init(MODULE_INIT_QOM); - g_test_init(&argc, &argv, NULL); - - g_assert(qcrypto_init(NULL) == 0); - - for (i = 0; i < G_N_ELEMENTS(test_data); i++) { - if (test_data[i].open_opts->format == Q_CRYPTO_BLOCK_FORMAT_LUKS && - !qcrypto_hash_supports(test_data[i].hash_alg)) { - continue; - } - if (!test_data[i].slow || - g_test_slow()) { - g_test_add_data_func(test_data[i].path, &test_data[i], test_block); - } - } - - return g_test_run(); -} |