| blob | 59e674fa85a3bbc72ff923229c0fae807f507ffd |
1 #!/usr/bin/env python3
2 #
3 # Test case QMP's encrypted key management
4 #
5 # Copyright (C) 2019 Red Hat, Inc.
6 #
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 2 of the License, or
10 # (at your option) any later version.
11 #
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 #
21 import iotests
22 import os
23 import time
24 import json
26 test_img = os.path.join(iotests.test_dir, 'test.img')
28 class Secret:
29 def __init__(self, index):
30 self._id = "keysec" + str(index)
31 # you are not supposed to see the password...
32 self._secret = "hunter" + str(index)
34 def id(self):
35 return self._id
37 def secret(self):
38 return self._secret
40 def to_cmdline_object(self):
41 return [ "secret,id=" + self._id + ",data=" + self._secret]
43 def to_qmp_object(self):
44 return { "qom_type" : "secret", "id": self.id(),
45 "props": { "data": self.secret() } }
47 ################################################################################
48 class EncryptionSetupTestCase(iotests.QMPTestCase):
50 # test case startup
51 def setUp(self):
52 # start the VM
53 self.vm = iotests.VM()
54 self.vm.launch()
56 # create the secrets and load 'em into the VM
57 self.secrets = [ Secret(i) for i in range(0, 6) ]
58 for secret in self.secrets:
59 result = self.vm.qmp("object-add", **secret.to_qmp_object())
60 self.assert_qmp(result, 'return', {})
62 if iotests.imgfmt == "qcow2":
63 self.pfx = "encrypt."
64 self.img_opts = [ '-o', "encrypt.format=luks" ]
65 else:
66 self.pfx = ""
67 self.img_opts = []
69 # test case shutdown
70 def tearDown(self):
71 # stop the VM
72 self.vm.shutdown()
74 ###########################################################################
75 # create the encrypted block device
76 def createImg(self, file, secret):
78 iotests.qemu_img(
79 'create',
80 '--object', *secret.to_cmdline_object(),
81 '-f', iotests.imgfmt,
82 '-o', self.pfx + 'key-secret=' + secret.id(),
83 '-o', self.pfx + 'iter-time=10',
84 *self.img_opts,
85 file,
86 '1M')
88 ###########################################################################
89 # open an encrypted block device
90 def openImageQmp(self, id, file, secret, read_only = False):
92 encrypt_options = {
93 'key-secret' : secret.id()
94 }
96 if iotests.imgfmt == "qcow2":
97 encrypt_options = {
98 'encrypt': {
99 'format':'luks',
100 **encrypt_options
101 }
102 }
104 result = self.vm.qmp('blockdev-add', **
105 {
106 'driver': iotests.imgfmt,
107 'node-name': id,
108 'read-only': read_only,
110 **encrypt_options,
112 'file': {
113 'driver': 'file',
114 'filename': test_img,
115 }
116 }
117 )
118 self.assert_qmp(result, 'return', {})
120 # close the encrypted block device
121 def closeImageQmp(self, id):
122 result = self.vm.qmp('blockdev-del', **{ 'node-name': id })
123 self.assert_qmp(result, 'return', {})
125 ###########################################################################
126 # add a key to an encrypted block device
127 def addKeyQmp(self, id, new_secret, secret = None,
128 slot = None, force = False):
130 crypt_options = {
131 'state' : 'active',
132 'new-secret' : new_secret.id(),
133 'iter-time' : 10
134 }
136 if slot != None:
137 crypt_options['keyslot'] = slot
140 if secret != None:
141 crypt_options['secret'] = secret.id()
143 if iotests.imgfmt == "qcow2":
144 crypt_options['format'] = 'luks'
145 crypt_options = {
146 'encrypt': crypt_options
147 }
149 args = {
150 'node-name': id,
151 'job-id' : 'job_add_key',
152 'options' : {
153 'driver' : iotests.imgfmt,
154 **crypt_options
155 },
156 }
158 if force == True:
159 args['force'] = True
161 #TODO: check what jobs return
162 result = self.vm.qmp('x-blockdev-amend', **args)
163 assert result['return'] == {}
164 self.vm.run_job('job_add_key')
166 # erase a key from an encrypted block device
167 def eraseKeyQmp(self, id, old_secret = None, slot = None, force = False):
169 crypt_options = {
170 'state' : 'inactive',
171 }
173 if slot != None:
174 crypt_options['keyslot'] = slot
175 if old_secret != None:
176 crypt_options['old-secret'] = old_secret.id()
178 if iotests.imgfmt == "qcow2":
179 crypt_options['format'] = 'luks'
180 crypt_options = {
181 'encrypt': crypt_options
182 }
184 args = {
185 'node-name': id,
186 'job-id' : 'job_erase_key',
187 'options' : {
188 'driver' : iotests.imgfmt,
189 **crypt_options
190 },
191 }
193 if force == True:
194 args['force'] = True
196 result = self.vm.qmp('x-blockdev-amend', **args)
197 assert result['return'] == {}
198 self.vm.run_job('job_erase_key')
200 ###########################################################################
201 # create image, and change its key
202 def testChangeKey(self):
204 # create the image with secret0 and open it
205 self.createImg(test_img, self.secrets[0]);
206 self.openImageQmp("testdev", test_img, self.secrets[0])
208 # add key to slot 1
209 self.addKeyQmp("testdev", new_secret = self.secrets[1])
211 # add key to slot 5
212 self.addKeyQmp("testdev", new_secret = self.secrets[2], slot=5)
214 # erase key from slot 0
215 self.eraseKeyQmp("testdev", old_secret = self.secrets[0])
217 #reopen the image with secret1
218 self.closeImageQmp("testdev")
219 self.openImageQmp("testdev", test_img, self.secrets[1])
221 # close and erase the image for good
222 self.closeImageQmp("testdev")
223 os.remove(test_img)
225 # test that if we erase the old password,
226 # we can still change the encryption keys using 'old-secret'
227 def testOldPassword(self):
229 # create the image with secret0 and open it
230 self.createImg(test_img, self.secrets[0]);
231 self.openImageQmp("testdev", test_img, self.secrets[0])
233 # add key to slot 1
234 self.addKeyQmp("testdev", new_secret = self.secrets[1])
236 # erase key from slot 0
237 self.eraseKeyQmp("testdev", old_secret = self.secrets[0])
239 # this will fail as the old password is no longer valid
240 self.addKeyQmp("testdev", new_secret = self.secrets[2])
242 # this will work
243 self.addKeyQmp("testdev", new_secret = self.secrets[2], secret = self.secrets[1])
245 # close and erase the image for good
246 self.closeImageQmp("testdev")
247 os.remove(test_img)
249 def testUseForceLuke(self):
251 self.createImg(test_img, self.secrets[0]);
252 self.openImageQmp("testdev", test_img, self.secrets[0])
254 # Add bunch of secrets
255 self.addKeyQmp("testdev", new_secret = self.secrets[1], slot=4)
256 self.addKeyQmp("testdev", new_secret = self.secrets[4], slot=2)
258 # overwrite an active secret
259 self.addKeyQmp("testdev", new_secret = self.secrets[5], slot=2)
260 self.addKeyQmp("testdev", new_secret = self.secrets[5], slot=2, force=True)
262 self.addKeyQmp("testdev", new_secret = self.secrets[0])
264 # Now erase all the secrets
265 self.eraseKeyQmp("testdev", old_secret = self.secrets[5])
266 self.eraseKeyQmp("testdev", slot=4)
268 # erase last keyslot
269 self.eraseKeyQmp("testdev", old_secret = self.secrets[0])
270 self.eraseKeyQmp("testdev", old_secret = self.secrets[0], force=True)
272 self.closeImageQmp("testdev")
273 os.remove(test_img)
276 if __name__ == '__main__':
277 iotests.verify_working_luks()
278 # Encrypted formats support
279 iotests.activate_logging()
280 iotests.main(supported_fmts = ['qcow2', 'luks'])