tests/test-crypto-secret.c

   1 /*
   2  * QEMU Crypto secret handling
   3  *
   4  * Copyright (c) 2015 Red Hat, Inc.
   5  *
   6  * This library is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 2 of the License, or (at your option) any later version.
  10  *
  11  * This library is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public
  17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 #include "qemu/osdep.h"
  22 #include <glib.h>
  23
  24 #include "crypto/init.h"
  25 #include "crypto/secret.h"
  26
  27 static void test_secret_direct(void)
  28 {
  29     Object *sec = object_new_with_props(
  30         TYPE_QCRYPTO_SECRET,
  31         object_get_objects_root(),
  32         "sec0",
  33         &error_abort,
  34         "data", "123456",
  35         NULL);
  36
  37     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
  38                                              &error_abort);
  39
  40     g_assert_cmpstr(pw, ==, "123456");
  41
  42     object_unparent(sec);
  43     g_free(pw);
  44 }
  45
  46
  47 static void test_secret_indirect_good(void)
  48 {
  49     Object *sec;
  50     char *fname = NULL;
  51     int fd = g_file_open_tmp("secretXXXXXX",
  52                              &fname,
  53                              NULL);
  54
  55     g_assert(fd >= 0);
  56     g_assert_nonnull(fname);
  57
  58     g_assert(write(fd, "123456", 6) == 6);
  59
  60     sec = object_new_with_props(
  61         TYPE_QCRYPTO_SECRET,
  62         object_get_objects_root(),
  63         "sec0",
  64         &error_abort,
  65         "file", fname,
  66         NULL);
  67
  68     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
  69                                              &error_abort);
  70
  71     g_assert_cmpstr(pw, ==, "123456");
  72
  73     object_unparent(sec);
  74     g_free(pw);
  75     close(fd);
  76     g_free(fname);
  77 }
  78
  79
  80 static void test_secret_indirect_badfile(void)
  81 {
  82     Object *sec = object_new_with_props(
  83         TYPE_QCRYPTO_SECRET,
  84         object_get_objects_root(),
  85         "sec0",
  86         NULL,
  87         "file", "does-not-exist",
  88         NULL);
  89
  90     g_assert(sec == NULL);
  91 }
  92
  93
  94 static void test_secret_indirect_emptyfile(void)
  95 {
  96     Object *sec;
  97     char *fname = NULL;
  98     int fd = g_file_open_tmp("secretXXXXXX",
  99                              &fname,
 100                              NULL);
 101
 102     g_assert(fd >= 0);
 103     g_assert_nonnull(fname);
 104
 105     sec = object_new_with_props(
 106         TYPE_QCRYPTO_SECRET,
 107         object_get_objects_root(),
 108         "sec0",
 109         &error_abort,
 110         "file", fname,
 111         NULL);
 112
 113     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
 114                                              &error_abort);
 115
 116     g_assert_cmpstr(pw, ==, "");
 117
 118     object_unparent(sec);
 119     g_free(pw);
 120     close(fd);
 121     g_free(fname);
 122 }
 123
 124
 125 static void test_secret_noconv_base64_good(void)
 126 {
 127     Object *sec = object_new_with_props(
 128         TYPE_QCRYPTO_SECRET,
 129         object_get_objects_root(),
 130         "sec0",
 131         &error_abort,
 132         "data", "MTIzNDU2",
 133         "format", "base64",
 134         NULL);
 135
 136     char *pw = qcrypto_secret_lookup_as_base64("sec0",
 137                                                &error_abort);
 138
 139     g_assert_cmpstr(pw, ==, "MTIzNDU2");
 140
 141     object_unparent(sec);
 142     g_free(pw);
 143 }
 144
 145
 146 static void test_secret_noconv_base64_bad(void)
 147 {
 148     Object *sec = object_new_with_props(
 149         TYPE_QCRYPTO_SECRET,
 150         object_get_objects_root(),
 151         "sec0",
 152         NULL,
 153         "data", "MTI$NDU2",
 154         "format", "base64",
 155         NULL);
 156
 157     g_assert(sec == NULL);
 158 }
 159
 160
 161 static void test_secret_noconv_utf8(void)
 162 {
 163     Object *sec = object_new_with_props(
 164         TYPE_QCRYPTO_SECRET,
 165         object_get_objects_root(),
 166         "sec0",
 167         &error_abort,
 168         "data", "123456",
 169         "format", "raw",
 170         NULL);
 171
 172     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
 173                                              &error_abort);
 174
 175     g_assert_cmpstr(pw, ==, "123456");
 176
 177     object_unparent(sec);
 178     g_free(pw);
 179 }
 180
 181
 182 static void test_secret_conv_base64_utf8valid(void)
 183 {
 184     Object *sec = object_new_with_props(
 185         TYPE_QCRYPTO_SECRET,
 186         object_get_objects_root(),
 187         "sec0",
 188         &error_abort,
 189         "data", "MTIzNDU2",
 190         "format", "base64",
 191         NULL);
 192
 193     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
 194                                              &error_abort);
 195
 196     g_assert_cmpstr(pw, ==, "123456");
 197
 198     object_unparent(sec);
 199     g_free(pw);
 200 }
 201
 202
 203 static void test_secret_conv_base64_utf8invalid(void)
 204 {
 205     Object *sec = object_new_with_props(
 206         TYPE_QCRYPTO_SECRET,
 207         object_get_objects_root(),
 208         "sec0",
 209         &error_abort,
 210         "data", "f0VMRgIBAQAAAA==",
 211         "format", "base64",
 212         NULL);
 213
 214     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
 215                                              NULL);
 216     g_assert(pw == NULL);
 217
 218     object_unparent(sec);
 219 }
 220
 221
 222 static void test_secret_conv_utf8_base64(void)
 223 {
 224     Object *sec = object_new_with_props(
 225         TYPE_QCRYPTO_SECRET,
 226         object_get_objects_root(),
 227         "sec0",
 228         &error_abort,
 229         "data", "123456",
 230         NULL);
 231
 232     char *pw = qcrypto_secret_lookup_as_base64("sec0",
 233                                                &error_abort);
 234
 235     g_assert_cmpstr(pw, ==, "MTIzNDU2");
 236
 237     object_unparent(sec);
 238     g_free(pw);
 239 }
 240
 241
 242 static void test_secret_crypt_raw(void)
 243 {
 244     Object *master = object_new_with_props(
 245         TYPE_QCRYPTO_SECRET,
 246         object_get_objects_root(),
 247         "master",
 248         &error_abort,
 249         "data", "9miloPQCzGy+TL6aonfzVcptibCmCIhKzrnlfwiWivk=",
 250         "format", "base64",
 251         NULL);
 252     Object *sec = object_new_with_props(
 253         TYPE_QCRYPTO_SECRET,
 254         object_get_objects_root(),
 255         "sec0",
 256         &error_abort,
 257         "data",
 258         "\xCC\xBF\xF7\x09\x46\x19\x0B\x52\x2A\x3A\xB4\x6B\xCD\x7A\xB0\xB0",
 259         "format", "raw",
 260         "keyid", "master",
 261         "iv", "0I7Gw/TKuA+Old2W2apQ3g==",
 262         NULL);
 263
 264     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
 265                                              &error_abort);
 266
 267     g_assert_cmpstr(pw, ==, "123456");
 268
 269     object_unparent(sec);
 270     object_unparent(master);
 271     g_free(pw);
 272 }
 273
 274
 275 static void test_secret_crypt_base64(void)
 276 {
 277     Object *master = object_new_with_props(
 278         TYPE_QCRYPTO_SECRET,
 279         object_get_objects_root(),
 280         "master",
 281         &error_abort,
 282         "data", "9miloPQCzGy+TL6aonfzVcptibCmCIhKzrnlfwiWivk=",
 283         "format", "base64",
 284         NULL);
 285     Object *sec = object_new_with_props(
 286         TYPE_QCRYPTO_SECRET,
 287         object_get_objects_root(),
 288         "sec0",
 289         &error_abort,
 290         "data", "zL/3CUYZC1IqOrRrzXqwsA==",
 291         "format", "base64",
 292         "keyid", "master",
 293         "iv", "0I7Gw/TKuA+Old2W2apQ3g==",
 294         NULL);
 295
 296     char *pw = qcrypto_secret_lookup_as_utf8("sec0",
 297                                              &error_abort);
 298
 299     g_assert_cmpstr(pw, ==, "123456");
 300
 301     object_unparent(sec);
 302     object_unparent(master);
 303     g_free(pw);
 304 }
 305
 306
 307 static void test_secret_crypt_short_key(void)
 308 {
 309     Object *master = object_new_with_props(
 310         TYPE_QCRYPTO_SECRET,
 311         object_get_objects_root(),
 312         "master",
 313         &error_abort,
 314         "data", "9miloPQCzGy+TL6aonfzVc",
 315         "format", "base64",
 316         NULL);
 317     Object *sec = object_new_with_props(
 318         TYPE_QCRYPTO_SECRET,
 319         object_get_objects_root(),
 320         "sec0",
 321         NULL,
 322         "data", "zL/3CUYZC1IqOrRrzXqwsA==",
 323         "format", "raw",
 324         "keyid", "master",
 325         "iv", "0I7Gw/TKuA+Old2W2apQ3g==",
 326         NULL);
 327
 328     g_assert(sec == NULL);
 329     object_unparent(master);
 330 }
 331
 332
 333 static void test_secret_crypt_short_iv(void)
 334 {
 335     Object *master = object_new_with_props(
 336         TYPE_QCRYPTO_SECRET,
 337         object_get_objects_root(),
 338         "master",
 339         &error_abort,
 340         "data", "9miloPQCzGy+TL6aonfzVcptibCmCIhKzrnlfwiWivk=",
 341         "format", "base64",
 342         NULL);
 343     Object *sec = object_new_with_props(
 344         TYPE_QCRYPTO_SECRET,
 345         object_get_objects_root(),
 346         "sec0",
 347         NULL,
 348         "data", "zL/3CUYZC1IqOrRrzXqwsA==",
 349         "format", "raw",
 350         "keyid", "master",
 351         "iv", "0I7Gw/TKuA+Old2W2a",
 352         NULL);
 353
 354     g_assert(sec == NULL);
 355     object_unparent(master);
 356 }
 357
 358
 359 static void test_secret_crypt_missing_iv(void)
 360 {
 361     Object *master = object_new_with_props(
 362         TYPE_QCRYPTO_SECRET,
 363         object_get_objects_root(),
 364         "master",
 365         &error_abort,
 366         "data", "9miloPQCzGy+TL6aonfzVcptibCmCIhKzrnlfwiWivk=",
 367         "format", "base64",
 368         NULL);
 369     Object *sec = object_new_with_props(
 370         TYPE_QCRYPTO_SECRET,
 371         object_get_objects_root(),
 372         "sec0",
 373         NULL,
 374         "data", "zL/3CUYZC1IqOrRrzXqwsA==",
 375         "format", "raw",
 376         "keyid", "master",
 377         NULL);
 378
 379     g_assert(sec == NULL);
 380     object_unparent(master);
 381 }
 382
 383
 384 static void test_secret_crypt_bad_iv(void)
 385 {
 386     Object *master = object_new_with_props(
 387         TYPE_QCRYPTO_SECRET,
 388         object_get_objects_root(),
 389         "master",
 390         &error_abort,
 391         "data", "9miloPQCzGy+TL6aonfzVcptibCmCIhKzrnlfwiWivk=",
 392         "format", "base64",
 393         NULL);
 394     Object *sec = object_new_with_props(
 395         TYPE_QCRYPTO_SECRET,
 396         object_get_objects_root(),
 397         "sec0",
 398         NULL,
 399         "data", "zL/3CUYZC1IqOrRrzXqwsA==",
 400         "format", "raw",
 401         "keyid", "master",
 402         "iv", "0I7Gw/TK$$uA+Old2W2a",
 403         NULL);
 404
 405     g_assert(sec == NULL);
 406     object_unparent(master);
 407 }
 408
 409
 410 int main(int argc, char **argv)
 411 {
 412     module_call_init(MODULE_INIT_QOM);
 413     g_test_init(&argc, &argv, NULL);
 414
 415     g_assert(qcrypto_init(NULL) == 0);
 416
 417     g_test_add_func("/crypto/secret/direct",
 418                     test_secret_direct);
 419     g_test_add_func("/crypto/secret/indirect/good",
 420                     test_secret_indirect_good);
 421     g_test_add_func("/crypto/secret/indirect/badfile",
 422                     test_secret_indirect_badfile);
 423     g_test_add_func("/crypto/secret/indirect/emptyfile",
 424                     test_secret_indirect_emptyfile);
 425
 426     g_test_add_func("/crypto/secret/noconv/base64/good",
 427                     test_secret_noconv_base64_good);
 428     g_test_add_func("/crypto/secret/noconv/base64/bad",
 429                     test_secret_noconv_base64_bad);
 430     g_test_add_func("/crypto/secret/noconv/utf8",
 431                     test_secret_noconv_utf8);
 432     g_test_add_func("/crypto/secret/conv/base64/utf8valid",
 433                     test_secret_conv_base64_utf8valid);
 434     g_test_add_func("/crypto/secret/conv/base64/utf8invalid",
 435                     test_secret_conv_base64_utf8invalid);
 436     g_test_add_func("/crypto/secret/conv/utf8/base64",
 437                     test_secret_conv_utf8_base64);
 438
 439     g_test_add_func("/crypto/secret/crypt/raw",
 440                     test_secret_crypt_raw);
 441     g_test_add_func("/crypto/secret/crypt/base64",
 442                     test_secret_crypt_base64);
 443     g_test_add_func("/crypto/secret/crypt/shortkey",
 444                     test_secret_crypt_short_key);
 445     g_test_add_func("/crypto/secret/crypt/shortiv",
 446                     test_secret_crypt_short_iv);
 447     g_test_add_func("/crypto/secret/crypt/missingiv",
 448                     test_secret_crypt_missing_iv);
 449     g_test_add_func("/crypto/secret/crypt/badiv",
 450                     test_secret_crypt_bad_iv);
 451
 452     return g_test_run();
 453 }