summary refs log tree commit diff stats
path: root/tests/unit/test-crypto-cipher.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* crypto: report which ciphers are being skipped during testsDaniel P. Berrangé2024-03-191-0/+4
| | | | | | | | | | Since the ciphers can be dynamically disabled at runtime, when running unit tests it is helpful to report which ciphers we can skipped for testing. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: use error_abort for unexpected failuresDaniel P. Berrangé2024-03-191-2/+1
| | | | | | | | | | | | | | | | | | | This improves the error diagnosis from the unit test when a cipher is unexpected not available from ERROR:../tests/unit/test-crypto-cipher.c:683:test_cipher: assertion failed: (err == NULL) Bail out! ERROR:../tests/unit/test-crypto-cipher.c:683:test_cipher: assertion failed: (err == NULL) Aborted (core dumped) to Unexpected error in qcrypto_cipher_ctx_new() at ../crypto/cipher-gcrypt.c.inc:262: ./build//tests/unit/test-crypto-cipher: Cannot initialize cipher: Invalid cipher algorithm Aborted (core dumped) Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Introduce SM4 symmetric cipher algorithmHyman Huang2024-02-091-0/+13
| | | | | | | | | | | | | | | | Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016). SM4 (GBT.32907-2016) is a cryptographic standard issued by the Organization of State Commercial Administration of China (OSCCA) as an authorized cryptographic algorithms for the use within China. Detect the SM4 cipher algorithms and enable the feature silently if it is available. Signed-off-by: Hyman Huang <yong.huang@smartx.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: replace 'des-rfb' cipher with 'des'Daniel P. Berrangé2021-07-141-9/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the crypto layer exposes support for a 'des-rfb' algorithm which is just normal single-DES, with the bits in each key byte reversed. This special key munging is required by the RFB protocol password authentication mechanism. Since the crypto layer is generic shared code, it makes more sense to do the key byte munging in the VNC server code, and expose normal single-DES support. Replacing cipher 'des-rfb' by 'des' looks like an incompatible interface change, but it doesn't matter. While the QMP schema allows any QCryptoCipherAlgorithm for the 'cipher-alg' field in QCryptoBlockCreateOptionsLUKS, the code restricts what can be used at runtime. Thus the only effect is a change in error message. Original behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-rfb qemu-img: demo.luks: Algorithm 'des-rfb' not supported New behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-fish qemu-img: demo.luks: Invalid parameter 'des-rfb' Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: add crypto tests for single block DES-ECB and DES-CBCDaniel P. Berrangé2021-07-141-0/+23
| | | | | | | | | | | | | The GNUTLS crypto provider doesn't support DES-ECB, only DES-CBC. We can use the latter to simulate the former, if we encrypt only 1 block (8 bytes) of data at a time, using an all-zeros IV. This is a very inefficient way to use the QCryptoCipher APIs, but since the VNC authentication challenge is only 16 bytes, this is acceptable. No other part of QEMU should be using DES. This test case demonstrates the equivalence of ECB and CBC for the single-block case. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: remove conditional around 3DES crypto test casesDaniel P. Berrangé2021-07-141-2/+0
| | | | | | | | The main method checks whether the cipher choice is supported at runtime, so there is no need for compile time conditions. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* tests: Move unit tests into a separate directoryThomas Huth2021-03-121-0/+801
The main tests directory still looks very crowded, and it's not clear which files are part of a unit tests and which belong to a different test subsystem. Let's clean up the mess and move the unit tests to a separate directory. Message-Id: <20210310063314.1049838-1-thuth@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>