diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2015-10-23 12:09:02 +0100 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2015-10-23 12:09:02 +0100 |
| commit | 431429a5b802fccf2701c37f580307c6979f4c3e (patch) | |
| tree | a76c40935c736472607a783d2080caf3a241be37 /tests | |
| parent | dfbe0642ef8e643e7e41956c8ca97f1acc9464a9 (diff) | |
| parent | 90246037760a2a1d64da67782200b690de24cc49 (diff) | |
| download | qemu-431429a5b802fccf2701c37f580307c6979f4c3e.zip qemu-431429a5b802fccf2701c37f580307c6979f4c3e.tar.gz qemu-431429a5b802fccf2701c37f580307c6979f4c3e.tar.bz2 | |
Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-fixes-pull-20151022-2' into staging
Merge qcrypto-fixes 2015/10/22
# gpg: Signature made Thu 22 Oct 2015 19:03:45 BST using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>"
* remotes/berrange/tags/qcrypto-fixes-pull-20151022-2:
configure: avoid polluting global CFLAGS with tasn1 flags
crypto: add sanity checking of plaintext/ciphertext length
crypto: don't let builtin aes crash if no IV is provided
crypto: allow use of nettle/gcrypt to be selected explicitly
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/Makefile | 10 | ||||
| -rw-r--r-- | tests/test-crypto-cipher.c | 80 |
2 files changed, 88 insertions, 2 deletions
diff --git a/tests/Makefile b/tests/Makefile index 0531b30..9341498 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -444,8 +444,16 @@ tests/test-mul64$(EXESUF): tests/test-mul64.o $(test-util-obj-y) tests/test-bitops$(EXESUF): tests/test-bitops.o $(test-util-obj-y) tests/test-crypto-hash$(EXESUF): tests/test-crypto-hash.o $(test-crypto-obj-y) tests/test-crypto-cipher$(EXESUF): tests/test-crypto-cipher.o $(test-crypto-obj-y) + +tests/crypto-tls-x509-helpers.o-cflags := $(TASN1_CFLAGS) +tests/crypto-tls-x509-helpers.o-libs := $(TASN1_LIBS) +tests/pkix_asn1_tab.o-cflags := $(TASN1_CFLAGS) + +tests/test-crypto-tlscredsx509.o-cflags := $(TASN1_CFLAGS) tests/test-crypto-tlscredsx509$(EXESUF): tests/test-crypto-tlscredsx509.o \ tests/crypto-tls-x509-helpers.o tests/pkix_asn1_tab.o $(test-crypto-obj-y) + +tests/test-crypto-tlssession.o-cflags := $(TASN1_CFLAGS) tests/test-crypto-tlssession$(EXESUF): tests/test-crypto-tlssession.o \ tests/crypto-tls-x509-helpers.o tests/pkix_asn1_tab.o $(test-crypto-obj-y) @@ -518,8 +526,6 @@ tests/test-netfilter$(EXESUF): tests/test-netfilter.o $(qtest-obj-y) ifeq ($(CONFIG_POSIX),y) LIBS += -lutil endif -LIBS += $(TEST_LIBS) -CFLAGS += $(TEST_CFLAGS) # QTest rules diff --git a/tests/test-crypto-cipher.c b/tests/test-crypto-cipher.c index 9d38d26..f4946a0 100644 --- a/tests/test-crypto-cipher.c +++ b/tests/test-crypto-cipher.c @@ -287,6 +287,79 @@ static void test_cipher(const void *opaque) qcrypto_cipher_free(cipher); } + +static void test_cipher_null_iv(void) +{ + QCryptoCipher *cipher; + uint8_t key[32] = { 0 }; + uint8_t plaintext[32] = { 0 }; + uint8_t ciphertext[32] = { 0 }; + + cipher = qcrypto_cipher_new( + QCRYPTO_CIPHER_ALG_AES_256, + QCRYPTO_CIPHER_MODE_CBC, + key, sizeof(key), + &error_abort); + g_assert(cipher != NULL); + + /* Don't call qcrypto_cipher_setiv */ + + qcrypto_cipher_encrypt(cipher, + plaintext, + ciphertext, + sizeof(plaintext), + &error_abort); + + qcrypto_cipher_free(cipher); +} + +static void test_cipher_short_plaintext(void) +{ + Error *err = NULL; + QCryptoCipher *cipher; + uint8_t key[32] = { 0 }; + uint8_t plaintext1[20] = { 0 }; + uint8_t ciphertext1[20] = { 0 }; + uint8_t plaintext2[40] = { 0 }; + uint8_t ciphertext2[40] = { 0 }; + int ret; + + cipher = qcrypto_cipher_new( + QCRYPTO_CIPHER_ALG_AES_256, + QCRYPTO_CIPHER_MODE_CBC, + key, sizeof(key), + &error_abort); + g_assert(cipher != NULL); + + /* Should report an error as plaintext is shorter + * than block size + */ + ret = qcrypto_cipher_encrypt(cipher, + plaintext1, + ciphertext1, + sizeof(plaintext1), + &err); + g_assert(ret == -1); + g_assert(err != NULL); + + error_free(err); + err = NULL; + + /* Should report an error as plaintext is larger than + * block size, but not a multiple of block size + */ + ret = qcrypto_cipher_encrypt(cipher, + plaintext2, + ciphertext2, + sizeof(plaintext2), + &err); + g_assert(ret == -1); + g_assert(err != NULL); + + error_free(err); + qcrypto_cipher_free(cipher); +} + int main(int argc, char **argv) { size_t i; @@ -298,5 +371,12 @@ int main(int argc, char **argv) for (i = 0; i < G_N_ELEMENTS(test_data); i++) { g_test_add_data_func(test_data[i].path, &test_data[i], test_cipher); } + + g_test_add_func("/crypto/cipher/null-iv", + test_cipher_null_iv); + + g_test_add_func("/crypto/cipher/short-plaintext", + test_cipher_short_plaintext); + return g_test_run(); } |