From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Richard W . M . Jones" <rjones@redhat.com>
Subject: [PULL 20/20] crypto: add test cases for many malformed LUKS header scenarios
Date: Thu, 27 Oct 2022 18:31:03 +0100 [thread overview]
Message-ID: <20221027173103.299479-21-berrange@redhat.com> (raw)
In-Reply-To: <20221027173103.299479-1-berrange@redhat.com>
Validate that we diagnose each malformed LUKS header scenario with a
distinct error report.
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
tests/unit/test-crypto-block.c | 299 +++++++++++++++++++++++++++++++++
1 file changed, 299 insertions(+)
diff --git a/tests/unit/test-crypto-block.c b/tests/unit/test-crypto-block.c
index 3d50eb4b6e..b629e240a9 100644
--- a/tests/unit/test-crypto-block.c
+++ b/tests/unit/test-crypto-block.c
@@ -22,6 +22,7 @@
#include "qapi/error.h"
#include "crypto/init.h"
#include "crypto/block.h"
+#include "crypto/block-luks-priv.h"
#include "qemu/buffer.h"
#include "qemu/module.h"
#include "crypto/secret.h"
@@ -345,6 +346,230 @@ static void test_block(gconstpointer opaque)
}
+#ifdef TEST_LUKS
+typedef const char *(*LuksHeaderDoBadStuff)(QCryptoBlockLUKSHeader *hdr);
+
+static void
+test_luks_bad_header(gconstpointer data)
+{
+ LuksHeaderDoBadStuff badstuff = data;
+ QCryptoBlock *blk;
+ Buffer buf;
+ Object *sec = test_block_secret();
+ QCryptoBlockLUKSHeader hdr;
+ Error *err = NULL;
+ const char *msg;
+
+ memset(&buf, 0, sizeof(buf));
+ buffer_init(&buf, "header");
+
+ /* Correctly create the volume initially */
+ blk = qcrypto_block_create(&luks_create_opts_default, NULL,
+ test_block_init_func,
+ test_block_write_func,
+ &buf,
+ &error_abort);
+ g_assert(blk);
+
+ qcrypto_block_free(blk);
+
+ /* Mangle it in some unpleasant way */
+ g_assert(buf.offset >= sizeof(hdr));
+ memcpy(&hdr, buf.buffer, sizeof(hdr));
+ qcrypto_block_luks_to_disk_endian(&hdr);
+
+ msg = badstuff(&hdr);
+
+ qcrypto_block_luks_from_disk_endian(&hdr);
+ memcpy(buf.buffer, &hdr, sizeof(hdr));
+
+ /* Check that we fail to open it again */
+ blk = qcrypto_block_open(&luks_open_opts, NULL,
+ test_block_read_func,
+ &buf,
+ 0,
+ 1,
+ &err);
+ g_assert(!blk);
+ g_assert(err);
+
+ g_assert_cmpstr(error_get_pretty(err), ==, msg);
+ error_free(err);
+
+ object_unparent(sec);
+
+ buffer_free(&buf);
+}
+
+static const char *luks_bad_null_term_cipher_name(QCryptoBlockLUKSHeader *hdr)
+{
+ /* Replace NUL termination with spaces */
+ char *offset = hdr->cipher_name + strlen(hdr->cipher_name);
+ memset(offset, ' ', sizeof(hdr->cipher_name) - (offset - hdr->cipher_name));
+
+ return "LUKS header cipher name is not NUL terminated";
+}
+
+static const char *luks_bad_null_term_cipher_mode(QCryptoBlockLUKSHeader *hdr)
+{
+ /* Replace NUL termination with spaces */
+ char *offset = hdr->cipher_mode + strlen(hdr->cipher_mode);
+ memset(offset, ' ', sizeof(hdr->cipher_mode) - (offset - hdr->cipher_mode));
+
+ return "LUKS header cipher mode is not NUL terminated";
+}
+
+static const char *luks_bad_null_term_hash_spec(QCryptoBlockLUKSHeader *hdr)
+{
+ /* Replace NUL termination with spaces */
+ char *offset = hdr->hash_spec + strlen(hdr->hash_spec);
+ memset(offset, ' ', sizeof(hdr->hash_spec) - (offset - hdr->hash_spec));
+
+ return "LUKS header hash spec is not NUL terminated";
+}
+
+static const char *luks_bad_cipher_name_empty(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_name, "", 1);
+
+ return "Algorithm '' with key size 32 bytes not supported";
+}
+
+static const char *luks_bad_cipher_name_unknown(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_name, "aess", 5);
+
+ return "Algorithm 'aess' with key size 32 bytes not supported";
+}
+
+static const char *luks_bad_cipher_xts_size(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->master_key_len = 33;
+
+ return "XTS cipher key length should be a multiple of 2";
+}
+
+static const char *luks_bad_cipher_cbc_size(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->master_key_len = 33;
+ memcpy(hdr->cipher_mode, "cbc-essiv", 10);
+
+ return "Algorithm 'aes' with key size 33 bytes not supported";
+}
+
+static const char *luks_bad_cipher_mode_empty(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "", 1);
+
+ return "Unexpected cipher mode string format ''";
+}
+
+static const char *luks_bad_cipher_mode_unknown(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "xfs", 4);
+
+ return "Unexpected cipher mode string format 'xfs'";
+}
+
+static const char *luks_bad_ivgen_separator(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "xts:plain64", 12);
+
+ return "Unexpected cipher mode string format 'xts:plain64'";
+}
+
+static const char *luks_bad_ivgen_name_empty(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "xts-", 5);
+
+ return "IV generator '' not supported";
+}
+
+static const char *luks_bad_ivgen_name_unknown(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "xts-plain65", 12);
+
+ return "IV generator 'plain65' not supported";
+}
+
+static const char *luks_bad_ivgen_hash_empty(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "xts-plain65:", 13);
+
+ return "Hash algorithm '' not supported";
+}
+
+static const char *luks_bad_ivgen_hash_unknown(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->cipher_mode, "xts-plain65:sha257", 19);
+
+ return "Hash algorithm 'sha257' not supported";
+}
+
+static const char *luks_bad_hash_spec_empty(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->hash_spec, "", 1);
+
+ return "Hash algorithm '' not supported";
+}
+
+static const char *luks_bad_hash_spec_unknown(QCryptoBlockLUKSHeader *hdr)
+{
+ memcpy(hdr->hash_spec, "sha2566", 8);
+
+ return "Hash algorithm 'sha2566' not supported";
+}
+
+static const char *luks_bad_stripes(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->key_slots[0].stripes = 3999;
+
+ return "Keyslot 0 is corrupted (stripes 3999 != 4000)";
+}
+
+static const char *luks_bad_key_overlap_header(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->key_slots[0].key_offset_sector = 2;
+
+ return "Keyslot 0 is overlapping with the LUKS header";
+}
+
+static const char *luks_bad_key_overlap_key(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->key_slots[0].key_offset_sector = hdr->key_slots[1].key_offset_sector;
+
+ return "Keyslots 0 and 1 are overlapping in the header";
+}
+
+static const char *luks_bad_key_overlap_payload(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->key_slots[0].key_offset_sector = hdr->payload_offset_sector + 42;
+
+ return "Keyslot 0 is overlapping with the encrypted payload";
+}
+
+static const char *luks_bad_payload_overlap_header(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->payload_offset_sector = 2;
+
+ return "LUKS payload is overlapping with the header";
+}
+
+static const char *luks_bad_key_iterations(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->key_slots[0].iterations = 0;
+
+ return "Keyslot 0 iteration count is zero";
+}
+
+static const char *luks_bad_iterations(QCryptoBlockLUKSHeader *hdr)
+{
+ hdr->master_key_iterations = 0;
+
+ return "LUKS key iteration count is zero";
+}
+#endif
+
int main(int argc, char **argv)
{
gsize i;
@@ -365,5 +590,79 @@ int main(int argc, char **argv)
}
}
+#ifdef TEST_LUKS
+ if (g_test_slow()) {
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-name-nul-term",
+ luks_bad_null_term_cipher_name,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-mode-nul-term",
+ luks_bad_null_term_cipher_mode,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/hash-spec-nul-term",
+ luks_bad_null_term_hash_spec,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-name-empty",
+ luks_bad_cipher_name_empty,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-name-unknown",
+ luks_bad_cipher_name_unknown,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-xts-size",
+ luks_bad_cipher_xts_size,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-cbc-size",
+ luks_bad_cipher_cbc_size,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-mode-empty",
+ luks_bad_cipher_mode_empty,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/cipher-mode-unknown",
+ luks_bad_cipher_mode_unknown,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/ivgen-separator",
+ luks_bad_ivgen_separator,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/ivgen-name-empty",
+ luks_bad_ivgen_name_empty,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/ivgen-name-unknown",
+ luks_bad_ivgen_name_unknown,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/ivgen-hash-empty",
+ luks_bad_ivgen_hash_empty,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/ivgen-hash-unknown",
+ luks_bad_ivgen_hash_unknown,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/hash-spec-empty",
+ luks_bad_hash_spec_empty,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/hash-spec-unknown",
+ luks_bad_hash_spec_unknown,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/stripes",
+ luks_bad_stripes,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/key-overlap-header",
+ luks_bad_key_overlap_header,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/key-overlap-key",
+ luks_bad_key_overlap_key,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/key-overlap-payload",
+ luks_bad_key_overlap_payload,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/payload-overlap-header",
+ luks_bad_payload_overlap_header,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/iterations",
+ luks_bad_iterations,
+ test_luks_bad_header);
+ g_test_add_data_func("/crypto/block/luks/bad/key-iterations",
+ luks_bad_key_iterations,
+ test_luks_bad_header);
+ }
+#endif
+
return g_test_run();
}
--
2.37.3
next prev parent reply other threads:[~2022-10-27 17:38 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-27 17:30 [PULL 00/20] Crypto and I/O patches Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 01/20] crypto/luks: Support creating LUKS image on Darwin Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 02/20] util/qemu-sockets: Use g_get_tmp_dir() to get the directory for temporary files Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 03/20] io/channel-watch: Drop a superfluous '#ifdef WIN32' Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 04/20] io/channel-watch: Drop the unnecessary cast Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 05/20] io/channel-watch: Fix socket watch on Windows Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 06/20] seccomp: Get actual errno value from failed seccomp functions Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 07/20] scripts: check if .git exists before checking submodule status Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 08/20] crypto: check for and report errors setting PSK credentials Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 09/20] tests: avoid DOS line endings in PSK file Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 10/20] crypto: sanity check that LUKS header strings are NUL-terminated Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 11/20] crypto: enforce that LUKS stripes is always a fixed value Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 12/20] crypto: enforce that key material doesn't overlap with LUKS header Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 13/20] crypto: validate that LUKS payload doesn't overlap with header Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 14/20] crypto: strengthen the check for key slots overlapping with LUKS header Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 15/20] crypto: check that LUKS PBKDF2 iterations count is non-zero Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 16/20] crypto: split LUKS header definitions off into file Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 17/20] crypto: split off helpers for converting LUKS header endianess Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 18/20] crypto: quote algorithm names in error messages Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 19/20] crypto: ensure LUKS tests run with GNUTLS crypto provider Daniel P. Berrangé
2022-10-27 17:31 ` Daniel P. Berrangé [this message]
2022-10-31 10:13 ` [PULL 00/20] Crypto and I/O patches Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221027173103.299479-21-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rjones@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).