1a2cd85f6SMaxim Levitsky#!/usr/bin/env python3 29dd003a9SVladimir Sementsov-Ogievskiy# group: rw 3a2cd85f6SMaxim Levitsky# 4a2cd85f6SMaxim Levitsky# Test case QMP's encrypted key management 5a2cd85f6SMaxim Levitsky# 6a2cd85f6SMaxim Levitsky# Copyright (C) 2019 Red Hat, Inc. 7a2cd85f6SMaxim Levitsky# 8a2cd85f6SMaxim Levitsky# This program is free software; you can redistribute it and/or modify 9a2cd85f6SMaxim Levitsky# it under the terms of the GNU General Public License as published by 10a2cd85f6SMaxim Levitsky# the Free Software Foundation; either version 2 of the License, or 11a2cd85f6SMaxim Levitsky# (at your option) any later version. 12a2cd85f6SMaxim Levitsky# 13a2cd85f6SMaxim Levitsky# This program is distributed in the hope that it will be useful, 14a2cd85f6SMaxim Levitsky# but WITHOUT ANY WARRANTY; without even the implied warranty of 15a2cd85f6SMaxim Levitsky# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16a2cd85f6SMaxim Levitsky# GNU General Public License for more details. 17a2cd85f6SMaxim Levitsky# 18a2cd85f6SMaxim Levitsky# You should have received a copy of the GNU General Public License 19a2cd85f6SMaxim Levitsky# along with this program. If not, see <http://www.gnu.org/licenses/>. 20a2cd85f6SMaxim Levitsky# 21a2cd85f6SMaxim Levitsky 22a2cd85f6SMaxim Levitskyimport iotests 23a2cd85f6SMaxim Levitskyimport os 24a2cd85f6SMaxim Levitskyimport time 25a2cd85f6SMaxim Levitskyimport json 26a2cd85f6SMaxim Levitsky 27a2cd85f6SMaxim Levitskytest_img = os.path.join(iotests.test_dir, 'test.img') 28a2cd85f6SMaxim Levitsky 29a2cd85f6SMaxim Levitskyclass Secret: 30a2cd85f6SMaxim Levitsky def __init__(self, index): 31a2cd85f6SMaxim Levitsky self._id = "keysec" + str(index) 32a2cd85f6SMaxim Levitsky # you are not supposed to see the password... 33a2cd85f6SMaxim Levitsky self._secret = "hunter" + str(index) 34a2cd85f6SMaxim Levitsky 35a2cd85f6SMaxim Levitsky def id(self): 36a2cd85f6SMaxim Levitsky return self._id 37a2cd85f6SMaxim Levitsky 38a2cd85f6SMaxim Levitsky def secret(self): 39a2cd85f6SMaxim Levitsky return self._secret 40a2cd85f6SMaxim Levitsky 41a2cd85f6SMaxim Levitsky def to_cmdline_object(self): 42a2cd85f6SMaxim Levitsky return [ "secret,id=" + self._id + ",data=" + self._secret] 43a2cd85f6SMaxim Levitsky 44a2cd85f6SMaxim Levitsky def to_qmp_object(self): 45a2cd85f6SMaxim Levitsky return { "qom_type" : "secret", "id": self.id(), 46fa818b2fSAlberto Garcia "data": self.secret() } 47a2cd85f6SMaxim Levitsky 48a2cd85f6SMaxim Levitsky################################################################################ 49a2cd85f6SMaxim Levitskyclass EncryptionSetupTestCase(iotests.QMPTestCase): 50a2cd85f6SMaxim Levitsky 51a2cd85f6SMaxim Levitsky # test case startup 52a2cd85f6SMaxim Levitsky def setUp(self): 53a2cd85f6SMaxim Levitsky # start the VM 54a2cd85f6SMaxim Levitsky self.vm = iotests.VM() 55a2cd85f6SMaxim Levitsky self.vm.launch() 56a2cd85f6SMaxim Levitsky 57a2cd85f6SMaxim Levitsky # create the secrets and load 'em into the VM 58a2cd85f6SMaxim Levitsky self.secrets = [ Secret(i) for i in range(0, 6) ] 59a2cd85f6SMaxim Levitsky for secret in self.secrets: 60*b6aed193SVladimir Sementsov-Ogievskiy self.vm.cmd("object-add", **secret.to_qmp_object()) 61a2cd85f6SMaxim Levitsky 62a2cd85f6SMaxim Levitsky if iotests.imgfmt == "qcow2": 63a2cd85f6SMaxim Levitsky self.pfx = "encrypt." 64a2cd85f6SMaxim Levitsky self.img_opts = [ '-o', "encrypt.format=luks" ] 65a2cd85f6SMaxim Levitsky else: 66a2cd85f6SMaxim Levitsky self.pfx = "" 67a2cd85f6SMaxim Levitsky self.img_opts = [] 68a2cd85f6SMaxim Levitsky 69a2cd85f6SMaxim Levitsky # test case shutdown 70a2cd85f6SMaxim Levitsky def tearDown(self): 71a2cd85f6SMaxim Levitsky # stop the VM 72a2cd85f6SMaxim Levitsky self.vm.shutdown() 73a2cd85f6SMaxim Levitsky 74a2cd85f6SMaxim Levitsky ########################################################################### 75a2cd85f6SMaxim Levitsky # create the encrypted block device 76a2cd85f6SMaxim Levitsky def createImg(self, file, secret): 77a2cd85f6SMaxim Levitsky 78a2cd85f6SMaxim Levitsky iotests.qemu_img( 79a2cd85f6SMaxim Levitsky 'create', 80a2cd85f6SMaxim Levitsky '--object', *secret.to_cmdline_object(), 81a2cd85f6SMaxim Levitsky '-f', iotests.imgfmt, 82a2cd85f6SMaxim Levitsky '-o', self.pfx + 'key-secret=' + secret.id(), 83a2cd85f6SMaxim Levitsky '-o', self.pfx + 'iter-time=10', 84a2cd85f6SMaxim Levitsky *self.img_opts, 85a2cd85f6SMaxim Levitsky file, 86a2cd85f6SMaxim Levitsky '1M') 87a2cd85f6SMaxim Levitsky 88a2cd85f6SMaxim Levitsky ########################################################################### 89a2cd85f6SMaxim Levitsky # open an encrypted block device 90a2cd85f6SMaxim Levitsky def openImageQmp(self, id, file, secret, read_only = False): 91a2cd85f6SMaxim Levitsky 92a2cd85f6SMaxim Levitsky encrypt_options = { 93a2cd85f6SMaxim Levitsky 'key-secret' : secret.id() 94a2cd85f6SMaxim Levitsky } 95a2cd85f6SMaxim Levitsky 96a2cd85f6SMaxim Levitsky if iotests.imgfmt == "qcow2": 97a2cd85f6SMaxim Levitsky encrypt_options = { 98a2cd85f6SMaxim Levitsky 'encrypt': { 99a2cd85f6SMaxim Levitsky 'format':'luks', 100a2cd85f6SMaxim Levitsky **encrypt_options 101a2cd85f6SMaxim Levitsky } 102a2cd85f6SMaxim Levitsky } 103a2cd85f6SMaxim Levitsky 104*b6aed193SVladimir Sementsov-Ogievskiy self.vm.cmd('blockdev-add', { 105a2cd85f6SMaxim Levitsky 'driver': iotests.imgfmt, 106a2cd85f6SMaxim Levitsky 'node-name': id, 107a2cd85f6SMaxim Levitsky 'read-only': read_only, 108a2cd85f6SMaxim Levitsky 109a2cd85f6SMaxim Levitsky **encrypt_options, 110a2cd85f6SMaxim Levitsky 111a2cd85f6SMaxim Levitsky 'file': { 112a2cd85f6SMaxim Levitsky 'driver': 'file', 113a2cd85f6SMaxim Levitsky 'filename': test_img, 114a2cd85f6SMaxim Levitsky } 115a2cd85f6SMaxim Levitsky } 116a2cd85f6SMaxim Levitsky ) 117a2cd85f6SMaxim Levitsky 118a2cd85f6SMaxim Levitsky # close the encrypted block device 119a2cd85f6SMaxim Levitsky def closeImageQmp(self, id): 120*b6aed193SVladimir Sementsov-Ogievskiy self.vm.cmd('blockdev-del', {'node-name': id}) 121a2cd85f6SMaxim Levitsky 122a2cd85f6SMaxim Levitsky ########################################################################### 123a2cd85f6SMaxim Levitsky # add a key to an encrypted block device 124a2cd85f6SMaxim Levitsky def addKeyQmp(self, id, new_secret, secret = None, 125a2cd85f6SMaxim Levitsky slot = None, force = False): 126a2cd85f6SMaxim Levitsky 127a2cd85f6SMaxim Levitsky crypt_options = { 128a2cd85f6SMaxim Levitsky 'state' : 'active', 129a2cd85f6SMaxim Levitsky 'new-secret' : new_secret.id(), 130a2cd85f6SMaxim Levitsky 'iter-time' : 10 131a2cd85f6SMaxim Levitsky } 132a2cd85f6SMaxim Levitsky 133a2cd85f6SMaxim Levitsky if slot != None: 134a2cd85f6SMaxim Levitsky crypt_options['keyslot'] = slot 135a2cd85f6SMaxim Levitsky 136a2cd85f6SMaxim Levitsky 137a2cd85f6SMaxim Levitsky if secret != None: 138a2cd85f6SMaxim Levitsky crypt_options['secret'] = secret.id() 139a2cd85f6SMaxim Levitsky 140a2cd85f6SMaxim Levitsky if iotests.imgfmt == "qcow2": 141a2cd85f6SMaxim Levitsky crypt_options['format'] = 'luks' 142a2cd85f6SMaxim Levitsky crypt_options = { 143a2cd85f6SMaxim Levitsky 'encrypt': crypt_options 144a2cd85f6SMaxim Levitsky } 145a2cd85f6SMaxim Levitsky 146a2cd85f6SMaxim Levitsky args = { 147a2cd85f6SMaxim Levitsky 'node-name': id, 148a2cd85f6SMaxim Levitsky 'job-id' : 'job_add_key', 149a2cd85f6SMaxim Levitsky 'options' : { 150a2cd85f6SMaxim Levitsky 'driver' : iotests.imgfmt, 151a2cd85f6SMaxim Levitsky **crypt_options 152a2cd85f6SMaxim Levitsky }, 153a2cd85f6SMaxim Levitsky } 154a2cd85f6SMaxim Levitsky 155a2cd85f6SMaxim Levitsky if force == True: 156a2cd85f6SMaxim Levitsky args['force'] = True 157a2cd85f6SMaxim Levitsky 158a2cd85f6SMaxim Levitsky #TODO: check what jobs return 159*b6aed193SVladimir Sementsov-Ogievskiy self.vm.cmd('x-blockdev-amend', **args) 160a2cd85f6SMaxim Levitsky self.vm.run_job('job_add_key') 161a2cd85f6SMaxim Levitsky 162a2cd85f6SMaxim Levitsky # erase a key from an encrypted block device 163a2cd85f6SMaxim Levitsky def eraseKeyQmp(self, id, old_secret = None, slot = None, force = False): 164a2cd85f6SMaxim Levitsky 165a2cd85f6SMaxim Levitsky crypt_options = { 166a2cd85f6SMaxim Levitsky 'state' : 'inactive', 167a2cd85f6SMaxim Levitsky } 168a2cd85f6SMaxim Levitsky 169a2cd85f6SMaxim Levitsky if slot != None: 170a2cd85f6SMaxim Levitsky crypt_options['keyslot'] = slot 171a2cd85f6SMaxim Levitsky if old_secret != None: 172a2cd85f6SMaxim Levitsky crypt_options['old-secret'] = old_secret.id() 173a2cd85f6SMaxim Levitsky 174a2cd85f6SMaxim Levitsky if iotests.imgfmt == "qcow2": 175a2cd85f6SMaxim Levitsky crypt_options['format'] = 'luks' 176a2cd85f6SMaxim Levitsky crypt_options = { 177a2cd85f6SMaxim Levitsky 'encrypt': crypt_options 178a2cd85f6SMaxim Levitsky } 179a2cd85f6SMaxim Levitsky 180a2cd85f6SMaxim Levitsky args = { 181a2cd85f6SMaxim Levitsky 'node-name': id, 182a2cd85f6SMaxim Levitsky 'job-id' : 'job_erase_key', 183a2cd85f6SMaxim Levitsky 'options' : { 184a2cd85f6SMaxim Levitsky 'driver' : iotests.imgfmt, 185a2cd85f6SMaxim Levitsky **crypt_options 186a2cd85f6SMaxim Levitsky }, 187a2cd85f6SMaxim Levitsky } 188a2cd85f6SMaxim Levitsky 189a2cd85f6SMaxim Levitsky if force == True: 190a2cd85f6SMaxim Levitsky args['force'] = True 191a2cd85f6SMaxim Levitsky 192*b6aed193SVladimir Sementsov-Ogievskiy self.vm.cmd('x-blockdev-amend', **args) 193a2cd85f6SMaxim Levitsky self.vm.run_job('job_erase_key') 194a2cd85f6SMaxim Levitsky 195a2cd85f6SMaxim Levitsky ########################################################################### 196a2cd85f6SMaxim Levitsky # create image, and change its key 197a2cd85f6SMaxim Levitsky def testChangeKey(self): 198a2cd85f6SMaxim Levitsky 199a2cd85f6SMaxim Levitsky # create the image with secret0 and open it 200a2cd85f6SMaxim Levitsky self.createImg(test_img, self.secrets[0]); 201a2cd85f6SMaxim Levitsky self.openImageQmp("testdev", test_img, self.secrets[0]) 202a2cd85f6SMaxim Levitsky 203a2cd85f6SMaxim Levitsky # add key to slot 1 204a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[1]) 205a2cd85f6SMaxim Levitsky 206a2cd85f6SMaxim Levitsky # add key to slot 5 207a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[2], slot=5) 208a2cd85f6SMaxim Levitsky 209a2cd85f6SMaxim Levitsky # erase key from slot 0 210a2cd85f6SMaxim Levitsky self.eraseKeyQmp("testdev", old_secret = self.secrets[0]) 211a2cd85f6SMaxim Levitsky 212a2cd85f6SMaxim Levitsky #reopen the image with secret1 213a2cd85f6SMaxim Levitsky self.closeImageQmp("testdev") 214a2cd85f6SMaxim Levitsky self.openImageQmp("testdev", test_img, self.secrets[1]) 215a2cd85f6SMaxim Levitsky 216a2cd85f6SMaxim Levitsky # close and erase the image for good 217a2cd85f6SMaxim Levitsky self.closeImageQmp("testdev") 218a2cd85f6SMaxim Levitsky os.remove(test_img) 219a2cd85f6SMaxim Levitsky 220a2cd85f6SMaxim Levitsky # test that if we erase the old password, 221a2cd85f6SMaxim Levitsky # we can still change the encryption keys using 'old-secret' 222a2cd85f6SMaxim Levitsky def testOldPassword(self): 223a2cd85f6SMaxim Levitsky 224a2cd85f6SMaxim Levitsky # create the image with secret0 and open it 225a2cd85f6SMaxim Levitsky self.createImg(test_img, self.secrets[0]); 226a2cd85f6SMaxim Levitsky self.openImageQmp("testdev", test_img, self.secrets[0]) 227a2cd85f6SMaxim Levitsky 228a2cd85f6SMaxim Levitsky # add key to slot 1 229a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[1]) 230a2cd85f6SMaxim Levitsky 231a2cd85f6SMaxim Levitsky # erase key from slot 0 232a2cd85f6SMaxim Levitsky self.eraseKeyQmp("testdev", old_secret = self.secrets[0]) 233a2cd85f6SMaxim Levitsky 234a2cd85f6SMaxim Levitsky # this will fail as the old password is no longer valid 235a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[2]) 236a2cd85f6SMaxim Levitsky 237a2cd85f6SMaxim Levitsky # this will work 238a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[2], secret = self.secrets[1]) 239a2cd85f6SMaxim Levitsky 240a2cd85f6SMaxim Levitsky # close and erase the image for good 241a2cd85f6SMaxim Levitsky self.closeImageQmp("testdev") 242a2cd85f6SMaxim Levitsky os.remove(test_img) 243a2cd85f6SMaxim Levitsky 244a2cd85f6SMaxim Levitsky def testUseForceLuke(self): 245a2cd85f6SMaxim Levitsky 246a2cd85f6SMaxim Levitsky self.createImg(test_img, self.secrets[0]); 247a2cd85f6SMaxim Levitsky self.openImageQmp("testdev", test_img, self.secrets[0]) 248a2cd85f6SMaxim Levitsky 249a2cd85f6SMaxim Levitsky # Add bunch of secrets 250a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[1], slot=4) 251a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[4], slot=2) 252a2cd85f6SMaxim Levitsky 253a2cd85f6SMaxim Levitsky # overwrite an active secret 254a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[5], slot=2) 255a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[5], slot=2, force=True) 256a2cd85f6SMaxim Levitsky 257a2cd85f6SMaxim Levitsky self.addKeyQmp("testdev", new_secret = self.secrets[0]) 258a2cd85f6SMaxim Levitsky 259a2cd85f6SMaxim Levitsky # Now erase all the secrets 260a2cd85f6SMaxim Levitsky self.eraseKeyQmp("testdev", old_secret = self.secrets[5]) 261a2cd85f6SMaxim Levitsky self.eraseKeyQmp("testdev", slot=4) 262a2cd85f6SMaxim Levitsky 263a2cd85f6SMaxim Levitsky # erase last keyslot 264a2cd85f6SMaxim Levitsky self.eraseKeyQmp("testdev", old_secret = self.secrets[0]) 265a2cd85f6SMaxim Levitsky self.eraseKeyQmp("testdev", old_secret = self.secrets[0], force=True) 266a2cd85f6SMaxim Levitsky 267a2cd85f6SMaxim Levitsky self.closeImageQmp("testdev") 268a2cd85f6SMaxim Levitsky os.remove(test_img) 269a2cd85f6SMaxim Levitsky 270a2cd85f6SMaxim Levitsky 271a2cd85f6SMaxim Levitskyif __name__ == '__main__': 272a2cd85f6SMaxim Levitsky iotests.verify_working_luks() 273a2cd85f6SMaxim Levitsky # Encrypted formats support 274a2cd85f6SMaxim Levitsky iotests.activate_logging() 275a2cd85f6SMaxim Levitsky iotests.main(supported_fmts = ['qcow2', 'luks']) 276