From: Daniel P. Berrangé Date: Tue, 29 Jun 2021 12:09:16 +0000 (+0100) Subject: crypto: add crypto tests for single block DES-ECB and DES-CBC X-Git-Tag: v6.1.0-rc0~12^2~18 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f8157e100c0ed7c0b6ca98ce20c969e1f6dcb968;p=thirdparty%2Fqemu.git crypto: add crypto tests for single block DES-ECB and DES-CBC The GNUTLS crypto provider doesn't support DES-ECB, only DES-CBC. We can use the latter to simulate the former, if we encrypt only 1 block (8 bytes) of data at a time, using an all-zeros IV. This is a very inefficient way to use the QCryptoCipher APIs, but since the VNC authentication challenge is only 16 bytes, this is acceptable. No other part of QEMU should be using DES. This test case demonstrates the equivalence of ECB and CBC for the single-block case. Signed-off-by: Daniel P. Berrangé --- diff --git a/tests/unit/test-crypto-cipher.c b/tests/unit/test-crypto-cipher.c index fd0a8de34c5..7dca7b26e45 100644 --- a/tests/unit/test-crypto-cipher.c +++ b/tests/unit/test-crypto-cipher.c @@ -149,6 +149,29 @@ static QCryptoCipherTestData test_data[] = { "39f23369a9d9bacfa530e26304231461" "b2eb05e2c39be9fcda6c19078c6a9d1b", }, + { + /* + * Testing 'password' as plaintext fits + * in single AES block, and gives identical + * ciphertext in ECB and CBC modes + */ + .path = "/crypto/cipher/des-rfb-ecb-56-one-block", + .alg = QCRYPTO_CIPHER_ALG_DES_RFB, + .mode = QCRYPTO_CIPHER_MODE_ECB, + .key = "0123456789abcdef", + .plaintext = "70617373776f7264", + .ciphertext = "73fa80b66134e403", + }, + { + /* See previous comment */ + .path = "/crypto/cipher/des-rfb-cbc-56-one-block", + .alg = QCRYPTO_CIPHER_ALG_DES_RFB, + .mode = QCRYPTO_CIPHER_MODE_CBC, + .key = "0123456789abcdef", + .iv = "0000000000000000", + .plaintext = "70617373776f7264", + .ciphertext = "73fa80b66134e403", + }, { .path = "/crypto/cipher/des-rfb-ecb-56", .alg = QCRYPTO_CIPHER_ALG_DES_RFB,