qemu/tests
Daniel P. Berrange ac1d887849 crypto: add QCryptoSecret object class for password/key handling
Introduce a new QCryptoSecret object class which will be used
for providing passwords and keys to other objects which need
sensitive credentials.

The new object can provide secret values directly as properties,
or indirectly via a file. The latter includes support for file
descriptor passing syntax on UNIX platforms. Ordinarily passing
secret values directly as properties is insecure, since they
are visible in process listings, or in log files showing the
CLI args / QMP commands. It is possible to use AES-256-CBC to
encrypt the secret values though, in which case all that is
visible is the ciphertext.  For ad hoc developer testing though,
it is fine to provide the secrets directly without encryption
so this is not explicitly forbidden.

The anticipated scenario is that libvirtd will create a random
master key per QEMU instance (eg /var/run/libvirt/qemu/$VMNAME.key)
and will use that key to encrypt all passwords it provides to
QEMU via '-object secret,....'.  This avoids the need for libvirt
(or other mgmt apps) to worry about file descriptor passing.

It also makes life easier for people who are scripting the
management of QEMU, for whom FD passing is significantly more
complex.

Providing data inline (insecure, only for ad hoc dev testing)

  $QEMU -object secret,id=sec0,data=letmein

Providing data indirectly in raw format

  printf "letmein" > mypasswd.txt
  $QEMU -object secret,id=sec0,file=mypasswd.txt

Providing data indirectly in base64 format

  $QEMU -object secret,id=sec0,file=mykey.b64,format=base64

Providing data with encryption

  $QEMU -object secret,id=master0,file=mykey.b64,format=base64 \
        -object secret,id=sec0,data=[base64 ciphertext],\
	           keyid=master0,iv=[base64 IV],format=base64

Note that 'format' here refers to the format of the ciphertext
data. The decrypted data must always be in raw byte format.

More examples are shown in the updated docs.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18 16:25:08 +00:00
..
acpi-test-data
guest-debug tests/guest-debug: introduce basic gdbstub tests 2015-12-17 13:37:15 +00:00
image-fuzzer typofixes - v4 2015-09-11 10:45:43 +03:00
libqos libqos: add qemu-img presence check 2015-11-13 14:31:42 -05:00
multiboot
qapi-schema qapi: Detect base class loops 2015-12-17 08:21:29 +01:00
qemu-iotests blkdebug: Avoid '.' in enum values 2015-12-17 08:21:27 +01:00
rocker rocker: tests: don't need to specify master/self when setting vlans 2015-07-07 13:13:22 +01:00
tcg maint: remove unused include for signal.h 2015-09-11 10:21:38 +03:00
vmstate-static-checker-data
.gitignore crypto: add QCryptoSecret object class for password/key handling 2015-12-18 16:25:08 +00:00
ac97-test.c
ahci-test.c qtest/ahci: use raw format when qemu-img is absent 2015-11-13 14:31:43 -05:00
bios-tables-test.c maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
boot-order-test.c
check-block.sh
check-qdict.c check-qdict: Test cases for new functions 2015-06-12 16:58:06 +02:00
check-qfloat.c
check-qint.c
check-qjson.c check-qjson: Add test for JSON nesting depth limit 2015-11-26 09:18:38 +01:00
check-qlist.c
check-qom-interface.c
check-qom-proplist.c qom: Add a test case for complex property finalization 2015-11-18 21:13:49 +01:00
check-qstring.c
crypto-tls-x509-helpers.c crypto: fix leaks in TLS x509 helper functions 2015-11-18 14:56:58 +00:00
crypto-tls-x509-helpers.h crypto: add sanity checking of TLS x509 credentials 2015-09-15 15:05:09 +01:00
device-introspect-test.c qdev: Protect device-list-properties against broken devices 2015-10-09 15:25:57 +02:00
display-vga-test.c virtio-gpu: add to display-vga test 2015-07-07 11:23:18 +02:00
drive_del-test.c libqtest: New hmp() & friends 2015-10-09 15:25:57 +02:00
ds1338-test.c arm: imx25-pdk: Fix machine name 2015-10-16 11:14:53 +01:00
e1000-test.c tests: Use qtest_add_data_func() consistently 2015-06-19 10:29:14 +02:00
eepro100-test.c tests: Use qtest_add_data_func() consistently 2015-06-19 10:29:14 +02:00
endianness-test.c tests: Use qtest_add_data_func() consistently 2015-06-19 10:29:14 +02:00
es1370-test.c
fdc-test.c hw/block/fdc: Implement tray status 2015-10-23 18:18:23 +02:00
fw_cfg-test.c Implement fw_cfg DMA interface 2015-10-19 15:26:53 +02:00
hd-geo-test.c
i440fx-test.c tests/i44fx-test: No need for zeroing memory before memset 2015-11-06 15:42:38 +03:00
i82801b11-test.c
ide-test.c tests: Use proper functions types instead of void (*fn) 2015-12-04 18:25:42 +01:00
intel-hda-test.c
io-channel-helpers.c io: add QIOChannelSocket class 2015-12-18 12:18:31 +00:00
io-channel-helpers.h io: add QIOChannelSocket class 2015-12-18 12:18:31 +00:00
ioh3420-test.c
ipoctal232-test.c
ivshmem-test.c ivshmem: Rename property memdev to x-memdev for 2.5 2015-11-25 10:24:27 +01:00
libqtest.c tests: Use proper functions types instead of void (*fn) 2015-12-04 18:25:42 +01:00
libqtest.h tests: Use proper functions types instead of void (*fn) 2015-12-04 18:25:42 +01:00
m48t59-test.c
Makefile crypto: add QCryptoSecret object class for password/key handling 2015-12-18 16:25:08 +00:00
ne2000-test.c
nvme-test.c
pc-cpu-test.c tests: Use qtest_add_data_func() consistently 2015-06-19 10:29:14 +02:00
pcnet-test.c
pkix_asn1_tab.c crypto: add sanity checking of TLS x509 credentials 2015-09-15 15:05:09 +01:00
pvpanic-test.c
q35-test.c q35: add test for SMRAM.D_LCK 2015-06-05 19:45:09 +02:00
qemu-iotests-quick.sh
qom-test.c qom-test: Fix qmp() leaks 2015-12-04 18:29:31 +01:00
rcutorture.c
rtc-test.c
rtl8139-test.c rtl8139: remove muldiv64() 2015-09-25 14:53:29 +02:00
spapr-phb-test.c
tco-test.c tco-test: fix up config accesses and re-enable 2015-07-08 12:38:30 +03:00
test-aio.c test-aio: Fix event notifier cleanup 2015-11-25 14:27:43 +01:00
test-base64.c util: add base64 decoding function 2015-12-18 16:25:08 +00:00
test-bitops.c
test-blockjob-txn.c tests: add BlockJobTxn unit test 2015-11-12 16:22:44 +01:00
test-coroutine.c coroutine: move into libqemuutil.a library 2015-10-20 14:59:04 +01:00
test-crypto-cipher.c crypto: add sanity checking of plaintext/ciphertext length 2015-10-22 19:03:08 +01:00
test-crypto-hash.c crypto: introduce new module for computing hash digests 2015-07-07 12:04:07 +02:00
test-crypto-secret.c crypto: add QCryptoSecret object class for password/key handling 2015-12-18 16:25:08 +00:00
test-crypto-tlscredsx509.c crypto: add sanity checking of TLS x509 credentials 2015-09-15 15:05:09 +01:00
test-crypto-tlssession.c crypto: introduce new module for handling TLS sessions 2015-09-15 15:07:43 +01:00
test-cutils.c tests: add some qemu_strtosz() tests 2015-09-25 12:04:41 +02:00
test-hbitmap.c maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
test-int128.c
test-io-channel-buffer.c io: add QIOChannelBuffer class 2015-12-18 12:18:31 +00:00
test-io-channel-command.c io: add QIOChannelCommand class 2015-12-18 12:18:31 +00:00
test-io-channel-file.c io: add QIOChannelFile class 2015-12-18 12:18:31 +00:00
test-io-channel-socket.c io: add QIOChannelSocket class 2015-12-18 12:18:31 +00:00
test-io-channel-tls.c io: add QIOChannelTLS class 2015-12-18 12:18:31 +00:00
test-io-task.c io: add QIOTask class for async operations 2015-12-18 12:18:30 +00:00
test-iov.c
test-mul64.c
test-netfilter.c tests: add test cases for netfilter object 2015-10-12 13:34:32 +08:00
test-opts-visitor.c QemuOpts: Wean off qerror_report_err() 2015-06-22 18:20:39 +02:00
test-qdev-global-props.c
test-qemu-opts.c QemuOpts: Wean off qerror_report_err() 2015-06-22 18:20:39 +02:00
test-qga.c qga: Better mapping of SEEK_* in guest-file-seek 2015-11-25 17:56:45 -06:00
test-qmp-commands.c qapi: Fix c_name() munging 2015-12-17 08:21:27 +01:00
test-qmp-event.c qapi: Unbox base members 2015-11-02 08:30:26 +01:00
test-qmp-input-strict.c qapi: Simplify error cleanup in test-qmp-* 2015-11-10 08:08:21 +01:00
test-qmp-input-visitor.c qapi: Fix alternates that accept 'number' but not 'int' 2015-12-17 08:21:28 +01:00
test-qmp-output-visitor.c qapi: Simplify visiting of alternate types 2015-12-17 08:21:28 +01:00
test-rcu-list.c rcu: actually register threads that have RCU read-side critical sections 2015-07-24 13:57:45 +02:00
test-rfifolock.c
test-string-input-visitor.c
test-string-output-visitor.c qapi: Don't let implicit enum MAX member collide 2015-12-17 08:21:28 +01:00
test-thread-pool.c
test-throttle.c throttle: add throttle_max_is_missing_limit() test 2015-08-05 12:53:48 +01:00
test-timed-average.c util: Infrastructure for computing recent averages 2015-11-12 16:22:45 +01:00
test-visitor-serialization.c qapi: Simplify non-error testing in test-qmp-* 2015-11-09 16:45:05 +01:00
test-vmstate.c coroutine: move into libqemuutil.a library 2015-10-20 14:59:04 +01:00
test-write-threshold.c
test-x86-cpuid.c
test-xbzrle.c maint: remove unused include for strings.h 2015-09-11 10:21:38 +03:00
tmp105-test.c
tpci200-test.c
usb-hcd-ehci-test.c
usb-hcd-ohci-test.c
usb-hcd-uhci-test.c
usb-hcd-xhci-test.c
vhost-user-bridge.c tests/vhost-user-bridge.c: fix fd leakage 2015-12-02 19:27:26 +02:00
vhost-user-test.c tests: Use proper functions types instead of void (*fn) 2015-12-04 18:25:42 +01:00
virtio-9p-test.c
virtio-balloon-test.c
virtio-blk-test.c
virtio-console-test.c
virtio-net-test.c tests: test rx recovery from cont 2015-08-04 09:41:28 +01:00
virtio-rng-test.c
virtio-scsi-test.c virtio-scsi-test: Add test case for tail unaligned WRITE SAME 2015-07-30 15:44:49 +02:00
virtio-serial-test.c
vmxnet3-test.c
wdt_ib700-test.c timer: rename NSEC_PER_SEC due to Mac OS X header clash 2015-07-20 17:01:00 +01:00