projects / dragonfly.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
nrelease - fix/improve livecd
[dragonfly.git] / contrib / cryptsetup / tests / compat-test
... / ...
CommitLineData
1#!/usr/bin/env bash
2
3CRYPTSETUP=/sbin/cryptsetup
4
5LOOPDEV=/dev/vn1
6DEV_NAME=dummy
7DEV_NAME2=dummy2
8ORIG_IMG=luks-test-orig
9IMG=luks-test
10IMG1=luks-test1
11KEY1=key1
12
13LUKS_HEADER="S0-5 S6-7 S8-39 S40-71 S72-103 S104-107 S108-111 R112-131 R132-163 S164-167 S168-207 A0-591"
14KEY_SLOT0="S208-211 S212-215 R216-247 S248-251 S251-255"
15KEY_MATERIAL0="R4096-68096"
16KEY_MATERIAL0_EXT="R4096-68096"
17
18KEY_SLOT1="S256-259 S260-263 R264-295 S296-299 S300-303"
19KEY_MATERIAL1="R69632-133632"
20KEY_MATERIAL1_EXT="S69632-133632"
21
22function remove_mapping()
23{
24 [ -e /dev/mapper/$DEV_NAME2 ] && dmsetup remove $DEV_NAME2
25 [ -e /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
26 vnconfig -u $LOOPDEV >/dev/null 2>&1
27# losetup -d $LOOPDEV >/dev/null 2>&1
28 rm -f $ORIG_IMG $IMG $IMG1 $KEY1 >/dev/null 2>&1
29}
30
31function fail()
32{
33 echo "last ret: $?"
34 remove_mapping
35 echo "FAILED"
36 exit 2
37}
38
39function prepare()
40{
41 if [ $(id -u) != 0 ]; then
42 echo "WARNING: You must be root to run this test, test skipped."
43 exit 0
44 fi
45
46 [ -e /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
47
48 if [ ! -e $KEY1 ]; then
49 dd if=/dev/urandom of=$KEY1 count=1 bs=32 >/dev/null 2>&1
50 fi
51
52 if [ ! -e $IMG ]; then
53 bzip2 -cd compatimage.img.bz2 > $IMG
54 vnconfig -u $LOOPDEV >/dev/null 2>&1
55 vnconfig -S labels -T $LOOPDEV $IMG
56# losetup -d $LOOPDEV >/dev/null 2>&1
57# losetup $LOOPDEV $IMG
58 fi
59
60 cp $IMG $ORIG_IMG
61
62 echo "CASE: $1"
63}
64
65function check()
66{
67 sync
68 sync
69 sync
70 ./fileDiffer.py $IMG $ORIG_IMG $1|| fail
71}
72
73function check_exists()
74{
75 [ -e /dev/mapper/$DEV_NAME ] || fail
76 check $1
77}
78
79# LUKS tests
80
81prepare "[1] open - compat image - acceptance check"
82echo "compatkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
83check_exists
84
85prepare "[2] open - compat image - denial check"
86echo "wrongkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
87check
88
89# All headers items and first key material section must change
90prepare "[3] format"
91echo "key0" | $CRYPTSETUP -i 1000 -c aes-cbc-essiv:sha256 -s 128 luksFormat $LOOPDEV || fail
92check "$LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0"
93
94prepare "[4] format using hash sha512"
95echo "key0" | $CRYPTSETUP -i 1000 -h sha512 -c aes-cbc-essiv:sha256 -s 128 luksFormat $LOOPDEV || fail
96check "$LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0"
97
98prepare "[5] open"
99echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
100check_exists
101
102# Key Slot 1 and key material section 1 must change, the rest must not.
103prepare "[6] add key"
104echo -e "key0\nkey1" | $CRYPTSETUP luksAddKey $LOOPDEV || fail
105check "$KEY_SLOT1 $KEY_MATERIAL1"
106echo "key1" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
107
108# Unsuccessful Key Delete - nothing may change
109prepare "[7] unsuccessful delete"
110echo "invalid" | $CRYPTSETUP luksDelKey $LOOPDEV 1 && fail
111check
112
113# Delete Key Test
114# Key Slot 1 and key material section 1 must change, the rest must not
115prepare "[8] successful delete"
116$CRYPTSETUP -q luksDelKey $LOOPDEV 1 || fail
117check "$KEY_SLOT1 $KEY_MATERIAL1_EXT"
118echo "key1" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
119echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
120
121# Key Slot 1 and key material section 1 must change, the rest must not
122prepare "[9] add key test for key files"
123echo "key0" | $CRYPTSETUP luksAddKey $LOOPDEV $KEY1 || fail
124check "$KEY_SLOT1 $KEY_MATERIAL1"
125$CRYPTSETUP -d $KEY1 luksOpen $LOOPDEV $DEV_NAME || fail
126
127# Key Slot 1 and key material section 1 must change, the rest must not
128prepare "[10] delete key test with key1 as remaining key"
129$CRYPTSETUP -d $KEY1 luksDelKey $LOOPDEV 0 || fail
130check "$KEY_SLOT0 $KEY_MATERIAL0_EXT"
131echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
132$CRYPTSETUP luksOpen -d $KEY1 $LOOPDEV $DEV_NAME || fail
133
134# Delete last slot
135prepare "[11] delete last key"
136echo "key0" | $CRYPTSETUP luksFormat $LOOPDEV || fail
137echo "key0" | $CRYPTSETUP luksKillSlot $LOOPDEV 0 || fail
138echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
139
140# Format test for ESSIV, and some other parameters.
141prepare "[12] parameter variation test"
142$CRYPTSETUP -q -i 1000 -c aes-cbc-essiv:sha256 -s 128 luksFormat $LOOPDEV $KEY1 || fail
143check "$LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0"
144$CRYPTSETUP -d $KEY1 luksOpen $LOOPDEV $DEV_NAME || fail
145
146prepare "[13] open/close - stacked devices"
147echo "key0" | $CRYPTSETUP -q luksFormat $LOOPDEV || fail
148echo "key0" | $CRYPTSETUP -q luksOpen $LOOPDEV $DEV_NAME || fail
149echo "key0" | $CRYPTSETUP -q luksFormat /dev/mapper/$DEV_NAME || fail
150echo "key0" | $CRYPTSETUP -q luksOpen /dev/mapper/$DEV_NAME $DEV_NAME2 || fail
151$CRYPTSETUP -q luksClose $DEV_NAME2 || fail
152$CRYPTSETUP -q luksClose $DEV_NAME || fail
153
154prepare "[14] format/open - passphrase on stdin & new line"
155# stdin defined by "-" must take even newline
156echo -n $'foo\nbar' | $CRYPTSETUP -q luksFormat $LOOPDEV - || fail
157echo -n $'foo\nbar' | $CRYPTSETUP -q --key-file=- luksOpen $LOOPDEV $DEV_NAME || fail
158$CRYPTSETUP -q luksClose $DEV_NAME || fail
159echo -n $'foo\nbar' | $CRYPTSETUP -q luksOpen $LOOPDEV $DEV_NAME && fail
160# now also try --key-file
161echo -n $'foo\nbar' | $CRYPTSETUP -q luksFormat $LOOPDEV --key-file=- || fail
162echo -n $'foo\nbar' | $CRYPTSETUP -q --key-file=- luksOpen $LOOPDEV $DEV_NAME || fail
163$CRYPTSETUP -q luksClose $DEV_NAME || fail
164# process newline if from stdin
165echo -n $'foo\nbar' | $CRYPTSETUP -q luksFormat $LOOPDEV || fail
166echo 'foo' | $CRYPTSETUP -q luksOpen $LOOPDEV $DEV_NAME || fail
167$CRYPTSETUP -q luksClose $DEV_NAME || fail
168
169remove_mapping
170exit 0
DragonFly Project Source