18
20
KEY_MATERIAL1="R69632-133632"
19
21
KEY_MATERIAL1_EXT="S69632-133632"
23
KEY_SLOT5="S448-451 S452-455 R456-487 A488-491 A492-495"
24
KEY_MATERIAL5="R331776-395264"
25
KEY_MATERIAL5_EXT="S331776-395264"
21
27
TEST_UUID="12345678-1234-1234-1234-123456789abc"
23
29
LOOPDEV=$(losetup -f 2>/dev/null)
25
31
function remove_mapping()
33
[ -b /dev/mapper/$DEV_NAME3 ] && dmsetup remove $DEV_NAME3
27
34
[ -b /dev/mapper/$DEV_NAME2 ] && dmsetup remove $DEV_NAME2
28
35
[ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
29
36
losetup -d $LOOPDEV >/dev/null 2>&1
30
rm -f $ORIG_IMG $IMG $KEY1 $KEY2 >/dev/null 2>&1
37
rm -f $ORIG_IMG $IMG $KEY1 $KEY2 $KEY5 >/dev/null 2>&1
42
[ -n "$1" ] && echo "$1"
107
function valgrind_setup()
109
which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind"
111
CRYPTSETUP_BIN=$($CRYPTSETUP --lt-debug --version 2>&1 \
112
| grep "newargv\[0\]" \
113
| sed 's/.*newargv\[0\]\:[[:space:]]\+\(.*\)$/\1/g')
114
[ -z "$CRYPTSETUP_BIN" ] && fail "Unable to get location of cryptsetup executable."
115
export LD_LIBRARY_PATH="../lib/.libs:$LD_LIBRARY_PATH"
118
function valgrind_run()
120
INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_BIN} "$@"
95
123
[ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped."
96
124
[ -z "$LOOPDEV" ] && skip "Cannot find free loop device, test skipped."
126
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
100
131
prepare "[1] open - compat image - acceptance check" new
101
132
echo "compatkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
134
ORG_SHA1=$(sha1sum -b /dev/mapper/$DEV_NAME | cut -f 1 -d' ')
135
[ "$ORG_SHA1" = 676062b66ebf36669dab705442ea0762dfc091b0 ] || fail
104
137
prepare "[2] open - compat image - denial check" new
105
138
echo "wrongkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME 2>/dev/null && fail
354
390
echo "key01" | $CRYPTSETUP luksRemoveKey $LOOPDEV -d 4 2>/dev/null && fail
355
391
echo -e "key0\n" | $CRYPTSETUP luksRemoveKey $LOOPDEV -d- -l 4 || fail
393
prepare "[25] Create non-overlapping segments" wipe
394
echo "key0" | $CRYPTSETUP create $DEV_NAME $LOOPDEV --hash sha1 --offset 0 --size 256 || fail
395
echo "key0" | $CRYPTSETUP create $DEV_NAME2 $LOOPDEV --hash sha1 --offset 512 --size 256 2>/dev/null && fail
396
echo "key0" | $CRYPTSETUP create $DEV_NAME2 $LOOPDEV --hash sha1 --offset 512 --size 256 --shared || fail
397
echo "key0" | $CRYPTSETUP create $DEV_NAME3 $LOOPDEV --hash sha1 --offset 255 --size 256 --shared 2>/dev/null && fail
398
echo "key0" | $CRYPTSETUP create $DEV_NAME3 $LOOPDEV --hash sha1 --offset 256 --size 257 --shared 2>/dev/null && fail
399
echo "key0" | $CRYPTSETUP create $DEV_NAME3 $LOOPDEV --hash sha1 --offset 256 --size 1024 --shared 2>/dev/null && fail
400
echo "key0" | $CRYPTSETUP create $DEV_NAME3 $LOOPDEV --hash sha1 --offset 256 --size 256 --shared || fail
401
$CRYPTSETUP -q remove $DEV_NAME3 || fail
402
$CRYPTSETUP -q remove $DEV_NAME2 || fail
403
$CRYPTSETUP -q remove $DEV_NAME || fail
405
prepare "[26] Suspend/Resume" wipe
406
# only LUKS is supported
407
echo "key0" | $CRYPTSETUP create $DEV_NAME --hash sha1 $LOOPDEV || fail
408
$CRYPTSETUP luksSuspend $DEV_NAME 2>/dev/null && fail
409
$CRYPTSETUP luksResume $DEV_NAME 2>/dev/null && fail
410
$CRYPTSETUP -q remove $DEV_NAME || fail
411
$CRYPTSETUP luksSuspend $DEV_NAME 2>/dev/null && fail
413
echo "key0" | $CRYPTSETUP -q luksFormat $LOOPDEV || fail
414
echo "key0" | $CRYPTSETUP -q luksOpen $LOOPDEV $DEV_NAME || fail
415
$CRYPTSETUP luksSuspend $DEV_NAME || fail
416
$CRYPTSETUP -q resize $DEV_NAME 2>/dev/null && fail
417
echo "xxx" | $CRYPTSETUP luksResume $DEV_NAME -T 1 2>/dev/null && fail
418
echo "key0" | $CRYPTSETUP luksResume $DEV_NAME || fail
419
$CRYPTSETUP -q luksClose $DEV_NAME || fail
421
prepare "[27] luksOpen with specified key slot number" wipe
422
# first, let's try passphrase option
423
echo "key5" | $CRYPTSETUP luksFormat -S 5 $LOOPDEV || fail
424
check $LUKS_HEADER $KEY_SLOT5 $KEY_MATERIAL5
425
echo "key5" | $CRYPTSETUP luksOpen -S 4 $LOOPDEV $DEV_NAME && fail
426
[ -b /dev/mapper/$DEV_NAME ] && fail
427
echo "key5" | $CRYPTSETUP luksOpen -S 5 $LOOPDEV $DEV_NAME || fail
429
$CRYPTSETUP luksClose $DEV_NAME || fail
430
echo -e "key5\nkey0" | $CRYPTSETUP luksAddKey -S 0 $LOOPDEV || fail
431
check $LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0
432
echo "key5" | $CRYPTSETUP luksOpen -S 0 $LOOPDEV $DEV_NAME && fail
433
[ -b /dev/mapper/$DEV_NAME ] && fail
434
echo "key0" | $CRYPTSETUP luksOpen -S 5 $LOOPDEV $DEV_NAME && fail
435
[ -b /dev/mapper/$DEV_NAME ] && fail
436
# second, try it with keyfiles
437
$CRYPTSETUP luksFormat -q -S 5 -d $KEY5 $LOOPDEV || fail
438
check $LUKS_HEADER $KEY_SLOT5 $KEY_MATERIAL5
439
$CRYPTSETUP luksAddKey -S 1 -d $KEY5 $LOOPDEV $KEY1 || fail
440
check $LUKS_HEADER $KEY_SLOT1 $KEY_MATERIAL1
441
$CRYPTSETUP luksOpen -S 5 -d $KEY5 $LOOPDEV $DEV_NAME || fail
443
$CRYPTSETUP luksClose $DEV_NAME || fail
444
$CRYPTSETUP luksOpen -S 1 -d $KEY5 $LOOPDEV $DEV_NAME && fail
445
[ -b /dev/mapper/$DEV_NAME ] && fail
446
$CRYPTSETUP luksOpen -S 5 -d $KEY1 $LOOPDEV $DEV_NAME && fail
447
[ -b /dev/mapper/$DEV_NAME ] && fail