← Back to branch summary

~ubuntu-branches/ubuntu/trusty/libpam-mount/trusty-proposed

« back to all changes in this revision

Viewing changes to src/t-crypt

  • Committer: Bazaar Package Importer
  • Author(s): Bastian Kleineidam
  • Date: 2010-05-09 10:46:01 UTC
  • mfrom: (1.4.4 upstream) (27.2.7 maverick)
  • Revision ID: james.westby@ubuntu.com-20100509104601-cip885tmppv2tc52
Tags: 2.1+git20100509-1
http://bugs.debian.org/580636
http://bugs.debian.org/484122
http://bugs.debian.org/580430
* New upstream release, plus git changes until 9.5.2010
  + Works now with other password slots than zero on crypted mounts
    (Closes: #580636)
  + Certainly includes old patch fixing the cron segfaults
    (Closes: #484122)
* Only warn about missing fskey hash when an fskey path has been given.
  (Closes: #580430)

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/t-crypt
4
4
{
5
5
        umount /mnt || :;
6
6
        cryptsetup remove "$cname" || :;
7
 
        true;
 
7
        losetup -d "$blk";
8
8
}
9
9
 
10
 
trap "cleanup; echo FAILED" EXIT
11
 
modprobe brd;
 
10
trap "cleanup; echo FAILED" ERR
12
11
 
13
 
blk="/dev/ram0";
14
 
cname="_dev_ram0";
 
12
blk="/dev/loop94";
 
13
cname="_dev_loop94";
15
14
cblk="/dev/mapper/$cname";
16
15
p128="128bitsXXXXXXXXX"
17
16
p256="256bitsXXXXXXXXXXXXXXXXXXXXXXXXX"
18
17
p512="512bitsXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
19
18
 
 
19
rm -f t-crypt.fs;
 
20
truncate -s $[64*1048576] t-crypt.fs;
 
21
losetup "$blk" t-crypt.fs;
 
22
 
 
23
echo -en "abc" | cryptsetup luksFormat "$blk";
 
24
echo -en "abc\nxyz\n" | cryptsetup luksAddKey "$blk";
 
25
echo -en "abc" | cryptsetup luksOpen "$blk" "$cname";
 
26
mkfs.ext4 "$cblk";
 
27
cryptsetup luksClose "$cname";
 
28
echo -en "abc" | ./mount.crypt -v "$blk" /mnt;
 
29
./umount.crypt --umount /mnt;
 
30
echo -en "xyz" | ./mount.crypt -v "$blk" /mnt;
 
31
./umount.crypt --umount /mnt;
 
32
 
20
33
echo -en "$p512" | \
21
34
        cryptsetup --key-file=- -c aes-xts-plain \
22
35
        -h sha512 -s 512 create "$cname" "$blk";
25
38
echo -en "$p512" | \
26
39
        ./mount.crypt -vo "hash=sha512,keysize=512,cipher=aes-xts-plain" \
27
40
        "$blk" /mnt;
28
 
./umount.crypt /mnt;
 
41
./umount.crypt --umount /mnt;
29
42
 
30
43
echo -en "$p512" | \
31
44
        cryptsetup --key-file=- -c aes-xts-plain \
35
48
echo -en "$p512" | \
36
49
        ./mount.crypt -vo "keysize=512,cipher=aes-xts-plain" \
37
50
        "$blk" /mnt;
38
 
./umount.crypt /mnt;
 
51
./umount.crypt --umount /mnt;
39
52
 
40
53
echo -en "$p512" >/dev/shm/p512.key;
41
54
echo -en "$p512" | openssl bf-cbc -pass pass:abc >/dev/shm/p512.enc;
46
59
echo -en abc | \
47
60
        ./mount.crypt -vo keyfile=/dev/shm/p512.enc,cipher=aes-xts-plain,fsk_cipher=bf-cbc,fsk_hash=md5 \
48
61
        "$blk" /mnt;
49
 
./umount.crypt /mnt;
 
62
./umount.crypt --umount /mnt;
50
63
 
51
64
for p in "short" "$p128" "$p256" "$p512"; do
52
65
        echo -en "$p" | cryptsetup --key-file=- -c aes-cbc-essiv:sha256 \
55
68
        cryptsetup remove "$cname";
56
69
        echo -en "$p" | ./mount.crypt -vo \
57
70
                hash=sha512,cipher=aes-cbc-essiv:sha256 "$blk" /mnt;
58
 
        ./umount.crypt /mnt;
 
71
        ./umount.crypt --umount /mnt;
59
72
done;
60
73
 
61
74
for ((k = 32; k <= 448; k += 8)); do
66
79
        echo -en "$p512" | ./mount.crypt -vo \
67
80
                "hash=sha512,keysize=$k,cipher=blowfish" \
68
81
                "$blk" /mnt;
69
 
        ./umount.crypt /mnt;
 
82
        ./umount.crypt --umount /mnt;
70
83
done;
71
84
 
72
 
trap "" EXIT;
 
85
trap "" ERR;
73
86
cleanup;
74
87
echo "All tests passed";