← Back to branch summary

~ubuntu-branches/ubuntu/trusty/libpam-mount/trusty-proposed

« back to all changes in this revision

Viewing changes to src/t-crypt

  • Committer: Bazaar Package Importer
  • Author(s): Bastian Kleineidam
  • Date: 2010-08-10 21:39:59 UTC
  • mfrom: (1.4.7 upstream)
  • Revision ID: james.westby@ubuntu.com-20100810213959-d3l1pqi1h6vt65aa
Tags: 2.5-1
http://bugs.debian.org/592492
* New upstream release.
* Fixed debian/watch regex.
* debian/control: use Standards version 3.9.1
* Build libcryptsetup support only on Linux systems
  (Closes: #592492)

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/t-crypt
20
20
truncate -s $[64*1048576] t-crypt.fs;
21
21
losetup "$blk" t-crypt.fs;
22
22
 
 
23
# Use of openssl key assumes dmcrypthash=plain
 
24
echo "TEST-k9-$LINENO";
 
25
echo -en "basekey" | openssl bf-cbc -pass pass:letmein >t-crypt.key;
 
26
openssl bf-cbc -d -pass pass:letmein <t-crypt.key | \
 
27
        cryptsetup -c serpent create "$cname" "$blk";
 
28
mkfs.ext4 "$cblk";
 
29
cryptsetup remove "$cname";
 
30
echo letmein | ./mount.crypt -vo fsk_cipher=bf-cbc,fsk_hash=md5,keyfile=t-crypt.key,cipher=serpent,hash=ripemd160,keysize=256 "$blk" /mnt;
 
31
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
 
32
 
 
33
# Test keysize interaction
 
34
echo "TEST-k8-$LINENO:";
 
35
dd if=/dev/urandom of=t-crypt.key bs=4k count=1;
 
36
echo basekey | cryptsetup luksFormat "$blk";
 
37
echo basekey | cryptsetup luksAddKey "$blk" t-crypt.key;
 
38
cryptsetup luksOpen --key-file t-crypt.key "$blk" "$cname";
 
39
mkfs.ext4 "$cblk";
 
40
cryptsetup luksClose "$cname";
 
41
./mount.crypt -vo keyfile=t-crypt.key,fsk_cipher=none "$blk" /mnt;
 
42
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
 
43
 
23
44
# Test keyfile passthru
 
45
echo "TEST-k7-$LINENO:";
24
46
echo -en "$p256" | cryptsetup luksFormat "$blk";
25
47
echo -en "$p256" | cryptsetup luksOpen "$blk" "$cname";
26
48
mkfs.ext4 "$cblk";
30
52
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
31
53
 
32
54
# test umount by container
 
55
echo "TEST-k6-$LINENO:";
33
56
./mount.crypt -vo keyfile=t-crypt.key,fsk_cipher=none "$blk" /mnt;
34
57
PMT_DEBUG_UMOUNT=1 ./umount.crypt "$blk";
35
58
 
36
59
# Test multiple key slots
 
60
echo "TEST-k5-$LINENO:";
37
61
echo -en "abc" | cryptsetup luksFormat "$blk";
38
62
echo -en "abc\nxyz\n" | cryptsetup luksAddKey "$blk";
39
63
echo -en "abc" | cryptsetup luksOpen "$blk" "$cname";
47
71
xts_checks ()
48
72
{
49
73
        # we pick XTS here because it is one cipher that allows keysize=512
 
74
echo "TEST-k4-$LINENO:";
50
75
echo -en "$p512" | \
51
76
        cryptsetup --key-file=- -c aes-xts-plain \
52
77
        -h sha512 -s 512 create "$cname" "$blk";
57
82
        "$blk" /mnt;
58
83
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
59
84
 
 
85
echo "TEST-k3-$LINENO:";
60
86
echo -en "$p512" | \
61
87
        cryptsetup --key-file=- -c aes-xts-plain \
62
88
        -h plain -s 512 create "$cname" "$blk";
68
94
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
69
95
 
70
96
# Test pmt-ehd style keyfile
 
97
echo "TEST-k2-$LINENO:";
71
98
echo -en "$p512" >/dev/shm/p512.key;
72
99
echo -en "$p512" | openssl bf-cbc -pass pass:abc >/dev/shm/p512.enc;
73
100
cryptsetup --key-file=/dev/shm/p512.key -c aes-xts-plain -h plain -s 512 \
87
114
fi;
88
115
 
89
116
# Test implicit libcryptsetup truncation after hashing
 
117
echo "TEST-k1-$LINENO:";
90
118
for p in "short" "$p128" "$p256" "$p512"; do
91
119
        echo -en "$p" | cryptsetup --key-file=- -c aes-cbc-essiv:sha256 \
92
120
                -h sha512 create "$cname" "$blk";
98
126
done;
99
127
 
100
128
# Test truncation with various cipher block sizes
 
129
echo "TEST-k0-$LINENO:";
101
130
for ((k = 32; k <= 448; k += 8)); do
102
131
        echo -en "$p512" | cryptsetup --key-file=- -c blowfish \
103
132
                -h sha512 -s "$k" create "$cname" "$blk";