199 lines
5 KiB
Bash
Executable file
199 lines
5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
|
|
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
|
|
|
|
if [ -n "$CRYPTSETUP_TESTS_RUN_IN_MESON" ]; then
|
|
CRYPTSETUP_VALGRIND=$CRYPTSETUP
|
|
else
|
|
CRYPTSETUP_VALGRIND=../.libs/cryptsetup
|
|
CRYPTSETUP_LIB_VALGRIND=../.libs
|
|
fi
|
|
|
|
# try to validate using loop-AES losetup/kernel if available
|
|
LOSETUP_AES=/losetup-aes.old
|
|
|
|
LOOP_DD_PARAM="bs=1k count=10000"
|
|
DEV_NAME=dummy
|
|
IMG=loopaes.img
|
|
KEYv1=key_v1
|
|
KEYv2=key_v2
|
|
KEYv3=key_v3
|
|
LOOPDEV=$(losetup -f 2>/dev/null)
|
|
|
|
function dmremove() { # device
|
|
udevadm settle >/dev/null 2>&1
|
|
dmsetup remove --retry $1 >/dev/null 2>&1
|
|
}
|
|
|
|
function remove_mapping()
|
|
{
|
|
[ -b /dev/mapper/$DEV_NAME2 ] && dmremove $DEV_NAME2
|
|
[ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
|
|
losetup -d $LOOPDEV >/dev/null 2>&1
|
|
rm -f $IMG $KEYv1 $KEYv2 $KEYv3 >/dev/null 2>&1
|
|
}
|
|
|
|
function fail()
|
|
{
|
|
echo "FAILED backtrace:"
|
|
while caller $frame; do ((frame++)); done
|
|
remove_mapping
|
|
exit 2
|
|
}
|
|
|
|
function skip()
|
|
{
|
|
remove_mapping
|
|
[ -n "$1" ] && echo "$1"
|
|
exit 77
|
|
}
|
|
|
|
function valgrind_setup()
|
|
{
|
|
command -v valgrind >/dev/null || fail "Cannot find valgrind."
|
|
[ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
|
|
[ ! -f valg.sh ] && fail "Unable to get location of valg runner script."
|
|
if [ -z "$CRYPTSETUP_TESTS_RUN_IN_MESON" ]; then
|
|
export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
|
|
fi
|
|
}
|
|
|
|
function valgrind_run()
|
|
{
|
|
INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
|
|
}
|
|
|
|
function prepare()
|
|
{
|
|
remove_mapping
|
|
dd if=/dev/zero of=$IMG $LOOP_DD_PARAM >/dev/null 2>&1
|
|
sync
|
|
losetup $LOOPDEV $IMG
|
|
|
|
# Prepare raw key: v1 - one key, v2 - 64 keys, v3 - 64 + one IV
|
|
if [ ! -e $KEYv3 ]; then
|
|
head -c 3705 /dev/urandom | uuencode -m - | head -n 66 | tail -n 65 >$KEYv3
|
|
head -n 1 $KEYv3 > $KEYv1
|
|
head -n 64 $KEYv3 > $KEYv2
|
|
fi
|
|
[ -n "$1" ] && echo -n "$1 "
|
|
}
|
|
|
|
function check_exists()
|
|
{
|
|
[ -b /dev/mapper/$DEV_NAME ] || fail
|
|
}
|
|
|
|
function get_offset_params() # $offset
|
|
{
|
|
offset=$1
|
|
if [ "${offset:0:1}" = "@" ] ; then
|
|
echo "-o $((${offset:1} / 512)) -p 0"
|
|
else
|
|
echo "-o $((offset / 512))"
|
|
fi
|
|
}
|
|
|
|
function get_expsum() # $offset
|
|
{
|
|
case $1 in
|
|
0)
|
|
echo "31e00e0e4c233c89051cd748122fde2c98db0121ca09ba93a3820817ea037bc5"
|
|
;;
|
|
@8192 | 8192)
|
|
echo "bfd94392d1dd8f5d477251d21b3c736e177a4945cd4937847fc7bace82996aed"
|
|
;;
|
|
@8388608 | 8388608)
|
|
echo "33838fe36928a929bd7971bed7e82bd426c88193fcd692c2e6f1b9c9bfecd4d6"
|
|
;;
|
|
*) fail
|
|
;;
|
|
esac
|
|
}
|
|
|
|
function check_sum() # $key $keysize $offset [stdin|keyfile]
|
|
{
|
|
$CRYPTSETUP close $DEV_NAME || fail
|
|
|
|
EXPSUM=$(get_expsum $3)
|
|
if [ "$4" == "stdin" ] ; then
|
|
cat $1 | $CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file - $(get_offset_params $3) >/dev/null 2>&1
|
|
else
|
|
$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file $1 $(get_offset_params $3) >/dev/null 2>&1
|
|
fi
|
|
ret=$?
|
|
VSUM=$(sha256sum /dev/mapper/$DEV_NAME | cut -d' ' -f 1)
|
|
if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
|
|
echo -n "[$4:OK]"
|
|
else
|
|
echo "[$4:FAIL]"
|
|
[ "$VSUM" != "$EXPSUM" ] && echo " Expecting $EXPSUM got $VSUM."
|
|
fail
|
|
fi
|
|
}
|
|
|
|
function check_sum_losetup() # $key $alg
|
|
{
|
|
[ ! -x $LOSETUP_AES ] && echo && return
|
|
|
|
echo -n " Verification using loop-AES: "
|
|
|
|
losetup -d $LOOPDEV >/dev/null 2>&1
|
|
cat $1 | $LOSETUP_AES -p 0 -e $2 -o $3 $LOOPDEV $IMG
|
|
ret=$?
|
|
VSUM=$(sha256sum $LOOPDEV | cut -d' ' -f 1)
|
|
if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
|
|
echo "[OK]"
|
|
else
|
|
echo "[FAIL]"
|
|
[ "$VSUM" != "$EXPSUM" ] && echo " Expecting $EXPSUM got $VSUM (loop-AES)."
|
|
fail
|
|
fi
|
|
losetup -d $LOOPDEV >/dev/null 2>&1
|
|
}
|
|
|
|
function check_version()
|
|
{
|
|
VER_STR=$(dmsetup version | grep Driver)
|
|
VER_MIN=$(echo $VER_STR | cut -f 2 -d.)
|
|
VER_PATCH=$(echo $VER_STR | cut -f 3 -d.)
|
|
|
|
test $VER_MIN -lt 19 && return 1
|
|
test $VER_MIN -eq 19 -a $VER_PATCH -ge 6 && return 1 # RHEL
|
|
return 0
|
|
}
|
|
|
|
[ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped."
|
|
[ -z "$LOOPDEV" ] && skip "Cannot find free loop device, test skipped."
|
|
[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped."
|
|
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
|
|
command -v uuencode >/dev/null || skip "WARNING: test require uuencode binary, test skipped."
|
|
check_version || skip "Probably old kernel, test skipped."
|
|
|
|
# loop-AES tests
|
|
KEY_SIZES="128 256"
|
|
KEY_FILES="$KEYv1 $KEYv2 $KEYv3"
|
|
DEV_OFFSET="0 8192 @8192 8388608 @8388608"
|
|
|
|
for key_size in $KEY_SIZES ; do
|
|
for key in $KEY_FILES ; do
|
|
for offset in $DEV_OFFSET ; do
|
|
prepare "Open loop-AES $key / AES-$key_size / offset $offset"
|
|
$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME \
|
|
-s $key_size --key-file $key $(get_offset_params $offset) \
|
|
2>/dev/null
|
|
[ $? -ne 0 ] && echo "[SKIPPED]" && continue
|
|
check_exists
|
|
# Fill device with zeroes and reopen it
|
|
dd if=/dev/zero of=/dev/mapper/$DEV_NAME $LOOP_DD_PARAM >/dev/null 2>&1
|
|
check_sum $key $key_size $offset keyfile
|
|
check_sum $key $key_size $offset stdin
|
|
$CRYPTSETUP loopaesClose $DEV_NAME || fail
|
|
check_sum_losetup $key AES$key_size $offset
|
|
done
|
|
done
|
|
done
|
|
|
|
remove_mapping
|
|
exit 0
|