diff options
Diffstat (limited to 'tests/loopaes-test')
-rwxr-xr-x | tests/loopaes-test | 174 |
1 files changed, 174 insertions, 0 deletions
diff --git a/tests/loopaes-test b/tests/loopaes-test new file mode 100755 index 0000000..5c28be3 --- /dev/null +++ b/tests/loopaes-test @@ -0,0 +1,174 @@ +#!/bin/bash + +[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." +CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup + +# try to validate using loop-AES losetup/kernel if available +LOSETUP_AES=/losetup-aes.old + +LOOP_DD_PARAM="bs=1k count=10000" +DEV_NAME=dummy +IMG=loopaes.img +KEYv1=key_v1 +KEYv2=key_v2 +KEYv3=key_v3 +LOOPDEV=$(losetup -f 2>/dev/null) + +function dmremove() { # device + udevadm settle >/dev/null 2>&1 + dmsetup remove --retry $1 >/dev/null 2>&1 +} + +function remove_mapping() +{ + [ -b /dev/mapper/$DEV_NAME2 ] && dmremove $DEV_NAME2 + [ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME + losetup -d $LOOPDEV >/dev/null 2>&1 + rm -f $IMG $KEYv1 $KEYv2 $KEYv3 >/dev/null 2>&1 +} + +function fail() +{ + echo "FAILED backtrace:" + while caller $frame; do ((frame++)); done + remove_mapping + exit 2 +} + +function skip() +{ + [ -n "$1" ] && echo "$1" + exit 77 +} + +function prepare() +{ + remove_mapping + dd if=/dev/zero of=$IMG $LOOP_DD_PARAM >/dev/null 2>&1 + sync + losetup $LOOPDEV $IMG + + # Prepare raw key: v1 - one key, v2 - 64 keys, v3 - 64 + one IV + if [ ! -e $KEYv3 ]; then + head -c 3705 /dev/urandom | uuencode -m - | head -n 66 | tail -n 65 >$KEYv3 + head -n 1 $KEYv3 > $KEYv1 + head -n 64 $KEYv3 > $KEYv2 + fi + [ -n "$1" ] && echo -n "$1 " +} + +function check_exists() +{ + [ -b /dev/mapper/$DEV_NAME ] || fail +} + +function get_offset_params() # $offset +{ + offset=$1 + if [ "${offset:0:1}" = "@" ] ; then + echo "-o $((${offset:1} / 512)) -p 0" + else + echo "-o $((offset / 512))" + fi +} + +function get_expsum() # $offset +{ + case $1 in + 0) + echo "31e00e0e4c233c89051cd748122fde2c98db0121ca09ba93a3820817ea037bc5" + ;; + @8192 | 8192) + echo "bfd94392d1dd8f5d477251d21b3c736e177a4945cd4937847fc7bace82996aed" + ;; + @8388608 | 8388608) + echo "33838fe36928a929bd7971bed7e82bd426c88193fcd692c2e6f1b9c9bfecd4d6" + ;; + *) fail + ;; + esac +} + +function check_sum() # $key $keysize $offset [stdin|keyfile] +{ + $CRYPTSETUP close $DEV_NAME || fail + + EXPSUM=$(get_expsum $3) + if [ "$4" == "stdin" ] ; then + cat $1 | $CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file - $(get_offset_params $3) >/dev/null 2>&1 + else + $CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file $1 $(get_offset_params $3) >/dev/null 2>&1 + fi + ret=$? + VSUM=$(sha256sum /dev/mapper/$DEV_NAME | cut -d' ' -f 1) + if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then + echo -n "[$4:OK]" + else + echo "[$4:FAIL]" + [ "$VSUM" != "$EXPSUM" ] && echo " Expecting $EXPSUM got $VSUM." + fail + fi +} + +function check_sum_losetup() # $key $alg +{ + [ ! -x $LOSETUP_AES ] && echo && return + + echo -n " Verification using loop-AES: " + + losetup -d $LOOPDEV >/dev/null 2>&1 + cat $1 | $LOSETUP_AES -p 0 -e $2 -o $3 $LOOPDEV $IMG + ret=$? + VSUM=$(sha256sum $LOOPDEV | cut -d' ' -f 1) + if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then + echo "[OK]" + else + echo "[FAIL]" + [ "$VSUM" != "$EXPSUM" ] && echo " Expecting $EXPSUM got $VSUM (loop-AES)." + fail + fi + losetup -d $LOOPDEV >/dev/null 2>&1 +} + +function check_version() +{ + VER_STR=$(dmsetup version | grep Driver) + VER_MIN=$(echo $VER_STR | cut -f 2 -d.) + VER_PATCH=$(echo $VER_STR | cut -f 3 -d.) + + test $VER_MIN -lt 19 && return 1 + test $VER_MIN -eq 19 -a $VER_PATCH -ge 6 && return 1 # RHEL + return 0 +} + +[ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped." +[ -z "$LOOPDEV" ] && skip "Cannot find free loop device, test skipped." +which uuencode >/dev/null 2>&1 || skip "WARNING: test require uuencode binary, test skipped." +check_version || skip "Probably old kernel, test skipped." + +# loop-AES tests +KEY_SIZES="128 256" +KEY_FILES="$KEYv1 $KEYv2 $KEYv3" +DEV_OFFSET="0 8192 @8192 8388608 @8388608" + +for key_size in $KEY_SIZES ; do + for key in $KEY_FILES ; do + for offset in $DEV_OFFSET ; do + prepare "Open loop-AES $key / AES-$key_size / offset $offset" + $CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME \ + -s $key_size --key-file $key $(get_offset_params $offset) \ + 2>/dev/null + [ $? -ne 0 ] && echo "[SKIPPED]" && continue + check_exists + # Fill device with zeroes and reopen it + dd if=/dev/zero of=/dev/mapper/$DEV_NAME $LOOP_DD_PARAM >/dev/null 2>&1 + check_sum $key $key_size $offset keyfile + check_sum $key $key_size $offset stdin + $CRYPTSETUP loopaesClose $DEV_NAME || fail + check_sum_losetup $key AES$key_size $offset + done + done +done + +remove_mapping +exit 0 |