diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 08:06:26 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 08:06:26 +0000 |
commit | 1660d4b7a65d9ad2ce0deaa19d35579ca4084ac5 (patch) | |
tree | 6cf8220b628ebd2ccfc1375dd6516c6996e9abcc /tests/fvault2-compat-test | |
parent | Initial commit. (diff) | |
download | cryptsetup-upstream.tar.xz cryptsetup-upstream.zip |
Adding upstream version 2:2.6.1.upstream/2%2.6.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/fvault2-compat-test')
-rwxr-xr-x | tests/fvault2-compat-test | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/tests/fvault2-compat-test b/tests/fvault2-compat-test new file mode 100755 index 0000000..45022d2 --- /dev/null +++ b/tests/fvault2-compat-test @@ -0,0 +1,134 @@ +#!/bin/bash + +[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." +CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup +MAP=fvault2test +TST_DIR=fvault2-images + +CRYPTSETUP_VALGRIND=../.libs/cryptsetup +CRYPTSETUP_LIB_VALGRIND=../.libs + +[ -z "$srcdir" ] && srcdir="." + +function create_mapping() +{ + local image=$1 + local passphrase=$2 + echo -n "$passphrase" | "$CRYPTSETUP" open --type fvault2 --key-file - \ + "$image" "$MAP" +} + +function remove_mapping() +{ + [ -b "/dev/mapper/$MAP" ] && dmsetup remove --retry "$MAP" + rm -rf $TST_DIR +} + +function fail() +{ + [ -n "$1" ] && echo "$1" + echo " [FAILED]" + echo "FAILED backtrace:" + while caller $frame; do ((frame++)); done + remove_mapping + exit 2 +} + +function skip() +{ + [ -n "$1" ] && echo "$1" + echo "Test skipped." + remove_mapping + exit 77 +} + +function produce_dump() +{ + "$CRYPTSETUP" fvault2Dump "$1" || fail +} + +function produce_dump_key() +{ + echo "$2" | "$CRYPTSETUP" fvault2Dump "$1" --dump-volume-key || fail +} + +function check_dump() +{ + local dump=$1 + local key=$2 + local exp_value=$3 + local regex="$key:\s*\(.*\)" + local value=$(echo "$dump" | sed -n "s|$regex|\1|p" | sed 's|\s*$||') + [ "$value" = "$exp_value" ] || fail \ + "$key check failed: expected \"$exp_value\", got \"$value\"" +} + +function check_uuid() +{ + local exp_uuid=$1 + local uuid=$(blkid -po value -s UUID "/dev/mapper/$MAP") + [ "$uuid" = "$exp_uuid" ] || fail \ + "UUID check failed: expected \"$exp_uuid\", got \"$uuid\"" +} + +function check_sha256() +{ + local exp_sum=$1 + local sum=$(sha256sum /dev/mapper/$MAP | head -c 64) + [ "$sum" = "$exp_sum" ] || fail \ + "SHA256 sum check failed: expected \"$exp_sum\", got \"$sum\"" +} + +function valgrind_setup() +{ + command -v valgrind >/dev/null || fail "Cannot find valgrind." + [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable." + export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH" +} + +function valgrind_run() +{ + INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@" +} + +export LANG=C +[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped." + +if [ ! -d $TST_DIR ]; then + tar xJSf $srcdir/fvault2-images.tar.xz --no-same-owner 2>/dev/null || skip "Incompatible tar." +fi + +[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run + +echo "HEADER CHECK" +IMG="$TST_DIR/small" +PWD="heslo123" + +echo -n " $IMG" +dump=$(produce_dump $IMG) +check_dump "$dump" 'Physical volume UUID' fc52bfae-5a1f-4f9b-b3a6-f33303a0e401 +check_dump "$dump" 'Family UUID' 33a76caa-1481-4bc5-8d04-1ac1707c19c0 +check_dump "$dump" 'Logical volume offset' '67108864 [bytes]' +check_dump "$dump" 'Logical volume size' '167772160 [bytes]' +check_dump "$dump" 'PBKDF2 iterations' 204222 +check_dump "$dump" 'PBKDF2 salt' '2c 24 9e db 66 63 d6 fb cc 79 05 b7 a4 d7 27 52' +dump=$(produce_dump_key $IMG heslo123) +check_dump "$dump" 'Volume key' '20 73 4d 33 89 21 27 74 d7 61 0c 29 d7 32 88 09 16 f3 be 14 c4 b1 2a c7 aa f0 7e 5c cc 77 b3 19' +echo $PWD | $CRYPTSETUP open --type fvault2 --test-passphrase $IMG || fail +echo " [OK]" + +if [ $(id -u) != 0 ]; then + echo "WARNING: You must be root to run activation part of test, test skipped." + remove_mapping + exit 0 +fi + +echo "ACTIVATION CHECK" +echo -n " $IMG" +create_mapping $IMG heslo123 +check_uuid de124d8a-2164-394e-924f-8e28db0a09cb +check_sha256 2c662e36c0f7e2f5583e6a939bbcbdc660805692d0fccaa45ad4052beb3b8e18 +echo " [OK]" + +remove_mapping +exit 0 |