blob: c41e9421bb3537425013acc5e6c5a15f39d19495 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
|
#!/bin/bash
PS4='$LINENO:'
[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
CRYPTSETUP_VALGRIND=../.libs/cryptsetup
CRYPTSETUP_LIB_VALGRIND=../.libs
TEST_UUID="12345678-1234-1234-1234-123456789abc"
TFILE=test-args.out
function cleanup()
{
rm -f $TFILE 2> /dev/null
}
function fail()
{
[ -n "$1" ] && echo "$1"
echo "FAILED backtrace:"
while caller $frame; do ((frame++)); done
cleanup
exit 2
}
function skip()
{
[ -n "$1" ] && echo "$1"
echo "Test skipped."
cleanup
exit 77
}
function valgrind_setup()
{
command -v valgrind >/dev/null || fail "Cannot find valgrind."
[ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
}
function valgrind_run()
{
INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
}
function xxx()
{
$CRYPTSETUP --test-args $@ > $TFILE 2>&1
local ret=$?
grep -q -e ": unknown option\|Argument <action> missing" $TFILE && {
echo "'$CRYPTSETUP --test-args $@' command:"
cat $TFILE
fail "Probably typo in test"
}
test $ret -ne 0 || fail
}
function exp_fail()
{
# xxx $@
$CRYPTSETUP --test-args $@ 2>/dev/null && fail
}
function exp_pass()
{
$CRYPTSETUP --test-args $@ >/dev/null || fail
}
export LANG=C
[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped."
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
# initial test constructed according to current cryptsetup content
echo "[1] Current state"
exp_fail resize NAME --test-passphrase
exp_fail close NAME --test-passphrase
exp_pass open DEV NAME --test-passphrase --type bitlk
exp_pass open DEV NAME --test-passphrase --type luks
exp_pass open DEV NAME --test-passphrase --type luks1
exp_pass open DEV NAME --test-passphrase --type luks2
exp_fail open DEV NAME --test-passphrase --type plain
exp_fail open DEV NAME --deferred
exp_pass close NAME --deferred
exp_pass open DEV NAME --type plain --shared
exp_fail open DEV NAME --type luks1 --shared
exp_fail close NAME --shared
exp_pass open DEV NAME --allow-discards
exp_fail close NAME --allow-discards
exp_fail close NAME --persistent
exp_pass open DEV NAME --persistent
exp_fail open DEV NAME --persistent --test-passphrase
exp_fail luksFormat DEV --serialize-memory-hard-pbkdf
exp_pass open DEV NAME --serialize-memory-hard-pbkdf
exp_pass reencrypt DEV --key-size 32
exp_fail reencrypt DEV --key-size 31
exp_fail reencrypt DEV --key-size -32
exp_pass luksFormat DEV --key-size 32
exp_fail luksFormat DEV --key-size 31
exp_fail luksFormat DEV --key-size -32
exp_pass open DEV NAME --key-size 32 # --type plain -c aes-xts-plain64
exp_fail open DEV NAME --key-size 31 # --type plain -c aes-xts-plain64
exp_pass benchmark --key-size 32
exp_fail benchmark --key-size 31
exp_pass luksAddKey DEV --key-size 32 # --unbound
exp_fail luksAddKey DEV --key-size 31 # --unbound
exp_fail close NAME --key-size 32
exp_fail luksUUID DEV --key-size 32
# bug
# exp_fail luksFormat DEV --type luks1 --integrity hmac-sha256
exp_pass luksFormat DEV --type luks2 --integrity hmac-sha256
exp_fail open DEV NAME --integrity hmac-sha256
exp_pass luksFormat DEV --type luks2 --integrity hmac-sha256 --integrity-no-wipe
exp_fail luksFormat DEV --type luks2 --integrity-no-wipe
# bug
# exp_fail luksFormat DEV --type luks1 --integrity hmac-sha256 --integrity-no-wipe
exp_fail open DEV NAME --integrity-no-wipe
exp_fail open DEV NAME --integrity-no-wipe --integrity hmac-sha256
exp_pass luksFormat --label L --subsystem S DEV # --type luks2
exp_pass luksFormat --label L DEV # --type luks2
exp_pass luksFormat --subsystem S DEV # --type luks2
exp_pass config --label L --subsystem S DEV
exp_pass config --label L DEV
exp_pass config --subsystem S DEV
# bug
#exp_fail luksFormat --label L --subsystem S DEV --type luks1
#exp_fail luksFormat --label L DEV --type luks1
#exp_fail luksFormat --subsystem S DEV --type luks1
exp_fail open DEV NAME --label L --subsystem S
exp_fail open DEV NAME --label L
exp_fail open DEV NAME --subsystem S
exp_fail luksFormat DEV -S-2
# bug
# exp_fail luksFormat DEV -S-1
# prob. many bug: accepts --[new-]keyfile-size w/o --[new-]key-file
exp_pass luksFormat DEV --keyfile-size 42 --key-file F
exp_fail luksFormat DEV --keyfile-size -1 --key-file F
# bug (is it? e.g. empty passphrase)
# exp_fail luksFormat DEV --keyfile-size 0
exp_pass luksAddKey DEV --keyfile-size 42 --key-file F --new-keyfile-size 42 NF
exp_fail luksAddKey DEV --new-keyfile-size -42 NF
exp_fail luksAddKey DEV --keyfile-size 42 --key-file F --new-keyfile-size -42 NF
exp_fail luksFormat DEV --keyfile-size -1 --key-file F
# bug (is it? e.g. empty passphrase)
# exp_fail luksFormat DEV --keyfile-size 0
exp_fail open DEV NAME --key-file F0 --key-file F1
exp_pass open DEV NAME --key-file F0 --key-file F1 --type tcrypt
# why? (luksAddKey fail)
exp_fail luksAddKey DEV --use-random
exp_fail luksAddKey DEV --use-urandom
exp_fail luksAddKey DEV --use-urandom --use-random
exp_fail luksFormat DEV --use-urandom --use-random
exp_pass luksFormat DEV --use-random
exp_pass luksFormat DEV --use-urandom
exp_fail open DEV NAME --uuid $TEST_UUID
exp_pass luksFormat DEV --uuid $TEST_UUID
exp_pass luksUUID DEV --uuid $TEST_UUID
exp_fail open DEV NAME --align-payload 8192
exp_fail open DEV NAME --align-payload 8292 --type plain
exp_pass luksFormat DEV --align-payload 8192
exp_fail luksFormat DEV --align-payload 8192 --offset 16384
exp_fail luksFormat DEV --align-payload 8192 --offset 8192
exp_fail resize NAME --luks2-metadata-size 16k
exp_fail resize NAME --luks2-keyslots-size 16m
exp_pass luksFormat DEV --luks2-keyslots-size 16m
exp_pass luksFormat DEV --luks2-metadata-size 16k
exp_pass reencrypt DEV --luks2-keyslots-size 16m
exp_pass reencrypt DEV --luks2-metadata-size 16k
exp_fail luksFormat DEV --skip 8192
exp_fail open DEV NAME --skip 8192
exp_pass open DEV NAME --skip 8192 --type plain
exp_pass open DEV NAME --skip 8192 --type loopaes
exp_fail resize NAME --offset 8292
exp_pass luksFormat DEV --offset 16384
exp_fail open DEV NAME --offset 16384
exp_pass open DEV NAME --offset 16384 --type plain
exp_pass open DEV NAME --offset 16384 --type loopaes
exp_fail open DEV NAME --tcrypt-hidden
exp_fail open DEV NAME --tcrypt-system
exp_fail open DEV NAME --tcrypt-backup
# bug
# exp_fail open DEV NAME --tcrypt-hidden --tcrypt-system --tcrypt-backup --type tcrypt
exp_pass open DEV NAME --tcrypt-hidden --type tcrypt
exp_pass open DEV NAME --tcrypt-backup --type tcrypt
exp_pass open DEV NAME --tcrypt-system --type tcrypt
exp_pass tcryptDump DEV NAME --tcrypt-hidden --type tcrypt
exp_pass tcryptDump DEV NAME --tcrypt-backup --type tcrypt
exp_pass tcryptDump DEV NAME --tcrypt-system --type tcrypt
exp_fail tcryptDump DEV NAME --allow-discards --tcrypt-hidden --type tcrypt
# bug
# exp_fail close NAME --type tcrypt --veracrypt
exp_fail open DEV NAME --veracrypt
exp_pass open DEV NAME --type tcrypt --veracrypt
exp_pass open DEV NAME --type tcrypt --veracrypt --veracrypt-pim 1
exp_fail open DEV NAME --type tcrypt --veracrypt --veracrypt-pim -2
exp_fail open DEV NAME --type tcrypt --disable-veracrypt --veracrypt-pim 1
exp_fail open DEV NAME --type tcrypt --veracrypt --veracrypt-pim -1
exp_fail open DEV NAME --type tcrypt --disable-veracrypt --veracrypt-query-pim
exp_fail open DEV NAME --type tcrypt --disable-veracrypt --veracrypt-query-pim --veracrypt-pim 1
exp_fail open DEV NAME --disable-veracrypt --veracrypt-query-pim
# bug
# exp_fail open DEV NAME --priority normal
exp_fail config DEV --priority normal
exp_fail config DEV -S1 --priority norma
exp_pass config DEV -S1 --priority normal
exp_pass config DEV -S1 --priority ignore
exp_pass config DEV -S1 --priority prefer
# bug
# exp_fail open DEV NAME --pbkdf argon2i
exp_fail luksFormat DEV --pbkdf blah
exp_pass luksFormat DEV --pbkdf argon2i
exp_pass luksFormat DEV --pbkdf pbkdf2
exp_pass luksFormat DEV --pbkdf argon2id
exp_fail luksFormat DEV --type luks2 --pbkdf-force-iterations 4 -i1
exp_fail luksFormat DEV --type luks1 --pbkdf-force-iterations 1001 -i1
exp_fail open DEV NAME --sector-size 1024
exp_pass open DEV NAME --type plain --sector-size 1024
# bug
# exp_fail luksFormat DEV --sector-size 0
exp_fail luksFormat DEV --sector-size 511
exp_fail luksFormat DEV --sector-size 8192
exp_pass reencrypt DEV --sector-size 1024
exp_pass luksFormat DEV --sector-size 1024
exp_fail luksFormat DEV --iv-large-sectors
exp_fail open DEV --type tcrypt --iv-large-sectors
exp_fail open DEV --type plain --iv-large-sectors --sector-size 512
exp_pass open DEV --type plain --iv-large-sectors --sector-size 1024
exp_fail luksAddKey DEV --unbound
exp_fail luksAddKey DEV --unbound --key-size 0
exp_pass luksAddKey DEV --unbound --key-size 8
exp_pass luksDump DEV --unbound -S5
exp_fail luksDump DEV --unbound
exp_pass open DEV --unbound --test-passphrase
exp_pass open DEV --unbound --test-passphrase -S5
exp_fail open DEV --unbound NAME
exp_fail open DEV --unbound -S5 NAME
exp_fail resize NAME --refresh
exp_fail open DEV NAME --test-passphrase --refresh
exp_pass open DEV NAME --refresh
exp_pass refresh DEV NAME
exp_fail refresh DEV NAME --test-passphrase
# bug
# exp_fail luksFormat DEV --reduce-device-size 64m
exp_fail reencrypt DEV --reduce-device-size 2G # max 1g
exp_fail reencrypt DEV --reduce-device-size $((64*1024*1024+1))
exp_fail reencrypt DEV --reduce-device-size -64m
exp_pass reencrypt DEV --reduce-device-size 64m
exp_fail reencrypt DEV --reduce-device-size 64m --device-size 100g
# bugs
# exp_fail open DEV --decrypt --header H
# exp_fail open DEV --encrypt
# exp_fail open DEV NAME --device-size 32m
# exp_fail open DEV NAME --size 100
exp_pass open DEV NAME --device-size 32m --type plain
exp_fail open DEV NAME --device-size $((32*1024*1024+1)) --type plain
exp_pass open DEV NAME --size 100 --type plain
exp_fail open DEV NAME --size 100 --device-size $((512*100)) --type plain
exp_fail reencrypt DEV --device-size $((32*1024*1024+1))
exp_pass reencrypt DEV --device-size 32m
exp_fail luksFormat DEV NAME --keyslot-cipher ks
exp_fail luksFormat DEV NAME --keyslot-key-size 32
exp_pass luksFormat DEV NAME --keyslot-cipher ks --keyslot-key-size 32
# bugs
# exp_fail open DEV NAME --keyslot-cipher ks --keyslot-key-size 32
# exp_fail luksFormat --type luks1 DEV NAME --keyslot-cipher ks --keyslot-key-size 32
cleanup
exit 0
|