2 * cryptsetup library LUKS2 API check functions
4 * Copyright (C) 2009-2023 Red Hat, Inc. All rights reserved.
5 * Copyright (C) 2009-2023 Milan Broz
6 * Copyright (C) 2016-2023 Ondrej Kozina
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
32 #include <sys/types.h>
34 #include <linux/keyctl.h>
35 #include <sys/syscall.h>
36 #ifndef HAVE_KEY_SERIAL_T
37 #define HAVE_KEY_SERIAL_T
39 typedef int32_t key_serial_t;
44 #include "luks1/luks.h"
45 #include "libcryptsetup.h"
47 #define DEVICE_1_UUID "28632274-8c8a-493f-835b-da802e1c576b"
48 #define DEVICE_EMPTY_name "crypt_zero"
49 #define DEVICE_EMPTY DMDIR DEVICE_EMPTY_name
50 #define DEVICE_ERROR_name "crypt_error"
51 #define DEVICE_ERROR DMDIR DEVICE_ERROR_name
53 #define CDEVICE_1 "ctest1"
54 #define CDEVICE_2 "ctest2"
55 #define CDEVICE_WRONG "O_o"
56 #define H_DEVICE "head_ok"
57 #define H_DEVICE_WRONG "head_wr"
58 #define L_DEVICE_1S "luks_onesec"
59 #define L_DEVICE_0S "luks_zerosec"
60 #define L_DEVICE_WRONG "luks_wr"
61 #define L_DEVICE_OK "luks_ok"
62 #define REQS_LUKS2_HEADER "luks2_header_requirements"
63 #define NO_REQS_LUKS2_HEADER "luks2_header_requirements_free"
64 #define BACKUP_FILE "csetup_backup_file"
65 #define IMAGE1 "compatimage2.img"
66 #define IMAGE_EMPTY "empty.img"
67 #define IMAGE_EMPTY_SMALL "empty_small.img"
68 #define IMAGE_EMPTY_SMALL_2 "empty_small2.img"
69 #define IMAGE_PV_LUKS2_SEC "blkid-luks2-pv.img"
71 #define KEYFILE1 "key1.file"
72 #define KEY1 "compatkey"
74 #define KEYFILE2 "key2.file"
75 #define KEY2 "0123456789abcdef"
77 #define PASSPHRASE "blablabl"
78 #define PASSPHRASE1 "albalbal"
80 #define DEVICE_TEST_UUID "12345678-1234-1234-1234-123456789abc"
82 #define DEVICE_WRONG "/dev/Ooo_"
83 #define DEVICE_CHAR "/dev/zero"
84 #define THE_LFILE_TEMPLATE "cryptsetup-tstlp.XXXXXX"
86 #define KEY_DESC_TEST0 "cs_token_test:test_key0"
87 #define KEY_DESC_TEST1 "cs_token_test:test_key1"
89 #define CONV_DIR "conversion_imgs"
90 #define CONV_L1_128 "l1_128b"
91 #define CONV_L1_256 "l1_256b"
92 #define CONV_L1_512 "l1_512b"
93 #define CONV_L2_128 "l2_128b"
94 #define CONV_L2_128_FULL "l2_128b_full"
95 #define CONV_L2_256 "l2_256b"
96 #define CONV_L2_256_FULL "l2_256b_full"
97 #define CONV_L2_512 "l2_512b"
98 #define CONV_L2_512_FULL "l2_512b_full"
99 #define CONV_L1_128_DET "l1_128b_det"
100 #define CONV_L1_256_DET "l1_256b_det"
101 #define CONV_L1_512_DET "l1_512b_det"
102 #define CONV_L2_128_DET "l2_128b_det"
103 #define CONV_L2_128_DET_FULL "l2_128b_det_full"
104 #define CONV_L2_256_DET "l2_256b_det"
105 #define CONV_L2_256_DET_FULL "l2_256b_det_full"
106 #define CONV_L2_512_DET "l2_512b_det"
107 #define CONV_L2_512_DET_FULL "l2_512b_det_full"
108 #define CONV_L1_256_LEGACY "l1_256b_legacy_offset"
109 #define CONV_L1_256_UNMOVABLE "l1_256b_unmovable"
110 #define PASS0 "aaablabl"
111 #define PASS1 "hhhblabl"
112 #define PASS2 "cccblabl"
113 #define PASS3 "dddblabl"
114 #define PASS4 "eeeblabl"
115 #define PASS5 "fffblabl"
116 #define PASS6 "gggblabl"
117 #define PASS7 "bbbblabl"
118 #define PASS8 "iiiblabl"
120 static int _fips_mode = 0;
122 static char *DEVICE_1 = NULL;
123 static char *DEVICE_2 = NULL;
124 static char *DEVICE_3 = NULL;
125 static char *DEVICE_4 = NULL;
126 static char *DEVICE_5 = NULL;
127 static char *DEVICE_6 = NULL;
129 static char *tmp_file_1 = NULL;
130 static char *test_loop_file = NULL;
132 unsigned int test_progress_steps;
134 struct crypt_device *cd = NULL, *cd2 = NULL;
136 static const char *default_luks1_hash = NULL;
137 static uint32_t default_luks1_iter_time = 0;
139 static const char *default_luks2_pbkdf = NULL;
140 static uint32_t default_luks2_iter_time = 0;
141 static uint32_t default_luks2_memory_kb = 0;
142 static uint32_t default_luks2_parallel_threads = 0;
144 static struct crypt_pbkdf_type min_pbkdf2 = {
147 .flags = CRYPT_PBKDF_NO_BENCHMARK
152 .parallel_threads = 1,
153 .flags = CRYPT_PBKDF_NO_BENCHMARK
158 static unsigned cpus_online(void)
163 r = sysconf(_SC_NPROCESSORS_ONLN);
171 static uint32_t adjusted_pbkdf_memory(void)
173 long pagesize = sysconf(_SC_PAGESIZE);
174 long pages = sysconf(_SC_PHYS_PAGES);
177 if (pagesize <= 0 || pages <= 0)
178 return default_luks2_memory_kb;
180 memory_kb = pagesize / 1024 * pages / 2;
182 if (memory_kb < default_luks2_memory_kb)
183 return (uint32_t)memory_kb;
185 return default_luks2_memory_kb;
188 static unsigned _min(unsigned a, unsigned b)
190 return a < b ? a : b;
193 static int get_luks2_offsets(int metadata_device,
194 unsigned int alignpayload_sec,
195 unsigned int sector_size,
196 uint64_t *r_header_size,
197 uint64_t *r_payload_offset)
199 struct crypt_device *cd = NULL;
200 static uint64_t default_header_size = 0;
204 if (r_payload_offset)
205 *r_payload_offset = 0;
207 if (!default_header_size) {
208 if (crypt_init(&cd, THE_LOOP_DEV))
210 if (crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, NULL)) {
215 default_header_size = crypt_get_data_offset(cd);
221 sector_size = 512; /* default? */
223 if ((sector_size % 512) && (sector_size % 4096))
226 if (r_payload_offset) {
228 *r_payload_offset = alignpayload_sec * sector_size;
230 *r_payload_offset = DIV_ROUND_UP_MODULO(default_header_size * 512, (alignpayload_sec ?: 1) * sector_size);
232 *r_payload_offset /= sector_size;
236 *r_header_size = default_header_size;
241 static bool get_luks_pbkdf_defaults(void)
243 const struct crypt_pbkdf_type *pbkdf_defaults = crypt_get_pbkdf_default(CRYPT_LUKS1);
248 default_luks1_hash = pbkdf_defaults->hash;
249 default_luks1_iter_time = pbkdf_defaults->time_ms;
251 pbkdf_defaults = crypt_get_pbkdf_default(CRYPT_LUKS2);
255 default_luks2_pbkdf = pbkdf_defaults->type;
256 default_luks2_iter_time = pbkdf_defaults->time_ms;
257 default_luks2_memory_kb = pbkdf_defaults->max_memory_kb;
258 default_luks2_parallel_threads = pbkdf_defaults->parallel_threads;
263 static void _remove_keyfiles(void)
269 #if HAVE_DECL_DM_TASK_RETRY_REMOVE
270 #define DM_RETRY "--retry "
275 #define DM_NOSTDERR " 2>/dev/null"
277 static void _cleanup_dmdevices(void)
281 if (!stat(DMDIR H_DEVICE, &st))
282 _system("dmsetup remove " DM_RETRY H_DEVICE DM_NOSTDERR, 0);
284 if (!stat(DMDIR H_DEVICE_WRONG, &st))
285 _system("dmsetup remove " DM_RETRY H_DEVICE_WRONG DM_NOSTDERR, 0);
287 if (!stat(DMDIR L_DEVICE_0S, &st))
288 _system("dmsetup remove " DM_RETRY L_DEVICE_0S DM_NOSTDERR, 0);
290 if (!stat(DMDIR L_DEVICE_1S, &st))
291 _system("dmsetup remove " DM_RETRY L_DEVICE_1S DM_NOSTDERR, 0);
293 if (!stat(DMDIR L_DEVICE_WRONG, &st))
294 _system("dmsetup remove " DM_RETRY L_DEVICE_WRONG DM_NOSTDERR, 0);
296 if (!stat(DMDIR L_DEVICE_OK, &st))
297 _system("dmsetup remove " DM_RETRY L_DEVICE_OK DM_NOSTDERR, 0);
302 static void _cleanup(void)
309 //_system("udevadm settle", 0);
311 if (!stat(DMDIR CDEVICE_1, &st))
312 _system("dmsetup remove " DM_RETRY CDEVICE_1 DM_NOSTDERR, 0);
314 if (!stat(DMDIR CDEVICE_2, &st))
315 _system("dmsetup remove " DM_RETRY CDEVICE_2 DM_NOSTDERR, 0);
317 if (!stat(DEVICE_EMPTY, &st))
318 _system("dmsetup remove " DM_RETRY DEVICE_EMPTY_name DM_NOSTDERR, 0);
320 if (!stat(DEVICE_ERROR, &st))
321 _system("dmsetup remove " DM_RETRY DEVICE_ERROR_name DM_NOSTDERR, 0);
323 _cleanup_dmdevices();
325 if (loop_device(THE_LOOP_DEV))
326 loop_detach(THE_LOOP_DEV);
328 if (loop_device(DEVICE_1))
329 loop_detach(DEVICE_1);
331 if (loop_device(DEVICE_2))
332 loop_detach(DEVICE_2);
334 if (loop_device(DEVICE_3))
335 loop_detach(DEVICE_3);
337 if (loop_device(DEVICE_4))
338 loop_detach(DEVICE_4);
340 if (loop_device(DEVICE_5))
341 loop_detach(DEVICE_5);
343 if (loop_device(DEVICE_6))
344 loop_detach(DEVICE_6);
346 _system("rm -f " IMAGE_EMPTY, 0);
347 _system("rm -f " IMAGE1, 0);
348 _system("rm -rf " CONV_DIR, 0);
351 remove(test_loop_file);
355 remove(REQS_LUKS2_HEADER);
356 remove(NO_REQS_LUKS2_HEADER);
358 remove(IMAGE_PV_LUKS2_SEC);
359 remove(IMAGE_PV_LUKS2_SEC ".bcp");
360 remove(IMAGE_EMPTY_SMALL);
361 remove(IMAGE_EMPTY_SMALL_2);
366 free(test_loop_file);
376 static int _setup(void)
381 test_loop_file = strdup(THE_LFILE_TEMPLATE);
385 if ((fd=mkstemp(test_loop_file)) == -1) {
386 printf("cannot create temporary file with template %s\n", test_loop_file);
390 if (snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=%s bs=%d count=%d 2>/dev/null",
391 test_loop_file, TST_SECTOR_SIZE, TST_LOOP_FILE_SIZE) < 0)
396 fd = loop_attach(&THE_LOOP_DEV, test_loop_file, 0, 0, &ro);
399 tmp_file_1 = strdup(THE_LFILE_TEMPLATE);
403 if ((fd=mkstemp(tmp_file_1)) == -1) {
404 printf("cannot create temporary file with template %s\n", tmp_file_1);
408 if (snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=%s bs=%d count=%d 2>/dev/null",
409 tmp_file_1, TST_SECTOR_SIZE, 10) < 0)
414 _system("dmsetup create " DEVICE_EMPTY_name " --table \"0 10000 zero\"", 1);
415 _system("dmsetup create " DEVICE_ERROR_name " --table \"0 10000 error\"", 1);
417 if (t_set_readahead(DEVICE_ERROR, 0))
418 printf("cannot set read ahead on device %s\n", DEVICE_ERROR);
420 _system(" [ ! -e " IMAGE1 " ] && xz -dk " IMAGE1 ".xz", 1);
421 fd = loop_attach(&DEVICE_1, IMAGE1, 0, 0, &ro);
424 _system("dd if=/dev/zero of=" IMAGE_EMPTY " bs=1M count=32 2>/dev/null", 1);
425 fd = loop_attach(&DEVICE_2, IMAGE_EMPTY, 0, 0, &ro);
428 _system("dd if=/dev/zero of=" IMAGE_EMPTY_SMALL " bs=1M count=7 2>/dev/null", 1);
430 _system("dd if=/dev/zero of=" IMAGE_EMPTY_SMALL_2 " bs=512 count=2050 2>/dev/null", 1);
432 _system(" [ ! -e " NO_REQS_LUKS2_HEADER " ] && tar xJf " REQS_LUKS2_HEADER ".tar.xz", 1);
433 fd = loop_attach(&DEVICE_4, NO_REQS_LUKS2_HEADER, 0, 0, &ro);
436 _system(" [ ! -e " REQS_LUKS2_HEADER " ] && tar xJf " REQS_LUKS2_HEADER ".tar.xz", 1);
437 fd = loop_attach(&DEVICE_5, REQS_LUKS2_HEADER, 0, 0, &ro);
440 _system(" [ ! -e " IMAGE_PV_LUKS2_SEC " ] && xz -dk " IMAGE_PV_LUKS2_SEC ".xz", 1);
441 _system(" [ ! -e " IMAGE_PV_LUKS2_SEC ".bcp ] && cp " IMAGE_PV_LUKS2_SEC " " IMAGE_PV_LUKS2_SEC ".bcp", 1);
442 fd = loop_attach(&DEVICE_6, IMAGE_PV_LUKS2_SEC, 0, 0, &ro);
445 _system(" [ ! -d " CONV_DIR " ] && tar xJf " CONV_DIR ".tar.xz 2>/dev/null", 1);
447 if (_system("modprobe dm-crypt >/dev/null 2>&1", 1))
450 if (t_dm_check_versions())
453 _system("rmmod dm-crypt >/dev/null 2>&1", 0);
455 _fips_mode = fips_mode();
457 printf("FIPS MODE: %d\n", _fips_mode);
459 /* Use default log callback */
460 crypt_set_log_callback(NULL, &global_log_callback, NULL);
462 if (!get_luks_pbkdf_defaults())
465 min_pbkdf2.hash = min_argon2.hash = default_luks1_hash;
470 static int set_fast_pbkdf(struct crypt_device *cd)
472 const struct crypt_pbkdf_type *pbkdf = &min_argon2;
474 /* Cannot use Argon2 in FIPS */
478 return crypt_set_pbkdf_type(cd, pbkdf);
481 #ifdef KERNEL_KEYRING
482 static key_serial_t add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t keyring)
484 return syscall(__NR_add_key, type, description, payload, plen, keyring);
487 static key_serial_t keyctl_unlink(key_serial_t key, key_serial_t keyring)
489 return syscall(__NR_keyctl, KEYCTL_UNLINK, key, keyring);
492 static key_serial_t request_key(const char *type,
493 const char *description,
494 const char *callout_info,
495 key_serial_t keyring)
497 return syscall(__NR_request_key, type, description, callout_info, keyring);
500 static key_serial_t _kernel_key_by_segment(struct crypt_device *cd, int segment)
502 char key_description[1024];
504 if (snprintf(key_description, sizeof(key_description), "cryptsetup:%s-d%u", crypt_get_uuid(cd), segment) < 1)
507 return request_key("logon", key_description, NULL, 0);
510 static int _volume_key_in_keyring(struct crypt_device *cd, int segment)
512 return _kernel_key_by_segment(cd, segment) >= 0 ? 0 : -1;
515 static int _drop_keyring_key(struct crypt_device *cd, int segment)
517 key_serial_t kid = _kernel_key_by_segment(cd, segment);
522 return keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING);
526 static int test_open(struct crypt_device *cd __attribute__((unused)),
527 int token __attribute__((unused)),
532 const char *str = (const char *)usrptr;
534 *buffer = strdup(str);
537 *buffer_len = strlen(*buffer);
542 static int test_validate(struct crypt_device *cd __attribute__((unused)), const char *json)
544 return (strstr(json, "magic_string") == NULL);
547 static void UseLuks2Device(void)
552 OK_(crypt_init(&cd, DEVICE_1));
553 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
554 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
555 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
556 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
557 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0), "already open");
558 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
559 OK_(crypt_deactivate(cd, CDEVICE_1));
560 FAIL_(crypt_deactivate(cd, CDEVICE_1), "no such device");
563 // repeat previous tests and check kernel keyring is released when not needed
564 if (t_dm_crypt_keyring_support()) {
565 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
566 FAIL_(_drop_keyring_key(cd, 0), "");
567 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), CRYPT_ACTIVATE_KEYRING_KEY));
568 OK_(_drop_keyring_key(cd, 0));
569 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
570 OK_(_drop_keyring_key(cd, 0));
571 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0), "already open");
572 FAIL_(_volume_key_in_keyring(cd, 0), "");
573 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
574 OK_(crypt_deactivate(cd, CDEVICE_1));
575 FAIL_(_volume_key_in_keyring(cd, 0), "");
580 OK_(strcmp("aes", crypt_get_cipher(cd)));
581 OK_(strcmp("cbc-essiv:sha256", crypt_get_cipher_mode(cd)));
582 OK_(strcmp(DEVICE_1_UUID, crypt_get_uuid(cd)));
583 EQ_((int)key_size, crypt_get_volume_key_size(cd));
584 EQ_(8192, crypt_get_data_offset(cd));
586 EQ_(0, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
587 OK_(crypt_volume_key_verify(cd, key, key_size));
588 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
589 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
590 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
591 OK_(crypt_deactivate(cd, CDEVICE_1));
594 FAIL_(crypt_volume_key_verify(cd, key, key_size), "key mismatch");
595 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "key mismatch");
600 static void SuspendDevice(void)
602 struct crypt_active_device cad;
606 uint64_t r_payload_offset;
608 OK_(crypt_init(&cd, DEVICE_1));
609 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
610 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
612 suspend_status = crypt_suspend(cd, CDEVICE_1);
613 if (suspend_status == -ENOTSUP) {
614 printf("WARNING: Suspend/Resume not supported, skipping test.\n");
615 OK_(crypt_deactivate(cd, CDEVICE_1));
621 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
622 EQ_(CRYPT_ACTIVATE_SUSPENDED, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
623 #ifdef KERNEL_KEYRING
624 FAIL_(_volume_key_in_keyring(cd, 0), "");
626 FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended");
628 FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)-1), "wrong key");
629 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)));
630 FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)), "not suspended");
632 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
633 EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
635 OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
636 OK_(crypt_suspend(cd, CDEVICE_1));
637 FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1 "blah", 0), "wrong keyfile");
638 FAIL_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 1, 0), "wrong key");
639 OK_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
640 FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0), "not suspended");
641 OK_(crypt_deactivate(cd, CDEVICE_1));
644 /* create LUKS device with detached header */
645 OK_(crypt_init(&cd, DEVICE_1));
646 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
647 OK_(crypt_set_data_device(cd, DEVICE_2));
648 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
651 /* Should be able to suspend but not resume if not header specified */
652 OK_(crypt_init_by_name(&cd, CDEVICE_1));
653 OK_(crypt_suspend(cd, CDEVICE_1));
654 FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended");
655 FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)-1), "no header");
658 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DEVICE_1));
659 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)));
661 /* Resume by volume key */
662 OK_(crypt_suspend(cd, CDEVICE_1));
663 key_size = sizeof(key);
664 memset(key, 0, key_size);
665 FAIL_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size), "wrong key");
666 OK_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
667 OK_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size));
668 OK_(crypt_deactivate(cd, CDEVICE_1));
671 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
672 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
674 /* Resume device with cipher_null */
675 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
676 OK_(set_fast_pbkdf(cd));
677 OK_(crypt_format(cd, CRYPT_LUKS2, "cipher_null", "ecb", NULL, key, key_size, NULL));
678 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
679 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
680 OK_(crypt_suspend(cd, CDEVICE_1));
681 OK_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size));
682 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
683 EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
684 OK_(crypt_suspend(cd, CDEVICE_1));
685 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE)));
686 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
687 EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
688 OK_(crypt_deactivate(cd, CDEVICE_1));
692 _cleanup_dmdevices();
695 static void AddDeviceLuks2(void)
697 enum { OFFSET_1M = 2048 , OFFSET_2M = 4096, OFFSET_4M = 8192, OFFSET_8M = 16384 };
698 struct crypt_pbkdf_type pbkdf = {
699 .type = CRYPT_KDF_ARGON2I,
701 .parallel_threads = 4,
702 .max_memory_kb = 1024,
705 struct crypt_params_luks2 params = {
707 .data_device = DEVICE_2,
710 char key[128], key2[128], key3[128];
712 const char *tmp_buf, *passphrase = PASSPHRASE, *passphrase2 = "nsdkFI&Y#.sd";
713 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
714 const char *vk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
715 size_t key_size = strlen(vk_hex) / 2;
716 const char *cipher = "aes";
717 const char *cipher_mode = "cbc-essiv:sha256";
718 uint64_t r_payload_offset, r_header_size, r_size_1;
720 /* Cannot use Argon2 in FIPS */
722 pbkdf.type = CRYPT_KDF_PBKDF2;
723 pbkdf.parallel_threads = 0;
724 pbkdf.max_memory_kb = 0;
727 crypt_decode_key(key, vk_hex, key_size);
728 crypt_decode_key(key3, vk_hex2, key_size);
731 OK_(get_luks2_offsets(0, 0, 0, &r_header_size, &r_payload_offset));
732 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
733 OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_size - 1));
737 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
738 params.data_alignment = 0;
739 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Not enough space for keyslots material");
742 // test payload_offset = 0 for encrypted device with external header device
743 OK_(crypt_init(&cd, DMDIR H_DEVICE));
744 OK_(set_fast_pbkdf(cd));
745 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
746 EQ_(crypt_get_data_offset(cd), 0);
749 params.data_alignment = 0;
750 params.data_device = NULL;
752 // test payload_offset = 0. format() should look up alignment offset from device topology
753 OK_(crypt_init(&cd, DEVICE_2));
754 OK_(set_fast_pbkdf(cd));
755 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
756 OK_(!(crypt_get_data_offset(cd) > 0));
759 // set_data_offset has priority, alignment must be 0 or must be compatible
760 params.data_alignment = 0;
761 OK_(crypt_init(&cd, DEVICE_2));
762 OK_(set_fast_pbkdf(cd));
763 OK_(crypt_set_data_offset(cd, OFFSET_8M));
764 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
765 EQ_(crypt_get_data_offset(cd), OFFSET_8M);
768 // Load gets the value from metadata
769 OK_(crypt_init(&cd, DEVICE_2));
770 OK_(crypt_set_data_offset(cd, OFFSET_2M));
771 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
772 EQ_(crypt_get_data_offset(cd), OFFSET_8M);
775 params.data_alignment = OFFSET_4M;
776 OK_(crypt_init(&cd, DEVICE_2));
777 OK_(set_fast_pbkdf(cd));
778 FAIL_(crypt_set_data_offset(cd, OFFSET_2M + 1), "Not aligned to 4096"); // must be aligned to 4k
779 OK_(crypt_set_data_offset(cd, OFFSET_2M));
780 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Alignment not compatible");
781 OK_(crypt_set_data_offset(cd, OFFSET_4M));
782 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
783 EQ_(crypt_get_data_offset(cd), OFFSET_4M);
787 * test limit values for backing device size
789 params.data_alignment = OFFSET_4M;
790 OK_(get_luks2_offsets(0, params.data_alignment, 0, NULL, &r_payload_offset));
791 OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_payload_offset));
792 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
793 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset - 1));
795 // 1 sector less than required
796 OK_(crypt_init(&cd, DMDIR L_DEVICE_WRONG));
797 OK_(set_fast_pbkdf(cd));
798 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device too small");
801 // 0 sectors for encrypted area
802 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
803 OK_(set_fast_pbkdf(cd));
804 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
805 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Encrypted area too small");
808 // 1 sector for encrypted area
809 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
810 OK_(set_fast_pbkdf(cd));
811 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
812 EQ_(crypt_get_data_offset(cd), r_payload_offset);
813 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
814 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
815 OK_(t_device_size(DMDIR CDEVICE_1, &r_size_1));
816 EQ_(r_size_1, TST_SECTOR_SIZE);
817 OK_(crypt_deactivate(cd, CDEVICE_1));
818 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
819 // restrict format only to empty context
820 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Context is already formatted");
821 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL), "Context is already formatted");
822 // change data device to wrong one
823 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_0S));
824 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device too small");
825 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_1S));
826 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
827 OK_(crypt_deactivate(cd, CDEVICE_1));
830 params.data_alignment = 0;
831 params.data_device = DEVICE_2;
833 // generate keyslot material at the end of luks header
834 OK_(crypt_init(&cd, DMDIR H_DEVICE));
835 OK_(set_fast_pbkdf(cd));
836 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
837 EQ_((int)key_size, crypt_get_volume_key_size(cd));
838 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
839 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase) ,0), 7);
841 OK_(crypt_keyslot_get_pbkdf(cd, 7, &pbkdf_tmp));
842 OK_(strcmp(pbkdf_tmp.type, pbkdf.type));
844 NULL_(pbkdf_tmp.hash);
845 OK_(!(pbkdf_tmp.max_memory_kb >= 32));
846 OK_(!(pbkdf_tmp.parallel_threads >= 1));
848 OK_(strcmp(pbkdf_tmp.hash, pbkdf.hash));
849 OK_(!(pbkdf_tmp.iterations >= 4));
850 EQ_(0, pbkdf_tmp.time_ms); /* not usable in per-keyslot call */
853 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
854 OK_(set_fast_pbkdf(cd));
855 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Context is already formatted");
856 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
858 // check active status without header
859 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, NULL));
860 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
861 NULL_(crypt_get_type(cd));
862 OK_(strcmp(cipher, crypt_get_cipher(cd)));
863 OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
864 EQ_((int)key_size, crypt_get_volume_key_size(cd));
865 OK_(crypt_deactivate(cd, CDEVICE_1));
868 params.data_alignment = OFFSET_1M;
869 params.data_device = NULL;
871 // test uuid mismatch and _init_by_name_and_header
872 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
873 OK_(set_fast_pbkdf(cd));
874 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
875 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
876 EQ_(0, crypt_header_is_detached(cd));
878 params.data_alignment = 0;
879 params.data_device = DEVICE_2;
880 OK_(crypt_init(&cd, DMDIR H_DEVICE));
881 OK_(set_fast_pbkdf(cd));
882 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
884 // there we've got uuid mismatch
885 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
886 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
887 NULL_(crypt_get_type(cd));
888 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device is active");
889 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0), "Device is active");
890 EQ_(crypt_status(cd, CDEVICE_2), CRYPT_INACTIVE);
891 OK_(crypt_deactivate(cd, CDEVICE_1));
892 EQ_(crypt_header_is_detached(cd), 1);
895 params.data_device = NULL;
897 OK_(crypt_init(&cd, DEVICE_2));
898 OK_(set_fast_pbkdf(cd));
899 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
901 // even with no keyslots defined it can be activated by volume key
902 OK_(crypt_volume_key_verify(cd, key, key_size));
903 OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0));
904 GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
905 OK_(crypt_deactivate(cd, CDEVICE_2));
908 EQ_(7, crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)));
909 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 7));
910 EQ_(7, crypt_activate_by_passphrase(cd, CDEVICE_2, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
911 GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
912 OK_(crypt_deactivate(cd, CDEVICE_2));
914 EQ_(1, crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, KEY1, strlen(KEY1)));
915 OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
916 OK_(prepare_keyfile(KEYFILE2, KEY2, strlen(KEY2)));
917 EQ_(2, crypt_keyslot_add_by_keyfile(cd, 2, KEYFILE1, 0, KEYFILE2, 0));
918 FAIL_(crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 1, KEYFILE2, 0, 1), "wrong key");
919 EQ_(3, crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 0, KEYFILE2, 0, 1));
920 EQ_(4, crypt_keyslot_add_by_keyfile_offset(cd, 4, KEYFILE2, 0, 1, KEYFILE1, 0, 1));
921 FAIL_(crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2)-1, 0), "key mismatch");
922 EQ_(2, crypt_activate_by_keyfile(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
923 EQ_(3, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 1, 0));
924 EQ_(4, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, 1, 0));
925 FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2), 2, 0), "not enough data");
926 FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, strlen(KEY2) + 1, 0), "cannot seek");
927 FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 2, 0), "wrong key");
928 EQ_(2, crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
929 OK_(crypt_keyslot_destroy(cd, 1));
930 OK_(crypt_keyslot_destroy(cd, 2));
931 OK_(crypt_keyslot_destroy(cd, 3));
932 OK_(crypt_keyslot_destroy(cd, 4));
933 OK_(crypt_deactivate(cd, CDEVICE_2));
936 FAIL_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), "slot used");
938 FAIL_(crypt_keyslot_add_by_volume_key(cd, 6, key, key_size, passphrase, strlen(passphrase)), "key mismatch");
940 EQ_(6, crypt_keyslot_add_by_volume_key(cd, 6, key, key_size, passphrase2, strlen(passphrase2)));
941 EQ_(CRYPT_SLOT_ACTIVE, crypt_keyslot_status(cd, 6));
943 FAIL_(crypt_keyslot_destroy(cd, 8), "invalid keyslot");
944 FAIL_(crypt_keyslot_destroy(cd, CRYPT_ANY_SLOT), "invalid keyslot");
945 FAIL_(crypt_keyslot_destroy(cd, 0), "keyslot not used");
946 OK_(crypt_keyslot_destroy(cd, 7));
947 EQ_(CRYPT_SLOT_INACTIVE, crypt_keyslot_status(cd, 7));
948 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 6));
950 EQ_(6, crypt_keyslot_change_by_passphrase(cd, 6, CRYPT_ANY_SLOT, passphrase2, strlen(passphrase2), passphrase, strlen(passphrase)));
951 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 6));
952 EQ_(7, crypt_keyslot_change_by_passphrase(cd, 6, 7, passphrase, strlen(passphrase), passphrase2, strlen(passphrase2)));
953 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 7));
954 EQ_(7, crypt_activate_by_passphrase(cd, NULL, 7, passphrase2, strlen(passphrase2), 0));
955 EQ_(6, crypt_keyslot_change_by_passphrase(cd, CRYPT_ANY_SLOT, 6, passphrase2, strlen(passphrase2), passphrase, strlen(passphrase)));
957 EQ_(6, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key2, &key_size, passphrase, strlen(passphrase)));
958 OK_(crypt_volume_key_verify(cd, key2, key_size));
959 OK_(memcmp(key, key2, key_size));
961 OK_(strcmp(cipher, crypt_get_cipher(cd)));
962 OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
963 EQ_((int)key_size, crypt_get_volume_key_size(cd));
964 EQ_(r_payload_offset, crypt_get_data_offset(cd));
965 OK_(strcmp(DEVICE_2, crypt_get_device_name(cd)));
969 OK_(!(global_lines != 0));
972 FAIL_(crypt_dump_json(cd, NULL, 42), "flags be used later");
973 OK_(crypt_dump_json(cd, NULL, 0));
974 OK_(!(global_lines != 0));
976 OK_(crypt_dump_json(cd, &tmp_buf, 0));
977 OK_(!(tmp_buf && strlen(tmp_buf) != 0));
979 FAIL_(crypt_set_uuid(cd, "blah"), "wrong UUID format");
980 OK_(crypt_set_uuid(cd, DEVICE_TEST_UUID));
981 OK_(strcmp(DEVICE_TEST_UUID, crypt_get_uuid(cd)));
983 FAIL_(crypt_deactivate(cd, CDEVICE_2), "not active");
985 _cleanup_dmdevices();
987 /* LUKSv2 format tests */
989 /* very basic test */
990 OK_(crypt_init(&cd, DEVICE_2));
991 crypt_set_iteration_time(cd, 1);
992 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 0, NULL), "Wrong key size");
993 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
995 /* some invalid parameters known to cause troubles */
996 OK_(crypt_init(&cd, DEVICE_2));
997 crypt_set_iteration_time(cd, 0); /* wrong for argon2 but we don't know the pbkdf type yet, ignored */
998 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
1000 OK_(crypt_init(&cd, DEVICE_2));
1001 OK_(set_fast_pbkdf(cd));
1002 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
1003 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
1006 OK_(crypt_init(&cd, DEVICE_2));
1007 OK_(set_fast_pbkdf(cd));
1008 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size, NULL));
1009 FAIL_(crypt_keyslot_add_by_volume_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), "VK doesn't match any digest");
1010 FAIL_(crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), "VK doesn't match any digest");
1013 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
1014 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1015 OK_(set_fast_pbkdf(cd));
1016 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
1017 EQ_(crypt_keyslot_add_by_volume_key(cd, 3, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 3);
1018 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key3, key_size, 0), "VK doesn't match any digest assigned to segment 0");
1022 * Check regression in getting keyslot encryption parameters when
1023 * volume key size is unknown (no active keyslots).
1025 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1026 OK_(set_fast_pbkdf(cd));
1027 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
1028 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
1029 /* drop context copy of volume key */
1031 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1032 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1033 EQ_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
1034 OK_(crypt_keyslot_destroy(cd, 0));
1035 OK_(set_fast_pbkdf(cd));
1036 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
1039 _cleanup_dmdevices();
1042 static void Luks2MetadataSize(void)
1044 struct crypt_pbkdf_type pbkdf = {
1045 .type = CRYPT_KDF_ARGON2I,
1047 .parallel_threads = 1,
1048 .max_memory_kb = 128,
1050 .flags = CRYPT_PBKDF_NO_BENCHMARK
1052 struct crypt_params_luks2 params = {
1054 .data_device = DEVICE_2,
1057 char key[128], tmp[128];
1059 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1060 size_t key_size = strlen(vk_hex) / 2;
1061 const char *cipher = "aes";
1062 const char *cipher_mode = "cbc-essiv:sha256";
1063 uint64_t r_header_size, default_mdata_size, default_keyslots_size, mdata_size,
1064 keyslots_size, r_header_wrong_size = 14336;
1066 /* Cannot use Argon2 in FIPS */
1068 pbkdf.type = CRYPT_KDF_PBKDF2;
1069 pbkdf.parallel_threads = 0;
1070 pbkdf.max_memory_kb = 0;
1071 pbkdf.iterations = 1000;
1074 crypt_decode_key(key, vk_hex, key_size);
1076 // init test devices
1077 OK_(get_luks2_offsets(0, 0, 0, &r_header_size, NULL));
1078 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
1079 OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_wrong_size)); /* 7 MiBs only */
1080 //default metadata sizes
1081 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1082 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1084 EQ_(keyslots_size, 0);
1085 OK_(crypt_set_metadata_size(cd, 0, 0));
1086 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1088 EQ_(keyslots_size, 0);
1089 OK_(crypt_set_metadata_size(cd, 0x004000, 0x004000));
1090 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1091 EQ_(mdata_size, 0x004000);
1092 EQ_(keyslots_size, 0x004000);
1093 OK_(crypt_set_metadata_size(cd, 0x008000, 0x008000));
1094 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1095 EQ_(mdata_size, 0x008000);
1096 EQ_(keyslots_size, 0x008000);
1097 FAIL_(crypt_set_metadata_size(cd, 0x008001, 0x008000), "Wrong size");
1098 FAIL_(crypt_set_metadata_size(cd, 0x008000, 0x008001), "Wrong size");
1101 // metadata settings
1102 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1103 OK_(crypt_set_metadata_size(cd, 0x080000, 0x080000));
1104 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1105 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), 7);
1107 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1108 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1109 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1110 EQ_(mdata_size, 0x080000);
1111 EQ_(keyslots_size, 0x080000);
1114 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1115 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1116 OK_(crypt_get_metadata_size(cd, &default_mdata_size, &default_keyslots_size));
1117 EQ_(default_mdata_size, 0x04000);
1118 EQ_(default_keyslots_size, (r_header_size * 512) - 2 * 0x04000);
1120 // check keyslots size calculation is correct
1121 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1122 OK_(crypt_set_metadata_size(cd, 0x80000, 0));
1123 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1124 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1125 EQ_(mdata_size, 0x80000);
1126 EQ_(keyslots_size, (r_header_size * 512) - 2 * 0x80000);
1129 // various metadata size checks combined with data offset
1130 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1131 OK_(crypt_set_metadata_size(cd, 0, default_keyslots_size + 4096));
1132 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device is too small.");
1133 OK_(crypt_set_metadata_size(cd, 0x20000, (r_header_size * 512) - 2 * 0x20000 + 4096));
1134 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device is too small.");
1137 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1138 OK_(crypt_set_metadata_size(cd, 0x80000, 0));
1139 OK_(crypt_set_data_offset(cd, 0x80000 / 512 - 8));
1140 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Data offset is too small.");
1143 // H_DEVICE_WRONG size is 7MiB
1144 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
1145 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1146 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1147 EQ_(mdata_size, default_mdata_size);
1148 EQ_(keyslots_size, (r_header_wrong_size * 512) - 2 * default_mdata_size);
1151 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
1152 OK_(crypt_set_metadata_size(cd, 0x400000, 0));
1153 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device is too small.");
1156 // IMAGE_EMPTY_SMALL size is 7MiB but now it's regulare file
1157 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
1158 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1159 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1160 EQ_(mdata_size, default_mdata_size);
1161 EQ_(keyslots_size, default_keyslots_size);
1162 EQ_(crypt_get_data_offset(cd), 0);
1165 sprintf(tmp, "truncate -s %" PRIu64 " " IMAGE_EMPTY_SMALL, r_header_wrong_size * 512);
1168 // check explicit keyslots size and data offset are respected even with regular file mdevice
1169 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
1170 OK_(crypt_set_metadata_size(cd, 0, default_keyslots_size));
1171 OK_(crypt_set_data_offset(cd, r_header_size + 8));
1172 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1173 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1174 EQ_(mdata_size, default_mdata_size);
1175 EQ_(keyslots_size, default_keyslots_size);
1176 EQ_(crypt_get_data_offset(cd), r_header_size + 8);
1179 _cleanup_dmdevices();
1182 static void UseTempVolumes(void)
1186 // Tepmporary device without keyslot but with on-disk LUKS header
1187 OK_(crypt_init(&cd, DEVICE_2));
1188 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "not yet formatted");
1189 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 16, NULL));
1190 OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0));
1191 GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
1194 OK_(crypt_init_by_name(&cd, CDEVICE_2));
1195 OK_(crypt_deactivate(cd, CDEVICE_2));
1198 // Dirty checks: device without UUID
1199 // we should be able to remove it but not manipulate with it
1200 GE_(snprintf(tmp, sizeof(tmp), "dmsetup create %s --table \""
1201 "0 100 crypt aes-cbc-essiv:sha256 deadbabedeadbabedeadbabedeadbabe 0 "
1202 "%s 2048\"", CDEVICE_2, DEVICE_2), 0);
1204 OK_(crypt_init_by_name(&cd, CDEVICE_2));
1205 OK_(crypt_deactivate(cd, CDEVICE_2));
1206 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "No known device type");
1209 // Dirty checks: device with UUID but LUKS header key fingerprint must fail)
1210 GE_(snprintf(tmp, sizeof(tmp), "dmsetup create %s --table \""
1211 "0 100 crypt aes-cbc-essiv:sha256 deadbabedeadbabedeadbabedeadbabe 0 "
1212 "%s 2048\" -u CRYPT-LUKS2-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-ctest1",
1213 CDEVICE_2, DEVICE_2), 0);
1215 OK_(crypt_init_by_name(&cd, CDEVICE_2));
1216 OK_(crypt_deactivate(cd, CDEVICE_2));
1217 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "wrong volume key");
1221 OK_(crypt_init(&cd, DEVICE_2));
1222 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1223 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "volume key is lost");
1227 static void Luks2HeaderRestore(void)
1230 struct crypt_pbkdf_type pbkdf = {
1231 .type = CRYPT_KDF_ARGON2I,
1233 .parallel_threads = 4,
1234 .max_memory_kb = 1024,
1237 struct crypt_params_luks2 params = {
1239 .data_alignment = 8192, // 4M, data offset will be 4096
1242 struct crypt_params_plain pl_params = {
1248 struct crypt_params_luks1 luks1 = {
1249 .data_alignment = 8192, // 4M offset to pass alignment test
1253 const char *vk_hex = "ccadd99b16cd3d200c22d6db45d8b6630ef3d936767127347ec8a76ab992c2ea";
1254 size_t key_size = strlen(vk_hex) / 2;
1255 const char *cipher = "aes";
1256 const char *cipher_mode = "cbc-essiv:sha256";
1257 uint64_t r_payload_offset;
1259 /* Cannot use Argon2 in FIPS */
1261 pbkdf.type = CRYPT_KDF_PBKDF2;
1262 pbkdf.parallel_threads = 0;
1263 pbkdf.max_memory_kb = 0;
1266 crypt_decode_key(key, vk_hex, key_size);
1268 OK_(get_luks2_offsets(0, params.data_alignment, 0, NULL, &r_payload_offset));
1269 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 5000));
1271 // do not restore header over plain device
1272 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1273 OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &pl_params));
1274 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1275 FAIL_(crypt_header_restore(cd, CRYPT_PLAIN, NO_REQS_LUKS2_HEADER), "Cannot restore header to PLAIN type device");
1276 FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER), "Cannot restore header over PLAIN type device");
1277 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1278 OK_(crypt_deactivate(cd, CDEVICE_1));
1281 // FIXME: does following test make a sense in LUKS2?
1282 // volume key_size mismatch
1283 // OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1284 // memcpy(key2, key, key_size / 2);
1285 // OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key2, key_size / 2, ¶ms));
1286 // FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, VALID_LUKS2_HEADER), "Volume keysize mismatch");
1289 // payload offset mismatch
1290 params.data_alignment = 8193;
1291 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1292 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1293 FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER), "Payload offset mismatch");
1295 params.data_alignment = 4096;
1296 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1297 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1298 // FIXME: either format has to fail or next line must be true
1299 // EQ_(crypt_get_data_offset(cd), params.data_alignment);
1300 // FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, VALID_LUKS2_HEADER), "Payload offset mismatch");
1303 // do not allow restore over LUKS1 header on device
1304 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1305 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
1306 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, NULL, 32, &luks1));
1308 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1309 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1310 FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER), "LUKS1 format detected");
1313 /* check crypt_header_restore() properly loads crypt_device context */
1314 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1315 OK_(crypt_wipe(cd, NULL, CRYPT_WIPE_ZERO, 0, 1*1024*1024, 1*1024*1024, 0, NULL, NULL));
1316 OK_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER));
1317 /* check LUKS2 specific API call returns non-error code */
1318 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &flags));
1320 /* same test, any LUKS */
1321 OK_(crypt_wipe(cd, NULL, CRYPT_WIPE_ZERO, 0, 1*1024*1024, 1*1024*1024, 0, NULL, NULL));
1322 OK_(crypt_header_restore(cd, CRYPT_LUKS, NO_REQS_LUKS2_HEADER));
1323 /* check LUKS2 specific API call returns non-error code */
1324 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &flags));
1329 _cleanup_dmdevices();
1332 static void Luks2HeaderLoad(void)
1334 struct crypt_pbkdf_type pbkdf = {
1335 .type = CRYPT_KDF_ARGON2I,
1337 .parallel_threads = 4,
1338 .max_memory_kb = 1024,
1341 struct crypt_params_luks2 params = {
1343 .data_alignment = 8192, // 4M, data offset will be 4096
1344 .data_device = DEVICE_2,
1347 struct crypt_params_plain pl_params = {
1353 char key[128], cmd[256];
1355 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1356 size_t key_size = strlen(vk_hex) / 2;
1357 const char *cipher = "aes";
1358 const char *cipher_mode = "cbc-essiv:sha256";
1359 uint64_t r_payload_offset, r_header_size, img_size;
1361 /* Cannot use Argon2 in FIPS */
1363 pbkdf.type = CRYPT_KDF_PBKDF2;
1364 pbkdf.parallel_threads = 0;
1365 pbkdf.max_memory_kb = 0;
1368 crypt_decode_key(key, vk_hex, key_size);
1370 // hardcoded values for existing image IMAGE1
1373 OK_(get_luks2_offsets(0, 0, 0, &r_header_size, &r_payload_offset));
1374 // external header device
1375 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
1376 // prepared header on a device too small to contain header and payload
1377 //OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_payload_offset - 1));
1378 OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, img_size - 1));
1379 GE_(snprintf(cmd, sizeof(cmd), "dd if=" IMAGE1 " of=" DMDIR H_DEVICE_WRONG " bs=%" PRIu32
1380 " count=%" PRIu64 " 2>/dev/null", params.sector_size, img_size - 1), 0);
1381 OK_(_system(cmd, 1));
1383 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
1385 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_header_size + 1));
1386 // 0 sectors device for payload
1387 OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_header_size));
1389 // valid metadata and device size
1390 params.data_alignment = 0;
1391 params.data_device = DMDIR L_DEVICE_OK;
1392 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1393 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1395 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1396 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1397 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1398 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1399 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1400 OK_(!crypt_get_metadata_device_name(cd));
1401 EQ_(strcmp(DMDIR H_DEVICE, crypt_get_metadata_device_name(cd)), 0);
1402 OK_(crypt_deactivate(cd, CDEVICE_1));
1403 EQ_(1, crypt_header_is_detached(cd));
1406 // repeat with init with two devices
1407 OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
1408 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1410 OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
1411 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1412 OK_(!crypt_get_metadata_device_name(cd));
1413 EQ_(strcmp(DMDIR H_DEVICE, crypt_get_metadata_device_name(cd)), 0);
1414 EQ_(1, crypt_header_is_detached(cd));
1417 // bad header: device too small (payloadOffset > device_size)
1418 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
1419 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "Device too small");
1420 NULL_(crypt_get_type(cd));
1423 // 0 secs for encrypted data area
1424 params.data_alignment = 8192;
1425 params.data_device = NULL;
1426 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
1427 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1429 // load should be ok
1430 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
1431 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1432 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device too small");
1433 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
1437 OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 count=8 2>/dev/null", 1));
1438 OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 seek=32 count=8 2>/dev/null", 1));
1439 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1440 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "Header not found");
1444 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1445 FAIL_(crypt_load(cd, CRYPT_PLAIN, NULL), "Can't load nonLUKS device type");
1447 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1448 OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, key, key_size, &pl_params));
1449 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "Can't load over nonLUKS device type");
1453 OK_(crypt_init(&cd, DEVICE_4));
1454 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1456 OK_(crypt_init(&cd, DEVICE_4));
1457 crypt_set_iteration_time(cd, 0); /* invalid for argon2 pbkdf, ignored */
1458 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1461 /* check load sets proper device type */
1462 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
1463 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1464 EQ_(strcmp(CRYPT_LUKS2, crypt_get_type(cd)), 0);
1467 _cleanup_dmdevices();
1470 static void Luks2HeaderBackup(void)
1472 struct crypt_pbkdf_type pbkdf = {
1473 .type = CRYPT_KDF_ARGON2I,
1475 .parallel_threads = 4,
1476 .max_memory_kb = 1024,
1479 struct crypt_params_luks2 params = {
1481 .data_alignment = 8192, // 4M, data offset will be 4096
1482 .data_device = DEVICE_2,
1486 int fd, ro = O_RDONLY;
1488 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1489 size_t key_size = strlen(vk_hex) / 2;
1490 const char *cipher = "aes";
1491 const char *cipher_mode = "cbc-essiv:sha256";
1492 uint64_t r_payload_offset;
1494 const char *passphrase = PASSPHRASE;
1496 /* Cannot use Argon2 in FIPS */
1498 pbkdf.type = CRYPT_KDF_PBKDF2;
1499 pbkdf.parallel_threads = 0;
1500 pbkdf.max_memory_kb = 0;
1503 crypt_decode_key(key, vk_hex, key_size);
1505 OK_(get_luks2_offsets(1, params.data_alignment, 0, NULL, &r_payload_offset));
1506 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
1508 // create LUKS device and backup the header
1509 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1510 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1511 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1512 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
1513 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, passphrase, strlen(passphrase)), 0);
1514 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
1515 OK_(crypt_deactivate(cd, CDEVICE_1));
1518 // restore header from backup
1519 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1520 OK_(crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE));
1521 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1522 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1523 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1524 OK_(crypt_deactivate(cd, CDEVICE_1));
1525 EQ_(0, crypt_header_is_detached(cd));
1528 // exercise luksOpen using backup header in file
1529 OK_(crypt_init(&cd, BACKUP_FILE));
1530 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1531 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1532 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, passphrase, strlen(passphrase), 0), 0);
1533 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1534 OK_(crypt_deactivate(cd, CDEVICE_1));
1535 EQ_(1, crypt_header_is_detached(cd));
1538 OK_(crypt_init(&cd, BACKUP_FILE));
1539 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1540 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1541 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase), 0), 7);
1542 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1543 OK_(crypt_deactivate(cd, CDEVICE_1));
1546 // exercise luksOpen using backup header on block device
1547 fd = loop_attach(&DEVICE_3, BACKUP_FILE, 0, 0, &ro);
1548 NOTFAIL_(fd, "Bad loop device.");
1550 OK_(crypt_init(&cd, DEVICE_3));
1551 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1552 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1553 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, passphrase, strlen(passphrase), 0), 0);
1554 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1555 OK_(crypt_deactivate(cd, CDEVICE_1));
1558 OK_(crypt_init(&cd, DEVICE_3));
1559 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1560 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1561 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase), 0), 7);
1562 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1563 OK_(crypt_deactivate(cd, CDEVICE_1));
1566 _cleanup_dmdevices();
1569 static void ResizeDeviceLuks2(void)
1571 struct crypt_pbkdf_type pbkdf = {
1572 .type = CRYPT_KDF_ARGON2I,
1574 .parallel_threads = 4,
1575 .max_memory_kb = 1024,
1578 struct crypt_params_luks2 params = {
1580 .data_alignment = 8192, // 4M, data offset will be 4096
1585 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1586 size_t key_size = strlen(vk_hex) / 2;
1587 const char *cipher = "aes", *capi_cipher = "capi:cbc(aes)";
1588 const char *cipher_mode = "cbc-essiv:sha256", *capi_cipher_mode = "essiv:sha256";
1589 uint64_t r_payload_offset, r_header_size, r_size;
1591 /* Cannot use Argon2 in FIPS */
1593 pbkdf.type = CRYPT_KDF_PBKDF2;
1594 pbkdf.parallel_threads = 0;
1595 pbkdf.max_memory_kb = 0;
1598 crypt_decode_key(key, vk_hex, key_size);
1601 OK_(get_luks2_offsets(0, params.data_alignment, 0, NULL, &r_payload_offset));
1602 OK_(get_luks2_offsets(0, 0, 0, &r_header_size, NULL));
1603 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
1604 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
1605 OK_(create_dmdevice_over_loop(L_DEVICE_0S, 1000));
1606 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset + 1000));
1608 // test header and encrypted payload all in one device
1609 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1610 // disable loading VKs in kernel keyring (compatible mode)
1611 OK_(crypt_volume_key_keyring(cd, 0));
1612 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1613 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1614 OK_(crypt_resize(cd, CDEVICE_1, 0));
1615 OK_(crypt_resize(cd, CDEVICE_1, 42));
1616 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1617 EQ_(42, r_size >> TST_SECTOR_SHIFT);
1618 OK_(crypt_resize(cd, CDEVICE_1, 0));
1619 // autodetect encrypted device area size
1620 OK_(crypt_resize(cd, CDEVICE_1, 0));
1621 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1622 EQ_(1000, r_size >> TST_SECTOR_SHIFT);
1623 FAIL_(crypt_resize(cd, CDEVICE_1, 1001), "Device too small");
1624 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1625 EQ_(1000, r_size >> TST_SECTOR_SHIFT);
1626 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1627 OK_(crypt_deactivate(cd, CDEVICE_1));
1630 params.data_alignment = 0;
1631 params.data_device = DMDIR L_DEVICE_0S;
1632 // test case for external header
1633 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1634 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1635 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1636 OK_(crypt_resize(cd, CDEVICE_1, 666));
1637 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1638 EQ_(666, r_size >> TST_SECTOR_SHIFT);
1639 // autodetect encrypted device size
1640 OK_(crypt_resize(cd, CDEVICE_1, 0));
1641 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1642 EQ_(1000, r_size >> TST_SECTOR_SHIFT);
1643 FAIL_(crypt_resize(cd, CDEVICE_1, 1001), "Device too small");
1644 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1645 EQ_(1000, r_size >> TST_SECTOR_SHIFT);
1646 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1647 OK_(crypt_deactivate(cd, CDEVICE_1));
1650 #ifdef KERNEL_KEYRING
1651 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1652 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1653 // enable loading VKs in kernel keyring (default mode)
1654 OK_(crypt_volume_key_keyring(cd, 1));
1655 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1656 // erase volume key from kernel keyring
1657 if (t_dm_crypt_keyring_support())
1658 OK_(_drop_keyring_key(cd, 0));
1660 FAIL_(_drop_keyring_key(cd, 0), "key not found");
1662 OK_(crypt_resize(cd, CDEVICE_1, 0));
1663 // kernel fails to find the volume key in keyring
1664 if (t_dm_crypt_keyring_support())
1665 FAIL_(crypt_resize(cd, CDEVICE_1, 42), "Unable to find volume key in keyring");
1667 OK_(crypt_resize(cd, CDEVICE_1, 42));
1668 // test mode must not load vk in keyring
1669 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
1670 if (t_dm_crypt_keyring_support())
1671 FAIL_(crypt_resize(cd, CDEVICE_1, 44), "VK must be in keyring to perform resize");
1673 OK_(crypt_resize(cd, CDEVICE_1, 44));
1674 // reinstate the volume key in keyring
1675 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
1676 OK_(crypt_resize(cd, CDEVICE_1, 43));
1677 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1678 EQ_(43, r_size >> TST_SECTOR_SHIFT);
1681 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1682 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1683 // check userspace gets hint volume key must be properly loaded in kernel keyring
1684 if (t_dm_crypt_keyring_support())
1685 EQ_(crypt_resize(cd, CDEVICE_1, 0), -EPERM);
1687 OK_(crypt_resize(cd, CDEVICE_1, 0));
1690 // same as above for handles initialised by name
1691 OK_(crypt_init_by_name(&cd, CDEVICE_1));
1692 if (t_dm_crypt_keyring_support())
1693 EQ_(crypt_resize(cd, CDEVICE_1, 0), -EPERM);
1695 OK_(crypt_resize(cd, CDEVICE_1, 0));
1696 OK_(crypt_deactivate(cd, CDEVICE_1));
1699 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1700 OK_(crypt_load(cd, NULL, NULL));
1701 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1703 /* create second LUKS2 device */
1704 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
1705 OK_(crypt_format(cd2, CRYPT_LUKS2, cipher, cipher_mode, crypt_get_uuid(cd), key, key_size, ¶ms));
1706 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
1707 /* do not allow resize of other device */
1708 FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
1709 OK_(crypt_deactivate(cd2, CDEVICE_2));
1712 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
1713 OK_(crypt_set_pbkdf_type(cd2, &min_pbkdf2));
1714 OK_(crypt_format(cd2, CRYPT_LUKS1, cipher, cipher_mode, crypt_get_uuid(cd), key, key_size, NULL));
1715 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
1716 FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
1717 OK_(crypt_deactivate(cd2, CDEVICE_2));
1720 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
1721 OK_(crypt_format(cd2, CRYPT_PLAIN, cipher, cipher_mode, NULL, key, key_size, NULL));
1722 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
1723 FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
1724 OK_(crypt_deactivate(cd2, CDEVICE_2));
1727 OK_(crypt_deactivate(cd, CDEVICE_1));
1730 if (t_dm_capi_string_supported()) {
1731 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1732 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
1733 OK_(crypt_format(cd, CRYPT_LUKS2, capi_cipher, capi_cipher_mode, NULL, key, key_size, NULL));
1734 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1735 OK_(crypt_resize(cd, CDEVICE_1, 8));
1736 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1737 EQ_(8, r_size >> TST_SECTOR_SHIFT);
1738 OK_(crypt_deactivate(cd, CDEVICE_1));
1742 _cleanup_dmdevices();
1745 static void TokenActivationByKeyring(void)
1747 #ifdef KERNEL_KEYRING
1748 key_serial_t kid, kid1;
1749 struct crypt_active_device cad;
1751 const char *cipher = "aes";
1752 const char *cipher_mode = "xts-plain64";
1754 const struct crypt_token_params_luks2_keyring params = {
1755 .key_description = KEY_DESC_TEST0
1757 .key_description = KEY_DESC_TEST1
1758 }, params_invalid = {};
1759 uint64_t r_payload_offset;
1761 if (!t_dm_crypt_keyring_support()) {
1762 printf("WARNING: Kernel keyring not supported, skipping test.\n");
1766 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
1767 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1769 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
1770 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
1772 // prepare the device
1773 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1774 OK_(set_fast_pbkdf(cd));
1775 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
1776 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1777 FAIL_(crypt_token_luks2_keyring_set(cd, CRYPT_ANY_TOKEN, ¶ms_invalid), "Invalid key description property.");
1778 EQ_(crypt_token_luks2_keyring_set(cd, 3, ¶ms), 3);
1779 EQ_(crypt_token_assign_keyslot(cd, 3, 0), 3);
1782 // test thread keyring key in token 0
1783 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1784 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1785 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 3, NULL, 0), 0);
1786 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 3, NULL, 0), "already open");
1787 OK_(crypt_deactivate(cd, CDEVICE_1));
1790 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
1792 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_PROCESS_KEYRING);
1793 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1795 // add token 1 with process keyring key
1796 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1797 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1798 EQ_(crypt_token_json_set(cd, 3, NULL), 3);
1799 EQ_(crypt_token_luks2_keyring_set(cd, 1, ¶ms), 1);
1800 EQ_(crypt_token_assign_keyslot(cd, 1, 0), 1);
1803 // test process keyring key in token 1
1804 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1805 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1806 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), 0);
1807 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), "already open");
1808 OK_(crypt_deactivate(cd, CDEVICE_1));
1811 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_PROCESS_KEYRING), "Test or kernel keyring are broken.");
1813 // create two tokens and let the cryptsetup unlock the volume with the valid one
1814 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
1815 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1817 kid1 = add_key("user", KEY_DESC_TEST1, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
1818 NOTFAIL_(kid1, "Test or kernel keyring are broken.");
1820 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1821 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1822 EQ_(crypt_token_luks2_keyring_set(cd, 0, ¶ms), 0);
1823 EQ_(crypt_token_assign_keyslot(cd, 0, 0), 0);
1824 EQ_(crypt_token_luks2_keyring_set(cd, 1, ¶ms2), 1);
1825 FAIL_(crypt_token_assign_keyslot(cd, 1, 1), "Keyslot 1 doesn't exist");
1826 OK_(set_fast_pbkdf(cd));
1827 EQ_(crypt_keyslot_add_by_passphrase(cd, 1, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1, strlen(PASSPHRASE1)), 1);
1828 EQ_(crypt_token_assign_keyslot(cd, 1, 1), 1);
1831 // activate by specific token
1832 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1833 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1834 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, NULL, 0), 0);
1835 if (t_dm_crypt_keyring_support()) {
1836 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
1837 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY);
1839 OK_(crypt_deactivate(cd, CDEVICE_1));
1840 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), 1);
1841 OK_(crypt_deactivate(cd, CDEVICE_1));
1844 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
1846 // activate by any token with token 0 having absent pass from keyring
1847 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1848 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1849 EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
1850 if (t_dm_crypt_keyring_support()) {
1851 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
1852 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY);
1854 OK_(crypt_deactivate(cd, CDEVICE_1));
1857 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
1858 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1860 // replace pass for keyslot 0 making token 0 invalid
1861 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1862 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1863 OK_(crypt_keyslot_destroy(cd, 0));
1864 OK_(set_fast_pbkdf(cd));
1865 EQ_(crypt_keyslot_add_by_passphrase(cd, 0, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE1, strlen(PASSPHRASE1)), 0);
1868 // activate by any token with token 0 having wrong pass for keyslot 0
1869 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1870 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1871 EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
1872 OK_(crypt_deactivate(cd, CDEVICE_1));
1875 // create new device, with two tokens:
1876 // 1st token being invalid (missing key in keyring)
1877 // 2nd token can activate keyslot 1 after failing to do so w/ keyslot 0 (wrong pass)
1878 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1879 OK_(set_fast_pbkdf(cd));
1880 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
1881 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1882 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 1);
1883 EQ_(crypt_token_luks2_keyring_set(cd, 0, ¶ms), 0);
1884 EQ_(crypt_token_assign_keyslot(cd, 0, 0), 0);
1885 EQ_(crypt_token_luks2_keyring_set(cd, 2, ¶ms2), 2);
1886 EQ_(crypt_token_assign_keyslot(cd, 2, 1), 2);
1889 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
1891 kid1 = add_key("user", KEY_DESC_TEST1, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
1892 NOTFAIL_(kid1, "Test or kernel keyring are broken.");
1894 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1895 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1896 EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
1897 OK_(crypt_deactivate(cd, CDEVICE_1));
1899 _cleanup_dmdevices();
1901 printf("WARNING: cryptsetup compiled with kernel keyring service disabled, skipping test.\n");
1905 static void Tokens(void)
1907 #define TEST_TOKEN_JSON(x) "{\"type\":\"test_token\",\"keyslots\":[" x "]," \
1908 "\"key_length\":32,\"a_field\":\"magic_string\"}"
1910 #define TEST_TOKEN_JSON_INVALID(x) "{\"type\":\"test_token\",\"keyslots\":[" x "]," \
1911 "\"key_length\":32}"
1913 #define TEST_TOKEN1_JSON(x) "{\"type\":\"test_token1\",\"keyslots\":[" x "]," \
1914 "\"key_length\":32,\"a_field\":\"magic_string\"}"
1916 #define TEST_TOKEN1_JSON_INVALID(x) "{\"type\":\"test_token1\",\"keyslots\":[" x "]," \
1917 "\"key_length\":32}"
1919 #define BOGUS_TOKEN0_JSON "{\"type\":\"luks2-\",\"keyslots\":[]}"
1920 #define BOGUS_TOKEN1_JSON "{\"type\":\"luks2-a\",\"keyslots\":[]}"
1922 #define LUKS2_KEYRING_TOKEN_JSON(x, y) "{\"type\":\"luks2-keyring\",\"keyslots\":[" x "]," \
1923 "\"key_description\":" y "}"
1925 #define LUKS2_KEYRING_TOKEN_JSON_BAD(x, y) "{\"type\":\"luks2-keyring\",\"keyslots\":[" x "]," \
1926 "\"key_description\":" y ", \"some_field\":\"some_value\"}"
1931 const char *cipher = "aes";
1932 const char *cipher_mode = "xts-plain64";
1933 char passptr[] = PASSPHRASE;
1934 char passptr1[] = PASSPHRASE1;
1935 struct crypt_active_device cad;
1937 static const crypt_token_handler th = {
1938 .name = "test_token",
1940 .validate = test_validate
1942 .name = "test_token",
1945 .name = "test_token1",
1947 .validate = test_validate
1949 .name = "luks2-prefix",
1953 struct crypt_token_params_luks2_keyring params = {
1954 .key_description = "desc"
1956 uint64_t r_payload_offset;
1958 OK_(crypt_token_register(&th));
1959 FAIL_(crypt_token_register(&th2), "Token handler with the name already registered.");
1961 FAIL_(crypt_token_register(&th_reserved), "luks2- is reserved prefix");
1963 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
1964 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
1966 // basic token API tests
1967 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1968 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
1969 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
1970 EQ_(crypt_token_status(cd, -1, NULL), CRYPT_TOKEN_INVALID);
1971 EQ_(crypt_token_status(cd, 32, NULL), CRYPT_TOKEN_INVALID);
1972 EQ_(crypt_token_status(cd, 0, NULL), CRYPT_TOKEN_INACTIVE);
1973 EQ_(crypt_token_status(cd, 31, NULL), CRYPT_TOKEN_INACTIVE);
1974 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1975 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 1);
1976 FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN_JSON_INVALID("\"0\"")), "Token validation failed");
1977 EQ_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN_JSON("\"0\"")), 0);
1978 EQ_(crypt_token_status(cd, 0, NULL), CRYPT_TOKEN_EXTERNAL);
1979 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr, 0), 0);
1980 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr, 0), "already active");
1981 OK_(crypt_deactivate(cd, CDEVICE_1));
1983 // write invalid token and verify that validate() can detect it after handler being registered
1984 EQ_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN1_JSON_INVALID("\"1\"")), 1);
1985 EQ_(crypt_token_status(cd, 1, NULL), CRYPT_TOKEN_EXTERNAL_UNKNOWN);
1986 EQ_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN1_JSON("\"1\"")), 2);
1987 EQ_(crypt_token_status(cd, 2, &dummy), CRYPT_TOKEN_EXTERNAL_UNKNOWN);
1988 OK_(strcmp(dummy, "test_token1"));
1989 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, passptr1, 0), "Unknown token handler");
1990 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), "Unknown token handler");
1991 OK_(crypt_token_register(&th3));
1992 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, passptr1, 0), "Token validation failed");
1993 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), 1);
1994 OK_(crypt_deactivate(cd, CDEVICE_1));
1996 // test crypt_token_json_get returns correct token id
1997 EQ_(crypt_token_json_get(cd, 2, &dummy), 2);
1999 // exercise assign/unassign keyslots API
2000 EQ_(crypt_token_unassign_keyslot(cd, 2, 1), 2);
2001 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), "Token assigned to no keyslot");
2002 EQ_(crypt_token_assign_keyslot(cd, 2, 0), 2);
2003 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), "Wrong passphrase");
2004 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0);
2005 OK_(crypt_deactivate(cd, CDEVICE_1));
2006 EQ_(crypt_token_json_set(cd, 1, NULL), 1);
2007 FAIL_(crypt_token_json_get(cd, 1, &dummy), "Token is not there");
2008 EQ_(crypt_token_unassign_keyslot(cd, 2, CRYPT_ANY_SLOT), 2);
2009 EQ_(crypt_token_unassign_keyslot(cd, 0, CRYPT_ANY_SLOT), 0);
2011 // various tests related to unassigned keyslot to volume segment
2012 EQ_(crypt_keyslot_add_by_key(cd, 3, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 3);
2013 EQ_(crypt_token_assign_keyslot(cd, 2, 0), 2);
2014 EQ_(crypt_token_assign_keyslot(cd, 0, 3), 0);
2016 EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, 0), 0);
2017 EQ_(crypt_activate_by_token(cd, NULL, 0, passptr1, CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 3);
2018 // FIXME: useless error message here (or missing one to be specific)
2019 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr1, 0), "No volume key available in token keyslots");
2020 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0);
2021 OK_(crypt_deactivate(cd, CDEVICE_1));
2022 EQ_(crypt_token_assign_keyslot(cd, 0, 1), 0);
2023 OK_(crypt_token_is_assigned(cd, 0, 1));
2024 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr1, 0), 1);
2025 OK_(crypt_deactivate(cd, CDEVICE_1));
2027 EQ_(crypt_token_assign_keyslot(cd, 2, 3), 2);
2028 OK_(crypt_token_is_assigned(cd, 2, 3));
2029 EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, 0), 0);
2030 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0);
2031 OK_(crypt_deactivate(cd, CDEVICE_1));
2033 #ifdef KERNEL_KEYRING
2034 if (t_dm_crypt_keyring_support()) {
2035 EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, CRYPT_ACTIVATE_KEYRING_KEY), 0);
2036 OK_(_volume_key_in_keyring(cd, 0));
2038 OK_(crypt_volume_key_keyring(cd, 0));
2040 FAIL_(crypt_activate_by_token(cd, NULL, 2, passptr, CRYPT_ACTIVATE_KEYRING_KEY), "Can't use keyring when disabled in library");
2041 OK_(crypt_volume_key_keyring(cd, 1));
2043 EQ_(crypt_token_luks2_keyring_set(cd, 5, ¶ms), 5);
2044 EQ_(crypt_token_status(cd, 5, &dummy), CRYPT_TOKEN_INTERNAL);
2045 OK_(strcmp(dummy, "luks2-keyring"));
2047 FAIL_(crypt_token_luks2_keyring_get(cd, 2, ¶ms), "Token is not luks2-keyring type");
2049 FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, BOGUS_TOKEN0_JSON), "luks2- reserved prefix.");
2050 FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, BOGUS_TOKEN1_JSON), "luks2- reserved prefix.");
2052 // test we can use crypt_token_json_set for valid luks2-keyring token
2053 FAIL_(crypt_token_json_set(cd, 12, LUKS2_KEYRING_TOKEN_JSON_BAD("\"0\"", "\"my_desc_x\"")), "Strict luks2-keyring token validation failed");
2054 EQ_(crypt_token_status(cd, 12, NULL), CRYPT_TOKEN_INACTIVE);
2055 FAIL_(crypt_token_json_set(cd, 12, LUKS2_KEYRING_TOKEN_JSON("\"5\"", "\"my_desc\"")), "Missing keyslot 5.");
2056 EQ_(crypt_token_json_set(cd, 10, LUKS2_KEYRING_TOKEN_JSON("\"1\"", "\"my_desc\"")), 10);
2057 EQ_(crypt_token_status(cd, 10, &dummy), CRYPT_TOKEN_INTERNAL);
2058 OK_(strcmp(dummy, "luks2-keyring"));
2059 params.key_description = NULL;
2060 EQ_(crypt_token_luks2_keyring_get(cd, 10, ¶ms), 10);
2061 OK_(strcmp(params.key_description, "my_desc"));
2063 OK_(crypt_token_is_assigned(cd, 10, 1));
2065 EQ_(crypt_token_is_assigned(cd, 10, 21), -ENOENT);
2066 EQ_(crypt_token_is_assigned(cd, 21, 1), -ENOENT);
2067 // wrong keyslot or token id tests
2068 EQ_(crypt_token_is_assigned(cd, -1, 1), -EINVAL);
2069 EQ_(crypt_token_is_assigned(cd, 32, 1), -EINVAL);
2070 EQ_(crypt_token_is_assigned(cd, 10, -1), -EINVAL);
2071 EQ_(crypt_token_is_assigned(cd, 10, 32), -EINVAL);
2072 EQ_(crypt_token_is_assigned(cd, -1, -1), -EINVAL);
2073 EQ_(crypt_token_is_assigned(cd, 32, 32), -EINVAL);
2075 // test crypt_keyslot_change_by_passphrase does not erase token references
2076 EQ_(crypt_keyslot_change_by_passphrase(cd, 1, 5, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE1, strlen(PASSPHRASE1)), 5);
2077 OK_(crypt_token_is_assigned(cd, 10, 5));
2078 ks = crypt_keyslot_change_by_passphrase(cd, 5, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE1, strlen(PASSPHRASE1));
2079 NOTFAIL_(ks, "Failed to change keyslot passphrase.");
2080 OK_(crypt_token_is_assigned(cd, 10, ks));
2083 // test token activation respects keyslot priorities
2084 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2085 OK_(set_fast_pbkdf(cd));
2086 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
2087 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2088 EQ_(crypt_keyslot_add_by_key(cd, 3, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 3);
2089 EQ_(crypt_keyslot_add_by_volume_key(cd, 5, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 5);
2090 EQ_(crypt_keyslot_add_by_volume_key(cd, 8, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 8);
2091 EQ_(crypt_keyslot_add_by_volume_key(cd, 12, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 12);
2092 EQ_(crypt_keyslot_add_by_volume_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 21);
2093 EQ_(crypt_keyslot_add_by_volume_key(cd, 31, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 31);
2095 OK_(crypt_keyslot_set_priority(cd, 0, CRYPT_SLOT_PRIORITY_IGNORE));
2096 OK_(crypt_keyslot_set_priority(cd, 3, CRYPT_SLOT_PRIORITY_PREFER));
2097 OK_(crypt_keyslot_set_priority(cd, 8, CRYPT_SLOT_PRIORITY_PREFER));
2098 OK_(crypt_keyslot_set_priority(cd, 12,CRYPT_SLOT_PRIORITY_PREFER));
2100 // expected unusable with CRYPT_ANY_TOKEN
2101 EQ_(crypt_token_json_set(cd, 1, TEST_TOKEN_JSON("\"0\", \"3\"")), 1);
2103 // expected unusable (-EPERM)
2104 EQ_(crypt_token_json_set(cd, 5, TEST_TOKEN_JSON("\"8\"")), 5);
2106 // expected unusable (-EPERM)
2107 EQ_(crypt_token_json_set(cd, 4, TEST_TOKEN_JSON("\"8\", \"3\"")), 4);
2109 // expected unusable (-ENOENT)
2110 EQ_(crypt_token_json_set(cd, 6, TEST_TOKEN_JSON("\"3\"")), 6);
2112 // expected unusable (-ENOENT)
2113 EQ_(crypt_token_json_set(cd, 11, TEST_TOKEN_JSON("")), 11);
2115 token_max = crypt_token_max(CRYPT_LUKS2) - 1;
2118 // expected to be used first with CRYPT_ANY_TOKEN (unlocks with high priority ks 12)
2119 EQ_(crypt_token_json_set(cd, token_max, TEST_TOKEN_JSON("\"12\", \"0\", \"3\"")), token_max);
2121 // expected usable with CRYPT_ANY_TOKEN
2122 EQ_(crypt_token_json_set(cd, 8, TEST_TOKEN_JSON("\"5\", \"0\", \"3\"")), 8);
2124 // of all tokens keyslot 12 has highest priority now
2125 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", CRYPT_ANY_TOKEN, NULL, 0, passptr, 0), 12);
2126 EQ_(crypt_activate_by_token_pin(cd, CDEVICE_1, "test_token", CRYPT_ANY_TOKEN, NULL, 0, passptr, 0), 12);
2127 OK_(crypt_deactivate(cd, CDEVICE_1));
2129 // with explicit token priority ignore may be used
2130 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 1, NULL, 0, passptr, 0), 0);
2131 EQ_(crypt_activate_by_token_pin(cd, CDEVICE_1, "test_token", 1, NULL, 0, passptr, 0), 0);
2132 OK_(crypt_deactivate(cd, CDEVICE_1));
2134 EQ_(crypt_token_json_set(cd, token_max, NULL), token_max);
2136 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", CRYPT_ANY_TOKEN, NULL, 0, passptr, 0), 5);
2138 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 5, NULL, 0, passptr, 0), -EPERM);
2139 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 4, NULL, 0, passptr, 0), -EPERM);
2141 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 6, NULL, 0, passptr, 0), -ENOENT);
2142 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 6, NULL, 0, passptr, CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 3);
2144 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 11, NULL, 0, passptr, 0), -ENOENT);
2145 EQ_(crypt_activate_by_token_pin(cd, NULL, "test_token", 11, NULL, 0, passptr, CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), -ENOENT);
2147 // test crypt_resume_by_token_pin
2148 EQ_(crypt_activate_by_token_pin(cd, CDEVICE_1, "test_token", CRYPT_ANY_TOKEN, NULL, 0, passptr, 0), 5);
2149 OK_(crypt_suspend(cd, CDEVICE_1));
2150 EQ_(crypt_resume_by_token_pin(cd, CDEVICE_1, "test_token", CRYPT_ANY_TOKEN, NULL, 0, passptr), 5);
2151 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
2152 EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
2153 OK_(crypt_deactivate(cd, CDEVICE_1));
2156 EQ_(crypt_token_max(CRYPT_LUKS2), 32);
2157 FAIL_(crypt_token_max(CRYPT_LUKS1), "No token support in LUKS1");
2158 FAIL_(crypt_token_max(NULL), "No LUKS format specified");
2159 _cleanup_dmdevices();
2162 static void LuksConvert(void)
2164 uint64_t offset, r_payload_offset;
2166 const char *json = "{\"type\":\"convert_block\",\"keyslots\":[]}";
2167 const struct crypt_pbkdf_type argon = {
2168 .type = CRYPT_KDF_ARGON2I,
2171 .max_memory_kb = 1024,
2172 .parallel_threads = 1
2174 .type = CRYPT_KDF_PBKDF2,
2179 struct crypt_params_luks1 luks1 = {
2181 .data_device = DMDIR L_DEVICE_1S
2184 struct crypt_params_luks2 luks2 = {
2189 const char *cipher = "aes";
2190 const char *cipher_mode = "xts-plain64";
2192 // prepare the device
2193 OK_(crypt_init(&cd, DEVICE_1));
2194 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
2195 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, NULL, 32, NULL));
2196 offset = crypt_get_data_offset(cd);
2197 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2198 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 7);
2201 // convert LUKSv1 -> LUKSv2
2202 OK_(crypt_init(&cd, DEVICE_1));
2203 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2204 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "format is already LUKSv1");
2205 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2206 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "device is active");
2207 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2208 OK_(crypt_deactivate(cd, CDEVICE_1));
2209 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2210 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2214 OK_(crypt_init(&cd, DEVICE_1));
2215 FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "wrong luks format");
2216 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2217 EQ_(crypt_get_data_offset(cd), offset);
2218 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2219 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2220 OK_(crypt_deactivate(cd, CDEVICE_1));
2221 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), 0), 7);
2222 OK_(crypt_deactivate(cd, CDEVICE_1));
2223 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "format is already LUKSv2");
2224 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2227 // convert LUKSv2 -> LUKSv1
2228 OK_(crypt_init(&cd, DEVICE_1));
2229 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2230 EQ_(crypt_get_data_offset(cd), offset);
2231 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2232 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "device is active");
2233 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2234 OK_(crypt_deactivate(cd, CDEVICE_1));
2235 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2236 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2240 OK_(crypt_init(&cd, DEVICE_1));
2241 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "wrong luks format");
2242 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2243 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2244 EQ_(crypt_get_data_offset(cd), offset);
2245 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2246 OK_(crypt_deactivate(cd, CDEVICE_1));
2247 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), 0), 7);
2248 OK_(crypt_deactivate(cd, CDEVICE_1));
2249 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "format is already LUKSv1");
2250 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2253 // exercice non-pbkdf2 LUKSv2 conversion
2255 OK_(crypt_init(&cd, DEVICE_1));
2256 OK_(crypt_set_data_offset(cd, offset));
2257 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
2258 OK_(crypt_set_pbkdf_type(cd, &argon));
2259 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2260 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Incompatible pbkdf with LUKSv1 format");
2264 // exercice non LUKS1 compatible keyslot
2265 OK_(crypt_init(&cd, DEVICE_1));
2266 OK_(crypt_set_data_offset(cd, offset));
2267 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
2268 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2269 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
2270 // FIXME: following test fails as expected but for a different reason
2271 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Unassigned keyslots are incompatible with LUKSv1 format");
2274 // exercice LUKSv2 conversion with single pbkdf2 keyslot being active
2275 OK_(crypt_init(&cd, DEVICE_1));
2276 OK_(crypt_set_data_offset(cd, offset));
2277 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2278 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
2279 offset = crypt_get_data_offset(cd);
2280 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2282 OK_(crypt_set_pbkdf_type(cd, &argon));
2283 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 1);
2284 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Different hash for digest and keyslot.");
2285 OK_(crypt_keyslot_destroy(cd, 1));
2287 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2288 EQ_(crypt_get_data_offset(cd), offset);
2290 OK_(crypt_init(&cd, DEVICE_1));
2291 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2292 EQ_(crypt_get_data_offset(cd), offset);
2293 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2296 // do not allow conversion on keyslot No > 7
2297 OK_(crypt_init(&cd, DEVICE_1));
2298 OK_(crypt_set_data_offset(cd, offset));
2299 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
2300 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2301 EQ_(crypt_keyslot_add_by_volume_key(cd, 8, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 8);
2302 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Can't convert keyslot No 8");
2305 // do not allow conversion with token
2306 OK_(crypt_init(&cd, DEVICE_1));
2307 OK_(crypt_set_data_offset(cd, offset));
2308 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
2309 OK_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, json));
2310 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Can't convert header with token.");
2313 // should be enough for both luks1 and luks2 devices with all vk lengths
2314 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
2315 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
2317 // do not allow conversion for legacy luks1 device (non-aligned keyslot offset)
2318 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_256_LEGACY " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2319 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2320 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2321 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "Can't convert device with unaligned keyslot offset");
2325 * do not allow conversion on images if there's not enough space between
2326 * last keyslot and data offset (should not happen on headers created
2329 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_256_UNMOVABLE " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2330 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2331 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2332 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "Can't convert device with unaligned keyslot offset");
2335 // compat conversion tests
2339 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_128 " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2341 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2342 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2343 offset = crypt_get_data_offset(cd);
2344 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2345 EQ_(crypt_get_data_offset(cd), offset);
2346 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2347 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2348 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2350 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2351 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2352 EQ_(crypt_get_data_offset(cd), offset);
2353 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2354 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2358 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_256 " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2360 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2361 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2362 offset = crypt_get_data_offset(cd);
2363 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2364 EQ_(crypt_get_data_offset(cd), offset);
2365 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2366 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2367 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2369 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2370 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2371 EQ_(crypt_get_data_offset(cd), offset);
2372 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2373 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2377 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_512 " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2379 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2380 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2381 offset = crypt_get_data_offset(cd);
2382 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2383 EQ_(crypt_get_data_offset(cd), offset);
2384 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2385 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2386 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2388 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2389 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2390 EQ_(crypt_get_data_offset(cd), offset);
2391 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2392 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2395 // detached LUKS1 header conversion
2396 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_128_DET));
2397 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2398 offset = crypt_get_data_offset(cd);
2399 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2400 EQ_(crypt_get_data_offset(cd), offset);
2401 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2402 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2403 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2405 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_128_DET));
2406 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2407 EQ_(crypt_get_data_offset(cd), offset);
2408 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2409 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2413 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_256_DET));
2414 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2415 offset = crypt_get_data_offset(cd);
2416 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2417 EQ_(crypt_get_data_offset(cd), offset);
2418 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2419 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2420 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2422 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_256_DET));
2423 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2424 EQ_(crypt_get_data_offset(cd), offset);
2425 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2426 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2430 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_512_DET));
2431 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2432 offset = crypt_get_data_offset(cd);
2433 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2434 EQ_(crypt_get_data_offset(cd), offset);
2435 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2436 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2437 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2439 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_512_DET));
2440 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2441 EQ_(crypt_get_data_offset(cd), offset);
2442 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2443 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2448 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_128 " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2450 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2451 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2452 offset = crypt_get_data_offset(cd);
2453 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2454 EQ_(crypt_get_data_offset(cd), offset);
2455 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2456 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2457 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2459 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2460 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2461 EQ_(crypt_get_data_offset(cd), offset);
2462 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2463 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2466 // 128b all LUKS1 keyslots used
2467 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_128_FULL " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2468 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2469 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2470 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2471 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2473 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2474 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2475 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2476 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2477 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2478 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2479 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2480 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2481 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2482 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2486 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_256 " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2488 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2489 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2490 offset = crypt_get_data_offset(cd);
2491 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2492 EQ_(crypt_get_data_offset(cd), offset);
2493 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2494 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2495 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2497 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2498 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2499 EQ_(crypt_get_data_offset(cd), offset);
2500 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2501 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2504 // 256b all LUKS1 keyslots used
2505 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_256_FULL " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2506 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2507 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2508 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2509 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2511 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2512 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2513 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2514 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2515 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2516 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2517 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2518 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2519 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2520 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2524 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_512 " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2526 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2527 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2528 offset = crypt_get_data_offset(cd);
2529 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2530 EQ_(crypt_get_data_offset(cd), offset);
2531 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2532 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2533 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2535 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2536 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2537 EQ_(crypt_get_data_offset(cd), offset);
2538 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2539 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2542 // 512b all LUKS1 keyslots used
2543 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_512_FULL " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2544 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2545 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2546 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2547 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2549 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2550 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2551 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2552 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2553 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2554 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2555 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2556 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2557 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2558 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2563 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET));
2564 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2565 offset = crypt_get_data_offset(cd);
2566 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2567 EQ_(crypt_get_data_offset(cd), offset);
2568 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2569 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2570 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2572 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET));
2573 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2574 EQ_(crypt_get_data_offset(cd), offset);
2575 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2576 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2579 // 128b all LUKS1 keyslots used
2580 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET_FULL));
2581 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2582 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2583 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2585 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET_FULL));
2586 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2587 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2588 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2589 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2590 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2591 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2592 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2593 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2594 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2598 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET));
2599 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2600 offset = crypt_get_data_offset(cd);
2601 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2602 EQ_(crypt_get_data_offset(cd), offset);
2603 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2604 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2605 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2607 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET));
2608 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2609 EQ_(crypt_get_data_offset(cd), offset);
2610 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2611 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2614 // 256b all LUKS1 keyslots used
2615 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET_FULL));
2616 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2617 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2618 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2620 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET_FULL));
2621 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2622 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2623 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2624 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2625 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2626 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2627 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2628 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2629 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2633 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET));
2634 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2635 offset = crypt_get_data_offset(cd);
2636 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2637 EQ_(crypt_get_data_offset(cd), offset);
2638 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2639 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2640 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2642 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET));
2643 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2644 EQ_(crypt_get_data_offset(cd), offset);
2645 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2646 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2649 // 512b all LUKS1 keyslots used
2650 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET_FULL));
2651 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2652 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2653 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2655 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET_FULL));
2656 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2657 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2658 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2659 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2660 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2661 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2662 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2663 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2664 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2667 // detached LUKS1 header upconversion
2668 OK_(create_dmdevice_over_loop(H_DEVICE, 2050)); // default LUKS1 header should fit there
2669 OK_(crypt_init(&cd, DMDIR H_DEVICE));
2670 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
2671 OK_(crypt_format(cd, CRYPT_LUKS1, "aes", "xts-plain64", NULL, NULL, 32, &luks1));
2672 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 7);
2673 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "Unable to move keyslots. Not enough space.");
2676 // 2050 sectors, empty file
2677 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL_2));
2678 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
2679 OK_(crypt_format(cd, CRYPT_LUKS1, "aes", "xts-plain64", NULL, NULL, 32, &luks1));
2680 EQ_(crypt_get_data_offset(cd), 0);
2681 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 7);
2682 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2685 _cleanup_dmdevices();
2688 static void Pbkdf(void)
2690 const struct crypt_pbkdf_type *pbkdf;
2692 const char *cipher = "aes", *mode="xts-plain64";
2693 struct crypt_pbkdf_type argon2 = {
2694 .type = CRYPT_KDF_ARGON2I,
2695 .hash = default_luks1_hash,
2697 .max_memory_kb = 1024,
2698 .parallel_threads = 1
2700 .type = CRYPT_KDF_PBKDF2,
2701 .hash = default_luks1_hash,
2704 .type = "hamster_pbkdf",
2705 .hash = default_luks1_hash
2707 struct crypt_params_plain params = {
2713 struct crypt_params_luks1 luks1 = {
2714 .hash = "sha512", // test non-standard hash
2715 .data_alignment = 2048,
2718 uint64_t r_payload_offset;
2720 /* Only PBKDF2 is allowed in FIPS, these tests cannot be run. */
2724 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
2725 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
2727 NULL_(crypt_get_pbkdf_type_params(NULL));
2728 NULL_(crypt_get_pbkdf_type_params("suslik"));
2729 NOTNULL_(pbkdf = crypt_get_pbkdf_type_params(CRYPT_KDF_PBKDF2));
2730 OK_(strcmp(pbkdf->type, CRYPT_KDF_PBKDF2));
2731 NOTNULL_(pbkdf = crypt_get_pbkdf_type_params(CRYPT_KDF_ARGON2I));
2732 OK_(strcmp(pbkdf->type, CRYPT_KDF_ARGON2I));
2733 NOTNULL_(pbkdf = crypt_get_pbkdf_type_params(CRYPT_KDF_ARGON2ID));
2734 OK_(strcmp(pbkdf->type, CRYPT_KDF_ARGON2ID));
2736 // test empty context
2737 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2738 NULL_(crypt_get_pbkdf_type(cd));
2739 OK_(crypt_set_pbkdf_type(cd, &argon2));
2740 NOTNULL_(crypt_get_pbkdf_type(cd));
2741 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2742 NOTNULL_(crypt_get_pbkdf_type(cd));
2743 OK_(crypt_set_pbkdf_type(cd, NULL));
2744 NOTNULL_(crypt_get_pbkdf_type(cd));
2746 // test plain device
2747 OK_(crypt_format(cd, CRYPT_PLAIN, cipher, mode, NULL, NULL, 32, ¶ms));
2748 OK_(crypt_set_pbkdf_type(cd, &argon2));
2749 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2750 OK_(crypt_set_pbkdf_type(cd, NULL));
2751 NOTNULL_(crypt_get_pbkdf_type(cd));
2754 // test LUKSv1 device
2755 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2756 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, mode, NULL, NULL, 32, NULL));
2757 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Unsupported with non-LUKS2 devices");
2758 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2759 OK_(crypt_set_pbkdf_type(cd, NULL));
2760 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2761 EQ_(pbkdf->time_ms, default_luks1_iter_time);
2763 // test value set in crypt_set_iteration_time() can be obtained via following crypt_get_pbkdf_type()
2764 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2765 crypt_set_iteration_time(cd, 42);
2766 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, mode, NULL, NULL, 32, NULL));
2767 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2768 EQ_(pbkdf->time_ms, 42);
2769 // test crypt_get_pbkdf_type() returns expected values for LUKSv1
2770 OK_(strcmp(pbkdf->type, CRYPT_KDF_PBKDF2));
2771 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2772 EQ_(pbkdf->max_memory_kb, 0);
2773 EQ_(pbkdf->parallel_threads, 0);
2774 crypt_set_iteration_time(cd, 43);
2775 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2776 EQ_(pbkdf->time_ms, 43);
2778 // test whether crypt_get_pbkdf_type() after double crypt_load()
2779 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2780 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2781 crypt_set_iteration_time(cd, 42);
2782 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2783 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2784 EQ_(pbkdf->time_ms, 42);
2786 // test whether hash passed via *params in crypt_load() has higher priority
2787 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2788 crypt_set_iteration_time(cd, 1);
2789 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, mode, NULL, NULL, 32, &luks1));
2790 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2791 OK_(strcmp(pbkdf->hash, luks1.hash));
2792 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2793 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2794 OK_(strcmp(pbkdf->hash, luks1.hash));
2797 // test LUKSv2 device
2798 // test default values are set
2799 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2800 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, mode, NULL, NULL, 32, NULL));
2801 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2802 OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
2803 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2804 EQ_(pbkdf->time_ms, default_luks2_iter_time);
2805 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2806 EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
2807 // set and verify argon2 type
2808 OK_(crypt_set_pbkdf_type(cd, &argon2));
2809 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2810 OK_(strcmp(pbkdf->type, argon2.type));
2811 OK_(strcmp(pbkdf->hash, argon2.hash));
2812 EQ_(pbkdf->time_ms, argon2.time_ms);
2813 EQ_(pbkdf->max_memory_kb, argon2.max_memory_kb);
2814 EQ_(pbkdf->parallel_threads, argon2.parallel_threads);
2815 // set and verify pbkdf2 type
2816 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2817 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2818 OK_(strcmp(pbkdf->type, pbkdf2.type));
2819 OK_(strcmp(pbkdf->hash, pbkdf2.hash));
2820 EQ_(pbkdf->time_ms, pbkdf2.time_ms);
2821 EQ_(pbkdf->max_memory_kb, pbkdf2.max_memory_kb);
2822 EQ_(pbkdf->parallel_threads, pbkdf2.parallel_threads);
2823 // reset and verify default values
2824 crypt_set_iteration_time(cd, 1); // it's supposed to override this call
2825 OK_(crypt_set_pbkdf_type(cd, NULL));
2826 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2827 OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
2828 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2829 EQ_(pbkdf->time_ms, default_luks2_iter_time);
2830 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2831 EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
2832 // try to pass illegal values
2833 argon2.parallel_threads = 0;
2834 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Parallel threads can't be 0");
2835 argon2.parallel_threads = 1;
2836 argon2.max_memory_kb = 0;
2837 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Memory can't be 0");
2838 argon2.max_memory_kb = 1024;
2839 pbkdf2.parallel_threads = 1;
2840 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Parallel threads can't be set with pbkdf2 type");
2841 pbkdf2.parallel_threads = 0;
2842 pbkdf2.max_memory_kb = 512;
2843 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Memory can't be set with pbkdf2 type");
2844 FAIL_(crypt_set_pbkdf_type(cd, &bad), "Unknown type member");
2845 bad.type = CRYPT_KDF_PBKDF2;
2847 FAIL_(crypt_set_pbkdf_type(cd, &bad), "Hash member is empty");
2849 bad.hash = default_luks1_hash;
2850 FAIL_(crypt_set_pbkdf_type(cd, &bad), "Pbkdf type member is empty");
2851 bad.hash = "hamster_hash";
2852 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Unknown hash member");
2854 // test whether crypt_get_pbkdf_type() behaves accordingly after second crypt_load() call
2855 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2856 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2857 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2858 OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
2859 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2860 EQ_(pbkdf->time_ms, default_luks2_iter_time);
2861 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2862 EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
2863 crypt_set_iteration_time(cd, 1);
2864 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2865 OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
2866 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2867 EQ_(pbkdf->time_ms, 1);
2868 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2869 EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
2872 // test crypt_set_pbkdf_type() overwrites invalid value set by crypt_set_iteration_time()
2873 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2874 crypt_set_iteration_time(cd, 0);
2875 OK_(crypt_set_pbkdf_type(cd, &argon2));
2876 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2877 OK_(strcmp(pbkdf->type, argon2.type));
2878 EQ_(pbkdf->time_ms, argon2.time_ms);
2881 argon2.iterations = 33;
2882 argon2.flags = CRYPT_PBKDF_NO_BENCHMARK;
2883 OK_(crypt_set_pbkdf_type(cd, &argon2));
2884 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2885 EQ_(pbkdf->iterations, 33);
2886 EQ_(pbkdf->flags, CRYPT_PBKDF_NO_BENCHMARK);
2888 // time may be unset with iterations
2890 OK_(crypt_set_pbkdf_type(cd, &argon2));
2891 argon2.flags &= ~CRYPT_PBKDF_NO_BENCHMARK;
2892 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Illegal time value.");
2895 pbkdf2.flags = CRYPT_PBKDF_NO_BENCHMARK;
2896 pbkdf2.parallel_threads = 0;
2897 pbkdf2.max_memory_kb = 0;
2898 pbkdf2.iterations = 1000;
2899 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2900 pbkdf2.flags &= ~CRYPT_PBKDF_NO_BENCHMARK;
2901 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Illegal time value.");
2903 // hash is relevant only with pbkdf2
2906 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Hash is mandatory for pbkdf2");
2907 pbkdf2.hash = "sha256";
2908 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2911 argon2.hash = "sha256"; // will be ignored
2912 OK_(crypt_set_pbkdf_type(cd, &argon2));
2914 OK_(crypt_set_pbkdf_type(cd, &argon2));
2918 NOTNULL_(pbkdf = crypt_get_pbkdf_default(CRYPT_LUKS1));
2919 OK_(strcmp(pbkdf->type, CRYPT_KDF_PBKDF2));
2920 EQ_(pbkdf->time_ms, default_luks1_iter_time);
2921 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2922 EQ_(pbkdf->max_memory_kb, 0);
2923 EQ_(pbkdf->parallel_threads, 0);
2925 NOTNULL_(pbkdf = crypt_get_pbkdf_default(CRYPT_LUKS2));
2926 OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
2927 EQ_(pbkdf->time_ms, default_luks2_iter_time);
2928 OK_(strcmp(pbkdf->hash, default_luks1_hash));
2929 EQ_(pbkdf->max_memory_kb, default_luks2_memory_kb);
2930 EQ_(pbkdf->parallel_threads, default_luks2_parallel_threads);
2932 NULL_(pbkdf = crypt_get_pbkdf_default(CRYPT_PLAIN));
2934 _cleanup_dmdevices();
2937 static void Luks2KeyslotAdd(void)
2939 char key[128], key2[128], key_ret[128];
2940 const char *cipher = "aes", *cipher_mode="xts-plain64";
2941 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
2942 const char *vk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
2943 size_t key_ret_len, key_size = strlen(vk_hex) / 2;
2944 uint64_t r_payload_offset;
2945 struct crypt_pbkdf_type pbkdf = {
2949 .max_memory_kb = 32,
2950 .parallel_threads = 1,
2951 .flags = CRYPT_PBKDF_NO_BENCHMARK,
2953 struct crypt_params_luks2 params2 = {
2955 .sector_size = TST_SECTOR_SIZE
2958 crypt_decode_key(key, vk_hex, key_size);
2959 crypt_decode_key(key2, vk_hex2, key_size);
2961 /* Cannot use Argon2 in FIPS */
2963 pbkdf.type = CRYPT_KDF_PBKDF2;
2964 pbkdf.parallel_threads = 0;
2965 pbkdf.max_memory_kb = 0;
2966 pbkdf.iterations = 1000;
2969 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
2970 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
2972 /* test crypt_keyslot_add_by_key */
2973 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2974 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms2));
2975 EQ_(crypt_keyslot_add_by_key(cd, 1, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
2976 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
2977 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE_LAST);
2978 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_UNBOUND);
2979 /* must not activate volume with keyslot unassigned to a segment */
2980 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key2, key_size, 0), "Key doesn't match volume key digest");
2981 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), "Keyslot not assigned to volume");
2982 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), 0), "No keyslot assigned to volume with this passphrase");
2983 /* unusable for volume activation even in test mode */
2984 FAIL_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0), "Key doesn't match volume key digest");
2985 /* otoh passphrase check should pass */
2986 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 1);
2987 EQ_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 1);
2988 /* in general crypt_keyslot_add_by_key must allow any reasonable key size
2989 * even though such keyslot will not be usable for segment encryption */
2990 EQ_(crypt_keyslot_add_by_key(cd, 2, key2, key_size-1, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 2);
2991 EQ_(crypt_keyslot_add_by_key(cd, 3, key2, 13, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 3);
2993 FAIL_(crypt_keyslot_get_key_size(cd, CRYPT_ANY_SLOT), "Bad keyslot specification.");
2994 EQ_(crypt_get_volume_key_size(cd), key_size);
2995 EQ_(crypt_keyslot_get_key_size(cd, 0), key_size);
2996 EQ_(crypt_keyslot_get_key_size(cd, 1), key_size);
2997 EQ_(crypt_keyslot_get_key_size(cd, 2), key_size-1);
2998 EQ_(crypt_keyslot_get_key_size(cd, 3), 13);
3000 key_ret_len = key_size - 1;
3001 FAIL_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), "Wrong size");
3004 FAIL_(crypt_volume_key_get(cd, 2, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), "wrong size");
3005 EQ_(crypt_volume_key_get(cd, 3, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), 3);
3006 FAIL_(crypt_activate_by_volume_key(cd, NULL, key_ret, key_ret_len, 0), "Not a volume key");
3007 key_ret_len = key_size;
3008 EQ_(crypt_volume_key_get(cd, 1, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), 1);
3010 /* test force volume key change works as expected */
3011 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 0, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), 1);
3012 OK_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0));
3013 OK_(crypt_activate_by_volume_key(cd, NULL, key_ret, key_ret_len, 0));
3014 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key2, key_size, 0));
3015 OK_(crypt_deactivate(cd, CDEVICE_1));
3016 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), 1);
3017 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), 1);
3018 OK_(crypt_deactivate(cd, CDEVICE_1));
3019 /* old keyslot must be unusable */
3020 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Key doesn't match volume key digest");
3021 FAIL_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0), "Key doesn't match volume key digest");
3022 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), "Keyslot not assigned to volume");
3023 EQ_(crypt_keyslot_add_by_passphrase(cd, 5, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE1, strlen(PASSPHRASE1)), 5);
3024 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1)), 6);
3025 /* regression test. check new keyslot is properly assigned to new volume key digest */
3026 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 5, PASSPHRASE1, strlen(PASSPHRASE1), 0), 5);
3027 OK_(crypt_deactivate(cd, CDEVICE_1));
3028 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 6, PASSPHRASE1, strlen(PASSPHRASE1), 0), 6);
3029 OK_(crypt_deactivate(cd, CDEVICE_1));
3033 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3034 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms2));
3035 /* keyslot 0, volume key, digest 0 */
3036 EQ_(crypt_keyslot_add_by_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
3037 /* keyslot 1, unbound key, digest 1 */
3038 EQ_(crypt_keyslot_add_by_key(cd, 1, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3039 /* keyslot 2, unbound key, digest 1 */
3040 EQ_(crypt_keyslot_add_by_key(cd, 2, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE), 2);
3041 /* keyslot 3, unbound key, digest 2 */
3042 EQ_(crypt_keyslot_add_by_key(cd, 3, key2, key_size - 1, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE), 3);
3043 /* keyslot 4, unbound key, digest 1 */
3044 EQ_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE), 4);
3045 FAIL_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_SET), "Illegal");
3046 FAIL_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_SET | CRYPT_VOLUME_KEY_DIGEST_REUSE), "Illegal");
3047 /* Such key doesn't exist, nothing to reuse */
3048 FAIL_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key2, key_size - 2, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_DIGEST_REUSE), "Key digest doesn't match any existing.");
3049 /* Keyslot 5, volume key, digest 0 */
3050 EQ_(crypt_keyslot_add_by_key(cd, 5, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_DIGEST_REUSE), 5);
3052 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
3053 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), 1);
3054 OK_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0));
3055 FAIL_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0), "Not a volume key");
3056 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), 1);
3057 OK_(crypt_deactivate(cd, CDEVICE_1));
3058 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 2, PASSPHRASE1, strlen(PASSPHRASE1), 0), 2);
3059 OK_(crypt_deactivate(cd, CDEVICE_1));
3060 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), "No volume key keyslot");
3062 /* TODO: key is unusable with aes-xts */
3063 // FAIL_(crypt_keyslot_add_by_key(cd, 3, NULL, 0, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), "Unusable key with segment cipher");
3065 EQ_(crypt_keyslot_add_by_key(cd, 5, NULL, 0, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), 5);
3066 FAIL_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0), "Not a volume key");
3067 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 5, PASSPHRASE1, strlen(PASSPHRASE1), 0), 5);
3068 OK_(crypt_deactivate(cd, CDEVICE_1));
3072 _cleanup_dmdevices();
3075 static void Luks2KeyslotParams(void)
3077 char key[128], key2[128];
3078 const char *cipher = "aes", *cipher_mode="xts-plain64";
3079 const char *cipher_spec = "aes-xts-plain64", *cipher_keyslot = "aes-cbc-essiv:sha256";
3080 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
3081 const char *vk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
3082 size_t key_size_ret, key_size = strlen(vk_hex) / 2, keyslot_key_size = 16;
3083 uint64_t r_payload_offset;
3085 crypt_decode_key(key, vk_hex, key_size);
3086 crypt_decode_key(key2, vk_hex2, key_size);
3088 OK_(prepare_keyfile(KEYFILE1, PASSPHRASE, strlen(PASSPHRASE)));
3089 OK_(prepare_keyfile(KEYFILE2, PASSPHRASE1, strlen(PASSPHRASE1)));
3091 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
3092 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
3094 EQ_(key_size, 2 * keyslot_key_size);
3095 /* test crypt_keyslot_add_by_key */
3096 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3097 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
3098 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
3099 NULL_(crypt_keyslot_get_encryption(cd, 0, &key_size_ret));
3100 OK_(strcmp(crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size_ret), cipher_spec));
3101 EQ_(key_size_ret, key_size);
3104 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
3105 EQ_(1, crypt_keyslot_add_by_passphrase(cd, 1, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1,strlen(PASSPHRASE1)));
3106 EQ_(2, crypt_keyslot_add_by_key(cd, 2, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT));
3107 EQ_(6, crypt_keyslot_add_by_keyfile(cd, 6, KEYFILE1, 0, KEYFILE2, 0));
3109 // Slots with different encryption type
3110 OK_(crypt_keyslot_set_encryption(cd, cipher_keyslot, keyslot_key_size));
3111 OK_(strcmp(crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size_ret), cipher_keyslot));
3112 EQ_(key_size_ret, keyslot_key_size);
3114 EQ_(3, crypt_keyslot_add_by_volume_key(cd, 3, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
3115 EQ_(4, crypt_keyslot_add_by_passphrase(cd, 4, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1,strlen(PASSPHRASE1)));
3116 EQ_(5, crypt_keyslot_add_by_key(cd, 5, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT));
3117 EQ_(7, crypt_keyslot_add_by_keyfile(cd, 7, KEYFILE1, 0, KEYFILE2, 0));
3121 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3122 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3124 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE);
3125 OK_(strcmp(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), cipher_spec));
3126 EQ_(key_size_ret, key_size);
3128 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_ACTIVE);
3129 OK_(strcmp(crypt_keyslot_get_encryption(cd, 1, &key_size_ret), cipher_spec));
3130 EQ_(key_size_ret, key_size);
3132 EQ_(crypt_keyslot_status(cd, 2), CRYPT_SLOT_UNBOUND);
3133 OK_(strcmp(crypt_keyslot_get_encryption(cd, 2, &key_size_ret), cipher_spec));
3134 EQ_(key_size_ret, key_size);
3136 EQ_(crypt_keyslot_status(cd, 6), CRYPT_SLOT_ACTIVE);
3137 OK_(strcmp(crypt_keyslot_get_encryption(cd, 6, &key_size_ret), cipher_spec));
3138 EQ_(key_size_ret, key_size);
3140 EQ_(crypt_keyslot_status(cd, 3), CRYPT_SLOT_ACTIVE);
3141 OK_(strcmp(crypt_keyslot_get_encryption(cd, 3, &key_size_ret), cipher_keyslot));
3142 EQ_(key_size_ret, keyslot_key_size);
3144 EQ_(crypt_keyslot_status(cd, 4), CRYPT_SLOT_ACTIVE);
3145 OK_(strcmp(crypt_keyslot_get_encryption(cd, 4, &key_size_ret), cipher_keyslot));
3146 EQ_(key_size_ret, keyslot_key_size);
3148 EQ_(crypt_keyslot_status(cd, 5), CRYPT_SLOT_UNBOUND);
3149 OK_(strcmp(crypt_keyslot_get_encryption(cd, 5, &key_size_ret), cipher_keyslot));
3150 EQ_(key_size_ret, keyslot_key_size);
3152 EQ_(crypt_keyslot_status(cd, 7), CRYPT_SLOT_ACTIVE);
3153 OK_(strcmp(crypt_keyslot_get_encryption(cd, 7, &key_size_ret), cipher_keyslot));
3154 EQ_(key_size_ret, keyslot_key_size);
3156 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
3157 EQ_(8, crypt_keyslot_change_by_passphrase(cd, 1, 8, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE, strlen(PASSPHRASE)));
3158 OK_(strcmp(crypt_keyslot_get_encryption(cd, 8, &key_size_ret), cipher_spec));
3159 EQ_(key_size_ret, key_size);
3161 /* Revert to default */
3162 EQ_(9, crypt_keyslot_change_by_passphrase(cd, 5, 9, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE, strlen(PASSPHRASE)));
3163 OK_(strcmp(crypt_keyslot_get_encryption(cd, 9, &key_size_ret), cipher_spec));
3164 EQ_(key_size_ret, key_size);
3166 /* Set new encryption params */
3167 OK_(crypt_keyslot_set_encryption(cd, cipher_keyslot, keyslot_key_size));
3169 EQ_(1, crypt_keyslot_change_by_passphrase(cd, 8, 1, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1, strlen(PASSPHRASE1)));
3170 OK_(strcmp(crypt_keyslot_get_encryption(cd, 1, &key_size_ret), cipher_keyslot));
3171 EQ_(key_size_ret, keyslot_key_size);
3173 EQ_(10, crypt_keyslot_change_by_passphrase(cd, 2, 10, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE, strlen(PASSPHRASE)));
3174 OK_(strcmp(crypt_keyslot_get_encryption(cd, 10, &key_size_ret), cipher_keyslot));
3175 EQ_(key_size_ret, keyslot_key_size);
3177 EQ_(0, crypt_keyslot_change_by_passphrase(cd, 0, 0, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1, strlen(PASSPHRASE1)));
3178 OK_(strcmp(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), cipher_keyslot));
3179 EQ_(key_size_ret, keyslot_key_size);
3183 /* LUKS1 compatible calls */
3184 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3185 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
3186 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, NULL));
3187 NULL_(crypt_keyslot_get_encryption(cd, 0, &key_size_ret));
3188 OK_(strcmp(crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size_ret), cipher_spec));
3189 EQ_(key_size_ret, key_size);
3190 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
3191 OK_(strcmp(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), cipher_spec));
3192 EQ_(key_size_ret, key_size);
3195 /* LUKS2 cipher null checks */
3196 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3197 OK_(crypt_set_pbkdf_type(cd, &min_pbkdf2));
3198 OK_(crypt_format(cd, CRYPT_LUKS2, "cipher_null", "ecb", NULL, key, key_size, NULL));
3199 FAIL_(crypt_keyslot_set_encryption(cd, "null", 32), "cipher null is not allowed");
3200 FAIL_(crypt_keyslot_set_encryption(cd, "cipher_null", 32), "cipher null is not allowed");
3201 FAIL_(crypt_keyslot_set_encryption(cd, "cipher_null-ecb", 32), "cipher null is not allowed");
3202 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
3203 NOTNULL_(crypt_keyslot_get_encryption(cd, 0, &key_size_ret));
3204 NULL_(strstr(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), "null"));
3207 _cleanup_dmdevices();
3211 static void Luks2ActivateByKeyring(void)
3213 #ifdef KERNEL_KEYRING
3215 key_serial_t kid, kid1;
3216 uint64_t r_payload_offset;
3218 const char *cipher = "aes";
3219 const char *cipher_mode = "xts-plain64";
3221 if (!t_dm_crypt_keyring_support()) {
3222 printf("WARNING: Kernel keyring not supported, skipping test.\n");
3226 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
3227 NOTFAIL_(kid, "Test or kernel keyring are broken.");
3228 kid1 = add_key("user", KEY_DESC_TEST1, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
3229 NOTFAIL_(kid1, "Test or kernel keyring are broken.");
3231 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
3232 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
3234 // prepare the device
3235 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3236 OK_(set_fast_pbkdf(cd));
3237 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
3238 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
3239 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3240 EQ_(crypt_keyslot_add_by_volume_key(cd, 2, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 2);
3243 // FIXME: all following tests work as expected but most error messages are missing
3244 // check activate by keyring works exactly same as by passphrase
3245 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3246 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3247 EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, 0), 0);
3248 EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0), 0);
3249 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
3250 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0), "already open");
3251 OK_(crypt_deactivate(cd, CDEVICE_1));
3252 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
3253 EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 1, CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 1);
3254 EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 2, 0), 2);
3255 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, 1, 0), "Keyslot not assigned to volume");
3256 EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, 2, 0), 2);
3257 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
3258 OK_(crypt_deactivate(cd, CDEVICE_1));
3259 EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, CRYPT_ANY_SLOT, 0), 2);
3260 OK_(crypt_deactivate(cd, CDEVICE_1));
3261 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 2, 0), "Failed to unclock keyslot");
3262 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 0, 0), "Failed to unclock keyslot");
3265 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
3266 NOTFAIL_(keyctl_unlink(kid1, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
3268 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3269 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3270 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, CRYPT_ANY_SLOT, 0), "no such key in keyring");
3271 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, CRYPT_ANY_SLOT, 0), "no such key in keyring");
3272 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, 2, 0), "no such key in keyring");
3273 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 1, 0), "no such key in keyring");
3275 _cleanup_dmdevices();
3277 printf("WARNING: cryptsetup compiled with kernel keyring service disabled, skipping test.\n");
3281 static void Luks2Requirements(void)
3285 size_t key_size = 128;
3286 const struct crypt_pbkdf_type *pbkdf;
3287 #ifdef KERNEL_KEYRING
3291 uint64_t dummy, r_payload_offset;
3292 struct crypt_active_device cad;
3294 const char *token, *json = "{\"type\":\"test_token\",\"keyslots\":[]}";
3295 struct crypt_pbkdf_type argon2 = {
3296 .type = CRYPT_KDF_ARGON2I,
3297 .hash = default_luks1_hash,
3299 .max_memory_kb = 1024,
3300 .parallel_threads = 1
3302 .type = CRYPT_KDF_PBKDF2,
3303 .hash = default_luks1_hash,
3306 struct crypt_token_params_luks2_keyring params_get, params = {
3307 .key_description = KEY_DESC_TEST0
3310 OK_(prepare_keyfile(KEYFILE1, PASSPHRASE, strlen(PASSPHRASE)));
3311 OK_(prepare_keyfile(KEYFILE2, PASSPHRASE1, strlen(PASSPHRASE1)));
3313 /* crypt_load (unrestricted) */
3314 OK_(crypt_init(&cd, DEVICE_5));
3315 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
3318 OK_(crypt_init(&cd, DEVICE_5));
3319 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3321 /* crypt_dump (unrestricted) */
3323 OK_(crypt_dump(cd));
3324 OK_(!(global_lines != 0));
3327 /* get & set pbkdf params (unrestricted) */
3329 OK_(crypt_set_pbkdf_type(cd, &argon2));
3330 NOTNULL_(crypt_get_pbkdf_type(cd));
3333 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
3334 NOTNULL_(crypt_get_pbkdf_type(cd));
3336 /* crypt_set_iteration_time (unrestricted) */
3337 crypt_set_iteration_time(cd, 1);
3338 pbkdf = crypt_get_pbkdf_type(cd);
3340 EQ_(pbkdf->time_ms, 1);
3342 /* crypt_convert (restricted) */
3343 FAIL_((r = crypt_convert(cd, CRYPT_LUKS1, NULL)), "Unmet requirements detected");
3346 /* crypt_set_uuid (restricted) */
3347 FAIL_((r = crypt_set_uuid(cd, NULL)), "Unmet requirements detected");
3350 /* crypt_set_label (restricted) */
3351 FAIL_((r = crypt_set_label(cd, "label", "subsystem")), "Unmet requirements detected");
3354 /* crypt_get_label (unrestricted) */
3355 NOTNULL_(crypt_get_label(cd));
3356 OK_(strcmp("", crypt_get_label(cd)));
3357 /* crypt_get_subsystem (unrestricted) */
3358 NOTNULL_(crypt_get_subsystem(cd));
3359 OK_(strcmp("", crypt_get_subsystem(cd)));
3361 /* crypt_repair (with current repair capabilities it's unrestricted) */
3362 OK_(crypt_repair(cd, CRYPT_LUKS2, NULL));
3364 /* crypt_keyslot_add_passphrase (restricted) */
3365 FAIL_((r = crypt_keyslot_add_by_passphrase(cd, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), "bbb", 3)), "Unmet requirements detected");
3368 /* crypt_keyslot_change_by_passphrase (restricted) */
3369 FAIL_((r = crypt_keyslot_change_by_passphrase(cd, CRYPT_ANY_SLOT, 9, PASSPHRASE, strlen(PASSPHRASE), "bbb", 3)), "Unmet requirements detected");
3372 /* crypt_keyslot_add_by_keyfile (restricted) */
3373 FAIL_((r = crypt_keyslot_add_by_keyfile(cd, CRYPT_ANY_SLOT, KEYFILE1, 0, KEYFILE2, 0)), "Unmet requirements detected");
3376 /* crypt_keyslot_add_by_keyfile_offset (restricted) */
3377 FAIL_((r = crypt_keyslot_add_by_keyfile_offset(cd, CRYPT_ANY_SLOT, KEYFILE1, 0, 0, KEYFILE2, 0, 0)), "Unmet requirements detected");
3380 /* crypt_volume_key_get (unrestricted, but see below) */
3381 OK_(crypt_volume_key_get(cd, 0, key, &key_size, PASSPHRASE, strlen(PASSPHRASE)));
3383 /* crypt_keyslot_add_by_volume_key (restricted) */
3384 FAIL_((r = crypt_keyslot_add_by_volume_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1))), "Unmet requirements detected");
3387 /* crypt_keyslot_add_by_key (restricted) */
3388 FAIL_((r = crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, NULL, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT)), "Unmet requirements detected");
3391 /* crypt_keyslot_add_by_key (restricted) */
3392 FAIL_((r = crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), 0)), "Unmet requirements detected");
3395 /* crypt_persistent_flasgs_set (restricted) */
3396 FAIL_((r = crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, CRYPT_ACTIVATE_ALLOW_DISCARDS)), "Unmet requirements detected");
3399 /* crypt_persistent_flasgs_get (unrestricted) */
3400 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &flags));
3401 EQ_(flags, CRYPT_REQUIREMENT_UNKNOWN);
3403 /* crypt_activate_by_passphrase (restricted for activation only) */
3404 FAIL_((r = crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0)), "Unmet requirements detected");
3406 OK_(crypt_activate_by_passphrase(cd, NULL, 0, PASSPHRASE, strlen(PASSPHRASE), 0));
3407 OK_(crypt_activate_by_passphrase(cd, NULL, 0, PASSPHRASE, strlen(PASSPHRASE), t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3408 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
3410 /* crypt_activate_by_keyfile (restricted for activation only) */
3411 FAIL_((r = crypt_activate_by_keyfile(cd, CDEVICE_1, 0, KEYFILE1, 0, 0)), "Unmet requirements detected");
3413 OK_(crypt_activate_by_keyfile(cd, NULL, 0, KEYFILE1, 0, 0));
3414 OK_(crypt_activate_by_keyfile(cd, NULL, 0, KEYFILE1, 0, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3416 /* crypt_activate_by_volume_key (restricted for activation only) */
3417 FAIL_((r = crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0)), "Unmet requirements detected");
3419 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
3420 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3422 #ifdef KERNEL_KEYRING
3423 if (t_dm_crypt_keyring_support()) {
3424 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
3425 NOTFAIL_(kid, "Test or kernel keyring are broken.");
3427 /* crypt_activate_by_keyring (restricted for activation only) */
3428 FAIL_((r = crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0)), "Unmet requirements detected");
3429 EQ_(r, t_dm_crypt_keyring_support() ? -ETXTBSY : -EINVAL);
3430 OK_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, 0));
3431 OK_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, CRYPT_ACTIVATE_KEYRING_KEY));
3433 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
3437 /* crypt_volume_key_verify (unrestricted) */
3438 OK_(crypt_volume_key_verify(cd, key, key_size));
3440 /* crypt_get_cipher (unrestricted) */
3441 OK_(strcmp(crypt_get_cipher(cd)?:"", "aes"));
3443 /* crypt_get_cipher_mode (unrestricted) */
3444 OK_(strcmp(crypt_get_cipher_mode(cd)?:"", "xts-plain64"));
3446 /* crypt_get_uuid (unrestricted) */
3447 NOTNULL_(crypt_get_uuid(cd));
3449 /* crypt_get_device_name (unrestricted) */
3450 NOTNULL_(crypt_get_device_name(cd));
3452 /* crypt_get_data_offset (unrestricted) */
3453 OK_(!crypt_get_data_offset(cd));
3455 /* crypt_get_iv_offset (unrestricted, nothing to test) */
3457 /* crypt_get_volume_key_size (unrestricted) */
3458 EQ_(crypt_get_volume_key_size(cd), key_size);
3460 /* crypt_keyslot_status (unrestricted) */
3461 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE_LAST);
3462 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_INACTIVE);
3464 /* crypt_keyslot_get_priority (unrestricted) */
3465 EQ_(crypt_keyslot_get_priority(cd, 0), CRYPT_SLOT_PRIORITY_NORMAL);
3467 /* crypt_keyslot_set_priority (restricted) */
3468 FAIL_((r = crypt_keyslot_set_priority(cd, 0, CRYPT_SLOT_PRIORITY_PREFER)), "Unmet requirements detected");
3471 /* crypt_keyslot_area (unrestricted) */
3472 OK_(crypt_keyslot_area(cd, 0, &dummy, &dummy));
3475 /* crypt_header_backup (unrestricted) */
3476 remove(BACKUP_FILE);
3477 OK_(crypt_header_backup(cd, CRYPT_LUKS, BACKUP_FILE));
3479 /* crypt_header_restore (restricted, do not drop the test until we have safe option) */
3480 FAIL_((r = crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE)), "Unmet requirements detected");
3482 remove(BACKUP_FILE);
3484 /* crypt_token_json_set (restricted) */
3485 FAIL_((r = crypt_token_json_set(cd, CRYPT_ANY_TOKEN, json)), "Unmet requirements detected");
3488 /* crypt_token_json_get (unrestricted) */
3489 OK_(crypt_token_json_get(cd, 0, &token));
3490 NOTNULL_(strstr(token, "user_type"));
3492 /* crypt_token_status (unrestricted) */
3493 EQ_(crypt_token_status(cd, 0, &token), CRYPT_TOKEN_EXTERNAL_UNKNOWN);
3494 OK_(strcmp(token, "user_type"));
3495 EQ_(crypt_token_status(cd, 1, &token), CRYPT_TOKEN_INTERNAL);
3496 OK_(strcmp(token, "luks2-keyring"));
3497 EQ_(crypt_token_status(cd, 2, NULL), CRYPT_TOKEN_INACTIVE);
3498 EQ_(crypt_token_status(cd, 6, &token), CRYPT_TOKEN_INTERNAL_UNKNOWN);
3500 /* crypt_token_luks2_keyring_set (restricted) */
3501 FAIL_((r = crypt_token_luks2_keyring_set(cd, CRYPT_ANY_TOKEN, ¶ms)), "Unmet requirements detected");
3504 /* crypt_token_luks2_keyring_get (unrestricted) */
3505 EQ_(crypt_token_luks2_keyring_get(cd, 1, ¶ms_get), 1);
3506 OK_(strcmp(params_get.key_description, KEY_DESC_TEST0));
3508 /* crypt_token_assign_keyslot (unrestricted) */
3509 FAIL_((r = crypt_token_assign_keyslot(cd, 0, 1)), "Unmet requirements detected");
3512 /* crypt_token_unassign_keyslot (unrestricted) */
3513 FAIL_((r = crypt_token_unassign_keyslot(cd, CRYPT_ANY_TOKEN, CRYPT_ANY_SLOT)), "Unmet requirements detected");
3516 /* crypt_activate_by_token (restricted for activation only) */
3517 #ifdef KERNEL_KEYRING
3518 if (t_dm_crypt_keyring_support()) {
3519 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
3520 NOTFAIL_(kid, "Test or kernel keyring are broken.");
3522 FAIL_((r = crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0)), ""); // supposed to be silent
3524 OK_(crypt_activate_by_token(cd, NULL, 1, NULL, 0));
3525 OK_(crypt_activate_by_token(cd, NULL, 1, NULL, CRYPT_ACTIVATE_KEYRING_KEY));
3527 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
3530 OK_(get_luks2_offsets(0, 8192, 0, NULL, &r_payload_offset));
3531 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 2));
3532 //OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" NO_REQS_LUKS2_HEADER " bs=4096 2>/dev/null", 1));
3533 OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3535 /* need to fake activated LUKSv2 device with requirements features */
3537 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3538 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
3539 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0));
3540 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
3541 /* replace header with no requirements */
3542 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3545 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DEVICE_5));
3547 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3549 /* crypt_header_restore (restricted with confirmation required) */
3550 /* allow force restore over device header w/ requirements */
3551 OK_(crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE));
3552 remove(BACKUP_FILE);
3553 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3554 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE)); /* create backup with requirements */
3556 /* crypt_suspend (restricted) */
3557 FAIL_((r = crypt_suspend(cd, CDEVICE_1)), "Unmet requirements detected");
3561 /* replace header again to suspend the device */
3562 OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3563 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3564 OK_(crypt_suspend(cd, CDEVICE_1));
3566 /* crypt_header_restore (restricted, do not drop the test until we have safe option) */
3567 /* refuse to overwrite header w/ backup including requirements */
3568 FAIL_((r = crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE)), "Unmet requirements detected");
3573 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3574 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3576 /* crypt_resume_by_passphrase (restricted) */
3577 FAIL_((r = crypt_resume_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE))), "Unmet requirements detected");
3580 /* crypt_resume_by_keyfile (restricted) */
3581 FAIL_((r = crypt_resume_by_keyfile(cd, CDEVICE_1, 0, KEYFILE1, 0)), "Unmet requirements detected");
3584 /* crypt_resume_by_keyfile_offset (restricted) */
3585 FAIL_((r = crypt_resume_by_keyfile_offset(cd, CDEVICE_1, 0, KEYFILE1, 0, 0)), "Unmet requirements detected");
3589 OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3590 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3591 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE)));
3593 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3595 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3596 /* load VK in keyring */
3597 OK_(crypt_activate_by_passphrase(cd, NULL, 0, PASSPHRASE, strlen(PASSPHRASE), t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3598 /* crypt_resize (restricted) */
3599 FAIL_((r = crypt_resize(cd, CDEVICE_1, 1)), "Unmet requirements detected");
3601 GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
3603 /* crypt_get_active_device (unrestricted) */
3604 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3605 #ifdef KERNEL_KEYRING
3606 if (t_dm_crypt_keyring_support())
3607 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY);
3610 /* crypt_deactivate (unrestricted) */
3611 OK_(crypt_deactivate(cd, CDEVICE_1));
3613 /* crypt_token_is_assigned (unrestricted) */
3614 OK_(crypt_token_is_assigned(cd, 1, 0));
3615 OK_(crypt_token_is_assigned(cd, 6, 0));
3616 EQ_(crypt_token_is_assigned(cd, 0, 0), -ENOENT);
3618 /* crypt_keyslot_destroy (unrestricted) */
3619 OK_(crypt_keyslot_destroy(cd, 0));
3622 _cleanup_dmdevices();
3625 static void Luks2Integrity(void)
3627 struct crypt_params_integrity ip = {};
3628 struct crypt_params_luks2 params = {
3630 .integrity = "hmac(sha256)"
3632 size_t key_size = 32 + 32;
3633 const char *cipher = "aes";
3634 const char *cipher_mode = "xts-random";
3637 // FIXME: This is just a stub
3638 OK_(crypt_init(&cd, DEVICE_2));
3639 ret = crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size, ¶ms);
3641 printf("WARNING: cannot format integrity device, skipping test.\n");
3646 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 7);
3647 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_2, 7, PASSPHRASE, strlen(PASSPHRASE) ,0), 7);
3648 GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
3651 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_2, NULL));
3652 OK_(crypt_get_integrity_info(cd, &ip));
3653 OK_(strcmp(cipher, crypt_get_cipher(cd)));
3654 OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
3655 OK_(strcmp("hmac(sha256)", ip.integrity));
3656 EQ_(32, ip.integrity_key_size);
3657 EQ_(32+16, ip.tag_size);
3658 OK_(crypt_deactivate(cd, CDEVICE_2));
3661 OK_(crypt_init(&cd, DEVICE_2));
3662 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size - 32, ¶ms), "Wrong key size.");
3663 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, "xts-plainx", NULL, NULL, key_size, ¶ms), "Wrong cipher.");
3667 static int check_flag(uint32_t flags, uint32_t flag)
3669 return (flags & flag) ? 0 : -1;
3672 static void Luks2Refresh(void)
3674 uint64_t r_payload_offset;
3675 char key[128], key1[128];
3676 const char *cipher = "aes", *mode = "xts-plain64";
3677 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c645be6a5b84818afe7a78a6de7a1a";
3678 const char *vk_hex2 = "bb22158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
3679 size_t key_size = strlen(vk_hex) / 2;
3680 struct crypt_params_luks2 params = {
3684 struct crypt_active_device cad = {};
3686 crypt_decode_key(key, vk_hex, key_size);
3687 crypt_decode_key(key1, vk_hex2, key_size);
3689 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
3690 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
3691 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset + 5000));
3692 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
3693 OK_(create_dmdevice_over_loop(H_DEVICE, r_payload_offset));
3695 /* prepare test device */
3696 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3697 OK_(set_fast_pbkdf(cd));
3698 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, mode, NULL, key, 32, NULL));
3699 OK_(crypt_keyslot_add_by_volume_key(cd, CRYPT_ANY_SLOT, key, 32, PASSPHRASE, strlen(PASSPHRASE)));
3700 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0));
3702 /* check we can refresh significant flags */
3703 if (t_dm_crypt_discard_support()) {
3704 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_ALLOW_DISCARDS));
3705 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3706 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_ALLOW_DISCARDS));
3710 if (t_dm_crypt_cpu_switch_support()) {
3711 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SAME_CPU_CRYPT));
3712 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3713 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SAME_CPU_CRYPT));
3716 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3717 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3718 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3721 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3722 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3723 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3727 OK_(crypt_volume_key_keyring(cd, 0));
3728 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH));
3729 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3730 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_KEYRING_KEY), "Unexpected flag raised.");
3733 #ifdef KERNEL_KEYRING
3734 if (t_dm_crypt_keyring_support()) {
3735 OK_(crypt_volume_key_keyring(cd, 1));
3736 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH));
3737 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3738 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_KEYRING_KEY));
3743 /* multiple flags at once */
3744 if (t_dm_crypt_discard_support() && t_dm_crypt_cpu_switch_support()) {
3745 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS | CRYPT_ACTIVATE_ALLOW_DISCARDS));
3746 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3747 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS | CRYPT_ACTIVATE_ALLOW_DISCARDS));
3751 /* do not allow reactivation with read-only (and drop flag silently because activation behaves exactly same) */
3752 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_READONLY));
3753 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3754 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_READONLY), "Reactivated with read-only flag.");
3757 /* reload flag is dropped silently */
3758 OK_(crypt_deactivate(cd, CDEVICE_1));
3759 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH));
3761 /* check read-only flag is not lost after reload */
3762 OK_(crypt_deactivate(cd, CDEVICE_1));
3763 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_READONLY));
3764 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH));
3765 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3766 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_READONLY));
3769 /* check LUKS2 with auth. enc. reload */
3770 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
3771 if (!crypt_format(cd2, CRYPT_LUKS2, "aes", "gcm-random", crypt_get_uuid(cd), key, 32, ¶ms)) {
3772 OK_(crypt_keyslot_add_by_volume_key(cd2, 0, key, 32, PASSPHRASE, strlen(PASSPHRASE)));
3773 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, 32, 0));
3774 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, 32, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_NO_JOURNAL));
3775 OK_(crypt_get_active_device(cd2, CDEVICE_2, &cad));
3776 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_NO_JOURNAL));
3778 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, 32, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_NO_JOURNAL | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3779 OK_(crypt_get_active_device(cd2, CDEVICE_2, &cad));
3780 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_NO_JOURNAL | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3782 OK_(crypt_activate_by_passphrase(cd2, CDEVICE_2, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH));
3783 OK_(crypt_get_active_device(cd2, CDEVICE_2, &cad));
3784 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_NO_JOURNAL), "");
3785 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS), "");
3786 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH), "Refreshed LUKS2 device with LUKS2/aead context");
3787 OK_(crypt_deactivate(cd2, CDEVICE_2));
3789 printf("WARNING: cannot format integrity device, skipping few reload tests.\n");
3793 /* Use LUKS1 context on LUKS2 device */
3794 OK_(crypt_init(&cd2, DMDIR L_DEVICE_1S));
3795 OK_(crypt_format(cd2, CRYPT_LUKS1, cipher, mode, crypt_get_uuid(cd), key, 32, NULL));
3796 OK_(crypt_keyslot_add_by_volume_key(cd2, CRYPT_ANY_SLOT, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)));
3797 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH), "Refreshed LUKS2 device with LUKS1 context");
3800 /* Use PLAIN context on LUKS2 device */
3801 OK_(crypt_init(&cd2, DMDIR L_DEVICE_1S));
3802 OK_(crypt_format(cd2, CRYPT_PLAIN, cipher, mode, NULL, key, 32, NULL));
3803 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
3804 FAIL_(crypt_activate_by_volume_key(cd2, CDEVICE_1, key, key_size, CRYPT_ACTIVATE_REFRESH), "Refreshed LUKS2 device with PLAIN context");
3805 OK_(crypt_deactivate(cd2, CDEVICE_2));
3808 /* (snapshot-like case) */
3809 /* try to refresh almost identical device (differs only in major:minor of data device) */
3810 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
3811 OK_(set_fast_pbkdf(cd2));
3812 OK_(crypt_format(cd2, CRYPT_LUKS2, cipher, mode, crypt_get_uuid(cd), key, 32, NULL));
3813 OK_(crypt_keyslot_add_by_volume_key(cd2, CRYPT_ANY_SLOT, key, 32, PASSPHRASE, strlen(PASSPHRASE)));
3814 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH), "Refreshed dm-crypt mapped over mismatching data device");
3816 OK_(crypt_deactivate(cd, CDEVICE_1));
3821 _cleanup_dmdevices();
3824 static void Luks2Flags(void)
3826 uint32_t flags = 42;
3828 OK_(crypt_init(&cd, DEVICE_1));
3829 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3831 /* check library erase passed variable on success when no flags set */
3832 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
3835 /* check set and get behave as expected */
3836 flags = CRYPT_ACTIVATE_ALLOW_DISCARDS;
3837 OK_(crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, flags));
3839 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
3840 EQ_(flags, CRYPT_ACTIVATE_ALLOW_DISCARDS);
3842 flags = CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS;
3843 OK_(crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, flags));
3844 flags = ~UINT32_C(0);
3845 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
3846 EQ_(flags,CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS);
3848 /* label and subsystem (second label */
3849 OK_(crypt_set_label(cd, "label", "subsystem"));
3850 OK_(strcmp("label", crypt_get_label(cd)));
3851 OK_(strcmp("subsystem", crypt_get_subsystem(cd)));
3853 OK_(crypt_set_label(cd, NULL, NULL));
3854 OK_(strcmp("", crypt_get_label(cd)));
3855 OK_(strcmp("", crypt_get_subsystem(cd)));
3860 #if KERNEL_KEYRING && USE_LUKS2_REENCRYPTION
3861 static int test_progress(uint64_t size __attribute__((unused)),
3862 uint64_t offset __attribute__((unused)),
3863 void *usrptr __attribute__((unused)))
3865 while (--test_progress_steps)
3870 static void Luks2Reencryption(void)
3872 /* reencryption currently depends on kernel keyring support */
3874 * - reencryption requires luks2 parameters. can we avoid it?
3877 uint64_t r_header_size, r_size_1;
3878 struct crypt_active_device cad;
3879 struct crypt_pbkdf_type pbkdf = {
3880 .type = CRYPT_KDF_ARGON2I,
3882 .parallel_threads = 1,
3883 .max_memory_kb = 128,
3885 .flags = CRYPT_PBKDF_NO_BENCHMARK
3887 struct crypt_params_luks2 params2 = {
3891 struct crypt_params_reencrypt retparams = {}, rparams = {
3892 .direction = CRYPT_REENCRYPT_FORWARD,
3893 .resilience = "checksum",
3899 const char *vk_hex = "bb21babe733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
3900 size_t key_size = strlen(vk_hex) / 2;
3903 crypt_decode_key(key, vk_hex, key_size);
3905 /* reencryption currently depends on kernel keyring support in dm-crypt */
3906 if (!t_dm_crypt_keyring_support())
3909 /* Cannot use Argon2 in FIPS */
3911 pbkdf.type = CRYPT_KDF_PBKDF2;
3912 pbkdf.parallel_threads = 0;
3913 pbkdf.max_memory_kb = 0;
3914 pbkdf.iterations = 1000;
3917 OK_(get_luks2_offsets(1, 0, 0, &r_header_size, NULL));
3918 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
3919 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 16));
3922 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3923 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3924 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3925 EQ_(crypt_keyslot_add_by_volume_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 21);
3927 /* add several unbound keys */
3928 EQ_(crypt_keyslot_add_by_key(cd, 9, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
3929 EQ_(crypt_keyslot_add_by_key(cd, 10, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 10);
3930 EQ_(crypt_keyslot_add_by_key(cd, 11, NULL, 42, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 11);
3931 EQ_(crypt_keyslot_status(cd, 21), CRYPT_SLOT_ACTIVE_LAST);
3933 /* test cipher parameters validation */
3934 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 11, "aes", "xts-plain64", &rparams), "Cipher not compatible with new volume key size.");
3935 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 10, "tHeHamstErciphErr", "xts-plain64", &rparams), "Wrong cipher.");
3936 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 10, "aes", "HamSterMoOode-plain64", &rparams), "Wrong mode.");
3938 /* test reencryption flags */
3939 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3940 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption not initialized.");
3941 rparams.flags |= CRYPT_REENCRYPT_INITIALIZE_ONLY;
3942 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid flags combination.");
3944 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3945 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0);
3946 FAIL_(crypt_reencrypt_run(cd, NULL, NULL), "Reencryption context not initialized.");
3948 rparams.flags &= ~CRYPT_REENCRYPT_RESUME_ONLY;
3949 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3950 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3951 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3953 /* check reencrypt status is correct */
3954 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
3955 EQ_(retparams.mode, CRYPT_REENCRYPT_REENCRYPT);
3956 EQ_(retparams.direction, CRYPT_REENCRYPT_FORWARD);
3957 EQ_(retparams.data_shift, 0);
3958 EQ_(retparams.device_size, 0);
3960 /* check reencryption flag in metadata */
3961 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3962 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3964 /* some parameters are expected to change immediately after reencryption initialization */
3965 EQ_(crypt_get_volume_key_size(cd), 64);
3966 OK_(strcmp(crypt_get_cipher_mode(cd), "xts-plain64"));
3967 EQ_(crypt_get_sector_size(cd), 4096);
3968 /* reencrypt keyslot must be unbound */
3969 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_UNBOUND);
3970 /* keyslot assigned to new segment is switched to last active */
3971 EQ_(crypt_keyslot_status(cd, 9), CRYPT_SLOT_ACTIVE_LAST);
3972 /* keyslot assigned to old segment remains active */
3973 EQ_(crypt_keyslot_status(cd, 21), CRYPT_SLOT_ACTIVE);
3975 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 10, "aes", "xts-plain", &rparams), "Reencryption already initialized.");
3978 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3979 OK_(crypt_reencrypt_run(cd, NULL, NULL));
3981 /* check keyslots are reassigned to segment after reencryption */
3982 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_INACTIVE);
3983 EQ_(crypt_keyslot_status(cd, 9), CRYPT_SLOT_ACTIVE_LAST);
3984 EQ_(crypt_keyslot_status(cd, 10), CRYPT_SLOT_UNBOUND);
3985 EQ_(crypt_keyslot_status(cd, 11), CRYPT_SLOT_UNBOUND);
3986 EQ_(crypt_keyslot_status(cd, 21), CRYPT_SLOT_INACTIVE);
3988 EQ_(crypt_keyslot_add_by_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 21);
3989 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
3990 params2.sector_size = 512;
3991 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
3993 /* fixed device size parameter impact */
3994 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3995 rparams.device_size = 24;
3996 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size.");
3997 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3998 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3999 rparams.device_size = 15;
4000 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size alignment.");
4001 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
4002 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
4003 FAIL_(crypt_reencrypt_run(cd, NULL, NULL), "Reencryption context not initialized.");
4004 rparams.device_size = 16;
4005 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
4006 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4007 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
4008 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0);
4010 /* limited hotzone size parameter impact */
4011 EQ_(crypt_keyslot_add_by_key(cd, 9, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
4012 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
4013 rparams.device_size = 0;
4014 params2.sector_size = 4096;
4015 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
4017 /* max hotzone size parameter impact */
4018 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4019 rparams.max_hotzone_size = 1;
4020 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid hotzone size alignment.");
4021 rparams.max_hotzone_size = 24; /* should be ok. Device size is 16 sectors and the parameter defines upper limit, not lower */
4022 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
4023 rparams.max_hotzone_size = 8;
4024 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
4027 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4028 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4029 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4031 rparams.max_hotzone_size = 0;
4032 rparams.resilience = "haMster";
4033 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid resilience mode.");
4034 rparams.resilience = "checksum";
4035 rparams.hash = "hamSter";
4036 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid resilience hash.");
4038 rparams.hash = "sha256";
4039 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
4040 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4042 /* FIXME: this is a bug, but not critical (data shift parameter is ignored after initialization) */
4043 //rparams.data_shift = 8;
4044 //FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid reencryption parameters.");
4046 EQ_(crypt_keyslot_add_by_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 21);
4048 rparams.resilience = "none";
4049 rparams.max_hotzone_size = 2048;
4050 /* online reencryption on inactive device */
4051 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Device is not active.");
4052 /* FIXME: this is minor bug. In fact we need only key from keyslot 9 */
4053 //EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 9, PASSPHRASE, strlen(PASSPHRASE), 0), 9);
4054 NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Failed to activate device.");
4055 /* offline reencryption on active device */
4056 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Device mounted or active.");
4057 OK_(crypt_deactivate(cd, CDEVICE_1));
4058 /* Wrong context checks */
4059 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
4060 /* cd is ready for reencryption */
4061 OK_(crypt_init(&cd2, DMDIR L_DEVICE_OK));
4062 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4063 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4064 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running.");
4066 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running.");
4067 FAIL_(crypt_reencrypt_run(cd2, NULL, NULL), "Invalid reencryption context.");
4068 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
4069 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
4070 OK_(crypt_persistent_flags_get(cd2, CRYPT_FLAGS_REQUIREMENTS, &getflags));
4071 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
4072 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
4073 EQ_(crypt_reencrypt_status(cd2, NULL), CRYPT_REENCRYPT_CLEAN);
4074 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress.");
4075 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress.");
4076 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4080 /* Partial device reencryption parameter */
4081 params2.sector_size = 512;
4082 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4083 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4084 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4085 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
4086 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4088 rparams.device_size = 2;
4089 rparams.max_hotzone_size = 1;
4090 rparams.resilience = "none";
4091 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4093 /* interrupt reencryption after 'test_progress_steps' */
4094 test_progress_steps = 2;
4095 OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
4096 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
4098 NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Could not activate device in reencryption.");
4099 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4101 EQ_(cad.offset, r_header_size);
4102 /* TODO: this should work in future releases unless reencryption process is running */
4103 FAIL_(crypt_resize(cd, CDEVICE_1, 1), "Device in reencryption.");
4104 FAIL_(crypt_resize(cd, CDEVICE_1, 0), "Device in reencryption.");
4106 rparams.max_hotzone_size = 0;
4107 rparams.device_size = 3;
4108 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Invalid device size.");
4109 crypt_deactivate(cd, CDEVICE_1);
4110 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Invalid device size.");
4111 rparams.device_size = 2;
4112 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4113 NOTFAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Failed to initialize reencryption.");
4114 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4115 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4116 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
4117 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4118 /* after reencryption use whole device again */
4120 OK_(crypt_deactivate(cd, CDEVICE_1));
4122 /* Reencrypt device with wrong size */
4123 EQ_(crypt_keyslot_add_by_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 0);
4124 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
4125 OK_(crypt_resize(cd, CDEVICE_1, 7));
4126 rparams.device_size = 0;
4128 params2.sector_size = 4096;
4129 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), "Active device size is not aligned to new sector size.");
4130 rparams.device_size = 8;
4131 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), "Reduced reencryption size does not match active device.");
4132 /* FIXME: allow after resize in reencryption is supported */
4133 //NOTFAIL_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY | CRYPT_ACTIVATE_KEYRING_KEY), "Failed to load keys.");
4134 // OK_(crypt_resize(cd, CDEVICE_1, 8));
4135 OK_(crypt_deactivate(cd, CDEVICE_1));
4138 params2.sector_size = 512;
4139 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4140 OK_(crypt_init(&cd2, DMDIR H_DEVICE));
4141 OK_(crypt_set_data_offset(cd2, r_header_size - 8));
4142 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4143 OK_(crypt_set_pbkdf_type(cd2, &pbkdf));
4144 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4145 OK_(crypt_format(cd2, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4146 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
4147 EQ_(crypt_keyslot_add_by_volume_key(cd2, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
4148 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4149 EQ_(crypt_keyslot_add_by_key(cd2, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4150 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
4151 EQ_(crypt_activate_by_passphrase(cd2, CDEVICE_2, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
4152 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
4153 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4154 EQ_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4155 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4156 /* reference wrong device in active device name */
4157 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Wrong device.");
4158 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Wrong device.");
4159 EQ_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4160 FAIL_(crypt_set_data_device(cd2, DMDIR L_DEVICE_OK), "Device in reencryption.");
4161 OK_(crypt_deactivate(cd, CDEVICE_1));
4162 OK_(crypt_deactivate(cd2, CDEVICE_2));
4166 /* data shift related tests */
4167 params2.sector_size = 512;
4168 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4169 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4170 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4171 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
4172 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4173 memset(&rparams, 0, sizeof(rparams));
4174 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4175 rparams.resilience = "datashift";
4176 rparams.data_shift = 8;
4177 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
4178 rparams.luks2 = ¶ms2;
4179 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4180 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
4181 EQ_(retparams.data_shift, 8);
4182 EQ_(retparams.mode, CRYPT_REENCRYPT_REENCRYPT);
4183 OK_(strcmp(retparams.resilience, "datashift"));
4184 EQ_(crypt_get_data_offset(cd), 32776);
4185 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4186 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4187 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4189 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4190 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4191 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4192 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
4193 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4195 EQ_(crypt_get_data_offset(cd), 32776);
4196 OK_(crypt_deactivate(cd, CDEVICE_1));
4198 EQ_(crypt_keyslot_add_by_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 0);
4199 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), "Device is too small.");
4201 // BUG: We need reencrypt abort flag
4202 /* it fails, but it's already initialized and we have no way to abort yet */
4203 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4204 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4205 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4206 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 1);
4207 EQ_(crypt_keyslot_add_by_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 0);
4208 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4209 rparams.resilience = "datashift";
4210 rparams.data_shift = 8;
4211 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
4212 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2);
4213 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
4214 EQ_(retparams.data_shift, 8);
4215 EQ_(retparams.mode, CRYPT_REENCRYPT_REENCRYPT);
4216 OK_(strcmp(retparams.resilience, "datashift"));
4217 EQ_(crypt_get_data_offset(cd), 32760);
4218 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4219 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2);
4220 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4222 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4223 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4224 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
4225 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4227 EQ_(crypt_get_data_offset(cd), 32760);
4228 OK_(crypt_deactivate(cd, CDEVICE_1));
4231 /* data shift with online device */
4232 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4233 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4234 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4235 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
4236 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4237 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4238 rparams.resilience = "datashift";
4239 rparams.data_shift = 8;
4241 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
4242 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Active device too large.");
4243 OK_(crypt_deactivate(cd, CDEVICE_1));
4244 NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Failed to activate device in reencryption.");
4245 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4247 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4248 EQ_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4249 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4250 OK_(crypt_deactivate(cd, CDEVICE_1));
4253 _cleanup_dmdevices();
4255 /* encryption with datashift and moved segment (limit values for data shift) */
4256 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4257 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2));
4259 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4261 memset(&rparams, 0, sizeof(rparams));
4262 params2.sector_size = 512;
4263 params2.data_device = DMDIR L_DEVICE_OK;
4264 rparams.mode = CRYPT_REENCRYPT_ENCRYPT;
4265 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4266 rparams.resilience = "datashift";
4267 rparams.data_shift = 8192;
4268 rparams.luks2 = ¶ms2;
4269 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;
4270 OK_(crypt_set_data_offset(cd, 8192));
4271 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4272 EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 30);
4273 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), 0);
4275 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4276 OK_(crypt_header_restore(cd, CRYPT_LUKS2, DMDIR H_DEVICE));
4278 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4279 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4280 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
4281 EQ_(retparams.mode, CRYPT_REENCRYPT_ENCRYPT);
4282 OK_(strcmp(retparams.resilience, "datashift"));
4283 EQ_(retparams.data_shift, 8192);
4284 EQ_(retparams.flags & CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT, CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT);
4285 EQ_(crypt_get_data_offset(cd), 8192);
4286 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4287 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
4288 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4291 _cleanup_dmdevices();
4292 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4293 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 8*1024*2+1));
4295 /* encryption with datashift and moved segment (data shift + 1 sector) */
4296 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4297 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;
4298 OK_(crypt_set_data_offset(cd, 8192));
4299 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4300 EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 30);
4301 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), 0);
4303 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4304 OK_(crypt_header_restore(cd, CRYPT_LUKS2, DMDIR H_DEVICE));
4305 EQ_(crypt_get_data_offset(cd), 8192);
4306 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4307 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
4308 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4311 _cleanup_dmdevices();
4312 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4313 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 2*8200));
4315 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4317 /* encryption with datashift and moved segment (data shift + data offset <= device size) */
4318 memset(&rparams, 0, sizeof(rparams));
4319 params2.sector_size = 512;
4320 params2.data_device = DMDIR L_DEVICE_OK;
4321 rparams.mode = CRYPT_REENCRYPT_ENCRYPT;
4322 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4323 rparams.resilience = "datashift";
4324 rparams.data_shift = 8200;
4325 rparams.luks2 = ¶ms2;
4326 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;
4327 OK_(crypt_set_data_offset(cd, 8200));
4328 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4329 EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 30);
4330 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), "Data device is too small");
4331 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4334 _cleanup_dmdevices();
4335 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4336 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 1));
4338 /* decryption backward */
4339 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4340 params2.data_device = NULL;
4341 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4342 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4343 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4344 memset(&rparams, 0, sizeof(rparams));
4345 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4346 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4347 rparams.resilience = "none";
4348 rparams.max_hotzone_size = 2048;
4349 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4350 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4352 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4353 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4354 EQ_(crypt_get_data_offset(cd), r_header_size);
4355 EQ_(crypt_get_volume_key_size(cd), 0);
4356 OK_(strcmp(crypt_get_cipher(cd), "cipher_null"));
4359 /* decryption forward */
4360 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4361 params2.data_device = NULL;
4362 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4363 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4364 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4365 memset(&rparams, 0, sizeof(rparams));
4366 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4367 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4368 rparams.resilience = "none";
4369 rparams.max_hotzone_size = 2048;
4370 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4371 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4374 /* decryption forward (online) */
4375 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4376 params2.data_device = NULL;
4377 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4378 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4379 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4380 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_2, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4381 memset(&rparams, 0, sizeof(rparams));
4382 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4383 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4384 rparams.resilience = "none";
4385 rparams.max_hotzone_size = 2048;
4386 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4387 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4390 /* decryption with data shift */
4391 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4392 params2.data_device = NULL;
4393 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4394 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4395 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4396 remove(BACKUP_FILE);
4397 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
4399 // FIXME: we need write flock
4400 OK_(chmod(BACKUP_FILE, S_IRUSR|S_IWUSR));
4401 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4402 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4403 EQ_(crypt_get_data_offset(cd), r_header_size);
4404 memset(&rparams, 0, sizeof(rparams));
4405 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4406 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4407 rparams.resilience = "datashift";
4408 rparams.data_shift = r_header_size;
4409 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4410 EQ_(crypt_get_data_offset(cd), 0);
4411 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4412 remove(BACKUP_FILE);
4415 /* online decryption with data shift (future feature) */
4416 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4417 params2.data_device = NULL;
4418 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4419 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4420 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4421 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_2, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4422 OK_(t_device_size(DMDIR CDEVICE_2, &r_size_1));
4424 // store devno for later size check
4425 OK_(t_get_devno(CDEVICE_2, &devno));
4426 // create placeholder device to block automatic deactivation after decryption
4427 OK_(_system("dmsetup create " CDEVICE_1 " --table \"0 1 linear " DMDIR CDEVICE_2 " 0\"", 1));
4428 remove(BACKUP_FILE);
4429 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
4431 // FIXME: we need write flock
4432 OK_(chmod(BACKUP_FILE, S_IRUSR|S_IWUSR));
4433 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4434 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4435 EQ_(crypt_get_data_offset(cd), r_header_size);
4436 memset(&rparams, 0, sizeof(rparams));
4437 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4438 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4439 rparams.resilience = "datashift";
4440 rparams.data_shift = r_header_size;
4441 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4442 EQ_(crypt_get_data_offset(cd), 0);
4443 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4444 remove(BACKUP_FILE);
4445 OK_(t_device_size_by_devno(devno, &r_size_1));
4447 OK_(_system("dmsetup remove " DM_RETRY CDEVICE_1 DM_NOSTDERR, 0));
4450 _cleanup_dmdevices();
4451 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4452 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size));
4453 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_header_size));
4455 /* check detached header misuse (mismatching keys in table and mda) */
4456 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
4457 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4458 params2.data_device = DMDIR L_DEVICE_WRONG;
4459 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4460 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4461 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4462 /* activate second device using same header */
4463 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4464 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4465 OK_(crypt_set_pbkdf_type(cd2, &pbkdf));
4466 EQ_(crypt_activate_by_passphrase(cd2, CDEVICE_2, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4468 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4470 memset(&rparams, 0, sizeof(rparams));
4471 rparams.resilience = "none";
4472 rparams.max_hotzone_size = 16*2048;
4473 rparams.luks2 = ¶ms2;
4475 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
4476 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4478 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4479 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4480 OK_(crypt_set_pbkdf_type(cd2, &pbkdf));
4481 EQ_(crypt_keyslot_add_by_key(cd2, 2, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 2);
4482 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
4483 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 1, 2, "aes", "cbc-essiv:sha256", &rparams), "Mismatching parameters in device table.");
4484 OK_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 2, "aes", "cbc-essiv:sha256", &rparams));
4485 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4486 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 1, 2, "aes", "cbc-essiv:sha256", &rparams), "Mismatching parameters in device table.");
4487 OK_(crypt_deactivate(cd, CDEVICE_1));
4488 OK_(crypt_deactivate(cd2, CDEVICE_2));
4492 /* check detached header misuse (mismatching progress data in active device and mda) */
4493 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
4494 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4495 params2.data_device = DMDIR L_DEVICE_WRONG;
4496 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4497 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4498 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4500 rparams.max_hotzone_size = 8;
4501 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
4502 /* reencrypt 8 sectors of device */
4503 test_progress_steps = 2;
4504 OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
4506 /* activate another data device with same LUKS2 header (this is wrong, but we can't detect such mistake) */
4507 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4508 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4509 NOTFAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_2, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Failed to activate device in reencryption.");
4512 /* reencrypt yet another 8 sectors of first device */
4513 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4514 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
4515 test_progress_steps = 2;
4516 OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
4518 /* Now active mapping for second data device does not match its metadata */
4519 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4520 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4521 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4522 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams), "Mismatching device table.");
4523 OK_(crypt_deactivate(cd2, CDEVICE_2));
4527 _cleanup_dmdevices();
4528 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 16));
4530 /* Test LUKS2 reencryption honors flags device was activate with */
4531 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4532 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4533 params2.sector_size = 512;
4534 params2.data_device = NULL;
4535 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4536 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4537 OK_(crypt_volume_key_keyring(cd, 0)); /* disable keyring */
4538 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 6, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_ALLOW_DISCARDS), 6);
4539 OK_(crypt_volume_key_keyring(cd, 1));
4540 rparams.mode = CRYPT_REENCRYPT_REENCRYPT;
4541 rparams.direction = CRYPT_REENCRYPT_FORWARD,
4542 rparams.resilience = "none",
4543 rparams.max_hotzone_size = 8;
4544 rparams.luks2 = ¶ms2;
4546 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4547 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams));
4548 test_progress_steps = 2;
4549 OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
4550 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
4551 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4552 EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS);
4553 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0);
4555 OK_(crypt_init_by_name(&cd, CDEVICE_1));
4556 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4557 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams));
4558 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4559 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4560 EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS);
4561 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0);
4562 OK_(crypt_deactivate(cd, CDEVICE_1));
4565 _cleanup_dmdevices();
4566 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 16));
4568 rparams.mode = CRYPT_REENCRYPT_REENCRYPT;
4569 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4570 rparams.resilience = "none";
4571 rparams.hash = NULL;
4572 rparams.data_shift = 0;
4573 rparams.max_hotzone_size = 0;
4574 rparams.device_size = 0;
4575 rparams.luks2 = ¶ms2;
4578 /* Test support for specific key reencryption */
4579 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4580 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4581 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4582 EQ_(crypt_keyslot_add_by_volume_key(cd, 3, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 3);
4583 EQ_(crypt_keyslot_add_by_key(cd, 9, key, key_size, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
4584 EQ_(crypt_keyslot_add_by_key(cd, 10, key, key_size, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE ), 10);
4585 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 3, 9, "aes", "xts-plain64", &rparams));
4586 OK_(crypt_reencrypt_run(cd, NULL, NULL));
4587 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
4588 OK_(crypt_keyslot_destroy(cd, 9));
4589 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
4592 _cleanup_dmdevices();
4593 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 2 * r_header_size));
4594 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4596 rparams = (struct crypt_params_reencrypt) {
4597 .mode = CRYPT_REENCRYPT_DECRYPT,
4598 .direction = CRYPT_REENCRYPT_FORWARD,
4599 .resilience = "datashift-checksum",
4601 .data_shift = r_header_size,
4602 .flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT
4605 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4606 OK_(set_fast_pbkdf(cd));
4607 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, NULL));
4608 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)));
4609 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
4612 params2.data_device = DMDIR L_DEVICE_OK;
4613 params2.sector_size = 512;
4615 /* create detached LUKS2 header (with data_offset == 0) */
4616 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4617 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4618 EQ_(crypt_get_data_offset(cd), 0);
4619 OK_(set_fast_pbkdf(cd));
4620 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)));
4623 /* initiate LUKS2 decryption with datashift on bogus LUKS2 header (data_offset == 0) */
4624 OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
4625 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4626 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Illegal data offset");
4627 /* reencryption must not initialize */
4628 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4630 /* original data device must stay untouched */
4631 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4632 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4633 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4636 OK_(chmod(BACKUP_FILE, S_IRUSR|S_IWUSR));
4637 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4638 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4640 /* simulate read error at first segment beyond data offset*/
4641 OK_(dmdevice_error_io(L_DEVICE_OK, DMDIR L_DEVICE_OK, DEVICE_ERROR, 0, r_header_size, 8, ERR_RD));
4643 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Could not read first data segment");
4646 /* Device must not be in reencryption */
4647 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4648 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4649 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4651 /* simulate write error in original LUKS2 header area */
4652 OK_(dmdevice_error_io(L_DEVICE_OK, DMDIR L_DEVICE_OK, DEVICE_ERROR, 0, 0, 8, ERR_WR));
4654 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Could not write first data segment");
4657 /* Device must not be in reencryption */
4658 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4659 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4660 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4662 remove(BACKUP_FILE);
4664 /* remove error mapping */
4665 OK_(dmdevice_error_io(L_DEVICE_OK, DMDIR L_DEVICE_OK, DEVICE_ERROR, 0, 0, 8, ERR_REMOVE));
4667 /* test various bogus reencryption resilience parameters */
4668 rparams = (struct crypt_params_reencrypt) {
4669 .mode = CRYPT_REENCRYPT_DECRYPT,
4670 .direction = CRYPT_REENCRYPT_FORWARD,
4671 .resilience = "checksum", /* should have been datashift-checksum */
4673 .data_shift = r_header_size,
4674 .flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT
4677 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4678 OK_(set_fast_pbkdf(cd));
4679 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, NULL));
4680 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)));
4681 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
4684 OK_(chmod(BACKUP_FILE, S_IRUSR|S_IWUSR));
4685 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4686 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4688 /* decryption on device with data offset and no datashift subvariant mode */
4689 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4690 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4692 rparams.resilience = "journal"; /* should have been datashift-journal */
4693 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4694 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4696 rparams = (struct crypt_params_reencrypt) {
4697 .mode = CRYPT_REENCRYPT_DECRYPT,
4698 .direction = CRYPT_REENCRYPT_FORWARD,
4699 .resilience = "datashift-checksum",
4701 .data_shift = 0, /* must be non zero */
4702 .flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT
4706 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4707 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4709 rparams.resilience = "datashift-journal";
4710 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4711 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4713 rparams.resilience = "datashift"; /* datashift only is not supported in decryption mode with moved segment */
4714 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4715 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4719 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4720 OK_(set_fast_pbkdf(cd));
4721 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4722 EQ_(crypt_keyslot_add_by_volume_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 21);
4724 rparams = (struct crypt_params_reencrypt) {
4725 .mode = CRYPT_REENCRYPT_REENCRYPT,
4726 .direction = CRYPT_REENCRYPT_FORWARD,
4727 .resilience = "datashift-checksum",
4729 .data_shift = r_header_size,
4730 .flags = CRYPT_REENCRYPT_INITIALIZE_ONLY
4733 /* regular reencryption must not accept datashift subvariants */
4734 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4735 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4737 rparams.resilience = "datashift-journal";
4738 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, CRYPT_ANY_SLOT, NULL, NULL, &rparams), "Invalid reencryption params");
4739 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4742 _cleanup_dmdevices();
4746 static void LuksKeyslotAdd(void)
4748 struct crypt_params_luks2 params = {
4751 char key[128], key3[128];
4752 #ifdef KERNEL_KEYRING
4756 const struct crypt_token_params_luks2_keyring tparams = {
4757 .key_description = KEY_DESC_TEST0
4760 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
4761 const char *vk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
4762 size_t key_size = strlen(vk_hex) / 2;
4763 const char *cipher = "aes";
4764 const char *cipher_mode = "cbc-essiv:sha256";
4765 uint64_t r_payload_offset;
4766 struct crypt_keyslot_context *um1, *um2;
4768 crypt_decode_key(key, vk_hex, key_size);
4769 crypt_decode_key(key3, vk_hex2, key_size);
4771 // init test devices
4772 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
4773 OK_(create_dmdevice_over_loop(H_DEVICE, r_payload_offset + 1));
4775 // test support for embedded key (after crypt_format)
4776 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4777 OK_(set_fast_pbkdf(cd));
4778 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
4779 OK_(crypt_keyslot_context_init_by_volume_key(cd, NULL, key_size, &um1));
4780 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um2));
4781 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 3, um2, 0), 3);
4782 EQ_(crypt_keyslot_status(cd, 3), CRYPT_SLOT_ACTIVE_LAST);
4783 crypt_keyslot_context_free(um1);
4784 crypt_keyslot_context_free(um2);
4787 // test add by volume key
4788 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4789 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4790 OK_(set_fast_pbkdf(cd));
4791 OK_(crypt_keyslot_context_init_by_volume_key(cd, key, key_size, &um1));
4792 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE1, strlen(PASSPHRASE1), &um2));
4793 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, CRYPT_ANY_SLOT, um2, 0), 0);
4794 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE);
4795 crypt_keyslot_context_free(um1);
4796 crypt_keyslot_context_free(um2);
4798 // Add by same passphrase
4799 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um1));
4800 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 1, um1, 0), 1);
4801 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_ACTIVE);
4802 crypt_keyslot_context_free(um1);
4804 // new passphrase can't be provided by key method
4805 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um1));
4806 OK_(crypt_keyslot_context_init_by_volume_key(cd, key, key_size, &um2));
4807 FAIL_(crypt_keyslot_add_by_keyslot_context(cd, 1, um1, CRYPT_ANY_SLOT, um2, 0), "Can't get passphrase via selected unlock method");
4808 crypt_keyslot_context_free(um1);
4809 crypt_keyslot_context_free(um2);
4812 OK_(prepare_keyfile(KEYFILE1, PASSPHRASE1, strlen(PASSPHRASE1)));
4813 OK_(prepare_keyfile(KEYFILE2, KEY1, strlen(KEY1)));
4814 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um1));
4815 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE2, 0, 0, &um2));
4816 EQ_(crypt_keyslot_add_by_keyslot_context(cd, 0, um1, 2, um2, 0), 2);
4817 EQ_(crypt_keyslot_status(cd, 2), CRYPT_SLOT_ACTIVE);
4818 crypt_keyslot_context_free(um1);
4819 crypt_keyslot_context_free(um2);
4821 // add by same keyfile
4822 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE2, 0, 0, &um1));
4823 EQ_(crypt_keyslot_add_by_keyslot_context(cd, 2, um1, 4, um1, 0), 4);
4824 EQ_(crypt_keyslot_status(cd, 4), CRYPT_SLOT_ACTIVE);
4825 crypt_keyslot_context_free(um1);
4827 // keyslot already exists
4828 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um1));
4829 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um2));
4830 FAIL_(crypt_keyslot_add_by_keyslot_context(cd, 3, um1, 0, um2, 0), "Keyslot already exists.");
4831 crypt_keyslot_context_free(um1);
4832 crypt_keyslot_context_free(um2);
4834 // generate new unbound key
4835 OK_(crypt_keyslot_context_init_by_volume_key(cd, NULL, 9, &um1));
4836 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um2));
4837 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 10, um2, CRYPT_VOLUME_KEY_NO_SEGMENT), 10);
4838 EQ_(crypt_keyslot_status(cd, 10), CRYPT_SLOT_UNBOUND);
4839 crypt_keyslot_context_free(um1);
4840 crypt_keyslot_context_free(um2);
4842 EQ_(crypt_token_luks2_keyring_set(cd, 3, &tparams), 3);
4843 EQ_(crypt_token_assign_keyslot(cd, 3, 1), 3);
4844 EQ_(crypt_token_assign_keyslot(cd, 3, 3), 3);
4846 // test unlocking/adding keyslot by LUKS2 token
4847 OK_(crypt_keyslot_context_init_by_token(cd, CRYPT_ANY_TOKEN, NULL, NULL, 0, NULL, &um1));
4848 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um2));
4849 // passphrase not in keyring
4850 FAIL_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 13, um2, 0), "No token available.");
4851 #ifdef KERNEL_KEYRING
4852 // wrong passphrase in keyring
4853 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
4854 NOTFAIL_(kid, "Test or kernel keyring are broken.");
4855 FAIL_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 13, um2, 0), "No token available.");
4857 // token unlocks keyslot
4858 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
4859 NOTFAIL_(kid, "Test or kernel keyring are broken.");
4860 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 13, um2, 0), 13);
4861 EQ_(crypt_keyslot_status(cd, 13), CRYPT_SLOT_ACTIVE);
4863 crypt_keyslot_context_free(um1);
4864 crypt_keyslot_context_free(um2);
4866 // token provides passphrase for new keyslot
4867 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um1));
4868 OK_(crypt_keyslot_context_init_by_token(cd, CRYPT_ANY_TOKEN, NULL, NULL, 0, NULL, &um2));
4869 EQ_(crypt_keyslot_add_by_keyslot_context(cd, 3, um1, 30, um2, 0), 30);
4870 EQ_(crypt_keyslot_status(cd, 30), CRYPT_SLOT_ACTIVE);
4871 OK_(crypt_token_is_assigned(cd, 3, 30));
4873 // unlock and add by same token
4874 crypt_keyslot_context_free(um1);
4875 OK_(crypt_keyslot_context_init_by_token(cd, CRYPT_ANY_TOKEN, NULL, NULL, 0, NULL, &um1));
4876 ks = crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, CRYPT_ANY_SLOT, um1, 0);
4878 EQ_(crypt_keyslot_status(cd, ks), CRYPT_SLOT_ACTIVE);
4879 OK_(crypt_token_is_assigned(cd, 3, ks));
4881 crypt_keyslot_context_free(um1);
4882 crypt_keyslot_context_free(um2);
4886 _cleanup_dmdevices();
4889 static void VolumeKeyGet(void)
4891 struct crypt_params_luks2 params = {
4894 char key[256], key2[256];
4895 #ifdef KERNEL_KEYRING
4897 const struct crypt_token_params_luks2_keyring tparams = {
4898 .key_description = KEY_DESC_TEST0
4902 const char *vk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a"
4903 "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1b";
4904 size_t key_size = strlen(vk_hex) / 2;
4905 const char *cipher = "aes";
4906 const char *cipher_mode = "xts-plain64";
4907 uint64_t r_payload_offset;
4908 struct crypt_keyslot_context *um1, *um2;
4910 crypt_decode_key(key, vk_hex, key_size);
4912 OK_(prepare_keyfile(KEYFILE1, PASSPHRASE1, strlen(PASSPHRASE1)));
4914 #ifdef KERNEL_KEYRING
4915 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
4916 NOTFAIL_(kid, "Test or kernel keyring are broken.");
4919 // init test devices
4920 OK_(get_luks2_offsets(0, 0, 0, NULL, &r_payload_offset));
4921 OK_(create_dmdevice_over_loop(H_DEVICE, r_payload_offset + 1));
4923 // test support for embedded key (after crypt_format)
4924 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4925 OK_(set_fast_pbkdf(cd));
4926 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size, ¶ms));
4928 FAIL_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, NULL), "buffer too small");
4930 // check cached generated volume key can be retrieved
4932 OK_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, NULL));
4933 OK_(crypt_volume_key_verify(cd, key2, key_size));
4936 // check we can add keyslot via retrieved key
4937 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4938 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4939 OK_(set_fast_pbkdf(cd));
4940 OK_(crypt_keyslot_context_init_by_volume_key(cd, key2, key_size, &um1));
4941 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um2));
4942 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 3, um2, 0), 3);
4943 crypt_keyslot_context_free(um1);
4944 crypt_keyslot_context_free(um2);
4947 // check selected volume key can be retrieved and added
4948 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4949 OK_(set_fast_pbkdf(cd));
4950 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
4951 memset(key2, 0, key_size);
4952 OK_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, NULL));
4953 OK_(memcmp(key, key2, key_size));
4954 OK_(crypt_keyslot_context_init_by_volume_key(cd, key2, key_size, &um1));
4955 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um2));
4956 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 0, um2, 0), 0);
4957 crypt_keyslot_context_free(um2);
4958 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um2));
4959 EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 1, um2, 0), 1);
4960 crypt_keyslot_context_free(um2);
4961 #ifdef KERNEL_KEYRING
4962 EQ_(crypt_token_luks2_keyring_set(cd, 0, &tparams), 0);
4963 EQ_(crypt_token_assign_keyslot(cd, 0, 1), 0);
4965 crypt_keyslot_context_free(um1);
4968 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4969 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4970 // check key context is not usable
4971 OK_(crypt_keyslot_context_init_by_volume_key(cd, key, key_size, &um1));
4972 EQ_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, um1), -EINVAL);
4973 crypt_keyslot_context_free(um1);
4976 memset(key2, 0, key_size);
4977 OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE, strlen(PASSPHRASE), &um1));
4978 EQ_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, um1), 0);
4979 OK_(memcmp(key, key2, key_size));
4980 memset(key2, 0, key_size);
4981 EQ_(crypt_volume_key_get_by_keyslot_context(cd, 0, key2, &key_size, um1), 0);
4982 OK_(memcmp(key, key2, key_size));
4983 crypt_keyslot_context_free(um1);
4986 memset(key2, 0, key_size);
4987 OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um1));
4988 EQ_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, um1), 1);
4989 OK_(memcmp(key, key2, key_size));
4990 memset(key2, 0, key_size);
4991 EQ_(crypt_volume_key_get_by_keyslot_context(cd, 1, key2, &key_size, um1), 1);
4992 crypt_keyslot_context_free(um1);
4994 #ifdef KERNEL_KEYRING
4996 OK_(crypt_keyslot_context_init_by_token(cd, CRYPT_ANY_TOKEN, NULL, NULL, 0, NULL, &um1));
4997 memset(key2, 0, key_size);
4998 EQ_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, um1), 1);
4999 OK_(memcmp(key, key2, key_size));
5000 crypt_keyslot_context_free(um1);
5005 _cleanup_dmdevices();
5008 static int _crypt_load_check(struct crypt_device *cd)
5011 return crypt_load(cd, CRYPT_LUKS, NULL);
5017 static void Luks2Repair(void)
5021 GE_(snprintf(rollback, sizeof(rollback),
5022 "dd if=" IMAGE_PV_LUKS2_SEC ".bcp of=%s bs=1M 2>/dev/null", DEVICE_6), 0);
5024 OK_(crypt_init(&cd, DEVICE_6));
5026 FAIL_(_crypt_load_check(cd), "Ambiguous signature detected");
5027 FAIL_(crypt_repair(cd, CRYPT_LUKS1, NULL), "Not a LUKS2 device");
5029 /* check explicit LUKS2 repair works */
5030 OK_(crypt_repair(cd, CRYPT_LUKS2, NULL));
5031 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
5033 OK_(crypt_init(&cd, DEVICE_6));
5036 OK_(_system(rollback, 1));
5037 FAIL_(_crypt_load_check(cd), "Ambiguous signature detected");
5039 /* check repair with type detection works */
5040 OK_(crypt_repair(cd, CRYPT_LUKS, NULL));
5041 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
5044 /* repeat with locking disabled (must not have any effect) */
5045 OK_(_system(rollback, 1));
5046 OK_(crypt_init(&cd, DEVICE_6));
5047 OK_(crypt_metadata_locking(cd, 0));
5049 FAIL_(_crypt_load_check(cd), "Ambiguous signature detected");
5050 FAIL_(crypt_repair(cd, CRYPT_LUKS1, NULL), "Not a LUKS2 device");
5052 /* check explicit LUKS2 repair works */
5053 OK_(crypt_repair(cd, CRYPT_LUKS2, NULL));
5054 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
5056 OK_(crypt_init(&cd, DEVICE_6));
5059 OK_(_system(rollback, 1));
5060 FAIL_(_crypt_load_check(cd), "Ambiguous signature detected");
5062 /* check repair with type detection works */
5063 OK_(crypt_repair(cd, CRYPT_LUKS, NULL));
5064 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
5068 static void int_handler(int sig __attribute__((__unused__)))
5073 int main(int argc, char *argv[])
5075 struct sigaction sa = { .sa_handler = int_handler };
5078 if (getuid() != 0) {
5079 printf("You must be root to run this test.\n");
5082 #ifndef NO_CRYPTSETUP_PATH
5083 if (getenv("CRYPTSETUP_PATH")) {
5084 printf("Cannot run this test with CRYPTSETUP_PATH set.\n");
5088 for (i = 1; i < argc; i++) {
5089 if (!strcmp("-v", argv[i]) || !strcmp("--verbose", argv[i]))
5091 else if (!strcmp("--debug", argv[i]))
5092 _debug = _verbose = 1;
5095 /* Handle interrupt properly */
5096 sigaction(SIGINT, &sa, NULL);
5097 sigaction(SIGTERM, &sa, NULL);
5099 register_cleanup(_cleanup);
5103 printf("Cannot set test devices.\n");
5108 crypt_set_debug_level(_debug ? CRYPT_DEBUG_JSON : CRYPT_DEBUG_NONE);
5110 RUN_(AddDeviceLuks2, "Format and use LUKS2 device");
5111 RUN_(Luks2MetadataSize, "LUKS2 metadata settings");
5112 RUN_(Luks2HeaderLoad, "LUKS2 header load");
5113 RUN_(Luks2HeaderRestore, "LUKS2 header restore");
5114 RUN_(Luks2HeaderBackup, "LUKS2 header backup");
5115 RUN_(ResizeDeviceLuks2, "LUKS2 device resize tests");
5116 RUN_(UseLuks2Device, "Use pre-formated LUKS2 device");
5117 RUN_(SuspendDevice, "LUKS2 Suspend/Resume");
5118 RUN_(UseTempVolumes, "Format and use temporary encrypted device");
5119 RUN_(Tokens, "General tokens API");
5120 RUN_(TokenActivationByKeyring, "Builtin kernel keyring token");
5121 RUN_(LuksConvert, "LUKS1 <-> LUKS2 conversions");
5122 RUN_(Pbkdf, "Default PBKDF manipulation routines");
5123 RUN_(Luks2KeyslotParams, "Add a new keyslot with different encryption");
5124 RUN_(Luks2KeyslotAdd, "Add a new keyslot by unused key");
5125 RUN_(Luks2ActivateByKeyring, "LUKS2 activation by passphrase in keyring");
5126 RUN_(Luks2Requirements, "LUKS2 requirements flags");
5127 RUN_(Luks2Integrity, "LUKS2 with data integrity");
5128 RUN_(Luks2Refresh, "Active device table refresh");
5129 RUN_(Luks2Flags, "LUKS2 persistent flags");
5130 #if KERNEL_KEYRING && USE_LUKS2_REENCRYPTION
5131 RUN_(Luks2Reencryption, "LUKS2 reencryption");
5133 RUN_(LuksKeyslotAdd, "Adding keyslot via new API");
5134 RUN_(VolumeKeyGet, "Getting volume key via keyslot context API");
5135 RUN_(Luks2Repair, "LUKS2 repair"); // test disables metadata locking. Run always last!