3 # check bitlk images parsing
5 [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
6 CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
10 [ -z "$srcdir" ] && srcdir="."
12 function remove_mapping()
14 [ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP
19 [ -n "$1" ] && echo "$1"
21 echo "FAILED backtrace:"
22 while caller $frame; do ((frame++)); done
29 [ -n "$1" ] && echo "$1"
36 local file=$(echo $1 | sed -e s/^$TST_DIR\\/// | sed -e s/\.img$//)
37 source <(grep = <(grep -A8 "\[$file\]" $TST_DIR/images.conf))
45 # load variables for this image from config file
49 dump_guid=$(echo "$dump" | grep Version -A 1 | tail -1 | cut -d: -f2 | tr -d "\t\n ")
50 [ ! -z "$GUID" -a "$dump_guid" = "$GUID" ] || fail " GUID check from dump failed."
53 dump_cipher=$(echo "$dump" | grep "Cipher name" | cut -d: -f2 | tr -d "\t\n ")
54 dump_mode=$(echo "$dump" | grep "Cipher mode" | cut -d: -f2 | tr -d "\t\n ")
55 cipher=$(echo "$dump_cipher-$dump_mode")
56 [ ! -z "$CIPHER" -a "$cipher" = "$CIPHER" ] || fail " cipher check from dump failed."
58 if echo "$file" | grep -q -e "smart-card"; then
59 # smart card protected VMK GUID
60 dump_sc_vmk=$(echo "$dump" | grep "VMK protected with smart card" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
61 [ ! -z "$SC_VMK_GUID" -a "$dump_sc_vmk" = "$SC_VMK_GUID" ] || fail " smart card protected VMK GUID check from dump failed."
63 # password protected VMK GUID
64 dump_pw_vmk=$(echo "$dump" | grep "VMK protected with passphrase" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
65 [ ! -z "$PW_VMK_GUID" -a "$dump_pw_vmk" = "$PW_VMK_GUID" ] || fail " password protected VMK GUID check from dump failed."
68 # recovery password protected VMK GUID
69 dump_rp_vmk=$(echo "$dump" | grep "VMK protected with recovery passphrase" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
70 [ ! -z "$RP_VMK_GUID" -a "$dump_rp_vmk" = "$RP_VMK_GUID" ] || fail " recovery password protected VMK GUID check from dump failed."
75 [ ! -d $TST_DIR ] && tar xJSf $srcdir/bitlk-images.tar.xz --no-same-owner
78 for file in $(ls $TST_DIR/bitlk-*) ; do
80 out=$($CRYPTSETUP bitlkDump $file)
81 check_dump "$out" "$file"
85 if [ $(id -u) != 0 ]; then
86 echo "WARNING: You must be root to run activation part of test, test skipped."
92 echo "ACTIVATION FS UUID CHECK"
93 for file in $(ls $TST_DIR/bitlk-*) ; do
94 # load variables for this image from config file
97 # test with both passphrase and recovery passphrase
98 for PASSPHRASE in $PW $RP ; do
100 echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file --test-passphrase >/dev/null 2>&1
102 [ $ret -eq 1 ] && echo " [N/A]" && continue
103 echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file $MAP >/dev/null 2>&1
105 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue
106 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc-elephant" ) && echo " [N/A]" && continue
107 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "clearkey" ) && echo " [N/A]" && continue
108 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "eow" ) && echo " [N/A]" && continue
109 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "-4k.img" ) && echo " [N/A]" && continue
110 [ $ret -eq 0 ] || fail " failed to open $file ($ret)"
111 $CRYPTSETUP status $MAP >/dev/null || fail
112 $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
113 uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
114 sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
115 $CRYPTSETUP remove $MAP || fail
116 [ "$uuid" = "$UUID" ] || fail " UUID check failed."
117 [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed."