4 # Test mode compatibility, check input + kernel and cryptsetup cipher status
6 # FIXME: add checkum test of data
9 CRYPTSETUP="../src/cryptsetup.static"
12 HEADER_IMG=mode-test.img
15 # cipher-chainmode-ivopts:ivmode
16 CIPHERS="aes twofish serpent"
18 IVMODES="null benbi plain plain64 essiv:sha256"
21 for dev in $(dmsetup status --target crypt | sed s/\:\ .*// | grep "^$DEV_NAME"_); do
24 udevadm settle 2>/dev/null 2>&1
26 [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
27 losetup -d $LOOPDEV >/dev/null 2>&1
28 rm -f $HEADER_IMG >/dev/null 2>&1
33 [ -n "$1" ] && echo "$1"
39 dd if=/dev/zero of=$HEADER_IMG bs=1M count=6 >/dev/null 2>&1
41 losetup $LOOPDEV $HEADER_IMG >/dev/null 2>&1
42 dmsetup create $DEV_NAME --table "0 10240 linear $LOOPDEV 8" >/dev/null 2>&1
45 dmcrypt_check() # device outstring
47 X=$(dmsetup table $1 2>/dev/null | cut -d' ' -f 4)
52 echo " Expecting $2 got $X."
56 X=$($CRYPTSETUP status $1 | grep cipher | sed s/\.\*cipher:\\s*//)
61 echo " Expecting $2 got $X."
69 [ -z "$OUT" ] && OUT=$1
71 echo -n -e "TESTING(PLAIN): $1 ["
72 echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 "$DEV_NAME"_"$1" /dev/mapper/$DEV_NAME >/dev/null 2>&1
73 if [ $? -eq 0 ] ; then
74 dmcrypt_check "$DEV_NAME"_"$1" $OUT
75 dmsetup remove "$DEV_NAME"_"$1" >/dev/null 2>&1
80 echo -n -e "TESTING(LUKS): $1 ["
81 echo $PASSWORD | $CRYPTSETUP luksFormat -i 1 -c $1 -s 256 /dev/mapper/$DEV_NAME >/dev/null 2>&1
82 if [ $? -eq 0 ] ; then
83 echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_"$1" >/dev/null 2>&1
84 dmcrypt_check "$DEV_NAME"_"$1" $OUT
85 dmsetup remove "$DEV_NAME"_"$1" >/dev/null 2>&1
91 if [ $(id -u) != 0 ]; then
92 echo "WARNING: You must be root to run this test, test skipped."
99 dmcrypt aes aes-cbc-plain
100 dmcrypt aes-plain aes-cbc-plain
102 # codebook doesn't support IV at all
103 for cipher in $CIPHERS ; do
104 dmcrypt "$cipher-ecb"
107 for cipher in $CIPHERS ; do
108 for mode in $MODES ; do
109 for ivmode in $IVMODES ; do
110 dmcrypt "$cipher-$mode-$ivmode"