3 # Test mode compatibility, check input + kernel and cryptsetup cipher status
5 CRYPTSETUP=../src/cryptsetup
8 HEADER_IMG=mode-test.img
11 # cipher-chainmode-ivopts:ivmode
12 CIPHERS="aes twofish serpent"
14 IVMODES="null benbi plain plain64 essiv:sha256"
17 for dev in $(dmsetup status --target crypt | sed s/\:\ .*// | grep "^$DEV_NAME"_); do
20 udevadm settle 2>/dev/null 2>&1
22 [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
23 losetup -d $LOOPDEV >/dev/null 2>&1
24 rm -f $HEADER_IMG >/dev/null 2>&1
29 [ -n "$1" ] && echo "$1"
35 dd if=/dev/zero of=$HEADER_IMG bs=1M count=6 >/dev/null 2>&1
37 losetup $LOOPDEV $HEADER_IMG >/dev/null 2>&1
38 dmsetup create $DEV_NAME --table "0 10240 linear $LOOPDEV 8" >/dev/null 2>&1
41 dmcrypt_check() # device outstring
43 X=$(dmsetup table $1 2>/dev/null | cut -d' ' -f 4)
48 echo " Expecting $2 got $X."
52 X=$($CRYPTSETUP status $1 | grep cipher | sed s/\.\*cipher:\\s*//)
57 echo " Expecting $2 got $X."
61 dmsetup remove $1 >/dev/null 2>&1
64 dmcrypt_check_sum() # cipher device outstring
66 EXPSUM="c036cbb7553a909f8b8877d4461924307f27ecb66cff928eeeafd569c3887e29"
67 # Fill device with zeroes and reopen it
68 dd if=/dev/zero of=/dev/mapper/$2 bs=1M count=6 >/dev/null 2>&1
71 echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 $2 /dev/mapper/$DEV_NAME >/dev/null 2>&1
73 VSUM=$(sha256sum /dev/mapper/$2 | cut -d' ' -f 1)
74 if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
78 echo " Expecting $EXPSUM got $VSUM."
82 dmsetup remove $2 >/dev/null 2>&1
88 [ -z "$OUT" ] && OUT=$1
91 echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 "$DEV_NAME"_"$1" /dev/mapper/$DEV_NAME >/dev/null 2>&1
92 if [ $? -eq 0 ] ; then
94 dmcrypt_check "$DEV_NAME"_"$1" $OUT
99 echo $PASSWORD | $CRYPTSETUP luksFormat -i 1 -c $1 -s 256 /dev/mapper/$DEV_NAME >/dev/null 2>&1
100 if [ $? -eq 0 ] ; then
102 echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_"$1" >/dev/null 2>&1
103 dmcrypt_check "$DEV_NAME"_"$1" $OUT
106 # repeated device creation must return the same checksum
107 echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 "$DEV_NAME"_"$1" /dev/mapper/$DEV_NAME >/dev/null 2>&1
108 if [ $? -eq 0 ] ; then
109 echo -n -e " CHECKSUM:"
110 dmcrypt_check_sum "$1" "$DEV_NAME"_"$1"
115 if [ $(id -u) != 0 ]; then
116 echo "WARNING: You must be root to run this test, test skipped."
122 # compatibility modes
123 dmcrypt aes aes-cbc-plain
124 dmcrypt aes-plain aes-cbc-plain
126 # codebook doesn't support IV at all
127 for cipher in $CIPHERS ; do
128 dmcrypt "$cipher-ecb"
131 for cipher in $CIPHERS ; do
132 for mode in $MODES ; do
133 for ivmode in $IVMODES ; do
134 dmcrypt "$cipher-$mode-$ivmode"