3 # Test mode compatibility, check input + kernel and cryptsetup cipher status
5 [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
6 CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
8 HEADER_IMG=mode-test.img
11 FAST_PBKDF2="--pbkdf pbkdf2 --pbkdf-force-iterations 1000"
13 # cipher-chainmode-ivopts:ivmode
14 CIPHERS="aes twofish serpent"
16 IVMODES="null benbi plain plain64 essiv:sha256"
18 LOOPDEV=$(losetup -f 2>/dev/null)
20 CRYPTSETUP_VALGRIND=../.libs/cryptsetup
21 CRYPTSETUP_LIB_VALGRIND=../.libs
24 udevadm settle >/dev/null 2>&1
25 dmsetup remove --retry $1 >/dev/null 2>&1
29 [ -b /dev/mapper/"$DEV_NAME"_tstdev ] && dmremove "$DEV_NAME"_tstdev
30 [ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
31 losetup -d $LOOPDEV >/dev/null 2>&1
32 rm -f $HEADER_IMG >/dev/null 2>&1
37 [ -n "$1" ] && echo "$1"
38 echo "FAILED backtrace:"
39 while caller $frame; do ((frame++)); done
46 [ -n "$1" ] && echo "$1"
50 function valgrind_setup()
52 command -v valgrind >/dev/null || fail "Cannot find valgrind."
53 [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
54 export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
57 function valgrind_run()
59 INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
65 dd if=/dev/zero of=$HEADER_IMG bs=1M count=6 >/dev/null 2>&1
67 losetup $LOOPDEV $HEADER_IMG >/dev/null 2>&1
68 dmsetup create $DEV_NAME --table "0 10240 linear $LOOPDEV 8" >/dev/null 2>&1
71 dmcrypt_check() # device outstring
73 X=$(dmsetup table $1 2>/dev/null | sed 's/.*: //' | cut -d' ' -f 4)
74 if [ "$X" = $2 ] ; then
78 echo " Expecting $2 got $X."
82 X=$($CRYPTSETUP status $1 | grep cipher: | sed s/\.\*cipher:\\s*//)
87 echo " Expecting $2 got \"$X\"."
94 dmcrypt_check_sum() # cipher device
96 EXPSUM="c036cbb7553a909f8b8877d4461924307f27ecb66cff928eeeafd569c3887e29"
97 # Fill device with zeroes and reopen it
98 dd if=/dev/zero of=/dev/mapper/$2 bs=1M count=6 >/dev/null 2>&1
102 echo $PASSWORD | $CRYPTSETUP create -h sha256 -c $1 -s 256 $2 /dev/mapper/$DEV_NAME >/dev/null 2>&1
104 VSUM=$(sha256sum /dev/mapper/$2 | cut -d' ' -f 1)
105 if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
109 echo " Expecting $EXPSUM got $VSUM."
119 [ -z "$OUT" ] && OUT=$1
122 echo $PASSWORD | $CRYPTSETUP create -h sha256 -c $1 -s 256 "$DEV_NAME"_tstdev /dev/mapper/$DEV_NAME >/dev/null 2>&1
123 if [ $? -eq 0 ] ; then
125 dmcrypt_check "$DEV_NAME"_tstdev $OUT
130 echo $PASSWORD | $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF2 -c $1 -s 256 /dev/mapper/$DEV_NAME >/dev/null 2>&1
131 if [ $? -eq 0 ] ; then
133 echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_tstdev >/dev/null 2>&1 || fail
134 dmcrypt_check "$DEV_NAME"_tstdev $OUT
137 echo $PASSWORD | $CRYPTSETUP luksFormat --type luks2 --pbkdf pbkdf2 $FAST_PBKDF2 -c $1 -s 256 --offset 8192 /dev/mapper/$DEV_NAME >/dev/null 2>&1
138 if [ $? -eq 0 ] ; then
140 echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_tstdev >/dev/null 2>&1 || fail
141 dmcrypt_check "$DEV_NAME"_tstdev $OUT
144 # repeated device creation must return the same checksum
145 echo $PASSWORD | $CRYPTSETUP create -h sha256 -c $1 -s 256 "$DEV_NAME"_tstdev /dev/mapper/$DEV_NAME >/dev/null 2>&1
146 if [ $? -eq 0 ] ; then
147 echo -n -e " CHECKSUM:"
148 dmcrypt_check_sum "$1" "$DEV_NAME"_tstdev
153 [ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped."
154 [ -z "$LOOPDEV" ] && skip "Cannot find free loop device, test skipped."
155 [ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped."
156 [ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
160 # compatibility modes
161 dmcrypt aes aes-cbc-plain
162 dmcrypt aes-plain aes-cbc-plain
166 dmcrypt null cipher_null-ecb
167 dmcrypt cipher_null cipher_null-ecb
168 dmcrypt cipher_null-ecb
171 # codebook doesn't support IV at all
172 for cipher in $CIPHERS ; do
173 dmcrypt "$cipher-ecb"
176 for cipher in $CIPHERS ; do
177 for mode in $MODES ; do
178 for ivmode in $IVMODES ; do
179 dmcrypt "$cipher-$mode-$ivmode"
184 dmcrypt xchacha12,aes-adiantum-plain64
185 dmcrypt xchacha20,aes-adiantum-plain64