/*
* cryptsetup library API check functions
*
- * Copyright (C) 2009-2010 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2009-2012 Red Hat, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include <stdio.h>
{
int i;
uint64_t current_sector;
+ uint32_t sectors_per_stripes_set;
+
if (!keylength)
return -1;
- uint32_t sectors_per_stripes_set = DIV_ROUND_UP(keylength*LUKS_STRIPES, SECTOR_SIZE);
+ sectors_per_stripes_set = DIV_ROUND_UP(keylength*LUKS_STRIPES, SECTOR_SIZE);
printf("sectors_per_stripes %" PRIu32 "\n", sectors_per_stripes_set);
current_sector = DIV_ROUND_UP_MODULO(DIV_ROUND_UP(LUKS_PHDR_SIZE_B, SECTOR_SIZE),
LUKS_ALIGN_KEYSLOTS / SECTOR_SIZE);
struct dm_task *dmt;
struct dm_info dmi;
uint64_t start, length;
- char *target_type, *rcipher, *key, *params;
+ char *target_type, *key, *params;
void *next = NULL;
int r = -EINVAL;
if (!target_type || strcmp(target_type, "crypt") != 0)
goto out;
- rcipher = strsep(¶ms, " ");
+ (void)strsep(¶ms, " "); /* rcipher */
key = strsep(¶ms, " ");
if (buffer_size <= strlen(key))
}
// Decode key from its hex representation
-static int crypt_decode_key(char *key, char *hex, unsigned int size)
+static int crypt_decode_key(char *key, const char *hex, unsigned int size)
{
char buffer[3];
char *endp;
return 0;
}
-static void cmdLineLog(int level, char *msg)
+static void cmdLineLog(int level, const char *msg)
{
strncat(global_log, msg, sizeof(global_log) - strlen(global_log));
global_lines++;
static void new_log(int level, const char *msg, void *usrptr)
{
- cmdLineLog(level, (char*)msg);
+ cmdLineLog(level, msg);
}
-static void reset_log()
+static void reset_log(void)
{
memset(global_log, 0, sizeof(global_log));
global_lines = 0;
remove(BACKUP_FILE);
_remove_keyfiles();
+
+ free(tmp_file_1);
+ free(test_loop_file);
+ free(THE_LOOP_DEV);
+ free(DEVICE_1);
+ free(DEVICE_2);
}
static int _setup(void)
return 0;
}
-void check_ok(int status, int line, const char *func)
+static void check_ok(int status, int line, const char *func)
{
char buf[256];
}
}
-void check_ko(int status, int line, const char *func)
+static void check_ko(int status, int line, const char *func)
{
char buf[256];
printf(" => errno %d, errmsg: %s\n", status, buf);
}
-void check_equal(int line, const char *func)
+static void check_equal(int line, const char *func, int64_t x, int64_t y)
{
- printf("FAIL line %d [%s]: expected equal values differs.\n", line, func);
+ printf("FAIL line %d [%s]: expected equal values differs: %"
+ PRIi64 " != %" PRIi64 "\n", line, func, x, y);
_cleanup();
exit(-1);
}
-void xlog(const char *msg, const char *tst, const char *func, int line, const char *txt)
+static void xlog(const char *msg, const char *tst, const char *func, int line, const char *txt)
{
if (_verbose) {
if (txt)
printf(" [%s,%s:%d] %s\n", msg, func, line, tst);
}
}
+
+/* crypt_device context must be "cd" to parse error properly here */
#define OK_(x) do { xlog("(success)", #x, __FUNCTION__, __LINE__, NULL); \
check_ok((x), __LINE__, __FUNCTION__); \
} while(0)
check_ko((x), __LINE__, __FUNCTION__); \
} while(0)
#define EQ_(x, y) do { xlog("(equal) ", #x " == " #y, __FUNCTION__, __LINE__, NULL); \
- if ((x) != (y)) check_equal(__LINE__, __FUNCTION__); \
+ int64_t _x = (x), _y = (y); \
+ if (_x != _y) check_equal(__LINE__, __FUNCTION__, _x, _y); \
} while(0)
-
#define RUN_(x, y) do { printf("%s: %s\n", #x, (y)); x(); } while (0)
-// NEW API tests
-
static void AddDevicePlain(void)
{
- struct crypt_device *cd, *cd2;
+ struct crypt_device *cd;
struct crypt_params_plain params = {
.hash = "sha1",
.skip = 0,
int fd;
char key[128], key2[128], path[128];
- char *passphrase = PASSPHRASE;
+ const char *passphrase = PASSPHRASE;
// hashed hex version of PASSPHRASE
- char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
size_t key_size = strlen(mk_hex) / 2;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
uint64_t size, r_size;
OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,¶ms));
OK_(strcmp(cipher_mode,crypt_get_cipher_mode(cd)));
OK_(strcmp(cipher,crypt_get_cipher(cd)));
- EQ_(key_size, crypt_get_volume_key_size(cd));
+ EQ_((int)key_size, crypt_get_volume_key_size(cd));
EQ_(params.skip, crypt_get_iv_offset(cd));
EQ_(params.offset, crypt_get_data_offset(cd));
params.skip = 0;
OK_(crypt_init(&cd,DEVICE_1));
OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, ¶ms));
OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
- FAIL_(crypt_init_by_name_and_header(&cd2, CDEVICE_1, H_DEVICE),"can't init plain device by header device");
- OK_(crypt_init_by_name(&cd2,CDEVICE_1));
- OK_(crypt_deactivate(cd,CDEVICE_1));
crypt_free(cd);
- crypt_free(cd2);
+
+ FAIL_(crypt_init_by_name_and_header(&cd, CDEVICE_1, H_DEVICE),"can't init plain device by header device");
+ OK_(crypt_init_by_name(&cd, CDEVICE_1));
+ OK_(strcmp(cipher_mode,crypt_get_cipher_mode(cd)));
+ OK_(strcmp(cipher,crypt_get_cipher(cd)));
+ EQ_((int)key_size, crypt_get_volume_key_size(cd));
+ EQ_(params.skip, crypt_get_iv_offset(cd));
+ EQ_(params.offset, crypt_get_data_offset(cd));
+ OK_(crypt_deactivate(cd, CDEVICE_1));
+ crypt_free(cd);
OK_(crypt_init(&cd,DEVICE_1));
OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,¶ms));
OK_(memcmp(key, key2, key_size));
OK_(strcmp(cipher, crypt_get_cipher(cd)));
OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
- EQ_(key_size, crypt_get_volume_key_size(cd));
+ EQ_((int)key_size, crypt_get_volume_key_size(cd));
EQ_(0, crypt_get_data_offset(cd));
OK_(crypt_deactivate(cd, CDEVICE_1));
EQ_(0, crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
OK_(crypt_deactivate(cd, CDEVICE_1));
+ FAIL_(crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, strlen(KEY1) + 1, 0), "cannot seek");
+ EQ_(0, crypt_activate_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0, 0));
+ OK_(crypt_deactivate(cd, CDEVICE_1));
_remove_keyfiles();
crypt_free(cd);
};
size_t key_size = 256 / 8;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
- char *passphrase = PASSPHRASE;
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
+ const char *passphrase = PASSPHRASE;
+ char buf1[256] = {0}, buf2[256] = {0};
OK_(crypt_init(&cd, DEVICE_1));
crypt_set_log_callback(cd, &new_log, NULL);
EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
OK_(crypt_deactivate(cd, CDEVICE_1));
+ // Check error reporting.
+ // This must fail and create error message
+ crypt_deactivate(cd, CDEVICE_1);
+
+ // Here context must be the same
+ crypt_get_error(buf1, sizeof(buf1));
+ crypt_last_error(cd, buf2, sizeof(buf2));
+ OK_(!*buf1);
+ OK_(!*buf2);
+ OK_(strcmp(buf1, buf2));
+
+ crypt_get_error(buf1, sizeof(buf1));
+ crypt_last_error(cd, buf2, sizeof(buf2));
+ OK_(*buf1);
+ OK_(*buf2);
+
crypt_free(cd);
}
OK_(strcmp("aes", crypt_get_cipher(cd)));
OK_(strcmp("cbc-essiv:sha256", crypt_get_cipher_mode(cd)));
OK_(strcmp(DEVICE_1_UUID, crypt_get_uuid(cd)));
- EQ_(key_size, crypt_get_volume_key_size(cd));
+ EQ_((int)key_size, crypt_get_volume_key_size(cd));
EQ_(1032, crypt_get_data_offset(cd));
EQ_(0, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
OK_(_prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
OK_(crypt_suspend(cd, CDEVICE_1));
FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1 "blah", 0), "wrong keyfile");
- OK_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0));
+ FAIL_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 1, 0), "wrong key");
+ OK_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0), "not suspended");
_remove_keyfiles();
out:
};
char key[128], key2[128];
- char *passphrase = "blabla";
- char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ const char *passphrase = "blabla";
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
size_t key_size = strlen(mk_hex) / 2;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
uint64_t r_payload_offset, r_header_size, r_size_1;
crypt_decode_key(key, mk_hex, key_size);
OK_(get_luks_offsets(0, key_size, params.data_alignment, 0, NULL, &r_payload_offset));
OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_payload_offset));
OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
- OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset - 1));
+ //OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset - 1));
+ OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, 2050 - 1)); //FIXME last keyslot - 1 sector
// 1 sector less than required
OK_(crypt_init(&cd, DMDIR L_DEVICE_WRONG));
// there we've got uuid mismatch
OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
- EQ_(crypt_get_type(cd), NULL);
+ OK_((int)crypt_get_type(cd));
FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device is active");
FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0), "Device is active");
EQ_(crypt_status(cd, CDEVICE_2), CRYPT_INACTIVE);
EQ_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
OK_(crypt_deactivate(cd, CDEVICE_2));
+ crypt_set_iteration_time(cd, 1);
EQ_(1, crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, KEY1, strlen(KEY1)));
OK_(_prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
OK_(_prepare_keyfile(KEYFILE2, KEY2, strlen(KEY2)));
EQ_(2, crypt_keyslot_add_by_keyfile(cd, 2, KEYFILE1, 0, KEYFILE2, 0));
+ FAIL_(crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 1, KEYFILE2, 0, 1), "wrong key");
+ EQ_(3, crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 0, KEYFILE2, 0, 1));
+ EQ_(4, crypt_keyslot_add_by_keyfile_offset(cd, 4, KEYFILE2, 0, 1, KEYFILE1, 0, 1));
FAIL_(crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2)-1, 0), "key mismatch");
EQ_(2, crypt_activate_by_keyfile(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
+ EQ_(3, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 1, 0));
+ EQ_(4, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, 1, 0));
+ FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2), 2, 0), "not enough data");
+ FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, strlen(KEY2) + 1, 0), "cannot seek");
+ FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 2, 0), "wrong key");
EQ_(2, crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
OK_(crypt_keyslot_destroy(cd, 1));
OK_(crypt_keyslot_destroy(cd, 2));
+ OK_(crypt_keyslot_destroy(cd, 3));
+ OK_(crypt_keyslot_destroy(cd, 4));
OK_(crypt_deactivate(cd, CDEVICE_2));
_remove_keyfiles();
OK_(memcmp(key, key2, key_size));
OK_(strcmp(cipher, crypt_get_cipher(cd)));
OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
- EQ_(key_size, crypt_get_volume_key_size(cd));
+ EQ_((int)key_size, crypt_get_volume_key_size(cd));
EQ_(4096, crypt_get_data_offset(cd));
OK_(strcmp(DEVICE_2, crypt_get_device_name(cd)));
};
char key[128], key2[128], cmd[256];
- char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
size_t key_size = strlen(mk_hex) / 2;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
uint64_t r_payload_offset;
crypt_decode_key(key, mk_hex, key_size);
};
char key[128], cmd[256];
- char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
size_t key_size = strlen(mk_hex) / 2;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
uint64_t r_payload_offset, r_header_size;
crypt_decode_key(key, mk_hex, key_size);
// external header device
OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
// prepared header on a device too small to contain header and payload
- OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_payload_offset - 1));
- snprintf(cmd, sizeof(cmd), "dd if=" EVL_HEADER_4 " of=" DMDIR H_DEVICE_WRONG " bs=512 count=%" PRIu64, r_payload_offset - 1);
+ //OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_payload_offset - 1));
+ OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, 2050 - 1)); //FIXME
+ //snprintf(cmd, sizeof(cmd), "dd if=" EVL_HEADER_4 " of=" DMDIR H_DEVICE_WRONG " bs=512 count=%" PRIu64, r_payload_offset - 1);
+ snprintf(cmd, sizeof(cmd), "dd if=" EVL_HEADER_4 " of=" DMDIR H_DEVICE_WRONG " bs=512 count=%" PRIu64, 2050ULL - 1);
OK_(_system(cmd, 1));
// some device
OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
// bad header: device too small (payloadOffset > device_size)
OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "Device too small");
- EQ_(crypt_get_type(cd), NULL);
+ OK_((int)crypt_get_type(cd));
crypt_free(cd);
// 0 secs for encrypted data area
crypt_free(cd);
// damaged header
- OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_0S "bs=512 count=8", 1));
+ OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 count=8", 1));
OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "Header not found");
crypt_free(cd);
};
char key[128];
- char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
size_t key_size = strlen(mk_hex) / 2;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
uint64_t r_payload_offset;
crypt_decode_key(key, mk_hex, key_size);
};
char key[128];
- char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
size_t key_size = strlen(mk_hex) / 2;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
uint64_t r_payload_offset, r_header_size, r_size;
crypt_decode_key(key, mk_hex, key_size);
};
size_t key_size;
- char *mk_hex, *keystr, key[256];
+ const char *mk_hex, *keystr;
+ char key[256];
OK_(crypt_init(&cd, DEVICE_1));
OK_(crypt_format(cd, CRYPT_PLAIN, "aes", "cbc-essiv:sha256", NULL, NULL, 16, ¶ms));
struct crypt_params_luks1 params = {0};
char key[128] = "";
size_t key_size = 128;
- char *cipher = "aes";
- char *cipher_mode = "cbc-essiv:sha256";
+ const char *cipher = "aes";
+ const char *cipher_mode = "cbc-essiv:sha256";
int ret;
OK_(crypt_init(&cd, DEVICE_2));