# that you are not using old gcrypt with flawed whirlpool
# (see cryptsetup debug output)
-CRYPTSETUP=../src/cryptsetup
+[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
+CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
TST_DIR=luks1-images
MAP=luks1tst
KEYFILE=keyfile1
+[ -z "$srcdir" ] && srcdir="."
+
function remove_mapping()
{
- [ -b /dev/mapper/$MAP ] && dmsetup remove $MAP
+ [ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP
}
function fail()
{
[ -n "$1" ] && echo "$1"
echo " [FAILED]"
+ echo "FAILED backtrace:"
+ while caller $frame; do ((frame++)); done
remove_mapping
exit 2
}
{
[ -n "$1" ] && echo "$1"
echo "Test skipped."
- exit 0
+ exit 77
}
function test_one()
$CRYPTSETUP benchmark -h whirlpool | grep "N/A" && skip
echo "REQUIRED CIPHERS TEST"
- echo "# Algorithm | Key | Encryption | Decryption"
+ echo "# Algorithm | Key | Encryption | Decryption"
test_one aes-xts 256
test_one twofish-xts 256
export LANG=C
+test_required
+[ ! -d $TST_DIR ] && tar xJf $srcdir/luks1-images.tar.xz --no-same-owner
+
+echo "PASSPHRASE CHECK"
+for file in $(ls $TST_DIR/luks1_*) ; do
+ echo -n " $file"
+ $CRYPTSETUP luksOpen -d $TST_DIR/$KEYFILE $file --test-passphrase 2>/dev/null
+ ret=$?
+ # ignore missing whirlpool (pwd failed is exit code 2)
+ [ $ret -eq 1 ] && (echo $file | grep -q -e "whirlpool") && echo " [N/A]" && continue
+ # ignore flawed whirlpool (pwd failed is exit code 2)
+ [ $ret -eq 2 ] && (echo $file | grep -q -e "whirlpool") && \
+ ($CRYPTSETUP luksDump $file --debug | grep -q -e "flawed whirlpool") && \
+ echo " [IGNORED (flawed Whirlpool library)]" && continue
+ [ $ret -ne 0 ] && fail
+ echo " [OK]"
+done
+
if [ $(id -u) != 0 ]; then
echo "WARNING: You must be root to run activation part of test, test skipped."
exit 0
fi
-test_required
-[ ! -d $TST_DIR ] && tar xjf luks1-images.tar.bz2
-
echo "ACTIVATION FS UUID CHECK"
for file in $(ls $TST_DIR/luks1_*) ; do
echo -n " $file"
ret=$?
# ignore missing whirlpool (pwd failed is exit code 2)
[ $ret -eq 1 ] && (echo $file | grep -q -e "whirlpool") && echo " [N/A]" && continue
+ # ignore flawed whirlpool (pwd failed is exit code 2)
+ [ $ret -eq 2 ] && (echo $file | grep -q -e "whirlpool") && \
+ ($CRYPTSETUP luksDump $file --debug | grep -q -e "flawed whirlpool") && \
+ echo " [IGNORED (flawed Whirlpool library)]" && continue
[ $ret -ne 0 ] && fail
$CRYPTSETUP status $MAP >/dev/null || fail
$CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail