Imported upstream version 1.6.7

[platform/upstream/cryptsetup.git] / tests / password-hash-test

diff --git a/tests/password-hash-test b/tests/password-hash-test
index dcb54c6..a03af50 100755 (executable)
--- a/tests/password-hash-test
+++ b/tests/password-hash-test
@@ -8,45 +8,88 @@ KEY_FILE=keyfile
 
 DEV2=$DEV_NAME"_x"
 
+dmremove() { # device
+       udevadm settle >/dev/null 2>&1
+       dmsetup remove $1 >/dev/null 2>&1
+}
+
 cleanup() {
-       [ -b /dev/mapper/$DEV2 ] && dmsetup remove $DEV2
-       udevadm settle 2>/dev/null 2>&1
-       [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
+       [ -b /dev/mapper/$DEV2 ] && dmremove $DEV2
+       [ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
        rm -f $KEY_FILE
        exit $1
 }
 
-crypt_key() # hash keysize pwd/file name outkey
+function fail()
+{
+        echo " $1 [FAILED]"
+        cleanup 2
+}
+
+crypt_key() # hash keysize pwd/file name outkey [limit] [offset]
 {
        DEV2=$DEV_NAME"_x"
+       LIMIT=""
        MODE=aes-cbc-essiv:sha256
        [ $2 -gt 256 ] && MODE=aes-xts-plain
+       [ -n "$6" ] && LIMIT="-l $6"
+       [ -n "$7" ] && LIMIT="$LIMIT --keyfile-offset $7"
 
+       echo -n "HASH: $1 KSIZE: $2 / $3"
        case "$3" in
        pwd)
-               echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME
+               echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
+               ret=$?
+               ;;
+       std-)
+               echo -e -n "$4" | $CRYPTSETUP create -c $MODE -d "-" -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
+               ret=$?
                ;;
        stdin)
-               echo -e -n "$4" | $CRYPTSETUP create -c $MODE -d "-" -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME
+               echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
+               ret=$?
+               ;;
+       cat)
+               cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
+               ret=$?
+               ;;
+       cat-)
+               cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 -d - /dev/mapper/$DEV_NAME 2>/dev/null
+               ret=$?
                ;;
        file)
-               $CRYPTSETUP create -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME
+               $CRYPTSETUP create -q -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
+               ret=$?
+               ;;
+       failpwd)
+               echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null && fail "Expecting failure"
+               echo " [OK]"
+               return
                ;;
        *)
-               fail
+               fail ""
                ;;
        esac
 
-       VKEY=$(dmsetup table $DEV2 --showkeys 2>/dev/null | cut -d' '  -f 5)
-       echo -n "HASH: $1 KSIZE: $2 / $3"
+       # ignore these cases, not all libs/kernel supports it
+       if [ "$1" == "ripemd160" -o $2 -gt 256 ] ; then
+               if [ $ret -ne 0 ] ; then
+                       echo " [N/A] ($ret, SKIPPED)"
+                       return
+               fi
+       fi
+
+       VKEY=$(dmsetup table $DEV2 --showkeys 2>/dev/null | sed 's/.*: //' | cut -d' '  -f 5)
        if [ "$VKEY" != "$5" ] ; then
                echo " [FAILED]"
                echo "expected: $5"
                echo "real key: $VKEY"
                cleanup 100
+       else
+               echo " [OK]"
        fi
-       echo " [OK]"
-       dmsetup remove $DEV2
+
+       dmremove $DEV2
 }
 
 if [ $(id -u) != 0 ]; then
@@ -64,21 +107,65 @@ crypt_key sha1      128 pwd "xxx" b60d121b438a380c343d5ec3c2037564
 crypt_key sha256    256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
 crypt_key sha256    128 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7
 
-crypt_key ripemd160   0 stdin "xxx"   aeb26d1f69eb6dddfb9381eed4d7299f091e99aa5d3ff06866d4ce9f620f7aca
-crypt_key ripemd160 256 stdin "xxx\n" 625ce2a8dbdf08f1de400dba7ab9fab246f2a55ad6136e6cafd6703732dab8cf
+crypt_key sha256   0 std- "xxx"    cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
+crypt_key sha256 256 std- "xxx\n"  042aea10a0f14f2d391373599be69d53a75dde9951fc3d3cd10b6100aa7a9f24
+crypt_key sha256 128 std- "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" \
+                                  2a42b97084779dcedf2c66405c5d296c
+crypt_key sha256 256 stdin "xxx"   cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
+crypt_key sha256   0 stdin "xxx\n" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
 
 # with keyfile, hash is ignored
 crypt_key ripemd160 256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
 crypt_key sha256    256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
+crypt_key unknown*  256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
+
+# limiting key
+crypt_key sha256:20 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b4580588000000000000000000000000
+crypt_key sha256:32 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
+
+crypt_key sha256:   256 failpwd "xxx" x
+crypt_key sha256:xx 256 failpwd "xxx" x
 
 # key file, 80 chars
 echo -n -e "0123456789abcdef\n\x01\x00\x03\xff\xff\r\xff\xff\n\r" \
           "2352j3rkjhadcfasc823rqaw7e1 3dq sdq3d 2dkjqw3h2=====" >$KEY_FILE
 KEY_FILE_HEX="303132333435363738396162636465660a010003ffff0dffff0a0d20323335326a33726b6a686164636661736338323372716177376531203364712073647133"
 
+# ignore hash if keyfile is specified
 crypt_key ripemd160 256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
 crypt_key sha256    256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
 crypt_key sha256    128 file $KEY_FILE ${KEY_FILE_HEX:0:32}
 crypt_key sha256    512 file $KEY_FILE $KEY_FILE_HEX
 
+# stdin can be limited
+crypt_key plain     128 cat /dev/zero 00000000000000000000000000000000 16
+crypt_key plain     128 cat /dev/zero 00000000000000000000000000000000 17
+
+# read key only up to \n
+crypt_key plain     128 cat $KEY_FILE ${KEY_FILE_HEX:0:28}0000 14
+
+# read full key, ignore keyfile length
+crypt_key plain     128 cat- $KEY_FILE ${KEY_FILE_HEX:0:32}
+crypt_key plain     128 cat- $KEY_FILE ${KEY_FILE_HEX:0:32} 14
+
+# but do not ignore hash if keysgfile is "-"
+crypt_key sha256    128 cat- $KEY_FILE f3b827c8a6f159ad8c8ed5bd5ab3f8c5
+crypt_key sha256    128 cat- $KEY_FILE f3b827c8a6f159ad8c8ed5bd5ab3f8c5 0
+crypt_key sha256    128 cat- $KEY_FILE f3b827c8a6f159ad8c8ed5bd5ab3f8c5 80
+crypt_key sha256    128 cat- $KEY_FILE a82c9227cc54c7475620ce85ba1fca1e 14
+crypt_key sha256    128 cat- $KEY_FILE 7df3f4a41a33805596be85c781cac3b4 14 2
+crypt_key sha256    128 cat- $KEY_FILE ebbe65a178e886ddbb778e0a5538db72 40 40
+
+# limiting plain (no hash)
+crypt_key plain   256     pwd "xxxxxxxx" 7878787878787878000000000000000000000000000000000000000000000000
+crypt_key plain:2 256     pwd "xxxxxxxx" 7878000000000000000000000000000000000000000000000000000000000000
+crypt_key plain:9 256 failpwd "xxxxxxxx" x
+
+crypt_key sha256    128 cat $KEY_FILE a82c9227cc54c7475620ce85ba1fca1e 14
+crypt_key sha256:14 128 cat $KEY_FILE a82c9227cc54c7475620ce85ba1f0000 14
+
+crypt_key sha256    128 pwd "0123456789abcdef" 9f9f5111f7b27a781f1f1ddde5ebc2dd 16
+crypt_key sha256    128 pwd "0123456789abcdef" 1be2e452b46d7a0d9656bbb1f768e824  4
+crypt_key sha256    128 pwd "0123"             1be2e452b46d7a0d9656bbb1f768e824  4
+
 cleanup 0