X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=tests%2Fmode-test;h=82171fbd1c47f813d3a52217e0ff1aaf4b117768;hb=6497abd1df88001eb1f45f7348534911b33d05b5;hp=9a8fe612cf76d46be995d360a72e942864beb832;hpb=e8e805dfd3fc937e63795e2118a68db7a73c7521;p=platform%2Fupstream%2Fcryptsetup.git diff --git a/tests/mode-test b/tests/mode-test index 9a8fe61..82171fb 100755 --- a/tests/mode-test +++ b/tests/mode-test @@ -2,24 +2,32 @@ # # Test mode compatibility, check input + kernel and cryptsetup cipher status # -CRYPTSETUP=../src/cryptsetup +[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." +CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup DEV_NAME=dmc_test -LOOPDEV=/dev/loop5 HEADER_IMG=mode-test.img PASSWORD=3xrododenron +PASSWORD1=$PASSWORD +FAST_PBKDF2="--pbkdf pbkdf2 --pbkdf-force-iterations 1000" # cipher-chainmode-ivopts:ivmode CIPHERS="aes twofish serpent" MODES="cbc lrw xts" IVMODES="null benbi plain plain64 essiv:sha256" +LOOPDEV=$(losetup -f 2>/dev/null) + +CRYPTSETUP_VALGRIND=../.libs/cryptsetup +CRYPTSETUP_LIB_VALGRIND=../.libs + +dmremove() { # device + udevadm settle >/dev/null 2>&1 + dmsetup remove --retry $1 >/dev/null 2>&1 +} + cleanup() { - for dev in $(dmsetup status --target crypt | sed s/\:\ .*// | grep "^$DEV_NAME"_); do - dmsetup remove $dev - done - udevadm settle 2>/dev/null 2>&1 - sleep 2 - [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME + [ -b /dev/mapper/"$DEV_NAME"_tstdev ] && dmremove "$DEV_NAME"_tstdev + [ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME losetup -d $LOOPDEV >/dev/null 2>&1 rm -f $HEADER_IMG >/dev/null 2>&1 } @@ -27,11 +35,33 @@ cleanup() { fail() { [ -n "$1" ] && echo "$1" + echo "FAILED backtrace:" + while caller $frame; do ((frame++)); done cleanup exit 100 } +skip() +{ + [ -n "$1" ] && echo "$1" + exit 77 +} + +function valgrind_setup() +{ + command -v valgrind >/dev/null || fail "Cannot find valgrind." + [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable." + export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH" +} + +function valgrind_run() +{ + INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@" +} + + add_device() { + cleanup dd if=/dev/zero of=$HEADER_IMG bs=1M count=6 >/dev/null 2>&1 sync losetup $LOOPDEV $HEADER_IMG >/dev/null 2>&1 @@ -40,8 +70,8 @@ add_device() { dmcrypt_check() # device outstring { - X=$(dmsetup table $1 2>/dev/null | cut -d' ' -f 4) - if [ $X = $2 ] ; then + X=$(dmsetup table $1 2>/dev/null | sed 's/.*: //' | cut -d' ' -f 4) + if [ "$X" = $2 ] ; then echo -n "[table OK]" else echo "[table FAIL]" @@ -49,26 +79,27 @@ dmcrypt_check() # device outstring fail fi - X=$($CRYPTSETUP status $1 | grep cipher | sed s/\.\*cipher:\\s*//) + X=$($CRYPTSETUP status $1 | grep cipher: | sed s/\.\*cipher:\\s*//) if [ $X = $2 ] ; then echo -n "[status OK]" else echo "[status FAIL]" - echo " Expecting $2 got $X." + echo " Expecting $2 got \"$X\"." fail fi - dmsetup remove $1 >/dev/null 2>&1 + dmremove $1 } -dmcrypt_check_sum() # cipher device outstring +dmcrypt_check_sum() # cipher device { EXPSUM="c036cbb7553a909f8b8877d4461924307f27ecb66cff928eeeafd569c3887e29" # Fill device with zeroes and reopen it dd if=/dev/zero of=/dev/mapper/$2 bs=1M count=6 >/dev/null 2>&1 sync - dmsetup remove $2 - echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 $2 /dev/mapper/$DEV_NAME >/dev/null 2>&1 + dmremove $2 + + echo $PASSWORD | $CRYPTSETUP create -h sha256 -c $1 -s 256 $2 /dev/mapper/$DEV_NAME >/dev/null 2>&1 ret=$? VSUM=$(sha256sum /dev/mapper/$2 | cut -d' ' -f 1) if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then @@ -79,43 +110,50 @@ dmcrypt_check_sum() # cipher device outstring fail fi - dmsetup remove $2 >/dev/null 2>&1 + dmremove $2 } dmcrypt() { OUT=$2 [ -z "$OUT" ] && OUT=$1 - printf "%-25s" "$1" + printf "%-31s" "$1" - echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 "$DEV_NAME"_"$1" /dev/mapper/$DEV_NAME >/dev/null 2>&1 + echo $PASSWORD | $CRYPTSETUP create -h sha256 -c $1 -s 256 "$DEV_NAME"_tstdev /dev/mapper/$DEV_NAME >/dev/null 2>&1 if [ $? -eq 0 ] ; then echo -n -e "PLAIN:" - dmcrypt_check "$DEV_NAME"_"$1" $OUT + dmcrypt_check "$DEV_NAME"_tstdev $OUT else echo -n "[n/a]" fi - echo $PASSWORD | $CRYPTSETUP luksFormat -i 1 -c $1 -s 256 /dev/mapper/$DEV_NAME >/dev/null 2>&1 + echo $PASSWORD | $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF2 -c $1 -s 256 /dev/mapper/$DEV_NAME >/dev/null 2>&1 + if [ $? -eq 0 ] ; then + echo -n -e " LUKS1:" + echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_tstdev >/dev/null 2>&1 || fail + dmcrypt_check "$DEV_NAME"_tstdev $OUT + fi + + echo $PASSWORD | $CRYPTSETUP luksFormat --type luks2 --pbkdf pbkdf2 $FAST_PBKDF2 -c $1 -s 256 --offset 8192 /dev/mapper/$DEV_NAME >/dev/null 2>&1 if [ $? -eq 0 ] ; then - echo -n -e " LUKS:" - echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_"$1" >/dev/null 2>&1 - dmcrypt_check "$DEV_NAME"_"$1" $OUT + echo -n -e " LUKS2:" + echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_tstdev >/dev/null 2>&1 || fail + dmcrypt_check "$DEV_NAME"_tstdev $OUT fi # repeated device creation must return the same checksum - echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 "$DEV_NAME"_"$1" /dev/mapper/$DEV_NAME >/dev/null 2>&1 + echo $PASSWORD | $CRYPTSETUP create -h sha256 -c $1 -s 256 "$DEV_NAME"_tstdev /dev/mapper/$DEV_NAME >/dev/null 2>&1 if [ $? -eq 0 ] ; then echo -n -e " CHECKSUM:" - dmcrypt_check_sum "$1" "$DEV_NAME"_"$1" + dmcrypt_check_sum "$1" "$DEV_NAME"_tstdev fi echo } -if [ $(id -u) != 0 ]; then - echo "WARNING: You must be root to run this test, test skipped." - exit 0 -fi +[ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped." +[ -z "$LOOPDEV" ] && skip "Cannot find free loop device, test skipped." +[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped." +[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run add_device @@ -123,6 +161,13 @@ add_device dmcrypt aes aes-cbc-plain dmcrypt aes-plain aes-cbc-plain +# empty cipher +PASSWORD="" +dmcrypt null cipher_null-ecb +dmcrypt cipher_null cipher_null-ecb +dmcrypt cipher_null-ecb + +PASSWORD=$PASSWORD1 # codebook doesn't support IV at all for cipher in $CIPHERS ; do dmcrypt "$cipher-ecb" @@ -136,4 +181,7 @@ for cipher in $CIPHERS ; do done done +dmcrypt xchacha12,aes-adiantum-plain64 +dmcrypt xchacha20,aes-adiantum-plain64 + cleanup