-TESTS = apitest
+TESTS = apitest compat-test
-EXTRA_DIST = fileDiffer.py compatimage.img.bz2 align_test
+EXTRA_DIST = fileDiffer.py compatimage.img.bz2 align_test compat-test
apitest_SOURCES = apitest.c
apitest_LDADD = ../lib/libcryptsetup.la
compatimage.img:
@bzip2 -k -d compatimage.img.bz2
-
-# LUKS tests
-ORIG_IMG = /tmp/luks-test-orig
-IMG = /tmp/luks-test
-IMG1 = /tmp/luks-test1
-
-
-LUKS_HEADER = S0-5 S6-7 S8-39 S40-71 S72-103 S104-107 S108-111 R112-131 R132-163 S164-167 S168-207 A0-591
-
-KEY_SLOT0 = S208-211 S212-215 R216-247 S248-251 S251-255
-KEY_MATERIAL0 = R4096-68096
-KEY_MATERIAL0_EXT = R4096-68096
-
-KEY_SLOT1 = S256-259 S260-263 R264-295 S296-299 S300-303
-KEY_MATERIAL1 = R69632-133632
-KEY_MATERIAL1_EXT = S69632-133632
-
-LOOPDEV = /dev/loop5
-
-test:
-# (cd ..; make clean; make CFLAGS=-Werror)
- @if [ `id -u` != 0 ]; then \
- echo Not root; \
- fi
- @if [ ! -e /tmp/key1 ]; then \
- dd if=/dev/urandom of=/tmp/key1 count=1 bs=32; \
- fi
- @bzip2 -cd compatimage.img.bz2 > $(IMG)
- @-/sbin/losetup -d $(LOOPDEV)
- @/sbin/losetup $(LOOPDEV) $(IMG)
-
- @echo Case: open - compat image - acceptance check
-# Image must not change
- @cp $(IMG) $(ORIG_IMG)
- echo "compatkey" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG)
- @-ls -l /dev/mapper/dummy > /dev/null
- @../src/cryptsetup remove dummy
- @echo "success"
-
-
- @echo Case: open - compat image - denial check
-# Image must not change
- @cp $(IMG) $(ORIG_IMG)
- echo "wrongkey" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy || true
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG)
- @echo "success"
-
- @echo Case: format
-# All headers items and first key material section must change
- @cp $(IMG) $(ORIG_IMG)
- echo "key0" | ../src/cryptsetup -v -i 1000 -c aes-cbc-essiv:sha256 -s 128 luksFormat $(LOOPDEV)
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(LUKS_HEADER) $(KEY_SLOT0) $(KEY_MATERIAL0)
-
- @echo Case: format using hash sha512
- @cp $(IMG) $(ORIG_IMG)
- echo "key0" | ../src/cryptsetup -v -i 1000 -h sha512 -c aes-cbc-essiv:sha256 -s 128 luksFormat $(LOOPDEV)
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(LUKS_HEADER) $(KEY_SLOT0) $(KEY_MATERIAL0)
-
- @echo Case: open
-# Image must not change
- @cp $(IMG) $(ORIG_IMG)
- echo "key0" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG)
- @-ls -l /dev/mapper/dummy > /dev/null
- @../src/cryptsetup remove dummy
- @echo "success"
-
- @echo Case: add key
-# Key Slot 1 and key material section 1 must change, the rest must not.
- @cp $(IMG) $(ORIG_IMG)
- echo -e "key0\nkey1" | ../src/cryptsetup -v luksAddKey $(LOOPDEV)
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(KEY_SLOT1) $(KEY_MATERIAL1)
- echo "key1" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy
- @-ls -l /dev/mapper/dummy > /dev/null
- @../src/cryptsetup -v remove dummy
- @echo "success"
-
-# Unsuccessful Key Delete - nothing may change
- @echo Case: unsuccessful delete
- @cp $(IMG) $(ORIG_IMG)
- echo "invalid" | ../src/cryptsetup -v luksDelKey $(LOOPDEV) 1 || true
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG)
- @echo "success"
-
-# Delete Key Test
-# Key Slot 1 and key material section 1 must change, the rest must not
- @echo Case: successful delete
- @cp $(IMG) $(ORIG_IMG)
- ../src/cryptsetup -v -q luksDelKey $(LOOPDEV) 1
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(KEY_SLOT1) $(KEY_MATERIAL1_EXT)
- echo "key1" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy 2>/dev/null || true
- echo "key0" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy 2>/dev/null
- @../src/cryptsetup -v remove dummy
- @echo "success"
-
-# Non-Exclusive Open test
-# @echo Case: Non-Exclusive Open
-# echo "key0" | ../src/cryptsetup -v --readonly luksOpen $(LOOPDEV) dummy1 2>/dev/null
-# must fail
-# echo "key0" | ../src/cryptsetup -v --readonly luksOpen $(LOOPDEV) dummy2 2>/dev/null || true
-# echo "key0" | ../src/cryptsetup -v --non-exclusive --readonly luksOpen $(LOOPDEV) dummy2 2>/dev/null
-# @../src/cryptsetup -v remove dummy1
-# @../src/cryptsetup -v remove dummy2
-
-
-# Key Slot 1 and key material section 1 must change, the rest must not
- @echo Case: add key test for key files
- @cp $(IMG) $(ORIG_IMG)
- echo "key0" | ../src/cryptsetup -v luksAddKey $(LOOPDEV) /tmp/key1
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(KEY_SLOT1) $(KEY_MATERIAL1)
- ../src/cryptsetup -d /tmp/key1 -v luksOpen $(LOOPDEV) dummy
- @-ls -l /dev/mapper/dummy > /dev/null
- @../src/cryptsetup -v remove dummy
- @echo "success"
-
- @echo Case: delete key test with /tmp/key1 as remaining key
-# Key Slot 1 and key material section 1 must change, the rest must not
- @cp $(IMG) $(ORIG_IMG)
- ../src/cryptsetup -v -d /tmp/key1 luksDelKey $(LOOPDEV) 0
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(KEY_SLOT0) $(KEY_MATERIAL0_EXT)
- echo "key0" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy 2>/dev/null || true
- ../src/cryptsetup -v luksOpen -d /tmp/key1 $(LOOPDEV) dummy 2>/dev/null
- @../src/cryptsetup -v remove dummy
- @echo "success"
-
-# Delete last slot
- @echo Case: delete last key
- @cp $(IMG) $(ORIG_IMG)
- @echo "key0" | ../src/cryptsetup -v luksFormat $(LOOPDEV)
- echo "key0" | ../src/cryptsetup -v luksKillSlot $(LOOPDEV) 0
- @sync
- echo "key0" | ../src/cryptsetup -v luksOpen $(LOOPDEV) dummy 2>/dev/null || true
- @echo "success"
-
-# Format test for ESSIV, and some other parameters.
- @echo Case: parameter variation test
- @dd if=/dev/zero of=$(IMG) count=20000
- @cp $(IMG) $(ORIG_IMG)
- @../src/cryptsetup -q -v -i 1000 -c aes-cbc-essiv:sha256 -s 128 luksFormat $(LOOPDEV) /tmp/key1
- @sync
- ./fileDiffer.py $(IMG) $(ORIG_IMG) $(LUKS_HEADER) $(KEY_SLOT0) $(KEY_MATERIAL0)
- @../src/cryptsetup -d /tmp/key1 -v luksOpen $(LOOPDEV) dummy
- @-ls -l /dev/mapper/dummy > /dev/null && echo "success"
- @../src/cryptsetup -v remove dummy
-
- @-/sbin/losetup -d $(LOOPDEV)
--- /dev/null
+#!/bin/bash
+
+CRYPTSETUP=../src/cryptsetup
+
+LOOPDEV=/dev/loop5
+DEV_NAME=dummy
+ORIG_IMG=luks-test-orig
+IMG=luks-test
+IMG1=luks-test1
+KEY1=key1
+
+LUKS_HEADER="S0-5 S6-7 S8-39 S40-71 S72-103 S104-107 S108-111 R112-131 R132-163 S164-167 S168-207 A0-591"
+KEY_SLOT0="S208-211 S212-215 R216-247 S248-251 S251-255"
+KEY_MATERIAL0="R4096-68096"
+KEY_MATERIAL0_EXT="R4096-68096"
+
+KEY_SLOT1="S256-259 S260-263 R264-295 S296-299 S300-303"
+KEY_MATERIAL1="R69632-133632"
+KEY_MATERIAL1_EXT="S69632-133632"
+
+function remove_mapping()
+{
+ [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
+ losetup -d $LOOPDEV >/dev/null 2>&1
+ rm -f $ORIG_IMG $IMG $IMG1 $KEY1 >/dev/null 2>&1
+}
+
+function fail()
+{
+ remove_mapping
+ echo "FAILED"
+ exit 2
+}
+
+function prepare()
+{
+ if [ $(id -u) != 0 ]; then
+ echo "WARNING: You must be root to run this test, test skipped."
+ exit 0
+ fi
+
+ [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
+
+ if [ ! -e $KEY1 ]; then
+ dd if=/dev/urandom of=$KEY1 count=1 bs=32 >/dev/null 2>&1
+ fi
+
+ if [ ! -e $IMG ]; then
+ bzip2 -cd compatimage.img.bz2 > $IMG
+ losetup -d $LOOPDEV >/dev/null 2>&1
+ losetup $LOOPDEV $IMG
+ fi
+
+ cp $IMG $ORIG_IMG
+
+ [ -n "$1" ] && echo "CASE: $1"
+}
+
+function check()
+{
+ sync
+ ./fileDiffer.py $IMG $ORIG_IMG $1|| fail
+}
+
+function check_exists()
+{
+ [ -b /dev/mapper/$DEV_NAME ] || fail
+ check $1
+}
+
+# LUKS tests
+
+prepare "[1] open - compat image - acceptance check"
+echo "compatkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
+check_exists
+
+prepare "[2] open - compat image - denial check"
+echo "wrongkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
+check
+
+# All headers items and first key material section must change
+prepare "[3] format"
+echo "key0" | $CRYPTSETUP -i 1000 -c aes-cbc-essiv:sha256 -s 128 luksFormat $LOOPDEV || fail
+check "$LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0"
+
+prepare "[4] format using hash sha512"
+echo "key0" | $CRYPTSETUP -i 1000 -h sha512 -c aes-cbc-essiv:sha256 -s 128 luksFormat $LOOPDEV || fail
+check "$LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0"
+
+prepare "[5] open"
+echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
+check_exists
+
+# Key Slot 1 and key material section 1 must change, the rest must not.
+prepare "[6] add key"
+echo -e "key0\nkey1" | $CRYPTSETUP luksAddKey $LOOPDEV || fail
+check "$KEY_SLOT1 $KEY_MATERIAL1"
+echo "key1" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
+
+# Unsuccessful Key Delete - nothing may change
+prepare "[7] unsuccessful delete"
+echo "invalid" | $CRYPTSETUP luksDelKey $LOOPDEV 1 && fail
+check
+
+# Delete Key Test
+# Key Slot 1 and key material section 1 must change, the rest must not
+prepare "[8] successful delete"
+$CRYPTSETUP -q luksDelKey $LOOPDEV 1 || fail
+check "$KEY_SLOT1 $KEY_MATERIAL1_EXT"
+echo "key1" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
+echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
+
+# Key Slot 1 and key material section 1 must change, the rest must not
+prepare "[9] add key test for key files"
+echo "key0" | $CRYPTSETUP luksAddKey $LOOPDEV $KEY1 || fail
+check "$KEY_SLOT1 $KEY_MATERIAL1"
+$CRYPTSETUP -d $KEY1 luksOpen $LOOPDEV $DEV_NAME || fail
+
+# Key Slot 1 and key material section 1 must change, the rest must not
+prepare "[10] delete key test with key1 as remaining key"
+$CRYPTSETUP -d $KEY1 luksDelKey $LOOPDEV 0 || fail
+check "$KEY_SLOT0 $KEY_MATERIAL0_EXT"
+echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
+$CRYPTSETUP luksOpen -d $KEY1 $LOOPDEV $DEV_NAME || fail
+
+# Delete last slot
+prepare "[11] delete last key"
+echo "key0" | $CRYPTSETUP luksFormat $LOOPDEV || fail
+echo "key0" | $CRYPTSETUP luksKillSlot $LOOPDEV 0 || fail
+echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME && fail
+
+# Format test for ESSIV, and some other parameters.
+prepare "[12] parameter variation test"
+$CRYPTSETUP -q -i 1000 -c aes-cbc-essiv:sha256 -s 128 luksFormat $LOOPDEV $KEY1 || fail
+check "$LUKS_HEADER $KEY_SLOT0 $KEY_MATERIAL0"
+$CRYPTSETUP -d $KEY1 luksOpen $LOOPDEV $DEV_NAME || fail
+
+remove_mapping
+exit 0