2 * cryptsetup library LUKS2 API check functions
4 * Copyright (C) 2009-2020 Red Hat, Inc. All rights reserved.
5 * Copyright (C) 2009-2020 Milan Broz
6 * Copyright (C) 2016-2020 Ondrej Kozina
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
32 #include <sys/types.h>
34 #include <linux/keyctl.h>
35 #include <sys/syscall.h>
36 #ifndef HAVE_KEY_SERIAL_T
37 #define HAVE_KEY_SERIAL_T
39 typedef int32_t key_serial_t;
45 #include "libcryptsetup.h"
47 #define DMDIR "/dev/mapper/"
49 #define DEVICE_1_UUID "28632274-8c8a-493f-835b-da802e1c576b"
50 #define DEVICE_EMPTY_name "crypt_zero"
51 #define DEVICE_EMPTY DMDIR DEVICE_EMPTY_name
52 #define DEVICE_ERROR_name "crypt_error"
53 #define DEVICE_ERROR DMDIR DEVICE_ERROR_name
55 #define CDEVICE_1 "ctest1"
56 #define CDEVICE_2 "ctest2"
57 #define CDEVICE_WRONG "O_o"
58 #define H_DEVICE "head_ok"
59 #define H_DEVICE_WRONG "head_wr"
60 #define L_DEVICE_1S "luks_onesec"
61 #define L_DEVICE_0S "luks_zerosec"
62 #define L_DEVICE_WRONG "luks_wr"
63 #define L_DEVICE_OK "luks_ok"
64 #define REQS_LUKS2_HEADER "luks2_header_requirements"
65 #define NO_REQS_LUKS2_HEADER "luks2_header_requirements_free"
66 #define BACKUP_FILE "csetup_backup_file"
67 #define IMAGE1 "compatimage2.img"
68 #define IMAGE_EMPTY "empty.img"
69 #define IMAGE_EMPTY_SMALL "empty_small.img"
70 #define IMAGE_EMPTY_SMALL_2 "empty_small2.img"
71 #define IMAGE_PV_LUKS2_SEC "blkid-luks2-pv.img"
73 #define KEYFILE1 "key1.file"
74 #define KEY1 "compatkey"
76 #define KEYFILE2 "key2.file"
77 #define KEY2 "0123456789abcdef"
79 #define PASSPHRASE "blabla"
80 #define PASSPHRASE1 "albalb"
82 #define DEVICE_TEST_UUID "12345678-1234-1234-1234-123456789abc"
84 #define DEVICE_WRONG "/dev/Ooo_"
85 #define DEVICE_CHAR "/dev/zero"
86 #define THE_LFILE_TEMPLATE "cryptsetup-tstlp.XXXXXX"
88 #define KEY_DESC_TEST0 "cs_token_test:test_key0"
89 #define KEY_DESC_TEST1 "cs_token_test:test_key1"
91 #define CONV_DIR "conversion_imgs"
92 #define CONV_L1_128 "l1_128b"
93 #define CONV_L1_256 "l1_256b"
94 #define CONV_L1_512 "l1_512b"
95 #define CONV_L2_128 "l2_128b"
96 #define CONV_L2_128_FULL "l2_128b_full"
97 #define CONV_L2_256 "l2_256b"
98 #define CONV_L2_256_FULL "l2_256b_full"
99 #define CONV_L2_512 "l2_512b"
100 #define CONV_L2_512_FULL "l2_512b_full"
101 #define CONV_L1_128_DET "l1_128b_det"
102 #define CONV_L1_256_DET "l1_256b_det"
103 #define CONV_L1_512_DET "l1_512b_det"
104 #define CONV_L2_128_DET "l2_128b_det"
105 #define CONV_L2_128_DET_FULL "l2_128b_det_full"
106 #define CONV_L2_256_DET "l2_256b_det"
107 #define CONV_L2_256_DET_FULL "l2_256b_det_full"
108 #define CONV_L2_512_DET "l2_512b_det"
109 #define CONV_L2_512_DET_FULL "l2_512b_det_full"
110 #define CONV_L1_256_LEGACY "l1_256b_legacy_offset"
111 #define CONV_L1_256_UNMOVABLE "l1_256b_unmovable"
122 /* Allow to run without config.h */
123 #ifndef DEFAULT_LUKS1_HASH
124 #define DEFAULT_LUKS1_HASH "sha256"
125 #define DEFAULT_LUKS1_ITER_TIME 2000
126 #define DEFAULT_LUKS2_ITER_TIME 2000
127 #define DEFAULT_LUKS2_MEMORY_KB 1048576
128 #define DEFAULT_LUKS2_PARALLEL_THREADS 4
129 #define DEFAULT_LUKS2_PBKDF "argon2i"
132 static int _fips_mode = 0;
134 static char *DEVICE_1 = NULL;
135 static char *DEVICE_2 = NULL;
136 static char *DEVICE_3 = NULL;
137 static char *DEVICE_4 = NULL;
138 static char *DEVICE_5 = NULL;
139 static char *DEVICE_6 = NULL;
141 static char *tmp_file_1 = NULL;
142 static char *test_loop_file = NULL;
144 unsigned int test_progress_steps;
146 struct crypt_device *cd = NULL, *cd2 = NULL;
150 static unsigned cpus_online(void)
155 r = sysconf(_SC_NPROCESSORS_ONLN);
163 static uint32_t adjusted_pbkdf_memory(void)
165 long pagesize = sysconf(_SC_PAGESIZE);
166 long pages = sysconf(_SC_PHYS_PAGES);
169 if (pagesize <= 0 || pages <= 0)
170 return DEFAULT_LUKS2_MEMORY_KB;
172 memory_kb = pagesize / 1024 * pages / 2;
174 if (memory_kb < DEFAULT_LUKS2_MEMORY_KB)
175 return (uint32_t)memory_kb;
177 return DEFAULT_LUKS2_MEMORY_KB;
180 static unsigned _min(unsigned a, unsigned b)
182 return a < b ? a : b;
185 static int get_luks2_offsets(int metadata_device,
186 unsigned int alignpayload_sec,
187 unsigned int sector_size,
188 uint64_t *r_header_size,
189 uint64_t *r_payload_offset)
191 struct crypt_device *cd = NULL;
192 static uint64_t default_header_size = 0;
194 if (!default_header_size) {
195 if (crypt_init(&cd, THE_LOOP_DEV))
197 if (crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, NULL)) {
202 default_header_size = crypt_get_data_offset(cd);
208 sector_size = 512; /* default? */
210 if ((sector_size % 512) && (sector_size % 4096))
213 if (r_payload_offset) {
215 *r_payload_offset = DIV_ROUND_UP_MODULO(default_header_size * 512, (alignpayload_sec ?: 1) * sector_size);
217 *r_payload_offset = alignpayload_sec * sector_size;
219 *r_payload_offset /= sector_size;
223 *r_header_size = default_header_size;
228 static void _remove_keyfiles(void)
234 #if HAVE_DECL_DM_TASK_RETRY_REMOVE
235 #define DM_RETRY "--retry "
240 #define DM_NOSTDERR " 2>/dev/null"
242 static void _cleanup_dmdevices(void)
246 if (!stat(DMDIR H_DEVICE, &st))
247 _system("dmsetup remove " DM_RETRY H_DEVICE DM_NOSTDERR, 0);
249 if (!stat(DMDIR H_DEVICE_WRONG, &st))
250 _system("dmsetup remove " DM_RETRY H_DEVICE_WRONG DM_NOSTDERR, 0);
252 if (!stat(DMDIR L_DEVICE_0S, &st))
253 _system("dmsetup remove " DM_RETRY L_DEVICE_0S DM_NOSTDERR, 0);
255 if (!stat(DMDIR L_DEVICE_1S, &st))
256 _system("dmsetup remove " DM_RETRY L_DEVICE_1S DM_NOSTDERR, 0);
258 if (!stat(DMDIR L_DEVICE_WRONG, &st))
259 _system("dmsetup remove " DM_RETRY L_DEVICE_WRONG DM_NOSTDERR, 0);
261 if (!stat(DMDIR L_DEVICE_OK, &st))
262 _system("dmsetup remove " DM_RETRY L_DEVICE_OK DM_NOSTDERR, 0);
267 static void _cleanup(void)
274 //_system("udevadm settle", 0);
276 if (!stat(DMDIR CDEVICE_1, &st))
277 _system("dmsetup remove " DM_RETRY CDEVICE_1 DM_NOSTDERR, 0);
279 if (!stat(DMDIR CDEVICE_2, &st))
280 _system("dmsetup remove " DM_RETRY CDEVICE_2 DM_NOSTDERR, 0);
282 if (!stat(DEVICE_EMPTY, &st))
283 _system("dmsetup remove " DM_RETRY DEVICE_EMPTY_name DM_NOSTDERR, 0);
285 if (!stat(DEVICE_ERROR, &st))
286 _system("dmsetup remove " DM_RETRY DEVICE_ERROR_name DM_NOSTDERR, 0);
288 _cleanup_dmdevices();
290 if (loop_device(THE_LOOP_DEV))
291 loop_detach(THE_LOOP_DEV);
293 if (loop_device(DEVICE_1))
294 loop_detach(DEVICE_1);
296 if (loop_device(DEVICE_2))
297 loop_detach(DEVICE_2);
299 if (loop_device(DEVICE_3))
300 loop_detach(DEVICE_3);
302 if (loop_device(DEVICE_4))
303 loop_detach(DEVICE_4);
305 if (loop_device(DEVICE_5))
306 loop_detach(DEVICE_5);
308 if (loop_device(DEVICE_6))
309 loop_detach(DEVICE_6);
311 _system("rm -f " IMAGE_EMPTY, 0);
312 _system("rm -f " IMAGE1, 0);
313 _system("rm -rf " CONV_DIR, 0);
316 remove(test_loop_file);
320 remove(REQS_LUKS2_HEADER);
321 remove(NO_REQS_LUKS2_HEADER);
323 remove(IMAGE_PV_LUKS2_SEC);
324 remove(IMAGE_PV_LUKS2_SEC ".bcp");
325 remove(IMAGE_EMPTY_SMALL);
326 remove(IMAGE_EMPTY_SMALL_2);
331 free(test_loop_file);
341 static int _setup(void)
346 test_loop_file = strdup(THE_LFILE_TEMPLATE);
347 if ((fd=mkstemp(test_loop_file)) == -1) {
348 printf("cannot create temporary file with template %s\n", test_loop_file);
352 snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=%s bs=%d count=%d 2>/dev/null",
353 test_loop_file, SECTOR_SIZE, TST_LOOP_FILE_SIZE);
357 fd = loop_attach(&THE_LOOP_DEV, test_loop_file, 0, 0, &ro);
360 tmp_file_1 = strdup(THE_LFILE_TEMPLATE);
361 if ((fd=mkstemp(tmp_file_1)) == -1) {
362 printf("cannot create temporary file with template %s\n", tmp_file_1);
366 snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=%s bs=%d count=%d 2>/dev/null",
367 tmp_file_1, SECTOR_SIZE, 10);
371 _system("dmsetup create " DEVICE_EMPTY_name " --table \"0 10000 zero\"", 1);
372 _system("dmsetup create " DEVICE_ERROR_name " --table \"0 10000 error\"", 1);
374 _system(" [ ! -e " IMAGE1 " ] && xz -dk " IMAGE1 ".xz", 1);
375 fd = loop_attach(&DEVICE_1, IMAGE1, 0, 0, &ro);
378 _system("dd if=/dev/zero of=" IMAGE_EMPTY " bs=1M count=32 2>/dev/null", 1);
379 fd = loop_attach(&DEVICE_2, IMAGE_EMPTY, 0, 0, &ro);
382 _system("dd if=/dev/zero of=" IMAGE_EMPTY_SMALL " bs=1M count=7 2>/dev/null", 1);
384 _system("dd if=/dev/zero of=" IMAGE_EMPTY_SMALL_2 " bs=512 count=2050 2>/dev/null", 1);
386 _system(" [ ! -e " NO_REQS_LUKS2_HEADER " ] && xz -dk " NO_REQS_LUKS2_HEADER ".xz", 1);
387 fd = loop_attach(&DEVICE_4, NO_REQS_LUKS2_HEADER, 0, 0, &ro);
390 _system(" [ ! -e " REQS_LUKS2_HEADER " ] && xz -dk " REQS_LUKS2_HEADER ".xz", 1);
391 fd = loop_attach(&DEVICE_5, REQS_LUKS2_HEADER, 0, 0, &ro);
394 _system(" [ ! -e " IMAGE_PV_LUKS2_SEC " ] && xz -dk " IMAGE_PV_LUKS2_SEC ".xz", 1);
395 _system(" [ ! -e " IMAGE_PV_LUKS2_SEC ".bcp ] && cp " IMAGE_PV_LUKS2_SEC " " IMAGE_PV_LUKS2_SEC ".bcp", 1);
396 fd = loop_attach(&DEVICE_6, IMAGE_PV_LUKS2_SEC, 0, 0, &ro);
399 _system(" [ ! -d " CONV_DIR " ] && tar xJf " CONV_DIR ".tar.xz 2>/dev/null", 1);
401 if (_system("modprobe dm-crypt", 1))
404 if (t_dm_check_versions())
407 _system("rmmod dm-crypt", 0);
409 _fips_mode = fips_mode();
411 printf("FIPS MODE: %d\n", _fips_mode);
413 /* Use default log callback */
414 crypt_set_log_callback(NULL, &global_log_callback, NULL);
419 #ifdef KERNEL_KEYRING
420 static key_serial_t add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t keyring)
422 return syscall(__NR_add_key, type, description, payload, plen, keyring);
425 static key_serial_t keyctl_unlink(key_serial_t key, key_serial_t keyring)
427 return syscall(__NR_keyctl, KEYCTL_UNLINK, key, keyring);
430 static key_serial_t request_key(const char *type,
431 const char *description,
432 const char *callout_info,
433 key_serial_t keyring)
435 return syscall(__NR_request_key, type, description, callout_info, keyring);
438 static key_serial_t _kernel_key_by_segment(struct crypt_device *cd, int segment)
440 char key_description[1024];
442 if (snprintf(key_description, sizeof(key_description), "cryptsetup:%s-d%u", crypt_get_uuid(cd), segment) < 1)
445 return request_key("logon", key_description, NULL, 0);
448 static int _volume_key_in_keyring(struct crypt_device *cd, int segment)
450 return _kernel_key_by_segment(cd, segment) >= 0 ? 0 : -1;
453 static int _drop_keyring_key(struct crypt_device *cd, int segment)
455 key_serial_t kid = _kernel_key_by_segment(cd, segment);
460 return keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING);
464 static int test_open(struct crypt_device *cd,
470 const char *str = (const char *)usrptr;
472 *buffer = strdup(str);
475 *buffer_len = strlen(*buffer);
480 static int test_validate(struct crypt_device *cd, const char *json)
482 return (strstr(json, "magic_string") == NULL);
485 static void UseLuks2Device(void)
490 OK_(crypt_init(&cd, DEVICE_1));
491 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
492 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
493 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
494 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
495 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0), "already open");
496 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
497 OK_(crypt_deactivate(cd, CDEVICE_1));
498 FAIL_(crypt_deactivate(cd, CDEVICE_1), "no such device");
501 // repeat previous tests and check kernel keyring is released when not needed
502 if (t_dm_crypt_keyring_support()) {
503 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
504 FAIL_(_drop_keyring_key(cd, 0), "");
505 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), CRYPT_ACTIVATE_KEYRING_KEY));
506 OK_(_drop_keyring_key(cd, 0));
507 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
508 OK_(_drop_keyring_key(cd, 0));
509 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0), "already open");
510 FAIL_(_volume_key_in_keyring(cd, 0), "");
511 OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
512 OK_(crypt_deactivate(cd, CDEVICE_1));
513 FAIL_(_volume_key_in_keyring(cd, 0), "");
518 OK_(strcmp("aes", crypt_get_cipher(cd)));
519 OK_(strcmp("cbc-essiv:sha256", crypt_get_cipher_mode(cd)));
520 OK_(strcmp(DEVICE_1_UUID, crypt_get_uuid(cd)));
521 EQ_((int)key_size, crypt_get_volume_key_size(cd));
522 EQ_(8192, crypt_get_data_offset(cd));
524 EQ_(0, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
525 OK_(crypt_volume_key_verify(cd, key, key_size));
526 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
527 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
528 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
529 OK_(crypt_deactivate(cd, CDEVICE_1));
532 FAIL_(crypt_volume_key_verify(cd, key, key_size), "key mismatch");
533 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "key mismatch");
538 static void SuspendDevice(void)
540 struct crypt_active_device cad;
545 OK_(crypt_init(&cd, DEVICE_1));
546 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
547 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
549 suspend_status = crypt_suspend(cd, CDEVICE_1);
550 if (suspend_status == -ENOTSUP) {
551 printf("WARNING: Suspend/Resume not supported, skipping test.\n");
552 OK_(crypt_deactivate(cd, CDEVICE_1));
558 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
559 EQ_(CRYPT_ACTIVATE_SUSPENDED, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
560 #ifdef KERNEL_KEYRING
561 FAIL_(_volume_key_in_keyring(cd, 0), "");
563 FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended");
565 FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)-1), "wrong key");
566 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)));
567 FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)), "not suspended");
569 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
570 EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
572 OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
573 OK_(crypt_suspend(cd, CDEVICE_1));
574 FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1 "blah", 0), "wrong keyfile");
575 FAIL_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 1, 0), "wrong key");
576 OK_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
577 FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0), "not suspended");
578 OK_(crypt_deactivate(cd, CDEVICE_1));
581 /* create LUKS device with detached header */
582 OK_(crypt_init(&cd, DEVICE_1));
583 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
584 OK_(crypt_set_data_device(cd, DEVICE_2));
585 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
588 /* Should be able to suspend but not resume if not header specified */
589 OK_(crypt_init_by_name(&cd, CDEVICE_1));
590 OK_(crypt_suspend(cd, CDEVICE_1));
591 FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended");
592 FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)-1), "no header");
595 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DEVICE_1));
596 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)));
598 /* Resume by volume key */
599 OK_(crypt_suspend(cd, CDEVICE_1));
600 key_size = sizeof(key);
601 memset(key, 0, key_size);
602 FAIL_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size), "wrong key");
603 OK_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
604 OK_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size));
606 OK_(crypt_deactivate(cd, CDEVICE_1));
612 static void AddDeviceLuks2(void)
614 enum { OFFSET_1M = 2048 , OFFSET_2M = 4096, OFFSET_4M = 8192, OFFSET_8M = 16384 };
615 struct crypt_pbkdf_type pbkdf = {
616 .type = CRYPT_KDF_ARGON2I,
618 .parallel_threads = 4,
619 .max_memory_kb = 1024,
622 struct crypt_params_luks2 params = {
624 .data_device = DEVICE_2,
627 char key[128], key2[128], key3[128];
629 const char *passphrase = "blabla", *passphrase2 = "nsdkFI&Y#.sd";
630 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
631 const char *mk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
632 size_t key_size = strlen(mk_hex) / 2;
633 const char *cipher = "aes";
634 const char *cipher_mode = "cbc-essiv:sha256";
635 uint64_t r_payload_offset, r_header_size, r_size_1;
637 /* Cannot use Argon2 in FIPS */
639 pbkdf.type = CRYPT_KDF_PBKDF2;
640 pbkdf.parallel_threads = 0;
641 pbkdf.max_memory_kb = 0;
644 crypt_decode_key(key, mk_hex, key_size);
645 crypt_decode_key(key3, mk_hex2, key_size);
648 OK_(get_luks2_offsets(1, 0, 0, &r_header_size, &r_payload_offset));
649 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
650 OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_size - 1));
654 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
655 params.data_alignment = 0;
656 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Not enough space for keyslots material");
659 // test payload_offset = 0 for encrypted device with external header device
660 OK_(crypt_init(&cd, DMDIR H_DEVICE));
661 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
662 EQ_(crypt_get_data_offset(cd), 0);
665 params.data_alignment = 0;
666 params.data_device = NULL;
668 // test payload_offset = 0. format() should look up alignment offset from device topology
669 OK_(crypt_init(&cd, DEVICE_2));
670 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
671 OK_(!(crypt_get_data_offset(cd) > 0));
674 // set_data_offset has priority, alignment must be 0 or must be compatible
675 params.data_alignment = 0;
676 OK_(crypt_init(&cd, DEVICE_2));
677 OK_(crypt_set_data_offset(cd, OFFSET_8M));
678 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
679 EQ_(crypt_get_data_offset(cd), OFFSET_8M);
682 // Load gets the value from metadata
683 OK_(crypt_init(&cd, DEVICE_2));
684 OK_(crypt_set_data_offset(cd, OFFSET_2M));
685 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
686 EQ_(crypt_get_data_offset(cd), OFFSET_8M);
689 params.data_alignment = OFFSET_4M;
690 OK_(crypt_init(&cd, DEVICE_2));
691 FAIL_(crypt_set_data_offset(cd, OFFSET_2M + 1), "Not aligned to 4096"); // must be aligned to 4k
692 OK_(crypt_set_data_offset(cd, OFFSET_2M));
693 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Alignment not compatible");
694 OK_(crypt_set_data_offset(cd, OFFSET_4M));
695 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
696 EQ_(crypt_get_data_offset(cd), OFFSET_4M);
700 * test limit values for backing device size
702 params.data_alignment = OFFSET_4M;
703 OK_(get_luks2_offsets(1, params.data_alignment, 0, NULL, &r_payload_offset));
704 OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_payload_offset));
705 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
706 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset - 1));
708 // 1 sector less than required
709 OK_(crypt_init(&cd, DMDIR L_DEVICE_WRONG));
710 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device too small");
713 // 0 sectors for encrypted area
714 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
715 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
716 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Encrypted area too small");
719 // 1 sector for encrypted area
720 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
721 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
722 EQ_(crypt_get_data_offset(cd), r_payload_offset);
723 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
724 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
725 OK_(t_device_size(DMDIR CDEVICE_1, &r_size_1));
726 EQ_(r_size_1, SECTOR_SIZE);
727 OK_(crypt_deactivate(cd, CDEVICE_1));
728 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
729 // restrict format only to empty context
730 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Context is already formatted");
731 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL), "Context is already formatted");
732 // change data device to wrong one
733 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_0S));
734 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device too small");
735 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_1S));
736 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
737 OK_(crypt_deactivate(cd, CDEVICE_1));
740 params.data_alignment = 0;
741 params.data_device = DEVICE_2;
743 // generate keyslot material at the end of luks header
744 OK_(crypt_init(&cd, DMDIR H_DEVICE));
745 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
746 EQ_((int)key_size, crypt_get_volume_key_size(cd));
747 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
748 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase) ,0), 7);
750 OK_(crypt_keyslot_get_pbkdf(cd, 7, &pbkdf_tmp));
751 OK_(strcmp(pbkdf_tmp.type, pbkdf.type));
753 NULL_(pbkdf_tmp.hash);
754 OK_(!(pbkdf_tmp.max_memory_kb >= 32));
755 OK_(!(pbkdf_tmp.parallel_threads >= 1));
757 OK_(strcmp(pbkdf_tmp.hash, pbkdf.hash));
758 OK_(!(pbkdf_tmp.iterations >= 4));
759 EQ_(0, pbkdf_tmp.time_ms); /* not usable in per-keyslot call */
762 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
763 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Context is already formatted");
764 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
766 // check active status without header
767 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, NULL));
768 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
769 NULL_(crypt_get_type(cd));
770 OK_(strcmp(cipher, crypt_get_cipher(cd)));
771 OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
772 EQ_((int)key_size, crypt_get_volume_key_size(cd));
773 OK_(crypt_deactivate(cd, CDEVICE_1));
776 params.data_alignment = OFFSET_1M;
777 params.data_device = NULL;
779 // test uuid mismatch and _init_by_name_and_header
780 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
781 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
782 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
784 params.data_alignment = 0;
785 params.data_device = DEVICE_2;
786 OK_(crypt_init(&cd, DMDIR H_DEVICE));
787 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
789 // there we've got uuid mismatch
790 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
791 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
792 NULL_(crypt_get_type(cd));
793 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device is active");
794 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0), "Device is active");
795 EQ_(crypt_status(cd, CDEVICE_2), CRYPT_INACTIVE);
796 OK_(crypt_deactivate(cd, CDEVICE_1));
799 params.data_device = NULL;
801 OK_(crypt_init(&cd, DEVICE_2));
802 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
804 // even with no keyslots defined it can be activated by volume key
805 OK_(crypt_volume_key_verify(cd, key, key_size));
806 OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0));
807 EQ_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
808 OK_(crypt_deactivate(cd, CDEVICE_2));
811 EQ_(7, crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)));
812 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 7));
813 EQ_(7, crypt_activate_by_passphrase(cd, CDEVICE_2, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
814 EQ_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
815 OK_(crypt_deactivate(cd, CDEVICE_2));
817 crypt_set_iteration_time(cd, 1);
818 EQ_(1, crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, KEY1, strlen(KEY1)));
819 OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
820 OK_(prepare_keyfile(KEYFILE2, KEY2, strlen(KEY2)));
821 EQ_(2, crypt_keyslot_add_by_keyfile(cd, 2, KEYFILE1, 0, KEYFILE2, 0));
822 FAIL_(crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 1, KEYFILE2, 0, 1), "wrong key");
823 EQ_(3, crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 0, KEYFILE2, 0, 1));
824 EQ_(4, crypt_keyslot_add_by_keyfile_offset(cd, 4, KEYFILE2, 0, 1, KEYFILE1, 0, 1));
825 FAIL_(crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2)-1, 0), "key mismatch");
826 EQ_(2, crypt_activate_by_keyfile(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
827 EQ_(3, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 1, 0));
828 EQ_(4, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, 1, 0));
829 FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2), 2, 0), "not enough data");
830 FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, strlen(KEY2) + 1, 0), "cannot seek");
831 FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 2, 0), "wrong key");
832 EQ_(2, crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
833 OK_(crypt_keyslot_destroy(cd, 1));
834 OK_(crypt_keyslot_destroy(cd, 2));
835 OK_(crypt_keyslot_destroy(cd, 3));
836 OK_(crypt_keyslot_destroy(cd, 4));
837 OK_(crypt_deactivate(cd, CDEVICE_2));
840 FAIL_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), "slot used");
842 FAIL_(crypt_keyslot_add_by_volume_key(cd, 6, key, key_size, passphrase, strlen(passphrase)), "key mismatch");
844 EQ_(6, crypt_keyslot_add_by_volume_key(cd, 6, key, key_size, passphrase, strlen(passphrase)));
845 EQ_(CRYPT_SLOT_ACTIVE, crypt_keyslot_status(cd, 6));
847 FAIL_(crypt_keyslot_destroy(cd, 8), "invalid keyslot");
848 FAIL_(crypt_keyslot_destroy(cd, CRYPT_ANY_SLOT), "invalid keyslot");
849 FAIL_(crypt_keyslot_destroy(cd, 0), "keyslot not used");
850 OK_(crypt_keyslot_destroy(cd, 7));
851 EQ_(CRYPT_SLOT_INACTIVE, crypt_keyslot_status(cd, 7));
852 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 6));
854 EQ_(7, crypt_keyslot_change_by_passphrase(cd, 6, 7, passphrase, strlen(passphrase), passphrase2, strlen(passphrase2)));
855 EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 7));
856 EQ_(7, crypt_activate_by_passphrase(cd, NULL, 7, passphrase2, strlen(passphrase2), 0));
857 EQ_(6, crypt_keyslot_change_by_passphrase(cd, CRYPT_ANY_SLOT, 6, passphrase2, strlen(passphrase2), passphrase, strlen(passphrase)));
859 EQ_(6, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key2, &key_size, passphrase, strlen(passphrase)));
860 OK_(crypt_volume_key_verify(cd, key2, key_size));
861 OK_(memcmp(key, key2, key_size));
863 OK_(strcmp(cipher, crypt_get_cipher(cd)));
864 OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
865 EQ_((int)key_size, crypt_get_volume_key_size(cd));
866 EQ_(r_payload_offset, crypt_get_data_offset(cd));
867 OK_(strcmp(DEVICE_2, crypt_get_device_name(cd)));
871 OK_(!(global_lines != 0));
874 FAIL_(crypt_set_uuid(cd, "blah"), "wrong UUID format");
875 OK_(crypt_set_uuid(cd, DEVICE_TEST_UUID));
876 OK_(strcmp(DEVICE_TEST_UUID, crypt_get_uuid(cd)));
878 FAIL_(crypt_deactivate(cd, CDEVICE_2), "not active");
880 _cleanup_dmdevices();
882 /* LUKSv2 format tests */
884 /* very basic test */
885 OK_(crypt_init(&cd, DEVICE_2));
886 crypt_set_iteration_time(cd, 1);
887 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 0, NULL), "Wrong key size");
888 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
890 /* some invalid parameters known to cause troubles */
891 OK_(crypt_init(&cd, DEVICE_2));
892 crypt_set_iteration_time(cd, 0); /* wrong for argon2 but we don't know the pbkdf type yet, ignored */
893 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
895 OK_(crypt_init(&cd, DEVICE_2));
896 crypt_set_iteration_time(cd, 1);
897 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
898 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
901 OK_(crypt_init(&cd, DEVICE_2));
902 crypt_set_iteration_time(cd, 1);
903 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size, NULL));
904 FAIL_(crypt_keyslot_add_by_volume_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), "VK doesn't match any digest");
905 FAIL_(crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), "VK doesn't match any digest");
908 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
909 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
910 crypt_set_iteration_time(cd, 1);
911 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
912 EQ_(crypt_keyslot_add_by_volume_key(cd, 3, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 3);
913 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key3, key_size, 0), "VK doesn't match any digest assigned to segment 0");
917 * Check regression in getting keyslot encryption parameters when
918 * volume key size is unknown (no active keyslots).
920 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
921 crypt_set_iteration_time(cd, 1);
922 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
923 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
924 /* drop context copy of volume key */
926 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
927 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
928 EQ_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
929 OK_(crypt_keyslot_destroy(cd, 0));
930 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
933 _cleanup_dmdevices();
936 static void Luks2MetadataSize(void)
938 struct crypt_pbkdf_type pbkdf = {
939 .type = CRYPT_KDF_ARGON2I,
941 .parallel_threads = 1,
942 .max_memory_kb = 128,
944 .flags = CRYPT_PBKDF_NO_BENCHMARK
946 struct crypt_params_luks2 params = {
948 .data_device = DEVICE_2,
951 char key[128], tmp[128];
953 const char *passphrase = "blabla";
954 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
955 size_t key_size = strlen(mk_hex) / 2;
956 const char *cipher = "aes";
957 const char *cipher_mode = "cbc-essiv:sha256";
958 uint64_t r_header_size, default_mdata_size, default_keyslots_size, mdata_size,
959 keyslots_size, r_header_wrong_size = 14336;
961 /* Cannot use Argon2 in FIPS */
963 pbkdf.type = CRYPT_KDF_PBKDF2;
964 pbkdf.parallel_threads = 0;
965 pbkdf.max_memory_kb = 0;
966 pbkdf.iterations = 1000;
969 crypt_decode_key(key, mk_hex, key_size);
972 OK_(get_luks2_offsets(1, 0, 0, &r_header_size, NULL));
973 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
974 OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_wrong_size)); /* 7 MiBs only */
975 //default metadata sizes
976 OK_(crypt_init(&cd, DMDIR H_DEVICE));
977 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
979 EQ_(keyslots_size, 0);
980 OK_(crypt_set_metadata_size(cd, 0, 0));
981 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
983 EQ_(keyslots_size, 0);
984 OK_(crypt_set_metadata_size(cd, 0x004000, 0x004000));
985 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
986 EQ_(mdata_size, 0x004000);
987 EQ_(keyslots_size, 0x004000);
988 OK_(crypt_set_metadata_size(cd, 0x008000, 0x008000));
989 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
990 EQ_(mdata_size, 0x008000);
991 EQ_(keyslots_size, 0x008000);
992 FAIL_(crypt_set_metadata_size(cd, 0x008001, 0x008000), "Wrong size");
993 FAIL_(crypt_set_metadata_size(cd, 0x008000, 0x008001), "Wrong size");
997 OK_(crypt_init(&cd, DMDIR H_DEVICE));
998 OK_(crypt_set_metadata_size(cd, 0x080000, 0x080000));
999 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1000 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
1002 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1003 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1004 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1005 EQ_(mdata_size, 0x080000);
1006 EQ_(keyslots_size, 0x080000);
1009 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1010 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1011 OK_(crypt_get_metadata_size(cd, &default_mdata_size, &default_keyslots_size));
1012 EQ_(default_mdata_size, 0x04000);
1013 EQ_(default_keyslots_size, (r_header_size * 512) - 2 * 0x04000);
1015 // check keyslots size calculation is correct
1016 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1017 OK_(crypt_set_metadata_size(cd, 0x80000, 0));
1018 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1019 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1020 EQ_(mdata_size, 0x80000);
1021 EQ_(keyslots_size, (r_header_size * 512) - 2 * 0x80000);
1024 // various metadata size checks combined with data offset
1025 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1026 OK_(crypt_set_metadata_size(cd, 0, default_keyslots_size + 4096));
1027 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device is too small.");
1028 OK_(crypt_set_metadata_size(cd, 0x20000, (r_header_size * 512) - 2 * 0x20000 + 4096));
1029 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device is too small.");
1032 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1033 OK_(crypt_set_metadata_size(cd, 0x80000, 0));
1034 OK_(crypt_set_data_offset(cd, 0x80000 / 512 - 8));
1035 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Data offset is too small.");
1038 // H_DEVICE_WRONG size is 7MiB
1039 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
1040 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1041 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1042 EQ_(mdata_size, default_mdata_size);
1043 EQ_(keyslots_size, (r_header_wrong_size * 512) - 2 * default_mdata_size);
1046 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
1047 OK_(crypt_set_metadata_size(cd, 0x400000, 0));
1048 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms), "Device is too small.");
1051 // IMAGE_EMPTY_SMALL size is 7MiB but now it's regulare file
1052 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
1053 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1054 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1055 EQ_(mdata_size, default_mdata_size);
1056 EQ_(keyslots_size, default_keyslots_size);
1057 EQ_(crypt_get_data_offset(cd), 0);
1060 sprintf(tmp, "truncate -s %" PRIu64 " " IMAGE_EMPTY_SMALL, r_header_wrong_size * 512);
1063 // check explicit keyslots size and data offset are respected even with regular file mdevice
1064 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
1065 OK_(crypt_set_metadata_size(cd, 0, default_keyslots_size));
1066 OK_(crypt_set_data_offset(cd, r_header_size + 8));
1067 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1068 OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
1069 EQ_(mdata_size, default_mdata_size);
1070 EQ_(keyslots_size, default_keyslots_size);
1071 EQ_(crypt_get_data_offset(cd), r_header_size + 8);
1074 _cleanup_dmdevices();
1077 static void UseTempVolumes(void)
1081 // Tepmporary device without keyslot but with on-disk LUKS header
1082 OK_(crypt_init(&cd, DEVICE_2));
1083 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "not yet formatted");
1084 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 16, NULL));
1085 OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0));
1086 EQ_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
1089 OK_(crypt_init_by_name(&cd, CDEVICE_2));
1090 OK_(crypt_deactivate(cd, CDEVICE_2));
1093 // Dirty checks: device without UUID
1094 // we should be able to remove it but not manipulate with it
1095 snprintf(tmp, sizeof(tmp), "dmsetup create %s --table \""
1096 "0 100 crypt aes-cbc-essiv:sha256 deadbabedeadbabedeadbabedeadbabe 0 "
1097 "%s 2048\"", CDEVICE_2, DEVICE_2);
1099 OK_(crypt_init_by_name(&cd, CDEVICE_2));
1100 OK_(crypt_deactivate(cd, CDEVICE_2));
1101 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "No known device type");
1104 // Dirty checks: device with UUID but LUKS header key fingerprint must fail)
1105 snprintf(tmp, sizeof(tmp), "dmsetup create %s --table \""
1106 "0 100 crypt aes-cbc-essiv:sha256 deadbabedeadbabedeadbabedeadbabe 0 "
1107 "%s 2048\" -u CRYPT-LUKS2-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-ctest1",
1108 CDEVICE_2, DEVICE_2);
1110 OK_(crypt_init_by_name(&cd, CDEVICE_2));
1111 OK_(crypt_deactivate(cd, CDEVICE_2));
1112 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "wrong volume key");
1116 OK_(crypt_init(&cd, DEVICE_2));
1117 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1118 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "volume key is lost");
1122 static void Luks2HeaderRestore(void)
1125 struct crypt_pbkdf_type pbkdf = {
1126 .type = CRYPT_KDF_ARGON2I,
1128 .parallel_threads = 4,
1129 .max_memory_kb = 1024,
1132 struct crypt_params_luks2 params = {
1134 .data_alignment = 8192, // 4M, data offset will be 4096
1137 struct crypt_params_plain pl_params = {
1143 struct crypt_params_luks1 luks1 = {
1144 .data_alignment = 8192, // 4M offset to pass alignment test
1148 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1149 size_t key_size = strlen(mk_hex) / 2;
1150 const char *cipher = "aes";
1151 const char *cipher_mode = "cbc-essiv:sha256";
1152 uint64_t r_payload_offset;
1154 /* Cannot use Argon2 in FIPS */
1156 pbkdf.type = CRYPT_KDF_PBKDF2;
1157 pbkdf.parallel_threads = 0;
1158 pbkdf.max_memory_kb = 0;
1161 crypt_decode_key(key, mk_hex, key_size);
1163 OK_(get_luks2_offsets(1, params.data_alignment, 0, NULL, &r_payload_offset));
1164 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 5000));
1166 // do not restore header over plain device
1167 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1168 OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &pl_params));
1169 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1170 FAIL_(crypt_header_restore(cd, CRYPT_PLAIN, NO_REQS_LUKS2_HEADER), "Cannot restore header to PLAIN type device");
1171 FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER), "Cannot restore header over PLAIN type device");
1172 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1173 OK_(crypt_deactivate(cd, CDEVICE_1));
1176 // FIXME: does following test make a sense in LUKS2?
1177 // volume key_size mismatch
1178 // OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1179 // memcpy(key2, key, key_size / 2);
1180 // OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key2, key_size / 2, ¶ms));
1181 // FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, VALID_LUKS2_HEADER), "Volume keysize mismatch");
1184 // payload offset mismatch
1185 params.data_alignment = 8193;
1186 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1187 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1188 FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER), "Payload offset mismatch");
1190 params.data_alignment = 4096;
1191 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1192 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1193 // FIXME: either format has to fail or next line must be true
1194 // EQ_(crypt_get_data_offset(cd), params.data_alignment);
1195 // FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, VALID_LUKS2_HEADER), "Payload offset mismatch");
1198 // do not allow restore over LUKS1 header on device
1199 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1200 crypt_set_iteration_time(cd, 1);
1201 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, NULL, 32, &luks1));
1203 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1204 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1205 FAIL_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER), "LUKS1 format detected");
1208 /* check crypt_header_restore() properly loads crypt_device context */
1209 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1210 OK_(crypt_wipe(cd, NULL, CRYPT_WIPE_ZERO, 0, 1*1024*1024, 1*1024*1024, 0, NULL, NULL));
1211 OK_(crypt_header_restore(cd, CRYPT_LUKS2, NO_REQS_LUKS2_HEADER));
1212 /* check LUKS2 specific API call returns non-error code */
1213 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &flags));
1215 /* same test, any LUKS */
1216 OK_(crypt_wipe(cd, NULL, CRYPT_WIPE_ZERO, 0, 1*1024*1024, 1*1024*1024, 0, NULL, NULL));
1217 OK_(crypt_header_restore(cd, CRYPT_LUKS, NO_REQS_LUKS2_HEADER));
1218 /* check LUKS2 specific API call returns non-error code */
1219 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &flags));
1224 _cleanup_dmdevices();
1227 static void Luks2HeaderLoad(void)
1229 struct crypt_pbkdf_type pbkdf = {
1230 .type = CRYPT_KDF_ARGON2I,
1232 .parallel_threads = 4,
1233 .max_memory_kb = 1024,
1236 struct crypt_params_luks2 params = {
1238 .data_alignment = 8192, // 4M, data offset will be 4096
1239 .data_device = DEVICE_2,
1242 struct crypt_params_plain pl_params = {
1248 char key[128], cmd[256];
1250 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1251 size_t key_size = strlen(mk_hex) / 2;
1252 const char *cipher = "aes";
1253 const char *cipher_mode = "cbc-essiv:sha256";
1254 uint64_t r_payload_offset, r_header_size, img_size;
1256 /* Cannot use Argon2 in FIPS */
1258 pbkdf.type = CRYPT_KDF_PBKDF2;
1259 pbkdf.parallel_threads = 0;
1260 pbkdf.max_memory_kb = 0;
1263 crypt_decode_key(key, mk_hex, key_size);
1265 // hardcoded values for existing image IMAGE1
1268 OK_(get_luks2_offsets(1, 0, 0, &r_header_size, &r_payload_offset));
1269 // external header device
1270 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
1271 // prepared header on a device too small to contain header and payload
1272 //OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_payload_offset - 1));
1273 OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, img_size - 1));
1274 snprintf(cmd, sizeof(cmd), "dd if=" IMAGE1 " of=" DMDIR H_DEVICE_WRONG " bs=%" PRIu32 " count=%" PRIu64 " 2>/dev/null", params.sector_size, img_size - 1);
1275 OK_(_system(cmd, 1));
1277 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
1279 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_header_size + 1));
1280 // 0 sectors device for payload
1281 OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_header_size));
1283 // valid metadata and device size
1284 params.data_alignment = 0;
1285 params.data_device = DMDIR L_DEVICE_OK;
1286 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1287 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1289 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1290 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1291 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1292 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1293 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1294 OK_(!crypt_get_metadata_device_name(cd));
1295 EQ_(strcmp(DMDIR H_DEVICE, crypt_get_metadata_device_name(cd)), 0);
1296 OK_(crypt_deactivate(cd, CDEVICE_1));
1299 // repeat with init with two devices
1300 OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
1301 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1303 OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
1304 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1305 OK_(!crypt_get_metadata_device_name(cd));
1306 EQ_(strcmp(DMDIR H_DEVICE, crypt_get_metadata_device_name(cd)), 0);
1309 // bad header: device too small (payloadOffset > device_size)
1310 OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
1311 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "Device too small");
1312 NULL_(crypt_get_type(cd));
1315 // 0 secs for encrypted data area
1316 params.data_alignment = 8192;
1317 params.data_device = NULL;
1318 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
1319 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1321 // load should be ok
1322 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
1323 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1324 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device too small");
1325 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
1329 OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 count=8 2>/dev/null", 1));
1330 OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 seek=32 count=8 2>/dev/null", 1));
1331 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1332 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "Header not found");
1336 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1337 FAIL_(crypt_load(cd, CRYPT_PLAIN, NULL), "Can't load nonLUKS device type");
1339 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1340 OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, key, key_size, &pl_params));
1341 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "Can't load over nonLUKS device type");
1345 OK_(crypt_init(&cd, DEVICE_4));
1346 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1348 OK_(crypt_init(&cd, DEVICE_4));
1349 crypt_set_iteration_time(cd, 0); /* invalid for argon2 pbkdf, ignored */
1350 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1353 /* check load sets proper device type */
1354 OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
1355 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1356 EQ_(strcmp(CRYPT_LUKS2, crypt_get_type(cd)), 0);
1359 _cleanup_dmdevices();
1362 static void Luks2HeaderBackup(void)
1364 struct crypt_pbkdf_type pbkdf = {
1365 .type = CRYPT_KDF_ARGON2I,
1367 .parallel_threads = 4,
1368 .max_memory_kb = 1024,
1371 struct crypt_params_luks2 params = {
1373 .data_alignment = 8192, // 4M, data offset will be 4096
1374 .data_device = DEVICE_2,
1378 int fd, ro = O_RDONLY;
1380 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1381 size_t key_size = strlen(mk_hex) / 2;
1382 const char *cipher = "aes";
1383 const char *cipher_mode = "cbc-essiv:sha256";
1384 uint64_t r_payload_offset;
1386 const char *passphrase = PASSPHRASE;
1388 /* Cannot use Argon2 in FIPS */
1390 pbkdf.type = CRYPT_KDF_PBKDF2;
1391 pbkdf.parallel_threads = 0;
1392 pbkdf.max_memory_kb = 0;
1395 crypt_decode_key(key, mk_hex, key_size);
1397 OK_(get_luks2_offsets(0, params.data_alignment, 0, NULL, &r_payload_offset));
1398 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
1400 // create LUKS device and backup the header
1401 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1402 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1403 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1404 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
1405 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, passphrase, strlen(passphrase)), 0);
1406 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
1407 OK_(crypt_deactivate(cd, CDEVICE_1));
1410 // restore header from backup
1411 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1412 OK_(crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE));
1413 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1414 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1415 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1416 OK_(crypt_deactivate(cd, CDEVICE_1));
1419 // exercise luksOpen using backup header in file
1420 OK_(crypt_init(&cd, BACKUP_FILE));
1421 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1422 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1423 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, passphrase, strlen(passphrase), 0), 0);
1424 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1425 OK_(crypt_deactivate(cd, CDEVICE_1));
1428 OK_(crypt_init(&cd, BACKUP_FILE));
1429 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1430 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1431 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase), 0), 7);
1432 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1433 OK_(crypt_deactivate(cd, CDEVICE_1));
1436 // exercise luksOpen using backup header on block device
1437 fd = loop_attach(&DEVICE_3, BACKUP_FILE, 0, 0, &ro);
1438 NOTFAIL_(fd, "Bad loop device.");
1440 OK_(crypt_init(&cd, DEVICE_3));
1441 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1442 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1443 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, passphrase, strlen(passphrase), 0), 0);
1444 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1445 OK_(crypt_deactivate(cd, CDEVICE_1));
1448 OK_(crypt_init(&cd, DEVICE_3));
1449 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1450 OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
1451 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase), 0), 7);
1452 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1453 OK_(crypt_deactivate(cd, CDEVICE_1));
1456 _cleanup_dmdevices();
1459 static void ResizeDeviceLuks2(void)
1461 struct crypt_pbkdf_type pbkdf = {
1462 .type = CRYPT_KDF_ARGON2I,
1464 .parallel_threads = 4,
1465 .max_memory_kb = 1024,
1468 struct crypt_params_luks2 params = {
1470 .data_alignment = 8192, // 4M, data offset will be 4096
1475 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
1476 size_t key_size = strlen(mk_hex) / 2;
1477 const char *cipher = "aes";
1478 const char *cipher_mode = "cbc-essiv:sha256";
1479 uint64_t r_payload_offset, r_header_size, r_size;
1481 /* Cannot use Argon2 in FIPS */
1483 pbkdf.type = CRYPT_KDF_PBKDF2;
1484 pbkdf.parallel_threads = 0;
1485 pbkdf.max_memory_kb = 0;
1488 crypt_decode_key(key, mk_hex, key_size);
1491 OK_(get_luks2_offsets(1, params.data_alignment, 0, NULL, &r_payload_offset));
1492 OK_(get_luks2_offsets(1, 0, 0, &r_header_size, NULL));
1493 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
1494 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
1495 OK_(create_dmdevice_over_loop(L_DEVICE_0S, 1000));
1496 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset + 1000));
1498 // test header and encrypted payload all in one device
1499 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1500 // disable loading VKs in kernel keyring (compatible mode)
1501 OK_(crypt_volume_key_keyring(cd, 0));
1502 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1503 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1504 OK_(crypt_resize(cd, CDEVICE_1, 0));
1505 OK_(crypt_resize(cd, CDEVICE_1, 42));
1506 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1507 EQ_(42, r_size >> SECTOR_SHIFT);
1508 OK_(crypt_resize(cd, CDEVICE_1, 0));
1509 // autodetect encrypted device area size
1510 OK_(crypt_resize(cd, CDEVICE_1, 0));
1511 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1512 EQ_(1000, r_size >> SECTOR_SHIFT);
1513 FAIL_(crypt_resize(cd, CDEVICE_1, 1001), "Device too small");
1514 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1515 EQ_(1000, r_size >> SECTOR_SHIFT);
1516 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1517 OK_(crypt_deactivate(cd, CDEVICE_1));
1520 params.data_alignment = 0;
1521 params.data_device = DMDIR L_DEVICE_0S;
1522 // test case for external header
1523 OK_(crypt_init(&cd, DMDIR H_DEVICE));
1524 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms));
1525 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1526 OK_(crypt_resize(cd, CDEVICE_1, 666));
1527 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1528 EQ_(666, r_size >> SECTOR_SHIFT);
1529 // autodetect encrypted device size
1530 OK_(crypt_resize(cd, CDEVICE_1, 0));
1531 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1532 EQ_(1000, r_size >> SECTOR_SHIFT);
1533 FAIL_(crypt_resize(cd, CDEVICE_1, 1001), "Device too small");
1534 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1535 EQ_(1000, r_size >> SECTOR_SHIFT);
1536 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
1537 OK_(crypt_deactivate(cd, CDEVICE_1));
1540 #ifdef KERNEL_KEYRING
1541 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1542 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1543 // enable loading VKs in kernel keyring (default mode)
1544 OK_(crypt_volume_key_keyring(cd, 1));
1545 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1546 // erase volume key from kernel keyring
1547 if (t_dm_crypt_keyring_support())
1548 OK_(_drop_keyring_key(cd, 0));
1550 FAIL_(_drop_keyring_key(cd, 0), "key not found");
1552 OK_(crypt_resize(cd, CDEVICE_1, 0));
1553 // kernel fails to find the volume key in keyring
1554 if (t_dm_crypt_keyring_support())
1555 FAIL_(crypt_resize(cd, CDEVICE_1, 42), "Unable to find volume key in keyring");
1557 OK_(crypt_resize(cd, CDEVICE_1, 42));
1558 // test mode must not load vk in keyring
1559 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
1560 if (t_dm_crypt_keyring_support())
1561 FAIL_(crypt_resize(cd, CDEVICE_1, 44), "VK must be in keyring to perform resize");
1563 OK_(crypt_resize(cd, CDEVICE_1, 44));
1564 // reinstate the volume key in keyring
1565 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
1566 OK_(crypt_resize(cd, CDEVICE_1, 43));
1567 if (!t_device_size(DMDIR CDEVICE_1, &r_size))
1568 EQ_(43, r_size >> SECTOR_SHIFT);
1571 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1572 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1573 // check userspace gets hint volume key must be properly loaded in kernel keyring
1574 if (t_dm_crypt_keyring_support())
1575 EQ_(crypt_resize(cd, CDEVICE_1, 0), -EPERM);
1577 OK_(crypt_resize(cd, CDEVICE_1, 0));
1580 // same as above for handles initialised by name
1581 OK_(crypt_init_by_name(&cd, CDEVICE_1));
1582 if (t_dm_crypt_keyring_support())
1583 EQ_(crypt_resize(cd, CDEVICE_1, 0), -EPERM);
1585 OK_(crypt_resize(cd, CDEVICE_1, 0));
1586 OK_(crypt_deactivate(cd, CDEVICE_1));
1589 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
1590 OK_(crypt_load(cd, NULL, NULL));
1591 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
1593 /* create second LUKS2 device */
1594 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
1595 OK_(crypt_format(cd2, CRYPT_LUKS2, cipher, cipher_mode, crypt_get_uuid(cd), key, key_size, ¶ms));
1596 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
1597 /* do not allow resize of other device */
1598 FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
1599 OK_(crypt_deactivate(cd2, CDEVICE_2));
1602 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
1603 crypt_set_iteration_time(cd2, 1);
1604 OK_(crypt_format(cd2, CRYPT_LUKS1, cipher, cipher_mode, crypt_get_uuid(cd), key, key_size, NULL));
1605 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
1606 FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
1607 OK_(crypt_deactivate(cd2, CDEVICE_2));
1610 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
1611 OK_(crypt_format(cd2, CRYPT_PLAIN, cipher, cipher_mode, NULL, key, key_size, NULL));
1612 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
1613 FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
1614 OK_(crypt_deactivate(cd2, CDEVICE_2));
1617 OK_(crypt_deactivate(cd, CDEVICE_1));
1620 _cleanup_dmdevices();
1623 static void TokenActivationByKeyring(void)
1625 #ifdef KERNEL_KEYRING
1626 key_serial_t kid, kid1;
1627 struct crypt_active_device cad;
1629 const char *cipher = "aes";
1630 const char *cipher_mode = "xts-plain64";
1632 const struct crypt_token_params_luks2_keyring params = {
1633 .key_description = KEY_DESC_TEST0
1635 .key_description = KEY_DESC_TEST1
1637 uint64_t r_payload_offset;
1639 if (!t_dm_crypt_keyring_support()) {
1640 printf("WARNING: Kernel keyring not supported, skipping test.\n");
1644 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
1645 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1647 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
1648 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
1650 // prepare the device
1651 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1652 crypt_set_iteration_time(cd, 1);
1653 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
1654 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1655 EQ_(crypt_token_luks2_keyring_set(cd, 3, ¶ms), 3);
1656 EQ_(crypt_token_assign_keyslot(cd, 3, 0), 3);
1659 // test thread keyring key in token 0
1660 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1661 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1662 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 3, NULL, 0), 0);
1663 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 3, NULL, 0), "already open");
1664 OK_(crypt_deactivate(cd, CDEVICE_1));
1667 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
1669 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_PROCESS_KEYRING);
1670 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1672 // add token 1 with process keyring key
1673 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1674 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1675 EQ_(crypt_token_json_set(cd, 3, NULL), 3);
1676 EQ_(crypt_token_luks2_keyring_set(cd, 1, ¶ms), 1);
1677 EQ_(crypt_token_assign_keyslot(cd, 1, 0), 1);
1680 // test process keyring key in token 1
1681 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1682 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1683 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), 0);
1684 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), "already open");
1685 OK_(crypt_deactivate(cd, CDEVICE_1));
1688 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_PROCESS_KEYRING), "Test or kernel keyring are broken.");
1690 // create two tokens and let the cryptsetup unlock the volume with the valid one
1691 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
1692 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1694 kid1 = add_key("user", KEY_DESC_TEST1, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
1695 NOTFAIL_(kid1, "Test or kernel keyring are broken.");
1697 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1698 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1699 EQ_(crypt_token_luks2_keyring_set(cd, 0, ¶ms), 0);
1700 EQ_(crypt_token_assign_keyslot(cd, 0, 0), 0);
1701 EQ_(crypt_token_luks2_keyring_set(cd, 1, ¶ms2), 1);
1702 FAIL_(crypt_token_assign_keyslot(cd, 1, 1), "Keyslot 1 doesn't exist");
1703 crypt_set_iteration_time(cd, 1);
1704 EQ_(crypt_keyslot_add_by_passphrase(cd, 1, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1, strlen(PASSPHRASE1)), 1);
1705 EQ_(crypt_token_assign_keyslot(cd, 1, 1), 1);
1708 // activate by specific token
1709 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1710 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1711 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, NULL, 0), 0);
1712 if (t_dm_crypt_keyring_support()) {
1713 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
1714 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY);
1716 OK_(crypt_deactivate(cd, CDEVICE_1));
1717 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), 1);
1718 OK_(crypt_deactivate(cd, CDEVICE_1));
1721 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
1723 // activate by any token with token 0 having absent pass from keyring
1724 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1725 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1726 EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
1727 if (t_dm_crypt_keyring_support()) {
1728 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
1729 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY);
1731 OK_(crypt_deactivate(cd, CDEVICE_1));
1734 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
1735 NOTFAIL_(kid, "Test or kernel keyring are broken.");
1737 // replace pass for keyslot 0 making token 0 invalid
1738 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1739 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1740 OK_(crypt_keyslot_destroy(cd, 0));
1741 crypt_set_iteration_time(cd, 1);
1742 EQ_(crypt_keyslot_add_by_passphrase(cd, 0, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE1, strlen(PASSPHRASE1)), 0);
1745 // activate by any token with token 0 having wrong pass for keyslot 0
1746 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1747 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1748 EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
1749 OK_(crypt_deactivate(cd, CDEVICE_1));
1752 // create new device, with two tokens:
1753 // 1st token being invalid (missing key in keyring)
1754 // 2nd token can activate keyslot 1 after failing to do so w/ keyslot 0 (wrong pass)
1755 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1756 crypt_set_iteration_time(cd, 1);
1757 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
1758 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1759 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 1);
1760 EQ_(crypt_token_luks2_keyring_set(cd, 0, ¶ms), 0);
1761 EQ_(crypt_token_assign_keyslot(cd, 0, 0), 0);
1762 EQ_(crypt_token_luks2_keyring_set(cd, 2, ¶ms2), 2);
1763 EQ_(crypt_token_assign_keyslot(cd, 2, 1), 2);
1766 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
1768 kid1 = add_key("user", KEY_DESC_TEST1, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
1769 NOTFAIL_(kid1, "Test or kernel keyring are broken.");
1771 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1772 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
1773 EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
1774 OK_(crypt_deactivate(cd, CDEVICE_1));
1776 _cleanup_dmdevices();
1778 printf("WARNING: cryptsetup compiled with kernel keyring service disabled, skipping test.\n");
1782 static void Tokens(void)
1784 #define TEST_TOKEN_JSON(x) "{\"type\":\"test_token\",\"keyslots\":[" x "]," \
1785 "\"key_length\":32,\"a_field\":\"magic_string\"}"
1787 #define TEST_TOKEN_JSON_INVALID(x) "{\"type\":\"test_token\",\"keyslots\":[" x "]," \
1788 "\"key_length\":32}"
1790 #define TEST_TOKEN1_JSON(x) "{\"type\":\"test_token1\",\"keyslots\":[" x "]," \
1791 "\"key_length\":32,\"a_field\":\"magic_string\"}"
1793 #define TEST_TOKEN1_JSON_INVALID(x) "{\"type\":\"test_token1\",\"keyslots\":[" x "]," \
1794 "\"key_length\":32}"
1796 #define BOGUS_TOKEN0_JSON "{\"type\":\"luks2-\",\"keyslots\":[]}"
1797 #define BOGUS_TOKEN1_JSON "{\"type\":\"luks2-a\",\"keyslots\":[]}"
1799 #define LUKS2_KEYRING_TOKEN_JSON(x, y) "{\"type\":\"luks2-keyring\",\"keyslots\":[" x "]," \
1800 "\"key_description\":" y "}"
1802 #define LUKS2_KEYRING_TOKEN_JSON_BAD(x, y) "{\"type\":\"luks2-keyring\",\"keyslots\":[" x "]," \
1803 "\"key_description\":" y ", \"some_field\":\"some_value\"}"
1807 const char *cipher = "aes";
1808 const char *cipher_mode = "xts-plain64";
1809 char passptr[] = PASSPHRASE;
1810 char passptr1[] = PASSPHRASE1;
1812 static const crypt_token_handler th = {
1813 .name = "test_token",
1815 .validate = test_validate
1817 .name = "test_token",
1820 .name = "test_token1",
1822 .validate = test_validate
1824 .name = "luks2-prefix",
1828 struct crypt_token_params_luks2_keyring params = {
1829 .key_description = "desc"
1831 uint64_t r_payload_offset;
1833 OK_(crypt_token_register(&th));
1834 FAIL_(crypt_token_register(&th2), "Token handler with the name already registered.");
1836 FAIL_(crypt_token_register(&th_reserved), "luks2- is reserved prefix");
1838 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
1839 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
1841 // basic token API tests
1842 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
1843 crypt_set_iteration_time(cd, 1);
1844 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
1845 EQ_(crypt_token_status(cd, -1, NULL), CRYPT_TOKEN_INVALID);
1846 EQ_(crypt_token_status(cd, 32, NULL), CRYPT_TOKEN_INVALID);
1847 EQ_(crypt_token_status(cd, 0, NULL), CRYPT_TOKEN_INACTIVE);
1848 EQ_(crypt_token_status(cd, 31, NULL), CRYPT_TOKEN_INACTIVE);
1849 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1850 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 1);
1851 FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN_JSON_INVALID("\"0\"")), "Token validation failed");
1852 EQ_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN_JSON("\"0\"")), 0);
1853 EQ_(crypt_token_status(cd, 0, NULL), CRYPT_TOKEN_EXTERNAL);
1854 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr, 0), 0);
1855 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr, 0), "already active");
1856 OK_(crypt_deactivate(cd, CDEVICE_1));
1858 // write invalid token and verify that validate() can detect it after handler being registered
1859 EQ_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN1_JSON_INVALID("\"1\"")), 1);
1860 EQ_(crypt_token_status(cd, 1, NULL), CRYPT_TOKEN_EXTERNAL_UNKNOWN);
1861 EQ_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, TEST_TOKEN1_JSON("\"1\"")), 2);
1862 EQ_(crypt_token_status(cd, 2, &dummy), CRYPT_TOKEN_EXTERNAL_UNKNOWN);
1863 OK_(strcmp(dummy, "test_token1"));
1864 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, passptr1, 0), "Unknown token handler");
1865 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), "Unknown token handler");
1866 OK_(crypt_token_register(&th3));
1867 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, passptr1, 0), "Token validation failed");
1868 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), 1);
1869 OK_(crypt_deactivate(cd, CDEVICE_1));
1871 // test crypt_token_json_get returns correct token id
1872 EQ_(crypt_token_json_get(cd, 2, &dummy), 2);
1874 // exercise assign/unassign keyslots API
1875 EQ_(crypt_token_unassign_keyslot(cd, 2, 1), 2);
1876 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), "Token assigned to no keyslot");
1877 EQ_(crypt_token_assign_keyslot(cd, 2, 0), 2);
1878 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr1, 0), "Wrong passphrase");
1879 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0);
1880 OK_(crypt_deactivate(cd, CDEVICE_1));
1881 EQ_(crypt_token_json_set(cd, 1, NULL), 1);
1882 FAIL_(crypt_token_json_get(cd, 1, &dummy), "Token is not there");
1883 EQ_(crypt_token_unassign_keyslot(cd, 2, CRYPT_ANY_SLOT), 2);
1884 EQ_(crypt_token_unassign_keyslot(cd, 0, CRYPT_ANY_SLOT), 0);
1886 // various tests related to unassigned keyslot to volume segment
1887 EQ_(crypt_keyslot_add_by_key(cd, 3, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 3);
1888 EQ_(crypt_token_assign_keyslot(cd, 2, 0), 2);
1889 EQ_(crypt_token_assign_keyslot(cd, 0, 3), 0);
1891 EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, 0), 0);
1892 EQ_(crypt_activate_by_token(cd, NULL, 0, passptr1, CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 3);
1893 // FIXME: useless error message here (or missing one to be specific)
1894 FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr1, 0), "No volume key available in token keyslots");
1895 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0);
1896 OK_(crypt_deactivate(cd, CDEVICE_1));
1897 EQ_(crypt_token_assign_keyslot(cd, 0, 1), 0);
1898 OK_(crypt_token_is_assigned(cd, 0, 1));
1899 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, passptr1, 0), 1);
1900 OK_(crypt_deactivate(cd, CDEVICE_1));
1902 EQ_(crypt_token_assign_keyslot(cd, 2, 3), 2);
1903 OK_(crypt_token_is_assigned(cd, 2, 3));
1904 EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, 0), 0);
1905 EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0);
1906 OK_(crypt_deactivate(cd, CDEVICE_1));
1908 #ifdef KERNEL_KEYRING
1909 if (t_dm_crypt_keyring_support()) {
1910 EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, CRYPT_ACTIVATE_KEYRING_KEY), 0);
1911 OK_(_volume_key_in_keyring(cd, 0));
1913 OK_(crypt_volume_key_keyring(cd, 0));
1915 FAIL_(crypt_activate_by_token(cd, NULL, 2, passptr, CRYPT_ACTIVATE_KEYRING_KEY), "Can't use keyring when disabled in library");
1916 OK_(crypt_volume_key_keyring(cd, 1));
1918 EQ_(crypt_token_luks2_keyring_set(cd, 5, ¶ms), 5);
1919 EQ_(crypt_token_status(cd, 5, &dummy), CRYPT_TOKEN_INTERNAL);
1920 OK_(strcmp(dummy, "luks2-keyring"));
1922 FAIL_(crypt_token_luks2_keyring_get(cd, 2, ¶ms), "Token is not luks2-keyring type");
1924 FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, BOGUS_TOKEN0_JSON), "luks2- reserved prefix.");
1925 FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, BOGUS_TOKEN1_JSON), "luks2- reserved prefix.");
1927 // test we can use crypt_token_json_set for valid luks2-keyring token
1928 FAIL_(crypt_token_json_set(cd, 12, LUKS2_KEYRING_TOKEN_JSON_BAD("\"0\"", "\"my_desc_x\"")), "Strict luks2-keyring token validation failed");
1929 EQ_(crypt_token_status(cd, 12, NULL), CRYPT_TOKEN_INACTIVE);
1930 FAIL_(crypt_token_json_set(cd, 12, LUKS2_KEYRING_TOKEN_JSON("\"5\"", "\"my_desc\"")), "Missing keyslot 5.");
1931 EQ_(crypt_token_json_set(cd, 10, LUKS2_KEYRING_TOKEN_JSON("\"1\"", "\"my_desc\"")), 10);
1932 EQ_(crypt_token_status(cd, 10, &dummy), CRYPT_TOKEN_INTERNAL);
1933 OK_(strcmp(dummy, "luks2-keyring"));
1934 params.key_description = NULL;
1935 EQ_(crypt_token_luks2_keyring_get(cd, 10, ¶ms), 10);
1936 OK_(strcmp(params.key_description, "my_desc"));
1938 OK_(crypt_token_is_assigned(cd, 10, 1));
1940 EQ_(crypt_token_is_assigned(cd, 10, 21), -ENOENT);
1941 EQ_(crypt_token_is_assigned(cd, 21, 1), -ENOENT);
1942 // wrong keyslot or token id tests
1943 EQ_(crypt_token_is_assigned(cd, -1, 1), -EINVAL);
1944 EQ_(crypt_token_is_assigned(cd, 32, 1), -EINVAL);
1945 EQ_(crypt_token_is_assigned(cd, 10, -1), -EINVAL);
1946 EQ_(crypt_token_is_assigned(cd, 10, 32), -EINVAL);
1947 EQ_(crypt_token_is_assigned(cd, -1, -1), -EINVAL);
1948 EQ_(crypt_token_is_assigned(cd, 32, 32), -EINVAL);
1952 _cleanup_dmdevices();
1955 static void LuksConvert(void)
1957 uint64_t offset, r_payload_offset;
1959 const char *json = "{\"type\":\"convert_block\",\"keyslots\":[]}";
1960 const struct crypt_pbkdf_type argon = {
1961 .type = CRYPT_KDF_ARGON2I,
1964 .max_memory_kb = 1024,
1965 .parallel_threads = 1
1967 .type = CRYPT_KDF_PBKDF2,
1972 struct crypt_params_luks1 luks1 = {
1974 .data_device = DMDIR L_DEVICE_1S
1977 struct crypt_params_luks2 luks2 = {
1982 const char *cipher = "aes";
1983 const char *cipher_mode = "xts-plain64";
1985 // prepare the device
1986 OK_(crypt_init(&cd, DEVICE_1));
1987 crypt_set_iteration_time(cd, 1);
1988 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, NULL, 32, NULL));
1989 offset = crypt_get_data_offset(cd);
1990 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
1991 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 7);
1994 // convert LUKSv1 -> LUKSv2
1995 OK_(crypt_init(&cd, DEVICE_1));
1996 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
1997 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "format is already LUKSv1");
1998 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
1999 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "device is active");
2000 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2001 OK_(crypt_deactivate(cd, CDEVICE_1));
2002 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2003 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2007 OK_(crypt_init(&cd, DEVICE_1));
2008 FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "wrong luks format");
2009 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2010 EQ_(crypt_get_data_offset(cd), offset);
2011 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2012 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2013 OK_(crypt_deactivate(cd, CDEVICE_1));
2014 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), 0), 7);
2015 OK_(crypt_deactivate(cd, CDEVICE_1));
2016 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "format is already LUKSv2");
2017 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2020 // convert LUKSv2 -> LUKSv1
2021 OK_(crypt_init(&cd, DEVICE_1));
2022 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2023 EQ_(crypt_get_data_offset(cd), offset);
2024 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2025 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "device is active");
2026 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS2));
2027 OK_(crypt_deactivate(cd, CDEVICE_1));
2028 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2029 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2033 OK_(crypt_init(&cd, DEVICE_1));
2034 FAIL_(crypt_load(cd, CRYPT_LUKS2, NULL), "wrong luks format");
2035 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2036 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2037 EQ_(crypt_get_data_offset(cd), offset);
2038 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2039 OK_(crypt_deactivate(cd, CDEVICE_1));
2040 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), 0), 7);
2041 OK_(crypt_deactivate(cd, CDEVICE_1));
2042 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "format is already LUKSv1");
2043 OK_(strcmp(crypt_get_type(cd), CRYPT_LUKS1));
2046 // exercice non-pbkdf2 LUKSv2 conversion
2048 OK_(crypt_init(&cd, DEVICE_1));
2049 OK_(crypt_set_data_offset(cd, offset));
2050 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
2051 OK_(crypt_set_pbkdf_type(cd, &argon));
2052 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2053 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Incompatible pbkdf with LUKSv1 format");
2057 // exercice non LUKS1 compatible keyslot
2058 OK_(crypt_init(&cd, DEVICE_1));
2059 OK_(crypt_set_data_offset(cd, offset));
2060 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
2061 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2062 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
2063 // FIXME: following test fails as expected but for a different reason
2064 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Unassigned keyslots are incompatible with LUKSv1 format");
2067 // exercice LUKSv2 conversion with single pbkdf2 keyslot being active
2068 OK_(crypt_init(&cd, DEVICE_1));
2069 OK_(crypt_set_data_offset(cd, offset));
2070 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2071 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
2072 offset = crypt_get_data_offset(cd);
2073 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2075 OK_(crypt_set_pbkdf_type(cd, &argon));
2076 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 1);
2077 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Different hash for digest and keyslot.");
2078 OK_(crypt_keyslot_destroy(cd, 1));
2080 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2081 EQ_(crypt_get_data_offset(cd), offset);
2083 OK_(crypt_init(&cd, DEVICE_1));
2084 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2085 EQ_(crypt_get_data_offset(cd), offset);
2086 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2089 // do not allow conversion on keyslot No > 7
2090 OK_(crypt_init(&cd, DEVICE_1));
2091 OK_(crypt_set_data_offset(cd, offset));
2092 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
2093 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
2094 EQ_(crypt_keyslot_add_by_volume_key(cd, 8, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 8);
2095 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Can't convert keyslot No 8");
2098 // do not allow conversion with token
2099 OK_(crypt_init(&cd, DEVICE_1));
2100 OK_(crypt_set_data_offset(cd, offset));
2101 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
2102 OK_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, json));
2103 FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Can't convert header with token.");
2106 // should be enough for both luks1 and luks2 devices with all vk lengths
2107 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
2108 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
2110 // do not allow conversion for legacy luks1 device (non-aligned keyslot offset)
2111 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_256_LEGACY " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2112 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2113 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2114 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "Can't convert device with unaligned keyslot offset");
2118 * do not allow conversion on images if there's not enough space between
2119 * last keyslot and data offset (should not happen on headers created
2122 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_256_UNMOVABLE " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2123 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2124 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2125 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "Can't convert device with unaligned keyslot offset");
2128 // compat conversion tests
2132 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_128 " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2134 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2135 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2136 offset = crypt_get_data_offset(cd);
2137 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2138 EQ_(crypt_get_data_offset(cd), offset);
2139 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2140 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2141 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2143 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2144 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2145 EQ_(crypt_get_data_offset(cd), offset);
2146 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2147 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2151 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_256 " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2153 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2154 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2155 offset = crypt_get_data_offset(cd);
2156 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2157 EQ_(crypt_get_data_offset(cd), offset);
2158 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2159 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2160 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2162 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2163 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2164 EQ_(crypt_get_data_offset(cd), offset);
2165 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2166 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2170 OK_(_system("dd if=" CONV_DIR "/" CONV_L1_512 " of=" DMDIR L_DEVICE_1S " bs=1M count=2 oflag=direct 2>/dev/null", 1));
2172 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2173 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2174 offset = crypt_get_data_offset(cd);
2175 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2176 EQ_(crypt_get_data_offset(cd), offset);
2177 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2178 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2179 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2181 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2182 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2183 EQ_(crypt_get_data_offset(cd), offset);
2184 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2185 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2188 // detached LUKS1 header conversion
2189 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_128_DET));
2190 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2191 offset = crypt_get_data_offset(cd);
2192 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2193 EQ_(crypt_get_data_offset(cd), offset);
2194 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2195 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2196 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2198 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_128_DET));
2199 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2200 EQ_(crypt_get_data_offset(cd), offset);
2201 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2202 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2206 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_256_DET));
2207 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2208 offset = crypt_get_data_offset(cd);
2209 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2210 EQ_(crypt_get_data_offset(cd), offset);
2211 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2212 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2213 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2215 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_256_DET));
2216 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2217 EQ_(crypt_get_data_offset(cd), offset);
2218 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2219 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2223 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_512_DET));
2224 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2225 offset = crypt_get_data_offset(cd);
2226 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2227 EQ_(crypt_get_data_offset(cd), offset);
2228 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS2), 0);
2229 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2230 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2232 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L1_512_DET));
2233 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2234 EQ_(crypt_get_data_offset(cd), offset);
2235 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2236 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2241 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_128 " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2243 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2244 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2245 offset = crypt_get_data_offset(cd);
2246 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2247 EQ_(crypt_get_data_offset(cd), offset);
2248 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2249 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2250 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2252 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2253 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2254 EQ_(crypt_get_data_offset(cd), offset);
2255 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2256 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2259 // 128b all LUKS1 keyslots used
2260 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_128_FULL " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2261 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2262 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2263 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2264 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2266 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2267 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2268 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2269 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2270 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2271 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2272 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2273 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2274 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2275 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2279 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_256 " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2281 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2282 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2283 offset = crypt_get_data_offset(cd);
2284 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2285 EQ_(crypt_get_data_offset(cd), offset);
2286 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2287 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2288 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2290 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2291 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2292 EQ_(crypt_get_data_offset(cd), offset);
2293 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2294 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2297 // 256b all LUKS1 keyslots used
2298 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_256_FULL " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2299 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2300 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2301 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2302 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2304 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2305 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2306 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2307 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2308 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2309 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2310 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2311 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2312 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2313 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2317 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_512 " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2319 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2320 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2321 offset = crypt_get_data_offset(cd);
2322 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2323 EQ_(crypt_get_data_offset(cd), offset);
2324 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2325 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2326 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2328 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2329 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2330 EQ_(crypt_get_data_offset(cd), offset);
2331 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2332 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2335 // 512b all LUKS1 keyslots used
2336 OK_(_system("dd if=" CONV_DIR "/" CONV_L2_512_FULL " of=" DMDIR L_DEVICE_1S " bs=1M count=4 oflag=direct 2>/dev/null", 1));
2337 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2338 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2339 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2340 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2342 OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
2343 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2344 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2345 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2346 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2347 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2348 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2349 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2350 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2351 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2356 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET));
2357 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2358 offset = crypt_get_data_offset(cd);
2359 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2360 EQ_(crypt_get_data_offset(cd), offset);
2361 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2362 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2363 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2365 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET));
2366 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2367 EQ_(crypt_get_data_offset(cd), offset);
2368 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2369 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2372 // 128b all LUKS1 keyslots used
2373 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET_FULL));
2374 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2375 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2376 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2378 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_128_DET_FULL));
2379 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2380 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2381 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2382 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2383 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2384 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2385 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2386 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2387 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2391 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET));
2392 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2393 offset = crypt_get_data_offset(cd);
2394 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2395 EQ_(crypt_get_data_offset(cd), offset);
2396 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2397 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2398 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2400 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET));
2401 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2402 EQ_(crypt_get_data_offset(cd), offset);
2403 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2404 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2407 // 256b all LUKS1 keyslots used
2408 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET_FULL));
2409 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2410 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2411 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2413 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_256_DET_FULL));
2414 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2415 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2416 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2417 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2418 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2419 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2420 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2421 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2422 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2426 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET));
2427 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2428 offset = crypt_get_data_offset(cd);
2429 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2430 EQ_(crypt_get_data_offset(cd), offset);
2431 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2432 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2433 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2435 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET));
2436 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2437 EQ_(crypt_get_data_offset(cd), offset);
2438 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2439 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2442 // 512b all LUKS1 keyslots used
2443 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET_FULL));
2444 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2445 OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
2446 EQ_(strcmp(crypt_get_type(cd), CRYPT_LUKS1), 0);
2448 OK_(crypt_init(&cd, CONV_DIR "/" CONV_L2_512_DET_FULL));
2449 OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
2450 EQ_(crypt_activate_by_passphrase(cd, NULL, 0, PASS0, strlen(PASS0), 0), 0);
2451 EQ_(crypt_activate_by_passphrase(cd, NULL, 7, PASS7, strlen(PASS7), 0), 7);
2452 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASS1, strlen(PASS1), 0), 1);
2453 EQ_(crypt_activate_by_passphrase(cd, NULL, 2, PASS2, strlen(PASS2), 0), 2);
2454 EQ_(crypt_activate_by_passphrase(cd, NULL, 3, PASS3, strlen(PASS3), 0), 3);
2455 EQ_(crypt_activate_by_passphrase(cd, NULL, 4, PASS4, strlen(PASS4), 0), 4);
2456 EQ_(crypt_activate_by_passphrase(cd, NULL, 5, PASS5, strlen(PASS5), 0), 5);
2457 EQ_(crypt_activate_by_passphrase(cd, NULL, 6, PASS6, strlen(PASS6), 0), 6);
2460 // detached LUKS1 header upconversion
2461 OK_(create_dmdevice_over_loop(H_DEVICE, 2050)); // default LUKS1 header should fit there
2462 OK_(crypt_init(&cd, DMDIR H_DEVICE));
2463 crypt_set_iteration_time(cd, 1);
2464 //OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2465 OK_(crypt_format(cd, CRYPT_LUKS1, "aes", "xts-plain64", NULL, NULL, 32, &luks1));
2466 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 7);
2467 FAIL_(crypt_convert(cd, CRYPT_LUKS2, NULL), "Unable to move keyslots. Not enough space.");
2470 // 2050 sectors, empty file
2471 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL_2));
2472 //OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2473 crypt_set_iteration_time(cd, 1);
2474 OK_(crypt_format(cd, CRYPT_LUKS1, "aes", "xts-plain64", NULL, NULL, 32, &luks1));
2475 EQ_(crypt_get_data_offset(cd), 0);
2476 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 7);
2477 OK_(crypt_convert(cd, CRYPT_LUKS2, NULL));
2480 _cleanup_dmdevices();
2483 static void Pbkdf(void)
2485 const struct crypt_pbkdf_type *pbkdf;
2487 const char *cipher = "aes", *mode="xts-plain64";
2488 struct crypt_pbkdf_type argon2 = {
2489 .type = CRYPT_KDF_ARGON2I,
2490 .hash = DEFAULT_LUKS1_HASH,
2492 .max_memory_kb = 1024,
2493 .parallel_threads = 1
2495 .type = CRYPT_KDF_PBKDF2,
2496 .hash = DEFAULT_LUKS1_HASH,
2499 .type = "hamster_pbkdf",
2500 .hash = DEFAULT_LUKS1_HASH
2502 struct crypt_params_plain params = {
2508 struct crypt_params_luks1 luks1 = {
2509 .hash = "whirlpool", // test non-standard hash
2510 .data_alignment = 2048,
2513 uint64_t r_payload_offset;
2515 /* Only PBKDF2 is allowed in FIPS, these tests cannot be run. */
2519 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
2520 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
2522 NULL_(crypt_get_pbkdf_type_params(NULL));
2523 NULL_(crypt_get_pbkdf_type_params("suslik"));
2524 NOTNULL_(pbkdf = crypt_get_pbkdf_type_params(CRYPT_KDF_PBKDF2));
2525 OK_(strcmp(pbkdf->type, CRYPT_KDF_PBKDF2));
2526 NOTNULL_(pbkdf = crypt_get_pbkdf_type_params(CRYPT_KDF_ARGON2I));
2527 OK_(strcmp(pbkdf->type, CRYPT_KDF_ARGON2I));
2528 NOTNULL_(pbkdf = crypt_get_pbkdf_type_params(CRYPT_KDF_ARGON2ID));
2529 OK_(strcmp(pbkdf->type, CRYPT_KDF_ARGON2ID));
2531 // test empty context
2532 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2533 NULL_(crypt_get_pbkdf_type(cd));
2534 OK_(crypt_set_pbkdf_type(cd, &argon2));
2535 NOTNULL_(crypt_get_pbkdf_type(cd));
2536 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2537 NOTNULL_(crypt_get_pbkdf_type(cd));
2538 OK_(crypt_set_pbkdf_type(cd, NULL));
2539 NOTNULL_(crypt_get_pbkdf_type(cd));
2541 // test plain device
2542 OK_(crypt_format(cd, CRYPT_PLAIN, cipher, mode, NULL, NULL, 32, ¶ms));
2543 OK_(crypt_set_pbkdf_type(cd, &argon2));
2544 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2545 OK_(crypt_set_pbkdf_type(cd, NULL));
2546 NOTNULL_(crypt_get_pbkdf_type(cd));
2549 // test LUKSv1 device
2550 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2551 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, mode, NULL, NULL, 32, NULL));
2552 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Unsupported with non-LUKS2 devices");
2553 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2554 OK_(crypt_set_pbkdf_type(cd, NULL));
2555 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2556 EQ_(pbkdf->time_ms, DEFAULT_LUKS1_ITER_TIME);
2558 // test value set in crypt_set_iteration_time() can be obtained via following crypt_get_pbkdf_type()
2559 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2560 crypt_set_iteration_time(cd, 42);
2561 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, mode, NULL, NULL, 32, NULL));
2562 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2563 EQ_(pbkdf->time_ms, 42);
2564 // test crypt_get_pbkdf_type() returns expected values for LUKSv1
2565 OK_(strcmp(pbkdf->type, CRYPT_KDF_PBKDF2));
2566 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2567 EQ_(pbkdf->max_memory_kb, 0);
2568 EQ_(pbkdf->parallel_threads, 0);
2569 crypt_set_iteration_time(cd, 43);
2570 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2571 EQ_(pbkdf->time_ms, 43);
2573 // test whether crypt_get_pbkdf_type() after double crypt_load()
2574 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2575 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2576 crypt_set_iteration_time(cd, 42);
2577 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2578 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2579 EQ_(pbkdf->time_ms, 42);
2581 // test whether hash passed via *params in crypt_load() has higher priority
2582 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2583 crypt_set_iteration_time(cd, 1);
2584 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, mode, NULL, NULL, 32, &luks1));
2585 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2586 OK_(strcmp(pbkdf->hash, luks1.hash));
2587 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2588 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2589 OK_(strcmp(pbkdf->hash, luks1.hash));
2592 // test LUKSv2 device
2593 // test default values are set
2594 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2595 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, mode, NULL, NULL, 32, NULL));
2596 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2597 OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
2598 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2599 EQ_(pbkdf->time_ms, DEFAULT_LUKS2_ITER_TIME);
2600 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2601 EQ_(pbkdf->parallel_threads, _min(cpus_online(), DEFAULT_LUKS2_PARALLEL_THREADS));
2602 // set and verify argon2 type
2603 OK_(crypt_set_pbkdf_type(cd, &argon2));
2604 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2605 OK_(strcmp(pbkdf->type, argon2.type));
2606 OK_(strcmp(pbkdf->hash, argon2.hash));
2607 EQ_(pbkdf->time_ms, argon2.time_ms);
2608 EQ_(pbkdf->max_memory_kb, argon2.max_memory_kb);
2609 EQ_(pbkdf->parallel_threads, argon2.parallel_threads);
2610 // set and verify pbkdf2 type
2611 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2612 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2613 OK_(strcmp(pbkdf->type, pbkdf2.type));
2614 OK_(strcmp(pbkdf->hash, pbkdf2.hash));
2615 EQ_(pbkdf->time_ms, pbkdf2.time_ms);
2616 EQ_(pbkdf->max_memory_kb, pbkdf2.max_memory_kb);
2617 EQ_(pbkdf->parallel_threads, pbkdf2.parallel_threads);
2618 // reset and verify default values
2619 crypt_set_iteration_time(cd, 1); // it's supposed to override this call
2620 OK_(crypt_set_pbkdf_type(cd, NULL));
2621 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2622 OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
2623 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2624 EQ_(pbkdf->time_ms, DEFAULT_LUKS2_ITER_TIME);
2625 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2626 EQ_(pbkdf->parallel_threads, _min(cpus_online(), DEFAULT_LUKS2_PARALLEL_THREADS));
2627 // try to pass illegal values
2628 argon2.parallel_threads = 0;
2629 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Parallel threads can't be 0");
2630 argon2.parallel_threads = 1;
2631 argon2.max_memory_kb = 0;
2632 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Memory can't be 0");
2633 argon2.max_memory_kb = 1024;
2634 pbkdf2.parallel_threads = 1;
2635 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Parallel threads can't be set with pbkdf2 type");
2636 pbkdf2.parallel_threads = 0;
2637 pbkdf2.max_memory_kb = 512;
2638 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Memory can't be set with pbkdf2 type");
2639 FAIL_(crypt_set_pbkdf_type(cd, &bad), "Unknown type member");
2640 bad.type = CRYPT_KDF_PBKDF2;
2642 FAIL_(crypt_set_pbkdf_type(cd, &bad), "Hash member is empty");
2644 bad.hash = DEFAULT_LUKS1_HASH;
2645 FAIL_(crypt_set_pbkdf_type(cd, &bad), "Pbkdf type member is empty");
2646 bad.hash = "hamster_hash";
2647 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Unknown hash member");
2649 // test whether crypt_get_pbkdf_type() behaves accordingly after second crypt_load() call
2650 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2651 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2652 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2653 OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
2654 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2655 EQ_(pbkdf->time_ms, DEFAULT_LUKS2_ITER_TIME);
2656 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2657 EQ_(pbkdf->parallel_threads, _min(cpus_online(), DEFAULT_LUKS2_PARALLEL_THREADS));
2658 crypt_set_iteration_time(cd, 1);
2659 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
2660 OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
2661 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2662 EQ_(pbkdf->time_ms, 1);
2663 EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
2664 EQ_(pbkdf->parallel_threads, _min(cpus_online(), DEFAULT_LUKS2_PARALLEL_THREADS));
2667 // test crypt_set_pbkdf_type() overwrites invalid value set by crypt_set_iteration_time()
2668 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2669 crypt_set_iteration_time(cd, 0);
2670 OK_(crypt_set_pbkdf_type(cd, &argon2));
2671 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2672 OK_(strcmp(pbkdf->type, argon2.type));
2673 EQ_(pbkdf->time_ms, argon2.time_ms);
2676 argon2.iterations = 33;
2677 argon2.flags = CRYPT_PBKDF_NO_BENCHMARK;
2678 OK_(crypt_set_pbkdf_type(cd, &argon2));
2679 NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
2680 EQ_(pbkdf->iterations, 33);
2681 EQ_(pbkdf->flags, CRYPT_PBKDF_NO_BENCHMARK);
2683 // time may be unset with iterations
2685 OK_(crypt_set_pbkdf_type(cd, &argon2));
2686 argon2.flags &= ~CRYPT_PBKDF_NO_BENCHMARK;
2687 FAIL_(crypt_set_pbkdf_type(cd, &argon2), "Illegal time value.");
2690 pbkdf2.flags = CRYPT_PBKDF_NO_BENCHMARK;
2691 pbkdf2.parallel_threads = 0;
2692 pbkdf2.max_memory_kb = 0;
2693 pbkdf2.iterations = 1000;
2694 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2695 pbkdf2.flags &= ~CRYPT_PBKDF_NO_BENCHMARK;
2696 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Illegal time value.");
2698 // hash is relevant only with pbkdf2
2701 FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Hash is mandatory for pbkdf2");
2702 pbkdf2.hash = "sha1";
2703 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
2706 argon2.hash = "sha1"; // will be ignored
2707 OK_(crypt_set_pbkdf_type(cd, &argon2));
2709 OK_(crypt_set_pbkdf_type(cd, &argon2));
2713 NOTNULL_(pbkdf = crypt_get_pbkdf_default(CRYPT_LUKS1));
2714 OK_(strcmp(pbkdf->type, CRYPT_KDF_PBKDF2));
2715 EQ_(pbkdf->time_ms, DEFAULT_LUKS1_ITER_TIME);
2716 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2717 EQ_(pbkdf->max_memory_kb, 0);
2718 EQ_(pbkdf->parallel_threads, 0);
2720 NOTNULL_(pbkdf = crypt_get_pbkdf_default(CRYPT_LUKS2));
2721 OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
2722 EQ_(pbkdf->time_ms, DEFAULT_LUKS2_ITER_TIME);
2723 OK_(strcmp(pbkdf->hash, DEFAULT_LUKS1_HASH));
2724 EQ_(pbkdf->max_memory_kb, DEFAULT_LUKS2_MEMORY_KB);
2725 EQ_(pbkdf->parallel_threads, DEFAULT_LUKS2_PARALLEL_THREADS);
2727 NULL_(pbkdf = crypt_get_pbkdf_default(CRYPT_PLAIN));
2729 _cleanup_dmdevices();
2732 static void Luks2KeyslotAdd(void)
2734 char key[128], key2[128], key_ret[128];
2735 const char *cipher = "aes", *cipher_mode="xts-plain64";
2736 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
2737 const char *mk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
2738 size_t key_ret_len, key_size = strlen(mk_hex) / 2;
2739 uint64_t r_payload_offset;
2740 struct crypt_pbkdf_type pbkdf = {
2744 .max_memory_kb = 32,
2745 .parallel_threads = 1,
2746 .flags = CRYPT_PBKDF_NO_BENCHMARK,
2748 struct crypt_params_luks2 params2 = {
2750 .sector_size = SECTOR_SIZE
2753 crypt_decode_key(key, mk_hex, key_size);
2754 crypt_decode_key(key2, mk_hex2, key_size);
2756 /* Cannot use Argon2 in FIPS */
2758 pbkdf.type = CRYPT_KDF_PBKDF2;
2759 pbkdf.parallel_threads = 0;
2760 pbkdf.max_memory_kb = 0;
2761 pbkdf.iterations = 1000;
2764 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
2765 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
2767 /* test crypt_keyslot_add_by_key */
2768 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2769 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms2));
2770 EQ_(crypt_keyslot_add_by_key(cd, 1, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
2771 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), 0);
2772 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE_LAST);
2773 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_UNBOUND);
2774 /* must not activate volume with keyslot unassigned to a segment */
2775 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key2, key_size, 0), "Key doesn't match volume key digest");
2776 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), "Keyslot not assigned to volume");
2777 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), 0), "No keyslot assigned to volume with this passphrase");
2778 /* unusable for volume activation even in test mode */
2779 FAIL_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0), "Key doesn't match volume key digest");
2780 /* otoh passphrase check should pass */
2781 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 1);
2782 EQ_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 1);
2783 /* in general crypt_keyslot_add_by_key must allow any reasonable key size
2784 * even though such keyslot will not be usable for segment encryption */
2785 EQ_(crypt_keyslot_add_by_key(cd, 2, key2, key_size-1, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 2);
2786 EQ_(crypt_keyslot_add_by_key(cd, 3, key2, 13, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 3);
2788 FAIL_(crypt_keyslot_get_key_size(cd, CRYPT_ANY_SLOT), "Bad keyslot specification.");
2789 EQ_(crypt_get_volume_key_size(cd), key_size);
2790 EQ_(crypt_keyslot_get_key_size(cd, 0), key_size);
2791 EQ_(crypt_keyslot_get_key_size(cd, 1), key_size);
2792 EQ_(crypt_keyslot_get_key_size(cd, 2), key_size-1);
2793 EQ_(crypt_keyslot_get_key_size(cd, 3), 13);
2795 key_ret_len = key_size - 1;
2796 FAIL_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), "Wrong size");
2799 FAIL_(crypt_volume_key_get(cd, 2, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), "wrong size");
2800 EQ_(crypt_volume_key_get(cd, 3, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), 3);
2801 FAIL_(crypt_activate_by_volume_key(cd, NULL, key_ret, key_ret_len, 0), "Not a volume key");
2802 key_ret_len = key_size;
2803 EQ_(crypt_volume_key_get(cd, 1, key_ret, &key_ret_len, PASSPHRASE1, strlen(PASSPHRASE1)), 1);
2805 /* test force volume key change works as expected */
2806 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 0, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), 1);
2807 OK_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0));
2808 OK_(crypt_activate_by_volume_key(cd, NULL, key_ret, key_ret_len, 0));
2809 OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key2, key_size, 0));
2810 OK_(crypt_deactivate(cd, CDEVICE_1));
2811 EQ_(crypt_activate_by_passphrase(cd, NULL, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), 1);
2812 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), 1);
2813 OK_(crypt_deactivate(cd, CDEVICE_1));
2814 /* old keyslot must be unusable */
2815 FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Key doesn't match volume key digest");
2816 FAIL_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0), "Key doesn't match volume key digest");
2817 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), "Keyslot not assigned to volume");
2818 EQ_(crypt_keyslot_add_by_passphrase(cd, 5, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE1, strlen(PASSPHRASE1)), 5);
2819 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1)), 6);
2820 /* regression test. check new keyslot is properly assigned to new volume key digest */
2821 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 5, PASSPHRASE1, strlen(PASSPHRASE1), 0), 5);
2822 OK_(crypt_deactivate(cd, CDEVICE_1));
2823 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 6, PASSPHRASE1, strlen(PASSPHRASE1), 0), 6);
2824 OK_(crypt_deactivate(cd, CDEVICE_1));
2828 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2829 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, ¶ms2));
2830 /* keyslot 0, volume key, digest 0 */
2831 EQ_(crypt_keyslot_add_by_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
2832 /* keyslot 1, unbound key, digest 1 */
2833 EQ_(crypt_keyslot_add_by_key(cd, 1, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
2834 /* keyslot 2, unbound key, digest 1 */
2835 EQ_(crypt_keyslot_add_by_key(cd, 2, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE), 2);
2836 /* keyslot 3, unbound key, digest 2 */
2837 EQ_(crypt_keyslot_add_by_key(cd, 3, key2, key_size - 1, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE), 3);
2838 /* keyslot 4, unbound key, digest 1 */
2839 EQ_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE), 4);
2840 FAIL_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_SET), "Illegal");
2841 FAIL_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_SET | CRYPT_VOLUME_KEY_DIGEST_REUSE), "Illegal");
2842 /* Such key doesn't exist, nothing to reuse */
2843 FAIL_(crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key2, key_size - 2, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_DIGEST_REUSE), "Key digest doesn't match any existing.");
2844 /* Keyslot 5, volume key, digest 0 */
2845 EQ_(crypt_keyslot_add_by_key(cd, 5, key, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_DIGEST_REUSE), 5);
2847 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
2848 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), 1);
2849 OK_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0));
2850 FAIL_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0), "Not a volume key");
2851 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE1, strlen(PASSPHRASE1), 0), 1);
2852 OK_(crypt_deactivate(cd, CDEVICE_1));
2853 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 2, PASSPHRASE1, strlen(PASSPHRASE1), 0), 2);
2854 OK_(crypt_deactivate(cd, CDEVICE_1));
2855 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), "No volume key keyslot");
2857 /* TODO: key is unusable with aes-xts */
2858 // FAIL_(crypt_keyslot_add_by_key(cd, 3, NULL, 0, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), "Unusable key with segment cipher");
2860 EQ_(crypt_keyslot_add_by_key(cd, 5, NULL, 0, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_SET), 5);
2861 FAIL_(crypt_activate_by_volume_key(cd, NULL, key2, key_size, 0), "Not a volume key");
2862 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 5, PASSPHRASE1, strlen(PASSPHRASE1), 0), 5);
2863 OK_(crypt_deactivate(cd, CDEVICE_1));
2867 _cleanup_dmdevices();
2870 static void Luks2KeyslotParams(void)
2872 char key[128], key2[128];
2873 const char *cipher = "aes", *cipher_mode="xts-plain64";
2874 const char *cipher_spec = "aes-xts-plain64", *cipher_keyslot = "aes-cbc-essiv:sha256";
2875 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
2876 const char *mk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
2877 size_t key_size_ret, key_size = strlen(mk_hex) / 2, keyslot_key_size = 16;
2878 uint64_t r_payload_offset;
2880 crypt_decode_key(key, mk_hex, key_size);
2881 crypt_decode_key(key2, mk_hex2, key_size);
2883 OK_(prepare_keyfile(KEYFILE1, PASSPHRASE, strlen(PASSPHRASE)));
2884 OK_(prepare_keyfile(KEYFILE2, PASSPHRASE1, strlen(PASSPHRASE1)));
2886 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
2887 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
2889 EQ_(key_size, 2 * keyslot_key_size);
2890 /* test crypt_keyslot_add_by_key */
2891 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2892 crypt_set_iteration_time(cd, 1);
2893 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
2894 NULL_(crypt_keyslot_get_encryption(cd, 0, &key_size_ret));
2895 OK_(strcmp(crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size_ret), cipher_spec));
2896 EQ_(key_size_ret, key_size);
2899 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
2900 EQ_(1, crypt_keyslot_add_by_passphrase(cd, 1, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1,strlen(PASSPHRASE1)));
2901 EQ_(2, crypt_keyslot_add_by_key(cd, 2, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT));
2902 EQ_(6, crypt_keyslot_add_by_keyfile(cd, 6, KEYFILE1, 0, KEYFILE2, 0));
2904 // Slots with different encryption type
2905 OK_(crypt_keyslot_set_encryption(cd, cipher_keyslot, keyslot_key_size));
2906 OK_(strcmp(crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size_ret), cipher_keyslot));
2907 EQ_(key_size_ret, keyslot_key_size);
2909 EQ_(3, crypt_keyslot_add_by_volume_key(cd, 3, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
2910 EQ_(4, crypt_keyslot_add_by_passphrase(cd, 4, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1,strlen(PASSPHRASE1)));
2911 EQ_(5, crypt_keyslot_add_by_key(cd, 5, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT));
2912 EQ_(7, crypt_keyslot_add_by_keyfile(cd, 7, KEYFILE1, 0, KEYFILE2, 0));
2916 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2917 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
2919 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE);
2920 OK_(strcmp(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), cipher_spec));
2921 EQ_(key_size_ret, key_size);
2923 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_ACTIVE);
2924 OK_(strcmp(crypt_keyslot_get_encryption(cd, 1, &key_size_ret), cipher_spec));
2925 EQ_(key_size_ret, key_size);
2927 EQ_(crypt_keyslot_status(cd, 2), CRYPT_SLOT_UNBOUND);
2928 OK_(strcmp(crypt_keyslot_get_encryption(cd, 2, &key_size_ret), cipher_spec));
2929 EQ_(key_size_ret, key_size);
2931 EQ_(crypt_keyslot_status(cd, 6), CRYPT_SLOT_ACTIVE);
2932 OK_(strcmp(crypt_keyslot_get_encryption(cd, 6, &key_size_ret), cipher_spec));
2933 EQ_(key_size_ret, key_size);
2935 EQ_(crypt_keyslot_status(cd, 3), CRYPT_SLOT_ACTIVE);
2936 OK_(strcmp(crypt_keyslot_get_encryption(cd, 3, &key_size_ret), cipher_keyslot));
2937 EQ_(key_size_ret, keyslot_key_size);
2939 EQ_(crypt_keyslot_status(cd, 4), CRYPT_SLOT_ACTIVE);
2940 OK_(strcmp(crypt_keyslot_get_encryption(cd, 4, &key_size_ret), cipher_keyslot));
2941 EQ_(key_size_ret, keyslot_key_size);
2943 EQ_(crypt_keyslot_status(cd, 5), CRYPT_SLOT_UNBOUND);
2944 OK_(strcmp(crypt_keyslot_get_encryption(cd, 5, &key_size_ret), cipher_keyslot));
2945 EQ_(key_size_ret, keyslot_key_size);
2947 EQ_(crypt_keyslot_status(cd, 7), CRYPT_SLOT_ACTIVE);
2948 OK_(strcmp(crypt_keyslot_get_encryption(cd, 7, &key_size_ret), cipher_keyslot));
2949 EQ_(key_size_ret, keyslot_key_size);
2951 crypt_set_iteration_time(cd, 1);
2952 EQ_(8, crypt_keyslot_change_by_passphrase(cd, 1, 8, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE, strlen(PASSPHRASE)));
2953 OK_(strcmp(crypt_keyslot_get_encryption(cd, 8, &key_size_ret), cipher_spec));
2954 EQ_(key_size_ret, key_size);
2956 /* Revert to default */
2957 EQ_(9, crypt_keyslot_change_by_passphrase(cd, 5, 9, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE, strlen(PASSPHRASE)));
2958 OK_(strcmp(crypt_keyslot_get_encryption(cd, 9, &key_size_ret), cipher_spec));
2959 EQ_(key_size_ret, key_size);
2961 /* Set new encryption params */
2962 OK_(crypt_keyslot_set_encryption(cd, cipher_keyslot, keyslot_key_size));
2964 EQ_(1, crypt_keyslot_change_by_passphrase(cd, 8, 1, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1, strlen(PASSPHRASE1)));
2965 OK_(strcmp(crypt_keyslot_get_encryption(cd, 1, &key_size_ret), cipher_keyslot));
2966 EQ_(key_size_ret, keyslot_key_size);
2968 EQ_(10, crypt_keyslot_change_by_passphrase(cd, 2, 10, PASSPHRASE1, strlen(PASSPHRASE1), PASSPHRASE, strlen(PASSPHRASE)));
2969 OK_(strcmp(crypt_keyslot_get_encryption(cd, 10, &key_size_ret), cipher_keyslot));
2970 EQ_(key_size_ret, keyslot_key_size);
2972 EQ_(0, crypt_keyslot_change_by_passphrase(cd, 0, 0, PASSPHRASE, strlen(PASSPHRASE), PASSPHRASE1, strlen(PASSPHRASE1)));
2973 OK_(strcmp(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), cipher_keyslot));
2974 EQ_(key_size_ret, keyslot_key_size);
2978 /* LUKS1 compatible calls */
2979 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
2980 crypt_set_iteration_time(cd, 1);
2981 OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, NULL));
2982 NULL_(crypt_keyslot_get_encryption(cd, 0, &key_size_ret));
2983 OK_(strcmp(crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size_ret), cipher_spec));
2984 EQ_(key_size_ret, key_size);
2985 EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, PASSPHRASE, strlen(PASSPHRASE)));
2986 OK_(strcmp(crypt_keyslot_get_encryption(cd, 0, &key_size_ret), cipher_spec));
2987 EQ_(key_size_ret, key_size);
2990 _cleanup_dmdevices();
2994 static void Luks2ActivateByKeyring(void)
2996 #ifdef KERNEL_KEYRING
2998 key_serial_t kid, kid1;
2999 uint64_t r_payload_offset;
3001 const char *cipher = "aes";
3002 const char *cipher_mode = "xts-plain64";
3004 if (!t_dm_crypt_keyring_support()) {
3005 printf("WARNING: Kernel keyring not supported, skipping test.\n");
3009 kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING);
3010 NOTFAIL_(kid, "Test or kernel keyring are broken.");
3011 kid1 = add_key("user", KEY_DESC_TEST1, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING);
3012 NOTFAIL_(kid1, "Test or kernel keyring are broken.");
3014 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
3015 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
3017 // prepare the device
3018 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3019 crypt_set_iteration_time(cd, 1);
3020 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
3021 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
3022 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3023 EQ_(crypt_keyslot_add_by_volume_key(cd, 2, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 2);
3026 // FIXME: all following tests work as expected but most error messages are missing
3027 // check activate by keyring works exactly same as by passphrase
3028 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3029 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3030 EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, 0), 0);
3031 EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0), 0);
3032 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
3033 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0), "already open");
3034 OK_(crypt_deactivate(cd, CDEVICE_1));
3035 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
3036 EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 1, CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY), 1);
3037 EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 2, 0), 2);
3038 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, 1, 0), "Keyslot not assigned to volume");
3039 EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, 2, 0), 2);
3040 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
3041 OK_(crypt_deactivate(cd, CDEVICE_1));
3042 EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, CRYPT_ANY_SLOT, 0), 2);
3043 OK_(crypt_deactivate(cd, CDEVICE_1));
3044 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 2, 0), "Failed to unclock keyslot");
3045 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 0, 0), "Failed to unclock keyslot");
3048 NOTFAIL_(keyctl_unlink(kid, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
3049 NOTFAIL_(keyctl_unlink(kid1, KEY_SPEC_THREAD_KEYRING), "Test or kernel keyring are broken.");
3051 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3052 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3053 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, CRYPT_ANY_SLOT, 0), "no such key in keyring");
3054 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, CRYPT_ANY_SLOT, 0), "no such key in keyring");
3055 FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST1, 2, 0), "no such key in keyring");
3056 FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST1, 1, 0), "no such key in keyring");
3058 _cleanup_dmdevices();
3060 printf("WARNING: cryptsetup compiled with kernel keyring service disabled, skipping test.\n");
3064 static void Luks2Requirements(void)
3068 size_t key_size = 128;
3069 const struct crypt_pbkdf_type *pbkdf;
3070 #ifdef KERNEL_KEYRING
3074 uint64_t dummy, r_payload_offset;
3075 struct crypt_active_device cad;
3077 const char *token, *json = "{\"type\":\"test_token\",\"keyslots\":[]}";
3078 struct crypt_pbkdf_type argon2 = {
3079 .type = CRYPT_KDF_ARGON2I,
3080 .hash = DEFAULT_LUKS1_HASH,
3082 .max_memory_kb = 1024,
3083 .parallel_threads = 1
3085 .type = CRYPT_KDF_PBKDF2,
3086 .hash = DEFAULT_LUKS1_HASH,
3089 struct crypt_token_params_luks2_keyring params_get, params = {
3090 .key_description = KEY_DESC_TEST0
3093 OK_(prepare_keyfile(KEYFILE1, "aaa", 3));
3094 OK_(prepare_keyfile(KEYFILE2, "xxx", 3));
3096 /* crypt_load (unrestricted) */
3097 OK_(crypt_init(&cd, DEVICE_5));
3098 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
3101 OK_(crypt_init(&cd, DEVICE_5));
3102 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3104 /* crypt_dump (unrestricted) */
3106 OK_(crypt_dump(cd));
3107 OK_(!(global_lines != 0));
3110 /* get & set pbkdf params (unrestricted) */
3112 OK_(crypt_set_pbkdf_type(cd, &argon2));
3113 NOTNULL_(crypt_get_pbkdf_type(cd));
3116 OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
3117 NOTNULL_(crypt_get_pbkdf_type(cd));
3119 /* crypt_set_iteration_time (unrestricted) */
3120 crypt_set_iteration_time(cd, 1);
3121 pbkdf = crypt_get_pbkdf_type(cd);
3123 EQ_(pbkdf->time_ms, 1);
3125 /* crypt_convert (restricted) */
3126 FAIL_((r = crypt_convert(cd, CRYPT_LUKS1, NULL)), "Unmet requirements detected");
3129 /* crypt_set_uuid (restricted) */
3130 FAIL_((r = crypt_set_uuid(cd, NULL)), "Unmet requirements detected");
3133 /* crypt_set_label (restricted) */
3134 FAIL_((r = crypt_set_label(cd, "label", "subsystem")), "Unmet requirements detected");
3137 /* crypt_repair (with current repair capabilities it's unrestricted) */
3138 OK_(crypt_repair(cd, CRYPT_LUKS2, NULL));
3140 /* crypt_keyslot_add_passphrase (restricted) */
3141 FAIL_((r = crypt_keyslot_add_by_passphrase(cd, CRYPT_ANY_SLOT, "aaa", 3, "bbb", 3)), "Unmet requirements detected");
3144 /* crypt_keyslot_change_by_passphrase (restricted) */
3145 FAIL_((r = crypt_keyslot_change_by_passphrase(cd, CRYPT_ANY_SLOT, 9, "aaa", 3, "bbb", 3)), "Unmet requirements detected");
3148 /* crypt_keyslot_add_by_keyfile (restricted) */
3149 FAIL_((r = crypt_keyslot_add_by_keyfile(cd, CRYPT_ANY_SLOT, KEYFILE1, 0, KEYFILE2, 0)), "Unmet requirements detected");
3152 /* crypt_keyslot_add_by_keyfile_offset (restricted) */
3153 FAIL_((r = crypt_keyslot_add_by_keyfile_offset(cd, CRYPT_ANY_SLOT, KEYFILE1, 0, 0, KEYFILE2, 0, 0)), "Unmet requirements detected");
3156 /* crypt_volume_key_get (unrestricted, but see below) */
3157 OK_(crypt_volume_key_get(cd, 0, key, &key_size, "aaa", 3));
3159 /* crypt_keyslot_add_by_volume_key (restricted) */
3160 FAIL_((r = crypt_keyslot_add_by_volume_key(cd, CRYPT_ANY_SLOT, key, key_size, "xxx", 3)), "Unmet requirements detected");
3163 /* crypt_keyslot_add_by_key (restricted) */
3164 FAIL_((r = crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, NULL, key_size, "xxx", 3, CRYPT_VOLUME_KEY_NO_SEGMENT)), "Unmet requirements detected");
3167 /* crypt_keyslot_add_by_key (restricted) */
3168 FAIL_((r = crypt_keyslot_add_by_key(cd, CRYPT_ANY_SLOT, key, key_size, "xxx", 3, 0)), "Unmet requirements detected");
3171 /* crypt_persistent_flasgs_set (restricted) */
3172 FAIL_((r = crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, CRYPT_ACTIVATE_ALLOW_DISCARDS)), "Unmet requirements detected");
3175 /* crypt_persistent_flasgs_get (unrestricted) */
3176 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &flags));
3177 EQ_(flags, (uint32_t) CRYPT_REQUIREMENT_UNKNOWN);
3179 /* crypt_activate_by_passphrase (restricted for activation only) */
3180 FAIL_((r = crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, 0)), "Unmet requirements detected");
3182 OK_(crypt_activate_by_passphrase(cd, NULL, 0, "aaa", 3, 0));
3183 OK_(crypt_activate_by_passphrase(cd, NULL, 0, "aaa", 3, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3184 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
3186 /* crypt_activate_by_keyfile (restricted for activation only) */
3187 FAIL_((r = crypt_activate_by_keyfile(cd, CDEVICE_1, 0, KEYFILE1, 0, 0)), "Unmet requirements detected");
3189 OK_(crypt_activate_by_keyfile(cd, NULL, 0, KEYFILE1, 0, 0));
3190 OK_(crypt_activate_by_keyfile(cd, NULL, 0, KEYFILE1, 0, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3192 /* crypt_activate_by_volume_key (restricted for activation only) */
3193 FAIL_((r = crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0)), "Unmet requirements detected");
3195 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
3196 OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3198 #ifdef KERNEL_KEYRING
3199 if (t_dm_crypt_keyring_support()) {
3200 kid = add_key("user", KEY_DESC_TEST0, "aaa", 3, KEY_SPEC_THREAD_KEYRING);
3201 NOTFAIL_(kid, "Test or kernel keyring are broken.");
3203 /* crypt_activate_by_keyring (restricted for activation only) */
3204 FAIL_((r = crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0)), "Unmet requirements detected");
3205 EQ_(r, t_dm_crypt_keyring_support() ? -ETXTBSY : -EINVAL);
3206 OK_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, 0));
3207 OK_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, CRYPT_ACTIVATE_KEYRING_KEY));
3211 /* crypt_volume_key_verify (unrestricted) */
3212 OK_(crypt_volume_key_verify(cd, key, key_size));
3214 /* crypt_get_cipher (unrestricted) */
3215 OK_(strcmp(crypt_get_cipher(cd)?:"", "aes"));
3217 /* crypt_get_cipher_mode (unrestricted) */
3218 OK_(strcmp(crypt_get_cipher_mode(cd)?:"", "xts-plain64"));
3220 /* crypt_get_uuid (unrestricted) */
3221 NOTNULL_(crypt_get_uuid(cd));
3223 /* crypt_get_device_name (unrestricted) */
3224 NOTNULL_(crypt_get_device_name(cd));
3226 /* crypt_get_data_offset (unrestricted) */
3227 OK_(!crypt_get_data_offset(cd));
3229 /* crypt_get_iv_offset (unrestricted, nothing to test) */
3231 /* crypt_get_volume_key_size (unrestricted) */
3232 EQ_(crypt_get_volume_key_size(cd), key_size);
3234 /* crypt_keyslot_status (unrestricted) */
3235 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_ACTIVE_LAST);
3236 EQ_(crypt_keyslot_status(cd, 1), CRYPT_SLOT_INACTIVE);
3238 /* crypt_keyslot_get_priority (unrestricted) */
3239 EQ_(crypt_keyslot_get_priority(cd, 0), CRYPT_SLOT_PRIORITY_NORMAL);
3241 /* crypt_keyslot_set_priority (restricted) */
3242 FAIL_((r = crypt_keyslot_set_priority(cd, 0, CRYPT_SLOT_PRIORITY_PREFER)), "Unmet requirements detected");
3245 /* crypt_keyslot_area (unrestricted) */
3246 OK_(crypt_keyslot_area(cd, 0, &dummy, &dummy));
3249 /* crypt_header_backup (unrestricted) */
3250 remove(BACKUP_FILE);
3251 OK_(crypt_header_backup(cd, CRYPT_LUKS, BACKUP_FILE));
3253 /* crypt_header_restore (restricted, do not drop the test until we have safe option) */
3254 FAIL_((r = crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE)), "Unmet requirements detected");
3256 remove(BACKUP_FILE);
3258 /* crypt_token_json_set (restricted) */
3259 FAIL_((r = crypt_token_json_set(cd, CRYPT_ANY_TOKEN, json)), "Unmet requirements detected");
3262 /* crypt_token_json_get (unrestricted) */
3263 OK_(crypt_token_json_get(cd, 0, &token));
3264 NOTNULL_(strstr(token, "user_type"));
3266 /* crypt_token_status (unrestricted) */
3267 EQ_(crypt_token_status(cd, 0, &token), CRYPT_TOKEN_EXTERNAL_UNKNOWN);
3268 OK_(strcmp(token, "user_type"));
3269 EQ_(crypt_token_status(cd, 1, &token), CRYPT_TOKEN_INTERNAL);
3270 OK_(strcmp(token, "luks2-keyring"));
3271 EQ_(crypt_token_status(cd, 2, NULL), CRYPT_TOKEN_INACTIVE);
3272 EQ_(crypt_token_status(cd, 6, &token), CRYPT_TOKEN_INTERNAL_UNKNOWN);
3274 /* crypt_token_luks2_keyring_set (restricted) */
3275 FAIL_((r = crypt_token_luks2_keyring_set(cd, CRYPT_ANY_TOKEN, ¶ms)), "Unmet requirements detected");
3278 /* crypt_token_luks2_keyring_get (unrestricted) */
3279 EQ_(crypt_token_luks2_keyring_get(cd, 1, ¶ms_get), 1);
3280 OK_(strcmp(params_get.key_description, KEY_DESC_TEST0));
3282 /* crypt_token_assign_keyslot (unrestricted) */
3283 FAIL_((r = crypt_token_assign_keyslot(cd, 0, 1)), "Unmet requirements detected");
3286 /* crypt_token_unassign_keyslot (unrestricted) */
3287 FAIL_((r = crypt_token_unassign_keyslot(cd, CRYPT_ANY_TOKEN, CRYPT_ANY_SLOT)), "Unmet requirements detected");
3290 /* crypt_activate_by_token (restricted for activation only) */
3291 #ifdef KERNEL_KEYRING
3292 if (t_dm_crypt_keyring_support()) {
3293 FAIL_((r = crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0)), ""); // supposed to be silent
3295 OK_(crypt_activate_by_token(cd, NULL, 1, NULL, 0));
3296 OK_(crypt_activate_by_token(cd, NULL, 1, NULL, CRYPT_ACTIVATE_KEYRING_KEY));
3299 OK_(get_luks2_offsets(1, 8192, 0, NULL, &r_payload_offset));
3300 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 2));
3301 //OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" NO_REQS_LUKS2_HEADER " bs=4096 2>/dev/null", 1));
3302 OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3304 /* need to fake activated LUKSv2 device with requirements features */
3306 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3307 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
3308 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, 0));
3309 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
3310 /* replace header with no requirements */
3311 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3314 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DEVICE_5));
3316 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3318 /* crypt_header_restore (restricted with confirmation required) */
3319 /* allow force restore over device header w/ requirements */
3320 OK_(crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE));
3321 remove(BACKUP_FILE);
3322 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3323 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE)); /* create backup with requirements */
3325 /* crypt_suspend (restricted) */
3326 FAIL_((r = crypt_suspend(cd, CDEVICE_1)), "Unmet requirements detected");
3330 /* replace header again to suspend the device */
3331 OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3332 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3333 OK_(crypt_suspend(cd, CDEVICE_1));
3335 /* crypt_header_restore (restricted, do not drop the test until we have safe option) */
3336 /* refuse to overwrite header w/ backup including requirements */
3337 FAIL_((r = crypt_header_restore(cd, CRYPT_LUKS2, BACKUP_FILE)), "Unmet requirements detected");
3342 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3343 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3345 /* crypt_resume_by_passphrase (restricted) */
3346 FAIL_((r = crypt_resume_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3)), "Unmet requirements detected");
3349 /* crypt_resume_by_keyfile (restricted) */
3350 FAIL_((r = crypt_resume_by_keyfile(cd, CDEVICE_1, 0, KEYFILE1, 0)), "Unmet requirements detected");
3353 /* crypt_resume_by_keyfile_offset (restricted) */
3354 FAIL_((r = crypt_resume_by_keyfile_offset(cd, CDEVICE_1, 0, KEYFILE1, 0, 0)), "Unmet requirements detected");
3358 OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3359 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3360 OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3));
3362 OK_(_system("dd if=" REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
3364 OK_(crypt_init_by_name(&cd, CDEVICE_1));
3365 /* load VK in keyring */
3366 OK_(crypt_activate_by_passphrase(cd, NULL, 0, "aaa", 3, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
3367 /* crypt_resize (restricted) */
3368 FAIL_((r = crypt_resize(cd, CDEVICE_1, 1)), "Unmet requirements detected");
3370 EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
3372 /* crypt_get_active_device (unrestricted) */
3373 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3374 #ifdef KERNEL_KEYRING
3375 if (t_dm_crypt_keyring_support())
3376 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY);
3379 /* crypt_deactivate (unrestricted) */
3380 OK_(crypt_deactivate(cd, CDEVICE_1));
3382 /* crypt_token_is_assigned (unrestricted) */
3383 OK_(crypt_token_is_assigned(cd, 1, 0));
3384 OK_(crypt_token_is_assigned(cd, 6, 0));
3385 EQ_(crypt_token_is_assigned(cd, 0, 0), -ENOENT);
3387 /* crypt_keyslot_destroy (unrestricted) */
3388 OK_(crypt_keyslot_destroy(cd, 0));
3391 _cleanup_dmdevices();
3394 static void Luks2Integrity(void)
3396 struct crypt_params_integrity ip = {};
3397 struct crypt_params_luks2 params = {
3399 .integrity = "hmac(sha256)"
3401 size_t key_size = 32 + 32;
3402 const char *passphrase = "blabla";
3403 const char *cipher = "aes";
3404 const char *cipher_mode = "xts-random";
3407 // FIXME: This is just a stub
3408 OK_(crypt_init(&cd, DEVICE_2));
3409 ret = crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size, ¶ms);
3411 printf("WARNING: cannot format integrity device, skipping test.\n");
3416 EQ_(crypt_keyslot_add_by_volume_key(cd, 7, NULL, key_size, passphrase, strlen(passphrase)), 7);
3417 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_2, 7, passphrase, strlen(passphrase) ,0), 7);
3418 EQ_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
3421 OK_(crypt_init_by_name_and_header(&cd, CDEVICE_2, NULL));
3422 OK_(crypt_get_integrity_info(cd, &ip));
3423 OK_(strcmp(cipher, crypt_get_cipher(cd)));
3424 OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
3425 OK_(strcmp("hmac(sha256)", ip.integrity));
3426 EQ_(32, ip.integrity_key_size);
3427 EQ_(32+16, ip.tag_size);
3428 OK_(crypt_deactivate(cd, CDEVICE_2));
3431 OK_(crypt_init(&cd, DEVICE_2));
3432 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, key_size - 32, ¶ms), "Wrong key size.");
3433 FAIL_(crypt_format(cd, CRYPT_LUKS2, cipher, "xts-plainx", NULL, NULL, key_size, ¶ms), "Wrong cipher.");
3437 static int set_fast_pbkdf(struct crypt_device *cd)
3439 struct crypt_pbkdf_type pbkdf = {
3443 .max_memory_kb = 32,
3444 .parallel_threads = 1,
3445 .flags = CRYPT_PBKDF_NO_BENCHMARK
3448 /* Cannot use Argon2 in FIPS */
3450 pbkdf.type = CRYPT_KDF_PBKDF2;
3451 pbkdf.parallel_threads = 0;
3452 pbkdf.max_memory_kb = 0;
3453 pbkdf.iterations = 1000;
3455 return crypt_set_pbkdf_type(cd, &pbkdf);
3458 static int check_flag(uint32_t flags, uint32_t flag)
3460 return (flags & flag) ? 0 : -1;
3463 static void Luks2Refresh(void)
3465 uint64_t r_payload_offset;
3466 char key[128], key1[128];
3467 const char *cipher = "aes", *mode = "xts-plain64";
3468 const char *mk_hex = "bb21158c733229347bd4e681891e213d94c645be6a5b84818afe7a78a6de7a1a";
3469 const char *mk_hex2 = "bb22158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
3470 size_t key_size = strlen(mk_hex) / 2;
3471 struct crypt_params_luks2 params = {
3475 struct crypt_active_device cad = {};
3477 crypt_decode_key(key, mk_hex, key_size);
3478 crypt_decode_key(key1, mk_hex2, key_size);
3480 OK_(get_luks2_offsets(1, 0, 0, NULL, &r_payload_offset));
3481 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
3482 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset + 5000));
3483 OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
3484 OK_(create_dmdevice_over_loop(H_DEVICE, r_payload_offset));
3486 /* prepare test device */
3487 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3488 OK_(set_fast_pbkdf(cd));
3489 OK_(crypt_format(cd, CRYPT_LUKS2, cipher, mode, NULL, key, 32, NULL));
3490 OK_(crypt_keyslot_add_by_volume_key(cd, CRYPT_ANY_SLOT, key, 32, "aaa", 3));
3491 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, 0));
3493 /* check we can refresh significant flags */
3494 if (t_dm_crypt_discard_support()) {
3495 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_ALLOW_DISCARDS));
3496 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3497 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_ALLOW_DISCARDS));
3501 if (t_dm_crypt_cpu_switch_support()) {
3502 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SAME_CPU_CRYPT));
3503 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3504 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SAME_CPU_CRYPT));
3507 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3508 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3509 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3512 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3513 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3514 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3518 OK_(crypt_volume_key_keyring(cd, 0));
3519 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH));
3520 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3521 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_KEYRING_KEY), "Unexpected flag raised.");
3524 #ifdef KERNEL_KEYRING
3525 if (t_dm_crypt_keyring_support()) {
3526 OK_(crypt_volume_key_keyring(cd, 1));
3527 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH));
3528 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3529 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_KEYRING_KEY));
3534 /* multiple flags at once */
3535 if (t_dm_crypt_discard_support() && t_dm_crypt_cpu_switch_support()) {
3536 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS | CRYPT_ACTIVATE_ALLOW_DISCARDS));
3537 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3538 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS | CRYPT_ACTIVATE_ALLOW_DISCARDS));
3542 /* do not allow reactivation with read-only (and drop flag silently because activation behaves exactly same) */
3543 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_READONLY));
3544 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3545 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_READONLY), "Reactivated with read-only flag.");
3548 /* reload flag is dropped silently */
3549 OK_(crypt_deactivate(cd, CDEVICE_1));
3550 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH));
3552 /* check read-only flag is not lost after reload */
3553 OK_(crypt_deactivate(cd, CDEVICE_1));
3554 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_READONLY));
3555 OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH));
3556 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3557 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_READONLY));
3560 /* check LUKS2 with auth. enc. reload */
3561 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
3562 if (!crypt_format(cd2, CRYPT_LUKS2, "aes", "gcm-random", crypt_get_uuid(cd), key, 32, ¶ms)) {
3563 OK_(crypt_keyslot_add_by_volume_key(cd2, 0, key, 32, "aaa", 3));
3564 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, 32, 0));
3565 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, 32, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_NO_JOURNAL));
3566 OK_(crypt_get_active_device(cd2, CDEVICE_2, &cad));
3567 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_NO_JOURNAL));
3569 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, 32, CRYPT_ACTIVATE_REFRESH | CRYPT_ACTIVATE_NO_JOURNAL | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3570 OK_(crypt_get_active_device(cd2, CDEVICE_2, &cad));
3571 OK_(check_flag(cad.flags, CRYPT_ACTIVATE_NO_JOURNAL | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS));
3573 OK_(crypt_activate_by_passphrase(cd2, CDEVICE_2, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH));
3574 OK_(crypt_get_active_device(cd2, CDEVICE_2, &cad));
3575 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_NO_JOURNAL), "");
3576 FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS), "");
3577 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH), "Refreshed LUKS2 device with LUKS2/aead context");
3578 OK_(crypt_deactivate(cd2, CDEVICE_2));
3580 printf("WARNING: cannot format integrity device, skipping few reload tests.\n");
3584 /* Use LUKS1 context on LUKS2 device */
3585 OK_(crypt_init(&cd2, DMDIR L_DEVICE_1S));
3586 OK_(crypt_format(cd2, CRYPT_LUKS1, cipher, mode, crypt_get_uuid(cd), key, 32, NULL));
3587 OK_(crypt_keyslot_add_by_volume_key(cd2, CRYPT_ANY_SLOT, NULL, 32, "aaa", 3));
3588 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH), "Refreshed LUKS2 device with LUKS1 context");
3591 /* Use PLAIN context on LUKS2 device */
3592 OK_(crypt_init(&cd2, DMDIR L_DEVICE_1S));
3593 OK_(crypt_format(cd2, CRYPT_PLAIN, cipher, mode, NULL, key, 32, NULL));
3594 OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
3595 FAIL_(crypt_activate_by_volume_key(cd2, CDEVICE_1, key, key_size, CRYPT_ACTIVATE_REFRESH), "Refreshed LUKS2 device with PLAIN context");
3596 OK_(crypt_deactivate(cd2, CDEVICE_2));
3599 /* (snapshot-like case) */
3600 /* try to refresh almost identical device (differs only in major:minor of data device) */
3601 OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
3602 OK_(set_fast_pbkdf(cd2));
3603 OK_(crypt_format(cd2, CRYPT_LUKS2, cipher, mode, crypt_get_uuid(cd), key, 32, NULL));
3604 OK_(crypt_keyslot_add_by_volume_key(cd2, CRYPT_ANY_SLOT, key, 32, "aaa", 3));
3605 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, 0, "aaa", 3, CRYPT_ACTIVATE_REFRESH), "Refreshed dm-crypt mapped over mismatching data device");
3607 OK_(crypt_deactivate(cd, CDEVICE_1));
3612 _cleanup_dmdevices();
3615 static void Luks2Flags(void)
3617 uint32_t flags = 42;
3619 OK_(crypt_init(&cd, DEVICE_1));
3620 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3622 /* check library erase passed variable on success when no flags set */
3623 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
3626 /* check set and get behave as expected */
3627 flags = CRYPT_ACTIVATE_ALLOW_DISCARDS;
3628 OK_(crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, flags));
3630 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
3631 EQ_(flags, CRYPT_ACTIVATE_ALLOW_DISCARDS);
3633 flags = CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS;
3634 OK_(crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, flags));
3635 flags = (uint32_t)~0;
3636 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
3637 EQ_(flags,CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS);
3642 static int test_progress(uint64_t size, uint64_t offset, void *usrptr)
3644 while (--test_progress_steps)
3649 static void Luks2Reencryption(void)
3651 /* reencryption currently depends on kernel keyring support */
3654 * - reencryption requires luks2 parameters. can we avoid it?
3657 uint64_t r_header_size, r_size_1;
3658 struct crypt_active_device cad;
3659 struct crypt_pbkdf_type pbkdf = {
3660 .type = CRYPT_KDF_ARGON2I,
3662 .parallel_threads = 1,
3663 .max_memory_kb = 128,
3665 .flags = CRYPT_PBKDF_NO_BENCHMARK
3667 struct crypt_params_luks2 params2 = {
3671 struct crypt_params_reencrypt retparams = {}, rparams = {
3672 .direction = CRYPT_REENCRYPT_FORWARD,
3673 .resilience = "checksum",
3678 /* reencryption currently depends on kernel keyring support in dm-crypt */
3679 if (!t_dm_crypt_keyring_support())
3682 /* Cannot use Argon2 in FIPS */
3684 pbkdf.type = CRYPT_KDF_PBKDF2;
3685 pbkdf.parallel_threads = 0;
3686 pbkdf.max_memory_kb = 0;
3687 pbkdf.iterations = 1000;
3690 OK_(get_luks2_offsets(0, 0, 0, &r_header_size, NULL));
3691 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
3692 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 16));
3695 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3696 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3697 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3698 EQ_(crypt_keyslot_add_by_volume_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 21);
3700 /* add several unbound keys */
3701 EQ_(crypt_keyslot_add_by_key(cd, 9, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
3702 EQ_(crypt_keyslot_add_by_key(cd, 10, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 10);
3703 EQ_(crypt_keyslot_add_by_key(cd, 11, NULL, 42, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 11);
3704 EQ_(crypt_keyslot_status(cd, 21), CRYPT_SLOT_ACTIVE_LAST);
3706 /* test cipher parameters validation */
3707 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 11, "aes", "xts-plain64", &rparams), "Cipher not compatible with new volume key size.");
3708 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 10, "tHeHamstErciphErr", "xts-plain64", &rparams), "Wrong cipher.");
3709 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 10, "aes", "HamSterMoOode-plain64", &rparams), "Wrong mode.");
3711 /* test reencryption flags */
3712 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3713 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption not initialized.");
3714 rparams.flags |= CRYPT_REENCRYPT_INITIALIZE_ONLY;
3715 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid flags combination.");
3717 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3718 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0);
3719 FAIL_(crypt_reencrypt(cd, NULL), "Reencryption context not initialized.");
3721 rparams.flags &= ~CRYPT_REENCRYPT_RESUME_ONLY;
3722 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3723 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3724 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3726 /* check reencrypt status is correct */
3727 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
3728 EQ_(retparams.mode, CRYPT_REENCRYPT_REENCRYPT);
3729 EQ_(retparams.direction, CRYPT_REENCRYPT_FORWARD);
3730 EQ_(retparams.data_shift, 0);
3731 EQ_(retparams.device_size, 0);
3733 /* check reencryption flag in metadata */
3734 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3735 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3737 /* some parameters are expected to change immediately after reencryption initialization */
3738 EQ_(crypt_get_volume_key_size(cd), 64);
3739 OK_(strcmp(crypt_get_cipher_mode(cd), "xts-plain64"));
3740 EQ_(crypt_get_sector_size(cd), 4096);
3741 /* reencrypt keyslot must be unbound */
3742 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_UNBOUND);
3743 /* keyslot assigned to new segment is switched to last active */
3744 EQ_(crypt_keyslot_status(cd, 9), CRYPT_SLOT_ACTIVE_LAST);
3745 /* keyslot assigned to old segment remains active */
3746 EQ_(crypt_keyslot_status(cd, 21), CRYPT_SLOT_ACTIVE);
3748 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 10, "aes", "xts-plain", &rparams), "Reencryption already initialized.");
3751 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3752 OK_(crypt_reencrypt(cd, NULL));
3754 /* check keyslots are reassigned to segment after reencryption */
3755 EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_INACTIVE);
3756 EQ_(crypt_keyslot_status(cd, 9), CRYPT_SLOT_ACTIVE_LAST);
3757 EQ_(crypt_keyslot_status(cd, 10), CRYPT_SLOT_UNBOUND);
3758 EQ_(crypt_keyslot_status(cd, 11), CRYPT_SLOT_UNBOUND);
3759 EQ_(crypt_keyslot_status(cd, 21), CRYPT_SLOT_INACTIVE);
3761 EQ_(crypt_keyslot_add_by_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 21);
3762 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
3763 params2.sector_size = 512;
3764 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
3766 /* fixed device size parameter impact */
3767 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3768 rparams.device_size = 24;
3769 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size.");
3770 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3771 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3772 rparams.device_size = 15;
3773 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size alignment.");
3774 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3775 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3776 FAIL_(crypt_reencrypt(cd, NULL), "Reencryption context not initialized.");
3777 rparams.device_size = 16;
3778 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
3779 OK_(crypt_reencrypt(cd, NULL));
3780 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3781 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0);
3783 /* limited hotzone size parameter impact */
3784 EQ_(crypt_keyslot_add_by_key(cd, 9, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
3785 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
3786 rparams.device_size = 0;
3787 params2.sector_size = 4096;
3788 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3790 /* max hotzone size parameter impact */
3791 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3792 rparams.max_hotzone_size = 1;
3793 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid hotzone size alignment.");
3794 rparams.max_hotzone_size = 24; /* should be ok. Device size is 16 sectors and the parameter defines upper limit, not lower */
3795 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3796 rparams.max_hotzone_size = 8;
3797 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3800 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3801 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3802 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3804 rparams.max_hotzone_size = 0;
3805 rparams.resilience = "haMster";
3806 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid resilience mode.");
3807 rparams.resilience = "checksum";
3808 rparams.hash = "hamSter";
3809 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid resilience hash.");
3811 rparams.hash = "sha1";
3812 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
3813 OK_(crypt_reencrypt(cd, NULL));
3815 /* FIXME: this is a bug, but not critical (data shift parameter is ignored after initialization) */
3816 //rparams.data_shift = 8;
3817 //FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid reencryption parameters.");
3819 EQ_(crypt_keyslot_add_by_key(cd, 21, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 21);
3821 rparams.resilience = "none";
3822 rparams.max_hotzone_size = 2048;
3823 /* online reencryption on inactive device */
3824 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Device is not active.");
3825 /* FIXME: this is minor bug. In fact we need only key from keyslot 9 */
3826 //EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 9, PASSPHRASE, strlen(PASSPHRASE), 0), 9);
3827 NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Failed to activate device.");
3828 /* offline reencryption on active device */
3829 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Device mounted or active.");
3830 OK_(crypt_deactivate(cd, CDEVICE_1));
3831 /* Wrong context checks */
3832 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
3833 /* cd is ready for reencryption */
3834 OK_(crypt_init(&cd2, DMDIR L_DEVICE_OK));
3835 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
3836 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3837 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running.");
3839 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running.");
3840 FAIL_(crypt_reencrypt(cd2, NULL), "Invalid reencryption context.");
3841 OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3842 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3843 OK_(crypt_persistent_flags_get(cd2, CRYPT_FLAGS_REQUIREMENTS, &getflags));
3844 EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
3845 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
3846 EQ_(crypt_reencrypt_status(cd2, NULL), CRYPT_REENCRYPT_CLEAN);
3847 FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress.");
3848 FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress.");
3849 OK_(crypt_reencrypt(cd, NULL));
3853 /* Partial device reencryption parameter */
3854 params2.sector_size = 512;
3855 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3856 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3857 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3858 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
3859 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3861 rparams.device_size = 2;
3862 rparams.max_hotzone_size = 1;
3863 rparams.resilience = "none";
3864 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
3866 /* interrupt reencryption after 'test_progress_steps' */
3867 test_progress_steps = 1;
3868 OK_(crypt_reencrypt(cd, &test_progress));
3869 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
3871 NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Could not activate device in reencryption.");
3872 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3874 EQ_(cad.offset, r_header_size);
3875 /* TODO: this should work in future releases unless reencryption process is running */
3876 FAIL_(crypt_resize(cd, CDEVICE_1, 1), "Device in reencryption.");
3877 FAIL_(crypt_resize(cd, CDEVICE_1, 0), "Device in reencryption.");
3879 rparams.max_hotzone_size = 0;
3880 rparams.device_size = 3;
3881 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Invalid device size.");
3882 crypt_deactivate(cd, CDEVICE_1);
3883 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Invalid device size.");
3884 rparams.device_size = 2;
3885 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3886 NOTFAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Failed to initialize reencryption.");
3887 OK_(crypt_reencrypt(cd, NULL));
3888 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
3889 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
3890 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3891 /* after reencryption use whole device again */
3893 OK_(crypt_deactivate(cd, CDEVICE_1));
3895 /* Reencrypt device with wrong size */
3896 EQ_(crypt_keyslot_add_by_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 0);
3897 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
3898 OK_(crypt_resize(cd, CDEVICE_1, 7));
3899 rparams.device_size = 0;
3901 params2.sector_size = 4096;
3902 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), "Active device size is not aligned to new sector size.");
3903 rparams.device_size = 8;
3904 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), "Reduced reencryption size does not match active device.");
3905 /* FIXME: allow after resize in reencryption is supported */
3906 //NOTFAIL_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY | CRYPT_ACTIVATE_KEYRING_KEY), "Failed to load keys.");
3907 // OK_(crypt_resize(cd, CDEVICE_1, 8));
3908 OK_(crypt_deactivate(cd, CDEVICE_1));
3911 params2.sector_size = 512;
3912 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3913 OK_(crypt_init(&cd2, DMDIR H_DEVICE));
3914 OK_(crypt_set_data_offset(cd2, r_header_size - 8));
3915 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3916 OK_(crypt_set_pbkdf_type(cd2, &pbkdf));
3917 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3918 OK_(crypt_format(cd2, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3919 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
3920 EQ_(crypt_keyslot_add_by_volume_key(cd2, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
3921 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3922 EQ_(crypt_keyslot_add_by_key(cd2, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3923 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
3924 EQ_(crypt_activate_by_passphrase(cd2, CDEVICE_2, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
3925 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
3926 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
3927 EQ_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
3928 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3929 /* reference wrong device in active device name */
3930 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Wrong device.");
3931 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Wrong device.");
3932 EQ_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
3933 FAIL_(crypt_set_data_device(cd2, DMDIR L_DEVICE_OK), "Device in reencryption.");
3934 OK_(crypt_deactivate(cd, CDEVICE_1));
3935 OK_(crypt_deactivate(cd2, CDEVICE_2));
3939 /* data shift related tests */
3940 params2.sector_size = 512;
3941 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3942 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3943 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3944 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
3945 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
3946 memset(&rparams, 0, sizeof(rparams));
3947 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
3948 rparams.resilience = "datashift";
3949 rparams.data_shift = 8;
3950 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
3951 rparams.luks2 = ¶ms2;
3952 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
3953 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
3954 EQ_(retparams.data_shift, 8);
3955 EQ_(retparams.mode, CRYPT_REENCRYPT_REENCRYPT);
3956 OK_(strcmp(retparams.resilience, "datashift"));
3957 EQ_(crypt_get_data_offset(cd), 32776);
3958 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3959 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
3960 OK_(crypt_reencrypt(cd, NULL));
3962 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3963 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3964 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3965 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
3966 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
3968 EQ_(crypt_get_data_offset(cd), 32776);
3969 OK_(crypt_deactivate(cd, CDEVICE_1));
3971 EQ_(crypt_keyslot_add_by_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 0);
3972 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), "Device is too small.");
3974 // BUG: We need reencrypt abort flag
3975 /* it fails, but it's already initialized and we have no way to abort yet */
3976 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3977 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
3978 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
3979 EQ_(crypt_keyslot_add_by_volume_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 1);
3980 EQ_(crypt_keyslot_add_by_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 0);
3981 rparams.direction = CRYPT_REENCRYPT_FORWARD;
3982 rparams.resilience = "datashift";
3983 rparams.data_shift = 8;
3984 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
3985 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2);
3986 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
3987 EQ_(retparams.data_shift, 8);
3988 EQ_(retparams.mode, CRYPT_REENCRYPT_REENCRYPT);
3989 OK_(strcmp(retparams.resilience, "datashift"));
3990 EQ_(crypt_get_data_offset(cd), 32760);
3991 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
3992 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2);
3993 OK_(crypt_reencrypt(cd, NULL));
3995 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
3996 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
3997 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
3998 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4000 EQ_(crypt_get_data_offset(cd), 32760);
4001 OK_(crypt_deactivate(cd, CDEVICE_1));
4004 /* data shift with online device */
4005 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4006 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4007 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4008 EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
4009 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4010 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4011 rparams.resilience = "datashift";
4012 rparams.data_shift = 8;
4014 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), 0), 0);
4015 FAIL_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Active device too large.");
4016 OK_(crypt_deactivate(cd, CDEVICE_1));
4017 NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Failed to activate device in reencryption.");
4018 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4020 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4021 EQ_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
4022 OK_(crypt_reencrypt(cd, NULL));
4023 OK_(crypt_deactivate(cd, CDEVICE_1));
4026 _cleanup_dmdevices();
4028 /* encryption with datashift and moved segment (limit values for data shift) */
4029 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4030 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2));
4032 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4034 memset(&rparams, 0, sizeof(rparams));
4035 params2.sector_size = 512;
4036 params2.data_device = DMDIR L_DEVICE_OK;
4037 rparams.mode = CRYPT_REENCRYPT_ENCRYPT;
4038 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4039 rparams.resilience = "datashift";
4040 rparams.data_shift = 8192;
4041 rparams.luks2 = ¶ms2;
4042 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;
4043 OK_(crypt_set_data_offset(cd, 8192));
4044 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4045 EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 30);
4046 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), 0);
4048 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4049 OK_(crypt_header_restore(cd, CRYPT_LUKS2, DMDIR H_DEVICE));
4051 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4052 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4053 EQ_(crypt_reencrypt_status(cd, &retparams), CRYPT_REENCRYPT_CLEAN);
4054 EQ_(retparams.mode, CRYPT_REENCRYPT_ENCRYPT);
4055 OK_(strcmp(retparams.resilience, "datashift"));
4056 EQ_(retparams.data_shift, 8192);
4057 EQ_(retparams.flags & CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT, CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT);
4058 EQ_(crypt_get_data_offset(cd), 8192);
4059 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4060 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
4061 OK_(crypt_reencrypt(cd, NULL));
4064 _cleanup_dmdevices();
4065 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4066 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2+1));
4068 /* encryption with datashift and moved segment (data shift + 1 sector) */
4069 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4070 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;
4071 OK_(crypt_set_data_offset(cd, 8192));
4072 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4073 EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 30);
4074 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), 0);
4076 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4077 OK_(crypt_header_restore(cd, CRYPT_LUKS2, DMDIR H_DEVICE));
4078 EQ_(crypt_get_data_offset(cd), 8192);
4079 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4080 EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
4081 OK_(crypt_reencrypt(cd, NULL));
4084 _cleanup_dmdevices();
4085 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4086 OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2));
4088 OK_(crypt_init(&cd, DMDIR H_DEVICE));
4090 /* encryption with datashift and moved segment (data shift + data offset > device size) */
4091 memset(&rparams, 0, sizeof(rparams));
4092 params2.sector_size = 512;
4093 params2.data_device = DMDIR L_DEVICE_OK;
4094 rparams.mode = CRYPT_REENCRYPT_ENCRYPT;
4095 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4096 rparams.resilience = "datashift";
4097 rparams.data_shift = 8200;
4098 rparams.luks2 = ¶ms2;
4099 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;
4100 OK_(crypt_set_data_offset(cd, 8200));
4101 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, ¶ms2));
4102 EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen(PASSPHRASE)), 30);
4103 FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), "Data device is too small");
4104 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
4107 _cleanup_dmdevices();
4108 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4109 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 1));
4111 /* decryption backward */
4112 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4113 params2.data_device = NULL;
4114 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4115 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4116 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4117 memset(&rparams, 0, sizeof(rparams));
4118 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4119 rparams.direction = CRYPT_REENCRYPT_BACKWARD;
4120 rparams.resilience = "none";
4121 rparams.max_hotzone_size = 2048;
4122 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4123 OK_(crypt_reencrypt(cd, NULL));
4125 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4126 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4127 EQ_(crypt_get_data_offset(cd), r_header_size);
4128 EQ_(crypt_get_volume_key_size(cd), 0);
4129 OK_(strcmp(crypt_get_cipher(cd), "cipher_null"));
4132 /* decryption forward */
4133 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4134 params2.data_device = NULL;
4135 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4136 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4137 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4138 memset(&rparams, 0, sizeof(rparams));
4139 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4140 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4141 rparams.resilience = "none";
4142 rparams.max_hotzone_size = 2048;
4143 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4144 OK_(crypt_reencrypt(cd, NULL));
4147 /* decryption with data shift */
4148 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4149 params2.data_device = NULL;
4150 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4151 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4152 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4153 remove(BACKUP_FILE);
4154 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
4156 // FIXME: we need write flock
4157 OK_(chmod(BACKUP_FILE, S_IRUSR|S_IWUSR));
4158 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4159 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4160 EQ_(crypt_get_data_offset(cd), r_header_size);
4161 memset(&rparams, 0, sizeof(rparams));
4162 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4163 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4164 rparams.resilience = "datashift";
4165 rparams.data_shift = r_header_size;
4166 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4167 EQ_(crypt_get_data_offset(cd), 0);
4168 OK_(crypt_reencrypt(cd, NULL));
4169 remove(BACKUP_FILE);
4172 /* online decryption with data shift (future feature) */
4173 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4174 params2.data_device = NULL;
4175 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4176 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4177 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4178 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_2, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4179 OK_(t_device_size(DMDIR CDEVICE_2, &r_size_1));
4181 // create placeholder device to block automatic deactivation after decryption
4182 OK_(_system("dmsetup create " CDEVICE_1 " --table \"0 1 linear " DMDIR CDEVICE_2 " 0\"", 1));
4183 remove(BACKUP_FILE);
4184 OK_(crypt_header_backup(cd, CRYPT_LUKS2, BACKUP_FILE));
4186 // FIXME: we need write flock
4187 OK_(chmod(BACKUP_FILE, S_IRUSR|S_IWUSR));
4188 OK_(crypt_init_data_device(&cd, BACKUP_FILE, DMDIR L_DEVICE_OK));
4189 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4190 EQ_(crypt_get_data_offset(cd), r_header_size);
4191 memset(&rparams, 0, sizeof(rparams));
4192 rparams.mode = CRYPT_REENCRYPT_DECRYPT;
4193 rparams.direction = CRYPT_REENCRYPT_FORWARD;
4194 rparams.resilience = "datashift";
4195 rparams.data_shift = r_header_size;
4196 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
4197 EQ_(crypt_get_data_offset(cd), 0);
4198 OK_(crypt_reencrypt(cd, NULL));
4199 remove(BACKUP_FILE);
4200 OK_(t_device_size(DMDIR CDEVICE_2, &r_size_1));
4202 OK_(_system("dmsetup remove " DM_RETRY CDEVICE_1 DM_NOSTDERR, 0));
4205 _cleanup_dmdevices();
4206 OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
4207 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size));
4208 OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_header_size));
4210 /* check detached header misuse (mismatching keys in table and mda) */
4211 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
4212 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4213 params2.data_device = DMDIR L_DEVICE_WRONG;
4214 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4215 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4216 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4217 /* activate second device using same header */
4218 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4219 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4220 OK_(crypt_set_pbkdf_type(cd2, &pbkdf));
4221 EQ_(crypt_activate_by_passphrase(cd2, CDEVICE_2, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
4223 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4225 memset(&rparams, 0, sizeof(rparams));
4226 rparams.resilience = "none";
4227 rparams.max_hotzone_size = 16*2048;
4228 rparams.luks2 = ¶ms2;
4230 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
4231 OK_(crypt_reencrypt(cd, NULL));
4233 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4234 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4235 OK_(crypt_set_pbkdf_type(cd2, &pbkdf));
4236 EQ_(crypt_keyslot_add_by_key(cd2, 2, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 2);
4237 rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY;
4238 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 1, 2, "aes", "cbc-essiv:sha256", &rparams), "Mismatching parameters in device table.");
4239 OK_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 2, "aes", "cbc-essiv:sha256", &rparams));
4240 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4241 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 1, 2, "aes", "cbc-essiv:sha256", &rparams), "Mismatching parameters in device table.");
4242 OK_(crypt_deactivate(cd, CDEVICE_1));
4243 OK_(crypt_deactivate(cd2, CDEVICE_2));
4247 /* check detached header misuse (mismatching progress data in active device and mda) */
4248 OK_(crypt_init(&cd, IMAGE_EMPTY_SMALL));
4249 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4250 params2.data_device = DMDIR L_DEVICE_WRONG;
4251 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4252 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4253 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4255 rparams.max_hotzone_size = 8;
4256 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
4257 /* reencrypt 8 srectors of device */
4258 test_progress_steps = 1;
4259 OK_(crypt_reencrypt(cd, &test_progress));
4261 /* activate another data device with same LUKS2 header (this is wrong, but we can't detect such mistake) */
4262 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4263 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4264 NOTFAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_2, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Failed to activate device in reencryption.");
4267 /* reencrypt yet another 8 sectors of first device */
4268 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4269 OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
4270 test_progress_steps = 1;
4271 OK_(crypt_reencrypt(cd, &test_progress));
4273 /* Now active mapping for second data device does not match its metadata */
4274 OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
4275 OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
4276 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4277 FAIL_(crypt_reencrypt_init_by_passphrase(cd2, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams), "Mismatching device table.");
4278 OK_(crypt_deactivate(cd2, CDEVICE_2));
4282 _cleanup_dmdevices();
4283 OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_header_size + 16));
4285 /* Test LUKS2 reencryption honors flags device was activate with */
4286 OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
4287 OK_(crypt_set_pbkdf_type(cd, &pbkdf));
4288 params2.sector_size = 512;
4289 params2.data_device = NULL;
4290 OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, ¶ms2));
4291 EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
4292 OK_(crypt_volume_key_keyring(cd, 0)); /* disable keyring */
4293 EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 6, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_ALLOW_DISCARDS), 6);
4294 OK_(crypt_volume_key_keyring(cd, 1));
4295 rparams.mode = CRYPT_REENCRYPT_REENCRYPT;
4296 rparams.direction = CRYPT_REENCRYPT_FORWARD,
4297 rparams.resilience = "none",
4298 rparams.max_hotzone_size = 8;
4299 rparams.luks2 = ¶ms2;
4301 EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
4302 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams));
4303 test_progress_steps = 1;
4304 OK_(crypt_reencrypt(cd, &test_progress));
4305 EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
4306 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4307 EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS);
4308 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0);
4310 OK_(crypt_init_by_name(&cd, CDEVICE_1));
4311 rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
4312 OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams));
4313 OK_(crypt_reencrypt(cd, NULL));
4314 OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
4315 EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS);
4316 EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0);
4317 OK_(crypt_deactivate(cd, CDEVICE_1));
4320 _cleanup_dmdevices();
4324 static void Luks2Repair(void)
4328 snprintf(rollback, sizeof(rollback),
4329 "dd if=" IMAGE_PV_LUKS2_SEC ".bcp of=%s bs=1M 2>/dev/null",
4332 OK_(crypt_init(&cd, DEVICE_6));
4334 FAIL_(crypt_load(cd, CRYPT_LUKS, NULL), "Ambiguous signature detected");
4335 FAIL_(crypt_repair(cd, CRYPT_LUKS1, NULL), "Not a LUKS2 device");
4337 /* check explicit LUKS2 repair works */
4338 OK_(crypt_repair(cd, CRYPT_LUKS2, NULL));
4339 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
4341 OK_(crypt_init(&cd, DEVICE_6));
4344 OK_(_system(rollback, 1));
4345 FAIL_(crypt_load(cd, CRYPT_LUKS, NULL), "Ambiguous signature detected");
4347 /* check repair with type detection works */
4348 OK_(crypt_repair(cd, CRYPT_LUKS, NULL));
4349 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4352 /* repeat with locking disabled (must not have any effect) */
4353 OK_(_system(rollback, 1));
4354 OK_(crypt_init(&cd, DEVICE_6));
4355 OK_(crypt_metadata_locking(cd, 0));
4357 FAIL_(crypt_load(cd, CRYPT_LUKS, NULL), "Ambiguous signature detected");
4358 FAIL_(crypt_repair(cd, CRYPT_LUKS1, NULL), "Not a LUKS2 device");
4360 /* check explicit LUKS2 repair works */
4361 OK_(crypt_repair(cd, CRYPT_LUKS2, NULL));
4362 OK_(crypt_load(cd, CRYPT_LUKS, NULL));
4364 OK_(crypt_init(&cd, DEVICE_6));
4367 OK_(_system(rollback, 1));
4368 FAIL_(crypt_load(cd, CRYPT_LUKS, NULL), "Ambiguous signature detected");
4370 /* check repair with type detection works */
4371 OK_(crypt_repair(cd, CRYPT_LUKS, NULL));
4372 OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
4376 static void int_handler(int sig __attribute__((__unused__)))
4381 int main(int argc, char *argv[])
4383 struct sigaction sa = { .sa_handler = int_handler };
4386 if (getuid() != 0) {
4387 printf("You must be root to run this test.\n");
4390 #ifndef NO_CRYPTSETUP_PATH
4391 if (getenv("CRYPTSETUP_PATH")) {
4392 printf("Cannot run this test with CRYPTSETUP_PATH set.\n");
4396 for (i = 1; i < argc; i++) {
4397 if (!strcmp("-v", argv[i]) || !strcmp("--verbose", argv[i]))
4399 else if (!strcmp("--debug", argv[i]))
4400 _debug = _verbose = 1;
4403 /* Handle interrupt properly */
4404 sigaction(SIGINT, &sa, NULL);
4405 sigaction(SIGTERM, &sa, NULL);
4407 register_cleanup(_cleanup);
4411 printf("Cannot set test devices.\n");
4416 crypt_set_debug_level(_debug ? CRYPT_DEBUG_JSON : CRYPT_DEBUG_NONE);
4418 RUN_(AddDeviceLuks2, "Format and use LUKS2 device");
4419 RUN_(Luks2MetadataSize, "LUKS2 metadata settings");
4420 RUN_(Luks2HeaderLoad, "LUKS2 header load");
4421 RUN_(Luks2HeaderRestore, "LUKS2 header restore");
4422 RUN_(Luks2HeaderBackup, "LUKS2 header backup");
4423 RUN_(ResizeDeviceLuks2, "LUKS2 device resize tests");
4424 RUN_(UseLuks2Device, "Use pre-formated LUKS2 device");
4425 RUN_(SuspendDevice, "LUKS2 Suspend/Resume");
4426 RUN_(UseTempVolumes, "Format and use temporary encrypted device");
4427 RUN_(Tokens, "General tokens API");
4428 RUN_(TokenActivationByKeyring, "Builtin kernel keyring token");
4429 RUN_(LuksConvert, "LUKS1 <-> LUKS2 conversions");
4430 RUN_(Pbkdf, "Default PBKDF manipulation routines");
4431 RUN_(Luks2KeyslotParams, "Add a new keyslot with different encryption");
4432 RUN_(Luks2KeyslotAdd, "Add a new keyslot by unused key");
4433 RUN_(Luks2ActivateByKeyring, "LUKS2 activation by passphrase in keyring");
4434 RUN_(Luks2Requirements, "LUKS2 requirements flags");
4435 RUN_(Luks2Integrity, "LUKS2 with data integrity");
4436 RUN_(Luks2Refresh, "Active device table refresh");
4437 RUN_(Luks2Flags, "LUKS2 persistent flags");
4438 RUN_(Luks2Reencryption, "LUKS2 reencryption");
4439 RUN_(Luks2Repair, "LUKS2 repair"); // test disables metadata locking. Run always last!