3 # check luks1 images parsing
5 # NOTE: if image with whirlpool hash fails, check
6 # that you are not using old gcrypt with flawed whirlpool
7 # (see cryptsetup debug output)
9 CRYPTSETUP=../src/cryptsetup
14 function remove_mapping()
16 [ -b /dev/mapper/$MAP ] && dmsetup remove $MAP
21 [ -n "$1" ] && echo "$1"
29 [ -n "$1" ] && echo "$1"
36 $CRYPTSETUP benchmark -c "$1" -s "$2" | grep -v "#" || skip
39 function test_required()
41 which lsblk >/dev/null 2>&1 || skip "WARNING: lsblk tool required."
43 echo "REQUIRED KDF TEST"
44 $CRYPTSETUP benchmark -h whirlpool | grep "N/A" && skip
46 echo "REQUIRED CIPHERS TEST"
47 echo "# Algorithm | Key | Encryption | Decryption"
50 test_one twofish-xts 256
51 test_one serpent-xts 256
58 if [ $(id -u) != 0 ]; then
59 echo "WARNING: You must be root to run activation part of test, test skipped."
64 [ ! -d $TST_DIR ] && tar xjf luks1-images.tar.bz2
66 echo "ACTIVATION FS UUID CHECK"
67 for file in $(ls $TST_DIR/luks1_*) ; do
69 $CRYPTSETUP luksOpen -d $TST_DIR/$KEYFILE $file $MAP 2>/dev/null
71 # ignore missing whirlpool (pwd failed is exit code 2)
72 [ $ret -eq 1 ] && (echo $file | grep -q -e "whirlpool") && echo " [N/A]" && continue
73 [ $ret -ne 0 ] && fail
74 $CRYPTSETUP status $MAP >/dev/null || fail
75 $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
76 UUID=$(lsblk -n -o UUID /dev/mapper/$MAP)
77 $CRYPTSETUP remove $MAP || fail
78 [ "$UUID" != "DEAD-BABE" ] && fail "UUID check failed."