"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "tests/bitlk-compat-test" between
cryptsetup-2.3.6.tar.xz and cryptsetup-2.4.0.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

bitlk-compat-test  (cryptsetup-2.3.6.tar.xz):bitlk-compat-test  (cryptsetup-2.4.0.tar.xz)
#!/bin/bash #!/bin/bash
# check bitlk images parsing # check bitlk images parsing
[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
TST_DIR=bitlk-images TST_DIR=bitlk-images
MAP=bitlktst MAP=bitlktst
DUMP_MK_FILE=bitlk-test-mk
CRYPTSETUP_VALGRIND=../.libs/cryptsetup CRYPTSETUP_VALGRIND=../.libs/cryptsetup
CRYPTSETUP_LIB_VALGRIND=../.libs CRYPTSETUP_LIB_VALGRIND=../.libs
[ -z "$srcdir" ] && srcdir="." [ -z "$srcdir" ] && srcdir="."
function remove_mapping() function remove_mapping()
{ {
[ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP [ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP
rm -rf $TST_DIR
} }
function fail() function fail()
{ {
[ -n "$1" ] && echo "$1" [ -n "$1" ] && echo "$1"
echo " [FAILED]" echo " [FAILED]"
echo "FAILED backtrace:" echo "FAILED backtrace:"
while caller $frame; do ((frame++)); done while caller $frame; do ((frame++)); done
remove_mapping remove_mapping
exit 2 exit 2
} }
function skip() function skip()
{ {
[ -n "$1" ] && echo "$1" [ -n "$1" ] && echo "$1"
echo "Test skipped." echo "Test skipped."
remove_mapping
exit 77 exit 77
} }
function load_vars() function load_vars()
{ {
local file=$(echo $1 | sed -e s/^$TST_DIR\\/// | sed -e s/\.img$//) local file=$(echo $1 | sed -e s/^$TST_DIR\\/// | sed -e s/\.img$//)
source <(grep = <(grep -A8 "\[$file\]" $TST_DIR/images.conf)) source <(grep = <(grep -A8 "\[$file\]" $TST_DIR/images.conf))
} }
function check_dump() function check_dump()
{ {
dump=$1 dump=$1
file=$2 file=$2
# load variables for this image from config file # load variables for this image from config file
load_vars $file load_vars $file
# GUID # GUID
dump_guid=$(echo "$dump" | grep Version -A 1 | tail -1 | cut -d: -f2 | t dump_guid=$(echo "$dump" | grep Version -A 1 | tail -1 | cut -d: -f2 | tr
r -d "\t\n ") -d "\t\n ")
[ ! -z "$GUID" -a "$dump_guid" = "$GUID" ] || fail " GUID check from du [ ! -z "$GUID" -a "$dump_guid" = "$GUID" ] || fail " GUID check from dum
mp failed." p failed."
# cipher # cipher
dump_cipher=$(echo "$dump" | grep "Cipher name" | cut -d: -f2 | tr -d "\ dump_cipher=$(echo "$dump" | grep "Cipher name" | cut -d: -f2 | tr -d "\t
t\n ") \n ")
dump_mode=$(echo "$dump" | grep "Cipher mode" | cut -d: -f2 | tr -d "\t\ dump_mode=$(echo "$dump" | grep "Cipher mode" | cut -d: -f2 | tr -d "\t\n
n ") ")
cipher=$(echo "$dump_cipher-$dump_mode") cipher=$(echo "$dump_cipher-$dump_mode")
[ ! -z "$CIPHER" -a "$cipher" = "$CIPHER" ] || fail " cipher check from [ ! -z "$CIPHER" -a "$cipher" = "$CIPHER" ] || fail " cipher check from d
dump failed." ump failed."
if echo "$file" | grep -q -e "smart-card"; then if echo "$file" | grep -q -e "smart-card"; then
# smart card protected VMK GUID # smart card protected VMK GUID
dump_sc_vmk=$(echo "$dump" | grep "VMK protected with smart card dump_sc_vmk=$(echo "$dump" | grep "VMK protected with smart card"
" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
[ ! -z "$SC_VMK_GUID" -a "$dump_sc_vmk" = "$SC_VMK_GUID" ] || fa [ ! -z "$SC_VMK_GUID" -a "$dump_sc_vmk" = "$SC_VMK_GUID" ] || fai
il " smart card protected VMK GUID check from dump failed." l " smart card protected VMK GUID check from dump failed."
elif echo "$file" | grep -q -e "startup-key"; then elif echo "$file" | grep -q -e "startup-key"; then
# startup key protected VMK GUID # startup key protected VMK GUID
dump_sk_vmk=$(echo "$dump" | grep "VMK protected with startup ke dump_sk_vmk=$(echo "$dump" | grep "VMK protected with startup key
y" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") " -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
[ ! -z "$SK_VMK_GUID" -a "$dump_sk_vmk" = "$SK_VMK_GUID" ] || fa [ ! -z "$SK_VMK_GUID" -a "$dump_sk_vmk" = "$SK_VMK_GUID" ] || fai
il " startup key protected VMK GUID check from dump failed." l " startup key protected VMK GUID check from dump failed."
else else
# password protected VMK GUID # password protected VMK GUID
dump_pw_vmk=$(echo "$dump" | grep "VMK protected with passphrase dump_pw_vmk=$(echo "$dump" | grep "VMK protected with passphrase"
" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
[ ! -z "$PW_VMK_GUID" -a "$dump_pw_vmk" = "$PW_VMK_GUID" ] || fa [ ! -z "$PW_VMK_GUID" -a "$dump_pw_vmk" = "$PW_VMK_GUID" ] || fai
il " password protected VMK GUID check from dump failed." l " password protected VMK GUID check from dump failed."
fi fi
# recovery password protected VMK GUID # recovery password protected VMK GUID
dump_rp_vmk=$(echo "$dump" | grep "VMK protected with recovery passphras dump_rp_vmk=$(echo "$dump" | grep "VMK protected with recovery passphrase
e" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") " -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
[ ! -z "$RP_VMK_GUID" -a "$dump_rp_vmk" = "$RP_VMK_GUID" ] || fail " rec [ ! -z "$RP_VMK_GUID" -a "$dump_rp_vmk" = "$RP_VMK_GUID" ] || fail " reco
overy password protected VMK GUID check from dump failed." very password protected VMK GUID check from dump failed."
} }
function valgrind_setup() function valgrind_setup()
{ {
which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind." which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind."
[ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptset up executable." [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptset up executable."
export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH" export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
} }
skipping to change at line 102 skipping to change at line 105
export LANG=C export LANG=C
[ ! -d $TST_DIR ] && tar xJSf $srcdir/bitlk-images.tar.xz --no-same-owner [ ! -d $TST_DIR ] && tar xJSf $srcdir/bitlk-images.tar.xz --no-same-owner
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run [ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
echo "HEADER CHECK" echo "HEADER CHECK"
for file in $(ls $TST_DIR/bitlk-*) ; do for file in $(ls $TST_DIR/bitlk-*) ; do
echo -n " $file" echo -n " $file"
out=$($CRYPTSETUP bitlkDump $file) out=$($CRYPTSETUP bitlkDump $file)
check_dump "$out" "$file" check_dump "$out" "$file"
echo " [OK]" echo " [OK]"
done done
if [ $(id -u) != 0 ]; then if [ $(id -u) != 0 ]; then
echo "WARNING: You must be root to run activation part of test, test skip ped." echo "WARNING: You must be root to run activation part of test, test skip ped."
remove_mapping
exit 0 exit 0
fi fi
remove_mapping
echo "ACTIVATION FS UUID CHECK" echo "ACTIVATION FS UUID CHECK"
for file in $(ls $TST_DIR/bitlk-*) ; do for file in $(ls $TST_DIR/bitlk-*) ; do
# load variables for this image from config file # load variables for this image from config file
load_vars $file load_vars $file
# test with both passphrase and recovery passphrase # test with both passphrase and recovery passphrase
for PASSPHRASE in $PW $RP ; do for PASSPHRASE in $PW $RP ; do
echo -n " $file" echo -n " $file"
echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file --test-passphra se >/dev/null 2>&1 echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file --test-passphra se >/dev/null 2>&1
ret=$? ret=$?
[ $ret -eq 1 ] && echo " [N/A]" && continue [ $ret -eq 1 ] && echo " [N/A]" && continue
echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file $MAP >/dev/null 2>&1 echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file $MAP >/dev/null 2>&1
ret=$? ret=$?
[ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue
skipping to change at line 142 skipping to change at line 144
$CRYPTSETUP status $MAP >/dev/null || fail $CRYPTSETUP status $MAP >/dev/null || fail
$CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
uuid=$(lsblk -n -o UUID /dev/mapper/$MAP) uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1) sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
$CRYPTSETUP remove $MAP || fail $CRYPTSETUP remove $MAP || fail
[ "$uuid" = "$UUID" ] || fail " UUID check failed." [ "$uuid" = "$UUID" ] || fail " UUID check failed."
[ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed ." [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed ."
echo " [OK]" echo " [OK]"
done done
# test with master key
rm -f $DUMP_MK_FILE >/dev/null 2>&1
echo -n " $file"
echo $PASSPHRASE | $CRYPTSETUP bitlkDump -r $file --dump-master-key --mas
ter-key-file $DUMP_MK_FILE >/dev/null 2>&1
ret=$?
[ $ret -eq 0 ] || fail " failed to dump master key"
$CRYPTSETUP bitlkOpen -r $file $MAP --master-key-file $DUMP_MK_FILE >/dev
/null 2>&1
ret=$?
[ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]
" && continue
[ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc-elephant" ) && ech
o " [N/A]" && continue
[ $ret -eq 1 ] && ( echo "$file" | grep -q -e "clearkey" ) && echo " [N/A
]" && continue
[ $ret -eq 1 ] && ( echo "$file" | grep -q -e "eow" ) && echo " [N/A]" &&
continue
[ $ret -eq 1 ] && ( echo "$file" | grep -q -e "-4k.img" ) && echo " [N/A]
" && continue
[ $ret -eq 0 ] || fail " failed to open $file using master key ($ret)"
$CRYPTSETUP status $MAP >/dev/null || fail
$CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
$CRYPTSETUP remove $MAP || fail
[ "$uuid" = "$UUID" ] || fail " UUID check failed."
[ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed."
echo " [OK]"
rm -f $DUMP_MK_FILE >/dev/null 2>&1
# startup key test -- we need to use BEK file from the archive # startup key test -- we need to use BEK file from the archive
if echo "$file" | grep -q -e "startup-key"; then if echo "$file" | grep -q -e "startup-key"; then
echo -n " $file" echo -n " $file"
bek_file=$(echo $SK_VMK_GUID.BEK | tr /a-z/ /A-Z/) bek_file=$(echo $SK_VMK_GUID.BEK | tr /a-z/ /A-Z/)
$CRYPTSETUP bitlkOpen -r $file --test-passphrase --key-file $TST_ DIR/$bek_file $CRYPTSETUP bitlkOpen -r $file --test-passphrase --key-file $TST_ DIR/$bek_file
ret=$? ret=$?
[ $ret -eq 1 ] && echo " [N/A]" && continue [ $ret -eq 1 ] && echo " [N/A]" && continue
$CRYPTSETUP bitlkOpen -r $file $MAP --key-file $TST_DIR/$bek_file >/dev/null 2>&1 $CRYPTSETUP bitlkOpen -r $file $MAP --key-file $TST_DIR/$bek_file >/dev/null 2>&1
ret=$? ret=$?
[ $ret -eq 0 ] || fail " failed to open $file ($ret)" [ $ret -eq 0 ] || fail " failed to open $file ($ret)"
skipping to change at line 163 skipping to change at line 189
$CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
uuid=$(lsblk -n -o UUID /dev/mapper/$MAP) uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1) sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
$CRYPTSETUP remove $MAP || fail $CRYPTSETUP remove $MAP || fail
[ "$uuid" = "$UUID" ] || fail " UUID check failed." [ "$uuid" = "$UUID" ] || fail " UUID check failed."
[ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed ." [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed ."
echo " [OK]" echo " [OK]"
fi fi
done done
remove_mapping
exit 0
 End of changes. 14 change blocks. 
49 lines changed or deleted 82 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)