"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "tests/reencryption-compat-test2" between
cryptsetup-2.3.6.tar.xz and cryptsetup-2.4.0.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

reencryption-compat-test2  (cryptsetup-2.3.6.tar.xz):reencryption-compat-test2  (cryptsetup-2.4.0.tar.xz)
#!/bin/bash #!/bin/bash
[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
REENC=$CRYPTSETUP_PATH/cryptsetup-reencrypt REENC=$CRYPTSETUP_PATH/cryptsetup-reencrypt
FAST_PBKDF_ARGON="--pbkdf-force-iterations 4 --pbkdf-memory 32 --pbkdf-parallel 1" FAST_PBKDF_ARGON="--pbkdf argon2i --pbkdf-force-iterations 4 --pbkdf-memory 32 - -pbkdf-parallel 1"
FAST_PBKDF_PBKDF2="--pbkdf-force-iterations 1000 --pbkdf pbkdf2" FAST_PBKDF_PBKDF2="--pbkdf-force-iterations 1000 --pbkdf pbkdf2"
DEFAULT_ARGON="argon2i"
DEV_NAME=reenc9768 DEV_NAME=reenc9768
DEV_NAME2=reenc1273 DEV_NAME2=reenc1273
IMG=reenc-data IMG=reenc-data
IMG_HDR=$IMG.hdr IMG_HDR=$IMG.hdr
ORIG_IMG=reenc-data-orig ORIG_IMG=reenc-data-orig
KEY1=key1 KEY1=key1
PWD1="93R4P4pIqAH8" PWD1="93R4P4pIqAH8"
PWD2="1cND4319812f" PWD2="1cND4319812f"
PWD3="1-9Qu5Ejfnqv" PWD3="1-9Qu5Ejfnqv"
skipping to change at line 46 skipping to change at line 45
[ $VER_MAJ -lt 1 ] && return [ $VER_MAJ -lt 1 ] && return
[ $VER_MAJ -eq 1 -a $VER_MIN -lt 11 ] && return [ $VER_MAJ -eq 1 -a $VER_MIN -lt 11 ] && return
ALLOW_DISCARDS=--allow-discards ALLOW_DISCARDS=--allow-discards
[ $VER_MAJ -eq 1 -a $VER_MIN -lt 14 ] && return [ $VER_MAJ -eq 1 -a $VER_MIN -lt 14 ] && return
PERF_CPU=--perf-same_cpu_crypt PERF_CPU=--perf-same_cpu_crypt
} }
function del_scsi_device() function del_scsi_device()
{ {
rmmod scsi_debug 2>/dev/null rmmod scsi_debug >/dev/null 2>&1
sleep 2 sleep 2
} }
function remove_mapping() function remove_mapping()
{ {
[ -b /dev/mapper/$DEV_NAME2 ] && dmsetup remove --retry $DEV_NAME2 [ -b /dev/mapper/$DEV_NAME2 ] && dmsetup remove --retry $DEV_NAME2
[ -b /dev/mapper/$DEV_NAME ] && dmsetup remove --retry $DEV_NAME [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove --retry $DEV_NAME
rm -f $IMG $IMG_HDR $ORIG_IMG $KEY1 >/dev/null 2>&1 rm -f $IMG $IMG_HDR $ORIG_IMG $KEY1 >/dev/null 2>&1
umount $MNT_DIR > /dev/null 2>&1 umount $MNT_DIR > /dev/null 2>&1
rmdir $MNT_DIR > /dev/null 2>&1 rmdir $MNT_DIR > /dev/null 2>&1
skipping to change at line 78 skipping to change at line 77
} }
function skip() function skip()
{ {
[ -n "$1" ] && echo "$1" [ -n "$1" ] && echo "$1"
exit 77 exit 77
} }
function add_scsi_device() { function add_scsi_device() {
del_scsi_device del_scsi_device
modprobe scsi_debug $@ delay=0 if [ -d /sys/module/scsi_debug ] ; then
if [ $? -ne 0 ] ; then echo "Cannot use scsi_debug module (in use or compiled-in), test
echo "This kernel seems to not support proper scsi_debug module, skipped."
test skipped." exit 77
exit 77 fi
fi modprobe scsi_debug $@ delay=0 >/dev/null 2>&1
if [ $? -ne 0 ] ; then
sleep 2 echo "This kernel seems to not support proper scsi_debug module,
SCSI_DEV="/dev/"$(grep -l -e scsi_debug /sys/block/*/device/model | cut test skipped."
-f4 -d /) exit 77
[ -b $SCSI_DEV ] || fail "Cannot find $SCSI_DEV." fi
sleep 2
SCSI_DEV="/dev/"$(grep -l -e scsi_debug /sys/block/*/device/model | cut -
f4 -d /)
[ -b $SCSI_DEV ] || fail "Cannot find $SCSI_DEV."
} }
function open_crypt() # $1 pwd, $2 hdr function open_crypt() # $1 pwd, $2 hdr
{ {
if [ -n "$2" ] ; then if [ -n "$2" ] ; then
echo "$1" | $CRYPTSETUP luksOpen $IMG $DEV_NAME --header $2 || fa il echo "$1" | $CRYPTSETUP luksOpen $IMG $DEV_NAME --header $2 || fa il
elif [ -n "$1" ] ; then elif [ -n "$1" ] ; then
echo "$1" | $CRYPTSETUP luksOpen $IMG $DEV_NAME || fail echo "$1" | $CRYPTSETUP luksOpen $IMG $DEV_NAME || fail
else else
$CRYPTSETUP luksOpen -d $KEY1 $IMG $DEV_NAME || fail $CRYPTSETUP luksOpen -d $KEY1 $IMG $DEV_NAME || fail
skipping to change at line 363 skipping to change at line 366
echo $PWD1 | $REENC $IMG -q --keep-key --pbkdf-force-iterations 3 2>/dev/null && fail echo $PWD1 | $REENC $IMG -q --keep-key --pbkdf-force-iterations 3 2>/dev/null && fail
check_hash $PWD1 $HASH5 check_hash $PWD1 $HASH5
echo $PWD1 | $REENC $IMG -q --keep-key --pbkdf-force-iterations 4 --pbkdf-memory 31 2>/dev/null && fail echo $PWD1 | $REENC $IMG -q --keep-key --pbkdf-force-iterations 4 --pbkdf-memory 31 2>/dev/null && fail
check_hash $PWD1 $HASH5 check_hash $PWD1 $HASH5
echo $PWD1 | $REENC $IMG -q --keep-key --pbkdf pbkdf2 --pbkdf-force-iterations 1 000 --hash sha512 echo $PWD1 | $REENC $IMG -q --keep-key --pbkdf pbkdf2 --pbkdf-force-iterations 1 000 --hash sha512
check_hash $PWD1 $HASH5 check_hash $PWD1 $HASH5
[ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep PBKDF: | sed -e 's/[[:space:]]\+PBKDF:\ \+//g')" = "pbkdf2" ] || fail [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep PBKDF: | sed -e 's/[[:space:]]\+PBKDF:\ \+//g')" = "pbkdf2" ] || fail
[ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep Hash: | sed -e 's/[[:space:]]\+Hash:\ \+//g')" = "sha512" ] || fail [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep Hash: | sed -e 's/[[:space:]]\+Hash:\ \+//g')" = "sha512" ] || fail
echo $PWD1 | $REENC $IMG -q --keep-key $FAST_PBKDF_ARGON echo $PWD1 | $REENC $IMG -q --keep-key $FAST_PBKDF_ARGON
check_hash $PWD1 $HASH5 check_hash $PWD1 $HASH5
[ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep PBKDF: | se d -e 's/[[:space:]]\+PBKDF:\ \+//g')" = $DEFAULT_ARGON ] || fail [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep PBKDF: | se d -e 's/[[:space:]]\+PBKDF:\ \+//g')" = argon2i ] || fail
[ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep "Time cost" | se d -e 's/[[:space:]]\+Time\ cost:\ \+//g')" -eq 4 ] || fail [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep "Time cost" | se d -e 's/[[:space:]]\+Time\ cost:\ \+//g')" -eq 4 ] || fail
[ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep Memory | se d -e 's/[[[:space:]]\+Memory:\ \+//g')" -eq 32 ] || fail [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep Memory | se d -e 's/[[[:space:]]\+Memory:\ \+//g')" -eq 32 ] || fail
[ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep Threads | se d -e 's/[[[:space:]]\+Threads:\ \+//g')" -eq 1 ] || fail [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "0: luks2" | grep Threads | se d -e 's/[[[:space:]]\+Threads:\ \+//g')" -eq 1 ] || fail
echo -e "$PWD1\n$PWD2" | $CRYPTSETUP -q luksAddKey -S21 $FAST_PBKDF_ARGON $IMG | | fail echo -e "$PWD1\n$PWD2" | $CRYPTSETUP -q luksAddKey -S21 $FAST_PBKDF_ARGON $IMG | | fail
echo $PWD2 | $REENC -S21 -q --keep-key --pbkdf pbkdf2 --pbkdf-force-iterations 1 000 $IMG || fail echo $PWD2 | $REENC -S21 -q --keep-key --pbkdf pbkdf2 --pbkdf-force-iterations 1 000 $IMG || fail
check_hash $PWD2 $HASH5 check_hash $PWD2 $HASH5
check_slot 21 || fail "Only keyslot 21 expected to be enabled" check_slot 21 || fail "Only keyslot 21 expected to be enabled"
$CRYPTSETUP luksDump $IMG | grep -q "luks2" > /dev/null || fail $CRYPTSETUP luksDump $IMG | grep -q "luks2" > /dev/null || fail
echo "[9] Test log I/Os on various underlying block devices" echo "[9] Test log I/Os on various underlying block devices"
skipping to change at line 465 skipping to change at line 468
$CRYPTSETUP luksDump $IMG | grep -q "3: luks2 (unbound)" || fail $CRYPTSETUP luksDump $IMG | grep -q "3: luks2 (unbound)" || fail
echo "[15] Reencryption after conversion" echo "[15] Reencryption after conversion"
prepare 8192 prepare 8192
echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_PBKDF2 $IMG --of fset 4096 || fail echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_PBKDF2 $IMG --of fset 4096 || fail
wipe $PWD1 wipe $PWD1
check_hash $PWD1 $HASH1 check_hash $PWD1 $HASH1
$CRYPTSETUP -q convert --type luks2 $IMG || fail $CRYPTSETUP -q convert --type luks2 $IMG || fail
echo $PWD1 | $REENC $IMG -q $FAST_PBKDF_PBKDF2 || fail echo $PWD1 | $REENC $IMG -q $FAST_PBKDF_PBKDF2 || fail
check_hash $PWD1 $HASH1 check_hash $PWD1 $HASH1
echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks2 $FAST_PBKDF_PBKDF2 $IMG --of fset 8192 || fail echo $PWD1 | $CRYPTSETUP -q luksFormat --sector-size 512 --type luks2 $FAST_PBKD F_PBKDF2 $IMG --offset 8192 || fail
wipe $PWD1 wipe $PWD1
check_hash $PWD1 $HASH5 check_hash $PWD1 $HASH5
$CRYPTSETUP -q convert --type luks1 $IMG || fail $CRYPTSETUP -q convert --type luks1 $IMG || fail
echo $PWD1 | $REENC $IMG -q $FAST_PBKDF_PBKDF2 || fail echo $PWD1 | $REENC $IMG -q $FAST_PBKDF_PBKDF2 || fail
check_hash $PWD1 $HASH5 check_hash $PWD1 $HASH5
remove_mapping remove_mapping
exit 0 exit 0
 End of changes. 6 change blocks. 
16 lines changed or deleted 20 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)