"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "tests/api-test-2.c" between
cryptsetup-2.4.2.tar.xz and cryptsetup-2.4.3.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

api-test-2.c  (cryptsetup-2.4.2.tar.xz):api-test-2.c  (cryptsetup-2.4.3.tar.xz)
skipping to change at line 3806 skipping to change at line 3806
flags = CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_ CPUS; flags = CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_ CPUS;
OK_(crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, flags)); OK_(crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, flags));
flags = (uint32_t)~0; flags = (uint32_t)~0;
OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags)); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_ACTIVATION, &flags));
EQ_(flags,CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYP T_CPUS); EQ_(flags,CRYPT_ACTIVATE_ALLOW_DISCARDS | CRYPT_ACTIVATE_SUBMIT_FROM_CRYP T_CPUS);
CRYPT_FREE(cd); CRYPT_FREE(cd);
} }
#if KERNEL_KEYRING && USE_LUKS2_REENCRYPTION
static int test_progress(uint64_t size __attribute__((unused)), static int test_progress(uint64_t size __attribute__((unused)),
uint64_t offset __attribute__((unused)), uint64_t offset __attribute__((unused)),
void *usrptr __attribute__((unused))) void *usrptr __attribute__((unused)))
{ {
while (--test_progress_steps) while (--test_progress_steps)
return 0; return 0;
return 1; return 1;
} }
static void Luks2Reencryption(void) static void Luks2Reencryption(void)
{ {
/* reencryption currently depends on kernel keyring support */ /* reencryption currently depends on kernel keyring support */
#if KERNEL_KEYRING
/* NOTES: /* NOTES:
* - reencryption requires luks2 parameters. can we avoid it? * - reencryption requires luks2 parameters. can we avoid it?
*/ */
uint32_t getflags; uint32_t getflags;
uint64_t r_header_size, r_size_1; uint64_t r_header_size, r_size_1;
struct crypt_active_device cad; struct crypt_active_device cad;
struct crypt_pbkdf_type pbkdf = { struct crypt_pbkdf_type pbkdf = {
.type = CRYPT_KDF_ARGON2I, .type = CRYPT_KDF_ARGON2I,
.hash = "sha256", .hash = "sha256",
.parallel_threads = 1, .parallel_threads = 1,
skipping to change at line 4239 skipping to change at line 4239
EQ_(retparams.data_shift, 8192); EQ_(retparams.data_shift, 8192);
EQ_(retparams.flags & CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT, CRYPT_REENCRYPT _MOVE_FIRST_SEGMENT); EQ_(retparams.flags & CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT, CRYPT_REENCRYPT _MOVE_FIRST_SEGMENT);
EQ_(crypt_get_data_offset(cd), 8192); EQ_(crypt_get_data_offset(cd), 8192);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0); EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd); CRYPT_FREE(cd);
_cleanup_dmdevices(); _cleanup_dmdevices();
OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size)); OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2+1)); OK_(create_dmdevice_over_loop(L_DEVICE_OK, 8*1024*2+1));
/* encryption with datashift and moved segment (data shift + 1 sector) */ /* encryption with datashift and moved segment (data shift + 1 sector) */
OK_(crypt_init(&cd, DMDIR H_DEVICE)); OK_(crypt_init(&cd, DMDIR H_DEVICE));
rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FI RST_SEGMENT; rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FI RST_SEGMENT;
OK_(crypt_set_data_offset(cd, 8192)); OK_(crypt_set_data_offset(cd, 8192));
OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, & params2)); OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "xts-plain64", NULL, NULL, 64, & params2));
EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen( PASSPHRASE)), 30); EQ_(crypt_keyslot_add_by_volume_key(cd, 30, NULL, 64, PASSPHRASE, strlen( PASSPHRASE)), 30);
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), 0); EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), CRYPT_ANY_SLOT, 30, "aes", "xts-plain64", &rparams), 0);
CRYPT_FREE(cd); CRYPT_FREE(cd);
OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
OK_(crypt_header_restore(cd, CRYPT_LUKS2, DMDIR H_DEVICE)); OK_(crypt_header_restore(cd, CRYPT_LUKS2, DMDIR H_DEVICE));
EQ_(crypt_get_data_offset(cd), 8192); EQ_(crypt_get_data_offset(cd), 8192);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0); EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd); CRYPT_FREE(cd);
_cleanup_dmdevices(); _cleanup_dmdevices();
OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size)); OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2)); OK_(create_dmdevice_over_loop(L_DEVICE_OK, 2*8200));
OK_(crypt_init(&cd, DMDIR H_DEVICE)); OK_(crypt_init(&cd, DMDIR H_DEVICE));
/* encryption with datashift and moved segment (data shift + data offset > device size) */ /* encryption with datashift and moved segment (data shift + data offset <= device size) */
memset(&rparams, 0, sizeof(rparams)); memset(&rparams, 0, sizeof(rparams));
params2.sector_size = 512; params2.sector_size = 512;
params2.data_device = DMDIR L_DEVICE_OK; params2.data_device = DMDIR L_DEVICE_OK;
rparams.mode = CRYPT_REENCRYPT_ENCRYPT; rparams.mode = CRYPT_REENCRYPT_ENCRYPT;
rparams.direction = CRYPT_REENCRYPT_BACKWARD; rparams.direction = CRYPT_REENCRYPT_BACKWARD;
rparams.resilience = "datashift"; rparams.resilience = "datashift";
rparams.data_shift = 8200; rparams.data_shift = 8200;
rparams.luks2 = &params2; rparams.luks2 = &params2;
rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FI RST_SEGMENT; rparams.flags = CRYPT_REENCRYPT_INITIALIZE_ONLY | CRYPT_REENCRYPT_MOVE_FI RST_SEGMENT;
OK_(crypt_set_data_offset(cd, 8200)); OK_(crypt_set_data_offset(cd, 8200));
skipping to change at line 4539 skipping to change at line 4539
EQ_(crypt_keyslot_add_by_key(cd, 9, key, key_size, PASSPHRASE, strlen(PAS SPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9); EQ_(crypt_keyslot_add_by_key(cd, 9, key, key_size, PASSPHRASE, strlen(PAS SPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
EQ_(crypt_keyslot_add_by_key(cd, 10, key, key_size, PASSPHRASE, strlen(PA SSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE ), 10); EQ_(crypt_keyslot_add_by_key(cd, 10, key, key_size, PASSPHRASE, strlen(PA SSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE ), 10);
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), 3, 9, "aes", "xts-plain64", &rparams)); OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSP HRASE), 3, 9, "aes", "xts-plain64", &rparams));
OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_reencrypt_run(cd, NULL, NULL));
OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0)); OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
OK_(crypt_keyslot_destroy(cd, 9)); OK_(crypt_keyslot_destroy(cd, 9));
OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0)); OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
crypt_free(cd); crypt_free(cd);
_cleanup_dmdevices(); _cleanup_dmdevices();
#endif
} }
#endif
static void Luks2Repair(void) static void Luks2Repair(void)
{ {
char rollback[256]; char rollback[256];
snprintf(rollback, sizeof(rollback), snprintf(rollback, sizeof(rollback),
"dd if=" IMAGE_PV_LUKS2_SEC ".bcp of=%s bs=1M 2>/dev/null", "dd if=" IMAGE_PV_LUKS2_SEC ".bcp of=%s bs=1M 2>/dev/null",
DEVICE_6); DEVICE_6);
OK_(crypt_init(&cd, DEVICE_6)); OK_(crypt_init(&cd, DEVICE_6));
skipping to change at line 4656 skipping to change at line 4656
RUN_(TokenActivationByKeyring, "Builtin kernel keyring token"); RUN_(TokenActivationByKeyring, "Builtin kernel keyring token");
RUN_(LuksConvert, "LUKS1 <-> LUKS2 conversions"); RUN_(LuksConvert, "LUKS1 <-> LUKS2 conversions");
RUN_(Pbkdf, "Default PBKDF manipulation routines"); RUN_(Pbkdf, "Default PBKDF manipulation routines");
RUN_(Luks2KeyslotParams, "Add a new keyslot with different encryption"); RUN_(Luks2KeyslotParams, "Add a new keyslot with different encryption");
RUN_(Luks2KeyslotAdd, "Add a new keyslot by unused key"); RUN_(Luks2KeyslotAdd, "Add a new keyslot by unused key");
RUN_(Luks2ActivateByKeyring, "LUKS2 activation by passphrase in keyring") ; RUN_(Luks2ActivateByKeyring, "LUKS2 activation by passphrase in keyring") ;
RUN_(Luks2Requirements, "LUKS2 requirements flags"); RUN_(Luks2Requirements, "LUKS2 requirements flags");
RUN_(Luks2Integrity, "LUKS2 with data integrity"); RUN_(Luks2Integrity, "LUKS2 with data integrity");
RUN_(Luks2Refresh, "Active device table refresh"); RUN_(Luks2Refresh, "Active device table refresh");
RUN_(Luks2Flags, "LUKS2 persistent flags"); RUN_(Luks2Flags, "LUKS2 persistent flags");
#if KERNEL_KEYRING && USE_LUKS2_REENCRYPTION
RUN_(Luks2Reencryption, "LUKS2 reencryption"); RUN_(Luks2Reencryption, "LUKS2 reencryption");
#endif
RUN_(Luks2Repair, "LUKS2 repair"); // test disables metadata locking. Run always last! RUN_(Luks2Repair, "LUKS2 repair"); // test disables metadata locking. Run always last!
_cleanup(); _cleanup();
return 0; return 0;
} }
 End of changes. 9 change blocks. 
5 lines changed or deleted 7 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)