"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/tests/api-test.c" (13 Jan 2022, 74363 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "api-test.c": 2.4.0_vs_2.4.1.

    1 /*
    2  * cryptsetup library API check functions
    3  *
    4  * Copyright (C) 2009-2021 Red Hat, Inc. All rights reserved.
    5  * Copyright (C) 2009-2021 Milan Broz
    6  * Copyright (C) 2016-2021 Ondrej Kozina
    7  *
    8  * This program is free software; you can redistribute it and/or
    9  * modify it under the terms of the GNU General Public License
   10  * as published by the Free Software Foundation; either version 2
   11  * of the License, or (at your option) any later version.
   12  *
   13  * This program is distributed in the hope that it will be useful,
   14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   16  * GNU General Public License for more details.
   17  *
   18  * You should have received a copy of the GNU General Public License
   19  * along with this program; if not, write to the Free Software
   20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
   21  */
   22 
   23 #include <stdlib.h>
   24 #include <string.h>
   25 #include <unistd.h>
   26 #include <fcntl.h>
   27 #include <errno.h>
   28 #include <signal.h>
   29 #include <sys/stat.h>
   30 #include <inttypes.h>
   31 #include <sys/types.h>
   32 
   33 #include "api_test.h"
   34 #include "luks1/luks.h"
   35 #include "libcryptsetup.h"
   36 
   37 #define DEVICE_1_UUID "28632274-8c8a-493f-835b-da802e1c576b"
   38 #define DEVICE_EMPTY_name "crypt_zero"
   39 #define DEVICE_EMPTY DMDIR DEVICE_EMPTY_name
   40 #define DEVICE_ERROR_name "crypt_error"
   41 #define DEVICE_ERROR DMDIR DEVICE_ERROR_name
   42 
   43 #define CDEVICE_1 "ctest1"
   44 #define CDEVICE_2 "ctest2"
   45 #define CDEVICE_WRONG "O_o"
   46 #define H_DEVICE "head_ok"
   47 #define H_DEVICE_WRONG "head_wr"
   48 #define L_DEVICE_1S "luks_onesec"
   49 #define L_DEVICE_0S "luks_zerosec"
   50 #define L_DEVICE_WRONG "luks_wr"
   51 #define L_DEVICE_OK "luks_ok"
   52 #define EVL_HEADER_1 "evil_hdr-luks_hdr_damage"
   53 #define EVL_HEADER_2 "evil_hdr-payload_overwrite"
   54 #define EVL_HEADER_3 "evil_hdr-stripes_payload_dmg"
   55 #define EVL_HEADER_4 "evil_hdr-small_luks_device"
   56 #define EVL_HEADER_5 "evil_hdr-keyslot_overlap"
   57 #define VALID_HEADER "valid_header_file"
   58 #define BACKUP_FILE "csetup_backup_file"
   59 #define IMAGE1 "compatimage.img"
   60 #define IMAGE_EMPTY "empty.img"
   61 
   62 #define KEYFILE1 "key1.file"
   63 #define KEY1 "compatkey"
   64 
   65 #define KEYFILE2 "key2.file"
   66 #define KEY2 "0123456789abcdef"
   67 
   68 #define PASSPHRASE "blabla"
   69 #define PASSPHRASE1 "albalb"
   70 
   71 #define DEVICE_TEST_UUID "12345678-1234-1234-1234-123456789abc"
   72 
   73 #define DEVICE_WRONG "/dev/Ooo_"
   74 #define DEVICE_CHAR "/dev/zero"
   75 #define THE_LFILE_TEMPLATE "cryptsetup-tstlp.XXXXXX"
   76 
   77 #define LUKS_PHDR_SIZE_B 1024
   78 
   79 static int _fips_mode = 0;
   80 
   81 static char *DEVICE_1 = NULL;
   82 static char *DEVICE_2 = NULL;
   83 static char *DEVICE_3 = NULL;
   84 
   85 static char *tmp_file_1 = NULL;
   86 static char *test_loop_file = NULL;
   87 
   88 struct crypt_device *cd = NULL, *cd2 = NULL;
   89 
   90 // Helpers
   91 
   92 static int get_luks_offsets(int metadata_device,
   93                 size_t keylength,
   94                 unsigned int alignpayload_sec,
   95                 unsigned int alignoffset_sec,
   96                 uint64_t *r_header_size,
   97                 uint64_t *r_payload_offset)
   98 {
   99     int i;
  100     uint64_t current_sector;
  101     uint32_t sectors_per_stripes_set;
  102 
  103     if (!keylength) {
  104         if (r_header_size)
  105             *r_header_size = 0;
  106         if (r_payload_offset)
  107             *r_payload_offset = 0;
  108         return -1;
  109     }
  110 
  111     sectors_per_stripes_set = DIV_ROUND_UP(keylength*LUKS_STRIPES, TST_SECTOR_SIZE);
  112     current_sector = DIV_ROUND_UP_MODULO(DIV_ROUND_UP(LUKS_PHDR_SIZE_B, TST_SECTOR_SIZE),
  113             LUKS_ALIGN_KEYSLOTS / TST_SECTOR_SIZE);
  114     for (i=0; i < (LUKS_NUMKEYS - 1); i++)
  115         current_sector = DIV_ROUND_UP_MODULO(current_sector + sectors_per_stripes_set,
  116                 LUKS_ALIGN_KEYSLOTS / TST_SECTOR_SIZE);
  117     if (r_header_size)
  118         *r_header_size = current_sector + sectors_per_stripes_set;
  119 
  120     current_sector = DIV_ROUND_UP_MODULO(current_sector + sectors_per_stripes_set,
  121                 LUKS_ALIGN_KEYSLOTS / TST_SECTOR_SIZE);
  122 
  123     if (r_payload_offset) {
  124         if (metadata_device)
  125             *r_payload_offset = alignpayload_sec;
  126         else
  127             *r_payload_offset = DIV_ROUND_UP_MODULO(current_sector, alignpayload_sec)
  128                 + alignoffset_sec;
  129     }
  130 
  131     return 0;
  132 }
  133 
  134 static void _remove_keyfiles(void)
  135 {
  136     remove(KEYFILE1);
  137     remove(KEYFILE2);
  138 }
  139 
  140 #if HAVE_DECL_DM_TASK_RETRY_REMOVE
  141 #define DM_RETRY "--retry "
  142 #else
  143 #define DM_RETRY ""
  144 #endif
  145 
  146 #define DM_NOSTDERR " 2>/dev/null"
  147 
  148 static void _cleanup_dmdevices(void)
  149 {
  150     struct stat st;
  151 
  152     if (!stat(DMDIR H_DEVICE, &st))
  153         _system("dmsetup remove " DM_RETRY H_DEVICE DM_NOSTDERR, 0);
  154 
  155     if (!stat(DMDIR H_DEVICE_WRONG, &st))
  156         _system("dmsetup remove " DM_RETRY H_DEVICE_WRONG DM_NOSTDERR, 0);
  157 
  158     if (!stat(DMDIR L_DEVICE_0S, &st))
  159         _system("dmsetup remove " DM_RETRY L_DEVICE_0S DM_NOSTDERR, 0);
  160 
  161     if (!stat(DMDIR L_DEVICE_1S, &st))
  162         _system("dmsetup remove " DM_RETRY L_DEVICE_1S DM_NOSTDERR, 0);
  163 
  164     if (!stat(DMDIR L_DEVICE_WRONG, &st))
  165         _system("dmsetup remove " DM_RETRY L_DEVICE_WRONG DM_NOSTDERR, 0);
  166 
  167     if (!stat(DMDIR L_DEVICE_OK, &st))
  168         _system("dmsetup remove " DM_RETRY L_DEVICE_OK DM_NOSTDERR, 0);
  169 
  170     t_dev_offset = 0;
  171 }
  172 
  173 static void _cleanup(void)
  174 {
  175     struct stat st;
  176 
  177     CRYPT_FREE(cd);
  178     CRYPT_FREE(cd2);
  179 
  180     //_system("udevadm settle", 0);
  181 
  182     if (!stat(DMDIR CDEVICE_1, &st))
  183         _system("dmsetup remove " DM_RETRY CDEVICE_1 DM_NOSTDERR, 0);
  184 
  185     if (!stat(DMDIR CDEVICE_2, &st))
  186         _system("dmsetup remove " DM_RETRY CDEVICE_2 DM_NOSTDERR, 0);
  187 
  188     if (!stat(DEVICE_EMPTY, &st))
  189         _system("dmsetup remove " DM_RETRY DEVICE_EMPTY_name DM_NOSTDERR, 0);
  190 
  191     if (!stat(DEVICE_ERROR, &st))
  192         _system("dmsetup remove " DM_RETRY DEVICE_ERROR_name DM_NOSTDERR, 0);
  193 
  194     _cleanup_dmdevices();
  195 
  196     if (loop_device(THE_LOOP_DEV))
  197         loop_detach(THE_LOOP_DEV);
  198 
  199     if (loop_device(DEVICE_1))
  200         loop_detach(DEVICE_1);
  201 
  202     if (loop_device(DEVICE_2))
  203         loop_detach(DEVICE_2);
  204 
  205     if (loop_device(DEVICE_3))
  206         loop_detach(DEVICE_3);
  207 
  208     _system("rm -f " IMAGE_EMPTY, 0);
  209     _system("rm -f " IMAGE1, 0);
  210 
  211     if (test_loop_file)
  212         remove(test_loop_file);
  213     if (tmp_file_1)
  214         remove(tmp_file_1);
  215 
  216     remove(EVL_HEADER_1);
  217     remove(EVL_HEADER_2);
  218     remove(EVL_HEADER_3);
  219     remove(EVL_HEADER_4);
  220     remove(EVL_HEADER_5);
  221     remove(VALID_HEADER);
  222     remove(BACKUP_FILE);
  223 
  224     _remove_keyfiles();
  225 
  226     free(tmp_file_1);
  227     free(test_loop_file);
  228     free(THE_LOOP_DEV);
  229     free(DEVICE_1);
  230     free(DEVICE_2);
  231     free(DEVICE_3);
  232 }
  233 
  234 static int _setup(void)
  235 {
  236     int fd, ro = 0;
  237     char cmd[128];
  238 
  239     test_loop_file = strdup(THE_LFILE_TEMPLATE);
  240     if (!test_loop_file)
  241         return 1;
  242 
  243     if ((fd=mkstemp(test_loop_file)) == -1) {
  244         printf("cannot create temporary file with template %s\n", test_loop_file);
  245         return 1;
  246     }
  247     close(fd);
  248     snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=%s bs=%d count=%d 2>/dev/null",
  249          test_loop_file, TST_SECTOR_SIZE, TST_LOOP_FILE_SIZE);
  250     if (_system(cmd, 1))
  251         return 1;
  252 
  253     fd = loop_attach(&THE_LOOP_DEV, test_loop_file, 0, 0, &ro);
  254     close(fd);
  255 
  256     tmp_file_1 = strdup(THE_LFILE_TEMPLATE);
  257     if (!tmp_file_1)
  258         return 1;
  259 
  260     if ((fd=mkstemp(tmp_file_1)) == -1) {
  261         printf("cannot create temporary file with template %s\n", tmp_file_1);
  262         return 1;
  263     }
  264     close(fd);
  265     snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=%s bs=%d count=%d 2>/dev/null",
  266          tmp_file_1, TST_SECTOR_SIZE, 10);
  267     if (_system(cmd, 1))
  268         return 1;
  269 
  270     _system("dmsetup create " DEVICE_EMPTY_name " --table \"0 10000 zero\"", 1);
  271     _system("dmsetup create " DEVICE_ERROR_name " --table \"0 10000 error\"", 1);
  272 
  273     _system(" [ ! -e " IMAGE1 " ] && xz -dk " IMAGE1 ".xz", 1);
  274     fd = loop_attach(&DEVICE_1, IMAGE1, 0, 0, &ro);
  275     close(fd);
  276 
  277     _system("dd if=/dev/zero of=" IMAGE_EMPTY " bs=1M count=10 2>/dev/null", 1);
  278     fd = loop_attach(&DEVICE_2, IMAGE_EMPTY, 0, 0, &ro);
  279     close(fd);
  280 
  281     /* Keymaterial offset is less than 8 sectors */
  282     _system(" [ ! -e " EVL_HEADER_1 " ] && xz -dk " EVL_HEADER_1 ".xz", 1);
  283     /* keymaterial offset aims into payload area */
  284     _system(" [ ! -e " EVL_HEADER_2 " ] && xz -dk " EVL_HEADER_2 ".xz", 1);
  285     /* keymaterial offset is valid, number of stripes causes payload area to be overwritten */
  286     _system(" [ ! -e " EVL_HEADER_3 " ] && xz -dk " EVL_HEADER_3 ".xz", 1);
  287     /* luks device header for data and header on same device. payloadOffset is greater than
  288      * device size (crypt_load() test) */
  289     _system(" [ ! -e " EVL_HEADER_4 " ] && xz -dk " EVL_HEADER_4 ".xz", 1);
  290      /* two keyslots with same offset (overlapping keyslots) */
  291     _system(" [ ! -e " EVL_HEADER_5 " ] && xz -dk " EVL_HEADER_5 ".xz", 1);
  292     /* valid header: payloadOffset=4096, key_size=32,
  293      * volume_key = bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a */
  294     _system(" [ ! -e " VALID_HEADER " ] && xz -dk " VALID_HEADER ".xz", 1);
  295 
  296     /* Prepare tcrypt images */
  297     _system("tar xJf tcrypt-images.tar.xz 2>/dev/null", 1);
  298 
  299     _system("modprobe dm-crypt >/dev/null 2>&1", 0);
  300     _system("modprobe dm-verity >/dev/null 2>&1", 0);
  301 
  302     _fips_mode = fips_mode();
  303     if (_debug)
  304         printf("FIPS MODE: %d\n", _fips_mode);
  305 
  306     /* Use default log callback */
  307     crypt_set_log_callback(NULL, &global_log_callback, NULL);
  308 
  309     return 0;
  310 }
  311 
  312 static void AddDevicePlain(void)
  313 {
  314     struct crypt_params_plain params = {
  315         .hash = "sha1",
  316         .skip = 0,
  317         .offset = 0,
  318         .size = 0
  319     };
  320     int fd;
  321     char key[128], key2[128], path[128];
  322 
  323     const char *passphrase = PASSPHRASE;
  324     // hashed hex version of PASSPHRASE
  325     const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
  326     size_t key_size = strlen(mk_hex) / 2;
  327     const char *cipher = "aes";
  328     const char *cipher_mode = "cbc-essiv:sha256";
  329 
  330     uint64_t size, r_size;
  331 
  332     crypt_decode_key(key, mk_hex, key_size);
  333     FAIL_(crypt_init(&cd, ""), "empty device string");
  334     FAIL_(crypt_init(&cd, DEVICE_WRONG), "nonexistent device name ");
  335     FAIL_(crypt_init(&cd, DEVICE_CHAR), "character device as backing device");
  336     OK_(crypt_init(&cd, tmp_file_1));
  337     CRYPT_FREE(cd);
  338 
  339     // test crypt_format, crypt_get_cipher, crypt_get_cipher_mode, crypt_get_volume_key_size
  340     OK_(crypt_init(&cd,DEVICE_1));
  341     params.skip = 3;
  342     params.offset = 42;
  343     FAIL_(crypt_format(cd,CRYPT_PLAIN,NULL,cipher_mode,NULL,NULL,key_size,&params),"cipher param is null");
  344     FAIL_(crypt_format(cd,CRYPT_PLAIN,cipher,NULL,NULL,NULL,key_size,&params),"cipher_mode param is null");
  345     OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,&params));
  346     OK_(strcmp(cipher_mode,crypt_get_cipher_mode(cd)));
  347     OK_(strcmp(cipher,crypt_get_cipher(cd)));
  348     EQ_((int)key_size, crypt_get_volume_key_size(cd));
  349     EQ_(params.skip, crypt_get_iv_offset(cd));
  350     EQ_(params.offset, crypt_get_data_offset(cd));
  351     params.skip = 0;
  352     params.offset = 0;
  353 
  354     // crypt_set_uuid()
  355     FAIL_(crypt_set_uuid(cd,DEVICE_1_UUID),"can't set uuid to plain device");
  356 
  357     CRYPT_FREE(cd);
  358 
  359     // default is "plain" hash - no password hash
  360     OK_(crypt_init(&cd, DEVICE_1));
  361     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, NULL));
  362     FAIL_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0), "cannot verify key with plain");
  363     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  364     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  365     OK_(crypt_deactivate(cd, CDEVICE_1));
  366     CRYPT_FREE(cd);
  367 
  368     // test boundaries in offset parameter
  369     t_device_size(DEVICE_1,&size);
  370     params.hash = NULL;
  371     // zero sectors length
  372     params.offset = size >> TST_SECTOR_SHIFT;
  373     OK_(crypt_init(&cd, DEVICE_1));
  374     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  375     EQ_(crypt_get_data_offset(cd),params.offset);
  376     // device size is 0 sectors
  377     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0), "invalid device size (0 blocks)");
  378     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  379     // data part of crypt device is of 1 sector size
  380     params.offset = (size >> TST_SECTOR_SHIFT) - 1;
  381     CRYPT_FREE(cd);
  382 
  383     OK_(crypt_init(&cd, DEVICE_1));
  384     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  385     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
  386     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  387     snprintf(path, sizeof(path), "%s/%s", crypt_get_dir(), CDEVICE_1);
  388     if (t_device_size(path, &r_size) >= 0)
  389         EQ_(r_size >> TST_SECTOR_SHIFT, 1);
  390     OK_(crypt_deactivate(cd, CDEVICE_1));
  391     CRYPT_FREE(cd);
  392 
  393     // size > device_size
  394     params.offset = 0;
  395     params.size = (size >> TST_SECTOR_SHIFT) + 1;
  396     crypt_init(&cd, DEVICE_1);
  397     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  398     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0),"Device too small");
  399     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  400     CRYPT_FREE(cd);
  401 
  402     // offset == device_size (autodetect size)
  403     params.offset = (size >> TST_SECTOR_SHIFT);
  404     params.size = 0;
  405     crypt_init(&cd, DEVICE_1);
  406     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  407     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0),"Device too small");
  408     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  409     CRYPT_FREE(cd);
  410 
  411     // offset == device_size (user defined size)
  412     params.offset = (size >> TST_SECTOR_SHIFT);
  413     params.size = 123;
  414     crypt_init(&cd, DEVICE_1);
  415     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  416     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0),"Device too small");
  417     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  418     CRYPT_FREE(cd);
  419 
  420     // offset+size > device_size
  421     params.offset = 42;
  422     params.size = (size >> TST_SECTOR_SHIFT) - params.offset + 1;
  423     crypt_init(&cd, DEVICE_1);
  424     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  425     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0),"Offset and size are beyond device real size");
  426     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  427     CRYPT_FREE(cd);
  428 
  429     // offset+size == device_size
  430     params.offset = 42;
  431     params.size = (size >> TST_SECTOR_SHIFT) - params.offset;
  432     crypt_init(&cd, DEVICE_1);
  433     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  434     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
  435     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  436     if (!t_device_size(path, &r_size))
  437         EQ_((r_size >> TST_SECTOR_SHIFT),params.size);
  438     OK_(crypt_deactivate(cd,CDEVICE_1));
  439 
  440     CRYPT_FREE(cd);
  441     params.hash = "sha1";
  442     params.offset = 0;
  443     params.size = 0;
  444     params.skip = 0;
  445 
  446     // Now use hashed password
  447     OK_(crypt_init(&cd, DEVICE_1));
  448     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  449     FAIL_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0),
  450           "cannot verify passphrase with plain" );
  451     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
  452 
  453     // device status check
  454     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  455     snprintf(path, sizeof(path), "%s/%s", crypt_get_dir(), CDEVICE_1);
  456     fd = open(path, O_RDONLY);
  457     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_BUSY);
  458     FAIL_(crypt_deactivate(cd, CDEVICE_1), "Device is busy");
  459     close(fd);
  460     OK_(crypt_deactivate(cd, CDEVICE_1));
  461     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  462     CRYPT_FREE(cd);
  463 
  464     // crypt_init_by_name_and_header
  465     OK_(crypt_init(&cd,DEVICE_1));
  466     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  467     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  468     CRYPT_FREE(cd);
  469 
  470     // init with detached header is not supported
  471     OK_(crypt_init_data_device(&cd, DEVICE_2, DEVICE_1));
  472     FAIL_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params),
  473           "can't use plain with separate metadata device");
  474     CRYPT_FREE(cd);
  475 
  476     FAIL_(crypt_init_by_name_and_header(&cd, CDEVICE_1, H_DEVICE),"can't init plain device by header device");
  477     OK_(crypt_init_by_name(&cd, CDEVICE_1));
  478     OK_(strcmp(cipher_mode,crypt_get_cipher_mode(cd)));
  479     OK_(strcmp(cipher,crypt_get_cipher(cd)));
  480     EQ_((int)key_size, crypt_get_volume_key_size(cd));
  481     EQ_(params.skip, crypt_get_iv_offset(cd));
  482     EQ_(params.offset, crypt_get_data_offset(cd));
  483     OK_(crypt_deactivate(cd, CDEVICE_1));
  484     CRYPT_FREE(cd);
  485 
  486     OK_(crypt_init(&cd,DEVICE_1));
  487     OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,&params));
  488     params.size = 0;
  489     params.offset = 0;
  490 
  491     // crypt_set_data_device
  492     FAIL_(crypt_set_data_device(cd,H_DEVICE),"can't set data device for plain device");
  493     NULL_(crypt_get_metadata_device_name(cd));
  494     FAIL_(crypt_header_is_detached(cd), "plain has no header");
  495 
  496     // crypt_get_type
  497     OK_(strcmp(crypt_get_type(cd),CRYPT_PLAIN));
  498 
  499     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  500     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  501 
  502     // crypt_resize()
  503     OK_(crypt_resize(cd, CDEVICE_1, size >> TST_SECTOR_SHIFT)); // same size
  504     if (!t_device_size(path,&r_size))
  505         EQ_(r_size, size);
  506 
  507     // size overlaps
  508     FAIL_(crypt_resize(cd, CDEVICE_1, (uint64_t)-1),"Backing device is too small");
  509     FAIL_(crypt_resize(cd, CDEVICE_1, (size >> TST_SECTOR_SHIFT) + 1),"crypt device overlaps backing device");
  510 
  511     // resize ok
  512     OK_(crypt_resize(cd,CDEVICE_1, 123));
  513     if (!t_device_size(path,&r_size))
  514         EQ_(r_size >> TST_SECTOR_SHIFT, 123);
  515     OK_(crypt_resize(cd,CDEVICE_1,0)); // full size (autodetect)
  516     if (!t_device_size(path,&r_size))
  517         EQ_(r_size, size);
  518     OK_(crypt_deactivate(cd,CDEVICE_1));
  519     EQ_(crypt_status(cd,CDEVICE_1),CRYPT_INACTIVE);
  520     CRYPT_FREE(cd);
  521 
  522     // offset tests
  523     OK_(crypt_init(&cd,DEVICE_1));
  524     params.offset = 42;
  525     params.size = (size >> TST_SECTOR_SHIFT) - params.offset - 10;
  526     OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,&params));
  527     OK_(crypt_activate_by_volume_key(cd,CDEVICE_1,key,key_size,0));
  528     if (!t_device_size(path,&r_size))
  529         EQ_(r_size >> TST_SECTOR_SHIFT, params.size);
  530     // resize to fill remaining capacity
  531     OK_(crypt_resize(cd,CDEVICE_1,params.size + 10));
  532     if (!t_device_size(path,&r_size))
  533         EQ_(r_size >> TST_SECTOR_SHIFT, params.size + 10);
  534 
  535     // 1 sector beyond real size
  536     FAIL_(crypt_resize(cd,CDEVICE_1,params.size + 11), "new device size overlaps backing device"); // with respect to offset
  537     if (!t_device_size(path,&r_size))
  538         EQ_(r_size >> TST_SECTOR_SHIFT, params.size + 10);
  539     GE_(crypt_status(cd,CDEVICE_1),CRYPT_ACTIVE);
  540     fd = open(path, O_RDONLY);
  541     NOTFAIL_(fd, "Bad loop device.");
  542     close(fd);
  543 
  544     // resize to minimal size
  545     OK_(crypt_resize(cd,CDEVICE_1, 1)); // minimal device size
  546     if (!t_device_size(path,&r_size))
  547         EQ_(r_size >> TST_SECTOR_SHIFT, 1);
  548     // use size of backing device (autodetect with respect to offset)
  549     OK_(crypt_resize(cd,CDEVICE_1,0));
  550     if (!t_device_size(path,&r_size))
  551         EQ_(r_size >> TST_SECTOR_SHIFT, (size >> TST_SECTOR_SHIFT)- 42);
  552     OK_(crypt_deactivate(cd,CDEVICE_1));
  553     CRYPT_FREE(cd);
  554 
  555     params.size = 0;
  556     params.offset = 0;
  557     OK_(crypt_init(&cd,DEVICE_1));
  558     OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,&params));
  559     OK_(crypt_activate_by_volume_key(cd,CDEVICE_1,key,key_size,0));
  560 
  561     // suspend/resume tests
  562     FAIL_(crypt_suspend(cd,CDEVICE_1),"cannot suspend plain device");
  563     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  564     FAIL_(crypt_resume_by_passphrase(cd,CDEVICE_1,CRYPT_ANY_SLOT,passphrase, strlen(passphrase)),"cannot resume plain device");
  565     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  566 
  567     // retrieve volume key check
  568     memset(key2, 0, key_size);
  569     key_size--;
  570     // small buffer
  571     FAIL_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key2, &key_size, passphrase, strlen(passphrase)), "small buffer");
  572     key_size++;
  573     OK_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key2, &key_size, passphrase, strlen(passphrase)));
  574     OK_(memcmp(key, key2, key_size));
  575 
  576     OK_(strcmp(cipher, crypt_get_cipher(cd)));
  577     OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
  578     EQ_((int)key_size, crypt_get_volume_key_size(cd));
  579     EQ_(0, crypt_get_data_offset(cd));
  580     OK_(crypt_deactivate(cd, CDEVICE_1));
  581 
  582     // now with keyfile
  583     OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
  584     OK_(prepare_keyfile(KEYFILE2, KEY2, strlen(KEY2)));
  585     FAIL_(crypt_activate_by_keyfile(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, 0), "cannot verify key with plain");
  586     EQ_(0, crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
  587     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  588     OK_(crypt_deactivate(cd, CDEVICE_1));
  589     FAIL_(crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, strlen(KEY1) + 1, 0), "cannot seek");
  590     FAIL_(crypt_activate_by_keyfile_device_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, strlen(KEY1) + 1, 0), "cannot seek");
  591     EQ_(0, crypt_activate_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0, 0));
  592     OK_(crypt_deactivate(cd, CDEVICE_1));
  593     EQ_(0, crypt_activate_by_keyfile_device_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0, 0));
  594     OK_(crypt_deactivate(cd, CDEVICE_1));
  595     _remove_keyfiles();
  596     CRYPT_FREE(cd);
  597 
  598     OK_(crypt_init(&cd,DEVICE_1));
  599     OK_(crypt_format(cd,CRYPT_PLAIN,cipher,cipher_mode,NULL,NULL,key_size,&params));
  600 
  601     // crypt_keyslot_*()
  602     FAIL_(crypt_keyslot_add_by_passphrase(cd,CRYPT_ANY_SLOT,passphrase,strlen(passphrase),passphrase,strlen(passphrase)), "can't add keyslot to plain device");
  603     FAIL_(crypt_keyslot_add_by_volume_key(cd,CRYPT_ANY_SLOT ,key,key_size,passphrase,strlen(passphrase)),"can't add keyslot to plain device");
  604     FAIL_(crypt_keyslot_add_by_keyfile(cd,CRYPT_ANY_SLOT,KEYFILE1,strlen(KEY1),KEYFILE2,strlen(KEY2)),"can't add keyslot to plain device");
  605     FAIL_(crypt_keyslot_destroy(cd,1),"can't manipulate keyslots on plain device");
  606     EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_INVALID);
  607     _remove_keyfiles();
  608 
  609     CRYPT_FREE(cd);
  610 }
  611 
  612 static int new_messages = 0;
  613 static void new_log(int level, const char *msg, void *usrptr)
  614 {
  615     if (level == CRYPT_LOG_ERROR)
  616         new_messages++;
  617     global_log_callback(level, msg, usrptr);
  618 }
  619 
  620 static void CallbacksTest(void)
  621 {
  622     struct crypt_params_plain params = {
  623         .hash = "sha1",
  624         .skip = 0,
  625         .offset = 0,
  626     };
  627 
  628     size_t key_size = 256 / 8;
  629     const char *cipher = "aes";
  630     const char *cipher_mode = "cbc-essiv:sha256";
  631     const char *passphrase = PASSPHRASE;
  632 
  633     OK_(crypt_init(&cd, DEVICE_1));
  634     new_messages = 0;
  635     crypt_set_log_callback(cd, &new_log, NULL);
  636     EQ_(new_messages, 0);
  637     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &params));
  638     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
  639     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  640     EQ_(new_messages, 0);
  641     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0), "already exists");
  642     EQ_(new_messages, 1);
  643     crypt_set_log_callback(cd, NULL, NULL);
  644     OK_(crypt_deactivate(cd, CDEVICE_1));
  645     CRYPT_FREE(cd);
  646 }
  647 
  648 static void UseLuksDevice(void)
  649 {
  650     char key[128];
  651     size_t key_size;
  652 
  653     OK_(crypt_init(&cd, DEVICE_1));
  654     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
  655     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  656     OK_(crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
  657     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
  658     FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0), "already open");
  659     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  660     OK_(crypt_deactivate(cd, CDEVICE_1));
  661     FAIL_(crypt_deactivate(cd, CDEVICE_1), "no such device");
  662 
  663     key_size = 16;
  664     OK_(strcmp("aes", crypt_get_cipher(cd)));
  665     OK_(strcmp("cbc-essiv:sha256", crypt_get_cipher_mode(cd)));
  666     OK_(strcmp(DEVICE_1_UUID, crypt_get_uuid(cd)));
  667     EQ_((int)key_size, crypt_get_volume_key_size(cd));
  668     EQ_(1032, crypt_get_data_offset(cd));
  669 
  670     EQ_(0, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
  671     OK_(crypt_volume_key_verify(cd, key, key_size));
  672     OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
  673     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  674     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  675     OK_(crypt_deactivate(cd, CDEVICE_1));
  676 
  677     key[1] = ~key[1];
  678     FAIL_(crypt_volume_key_verify(cd, key, key_size), "key mismatch");
  679     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "key mismatch");
  680 
  681     CRYPT_FREE(cd);
  682 }
  683 
  684 static void SuspendDevice(void)
  685 {
  686     struct crypt_active_device cad;
  687     char key[128];
  688     size_t key_size;
  689     int suspend_status;
  690     uint64_t r_payload_offset;
  691     const struct crypt_pbkdf_type fast_pbkdf = {
  692         .type = "pbkdf2",
  693         .hash = "sha256",
  694         .iterations = 1000,
  695         .flags = CRYPT_PBKDF_NO_BENCHMARK
  696     };
  697 
  698     OK_(crypt_init(&cd, DEVICE_1));
  699     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
  700     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
  701 
  702     suspend_status = crypt_suspend(cd, CDEVICE_1);
  703     if (suspend_status == -ENOTSUP) {
  704         printf("WARNING: Suspend/Resume not supported, skipping test.\n");
  705         OK_(crypt_deactivate(cd, CDEVICE_1));
  706         CRYPT_FREE(cd);
  707         return;
  708     }
  709 
  710     OK_(suspend_status);
  711     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
  712     EQ_(CRYPT_ACTIVATE_SUSPENDED, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
  713 
  714     FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended");
  715 
  716     FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)-1), "wrong key");
  717     OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)));
  718     FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)), "not suspended");
  719 
  720     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
  721     EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
  722 
  723     OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
  724     OK_(crypt_suspend(cd, CDEVICE_1));
  725     FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1 "blah", 0), "wrong keyfile");
  726     FAIL_(crypt_resume_by_keyfile_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 1, 0), "wrong key");
  727     FAIL_(crypt_resume_by_keyfile_device_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 1, 0), "wrong key");
  728     OK_(crypt_resume_by_keyfile_device_offset(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
  729     FAIL_(crypt_resume_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0), "not suspended");
  730     OK_(crypt_deactivate(cd, CDEVICE_1));
  731     CRYPT_FREE(cd);
  732 
  733     /* create LUKS device with detached header */
  734     OK_(crypt_init(&cd, DEVICE_1));
  735     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
  736     OK_(crypt_set_data_device(cd, DEVICE_2));
  737     OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1), 0));
  738     CRYPT_FREE(cd);
  739 
  740     /* Should be able to suspend but not resume if not header specified */
  741     OK_(crypt_init_by_name(&cd, CDEVICE_1));
  742     OK_(crypt_suspend(cd, CDEVICE_1));
  743     FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended");
  744     FAIL_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)-1), "no header");
  745     CRYPT_FREE(cd);
  746 
  747     OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DEVICE_1));
  748     OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEY1, strlen(KEY1)));
  749 
  750     /* Resume by volume key */
  751     OK_(crypt_suspend(cd, CDEVICE_1));
  752     key_size = sizeof(key);
  753     memset(key, 0, key_size);
  754     FAIL_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size), "wrong key");
  755     OK_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, KEY1, strlen(KEY1)));
  756     OK_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size));
  757     OK_(crypt_deactivate(cd, CDEVICE_1));
  758     CRYPT_FREE(cd);
  759 
  760     OK_(get_luks_offsets(0, key_size, 1024*2, 0, NULL, &r_payload_offset));
  761     OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
  762 
  763     /* Resume device with cipher_null */
  764     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
  765     OK_(crypt_set_pbkdf_type(cd, &fast_pbkdf));
  766     OK_(crypt_format(cd, CRYPT_LUKS1, "cipher_null", "ecb", NULL, key, key_size, NULL));
  767     EQ_(0, crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, "", 0));
  768     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  769     OK_(crypt_suspend(cd, CDEVICE_1));
  770     OK_(crypt_resume_by_volume_key(cd, CDEVICE_1, key, key_size));
  771     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
  772     EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
  773     OK_(crypt_suspend(cd, CDEVICE_1));
  774     OK_(crypt_resume_by_passphrase(cd, CDEVICE_1, 0, "", 0));
  775     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
  776     EQ_(0, cad.flags & CRYPT_ACTIVATE_SUSPENDED);
  777     OK_(crypt_deactivate(cd, CDEVICE_1));
  778     CRYPT_FREE(cd);
  779 
  780     _remove_keyfiles();
  781     _cleanup_dmdevices();
  782 }
  783 
  784 static void AddDeviceLuks(void)
  785 {
  786     enum { OFFSET_1M = 2048 , OFFSET_2M = 4096, OFFSET_4M = 8192, OFFSET_8M = 16384 };
  787     struct crypt_params_luks1 params = {
  788         .hash = "sha512",
  789         .data_alignment = OFFSET_1M, // 4M, data offset will be 4096
  790         .data_device = DEVICE_2
  791     };
  792     char key[128], key2[128], key3[128];
  793 
  794     const char *passphrase = "blabla", *passphrase2 = "nsdkFI&Y#.sd";
  795     const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
  796     const char *mk_hex2 = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1e";
  797     size_t key_size = strlen(mk_hex) / 2;
  798     const char *cipher = "aes";
  799     const char *cipher_mode = "cbc-essiv:sha256";
  800     uint64_t r_payload_offset, r_header_size, r_size_1;
  801     struct crypt_pbkdf_type pbkdf;
  802 
  803     crypt_decode_key(key, mk_hex, key_size);
  804     crypt_decode_key(key3, mk_hex2, key_size);
  805 
  806     // init test devices
  807     OK_(get_luks_offsets(1, key_size, 0, 0, &r_header_size, &r_payload_offset));
  808     OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
  809     OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_size - 1));
  810 
  811     // format
  812     OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
  813     params.data_alignment = 0;
  814     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params), "Not enough space for keyslots material");
  815     CRYPT_FREE(cd);
  816 
  817     // test payload_offset = 0 for encrypted device with external header device
  818     OK_(crypt_init(&cd, DMDIR H_DEVICE));
  819     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  820     EQ_(crypt_get_data_offset(cd), 0);
  821     CRYPT_FREE(cd);
  822 
  823     params.data_alignment = 0;
  824     params.data_device = NULL;
  825 
  826     // test payload_offset = 0. format() should look up alignment offset from device topology
  827     OK_(crypt_init(&cd, DEVICE_2));
  828     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  829     OK_(!(crypt_get_data_offset(cd) > 0));
  830     CRYPT_FREE(cd);
  831 
  832     // set_data_offset has priority, alignment must be 0 or must be compatible
  833     params.data_alignment = 0;
  834     OK_(crypt_init(&cd, DEVICE_2));
  835     OK_(crypt_set_data_offset(cd, OFFSET_8M));
  836     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  837     EQ_(crypt_get_data_offset(cd), OFFSET_8M);
  838     CRYPT_FREE(cd);
  839 
  840     // Load gets the value from metadata
  841     OK_(crypt_init(&cd, DEVICE_2));
  842     OK_(crypt_set_data_offset(cd, OFFSET_2M));
  843     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
  844     EQ_(crypt_get_data_offset(cd), OFFSET_8M);
  845     CRYPT_FREE(cd);
  846 
  847     params.data_alignment = OFFSET_4M;
  848     OK_(crypt_init(&cd, DEVICE_2));
  849     FAIL_(crypt_set_data_offset(cd, OFFSET_2M + 1), "Not aligned to 4096"); // must be aligned to 4k
  850     OK_(crypt_set_data_offset(cd, OFFSET_2M));
  851     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params), "Alignment not compatible");
  852     OK_(crypt_set_data_offset(cd, OFFSET_4M));
  853     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  854     EQ_(crypt_get_data_offset(cd), OFFSET_4M);
  855     CRYPT_FREE(cd);
  856 
  857     /*
  858      * test limit values for backing device size
  859      */
  860     params.data_alignment = OFFSET_2M;
  861     OK_(get_luks_offsets(0, key_size, params.data_alignment, 0, NULL, &r_payload_offset));
  862     OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_payload_offset));
  863     OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
  864     //OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset - 1));
  865     OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, 2050 - 1)); //FIXME last keyslot - 1 sector
  866 
  867     // 1 sector less than required
  868     OK_(crypt_init(&cd, DMDIR L_DEVICE_WRONG));
  869     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params), "Device too small");
  870     CRYPT_FREE(cd);
  871 
  872     // 0 sectors for encrypted area
  873     OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
  874     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  875     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Encrypted area too small");
  876     CRYPT_FREE(cd);
  877 
  878     // 1 sector for encrypted area
  879     OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
  880     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  881     EQ_(crypt_get_data_offset(cd), params.data_alignment);
  882     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  883     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  884     OK_(t_device_size(DMDIR CDEVICE_1, &r_size_1));
  885     EQ_(r_size_1, TST_SECTOR_SIZE);
  886     OK_(crypt_deactivate(cd, CDEVICE_1));
  887     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
  888     // restrict format only to empty context
  889     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params), "Context is already formatted");
  890     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, NULL), "Context is already formatted");
  891     // change data device to wrong one
  892     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_0S));
  893     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device too small");
  894     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_1S));
  895     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  896     OK_(crypt_deactivate(cd, CDEVICE_1));
  897     CRYPT_FREE(cd);
  898 
  899     params.data_alignment = 0;
  900     params.data_device = DEVICE_2;
  901 
  902     // generate keyslot material at the end of luks header
  903     OK_(crypt_init(&cd, DMDIR H_DEVICE));
  904     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  905     EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
  906     EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase) ,0), 7);
  907     CRYPT_FREE(cd);
  908     OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
  909     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params), "Context is already formatted");
  910     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  911     CRYPT_FREE(cd);
  912     // check active status without header
  913     OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, NULL));
  914     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  915     NULL_(crypt_get_type(cd));
  916     OK_(strcmp(cipher, crypt_get_cipher(cd)));
  917     OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
  918     EQ_((int)key_size, crypt_get_volume_key_size(cd));
  919     OK_(crypt_deactivate(cd, CDEVICE_1));
  920     CRYPT_FREE(cd);
  921 
  922     params.data_alignment = OFFSET_1M;
  923     params.data_device = NULL;
  924 
  925     // test uuid mismatch and _init_by_name_and_header
  926     OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
  927     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  928     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
  929     EQ_(0, crypt_header_is_detached(cd));
  930     CRYPT_FREE(cd);
  931     params.data_alignment = 0;
  932     params.data_device = DEVICE_2;
  933     OK_(crypt_init(&cd, DMDIR H_DEVICE));
  934     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  935     CRYPT_FREE(cd);
  936     // there we've got uuid mismatch
  937     OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, DMDIR H_DEVICE));
  938     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
  939     NULL_(crypt_get_type(cd));
  940     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device is active");
  941     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0), "Device is active");
  942     EQ_(crypt_status(cd, CDEVICE_2), CRYPT_INACTIVE);
  943     OK_(crypt_deactivate(cd, CDEVICE_1));
  944     FAIL_(crypt_header_is_detached(cd), "no header for mismatched device");
  945     CRYPT_FREE(cd);
  946 
  947     params.data_device = NULL;
  948 
  949     OK_(crypt_init(&cd, DEVICE_2));
  950     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
  951 
  952     // even with no keyslots defined it can be activated by volume key
  953     OK_(crypt_volume_key_verify(cd, key, key_size));
  954     OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, key, key_size, 0));
  955     GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
  956     OK_(crypt_deactivate(cd, CDEVICE_2));
  957 
  958     // now with keyslot
  959     EQ_(7, crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)));
  960     EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 7));
  961     EQ_(7, crypt_activate_by_passphrase(cd, CDEVICE_2, CRYPT_ANY_SLOT, passphrase, strlen(passphrase), 0));
  962     GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
  963     OK_(crypt_deactivate(cd, CDEVICE_2));
  964 
  965     crypt_set_iteration_time(cd, 1);
  966     EQ_(1, crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, KEY1, strlen(KEY1)));
  967 
  968     // PBKDF info (in LUKS1 slots are the same)
  969     FAIL_(crypt_keyslot_get_pbkdf(cd, 1, NULL), "PBKDF struct required");
  970     OK_(crypt_keyslot_get_pbkdf(cd, 1, &pbkdf));
  971     OK_(strcmp(pbkdf.type, CRYPT_KDF_PBKDF2));
  972     OK_(strcmp(pbkdf.hash, params.hash));
  973     OK_(pbkdf.iterations < 1000); /* set by minimum iterations above */
  974     EQ_(0, pbkdf.max_memory_kb);
  975     EQ_(0, pbkdf.parallel_threads);
  976     FAIL_(crypt_keyslot_get_pbkdf(cd, 2, &pbkdf), "Keyslot 2 is inactive.");
  977 
  978     OK_(prepare_keyfile(KEYFILE1, KEY1, strlen(KEY1)));
  979     OK_(prepare_keyfile(KEYFILE2, KEY2, strlen(KEY2)));
  980     EQ_(2, crypt_keyslot_add_by_keyfile(cd, 2, KEYFILE1, 0, KEYFILE2, 0));
  981     FAIL_(crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 1, KEYFILE2, 0, 1), "wrong key");
  982     EQ_(3, crypt_keyslot_add_by_keyfile_offset(cd, 3, KEYFILE1, 0, 0, KEYFILE2, 0, 1));
  983     EQ_(4, crypt_keyslot_add_by_keyfile_offset(cd, 4, KEYFILE2, 0, 1, KEYFILE1, 0, 1));
  984     FAIL_(crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2)-1, 0), "key mismatch");
  985     EQ_(2, crypt_activate_by_keyfile(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
  986     EQ_(3, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE2, 0, 1, 0));
  987     EQ_(4, crypt_activate_by_keyfile_offset(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, 1, 0));
  988     FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, strlen(KEY2), 2, 0), "not enough data");
  989     FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, strlen(KEY2) + 1, 0), "cannot seek");
  990     FAIL_(crypt_activate_by_keyfile_offset(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 2, 0), "wrong key");
  991     EQ_(2, crypt_activate_by_keyfile(cd, CDEVICE_2, CRYPT_ANY_SLOT, KEYFILE2, 0, 0));
  992     OK_(crypt_keyslot_destroy(cd, 1));
  993     OK_(crypt_keyslot_destroy(cd, 2));
  994     OK_(crypt_keyslot_destroy(cd, 3));
  995     OK_(crypt_keyslot_destroy(cd, 4));
  996     OK_(crypt_deactivate(cd, CDEVICE_2));
  997     _remove_keyfiles();
  998 
  999     FAIL_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), "slot used");
 1000     key[1] = ~key[1];
 1001     FAIL_(crypt_keyslot_add_by_volume_key(cd, 6, key, key_size, passphrase, strlen(passphrase)), "key mismatch");
 1002     key[1] = ~key[1];
 1003     EQ_(6, crypt_keyslot_add_by_volume_key(cd, 6, key, key_size, passphrase, strlen(passphrase)));
 1004     EQ_(CRYPT_SLOT_ACTIVE, crypt_keyslot_status(cd, 6));
 1005 
 1006     FAIL_(crypt_keyslot_destroy(cd, 8), "invalid keyslot");
 1007     FAIL_(crypt_keyslot_destroy(cd, CRYPT_ANY_SLOT), "invalid keyslot");
 1008     FAIL_(crypt_keyslot_destroy(cd, 0), "keyslot not used");
 1009     OK_(crypt_keyslot_destroy(cd, 7));
 1010     EQ_(CRYPT_SLOT_INACTIVE, crypt_keyslot_status(cd, 7));
 1011     EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 6));
 1012 
 1013     EQ_(7, crypt_keyslot_change_by_passphrase(cd, 6, 7, passphrase, strlen(passphrase), passphrase2, strlen(passphrase2)));
 1014     EQ_(CRYPT_SLOT_ACTIVE_LAST, crypt_keyslot_status(cd, 7));
 1015     EQ_(7, crypt_activate_by_passphrase(cd, NULL, 7, passphrase2, strlen(passphrase2), 0));
 1016     EQ_(6, crypt_keyslot_change_by_passphrase(cd, CRYPT_ANY_SLOT, 6, passphrase2, strlen(passphrase2), passphrase, strlen(passphrase)));
 1017 
 1018     EQ_(6, crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key2, &key_size, passphrase, strlen(passphrase)));
 1019     OK_(crypt_volume_key_verify(cd, key2, key_size));
 1020 
 1021     OK_(memcmp(key, key2, key_size));
 1022 
 1023     OK_(strcmp(cipher, crypt_get_cipher(cd)));
 1024     OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
 1025     EQ_((int)key_size, crypt_get_volume_key_size(cd));
 1026     EQ_(OFFSET_2M, crypt_get_data_offset(cd));
 1027     OK_(strcmp(DEVICE_2, crypt_get_device_name(cd)));
 1028 
 1029     reset_log();
 1030     OK_(crypt_dump(cd));
 1031     OK_(!(global_lines != 0));
 1032     reset_log();
 1033     FAIL_(crypt_dump_json(cd, NULL, 0), "LUKS1 not supported");
 1034 
 1035     FAIL_(crypt_set_uuid(cd, "blah"), "wrong UUID format");
 1036     OK_(crypt_set_uuid(cd, DEVICE_TEST_UUID));
 1037     OK_(strcmp(DEVICE_TEST_UUID, crypt_get_uuid(cd)));
 1038 
 1039     FAIL_(crypt_deactivate(cd, CDEVICE_2), "not active");
 1040     CRYPT_FREE(cd);
 1041 
 1042     // No benchmark PBKDF2
 1043     pbkdf.flags = CRYPT_PBKDF_NO_BENCHMARK;
 1044     pbkdf.hash = "sha256";
 1045     pbkdf.iterations = 1000;
 1046     pbkdf.time_ms = 0;
 1047 
 1048     OK_(crypt_init(&cd, DEVICE_2));
 1049     OK_(crypt_set_pbkdf_type(cd, &pbkdf));
 1050     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1051     CRYPT_FREE(cd);
 1052 
 1053     _cleanup_dmdevices();
 1054 }
 1055 
 1056 static void UseTempVolumes(void)
 1057 {
 1058     char tmp[256];
 1059 
 1060     // Tepmporary device without keyslot but with on-disk LUKS header
 1061     OK_(crypt_init(&cd, DEVICE_2));
 1062     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "not yet formatted");
 1063     OK_(crypt_format(cd, CRYPT_LUKS1, "aes", "cbc-essiv:sha256", NULL, NULL, 16, NULL));
 1064     OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0));
 1065     GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
 1066     CRYPT_FREE(cd);
 1067 
 1068     OK_(crypt_init_by_name(&cd, CDEVICE_2));
 1069     OK_(crypt_deactivate(cd, CDEVICE_2));
 1070     CRYPT_FREE(cd);
 1071 
 1072     // Dirty checks: device without UUID
 1073     // we should be able to remove it but not manipulate with it
 1074     snprintf(tmp, sizeof(tmp), "dmsetup create %s --table \""
 1075         "0 100 crypt aes-cbc-essiv:sha256 deadbabedeadbabedeadbabedeadbabe 0 "
 1076         "%s 2048\"", CDEVICE_2, DEVICE_2);
 1077     _system(tmp, 1);
 1078     OK_(crypt_init_by_name(&cd, CDEVICE_2));
 1079     OK_(crypt_deactivate(cd, CDEVICE_2));
 1080     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "No known device type");
 1081     CRYPT_FREE(cd);
 1082 
 1083     // Dirty checks: device with UUID but LUKS header key fingerprint must fail)
 1084     snprintf(tmp, sizeof(tmp), "dmsetup create %s --table \""
 1085         "0 100 crypt aes-cbc-essiv:sha256 deadbabedeadbabedeadbabedeadbabe 0 "
 1086         "%s 2048\" -u CRYPT-LUKS1-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-ctest1",
 1087          CDEVICE_2, DEVICE_2);
 1088     _system(tmp, 1);
 1089     OK_(crypt_init_by_name(&cd, CDEVICE_2));
 1090     OK_(crypt_deactivate(cd, CDEVICE_2));
 1091     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "wrong volume key");
 1092     CRYPT_FREE(cd);
 1093 
 1094     // No slots
 1095     OK_(crypt_init(&cd, DEVICE_2));
 1096     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1097     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, NULL, 0, 0), "volume key is lost");
 1098     CRYPT_FREE(cd);
 1099 
 1100     // Plain device
 1101     OK_(crypt_init(&cd, DEVICE_2));
 1102     OK_(crypt_format(cd, CRYPT_PLAIN, "aes", "cbc-essiv:sha256", NULL, NULL, 16, NULL));
 1103     FAIL_(crypt_activate_by_volume_key(cd, NULL, "xxx", 3, 0), "cannot verify key with plain");
 1104     FAIL_(crypt_volume_key_verify(cd, "xxx", 3), "cannot verify key with plain");
 1105     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_2, "xxx", 3, 0), "wrong key length");
 1106     OK_(crypt_activate_by_volume_key(cd, CDEVICE_2, "volumekeyvolumek", 16, 0));
 1107     GE_(crypt_status(cd, CDEVICE_2), CRYPT_ACTIVE);
 1108     OK_(crypt_deactivate(cd, CDEVICE_2));
 1109     CRYPT_FREE(cd);
 1110 }
 1111 
 1112 static void LuksHeaderRestore(void)
 1113 {
 1114     struct crypt_params_luks1 params = {
 1115         .hash = "sha512",
 1116         .data_alignment = 2048, // 4M, data offset will be 4096
 1117     };
 1118     struct crypt_params_plain pl_params = {
 1119         .hash = "sha1",
 1120         .skip = 0,
 1121         .offset = 0,
 1122         .size = 0
 1123     };
 1124     char key[128], key2[128], cmd[256];
 1125 
 1126     const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
 1127     size_t key_size = strlen(mk_hex) / 2;
 1128     const char *cipher = "aes";
 1129     const char *cipher_mode = "cbc-essiv:sha256";
 1130     uint64_t r_payload_offset;
 1131 
 1132     crypt_decode_key(key, mk_hex, key_size);
 1133 
 1134     OK_(get_luks_offsets(0, key_size, params.data_alignment, 0, NULL, &r_payload_offset));
 1135     OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 5000));
 1136 
 1137     // do not restore header over plain device
 1138     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1139     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, NULL, key_size, &pl_params));
 1140     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1141     FAIL_(crypt_header_restore(cd, CRYPT_PLAIN, VALID_HEADER), "Cannot restore header to PLAIN type device");
 1142     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, VALID_HEADER), "Cannot restore header over PLAIN type device");
 1143     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1144     OK_(crypt_deactivate(cd, CDEVICE_1));
 1145     CRYPT_FREE(cd);
 1146 
 1147     // invalid headers
 1148     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1149     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1150     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_1), "Header corrupted");
 1151     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_2), "Header corrupted");
 1152     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_3), "Header corrupted");
 1153     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_4), "Header too small");
 1154     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_5), "Header corrupted");
 1155     OK_(crypt_header_restore(cd, CRYPT_LUKS1, VALID_HEADER));
 1156     // wipe valid luks header
 1157     snprintf(cmd, sizeof(cmd), "dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 count=%" PRIu64 " 2>/dev/null", r_payload_offset);
 1158     OK_(_system(cmd, 1));
 1159     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_1), "Header corrupted");
 1160     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_2), "Header corrupted");
 1161     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_3), "Header corrupted");
 1162     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_4), "Header too small");
 1163     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, EVL_HEADER_5), "Header corrupted");
 1164     OK_(crypt_header_restore(cd, CRYPT_LUKS1, VALID_HEADER));
 1165     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1166     OK_(crypt_deactivate(cd, CDEVICE_1));
 1167     CRYPT_FREE(cd);
 1168 
 1169     // volume key_size mismatch
 1170     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1171     memcpy(key2, key, key_size / 2);
 1172     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key2, key_size / 2, &params));
 1173     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, VALID_HEADER), "Volume keysize mismatch");
 1174     CRYPT_FREE(cd);
 1175 
 1176     // payload offset mismatch
 1177     params.data_alignment = 8192;
 1178     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1179     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1180     FAIL_(crypt_header_restore(cd, CRYPT_LUKS1, VALID_HEADER), "Payload offset mismatch");
 1181     //_system("dmsetup table;sleep 1",1);
 1182     CRYPT_FREE(cd);
 1183 
 1184     /* check crypt_header_restore() properly loads crypt_device context */
 1185     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1186     OK_(crypt_wipe(cd, NULL, CRYPT_WIPE_ZERO, 0, 1*1024*1024, 1*1024*1024, 0, NULL, NULL));
 1187     OK_(crypt_header_restore(cd, CRYPT_LUKS1, VALID_HEADER));
 1188     OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
 1189     /* same test, any LUKS */
 1190     OK_(crypt_wipe(cd, NULL, CRYPT_WIPE_ZERO, 0, 1*1024*1024, 1*1024*1024, 0, NULL, NULL));
 1191     OK_(crypt_header_restore(cd, CRYPT_LUKS, VALID_HEADER));
 1192     OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
 1193 
 1194     CRYPT_FREE(cd);
 1195 
 1196     _cleanup_dmdevices();
 1197 }
 1198 
 1199 static void LuksHeaderLoad(void)
 1200 {
 1201     struct crypt_params_luks1 params = {
 1202         .hash = "sha512",
 1203         .data_alignment = 2048,
 1204     };
 1205     struct crypt_params_plain pl_params = {
 1206         .hash = "sha1",
 1207         .skip = 0,
 1208         .offset = 0,
 1209         .size = 0
 1210     };
 1211     char key[128], cmd[256];
 1212 
 1213     const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
 1214     size_t key_size = strlen(mk_hex) / 2;
 1215     const char *cipher = "aes";
 1216     const char *cipher_mode = "cbc-essiv:sha256";
 1217     uint64_t r_payload_offset, r_header_size;
 1218     uint64_t mdata_size, keyslots_size;
 1219 
 1220     crypt_decode_key(key, mk_hex, key_size);
 1221 
 1222     // prepare test env
 1223     OK_(get_luks_offsets(0, key_size, params.data_alignment, 0, &r_header_size, &r_payload_offset));
 1224     // external header device
 1225     OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
 1226     // prepared header on a device too small to contain header and payload
 1227     //OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_payload_offset - 1));
 1228     OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, 2050 - 1)); //FIXME
 1229     //snprintf(cmd, sizeof(cmd), "dd if=" EVL_HEADER_4 " of=" DMDIR H_DEVICE_WRONG " bs=512 count=%" PRIu64, r_payload_offset - 1);
 1230     snprintf(cmd, sizeof(cmd), "dd if=" EVL_HEADER_4 " of=" DMDIR H_DEVICE_WRONG " bs=512 count=%d 2>/dev/null", 2050 - 1);
 1231     OK_(_system(cmd, 1));
 1232     // some device
 1233     OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
 1234     // 1 sector device
 1235     OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
 1236     // 0 sectors device for payload
 1237     OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_payload_offset));
 1238 
 1239     // valid metadata and device size
 1240     params.data_alignment = 0;
 1241     params.data_device = DMDIR L_DEVICE_OK;
 1242     OK_(crypt_init(&cd, DMDIR H_DEVICE));
 1243     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1244     CRYPT_FREE(cd);
 1245     OK_(crypt_init(&cd, DMDIR H_DEVICE));
 1246     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1247     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
 1248     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1249     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1250     OK_(!crypt_get_metadata_device_name(cd));
 1251     EQ_(strcmp(DMDIR H_DEVICE, crypt_get_metadata_device_name(cd)), 0);
 1252     OK_(crypt_deactivate(cd, CDEVICE_1));
 1253     EQ_(1, crypt_header_is_detached(cd));
 1254     CRYPT_FREE(cd);
 1255 
 1256     // repeat with init with two devices
 1257     OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
 1258     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1259     CRYPT_FREE(cd);
 1260     OK_(crypt_init_data_device(&cd, DMDIR H_DEVICE, DMDIR L_DEVICE_OK));
 1261     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1262     OK_(!crypt_get_metadata_device_name(cd));
 1263     EQ_(strcmp(DMDIR H_DEVICE, crypt_get_metadata_device_name(cd)), 0);
 1264     EQ_(1, crypt_header_is_detached(cd));
 1265     CRYPT_FREE(cd);
 1266 
 1267     // bad header: device too small (payloadOffset > device_size)
 1268     OK_(crypt_init(&cd, DMDIR H_DEVICE_WRONG));
 1269     FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "Device too small");
 1270     NULL_(crypt_get_type(cd));
 1271     CRYPT_FREE(cd);
 1272 
 1273     // 0 secs for encrypted data area
 1274     params.data_alignment = 2048;
 1275     params.data_device = NULL;
 1276     OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
 1277     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1278     FAIL_(crypt_set_metadata_size(cd, 0x004000, 0x004000), "Wrong context type");
 1279     OK_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size));
 1280     EQ_(mdata_size, LUKS_ALIGN_KEYSLOTS);
 1281     EQ_(keyslots_size, r_header_size * TST_SECTOR_SIZE - mdata_size);
 1282     CRYPT_FREE(cd);
 1283     // load should be ok
 1284     OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
 1285     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1286     FAIL_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0), "Device too small");
 1287     EQ_(crypt_status(cd, CDEVICE_1), CRYPT_INACTIVE);
 1288     CRYPT_FREE(cd);
 1289 
 1290     // damaged header
 1291     OK_(_system("dd if=/dev/zero of=" DMDIR L_DEVICE_OK " bs=512 count=8 2>/dev/null", 1));
 1292     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1293     FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "Header not found");
 1294     CRYPT_FREE(cd);
 1295 
 1296     // plain device
 1297     OK_(crypt_init(&cd, DMDIR H_DEVICE));
 1298     FAIL_(crypt_load(cd, CRYPT_PLAIN, NULL), "Can't load nonLUKS device type");
 1299     CRYPT_FREE(cd);
 1300     OK_(crypt_init(&cd, DMDIR H_DEVICE));
 1301     OK_(crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode, NULL, key, key_size, &pl_params));
 1302     FAIL_(crypt_load(cd, CRYPT_LUKS1, NULL), "Can't load over nonLUKS device type");
 1303     FAIL_(crypt_set_metadata_size(cd, 0x004000, 0x004000), "Wrong context type");
 1304     FAIL_(crypt_get_metadata_size(cd, &mdata_size, &keyslots_size), "Wrong context type");
 1305     CRYPT_FREE(cd);
 1306 
 1307     /* check load sets proper device type */
 1308     OK_(crypt_init(&cd, DMDIR L_DEVICE_0S));
 1309     OK_(crypt_load(cd, CRYPT_LUKS, NULL));
 1310     EQ_(strcmp(CRYPT_LUKS1, crypt_get_type(cd)), 0);
 1311     CRYPT_FREE(cd);
 1312 
 1313     _cleanup_dmdevices();
 1314 }
 1315 
 1316 static void LuksHeaderBackup(void)
 1317 {
 1318     struct crypt_params_luks1 params = {
 1319         .hash = "sha512",
 1320         .data_alignment = 2048,
 1321     };
 1322     char key[128];
 1323     int fd, ro = O_RDONLY;
 1324 
 1325     const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
 1326     size_t key_size = strlen(mk_hex) / 2;
 1327     const char *cipher = "aes";
 1328     const char *cipher_mode = "cbc-essiv:sha256";
 1329     uint64_t r_payload_offset;
 1330 
 1331     const char *passphrase = PASSPHRASE;
 1332 
 1333     crypt_decode_key(key, mk_hex, key_size);
 1334 
 1335     OK_(get_luks_offsets(0, key_size, params.data_alignment, 0, NULL, &r_payload_offset));
 1336     OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
 1337 
 1338     // create LUKS device and backup the header
 1339     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1340     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1341     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1342     EQ_(crypt_keyslot_add_by_volume_key(cd, 7, key, key_size, passphrase, strlen(passphrase)), 7);
 1343     EQ_(crypt_keyslot_add_by_volume_key(cd, 0, key, key_size, passphrase, strlen(passphrase)), 0);
 1344     OK_(crypt_header_backup(cd, CRYPT_LUKS1, BACKUP_FILE));
 1345     OK_(crypt_deactivate(cd, CDEVICE_1));
 1346     CRYPT_FREE(cd);
 1347 
 1348     // restore header from backup
 1349     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1350     OK_(crypt_header_restore(cd, CRYPT_LUKS1, BACKUP_FILE));
 1351     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1352     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1353     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1354     OK_(crypt_deactivate(cd, CDEVICE_1));
 1355     EQ_(0, crypt_header_is_detached(cd));
 1356     CRYPT_FREE(cd);
 1357 
 1358     // exercise luksOpen using backup header in file
 1359     OK_(crypt_init(&cd, BACKUP_FILE));
 1360     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1361     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
 1362     EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, passphrase, strlen(passphrase), 0), 0);
 1363     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1364     OK_(crypt_deactivate(cd, CDEVICE_1));
 1365     EQ_(1, crypt_header_is_detached(cd));
 1366     CRYPT_FREE(cd);
 1367 
 1368     OK_(crypt_init(&cd, BACKUP_FILE));
 1369     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1370     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
 1371     EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase), 0), 7);
 1372     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1373     OK_(crypt_deactivate(cd, CDEVICE_1));
 1374     CRYPT_FREE(cd);
 1375 
 1376     // exercise luksOpen using backup header on block device
 1377     fd = loop_attach(&DEVICE_3, BACKUP_FILE, 0, 0, &ro);
 1378     NOTFAIL_(fd, "Bad loop device.");
 1379     close(fd);
 1380     OK_(crypt_init(&cd, DEVICE_3));
 1381     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1382     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
 1383     EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, passphrase, strlen(passphrase), 0), 0);
 1384     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1385     OK_(crypt_deactivate(cd, CDEVICE_1));
 1386     CRYPT_FREE(cd);
 1387 
 1388     OK_(crypt_init(&cd, DEVICE_3));
 1389     OK_(crypt_load(cd, CRYPT_LUKS1, NULL));
 1390     OK_(crypt_set_data_device(cd, DMDIR L_DEVICE_OK));
 1391     EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 7, passphrase, strlen(passphrase), 0), 7);
 1392     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1393     OK_(crypt_deactivate(cd, CDEVICE_1));
 1394     CRYPT_FREE(cd);
 1395 
 1396     _cleanup_dmdevices();
 1397 }
 1398 
 1399 static void ResizeDeviceLuks(void)
 1400 {
 1401     struct crypt_params_luks1 params = {
 1402         .hash = "sha512",
 1403         .data_alignment = 2048,
 1404     };
 1405     char key[128];
 1406 
 1407     const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
 1408     size_t key_size = strlen(mk_hex) / 2;
 1409     const char *cipher = "aes";
 1410     const char *cipher_mode = "cbc-essiv:sha256";
 1411     uint64_t r_payload_offset, r_header_size, r_size;
 1412 
 1413     crypt_decode_key(key, mk_hex, key_size);
 1414 
 1415     // prepare env
 1416     OK_(get_luks_offsets(0, key_size, params.data_alignment, 0, NULL, &r_payload_offset));
 1417     OK_(get_luks_offsets(1, key_size, 0, 0, &r_header_size, NULL));
 1418     OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
 1419     OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
 1420     OK_(create_dmdevice_over_loop(L_DEVICE_0S, 1000));
 1421     OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset + 1000));
 1422 
 1423     // test header and encrypted payload all in one device
 1424     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1425     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1426     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1427     OK_(crypt_resize(cd, CDEVICE_1, 42));
 1428     if (!t_device_size(DMDIR CDEVICE_1, &r_size))
 1429         EQ_(42, r_size >> TST_SECTOR_SHIFT);
 1430     // autodetect encrypted device area size
 1431     OK_(crypt_resize(cd, CDEVICE_1, 0));
 1432     if (!t_device_size(DMDIR CDEVICE_1, &r_size))
 1433         EQ_(1000, r_size >> TST_SECTOR_SHIFT);
 1434     FAIL_(crypt_resize(cd, CDEVICE_1, 1001), "Device too small");
 1435     if (!t_device_size(DMDIR CDEVICE_1, &r_size))
 1436         EQ_(1000, r_size >> TST_SECTOR_SHIFT);
 1437     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1438     OK_(crypt_deactivate(cd, CDEVICE_1));
 1439     CRYPT_FREE(cd);
 1440 
 1441     params.data_alignment = 0;
 1442     params.data_device = DMDIR L_DEVICE_0S;
 1443     // test case for external header
 1444     OK_(crypt_init(&cd, DMDIR H_DEVICE));
 1445     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1446     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1447     OK_(crypt_resize(cd, CDEVICE_1, 666));
 1448     if (!t_device_size(DMDIR CDEVICE_1, &r_size))
 1449         EQ_(666, r_size >> TST_SECTOR_SHIFT);
 1450     // autodetect encrypted device size
 1451     OK_(crypt_resize(cd, CDEVICE_1, 0));
 1452     if (!t_device_size(DMDIR CDEVICE_1, &r_size))
 1453         EQ_(1000, r_size >> TST_SECTOR_SHIFT);
 1454     FAIL_(crypt_resize(cd, CDEVICE_1, 1001), "Device too small");
 1455     if (!t_device_size(DMDIR CDEVICE_1, &r_size))
 1456         EQ_(1000, r_size >> TST_SECTOR_SHIFT);
 1457     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1458     OK_(crypt_deactivate(cd, CDEVICE_1));
 1459     CRYPT_FREE(cd);
 1460 
 1461     OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 1462     OK_(crypt_load(cd, NULL, NULL));
 1463     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
 1464 
 1465     /* do not allow resize of other device */
 1466     OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
 1467     OK_(crypt_format(cd2, CRYPT_LUKS1, cipher, cipher_mode, crypt_get_uuid(cd), key, key_size, &params));
 1468     OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
 1469     FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
 1470     OK_(crypt_deactivate(cd2, CDEVICE_2));
 1471     CRYPT_FREE(cd2);
 1472 
 1473     OK_(crypt_init(&cd2, DMDIR L_DEVICE_WRONG));
 1474     OK_(crypt_format(cd2, CRYPT_PLAIN, cipher, cipher_mode, NULL, key, key_size, NULL));
 1475     OK_(crypt_activate_by_volume_key(cd2, CDEVICE_2, key, key_size, 0));
 1476     FAIL_(crypt_resize(cd2, CDEVICE_1, 1), "Device got resized by wrong device context.");
 1477     OK_(crypt_deactivate(cd2, CDEVICE_2));
 1478     CRYPT_FREE(cd2);
 1479 
 1480     OK_(crypt_deactivate(cd, CDEVICE_1));
 1481     CRYPT_FREE(cd);
 1482 
 1483     _cleanup_dmdevices();
 1484 }
 1485 
 1486 static void HashDevicePlain(void)
 1487 {
 1488     struct crypt_params_plain params = {
 1489         .hash = NULL,
 1490         .skip = 0,
 1491         .offset = 0,
 1492     };
 1493 
 1494     size_t key_size;
 1495     const char *mk_hex, *keystr;
 1496     char key[256];
 1497 
 1498     OK_(crypt_init(&cd, DEVICE_1));
 1499     OK_(crypt_format(cd, CRYPT_PLAIN, "aes", "cbc-essiv:sha256", NULL, NULL, 16, &params));
 1500 
 1501     // hash PLAIN, short key
 1502     OK_(prepare_keyfile(KEYFILE1, "tooshort", 8));
 1503     FAIL_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 16, 0), "not enough data in keyfile");
 1504     _remove_keyfiles();
 1505 
 1506     // hash PLAIN, exact key
 1507     //         0 1 2 3 4 5 6 7 8 9 a b c d e f
 1508     mk_hex = "caffeecaffeecaffeecaffeecaffee88";
 1509     key_size = 16;
 1510     crypt_decode_key(key, mk_hex, key_size);
 1511     OK_(prepare_keyfile(KEYFILE1, key, key_size));
 1512     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, key_size, 0));
 1513     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1514     OK_(strcmp(key, mk_hex));
 1515     OK_(crypt_deactivate(cd, CDEVICE_1));
 1516 
 1517     // Limit plain key
 1518     mk_hex = "caffeecaffeecaffeecaffeeca000000";
 1519     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, key_size - 3, 0));
 1520     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1521     OK_(strcmp(key, mk_hex));
 1522     OK_(crypt_deactivate(cd, CDEVICE_1));
 1523 
 1524     _remove_keyfiles();
 1525 
 1526     // hash PLAIN, long key
 1527     //         0 1 2 3 4 5 6 7 8 9 a b c d e f
 1528     mk_hex = "caffeecaffeecaffeecaffeecaffee88babebabe";
 1529     key_size = 16;
 1530     crypt_decode_key(key, mk_hex, key_size);
 1531     OK_(prepare_keyfile(KEYFILE1, key, strlen(mk_hex) / 2));
 1532     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, key_size, 0));
 1533     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1534     FAIL_(strcmp(key, mk_hex), "only key length used");
 1535     OK_(strncmp(key, mk_hex, key_size));
 1536     OK_(crypt_deactivate(cd, CDEVICE_1));
 1537 
 1538     // Now without explicit limit
 1539     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
 1540     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1541     FAIL_(strcmp(key, mk_hex), "only key length used");
 1542     OK_(strncmp(key, mk_hex, key_size));
 1543     OK_(crypt_deactivate(cd, CDEVICE_1));
 1544     CRYPT_FREE(cd);
 1545 
 1546     _remove_keyfiles();
 1547 
 1548     // Handling of legacy "plain" hash (no hash)
 1549     params.hash = "plain";
 1550     //         0 1 2 3 4 5 6 7 8 9 a b c d e f
 1551     mk_hex = "aabbcaffeecaffeecaffeecaffeecaff";
 1552     key_size = 16;
 1553     crypt_decode_key(key, mk_hex, key_size);
 1554     OK_(prepare_keyfile(KEYFILE1, key, strlen(mk_hex) / 2));
 1555     OK_(crypt_init(&cd, DEVICE_1));
 1556     OK_(crypt_format(cd, CRYPT_PLAIN, "aes", "cbc-essiv:sha256", NULL, NULL, 16, &params));
 1557     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, key_size, 0));
 1558     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1559     OK_(strcmp(key, mk_hex));
 1560     OK_(crypt_deactivate(cd, CDEVICE_1));
 1561     CRYPT_FREE(cd);
 1562 
 1563     _remove_keyfiles();
 1564 
 1565     // hash sha256
 1566     params.hash = "sha256";
 1567     OK_(crypt_init(&cd, DEVICE_1));
 1568     OK_(crypt_format(cd, CRYPT_PLAIN, "aes", "cbc-essiv:sha256", NULL, NULL, 16, &params));
 1569 
 1570     //         0 1 2 3 4 5 6 7 8 9 a b c d e f
 1571     mk_hex = "c62e4615bd39e222572f3a1bf7c2132e";
 1572     keystr = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
 1573     key_size = strlen(keystr); // 32
 1574     OK_(prepare_keyfile(KEYFILE1, keystr, strlen(keystr)));
 1575     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, key_size, 0));
 1576     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1577     OK_(strcmp(key, mk_hex));
 1578     OK_(crypt_deactivate(cd, CDEVICE_1));
 1579 
 1580     // Read full keyfile
 1581     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
 1582     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1583     OK_(strcmp(key, mk_hex));
 1584     OK_(crypt_deactivate(cd, CDEVICE_1));
 1585 
 1586     _remove_keyfiles();
 1587 
 1588     // Limit keyfile read
 1589     keystr = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxAAAAAAAA";
 1590     OK_(prepare_keyfile(KEYFILE1, keystr, strlen(keystr)));
 1591     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, key_size, 0));
 1592     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1593     OK_(strcmp(key, mk_hex));
 1594     OK_(crypt_deactivate(cd, CDEVICE_1));
 1595 
 1596     // Full keyfile
 1597     OK_(crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
 1598     OK_(get_key_dm(CDEVICE_1, key, sizeof(key)));
 1599     OK_(strcmp(key, "0e49cb34a1dee1df33f6505e4de44a66"));
 1600     OK_(crypt_deactivate(cd, CDEVICE_1));
 1601 
 1602     _remove_keyfiles();
 1603 
 1604     // FIXME: add keyfile="-" tests somehow
 1605 
 1606     CRYPT_FREE(cd);
 1607 }
 1608 
 1609 static void VerityTest(void)
 1610 {
 1611     const char *salt_hex =  "20c28ffc129c12360ba6ceea2b6cf04e89c2b41cfe6b8439eb53c1897f50df7b";
 1612     const char *root_hex =  "ab018b003a967fc782effb293b6dccb60b4f40c06bf80d16391acf686d28b5d6";
 1613     char salt[256], root_hash[256], root_hash_out[256];
 1614     size_t root_hash_out_size = 256;
 1615     struct crypt_active_device cad;
 1616     struct crypt_params_verity params = {
 1617         .data_device = DEVICE_EMPTY,
 1618         .salt = salt,
 1619         .data_size = 0, /* whole device */
 1620         .hash_area_offset = 0,
 1621         .flags = CRYPT_VERITY_CREATE_HASH,
 1622     };
 1623 
 1624     crypt_decode_key(salt, salt_hex, strlen(salt_hex) / 2);
 1625     crypt_decode_key(root_hash, root_hex, strlen(root_hex) / 2);
 1626 
 1627     /* Format */
 1628     OK_(crypt_init(&cd, DEVICE_2));
 1629 
 1630     /* block size */
 1631     params.data_block_size = 333;
 1632     FAIL_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params),
 1633         "Unsupported block size.");
 1634     params.data_block_size = 4096;
 1635     params.hash_block_size = 333;
 1636     FAIL_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params),
 1637         "Unsupported block size.");
 1638     params.hash_block_size = 4096;
 1639 
 1640     /* salt size */
 1641     params.salt_size = 257;
 1642     FAIL_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params),
 1643         "Too large salt.");
 1644     params.salt_size = 32;
 1645 
 1646     /* hash_type */
 1647     params.hash_type = 3;
 1648     FAIL_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params),
 1649         "Unsupported hash type.");
 1650     params.hash_type = 1;
 1651     params.hash_name = "blah";
 1652     FAIL_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params),
 1653         "Unsupported hash name.");
 1654     params.hash_name = "sha256";
 1655 
 1656     OK_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params));
 1657     CRYPT_FREE(cd);
 1658 
 1659     params.data_device = NULL;
 1660     OK_(crypt_init_data_device(&cd, DEVICE_2, DEVICE_EMPTY));
 1661     OK_(crypt_format(cd, CRYPT_VERITY, NULL, NULL, NULL, NULL, 0, &params));
 1662     EQ_(strcmp(DEVICE_2, crypt_get_metadata_device_name(cd)), 0);
 1663     CRYPT_FREE(cd);
 1664 
 1665     /* Verify */
 1666     OK_(crypt_init(&cd, DEVICE_2));
 1667     memset(&params, 0, sizeof(params));
 1668     params.data_device = DEVICE_EMPTY;
 1669     params.flags = CRYPT_VERITY_CHECK_HASH;
 1670     OK_(crypt_load(cd, CRYPT_VERITY, &params));
 1671 
 1672     /* check verity params */
 1673     EQ_(crypt_get_volume_key_size(cd), 32);
 1674     OK_(strcmp(CRYPT_VERITY, crypt_get_type(cd)));
 1675     memset(&params, 0, sizeof(params));
 1676     OK_(crypt_get_verity_info(cd, &params));
 1677     OK_(strcmp("sha256", params.hash_name));
 1678     EQ_(strlen(salt_hex) / 2, params.salt_size);
 1679     OK_(memcmp(salt, params.salt, params.salt_size));
 1680     EQ_(4096, params.data_block_size);
 1681     EQ_(4096, params.hash_block_size);
 1682     EQ_(1, params.hash_type);
 1683     EQ_(crypt_get_volume_key_size(cd), 32);
 1684 
 1685     OK_(crypt_activate_by_volume_key(cd, NULL, root_hash, 32, 0));
 1686     OK_(crypt_set_data_device(cd, DEVICE_1));
 1687     FAIL_(crypt_activate_by_volume_key(cd, NULL, root_hash, 32, 0), "Data corrupted");;
 1688 
 1689     OK_(crypt_set_data_device(cd, DEVICE_EMPTY));
 1690     if (crypt_activate_by_volume_key(cd, CDEVICE_1, root_hash, 32,
 1691         CRYPT_ACTIVATE_READONLY) == -ENOTSUP) {
 1692         printf("WARNING: kernel dm-verity not supported, skipping test.\n");
 1693         CRYPT_FREE(cd);
 1694         return;
 1695     }
 1696     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
 1697     EQ_(CRYPT_ACTIVATE_READONLY, cad.flags);
 1698     CRYPT_FREE(cd);
 1699 
 1700     OK_(crypt_init_by_name(&cd, CDEVICE_1));
 1701     memset(root_hash_out, 0, root_hash_out_size);
 1702     OK_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, root_hash_out, &root_hash_out_size, NULL, 0));
 1703     EQ_(32, root_hash_out_size);
 1704     OK_(memcmp(root_hash, root_hash_out, root_hash_out_size));
 1705     OK_(crypt_deactivate(cd, CDEVICE_1));
 1706 
 1707     /* hash fail */
 1708     root_hash[1] = ~root_hash[1];
 1709     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, root_hash, 32, CRYPT_ACTIVATE_READONLY));
 1710     /* Be sure there was some read activity to mark device corrupted. */
 1711     _system("blkid " DMDIR CDEVICE_1, 0);
 1712     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
 1713     EQ_(CRYPT_ACTIVATE_READONLY|CRYPT_ACTIVATE_CORRUPTED, cad.flags);
 1714     OK_(crypt_deactivate(cd, CDEVICE_1));
 1715     root_hash[1] = ~root_hash[1];
 1716 
 1717     /* data fail */
 1718     OK_(crypt_set_data_device(cd, DEVICE_1));
 1719     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, root_hash, 32, CRYPT_ACTIVATE_READONLY));
 1720     _system("blkid " DMDIR CDEVICE_1, 0);
 1721     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
 1722     EQ_(CRYPT_ACTIVATE_READONLY|CRYPT_ACTIVATE_CORRUPTED, cad.flags);
 1723     OK_(crypt_deactivate(cd, CDEVICE_1));
 1724 
 1725     CRYPT_FREE(cd);
 1726 }
 1727 
 1728 static void TcryptTest(void)
 1729 {
 1730     struct crypt_active_device cad;
 1731     const char *passphrase = "aaaaaaaaaaaa";
 1732     const char *kf1 = "tcrypt-images/keyfile1";
 1733     const char *kf2 = "tcrypt-images/keyfile2";
 1734     const char *keyfiles[] = { kf1, kf2 };
 1735     struct crypt_params_tcrypt params = {
 1736         .passphrase = passphrase,
 1737         .passphrase_size = strlen(passphrase),
 1738         .keyfiles = keyfiles,
 1739         .keyfiles_count = 2,
 1740     };
 1741     double enc_mbr = 0, dec_mbr = 0;
 1742     const char *tcrypt_dev = "tcrypt-images/tck_5-sha512-xts-aes";
 1743     const char *tcrypt_dev2 = "tcrypt-images/tc_5-sha512-xts-serpent-twofish-aes";
 1744     size_t key_size = 64;
 1745     char key[64], key_def[64];
 1746     const char *key_hex =
 1747         "98dee64abe44bbf41d171c1f7b3e8eacda6d6b01f459097459a167f8c2872a96"
 1748         "3979531d1cdc18af62757cf22286f16f8583d848524f128d7594ac2082668c73";
 1749     int r;
 1750 
 1751     crypt_decode_key(key_def, key_hex, strlen(key_hex) / 2);
 1752 
 1753     // First ensure we can use af_alg skcipher interface
 1754     r = crypt_benchmark(NULL, "aes", "xts", 512, 16, 1024, &enc_mbr, &dec_mbr);
 1755     if (r == -ENOTSUP || r == -ENOENT) {
 1756         printf("WARNING: algif_skcipher interface not present, skipping test.\n");
 1757         return;
 1758     }
 1759 
 1760     OK_(crypt_init(&cd, tcrypt_dev));
 1761     params.passphrase_size--;
 1762     FAIL_(crypt_load(cd, CRYPT_TCRYPT, &params), "Wrong passphrase");
 1763     params.passphrase_size++;
 1764     OK_(crypt_load(cd, CRYPT_TCRYPT, &params));
 1765 
 1766     // check params after load
 1767     OK_(strcmp("xts-plain64", crypt_get_cipher_mode(cd)));
 1768     OK_(strcmp("aes", crypt_get_cipher(cd)));
 1769     EQ_(key_size, crypt_get_volume_key_size(cd));
 1770     EQ_(256, crypt_get_iv_offset(cd));
 1771     EQ_(256, crypt_get_data_offset(cd));
 1772 
 1773     memset(key, 0, key_size);
 1774 
 1775     key_size--;
 1776     // small buffer
 1777     FAIL_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, NULL, 0), "small buffer");
 1778     key_size++;
 1779     OK_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, NULL, 0));
 1780     OK_(memcmp(key, key_def, key_size));
 1781 
 1782     reset_log();
 1783     OK_(crypt_dump(cd));
 1784     OK_(!(global_lines != 0));
 1785     reset_log();
 1786 
 1787     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, NULL, 0, CRYPT_ACTIVATE_READONLY));
 1788     NULL_(crypt_get_metadata_device_name(cd));
 1789     CRYPT_FREE(cd);
 1790 
 1791     OK_(crypt_init_by_name_and_header(&cd, CDEVICE_1, NULL));
 1792     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1793 
 1794     FAIL_(crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size, NULL, 0), "Need crypt_load");
 1795 
 1796     // check params after init_by_name
 1797     OK_(strcmp("xts-plain64", crypt_get_cipher_mode(cd)));
 1798     OK_(strcmp("aes", crypt_get_cipher(cd)));
 1799     EQ_(key_size, crypt_get_volume_key_size(cd));
 1800     EQ_(256, crypt_get_iv_offset(cd));
 1801     EQ_(256, crypt_get_data_offset(cd));
 1802 
 1803     OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
 1804     EQ_(CRYPT_ACTIVATE_READONLY, cad.flags);
 1805     EQ_(256, cad.offset);
 1806     EQ_(256, cad.iv_offset);
 1807     EQ_(72, cad.size);
 1808 
 1809     OK_(crypt_deactivate(cd, CDEVICE_1));
 1810     CRYPT_FREE(cd);
 1811 
 1812     // init with detached header is not supported
 1813     OK_(crypt_init_data_device(&cd, tcrypt_dev2, DEVICE_2));
 1814     FAIL_(crypt_load(cd, CRYPT_TCRYPT, &params), "can't use tcrypt with separate metadata device");
 1815     CRYPT_FREE(cd);
 1816 
 1817     // Following test uses non-FIPS algorithms in the cipher chain
 1818     if(_fips_mode)
 1819         return;
 1820 
 1821     OK_(crypt_init(&cd, tcrypt_dev2));
 1822     params.keyfiles = NULL;
 1823     params.keyfiles_count = 0;
 1824     r = crypt_load(cd, CRYPT_TCRYPT, &params);
 1825     if (r < 0) {
 1826         printf("WARNING: cannot use non-AES encryption, skipping test.\n");
 1827         CRYPT_FREE(cd);
 1828         return;
 1829     }
 1830     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, NULL, 0, CRYPT_ACTIVATE_READONLY));
 1831     CRYPT_FREE(cd);
 1832 
 1833     // Deactivate the whole chain
 1834     EQ_(crypt_status(NULL, CDEVICE_1 "_1"), CRYPT_BUSY);
 1835     OK_(crypt_deactivate(NULL, CDEVICE_1));
 1836     EQ_(crypt_status(NULL, CDEVICE_1 "_1"), CRYPT_INACTIVE);
 1837 }
 1838 
 1839 static void IntegrityTest(void)
 1840 {
 1841     struct crypt_params_integrity params = {
 1842         .tag_size = 4,
 1843         .integrity = "crc32c",
 1844         .sector_size = 4096,
 1845     }, ip = {};
 1846     int ret;
 1847 
 1848     // FIXME: this should be more detailed
 1849 
 1850     OK_(crypt_init(&cd,DEVICE_1));
 1851     FAIL_(crypt_format(cd,CRYPT_INTEGRITY,NULL,NULL,NULL,NULL,0,NULL), "params field required");
 1852     ret = crypt_format(cd,CRYPT_INTEGRITY,NULL,NULL,NULL,NULL,0,&params);
 1853     if (ret < 0) {
 1854         printf("WARNING: cannot format integrity device, skipping test.\n");
 1855         CRYPT_FREE(cd);
 1856         return;
 1857     }
 1858     OK_(crypt_get_integrity_info(cd, &ip));
 1859     EQ_(ip.tag_size, params.tag_size);
 1860     EQ_(ip.sector_size, params.sector_size);
 1861     EQ_(crypt_get_sector_size(cd), params.sector_size);
 1862     EQ_(ip.interleave_sectors, params.interleave_sectors);
 1863     EQ_(ip.journal_size, params.journal_size);
 1864     EQ_(ip.journal_watermark, params.journal_watermark);
 1865     OK_(strcmp(ip.integrity,params.integrity));
 1866     FAIL_(crypt_set_uuid(cd,DEVICE_1_UUID),"can't set uuid to integrity device");
 1867     CRYPT_FREE(cd);
 1868 
 1869     OK_(crypt_init(&cd, DEVICE_1));
 1870     OK_(crypt_load(cd, CRYPT_INTEGRITY, NULL));
 1871     CRYPT_FREE(cd);
 1872 
 1873     OK_(crypt_init(&cd, DEVICE_1));
 1874     //params.tag_size = 8;
 1875     //FAIL_(crypt_load(cd, CRYPT_INTEGRITY, &params), "tag size mismatch");
 1876     params.tag_size = 4;
 1877     OK_(crypt_load(cd, CRYPT_INTEGRITY, &params));
 1878     OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, NULL, 0, 0));
 1879     GE_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 1880     CRYPT_FREE(cd);
 1881 
 1882     memset(&ip, 0, sizeof(ip));
 1883     OK_(crypt_init_by_name(&cd, CDEVICE_1));
 1884     OK_(crypt_get_integrity_info(cd, &ip));
 1885     EQ_(ip.tag_size, params.tag_size);
 1886     OK_(strcmp(ip.integrity,params.integrity));
 1887     OK_(strcmp(CRYPT_INTEGRITY,crypt_get_type(cd)));
 1888     OK_(crypt_deactivate(cd, CDEVICE_1));
 1889     CRYPT_FREE(cd);
 1890 }
 1891 
 1892 // Check that gcrypt is properly initialised in format
 1893 static void NonFIPSAlg(void)
 1894 {
 1895     struct crypt_params_luks1 params = {0};
 1896     char key[128] = "";
 1897     size_t key_size = 128 / 8;
 1898     const char *cipher = "aes";
 1899     const char *cipher_mode = "cbc-essiv:sha256";
 1900     int ret;
 1901 
 1902     OK_(crypt_init(&cd, DEVICE_2));
 1903     params.hash = "sha256";
 1904     OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
 1905     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params),
 1906           "Already formatted.");
 1907     CRYPT_FREE(cd);
 1908 
 1909     params.hash = "whirlpool";
 1910     OK_(crypt_init(&cd, DEVICE_2));
 1911     ret = crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params);
 1912     if (ret < 0) {
 1913         printf("WARNING: whirlpool not supported, skipping test.\n");
 1914         CRYPT_FREE(cd);
 1915         return;
 1916     }
 1917     CRYPT_FREE(cd);
 1918 
 1919     params.hash = "md5";
 1920     OK_(crypt_init(&cd, DEVICE_2));
 1921     FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params),
 1922           "MD5 unsupported, too short");
 1923     CRYPT_FREE(cd);
 1924 }
 1925 
 1926 static void int_handler(int sig __attribute__((__unused__)))
 1927 {
 1928     _quit++;
 1929 }
 1930 
 1931 int main(int argc, char *argv[])
 1932 {
 1933     struct sigaction sa = { .sa_handler = int_handler };
 1934     int i;
 1935 
 1936     if (getuid() != 0) {
 1937         printf("You must be root to run this test.\n");
 1938         exit(77);
 1939     }
 1940 #ifndef NO_CRYPTSETUP_PATH
 1941     if (getenv("CRYPTSETUP_PATH")) {
 1942         printf("Cannot run this test with CRYPTSETUP_PATH set.\n");
 1943         exit(77);
 1944     }
 1945 #endif
 1946     for (i = 1; i < argc; i++) {
 1947         if (!strcmp("-v", argv[i]) || !strcmp("--verbose", argv[i]))
 1948             _verbose = 1;
 1949         else if (!strcmp("--debug", argv[i]))
 1950             _debug = _verbose = 1;
 1951     }
 1952 
 1953     /* Handle interrupt properly */
 1954     sigaction(SIGINT, &sa, NULL);
 1955     sigaction(SIGTERM, &sa, NULL);
 1956 
 1957     register_cleanup(_cleanup);
 1958 
 1959     _cleanup();
 1960     if (_setup()) {
 1961         printf("Cannot set test devices.\n");
 1962         _cleanup();
 1963         exit(77);
 1964     }
 1965 
 1966     crypt_set_debug_level(_debug ? CRYPT_DEBUG_ALL : CRYPT_DEBUG_NONE);
 1967 
 1968     RUN_(NonFIPSAlg, "Crypto is properly initialised in format"); //must be the first!
 1969     RUN_(AddDevicePlain, "A plain device API creation");
 1970     RUN_(HashDevicePlain, "A plain device API hash");
 1971     RUN_(AddDeviceLuks, "Format and use LUKS device");
 1972     RUN_(LuksHeaderLoad, "Header load");
 1973     RUN_(LuksHeaderRestore, "LUKS header restore");
 1974     RUN_(LuksHeaderBackup, "LUKS header backup");
 1975     RUN_(ResizeDeviceLuks, "LUKS device resize");
 1976     RUN_(UseLuksDevice, "Use pre-formated LUKS device");
 1977     RUN_(SuspendDevice, "Suspend/Resume");
 1978     RUN_(UseTempVolumes, "Format and use temporary encrypted device");
 1979     RUN_(CallbacksTest, "API callbacks");
 1980     RUN_(VerityTest, "DM verity");
 1981     RUN_(TcryptTest, "Tcrypt API");
 1982     RUN_(IntegrityTest, "Integrity API");
 1983 
 1984     _cleanup();
 1985     return 0;
 1986 }