cryptsetup: tests/bitlk-compat-test

"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/tests/bitlk-compat-test" (13 Jan 2022, 7014 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "bitlk-compat-test":

2.4.0_vs_2.4.1.

1 #!/bin/bash 2 3 # check bitlk images parsing 4 5 [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." 6 CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup 7 TST_DIR=bitlk-images 8 MAP=bitlktst 9 DUMP_MK_FILE=bitlk-test-mk 10 11 CRYPTSETUP_VALGRIND=../.libs/cryptsetup 12 CRYPTSETUP_LIB_VALGRIND=../.libs 13 14 [ -z "$srcdir" ] && srcdir="." 15 16 function remove_mapping() 17 { 18 [ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP 19 rm -rf $TST_DIR 20 } 21 22 function fail() 23 { 24 [ -n "$1" ] && echo "$1" 25 echo " [FAILED]" 26 echo "FAILED backtrace:" 27 while caller $frame; do ((frame++)); done 28 remove_mapping 29 exit 2 30 } 31 32 function skip() 33 { 34 [ -n "$1" ] && echo "$1" 35 echo "Test skipped." 36 remove_mapping 37 exit 77 38 } 39 40 function load_vars() 41 { 42 local file=$(echo $1 | sed -e s/^$TST_DIR\\/// | sed -e s/\.img$//) 43 source <(grep = <(grep -A8 "\[$file\]" $TST_DIR/images.conf)) 44 } 45 46 function check_dump() 47 { 48 dump=$1 49 file=$2 50 51 # load variables for this image from config file 52 load_vars $file 53 54 # GUID 55 dump_guid=$(echo "$dump" | grep Version -A 1 | tail -1 | cut -d: -f2 | tr -d "\t\n ") 56 [ ! -z "$GUID" -a "$dump_guid" = "$GUID" ] || fail " GUID check from dump failed." 57 58 # cipher 59 dump_cipher=$(echo "$dump" | grep "Cipher name" | cut -d: -f2 | tr -d "\t\n ") 60 dump_mode=$(echo "$dump" | grep "Cipher mode" | cut -d: -f2 | tr -d "\t\n ") 61 cipher=$(echo "$dump_cipher-$dump_mode") 62 [ ! -z "$CIPHER" -a "$cipher" = "$CIPHER" ] || fail " cipher check from dump failed." 63 64 if echo "$file" | grep -q -e "smart-card"; then 65 # smart card protected VMK GUID 66 dump_sc_vmk=$(echo "$dump" | grep "VMK protected with smart card" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") 67 [ ! -z "$SC_VMK_GUID" -a "$dump_sc_vmk" = "$SC_VMK_GUID" ] || fail " smart card protected VMK GUID check from dump failed." 68 elif echo "$file" | grep -q -e "startup-key"; then 69 # startup key protected VMK GUID 70 dump_sk_vmk=$(echo "$dump" | grep "VMK protected with startup key" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") 71 [ ! -z "$SK_VMK_GUID" -a "$dump_sk_vmk" = "$SK_VMK_GUID" ] || fail " startup key protected VMK GUID check from dump failed." 72 else 73 # password protected VMK GUID 74 dump_pw_vmk=$(echo "$dump" | grep "VMK protected with passphrase" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") 75 [ ! -z "$PW_VMK_GUID" -a "$dump_pw_vmk" = "$PW_VMK_GUID" ] || fail " password protected VMK GUID check from dump failed." 76 fi 77 78 # recovery password protected VMK GUID 79 dump_rp_vmk=$(echo "$dump" | grep "VMK protected with recovery passphrase" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ") 80 [ ! -z "$RP_VMK_GUID" -a "$dump_rp_vmk" = "$RP_VMK_GUID" ] || fail " recovery password protected VMK GUID check from dump failed." 81 82 } 83 84 function valgrind_setup() 85 { 86 which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind." 87 [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable." 88 export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH" 89 } 90 91 function valgrind_run() 92 { 93 INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@" 94 } 95 96 export LANG=C 97 [ ! -d $TST_DIR ] && tar xJSf $srcdir/bitlk-images.tar.xz --no-same-owner 2>/dev/null || skip "Incompatible tar." 98 99 [ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run 100 101 echo "HEADER CHECK" 102 for file in $(ls $TST_DIR/bitlk-*) ; do 103 echo -n " $file" 104 out=$($CRYPTSETUP bitlkDump $file) 105 check_dump "$out" "$file" 106 echo " [OK]" 107 done 108 109 if [ $(id -u) != 0 ]; then 110 echo "WARNING: You must be root to run activation part of test, test skipped." 111 remove_mapping 112 exit 0 113 fi 114 115 echo "ACTIVATION FS UUID CHECK" 116 for file in $(ls $TST_DIR/bitlk-*) ; do 117 # load variables for this image from config file 118 load_vars $file 119 120 # test with both passphrase and recovery passphrase 121 for PASSPHRASE in $PW $RP ; do 122 echo -n " $file" 123 echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file --test-passphrase >/dev/null 2>&1 124 ret=$? 125 [ $ret -eq 1 ] && echo " [N/A]" && continue 126 echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file $MAP >/dev/null 2>&1 127 ret=$? 128 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue 129 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc-elephant" ) && echo " [N/A]" && continue 130 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "clearkey" ) && echo " [N/A]" && continue 131 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "eow" ) && echo " [N/A]" && continue 132 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "-4k.img" ) && echo " [N/A]" && continue 133 [ $ret -eq 0 ] || fail " failed to open $file ($ret)" 134 $CRYPTSETUP status $MAP >/dev/null || fail 135 $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail 136 uuid=$(lsblk -n -o UUID /dev/mapper/$MAP) 137 sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1) 138 $CRYPTSETUP remove $MAP || fail 139 [ "$uuid" = "$UUID" ] || fail " UUID check failed." 140 [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed." 141 echo " [OK]" 142 done 143 144 # test with master key 145 rm -f $DUMP_MK_FILE >/dev/null 2>&1 146 echo -n " $file" 147 echo $PASSPHRASE | $CRYPTSETUP bitlkDump -r $file --dump-master-key --master-key-file $DUMP_MK_FILE >/dev/null 2>&1 148 ret=$? 149 [ $ret -eq 0 ] || fail " failed to dump master key" 150 $CRYPTSETUP bitlkOpen -r $file $MAP --master-key-file $DUMP_MK_FILE >/dev/null 2>&1 151 ret=$? 152 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue 153 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc-elephant" ) && echo " [N/A]" && continue 154 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "clearkey" ) && echo " [N/A]" && continue 155 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "eow" ) && echo " [N/A]" && continue 156 [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "-4k.img" ) && echo " [N/A]" && continue 157 [ $ret -eq 0 ] || fail " failed to open $file using master key ($ret)" 158 $CRYPTSETUP status $MAP >/dev/null || fail 159 $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail 160 uuid=$(lsblk -n -o UUID /dev/mapper/$MAP) 161 sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1) 162 $CRYPTSETUP remove $MAP || fail 163 [ "$uuid" = "$UUID" ] || fail " UUID check failed." 164 [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed." 165 echo " [OK]" 166 rm -f $DUMP_MK_FILE >/dev/null 2>&1 167 168 # startup key test -- we need to use BEK file from the archive 169 if echo "$file" | grep -q -e "startup-key"; then 170 echo -n " $file" 171 bek_file=$(echo $SK_VMK_GUID.BEK | tr /a-z/ /A-Z/) 172 $CRYPTSETUP bitlkOpen -r $file --test-passphrase --key-file $TST_DIR/$bek_file 173 ret=$? 174 [ $ret -eq 1 ] && echo " [N/A]" && continue 175 $CRYPTSETUP bitlkOpen -r $file $MAP --key-file $TST_DIR/$bek_file >/dev/null 2>&1 176 ret=$? 177 [ $ret -eq 0 ] || fail " failed to open $file ($ret)" 178 $CRYPTSETUP status $MAP >/dev/null || fail 179 $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail 180 uuid=$(lsblk -n -o UUID /dev/mapper/$MAP) 181 sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1) 182 $CRYPTSETUP remove $MAP || fail 183 [ "$uuid" = "$UUID" ] || fail " UUID check failed." 184 [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed." 185 echo " [OK]" 186 187 fi 188 done 189 190 remove_mapping 191 exit 0