"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/tests/bitlk-compat-test" (13 Jan 2022, 7014 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "bitlk-compat-test": 2.4.0_vs_2.4.1.

    1 #!/bin/bash
    2 
    3 # check bitlk images parsing
    4 
    5 [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
    6 CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
    7 TST_DIR=bitlk-images
    8 MAP=bitlktst
    9 DUMP_MK_FILE=bitlk-test-mk
   10 
   11 CRYPTSETUP_VALGRIND=../.libs/cryptsetup
   12 CRYPTSETUP_LIB_VALGRIND=../.libs
   13 
   14 [ -z "$srcdir" ] && srcdir="."
   15 
   16 function remove_mapping()
   17 {
   18     [ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP
   19     rm -rf $TST_DIR
   20 }
   21 
   22 function fail()
   23 {
   24     [ -n "$1" ] && echo "$1"
   25     echo " [FAILED]"
   26     echo "FAILED backtrace:"
   27     while caller $frame; do ((frame++)); done
   28     remove_mapping
   29     exit 2
   30 }
   31 
   32 function skip()
   33 {
   34     [ -n "$1" ] && echo "$1"
   35     echo "Test skipped."
   36     remove_mapping
   37     exit 77
   38 }
   39 
   40 function load_vars()
   41 {
   42     local file=$(echo $1 | sed -e s/^$TST_DIR\\/// | sed -e s/\.img$//)
   43     source <(grep = <(grep -A8 "\[$file\]" $TST_DIR/images.conf))
   44 }
   45 
   46 function check_dump()
   47 {
   48     dump=$1
   49     file=$2
   50 
   51     # load variables for this image from config file
   52     load_vars $file
   53 
   54     # GUID
   55     dump_guid=$(echo "$dump" | grep Version -A 1 | tail -1 | cut -d: -f2 | tr -d "\t\n ")
   56     [ ! -z "$GUID" -a "$dump_guid" = "$GUID"  ] || fail " GUID check from dump failed."
   57 
   58     # cipher
   59     dump_cipher=$(echo "$dump" | grep "Cipher name" | cut -d: -f2 | tr -d "\t\n ")
   60     dump_mode=$(echo "$dump" | grep "Cipher mode" | cut -d: -f2 | tr -d "\t\n ")
   61     cipher=$(echo "$dump_cipher-$dump_mode")
   62     [ ! -z "$CIPHER" -a "$cipher" = "$CIPHER" ] || fail " cipher check from dump failed."
   63 
   64     if echo "$file" | grep -q -e "smart-card"; then
   65         # smart card protected VMK GUID
   66         dump_sc_vmk=$(echo "$dump" | grep "VMK protected with smart card" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
   67         [ ! -z "$SC_VMK_GUID" -a "$dump_sc_vmk" = "$SC_VMK_GUID" ] || fail " smart card protected VMK GUID check from dump failed."
   68     elif echo "$file" | grep -q -e "startup-key"; then
   69         # startup key protected VMK GUID
   70         dump_sk_vmk=$(echo "$dump" | grep "VMK protected with startup key" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
   71         [ ! -z "$SK_VMK_GUID" -a "$dump_sk_vmk" = "$SK_VMK_GUID" ] || fail " startup key protected VMK GUID check from dump failed."
   72     else
   73         # password protected VMK GUID
   74         dump_pw_vmk=$(echo "$dump" | grep "VMK protected with passphrase" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
   75         [ ! -z "$PW_VMK_GUID" -a "$dump_pw_vmk" = "$PW_VMK_GUID" ] || fail " password protected VMK GUID check from dump failed."
   76     fi
   77 
   78     # recovery password protected VMK GUID
   79     dump_rp_vmk=$(echo "$dump" | grep "VMK protected with recovery passphrase" -B 1 | head -1 | cut -d: -f2 | tr -d "\t ")
   80     [ ! -z "$RP_VMK_GUID" -a "$dump_rp_vmk" = "$RP_VMK_GUID" ] || fail " recovery password protected VMK GUID check from dump failed."
   81 
   82 }
   83 
   84 function valgrind_setup()
   85 {
   86     which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind."
   87     [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
   88     export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
   89 }
   90 
   91 function valgrind_run()
   92 {
   93     INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
   94 }
   95 
   96 export LANG=C
   97 [ ! -d $TST_DIR ] && tar xJSf $srcdir/bitlk-images.tar.xz --no-same-owner 2>/dev/null || skip "Incompatible tar."
   98 
   99 [ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
  100 
  101 echo "HEADER CHECK"
  102 for file in $(ls $TST_DIR/bitlk-*) ; do
  103     echo -n " $file"
  104     out=$($CRYPTSETUP bitlkDump $file)
  105     check_dump "$out" "$file"
  106     echo " [OK]"
  107 done
  108 
  109 if [ $(id -u) != 0 ]; then
  110     echo "WARNING: You must be root to run activation part of test, test skipped."
  111     remove_mapping
  112     exit 0
  113 fi
  114 
  115 echo "ACTIVATION FS UUID CHECK"
  116 for file in $(ls $TST_DIR/bitlk-*) ; do
  117     # load variables for this image from config file
  118     load_vars $file
  119 
  120     # test with both passphrase and recovery passphrase
  121     for PASSPHRASE in $PW $RP ; do
  122         echo -n " $file"
  123         echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file --test-passphrase >/dev/null 2>&1
  124         ret=$?
  125         [ $ret -eq 1 ] && echo " [N/A]" && continue
  126         echo $PASSPHRASE | $CRYPTSETUP bitlkOpen -r $file $MAP >/dev/null 2>&1
  127         ret=$?
  128         [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue
  129         [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc-elephant" ) && echo " [N/A]" && continue
  130         [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "clearkey" ) && echo " [N/A]" && continue
  131         [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "eow" ) && echo " [N/A]" && continue
  132         [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "-4k.img" ) && echo " [N/A]" && continue
  133         [ $ret -eq 0 ] || fail " failed to open $file ($ret)"
  134         $CRYPTSETUP status $MAP >/dev/null || fail
  135         $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
  136         uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
  137         sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
  138         $CRYPTSETUP remove $MAP || fail
  139         [ "$uuid" = "$UUID" ] || fail " UUID check failed."
  140         [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed."
  141         echo " [OK]"
  142     done
  143 
  144     # test with master key
  145     rm -f $DUMP_MK_FILE >/dev/null 2>&1
  146     echo -n " $file"
  147     echo $PASSPHRASE | $CRYPTSETUP bitlkDump -r $file --dump-master-key --master-key-file $DUMP_MK_FILE >/dev/null 2>&1
  148     ret=$?
  149     [ $ret -eq 0 ] || fail " failed to dump master key"
  150     $CRYPTSETUP bitlkOpen -r $file $MAP --master-key-file $DUMP_MK_FILE >/dev/null 2>&1
  151     ret=$?
  152     [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc" ) && echo " [N/A]" && continue
  153     [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "aes-cbc-elephant" ) && echo " [N/A]" && continue
  154     [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "clearkey" ) && echo " [N/A]" && continue
  155     [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "eow" ) && echo " [N/A]" && continue
  156     [ $ret -eq 1 ] && ( echo "$file" | grep -q -e "-4k.img" ) && echo " [N/A]" && continue
  157     [ $ret -eq 0 ] || fail " failed to open $file using master key ($ret)"
  158     $CRYPTSETUP status $MAP >/dev/null || fail
  159     $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
  160     uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
  161     sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
  162     $CRYPTSETUP remove $MAP || fail
  163     [ "$uuid" = "$UUID" ] || fail " UUID check failed."
  164     [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed."
  165     echo " [OK]"
  166     rm -f $DUMP_MK_FILE >/dev/null 2>&1
  167 
  168     # startup key test -- we need to use BEK file from the archive
  169     if echo "$file" | grep -q -e "startup-key"; then
  170         echo -n " $file"
  171         bek_file=$(echo $SK_VMK_GUID.BEK | tr /a-z/ /A-Z/)
  172         $CRYPTSETUP bitlkOpen -r $file --test-passphrase --key-file $TST_DIR/$bek_file
  173         ret=$?
  174         [ $ret -eq 1 ] && echo " [N/A]" && continue
  175         $CRYPTSETUP bitlkOpen -r $file $MAP --key-file $TST_DIR/$bek_file >/dev/null 2>&1
  176         ret=$?
  177         [ $ret -eq 0 ] || fail " failed to open $file ($ret)"
  178         $CRYPTSETUP status $MAP >/dev/null || fail
  179         $CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
  180         uuid=$(lsblk -n -o UUID /dev/mapper/$MAP)
  181         sha256sum=$(sha256sum /dev/mapper/$MAP | cut -d" " -f1)
  182         $CRYPTSETUP remove $MAP || fail
  183         [ "$uuid" = "$UUID" ] || fail " UUID check failed."
  184         [ "$sha256sum" = "$SHA256SUM" ] || fail " SHA256 sum check failed."
  185         echo " [OK]"
  186 
  187     fi
  188 done
  189 
  190 remove_mapping
  191 exit 0