"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/tests/luks2-validation-test" (13 Jan 2022, 10903 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "luks2-validation-test": 2.4.1_vs_2.4.2.

    1 #!/bin/bash
    2 
    3 #turn on debug mode by following env. variable _DEBUG=1
    4 
    5 PS4='$LINENO:'
    6 [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
    7 CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
    8 
    9 CRYPTSETUP_VALGRIND=../.libs/cryptsetup
   10 CRYPTSETUP_LIB_VALGRIND=../.libs
   11 
   12 START_DIR=$(pwd)
   13 
   14 IMG=luks2-backend.img
   15 ORIG_IMG=luks2_valid_hdr.img
   16 TST_IMGS=$START_DIR/luks2-images
   17 
   18 GEN_DIR=generators
   19 
   20 FAILS=0
   21 
   22 [ -z "$srcdir" ] && srcdir="."
   23 
   24 function remove_mapping()
   25 {
   26     rm -rf $IMG $TST_IMGS >/dev/null 2>&1
   27 }
   28 
   29 function fail()
   30 {
   31     [ -n "$1" ] && echo "$1"
   32     echo "FAILED backtrace:"
   33     while caller $frame; do ((frame++)); done
   34     cd $START_DIR
   35     remove_mapping
   36     exit 2
   37 }
   38 
   39 fail_count()
   40 {
   41     echo "$1"
   42     FAILS=$((FAILS+1))
   43 }
   44 
   45 function skip()
   46 {
   47     [ -n "$1" ] && echo "$1"
   48     exit 77
   49 }
   50 
   51 function prepare() # $1 dev1_size
   52 {
   53     remove_mapping
   54 
   55     test -d $TST_IMGS || mkdir $TST_IMGS
   56 
   57     test -e $ORIG_IMG || xz -dkc $srcdir/$ORIG_IMG.xz >$ORIG_IMG
   58     cp $ORIG_IMG $TST_IMGS
   59     cp $ORIG_IMG $IMG
   60 }
   61 
   62 function test_load()
   63 {
   64     local _debug=
   65 
   66     test -z "$_DEBUG" || _debug="--debug"
   67 
   68     case "$1" in
   69     R)
   70         if [ -n "$_debug" ]; then
   71             $CRYPTSETUP luksDump $_debug $IMG
   72         else
   73             $CRYPTSETUP luksDump $_debug $IMG > /dev/null 2>&1
   74         fi
   75         test $? -eq 0 || return 1
   76         ;;
   77     F)
   78         if [ -n "$_debug" ]; then
   79             $CRYPTSETUP luksDump $_debug $IMG
   80         else
   81             $CRYPTSETUP luksDump $_debug $IMG > /dev/null 2>&1
   82         fi
   83         test $? -ne 0 || return 1
   84         ;;
   85     *)
   86         fail "Internal test error"
   87         ;;
   88     esac
   89 }
   90 
   91 function RUN()
   92 {
   93     echo -n "Test image: $1..."
   94     cp $TST_IMGS/$1 $IMG || fail "Missing test image"
   95     test_load $2 "$3"
   96     if [ $? -ne 0 ]; then
   97         fail_count "$3"
   98     else
   99         echo "OK"
  100     fi
  101 }
  102 
  103 function valgrind_setup()
  104 {
  105     which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind."
  106     [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
  107     export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
  108 }
  109 
  110 function valgrind_run()
  111 {
  112     INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
  113 }
  114 
  115 [ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
  116 
  117 which jq >/dev/null 2>&1 || skip "Cannot find jq, test skipped."
  118 
  119 prepare
  120 
  121 echo "[0] Generating test headers"
  122 cd $srcdir/$GEN_DIR
  123 for scr in ./generate-*.sh; do
  124     echo -n "$(basename $scr)..."
  125     $scr $TST_IMGS $TST_IMGS/$ORIG_IMG || fail "Header generator $scr failed: '$?'"
  126     echo "done"
  127 done
  128 cd $START_DIR
  129 
  130 echo "[1] Test basic auto-recovery"
  131 RUN luks2-invalid-checksum-hdr0.img "R" "Failed to recover from trivial header corruption at offset 0"
  132 # TODO: check epoch is incresed after recovery
  133 # TODO: check only sectors related to corrupted hdr at offset 0 are written (dmstats tool/differ.c)
  134 
  135 RUN luks2-invalid-checksum-hdr1.img "R" "Failed to recover from trivial header corruption at offset 16384"
  136 # TODO: check epoch is incresed after recovery
  137 # TODO: check only sectors related to corrupted hdr at offset 16384 are written (dmstats tool/differ.c)
  138 
  139 RUN luks2-invalid-checksum-both-hdrs.img "F" "Failed to recognise corrupted header beyond repair"
  140 
  141 echo "[2] Test ability to auto-correct mallformed json area"
  142 RUN luks2-corrupted-hdr0-with-correct-chks.img "R" "Failed to auto correct malformed json area at offset 512"
  143 # TODO: check epoch is incresed after recovery
  144 # TODO: check only sectors related to corrupted hdr at offset 0 are written (dmstats tool/differ.c)
  145 
  146 RUN luks2-corrupted-hdr1-with-correct-chks.img "R" "Failed to auto correct malformed json area at offset 16896"
  147 # TODO: check epoch is incresed after recovery
  148 # TODO: check only sectors related to corrupted hdr at offset 16384 are written (dmstats tool/differ.c)
  149 
  150 RUN luks2-correct-full-json0.img "R" "Failed to parse full and correct json area"
  151 # TODO: detect noop (norecovery, epoch untouched)
  152 # TODO: check epoch is NOT incresed after recovery of secondary header
  153 
  154 # these tests auto-correct json in-memory only. It'll get fixed on-disk after write operation
  155 RUN luks2-argon2-leftover-params.img   "R" "Failed to repair keyslot with old argon2 parameters."
  156 RUN luks2-pbkdf2-leftover-params-0.img "R" "Failed to repair keyslot with old pbkdf2 parameters."
  157 RUN luks2-pbkdf2-leftover-params-1.img "R" "Failed to repair keyslot with old pbkdf2 parameters."
  158 
  159 # Secondary header is always broken in following tests
  160 echo "[3] Test LUKS2 json area restrictions"
  161 RUN luks2-non-null-byte-beyond-json0.img        "F" "Failed to detect illegal data right beyond json data string"
  162 RUN luks2-non-null-bytes-beyond-json0.img       "F" "Failed to detect illegal data in json area"
  163 RUN luks2-missing-trailing-null-byte-json0.img      "F" "Failed to detect missing terminal null byte"
  164 RUN luks2-invalid-opening-char-json0.img        "F" "Failed to detect invalid opening character in json area"
  165 RUN luks2-invalid-object-type-json0.img         "F" "Failed to detect invalid json object type"
  166 RUN luks2-overlapping-areas-c0-json0.img        "F" "Failed to detect two exactly same area specifications"
  167 RUN luks2-overlapping-areas-c1-json0.img        "F" "Failed to detect two intersecting area specifications"
  168 RUN luks2-overlapping-areas-c2-json0.img        "F" "Failed to detect two slightly intersecting area specifications"
  169 RUN luks2-area-in-json-hdr-space-json0.img      "F" "Failed to detect area referencing LUKS2 header space"
  170 RUN luks2-missing-keyslot-referenced-in-digest.img  "F" "Failed to detect missing keyslot referenced in digest"
  171 RUN luks2-missing-segment-referenced-in-digest.img  "F" "Failed to detect missing segment referenced in digest"
  172 RUN luks2-missing-keyslot-referenced-in-token.img   "F" "Failed to detect missing keyslots referenced in token"
  173 RUN luks2-keyslot-missing-digest.img            "F" "Failed to detect missing keyslot digest."
  174 RUN luks2-keyslot-too-many-digests.img          "F" "Failed to detect keyslot has too many digests."
  175 
  176 echo "[4] Test integers value limits"
  177 RUN luks2-uint64-max-segment-size.img           "R" "Validation rejected correct value"
  178 RUN luks2-uint64-overflow-segment-size.img      "F" "Failed to detect uint64_t overflow"
  179 RUN luks2-uint64-signed-segment-size.img        "F" "Failed to detect negative value"
  180 
  181 echo "[5] Test segments validation"
  182 RUN luks2-segment-missing-type.img          "F" "Failed to detect missing type field"
  183 RUN luks2-segment-wrong-type.img            "F" "Failed to detect invalid type field"
  184 RUN luks2-segment-missing-offset.img            "F" "Failed to detect missing offset field"
  185 RUN luks2-segment-wrong-offset.img          "F" "Failed to detect invalid offset field"
  186 RUN luks2-segment-missing-size.img          "F" "Failed to detect missing size field"
  187 RUN luks2-segment-wrong-size-0.img          "F" "Failed to detect invalid size field"
  188 RUN luks2-segment-wrong-size-1.img          "F" "Failed to detect invalid size field"
  189 RUN luks2-segment-wrong-size-2.img          "F" "Failed to detect invalid size field"
  190 RUN luks2-segment-crypt-missing-encryption.img      "F" "Failed to detect missing encryption field"
  191 RUN luks2-segment-crypt-wrong-encryption.img        "F" "Failed to detect invalid encryption field"
  192 RUN luks2-segment-crypt-missing-ivoffset.img        "F" "Failed to detect missing iv_tweak field"
  193 RUN luks2-segment-crypt-wrong-ivoffset.img      "F" "Failed to detect invalid iv_tweak field"
  194 RUN luks2-segment-crypt-missing-sectorsize.img      "F" "Failed to detect missing sector_size field"
  195 RUN luks2-segment-crypt-wrong-sectorsize-0.img      "F" "Failed to detect invalid sector_size field"
  196 RUN luks2-segment-crypt-wrong-sectorsize-1.img      "F" "Failed to detect invalid sector_size field"
  197 RUN luks2-segment-crypt-wrong-sectorsize-2.img      "F" "Failed to detect invalid sector_size field"
  198 RUN luks2-segment-unknown-type.img          "R" "Validation rejected segment with all mandatory fields correct"
  199 RUN luks2-segment-two.img               "R" "Validation rejected two valid segments"
  200 RUN luks2-segment-wrong-flags.img           "F" "Failed to detect invalid flags field"
  201 RUN luks2-segment-wrong-flags-element.img       "F" "Failed to detect invalid flags content"
  202 RUN luks2-segment-wrong-backup-key-0.img        "F" "Failed to detect gap in backup segments"
  203 RUN luks2-segment-wrong-backup-key-1.img        "F" "Failed to detect gap in backup segments"
  204 
  205 echo "[6] Test metadata size and keyslots size (config section)"
  206 RUN luks2-invalid-keyslots-size-c0.img          "F" "Failed to detect too large keyslots_size in config section"
  207 RUN luks2-invalid-keyslots-size-c1.img          "F" "Failed to detect unaligned keyslots_size in config section"
  208 RUN luks2-invalid-keyslots-size-c2.img          "F" "Failed to detect too small keyslots_size config section"
  209 RUN luks2-invalid-json-size-c0.img          "F" "Failed to detect invalid json_size config section"
  210 RUN luks2-invalid-json-size-c1.img          "F" "Failed to detect invalid json_size config section"
  211 RUN luks2-invalid-json-size-c2.img          "F" "Failed to detect mismatching json size in config and binary hdr"
  212 RUN luks2-metadata-size-32k.img             "R" "Valid 32KiB metadata size failed to validate"
  213 RUN luks2-metadata-size-64k.img             "R" "Valid 64KiB metadata size failed to validate"
  214 RUN luks2-metadata-size-64k-inv-area-c0.img     "F" "Failed to detect keyslot area trespassing in json area"
  215 RUN luks2-metadata-size-64k-inv-area-c1.img     "F" "Failed to detect keyslot area overflowing keyslots area"
  216 RUN luks2-metadata-size-64k-inv-keyslots-size-c0.img    "F" "Failed to detect keyslots size overflowing in data area"
  217 RUN luks2-metadata-size-128k.img            "R" "Valid 128KiB metadata size failed to validate"
  218 RUN luks2-metadata-size-256k.img            "R" "Valid 256KiB metadata size failed to validate"
  219 RUN luks2-metadata-size-512k.img            "R" "Valid 512KiB metadata size failed to validate"
  220 RUN luks2-metadata-size-1m.img              "R" "Valid 1MiB metadata size failed to validate"
  221 RUN luks2-metadata-size-2m.img              "R" "Valid 2MiB metadata size failed to validate"
  222 RUN luks2-metadata-size-4m.img              "R" "Valid 4MiB metadata size failed to validate"
  223 RUN luks2-metadata-size-16k-secondary.img       "R" "Valid 16KiB metadata size in secondary hdr failed to validate"
  224 RUN luks2-metadata-size-32k-secondary.img       "R" "Valid 32KiB metadata size in secondary hdr failed to validate"
  225 RUN luks2-metadata-size-64k-secondary.img       "R" "Valid 64KiB metadata size in secondary hdr failed to validate"
  226 RUN luks2-metadata-size-128k-secondary.img      "R" "Valid 128KiB metadata size in secondary hdr failed to validate"
  227 RUN luks2-metadata-size-256k-secondary.img      "R" "Valid 256KiB metadata size in secondary hdr failed to validate"
  228 RUN luks2-metadata-size-512k-secondary.img      "R" "Valid 512KiB metadata size in secondary hdr failed to validate"
  229 RUN luks2-metadata-size-1m-secondary.img        "R" "Valid 1MiB metadata size in secondary hdr failed to validate"
  230 RUN luks2-metadata-size-2m-secondary.img        "R" "Valid 2MiB metadata size in secondary hdr failed to validate"
  231 RUN luks2-metadata-size-4m-secondary.img        "R" "Valid 4MiB metadata size in secondary hdr failed to validate"
  232 RUN luks2-metadata-size-invalid.img         "F" "Invalid metadata size in secondary hdr not rejected"
  233 RUN luks2-metadata-size-invalid-secondary.img       "F" "Invalid metadata size in secondary hdr not rejected"
  234 
  235 remove_mapping
  236 
  237 test $FAILS -eq 0 || fail "($FAILS wrong result(s) in total)"