1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
// Copyright (c) Contributors to the Apptainer project, established as
// Apptainer a Series of LF Projects LLC.
// For website terms of use, trademark policy, privacy policy and other
// project policies see https://lfprojects.org/policies
// Copyright (c) 2019-2022, Sylabs Inc. All rights reserved.
// This software is licensed under a 3-clause BSD license. Please consult the
// LICENSE.md file distributed with the sources of this project regarding your
// rights to use or distribute this software.
package crypt
import (
"os"
"os/exec"
"path/filepath"
"testing"
"github.com/apptainer/apptainer/internal/pkg/test"
"github.com/apptainer/apptainer/internal/pkg/util/fs"
"github.com/apptainer/apptainer/internal/pkg/util/fs/squashfs"
)
func TestEncrypt(t *testing.T) {
test.EnsurePrivilege(t)
defer test.ResetPrivilege(t)
dev := &Device{}
emptyFile, err := os.CreateTemp("", "")
if err != nil {
t.Fatalf("failed to create temporary file: %s", err)
}
err = emptyFile.Close()
if err != nil {
t.Fatalf("failed to close file %s: %s", emptyFile.Name(), err)
}
defer os.Remove(emptyFile.Name())
// Create a dummy squashfs file
dummyDir := t.TempDir()
// We create a few more sub-directories; note that they will be
// removed when the top-directory (dummyDir) will be removed.
dummyRootDir := filepath.Join(dummyDir, "root")
err = os.MkdirAll(dummyRootDir, 0o755)
if err != nil {
t.Fatalf("failed to create %s: %s", dummyRootDir, err)
}
dummyRootFile := filepath.Join(dummyRootDir, "EMPTYFILE")
err = fs.Touch(dummyRootFile)
if err != nil {
t.Fatalf("failed to create dummy file %s: %s", dummyRootFile, err)
}
squashfsBin, err := squashfs.GetPath()
if err != nil {
t.Fatalf("failed to get path to squashfs binary: %s", err)
}
tempTargetFile, err := os.CreateTemp("", "")
if err != nil {
t.Fatalf("failed to create temporary file: %s", err)
}
err = tempTargetFile.Close()
if err != nil {
t.Fatalf("failed to close file %s: %s", tempTargetFile.Name(), err)
}
defer os.Remove(tempTargetFile.Name())
squashfsArgs := []string{dummyDir, tempTargetFile.Name(), "-noappend"}
cmd := exec.Command(squashfsBin, squashfsArgs...)
err = cmd.Run()
if err != nil {
t.Fatalf("failed to create squashfs file: %s", err)
}
tests := []struct {
name string
path string
key []byte
skipCleanup bool
shallPass bool
}{
{
name: "empty path",
path: "",
key: []byte("dummyKey"),
shallPass: false,
},
{
name: "empty file",
path: emptyFile.Name(),
key: []byte("dummyKey"),
shallPass: false,
},
{
name: "valid file",
path: tempTargetFile.Name(),
key: []byte("dummyKey"),
shallPass: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
devPath, err := dev.EncryptFilesystem(tt.path, tt.key, "")
if tt.shallPass && err != nil {
if err == ErrUnsupportedCryptsetupVersion {
t.Skip("installed version of cryptsetup is not supported, >=2.0.0 required")
} else {
t.Fatalf("test %s expected to succeed but failed: %s", tt.name, err)
}
}
defer os.Remove(devPath)
if !tt.shallPass && err == nil {
t.Fatalf("test %s expected to fail but succeeded", tt.name)
}
// Clean up successful tests
if tt.shallPass {
devName, err := dev.Open(tt.key, devPath)
if err != nil {
t.Fatalf("failed to open encrypted device: %s", err)
}
err = dev.CloseCryptDevice(devName)
if err != nil {
t.Fatalf("failed to close crypt device: %s", err)
}
}
})
}
}
|
