1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
#!/bin/bash
[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
MAP=fvault2test
TST_DIR=fvault2-images
if [ -n "$CRYPTSETUP_TESTS_RUN_IN_MESON" ]; then
CRYPTSETUP_VALGRIND=$CRYPTSETUP
else
CRYPTSETUP_VALGRIND=../.libs/cryptsetup
CRYPTSETUP_LIB_VALGRIND=../.libs
fi
[ -z "$srcdir" ] && srcdir="."
create_mapping()
{
local image=$1
local passphrase=$2
echo -n "$passphrase" | "$CRYPTSETUP" open --type fvault2 --key-file - \
"$image" "$MAP"
}
remove_mapping()
{
[ -b "/dev/mapper/$MAP" ] && dmsetup remove --retry "$MAP"
rm -rf $TST_DIR
}
fail()
{
[ -n "$1" ] && echo "$1"
echo " [FAILED]"
echo "FAILED backtrace:"
while caller $frame; do ((frame++)); done
remove_mapping
exit 2
}
_sigchld() { local c=$?; [ $c -eq 139 ] && fail "Segfault"; [ $c -eq 134 ] && fail "Aborted"; }
trap _sigchld CHLD
skip()
{
[ -n "$1" ] && echo "$1"
echo "Test skipped."
remove_mapping
exit 77
}
produce_dump()
{
"$CRYPTSETUP" fvault2Dump "$1" || fail
}
produce_dump_key()
{
echo "$2" | "$CRYPTSETUP" fvault2Dump "$1" --dump-volume-key || fail
}
check_dump()
{
local dump=$1
local key=$2
local exp_value=$3
local regex="$key:\s*\(.*\)"
local value=$(echo "$dump" | sed -n "s|$regex|\1|p" | sed 's|\s*$||')
[ "$value" = "$exp_value" ] || fail \
"$key check failed: expected \"$exp_value\", got \"$value\""
}
check_uuid()
{
local exp_uuid=$1
local uuid=$(blkid -po value -s UUID "/dev/mapper/$MAP")
[ "$uuid" = "$exp_uuid" ] || fail \
"UUID check failed: expected \"$exp_uuid\", got \"$uuid\""
}
check_sha256()
{
local exp_sum=$1
local sum=$(sha256sum /dev/mapper/$MAP | head -c 64)
[ "$sum" = "$exp_sum" ] || fail \
"SHA256 sum check failed: expected \"$exp_sum\", got \"$sum\""
}
valgrind_setup()
{
command -v valgrind >/dev/null || fail "Cannot find valgrind."
[ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
[ ! -f valg.sh ] && fail "Unable to get location of valg runner script."
if [ -z "$CRYPTSETUP_TESTS_RUN_IN_MESON" ]; then
export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
fi
}
valgrind_run()
{
INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
}
export LANG=C
[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped."
if [ ! -d $TST_DIR ]; then
tar xJSf $srcdir/fvault2-images.tar.xz --no-same-owner 2>/dev/null || skip "Incompatible tar."
fi
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
echo "HEADER CHECK"
IMG="$TST_DIR/small"
PWD="heslo123"
echo -n " $IMG"
dump=$(produce_dump $IMG)
check_dump "$dump" 'Physical volume UUID' fc52bfae-5a1f-4f9b-b3a6-f33303a0e401
check_dump "$dump" 'Family UUID' 33a76caa-1481-4bc5-8d04-1ac1707c19c0
check_dump "$dump" 'Logical volume offset' '67108864 [bytes]'
check_dump "$dump" 'Logical volume size' '167772160 [bytes]'
check_dump "$dump" 'PBKDF2 iterations' 204222
check_dump "$dump" 'PBKDF2 salt' '2c 24 9e db 66 63 d6 fb cc 79 05 b7 a4 d7 27 52'
dump=$(produce_dump_key $IMG heslo123)
check_dump "$dump" 'Volume key' '20 73 4d 33 89 21 27 74 d7 61 0c 29 d7 32 88 09 16 f3 be 14 c4 b1 2a c7 aa f0 7e 5c cc 77 b3 19'
echo $PWD | $CRYPTSETUP open --type fvault2 --test-passphrase $IMG || fail
echo " [OK]"
if [ $(id -u) != 0 ]; then
echo "WARNING: You must be root to run activation part of test, test skipped."
remove_mapping
exit 0
fi
echo "ACTIVATION CHECK"
echo -n " $IMG"
create_mapping $IMG heslo123
check_uuid de124d8a-2164-394e-924f-8e28db0a09cb
check_sha256 2c662e36c0f7e2f5583e6a939bbcbdc660805692d0fccaa45ad4052beb3b8e18
echo " [OK]"
remove_mapping
exit 0
|
