summaryrefslogtreecommitdiff
path: root/tests/loopaes-test
blob: fdb4cd39a4fc7b039f94d07da53f3d5c7be93509 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
#!/bin/bash

[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup

CRYPTSETUP_VALGRIND=../.libs/cryptsetup
CRYPTSETUP_LIB_VALGRIND=../.libs

# try to validate using loop-AES losetup/kernel if available
LOSETUP_AES=/losetup-aes.old

LOOP_DD_PARAM="bs=1k count=10000"
DEV_NAME=dummy
IMG=loopaes.img
KEYv1=key_v1
KEYv2=key_v2
KEYv3=key_v3
LOOPDEV=$(losetup -f 2>/dev/null)

function dmremove() { # device
	udevadm settle >/dev/null 2>&1
	dmsetup remove --retry $1 >/dev/null 2>&1
}

function remove_mapping()
{
	[ -b /dev/mapper/$DEV_NAME2 ] && dmremove $DEV_NAME2
	[ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
	losetup -d $LOOPDEV >/dev/null 2>&1
	rm -f $IMG $KEYv1 $KEYv2 $KEYv3 >/dev/null 2>&1
}

function fail()
{
	echo "FAILED backtrace:"
	while caller $frame; do ((frame++)); done
	remove_mapping
	exit 2
}

function skip()
{
	remove_mapping
	[ -n "$1" ] && echo "$1"
	exit 77
}

function valgrind_setup()
{
	command -v valgrind >/dev/null || fail "Cannot find valgrind."
	[ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
	export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
}

function valgrind_run()
{
	INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
}

function prepare()
{
	remove_mapping
	dd if=/dev/zero of=$IMG $LOOP_DD_PARAM >/dev/null 2>&1
	sync
	losetup $LOOPDEV $IMG

	# Prepare raw key: v1 - one key, v2 - 64 keys, v3 - 64 + one IV
	if [ ! -e $KEYv3 ]; then
		head -c 3705 /dev/urandom | uuencode -m - | head -n 66 | tail -n 65 >$KEYv3
		head -n 1 $KEYv3 > $KEYv1
		head -n 64 $KEYv3 > $KEYv2
	fi
	[ -n "$1" ] && echo -n "$1 "
}

function check_exists()
{
	[ -b /dev/mapper/$DEV_NAME ] || fail
}

function get_offset_params() # $offset
{
	offset=$1
	if [ "${offset:0:1}" = "@" ] ; then
		echo "-o $((${offset:1} / 512)) -p 0"
	else
		echo "-o $((offset / 512))"
	fi
}

function get_expsum() # $offset
{
	case $1 in
	0)
	   echo "31e00e0e4c233c89051cd748122fde2c98db0121ca09ba93a3820817ea037bc5"
	   ;;
	@8192 | 8192)
	   echo "bfd94392d1dd8f5d477251d21b3c736e177a4945cd4937847fc7bace82996aed"
	   ;;
	@8388608 | 8388608)
	   echo "33838fe36928a929bd7971bed7e82bd426c88193fcd692c2e6f1b9c9bfecd4d6"
	   ;;
	*) fail
	   ;;
	esac
}

function check_sum() # $key $keysize $offset [stdin|keyfile]
{
	$CRYPTSETUP close $DEV_NAME || fail

	EXPSUM=$(get_expsum $3)
	if [ "$4" == "stdin" ] ; then
		cat $1 | $CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file - $(get_offset_params $3) >/dev/null 2>&1
	else
		$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file $1 $(get_offset_params $3) >/dev/null 2>&1
	fi
	ret=$?
	VSUM=$(sha256sum /dev/mapper/$DEV_NAME | cut -d' ' -f 1)
	if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
		echo -n "[$4:OK]"
	else
		echo "[$4:FAIL]"
		[ "$VSUM" != "$EXPSUM" ] && echo " Expecting $EXPSUM got $VSUM."
		fail
	fi
}

function check_sum_losetup() # $key $alg
{
	[ ! -x $LOSETUP_AES ] && echo && return

	echo -n " Verification using loop-AES: "

	losetup -d $LOOPDEV >/dev/null 2>&1
	cat $1 | $LOSETUP_AES -p 0 -e $2 -o $3 $LOOPDEV $IMG
	ret=$?
	VSUM=$(sha256sum $LOOPDEV | cut -d' ' -f 1)
	if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
		echo "[OK]"
	else
		echo "[FAIL]"
		[ "$VSUM" != "$EXPSUM" ] && echo " Expecting $EXPSUM got $VSUM (loop-AES)."
		fail
	fi
	losetup -d $LOOPDEV >/dev/null 2>&1
}

function check_version()
{
	VER_STR=$(dmsetup version | grep Driver)
	VER_MIN=$(echo $VER_STR | cut -f 2 -d.)
	VER_PATCH=$(echo $VER_STR | cut -f 3 -d.)

	test $VER_MIN -lt 19 && return 1
	test $VER_MIN -eq 19 -a $VER_PATCH -ge 6 && return 1 # RHEL
	return 0
}

[ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped."
[ -z "$LOOPDEV" ] && skip "Cannot find free loop device, test skipped."
[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped."
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
command -v uuencode >/dev/null || skip "WARNING: test require uuencode binary, test skipped."
check_version || skip "Probably old kernel, test skipped."

# loop-AES tests
KEY_SIZES="128 256"
KEY_FILES="$KEYv1 $KEYv2 $KEYv3"
DEV_OFFSET="0 8192 @8192 8388608 @8388608"

for key_size in $KEY_SIZES ; do
    for key in $KEY_FILES ; do
        for offset in $DEV_OFFSET ; do
		prepare "Open loop-AES $key / AES-$key_size / offset $offset"
		$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME \
			-s $key_size --key-file $key $(get_offset_params $offset) \
			2>/dev/null
		[ $? -ne 0 ] && echo "[SKIPPED]" && continue
		check_exists
		# Fill device with zeroes and reopen it
		dd if=/dev/zero of=/dev/mapper/$DEV_NAME $LOOP_DD_PARAM >/dev/null 2>&1
		check_sum $key $key_size $offset keyfile
		check_sum $key $key_size $offset stdin
		$CRYPTSETUP loopaesClose $DEV_NAME || fail
		check_sum_losetup $key AES$key_size $offset
        done
    done
done

remove_mapping
exit 0