From 3d1b965c46514cb4551b512986df9bc526ba7761 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Sun, 13 Nov 2022 22:51:39 +0100 Subject: [PATCH] fvault2: fix --test-passphrase option --- lib/fvault2/fvault2.c | 2 +- src/cryptsetup.c | 5 +++-- tests/fvault2-compat-test | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/fvault2/fvault2.c b/lib/fvault2/fvault2.c index 410ff094..068d4abe 100644 --- a/lib/fvault2/fvault2.c +++ b/lib/fvault2/fvault2.c @@ -289,7 +289,7 @@ static int _unwrap_key( /* check whether MSB_{64}(S) (= A) matches ICV1 (see step 3) */ if (a != 0xA6A6A6A6A6A6A6A6) { - r = -EINVAL; + r = -EPERM; goto out; } diff --git a/src/cryptsetup.c b/src/cryptsetup.c index ff145ab2..c7266891 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -3021,8 +3021,9 @@ static const char * verify_open(void) return _("Large IV sectors option is supported only for opening plain type device with sector size larger than 512 bytes."); if (ARG_SET(OPT_TEST_PASSPHRASE_ID) && (!device_type || - (strncmp(device_type, "luks", 4) && strcmp(device_type, "tcrypt") && strcmp(device_type, "bitlk")))) - return _("Option --test-passphrase is allowed only for open of LUKS, TCRYPT and BITLK devices."); + (strncmp(device_type, "luks", 4) && strcmp(device_type, "tcrypt") && + strcmp(device_type, "bitlk") && strcmp(device_type, "fvault2")))) + return _("Option --test-passphrase is allowed only for open of LUKS, TCRYPT, BITLK and FVAULT2 devices."); if (ARG_SET(OPT_DEVICE_SIZE_ID) && ARG_SET(OPT_SIZE_ID)) return _("Options --device-size and --size cannot be combined."); diff --git a/tests/fvault2-compat-test b/tests/fvault2-compat-test index ee63db09..45022d21 100755 --- a/tests/fvault2-compat-test +++ b/tests/fvault2-compat-test @@ -114,6 +114,7 @@ check_dump "$dump" 'PBKDF2 iterations' 204222 check_dump "$dump" 'PBKDF2 salt' '2c 24 9e db 66 63 d6 fb cc 79 05 b7 a4 d7 27 52' dump=$(produce_dump_key $IMG heslo123) check_dump "$dump" 'Volume key' '20 73 4d 33 89 21 27 74 d7 61 0c 29 d7 32 88 09 16 f3 be 14 c4 b1 2a c7 aa f0 7e 5c cc 77 b3 19' +echo $PWD | $CRYPTSETUP open --type fvault2 --test-passphrase $IMG || fail echo " [OK]" if [ $(id -u) != 0 ]; then