Fvault2: add basic test

2025-12-05 16:00:05 +01:00 · 2022-10-29 05:21:12 +02:00
parent cd5bd1c773
commit ba9757b14b
3 changed files with 104 additions and 1 deletions
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -20,6 +20,7 @@ TESTS = 00modules-test \
 	vectors-test \
 	blockwise-compat-test \
 	bitlk-compat-test \
+	fvault2-compat-test \
 	run-all-symbols \
 	unit-utils-crypt-test \
 	unit-wipe-test \
@@ -98,6 +99,8 @@ EXTRA_DIST = compatimage.img.xz compatv10image.img.xz \
 	Makefile.localtest \
 	bitlk-compat-test \
 	bitlk-images.tar.xz \
+	fvault2-compat-test \
+	fvault2-images.tar.xz \
 	ssh-test-plugin \
 	generate-symbols-list \
 	run-all-symbols \
@@ -108,7 +111,7 @@ EXTRA_DIST = compatimage.img.xz compatv10image.img.xz \

 CLEANFILES = cryptsetup-tst* valglog* *-fail-*.log test-symbols-list.h fake_token_path.so fake_systemd_tpm_path.so
 clean-local:
-	-rm -rf tcrypt-images luks1-images luks2-images bitlk-images conversion_imgs luks2_valid_hdr.img blkid-luks2-pv-img blkid-luks2-pv-img.bcp external-tokens
+	-rm -rf tcrypt-images luks1-images luks2-images bitlk-images fvault2-images conversion_imgs luks2_valid_hdr.img blkid-luks2-pv-img blkid-luks2-pv-img.bcp external-tokens

 differ_SOURCES = differ.c
 differ_CFLAGS = $(AM_CFLAGS) -Wall -O2
--- a/tests/fvault2-compat-test
+++ b/tests/fvault2-compat-test
@@ -0,0 +1,100 @@
+#!/bin/bash
+
+[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
+CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
+MAP=fvault2test
+TST_DIR=fvault2-images
+
+[ -z "$srcdir" ] && srcdir="."
+
+function create_mapping()
+{
+	local image=$1
+	local passphrase=$2
+	echo -n "$passphrase" | "$CRYPTSETUP" open --type fvault2 --key-file - \
+		"$TST_DIR/$image" "$MAP"
+}
+
+function remove_mapping()
+{
+	[ -b "/dev/mapper/$MAP" ] && dmsetup remove --retry "$MAP"
+	rm -f "$IMAGE"
+}
+
+function fail()
+{
+	[ -n "$1" ] && echo "$1"
+	echo " [FAILED]"
+	echo "FAILED backtrace:"
+	while caller $frame; do ((frame++)); done
+	remove_mapping
+	exit 2
+}
+
+function skip()
+{
+	[ -n "$1" ] && echo "$1"
+	echo "Test skipped."
+	remove_mapping
+	exit 77
+}
+
+function produce_dump()
+{
+	local image=$1
+	local passphrase=$2
+	echo -n "$passphrase" | "$CRYPTSETUP" fvault2Dump "$TST_DIR/$image" \
+		--dump-volume-key --key-file -
+}
+
+function check_dump()
+{
+	local dump=$1
+	local key=$2
+	local exp_value=$3
+	local regex="$key:\s*\(.*\)"
+	local value=$(echo "$dump" | sed -n "s|$regex|\1|p" | sed 's|\s*$||')
+	[ "$value" = "$exp_value" ] || fail \
+		"$key check failed: expected \"$exp_value\", got \"$value\""
+}
+
+function check_uuid()
+{
+	local exp_uuid=$1
+	local uuid=$(blkid -po value -s UUID "/dev/mapper/$MAP")
+	[ "$uuid" = "$exp_uuid" ] || fail \
+		"UUID check failed: expected \"$exp_uuid\", got \"$uuid\""
+
+}
+
+function check_sha256()
+{
+	local exp_sum=$1
+	local sum=$(sha256sum /dev/mapper/$MAP | head -c 64)
+	[ "$sum" = "$exp_sum" ] || fail \
+		"SHA256 sum check failed: expected \"$exp_sum\", got \"$sum\""
+}
+
+if [ ! -d $TST_DIR ]; then
+	tar xJSf $srcdir/fvault2-images.tar.xz --no-same-owner 2>/dev/null || skip "Incompatible tar."
+fi
+
+dump=$(produce_dump small heslo123)
+check_dump "$dump" 'Physical volume UUID' fc52bfae-5a1f-4f9b-b3a6-f33303a0e401
+check_dump "$dump" 'Family UUID' 33a76caa-1481-4bc5-8d04-1ac1707c19c0
+check_dump "$dump" 'Logical volume offset' '67108864 [bytes]'
+check_dump "$dump" 'Logical volume size' '167772160 [bytes]'
+check_dump "$dump" 'PBKDF2 iterations' 204222
+check_dump "$dump" 'PBKDF2 salt' '2c 24 9e db 66 63 d6 fb cc 79 05 b7 a4 d7 27 52'
+
+if [ $(id -u) != 0 ]; then
+	echo "WARNING: You must be root to run activation part of test, test skipped."
+	exit 0
+fi
+
+create_mapping small heslo123
+check_uuid de124d8a-2164-394e-924f-8e28db0a09cb
+check_sha256 2c662e36c0f7e2f5583e6a939bbcbdc660805692d0fccaa45ad4052beb3b8e18
+remove_mapping
+
+exit 0
--- a/tests/fvault2-images.tar.xz
+++ b/tests/fvault2-images.tar.xz