mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-16 05:10:03 +01:00
c066fddf8b
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@376 36d66b0a-2a48-0410-832c-cd162a569da5
116 lines
2.4 KiB
Bash
Executable File
116 lines
2.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
#
|
|
# Test mode compatibility, check input + kernel and cryptsetup cipher status
|
|
#
|
|
# FIXME: add checkum test of data
|
|
#
|
|
|
|
CRYPTSETUP=../src/cryptsetup
|
|
DEV_NAME=dmc_test
|
|
LOOPDEV=/dev/loop5
|
|
HEADER_IMG=mode-test.img
|
|
PASSWORD=3xrododenron
|
|
|
|
# cipher-chainmode-ivopts:ivmode
|
|
CIPHERS="aes twofish serpent"
|
|
MODES="cbc lrw xts"
|
|
IVMODES="null benbi plain plain64 essiv:sha256"
|
|
|
|
cleanup() {
|
|
for dev in $(dmsetup status --target crypt | sed s/\:\ .*// | grep "^$DEV_NAME"_); do
|
|
dmsetup remove $dev
|
|
done
|
|
udevadm settle 2>/dev/null 2>&1
|
|
sleep 2
|
|
[ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
|
|
losetup -d $LOOPDEV >/dev/null 2>&1
|
|
rm -f $HEADER_IMG >/dev/null 2>&1
|
|
}
|
|
|
|
fail()
|
|
{
|
|
[ -n "$1" ] && echo "$1"
|
|
cleanup
|
|
exit 100
|
|
}
|
|
|
|
add_device() {
|
|
dd if=/dev/zero of=$HEADER_IMG bs=1M count=6 >/dev/null 2>&1
|
|
sync
|
|
losetup $LOOPDEV $HEADER_IMG >/dev/null 2>&1
|
|
dmsetup create $DEV_NAME --table "0 10240 linear $LOOPDEV 8" >/dev/null 2>&1
|
|
}
|
|
|
|
dmcrypt_check() # device outstring
|
|
{
|
|
X=$(dmsetup table $1 2>/dev/null | cut -d' ' -f 4)
|
|
if [ $X = $2 ] ; then
|
|
echo -n "OK]"
|
|
else
|
|
echo -n "FAIL]"
|
|
echo " Expecting $2 got $X."
|
|
fail
|
|
fi
|
|
|
|
X=$($CRYPTSETUP status $1 | grep cipher | sed s/\.\*cipher:\\s*//)
|
|
if [ $X = $2 ] ; then
|
|
echo " [OK]"
|
|
else
|
|
echo " [FAIL]"
|
|
echo " Expecting $2 got $X."
|
|
fail
|
|
fi
|
|
}
|
|
|
|
dmcrypt()
|
|
{
|
|
OUT=$2
|
|
[ -z "$OUT" ] && OUT=$1
|
|
|
|
echo -n -e "TESTING(PLAIN): $1 ["
|
|
echo $PASSWORD | $CRYPTSETUP create -c $1 -s 256 "$DEV_NAME"_"$1" /dev/mapper/$DEV_NAME >/dev/null 2>&1
|
|
if [ $? -eq 0 ] ; then
|
|
dmcrypt_check "$DEV_NAME"_"$1" $OUT
|
|
dmsetup remove "$DEV_NAME"_"$1" >/dev/null 2>&1
|
|
else
|
|
echo "SKIPPED]"
|
|
fi
|
|
|
|
echo -n -e "TESTING(LUKS): $1 ["
|
|
echo $PASSWORD | $CRYPTSETUP luksFormat -i 1 -c $1 -s 256 /dev/mapper/$DEV_NAME >/dev/null 2>&1
|
|
if [ $? -eq 0 ] ; then
|
|
echo $PASSWORD | $CRYPTSETUP luksOpen /dev/mapper/$DEV_NAME "$DEV_NAME"_"$1" >/dev/null 2>&1
|
|
dmcrypt_check "$DEV_NAME"_"$1" $OUT
|
|
dmsetup remove "$DEV_NAME"_"$1" >/dev/null 2>&1
|
|
else
|
|
echo "SKIPPED]"
|
|
fi
|
|
}
|
|
|
|
if [ $(id -u) != 0 ]; then
|
|
echo "WARNING: You must be root to run this test, test skipped."
|
|
exit 0
|
|
fi
|
|
|
|
add_device
|
|
|
|
# compatibility modes
|
|
dmcrypt aes aes-cbc-plain
|
|
dmcrypt aes-plain aes-cbc-plain
|
|
|
|
# codebook doesn't support IV at all
|
|
for cipher in $CIPHERS ; do
|
|
dmcrypt "$cipher-ecb"
|
|
done
|
|
|
|
for cipher in $CIPHERS ; do
|
|
for mode in $MODES ; do
|
|
for ivmode in $IVMODES ; do
|
|
dmcrypt "$cipher-$mode-$ivmode"
|
|
done
|
|
done
|
|
done
|
|
|
|
cleanup
|