eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 19:30:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d63163e46c89a76ed648f15f23ac29099a55ced8
cryptsetup/tests/password-hash-test
Milan Broz 09c229fe6c Support limitation for "plain" hash (no hash). 
This can be used for mapping problematic cryptosystems which
wipes some key (losetup sometimes set last byte to zero).
2013-11-10 19:31:02 +01:00

152 lines
5.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# check hash processing in create command
CRYPTSETUP=../src/cryptsetup
DEV_NAME=dmc_test
KEY_FILE=keyfile
DEV2=$DEV_NAME"_x"
dmremove() { # device
udevadm settle >/dev/null 2>&1
dmsetup remove $1 >/dev/null 2>&1
}
cleanup() {
[ -b /dev/mapper/$DEV2 ] && dmremove $DEV2
[ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
rm -f $KEY_FILE
exit $1
}
function fail()
{
echo " $1 [FAILED]"
cleanup 2
}
crypt_key() # hash keysize pwd/file name outkey [limit]
{
DEV2=$DEV_NAME"_x"
LIMIT=""
MODE=aes-cbc-essiv:sha256
[ $2 -gt 256 ] && MODE=aes-xts-plain
[ -n "$6" ] && LIMIT="-l $6"
echo -n "HASH: $1 KSIZE: $2 / $3"
case "$3" in
pwd)
echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$?
;;
std-)
echo -e -n "$4" | $CRYPTSETUP create -c $MODE -d "-" -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$?
;;
stdin)
echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$?
;;
cat)
cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$?
;;
file)
$CRYPTSETUP create -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$?
;;
failpwd)
echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null && fail "Expecting failure"
echo " [OK]"
return
;;
*)
fail ""
;;
esac
# ignore these cases, not all libs/kernel supports it
if [ "$1" == "ripemd160" -o $2 -gt 256 ] ; then
if [ $ret -ne 0 ] ; then
echo " [N/A] ($ret, SKIPPED)"
return
fi
fi
VKEY=$(dmsetup table $DEV2 --showkeys 2>/dev/null | sed 's/.*: //' | cut -d' ' -f 5)
if [ "$VKEY" != "$5" ] ; then
echo " [FAILED]"
echo "expected: $5"
echo "real key: $VKEY"
cleanup 100
else
echo " [OK]"
fi
dmremove $DEV2
}
if [ $(id -u) != 0 ]; then
echo "WARNING: You must be root to run this test, test skipped."
exit 0
fi
dmsetup create $DEV_NAME --table "0 10240 zero" >/dev/null 2>&1
crypt_key ripemd160 0 pwd "xxx" aeb26d1f69eb6dddfb9381eed4d7299f091e99aa5d3ff06866d4ce9f620f7aca
crypt_key ripemd160 256 pwd "xxx" aeb26d1f69eb6dddfb9381eed4d7299f091e99aa5d3ff06866d4ce9f620f7aca
crypt_key ripemd160 128 pwd "xxx" aeb26d1f69eb6dddfb9381eed4d7299f
crypt_key sha1 256 pwd "xxx" b60d121b438a380c343d5ec3c2037564b82ffef30b1e0a6ad9af7a73aa91c197
crypt_key sha1 128 pwd "xxx" b60d121b438a380c343d5ec3c2037564
crypt_key sha256 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
crypt_key sha256 128 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7
crypt_key sha256 0 std- "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
crypt_key sha256 256 std- "xxx\n" 042aea10a0f14f2d391373599be69d53a75dde9951fc3d3cd10b6100aa7a9f24
crypt_key sha256 128 std- "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" \
2a42b97084779dcedf2c66405c5d296c
crypt_key sha256 256 stdin "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
crypt_key sha256 0 stdin "xxx\n" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
# with keyfile, hash is ignored
crypt_key ripemd160 256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
crypt_key sha256 256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
crypt_key unknown* 256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
# limiting key
crypt_key sha256:20 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b4580588000000000000000000000000
crypt_key sha256:32 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
crypt_key sha256: 256 failpwd "xxx" x
crypt_key sha256:xx 256 failpwd "xxx" x
# key file, 80 chars
echo -n -e "0123456789abcdef\n\x01\x00\x03\xff\xff\r\xff\xff\n\r" \
"2352j3rkjhadcfasc823rqaw7e1 3dq sdq3d 2dkjqw3h2=====" >$KEY_FILE
KEY_FILE_HEX="303132333435363738396162636465660a010003ffff0dffff0a0d20323335326a33726b6a686164636661736338323372716177376531203364712073647133"
crypt_key ripemd160 256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
crypt_key sha256 256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
crypt_key sha256 128 file $KEY_FILE ${KEY_FILE_HEX:0:32}
crypt_key sha256 512 file $KEY_FILE $KEY_FILE_HEX
# stdin can be limited
crypt_key plain 128 cat /dev/zero 00000000000000000000000000000000 16
crypt_key plain 128 cat /dev/zero 00000000000000000000000000000000 17
crypt_key plain 128 cat $KEY_FILE ${KEY_FILE_HEX:0:28}0000 14
# limiting plain (no hash)
crypt_key plain 256 pwd "xxxxxxxx" 7878787878787878000000000000000000000000000000000000000000000000
crypt_key plain:2 256 pwd "xxxxxxxx" 7878000000000000000000000000000000000000000000000000000000000000
crypt_key plain:9 256 failpwd "xxxxxxxx" x
crypt_key sha256 128 cat $KEY_FILE a82c9227cc54c7475620ce85ba1fca1e 14
crypt_key sha256:14 128 cat $KEY_FILE a82c9227cc54c7475620ce85ba1f0000 14
crypt_key sha256 128 pwd "0123456789abcdef" 9f9f5111f7b27a781f1f1ddde5ebc2dd 16
crypt_key sha256 128 pwd "0123456789abcdef" 1be2e452b46d7a0d9656bbb1f768e824 4
crypt_key sha256 128 pwd "0123" 1be2e452b46d7a0d9656bbb1f768e824 4
cleanup 0
Reference in New Issue View Git Blame Copy Permalink