eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ef46ded7b4e7a95546a2d6d68bfec8abd18f560a
cryptsetup/tests/opal2-test
Ondrej Kozina ef46ded7b4 Add OPAL2 detached header tests.
2023-08-02 13:46:46 +02:00

94 lines
3.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
PS4='$LINENO:'
[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
PWD1="93R4P4pIqAH8"
DEV_NAME=dummy
HDR_FILE=opal2_test_hdr_file
FAST_PBKDF_OPT="--pbkdf pbkdf2 --pbkdf-force-iterations 1000"
function fail()
{
[ -n "$1" ] && echo "$1"
remove_mapping
echo "FAILED backtrace:"
while caller $frame; do ((frame++)); done
exit 2
}
function remove_mapping()
{
[ -b /dev/mapper/$DEV_NAME ] && dmsetup remove --retry $DEV_NAME
[ -b /dev/mapper/$DEV_NAME-dif ] && dmsetup remove --retry $DEV_NAME-dif
[ -f $HDR_FILE ] && rm -f $HDR_FILE
}
function skip()
{
[ -n "$1" ] && echo "$1"
remove_mapping
exit 77
}
function test_device() #opal_mode, #format_params, #--integrity-no-wipe
{
echo -e "$PWD1\n$OPAL2_ADMIN_PIN" | $CRYPTSETUP luksFormat --type luks2 $1 $2 $3 -q $FAST_PBKDF_OPT $OPAL2_DEV || fail
echo $PWD1 | $CRYPTSETUP open $OPAL2_DEV $DEV_NAME || fail
test -z "$3" || dd if=/dev/zero of=/dev/mapper/$DEV_NAME bs=1M count=1 oflag=direct >/dev/null 2>&1 || fail
$CRYPTSETUP luksSuspend $DEV_NAME || fail
dd if=$OPAL2_DEV of=/dev/zero bs=1M skip=16 count=1 iflag=direct >/dev/null 2>&1 && fail
echo $PWD1 | $CRYPTSETUP luksResume $DEV_NAME || fail
dd if=/dev/mapper/$DEV_NAME of=/dev/zero bs=1M count=1 iflag=direct >/dev/null 2>&1 || fail
$CRYPTSETUP close $DEV_NAME || fail
dd if=$OPAL2_DEV of=/dev/zero bs=1M skip=16 count=1 iflag=direct >/dev/null 2>&1 && fail
echo $OPAL2_ADMIN_PIN | $CRYPTSETUP luksErase $OPAL2_DEV -q || fail
}
function test_device_detached_header() #hdr, #opal_mode, #format_params, #--integrity-no-wipe
{
echo -e "$PWD1\n$OPAL2_ADMIN_PIN" | $CRYPTSETUP luksFormat --type luks2 --header $1 $2 $3 $4 -q $FAST_PBKDF_OPT $OPAL2_DEV || fail
echo $PWD1 | $CRYPTSETUP open $OPAL2_DEV $DEV_NAME --header $1 || fail
test -z "$4" || dd if=/dev/zero of=/dev/mapper/$DEV_NAME bs=1M count=1 oflag=direct >/dev/null 2>&1 || fail
$CRYPTSETUP luksSuspend $DEV_NAME || fail
dd if=$OPAL2_DEV of=/dev/zero bs=1M count=1 iflag=direct >/dev/null 2>&1 && fail
echo $PWD1 | $CRYPTSETUP luksResume $DEV_NAME 2>/dev/null && fail
echo $PWD1 | $CRYPTSETUP luksResume $DEV_NAME --header $1 || fail
dd if=/dev/mapper/$DEV_NAME of=/dev/zero bs=1M count=1 iflag=direct >/dev/null 2>&1 || fail
$CRYPTSETUP close $DEV_NAME || fail
dd if=$OPAL2_DEV of=/dev/zero bs=1M count=1 iflag=direct >/dev/null 2>&1 && fail
echo $PWD1 | $CRYPTSETUP open $OPAL2_DEV $DEV_NAME --header $1 || fail
$CRYPTSETUP close $DEV_NAME --header $1 || fail
dd if=$OPAL2_DEV of=/dev/zero bs=1M count=1 iflag=direct >/dev/null 2>&1 && fail
echo $OPAL2_ADMIN_PIN | $CRYPTSETUP luksErase $OPAL2_DEV -q --header $1 || fail
rm -f $1
}
# Do not run automatically.
[ -z "$OPAL2_DEV" ] && skip "WARNING: Variable OPAL2_DEV must be defined (partition or block dev), test skipped."
[ -z "$OPAL2_ADMIN_PIN" ] && skip "WARNING: Variable OPAL2_ADMIN_PIN must be defined, test skipped."
echo "[1] OPAL2 HW only"
test_device --hw-opal-only
echo "[2] OPAL2 + dmcrypt"
test_device --hw-opal
echo "[3] OPAL2 + auth encryption"
test_device --hw-opal "-c aes-gcm-random --integrity aead" --integrity-no-wipe
test_device --hw-opal "-s 280 -c aes-ccm-random --integrity aead" --integrity-no-wipe
wipefs -a $OPAL2_DEV
echo "[4] OPAL2 HW only (detached header)"
test_device_detached_header $HDR_FILE --hw-opal-only
echo "[5] OPAL2 + dmcrypt (detached header)"
test_device_detached_header $HDR_FILE --hw-opal
echo "[6] OPAL2 + auth encryption (detached header)"
test_device_detached_header $HDR_FILE --hw-opal "-c aes-gcm-random --integrity aead" --integrity-no-wipe
test_device_detached_header $HDR_FILE --hw-opal "-s 280 -c aes-ccm-random --integrity aead" --integrity-no-wipe
Reference in New Issue View Git Blame Copy Permalink