440 lines
19 KiB
Diff
440 lines
19 KiB
Diff
diff -rupN cryptsetup-2.0.4.old/tests/api-test-2.c cryptsetup-2.0.4/tests/api-test-2.c
|
|
--- cryptsetup-2.0.4.old/tests/api-test-2.c 2018-08-08 14:05:02.000387826 +0200
|
|
+++ cryptsetup-2.0.4/tests/api-test-2.c 2018-08-08 14:05:35.946311814 +0200
|
|
@@ -41,6 +41,7 @@ typedef int32_t key_serial_t;
|
|
|
|
#include "api_test.h"
|
|
#include "luks.h"
|
|
+#include "luks2.h"
|
|
#include "libcryptsetup.h"
|
|
|
|
#define DMDIR "/dev/mapper/"
|
|
@@ -165,31 +166,18 @@ static unsigned _min(unsigned a, unsigne
|
|
return a < b ? a : b;
|
|
}
|
|
|
|
-/* FIXME: will fail with various LUKS2 header sizes */
|
|
-static int get_luks2_offsets(int metadata_device,
|
|
- unsigned int alignpayload_sec,
|
|
- unsigned int alignoffset_sec, /* unused in LUKS2, bug? */
|
|
- unsigned int sector_size,
|
|
+static int get_luks2_offsets(unsigned int alignpayload_sec,
|
|
uint64_t *r_header_size,
|
|
uint64_t *r_payload_offset)
|
|
{
|
|
- if (!sector_size)
|
|
- sector_size = 512; /* default? */
|
|
-
|
|
- if ((sector_size % 512) && (sector_size % 4096))
|
|
- return -1;
|
|
-
|
|
if (r_payload_offset) {
|
|
- if (metadata_device)
|
|
- *r_payload_offset = DIV_ROUND_UP_MODULO(4*1024*1024, (alignpayload_sec ?: 1) * sector_size);
|
|
- else
|
|
- *r_payload_offset = alignpayload_sec * sector_size;
|
|
+ *r_payload_offset = DIV_ROUND_UP_MODULO(LUKS2_HDR_DEFAULT_LEN, (alignpayload_sec ?: 1) * SECTOR_SIZE);
|
|
|
|
- *r_payload_offset /= sector_size;
|
|
+ *r_payload_offset >>= SECTOR_SHIFT;
|
|
}
|
|
|
|
if (r_header_size)
|
|
- *r_header_size = (4*1024*1024) / sector_size;
|
|
+ *r_header_size = LUKS2_HDR_DEFAULT_LEN >> SECTOR_SHIFT;
|
|
|
|
return 0;
|
|
}
|
|
@@ -585,7 +573,7 @@ static void AddDeviceLuks2(void)
|
|
crypt_decode_key(key3, mk_hex2, key_size);
|
|
|
|
// init test devices
|
|
- OK_(get_luks2_offsets(1, 0, 0, 0, &r_header_size, &r_payload_offset));
|
|
+ OK_(get_luks2_offsets(0, &r_header_size, &r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
|
|
OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_size - 1));
|
|
|
|
@@ -613,8 +601,8 @@ static void AddDeviceLuks2(void)
|
|
/*
|
|
* test limit values for backing device size
|
|
*/
|
|
- params.data_alignment = 8192;
|
|
- OK_(get_luks2_offsets(0, params.data_alignment, 0, 0, NULL, &r_payload_offset));
|
|
+ params.data_alignment = LUKS2_HDR_DEFAULT_LEN >> SECTOR_SHIFT;
|
|
+ OK_(get_luks2_offsets(params.data_alignment, NULL, &r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_0S, r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_WRONG, r_payload_offset - 1));
|
|
@@ -767,7 +755,7 @@ static void AddDeviceLuks2(void)
|
|
OK_(strcmp(cipher, crypt_get_cipher(cd)));
|
|
OK_(strcmp(cipher_mode, crypt_get_cipher_mode(cd)));
|
|
EQ_((int)key_size, crypt_get_volume_key_size(cd));
|
|
- EQ_(8192, crypt_get_data_offset(cd));
|
|
+ EQ_((LUKS2_HDR_DEFAULT_LEN >> SECTOR_SHIFT), crypt_get_data_offset(cd));
|
|
OK_(strcmp(DEVICE_2, crypt_get_device_name(cd)));
|
|
|
|
reset_log();
|
|
@@ -809,7 +797,7 @@ static void AddDeviceLuks2(void)
|
|
FAIL_(crypt_keyslot_add_by_volume_key(cd, 1, key, key_size, PASSPHRASE, strlen(PASSPHRASE)), "VK doesn't match any digest");
|
|
crypt_free(cd);
|
|
|
|
- OK_(create_dmdevice_over_loop(L_DEVICE_1S, 8193));
|
|
+ OK_(create_dmdevice_over_loop(L_DEVICE_1S, (LUKS2_HDR_DEFAULT_LEN >> SECTOR_SHIFT) + 1));
|
|
OK_(crypt_init(&cd, DMDIR L_DEVICE_1S));
|
|
crypt_set_iteration_time(cd, 1);
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
|
|
@@ -900,7 +888,7 @@ static void Luks2HeaderRestore(void)
|
|
|
|
crypt_decode_key(key, mk_hex, key_size);
|
|
|
|
- OK_(get_luks2_offsets(0, params.data_alignment, 0, 0, NULL, &r_payload_offset));
|
|
+ OK_(get_luks2_offsets(params.data_alignment, NULL, &r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 5000));
|
|
|
|
// do not restore header over plain device
|
|
@@ -976,18 +964,20 @@ static void Luks2HeaderLoad(void)
|
|
size_t key_size = strlen(mk_hex) / 2;
|
|
const char *cipher = "aes";
|
|
const char *cipher_mode = "cbc-essiv:sha256";
|
|
- uint64_t r_payload_offset, r_header_size;
|
|
+ uint64_t r_payload_offset, r_header_size, r_header_size_compat;
|
|
|
|
crypt_decode_key(key, mk_hex, key_size);
|
|
|
|
// prepare test env
|
|
- OK_(get_luks2_offsets(0, params.data_alignment, 0, 0, &r_header_size, &r_payload_offset));
|
|
+ OK_(t_device_size(IMAGE1, &r_header_size_compat));
|
|
+ r_header_size_compat >>= SECTOR_SHIFT;
|
|
+ OK_(get_luks2_offsets(params.data_alignment, &r_header_size, &r_payload_offset));
|
|
// external header device
|
|
OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
|
|
// prepared header on a device too small to contain header and payload
|
|
- //OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_payload_offset - 1));
|
|
- OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_size - 1));
|
|
- snprintf(cmd, sizeof(cmd), "dd if=" IMAGE1 " of=" DMDIR H_DEVICE_WRONG " bs=%" PRIu32 " count=%" PRIu64 " 2>/dev/null", params.sector_size, r_header_size - 1);
|
|
+ // compatimage2.img contains one sector of data. to create wrong device we need one sector less than the header size
|
|
+ OK_(create_dmdevice_over_loop(H_DEVICE_WRONG, r_header_size_compat - 2));
|
|
+ snprintf(cmd, sizeof(cmd), "dd if=" IMAGE1 " of=" DMDIR H_DEVICE_WRONG " bs=%" PRIu32 " count=%" PRIu64 " 2>/dev/null", params.sector_size, r_header_size_compat - 2);
|
|
OK_(_system(cmd, 1));
|
|
// some device
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
|
|
@@ -1092,7 +1082,7 @@ static void Luks2HeaderBackup(void)
|
|
|
|
crypt_decode_key(key, mk_hex, key_size);
|
|
|
|
- OK_(get_luks2_offsets(0, params.data_alignment, 0, 0, NULL, &r_payload_offset));
|
|
+ OK_(get_luks2_offsets(params.data_alignment, NULL, &r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1));
|
|
|
|
// create LUKS device and backup the header
|
|
@@ -1180,8 +1170,8 @@ static void ResizeDeviceLuks2(void)
|
|
crypt_decode_key(key, mk_hex, key_size);
|
|
|
|
// prepare env
|
|
- OK_(get_luks2_offsets(0, params.data_alignment, 0, 0, NULL, &r_payload_offset));
|
|
- OK_(get_luks2_offsets(1, 0, 0, 0, &r_header_size, NULL));
|
|
+ OK_(get_luks2_offsets(params.data_alignment, NULL, &r_payload_offset));
|
|
+ OK_(get_luks2_offsets(0, &r_header_size, NULL));
|
|
OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 1000));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_0S, 1000));
|
|
@@ -1303,7 +1293,7 @@ static void TokenActivationByKeyring(voi
|
|
}
|
|
|
|
// prepare the device
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
crypt_set_iteration_time(cd, 1);
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
|
|
@@ -1312,7 +1302,7 @@ static void TokenActivationByKeyring(voi
|
|
crypt_free(cd);
|
|
|
|
// test thread keyring key in token 0
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_token(cd, CDEVICE_1, 3, NULL, 0), 0);
|
|
FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 3, NULL, 0), "already open");
|
|
@@ -1331,7 +1321,7 @@ static void TokenActivationByKeyring(voi
|
|
}
|
|
|
|
// add token 1 with process keyring key
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_token_json_set(cd, 3, NULL), 3);
|
|
EQ_(crypt_token_luks2_keyring_set(cd, 1, ¶ms), 1);
|
|
@@ -1339,7 +1329,7 @@ static void TokenActivationByKeyring(voi
|
|
crypt_free(cd);
|
|
|
|
// test process keyring key in token 1
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), 0);
|
|
FAIL_(crypt_activate_by_token(cd, CDEVICE_1, 1, NULL, 0), "already open");
|
|
@@ -1364,7 +1354,7 @@ static void TokenActivationByKeyring(voi
|
|
exit(1);
|
|
}
|
|
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_token_luks2_keyring_set(cd, 0, ¶ms), 0);
|
|
EQ_(crypt_token_assign_keyslot(cd, 0, 0), 0);
|
|
@@ -1376,7 +1366,7 @@ static void TokenActivationByKeyring(voi
|
|
crypt_free(cd);
|
|
|
|
// activate by specific token
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, NULL, 0), 0);
|
|
OK_(crypt_deactivate(cd, CDEVICE_1));
|
|
@@ -1390,7 +1380,7 @@ static void TokenActivationByKeyring(voi
|
|
}
|
|
|
|
// activate by any token with token 0 having absent pass from keyring
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
|
|
OK_(crypt_deactivate(cd, CDEVICE_1));
|
|
@@ -1403,7 +1393,7 @@ static void TokenActivationByKeyring(voi
|
|
}
|
|
|
|
// replace pass for keyslot 0 making token 0 invalid
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
OK_(crypt_keyslot_destroy(cd, 0));
|
|
crypt_set_iteration_time(cd, 1);
|
|
@@ -1411,7 +1401,7 @@ static void TokenActivationByKeyring(voi
|
|
crypt_free(cd);
|
|
|
|
// activate by any token with token 0 having wrong pass for keyslot 0
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
|
|
OK_(crypt_deactivate(cd, CDEVICE_1));
|
|
@@ -1420,7 +1410,7 @@ static void TokenActivationByKeyring(voi
|
|
// create new device, with two tokens:
|
|
// 1st token being invalid (missing key in keyring)
|
|
// 2nd token can activate keyslot 1 after failing to do so w/ keyslot 0 (wrong pass)
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
crypt_set_iteration_time(cd, 1);
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
|
|
@@ -1442,7 +1432,7 @@ static void TokenActivationByKeyring(voi
|
|
exit(1);
|
|
}
|
|
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_token(cd, CDEVICE_1, CRYPT_ANY_TOKEN, NULL, 0), 1);
|
|
OK_(crypt_deactivate(cd, CDEVICE_1));
|
|
@@ -1507,7 +1497,7 @@ static void Tokens(void)
|
|
FAIL_(crypt_token_register(&th_reserved), "luks2- is reserved prefix");
|
|
|
|
// basic token API tests
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
crypt_set_iteration_time(cd, 1);
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
|
|
EQ_(crypt_token_status(cd, -1, NULL), CRYPT_TOKEN_INVALID);
|
|
@@ -1706,7 +1696,7 @@ static void LuksConvert(void)
|
|
crypt_free(cd);
|
|
|
|
// exercice non-pbkdf2 LUKSv2 conversion
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
|
|
OK_(crypt_set_pbkdf_type(cd, &argon));
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
|
|
@@ -1714,7 +1704,7 @@ static void LuksConvert(void)
|
|
crypt_free(cd);
|
|
|
|
// exercice non LUKS1 compatible keyslot
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
|
|
EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
|
|
@@ -1723,7 +1713,7 @@ static void LuksConvert(void)
|
|
crypt_free(cd);
|
|
|
|
// exercice LUKSv2 conversion with single pbkdf2 keyslot being active
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
|
|
offset = crypt_get_data_offset(cd);
|
|
OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
|
|
@@ -1731,13 +1721,13 @@ static void LuksConvert(void)
|
|
OK_(crypt_convert(cd, CRYPT_LUKS1, NULL));
|
|
EQ_(crypt_get_data_offset(cd), offset);
|
|
crypt_free(cd);
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS, NULL));
|
|
EQ_(crypt_get_data_offset(cd), offset);
|
|
crypt_free(cd);
|
|
|
|
// do not allow conversion on keyslot No > 7
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 8, NULL, 32, PASSPHRASE1, strlen(PASSPHRASE1)), 8);
|
|
@@ -1745,14 +1735,14 @@ static void LuksConvert(void)
|
|
crypt_free(cd);
|
|
|
|
// do not allow conversion with token
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, &luks2));
|
|
OK_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, json));
|
|
FAIL_(crypt_convert(cd, CRYPT_LUKS1, NULL), "Can't convert header with token.");
|
|
crypt_free(cd);
|
|
|
|
// should be enough for both luks1 and luks2 devices with all vk lengths
|
|
- OK_(get_luks2_offsets(1, 0, 0, 0, NULL, &r_payload_offset));
|
|
+ OK_(get_luks2_offsets(0, NULL, &r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_1S, r_payload_offset + 1));
|
|
|
|
// do not allow conversion for legacy luks1 device (non-aligned keyslot offset)
|
|
@@ -2202,7 +2192,7 @@ static void Pbkdf(void)
|
|
|
|
// test LUKSv2 device
|
|
// test default values are set
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, mode, NULL, NULL, 32, NULL));
|
|
NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
|
|
OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
|
|
@@ -2259,7 +2249,7 @@ static void Pbkdf(void)
|
|
FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Unknown hash member");
|
|
crypt_free(cd);
|
|
// test whether crypt_get_pbkdf_type() behaves accordingly after second crypt_load() call
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS, NULL));
|
|
NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
|
|
OK_(strcmp(pbkdf->type, DEFAULT_LUKS2_PBKDF));
|
|
@@ -2277,7 +2267,7 @@ static void Pbkdf(void)
|
|
crypt_free(cd);
|
|
|
|
// test crypt_set_pbkdf_type() overwrites invalid value set by crypt_set_iteration_time()
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
crypt_set_iteration_time(cd, 0);
|
|
OK_(crypt_set_pbkdf_type(cd, &argon2));
|
|
NOTNULL_(pbkdf = crypt_get_pbkdf_type(cd));
|
|
@@ -2352,7 +2342,7 @@ static void Luks2KeyslotAdd(void)
|
|
crypt_decode_key(key2, mk_hex2, key_size);
|
|
|
|
/* test crypt_keyslot_add_by_key */
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
crypt_set_iteration_time(cd, 1);
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, key, key_size, NULL));
|
|
EQ_(crypt_keyslot_add_by_key(cd, 1, key2, key_size, PASSPHRASE1, strlen(PASSPHRASE1), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
|
|
@@ -2432,7 +2422,7 @@ static void Luks2ActivateByKeyring(void)
|
|
}
|
|
|
|
// prepare the device
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
crypt_set_iteration_time(cd, 1);
|
|
OK_(crypt_format(cd, CRYPT_LUKS2, cipher, cipher_mode, NULL, NULL, 32, NULL));
|
|
EQ_(crypt_keyslot_add_by_volume_key(cd, 0, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 0);
|
|
@@ -2442,7 +2432,7 @@ static void Luks2ActivateByKeyring(void)
|
|
|
|
// FIXME: all following tests work as expected but most error messages are missing
|
|
// check activate by keyring works exactly same as by passphrase
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
EQ_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, 0, 0), 0);
|
|
EQ_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, 0, 0), 0);
|
|
@@ -2472,7 +2462,7 @@ static void Luks2ActivateByKeyring(void)
|
|
exit(1);
|
|
}
|
|
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
FAIL_(crypt_activate_by_keyring(cd, NULL, KEY_DESC_TEST0, CRYPT_ANY_SLOT, 0), "no such key in keyring");
|
|
FAIL_(crypt_activate_by_keyring(cd, CDEVICE_1, KEY_DESC_TEST0, CRYPT_ANY_SLOT, 0), "no such key in keyring");
|
|
@@ -2718,7 +2708,7 @@ static void Luks2Requirements(void)
|
|
OK_(crypt_activate_by_token(cd, NULL, 1, NULL, 0));
|
|
OK_(crypt_activate_by_token(cd, NULL, 1, NULL, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0));
|
|
#endif
|
|
- OK_(get_luks2_offsets(1, 8192, 0, 0, NULL, &r_payload_offset));
|
|
+ OK_(get_luks2_offsets(8192, NULL, &r_payload_offset));
|
|
OK_(create_dmdevice_over_loop(L_DEVICE_OK, r_payload_offset + 2));
|
|
//OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" NO_REQS_LUKS2_HEADER " bs=4096 2>/dev/null", 1));
|
|
OK_(_system("dd if=" NO_REQS_LUKS2_HEADER " of=" DMDIR L_DEVICE_OK " bs=1M count=4 oflag=direct 2>/dev/null", 1));
|
|
@@ -2863,7 +2853,7 @@ static void Luks2Flags(void)
|
|
struct crypt_device *cd;
|
|
uint32_t flags = 42;
|
|
|
|
- OK_(crypt_init(&cd, DEVICE_1));
|
|
+ OK_(crypt_init(&cd, DEVICE_2));
|
|
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
|
|
|
|
/* check library erase passed variable on success when no flags set */
|
|
diff -rupN cryptsetup-2.0.4.old/tests/Makefile.am cryptsetup-2.0.4/tests/Makefile.am
|
|
--- cryptsetup-2.0.4.old/tests/Makefile.am 2018-08-08 14:05:02.008387808 +0200
|
|
+++ cryptsetup-2.0.4/tests/Makefile.am 2018-08-08 14:05:35.944311818 +0200
|
|
@@ -80,7 +80,7 @@ api_test_CPPFLAGS = $(AM_CPPFLAGS) -incl
|
|
api_test_2_SOURCES = api-test-2.c api_test.h test_utils.c
|
|
api_test_2_LDADD = ../libcryptsetup.la
|
|
api_test_2_LDFLAGS = $(AM_LDFLAGS) -static
|
|
-api_test_2_CFLAGS = -g -Wall -O0 $(AM_CFLAGS) -I$(top_srcdir)/lib/ -I$(top_srcdir)/lib/luks1
|
|
+api_test_2_CFLAGS = -g -Wall -O0 $(AM_CFLAGS) -I$(top_srcdir)/lib/ -I$(top_srcdir)/lib/luks1 -I$(top_srcdir)/lib/luks2
|
|
api_test_2_CPPFLAGS = $(AM_CPPFLAGS) -include config.h
|
|
|
|
vectors_test_SOURCES = crypto-vectors.c
|
|
diff -rupN cryptsetup-2.0.4.old/tests/Makefile.in cryptsetup-2.0.4/tests/Makefile.in
|
|
--- cryptsetup-2.0.4.old/tests/Makefile.in 2018-08-08 14:05:02.000387826 +0200
|
|
+++ cryptsetup-2.0.4/tests/Makefile.in 2018-08-08 14:08:28.749924872 +0200
|
|
@@ -466,7 +466,7 @@ api_test_CPPFLAGS = $(AM_CPPFLAGS) -incl
|
|
api_test_2_SOURCES = api-test-2.c api_test.h test_utils.c
|
|
api_test_2_LDADD = ../libcryptsetup.la
|
|
api_test_2_LDFLAGS = $(AM_LDFLAGS) -static
|
|
-api_test_2_CFLAGS = -g -Wall -O0 $(AM_CFLAGS) -I$(top_srcdir)/lib/ -I$(top_srcdir)/lib/luks1
|
|
+api_test_2_CFLAGS = -g -Wall -O0 $(AM_CFLAGS) -I$(top_srcdir)/lib/ -I$(top_srcdir)/lib/luks1 -I$(top_srcdir)/lib/luks2
|
|
api_test_2_CPPFLAGS = $(AM_CPPFLAGS) -include config.h
|
|
vectors_test_SOURCES = crypto-vectors.c
|
|
vectors_test_LDADD = ../libcrypto_backend.la @CRYPTO_LIBS@ @LIBARGON2_LIBS@
|
|
diff -rupN cryptsetup-2.0.4.old/tests/test_utils.c cryptsetup-2.0.4/tests/test_utils.c
|
|
--- cryptsetup-2.0.4.old/tests/test_utils.c 2018-08-08 14:05:02.008387808 +0200
|
|
+++ cryptsetup-2.0.4/tests/test_utils.c 2018-08-08 14:05:35.947311812 +0200
|
|
@@ -118,13 +118,21 @@ void xlog(const char *msg, const char *t
|
|
|
|
int t_device_size(const char *device, uint64_t *size)
|
|
{
|
|
+ struct stat st;
|
|
int devfd, r = 0;
|
|
|
|
devfd = open(device, O_RDONLY);
|
|
if(devfd == -1)
|
|
return -EINVAL;
|
|
|
|
- if (ioctl(devfd, BLKGETSIZE64, size) < 0)
|
|
+ if (fstat(devfd, &st) < 0) {
|
|
+ close(devfd);
|
|
+ return -EINVAL;
|
|
+ }
|
|
+
|
|
+ if (S_ISREG(st.st_mode))
|
|
+ *size = (uint64_t)st.st_size;
|
|
+ else if (ioctl(devfd, BLKGETSIZE64, size) < 0)
|
|
r = -EINVAL;
|
|
close(devfd);
|
|
return r;
|