Google Git
Sign in
nest-open-source / manifest_repos / cryptsetup / 3a262f0bc7b6e4ef39a61dd64ee5f31e5aef12d3 / . / tests / tcrypt-compat-test
blob: a181f745ee6cfca4f7052808ce762b3dc4cd773d [file] [log] [blame]
#!/bin/bash
# check tcrypt images parsing
CRYPTSETUP=../src/cryptsetup
TST_DIR=tcrypt-images
MAP=tctst
PASSWORD="aaaaaaaaaaaa"
PASSWORD_HIDDEN="bbbbbbbbbbbb"
function remove_mapping()
{
[ -b /dev/mapper/$MAP ] && dmsetup remove $MAP
[ -b /dev/mapper/"$MAP"_1 ] && dmsetup remove "$MAP"_1
[ -b /dev/mapper/"$MAP"_2 ] && dmsetup remove "$MAP"_2
}
function fail()
{
[ -n "$1" ] && echo "$1"
echo " [FAILED]"
remove_mapping
exit 2
}
function skip()
{
[ -n "$1" ] && echo "$1"
echo "Test skipped."
exit 0
}
function test_one()
{
$CRYPTSETUP benchmark -c "$1" -s "$2" | grep -v "#" || skip
}
function test_required()
{
which lsblk >/dev/null 2>&1 || skip "WARNING: lsblk tool required."
echo "REQUIRED KDF TEST"
$CRYPTSETUP benchmark -h ripemd160 | grep "N/A" && skip
$CRYPTSETUP benchmark -h whirlpool | grep "N/A" && skip
echo "REQUIRED CIPHERS TEST"
echo "# Algorithm | Key | Encryption | Decryption"
test_one aes-cbc 256
test_one aes-lrw 384
test_one aes-xts 512
test_one twofish-cbc 256
test_one twofish-lrw 384
test_one twofish-xts 512
test_one serpent-cbc 256
test_one serpent-lrw 384
test_one serpent-xts 512
test_one blowfish-cbc 256
test_one des3_ede-cbc 192
test_one cast5 128
}
test_required
export LANG=C
[ ! -d $TST_DIR ] && tar xjf tcrypt-images.tar.bz2 --no-same-owner
echo "HEADER CHECK"
for file in $(ls $TST_DIR/[tv]c_*) ; do
echo -n " $file"
echo $PASSWORD | $CRYPTSETUP tcryptDump --veracrypt $file >/dev/null || fail
echo " [OK]"
done
echo "HEADER CHECK (HIDDEN)"
for file in $(ls $TST_DIR/[tv]c_*-hidden) ; do
echo -n " $file (hidden)"
echo $PASSWORD_HIDDEN | $CRYPTSETUP tcryptDump --tcrypt-hidden --veracrypt $file >/dev/null || fail
echo " [OK]"
done
echo "HEADER KEYFILES CHECK"
for file in $(ls $TST_DIR/[tv]ck_*) ; do
echo -n " $file"
echo $PASSWORD | $CRYPTSETUP tcryptDump --veracrypt -d $TST_DIR/keyfile1 -d $TST_DIR/keyfile2 $file >/dev/null || fail
echo " [OK]"
done
if [ $(id -u) != 0 ]; then
echo "WARNING: You must be root to run activation part of test, test skipped."
exit 0
fi
echo "ACTIVATION FS UUID CHECK"
for file in $(ls $TST_DIR/[tv]c_*) ; do
echo -n " $file"
out=$(echo $PASSWORD | $CRYPTSETUP tcryptOpen --veracrypt -r $file $MAP 2>&1)
ret=$?
[ $ret -eq 1 ] && ( echo "$out" | grep -q -e "TCRYPT legacy mode" ) && echo " [N/A]" && continue
[ $ret -eq 1 ] && ( echo "$out" | grep -q -e "TCRYPT compatible mapping" ) && echo " [N/A]" && continue
[ $ret -ne 0 ] && fail
$CRYPTSETUP status $MAP >/dev/null || fail
$CRYPTSETUP status /dev/mapper/$MAP >/dev/null || fail
UUID=$(lsblk -n -o UUID /dev/mapper/$MAP)
$CRYPTSETUP remove $MAP || fail
[ "$UUID" != "DEAD-BABE" ] && fail "UUID check failed."
echo " [OK]"
done
echo "ACTIVATION FS UUID (HIDDEN) CHECK"
for file in $(ls $TST_DIR/[tv]c_*-hidden) ; do
echo -n " $file"
out=$(echo $PASSWORD_HIDDEN | $CRYPTSETUP tcryptOpen --veracrypt -r $file $MAP --tcrypt-hidden 2>&1)
ret=$?
[ $ret -eq 1 ] && ( echo "$out" | grep -q -e "TCRYPT legacy mode" ) && echo " [N/A]" && continue
[ $ret -eq 1 ] && ( echo "$out" | grep -q -e "TCRYPT compatible mapping" ) && echo " [N/A]" && continue
[ $ret -ne 0 ] && fail
UUID=$(lsblk -n -o UUID /dev/mapper/$MAP)
$CRYPTSETUP remove $MAP || fail
[ "$UUID" != "CAFE-BABE" ] && fail "UUID check failed."
echo " [OK]"
done