xref: /freebsd/tests/sys/geom/class/eli/conf.sh (revision 1d23aa6ec73baf53cb6f336c4ce91d6cb1c1fb0f) 
109d98641SEnji Cooper#!/bin/sh
209d98641SEnji Cooper# $FreeBSD$
309d98641SEnji Cooper
409d98641SEnji Cooperclass="eli"
5f397a004SAlan Somersbase=$(atf_get ident)
65dce212dSAlan SomersMAX_SECSIZE=8192
7f397a004SAlan SomersTEST_MDS_FILE=md.devs
8f397a004SAlan Somers
9f397a004SAlan Somersattach_md()
10f397a004SAlan Somers{
11f397a004SAlan Somers	local test_md
12f397a004SAlan Somers
13f397a004SAlan Somers	test_md=$(mdconfig -a "$@") || atf_fail "failed to allocate md(4)"
14f397a004SAlan Somers	echo $test_md >> $TEST_MDS_FILE || exit
15f397a004SAlan Somers	echo $test_md
16f397a004SAlan Somers}
1709d98641SEnji Cooper
18f92ce022SAlan Somers# Execute `func` for each combination of cipher, sectorsize, and hmac algo
19f92ce022SAlan Somers# `func` usage should be:
20f92ce022SAlan Somers# func <cipher> <aalgo> <secsize>
21f92ce022SAlan Somersfor_each_geli_config() {
22f92ce022SAlan Somers	func=$1
23*1d23aa6eSAlan Somers	backing_filename=$2
24f92ce022SAlan Somers
255dce212dSAlan Somers	# Double the sector size to allow for the HMACs' storage space.
265dce212dSAlan Somers	osecsize=$(( $MAX_SECSIZE * 2 ))
275dce212dSAlan Somers	# geli needs 512B for the label.
285dce212dSAlan Somers	bytes=`expr $osecsize \* $sectors + 512`b
29*1d23aa6eSAlan Somers
30*1d23aa6eSAlan Somers	if [ -n "$backing_filename" ]; then
31*1d23aa6eSAlan Somers		# Use a file-backed md(4) device, so we can deliberatly corrupt
32*1d23aa6eSAlan Somers		# it without detaching the geli device first.
33*1d23aa6eSAlan Somers		truncate -s $bytes backing_file
34*1d23aa6eSAlan Somers		md=$(attach_md -t vnode -f backing_file)
35*1d23aa6eSAlan Somers	else
365dce212dSAlan Somers		md=$(attach_md -t malloc -s $bytes)
37*1d23aa6eSAlan Somers	fi
38*1d23aa6eSAlan Somers
39f92ce022SAlan Somers	for cipher in aes-xts:128 aes-xts:256 \
40f92ce022SAlan Somers	    aes-cbc:128 aes-cbc:192 aes-cbc:256 \
41f92ce022SAlan Somers	    3des-cbc:192 \
42f92ce022SAlan Somers	    blowfish-cbc:128 blowfish-cbc:160 blowfish-cbc:192 \
43f92ce022SAlan Somers	    blowfish-cbc:224 blowfish-cbc:256 blowfish-cbc:288 \
44f92ce022SAlan Somers	    blowfish-cbc:320 blowfish-cbc:352 blowfish-cbc:384 \
45f92ce022SAlan Somers	    blowfish-cbc:416 blowfish-cbc:448 \
46f92ce022SAlan Somers	    camellia-cbc:128 camellia-cbc:192 camellia-cbc:256; do
47f92ce022SAlan Somers		ealgo=${cipher%%:*}
48f92ce022SAlan Somers		keylen=${cipher##*:}
49f92ce022SAlan Somers		for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 \
50f92ce022SAlan Somers		    hmac/sha384 hmac/sha512; do
515dce212dSAlan Somers			for secsize in 512 1024 2048 4096 $MAX_SECSIZE; do
52f92ce022SAlan Somers				${func} $cipher $aalgo $secsize
532e23c411SAlan Somers				geli detach ${md} 2>/dev/null
54f92ce022SAlan Somers			done
55f92ce022SAlan Somers		done
56f92ce022SAlan Somers	done
57f92ce022SAlan Somers}
58f92ce022SAlan Somers
59f92ce022SAlan Somers# Execute `func` for each combination of cipher, and sectorsize, with no hmac
60f92ce022SAlan Somers# `func` usage should be:
61f92ce022SAlan Somers# func <cipher> <secsize>
62f92ce022SAlan Somersfor_each_geli_config_nointegrity() {
63f92ce022SAlan Somers	func=$1
64f92ce022SAlan Somers
655dce212dSAlan Somers	# geli needs 512B for the label.
665dce212dSAlan Somers	bytes=`expr $MAX_SECSIZE \* $sectors + 512`b
675dce212dSAlan Somers	md=$(attach_md -t malloc -s $bytes)
68f92ce022SAlan Somers	for cipher in aes-xts:128 aes-xts:256 \
69f92ce022SAlan Somers	    aes-cbc:128 aes-cbc:192 aes-cbc:256 \
70f92ce022SAlan Somers	    3des-cbc:192 \
71f92ce022SAlan Somers	    blowfish-cbc:128 blowfish-cbc:160 blowfish-cbc:192 \
72f92ce022SAlan Somers	    blowfish-cbc:224 blowfish-cbc:256 blowfish-cbc:288 \
73f92ce022SAlan Somers	    blowfish-cbc:320 blowfish-cbc:352 blowfish-cbc:384 \
74f92ce022SAlan Somers	    blowfish-cbc:416 blowfish-cbc:448 \
75f92ce022SAlan Somers	    camellia-cbc:128 camellia-cbc:192 camellia-cbc:256; do
76f92ce022SAlan Somers		ealgo=${cipher%%:*}
77f92ce022SAlan Somers		keylen=${cipher##*:}
785dce212dSAlan Somers		for secsize in 512 1024 2048 4096 $MAX_SECSIZE; do
79610b95a1SAlan Somers			${func} $cipher $secsize
802e23c411SAlan Somers			geli detach ${md} 2>/dev/null
81f92ce022SAlan Somers		done
82f92ce022SAlan Somers	done
83f92ce022SAlan Somers}
84f92ce022SAlan Somers
85f92ce022SAlan Somers
8609d98641SEnji Coopergeli_test_cleanup()
8709d98641SEnji Cooper{
88041999e3SAlan Somers	if [ -f "$TEST_MDS_FILE" ]; then
89041999e3SAlan Somers		while read md; do
90041999e3SAlan Somers			[ -c /dev/${md}.eli ] && \
91041999e3SAlan Somers				geli detach $md.eli 2>/dev/null
92041999e3SAlan Somers			mdconfig -d -u $md 2>/dev/null
93041999e3SAlan Somers		done < $TEST_MDS_FILE
94041999e3SAlan Somers	fi
95f397a004SAlan Somers	true
9609d98641SEnji Cooper}
9709d98641SEnji Cooper
9809d98641SEnji Cooper. `dirname $0`/../geom_subr.sh
99