1 2. $(atf_get_srcdir)/conf.sh 3 4onetime_test() 5{ 6 cipher=$1 7 secsize=$2 8 ealgo=${cipher%%:*} 9 keylen=${cipher##*:} 10 11 atf_check -s exit:0 -o ignore -e ignore \ 12 geli onetime -e $ealgo -l $keylen -s $secsize ${md} 13 14 atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none 15 16 md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` 17 atf_check_equal 0 $? 18 md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` 19 atf_check_equal 0 $? 20 md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none | md5` 21 atf_check_equal 0 $? 22 23 if [ ${md_rnd} != ${md_ddev} ]; then 24 atf_fail "geli did not return the original data" 25 fi 26 if [ ${md_rnd} == ${md_edev} ]; then 27 atf_fail "geli did not encrypt the data" 28 fi 29} 30atf_test_case onetime cleanup 31onetime_head() 32{ 33 atf_set "descr" "geli onetime can create temporary providers" 34 atf_set "require.user" "root" 35 atf_set "timeout" 1800 36} 37onetime_body() 38{ 39 geli_test_setup 40 41 sectors=100 42 43 dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none 44 for_each_geli_config_nointegrity onetime_test 45} 46onetime_cleanup() 47{ 48 geli_test_cleanup 49} 50 51onetime_a_test() 52{ 53 cipher=$1 54 aalgo=$2 55 secsize=$3 56 ealgo=${cipher%%:*} 57 keylen=${cipher##*:} 58 59 atf_check -s exit:0 -o ignore -e ignore \ 60 geli onetime -a $aalgo -e $ealgo -l $keylen -s $secsize ${md} 61 62 atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none 63 64 md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` 65 atf_check_equal 0 $? 66 md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` 67 atf_check_equal 0 $? 68 69 if [ ${md_rnd} != ${md_ddev} ]; then 70 atf_fail "Miscompare for aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" 71 fi 72} 73atf_test_case onetime_a cleanup 74onetime_a_head() 75{ 76 atf_set "descr" "geli onetime with HMACs" 77 atf_set "require.user" "root" 78 atf_set "timeout" 1800 79} 80onetime_a_body() 81{ 82 geli_test_setup 83 84 sectors=8 85 86 atf_check dd if=/dev/random of=rnd bs=$MAX_SECSIZE count=$sectors \ 87 status=none 88 for_each_geli_config onetime_a_test 89} 90onetime_a_cleanup() 91{ 92 geli_test_cleanup 93} 94 95atf_test_case onetime_d cleanup 96onetime_d_head() 97{ 98 atf_set "descr" "geli onetime -d will create providers that detach on last close" 99 atf_set "require.user" "root" 100} 101onetime_d_body() 102{ 103 geli_test_setup 104 105 sectors=100 106 md=$(attach_md -t malloc -s $sectors) 107 108 atf_check geli onetime -d ${md} 109 if [ ! -c /dev/${md}.eli ]; then 110 atf_fail "Provider not created, or immediately detached" 111 fi 112 113 # Be sure it doesn't detach on read. 114 atf_check dd if=/dev/${md}.eli of=/dev/null status=none 115 sleep 1 116 if [ ! -c /dev/${md}.eli ]; then 117 atf_fail "Provider detached when a reader closed" 118 fi 119 120 # It should detach when a writer closes 121 true > /dev/${md}.eli 122 sleep 1 123 if [ -c /dev/${md}.eli ]; then 124 atf_fail "Provider didn't detach on last close of a writer" 125 fi 126} 127onetime_d_cleanup() 128{ 129 geli_test_cleanup 130} 131 132atf_test_case onetime_null cleanup 133onetime_null_head() 134{ 135 atf_set "descr" "geli onetime can use the null cipher" 136 atf_set "require.user" "root" 137} 138onetime_null_body() 139{ 140 geli_test_setup 141 142 sectors=100 143 144 dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none 145 146 secsize=512 147 ealgo=${cipher%%:*} 148 keylen=${cipher##*:} 149 150 md=$(attach_md -t malloc -s 100k) 151 152 atf_check -s exit:0 -o ignore -e ignore \ 153 geli onetime -e null -s ${secsize} ${md} 154 155 atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none 156 157 md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` 158 atf_check_equal 0 $? 159 md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` 160 atf_check_equal 0 $? 161 md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none | md5` 162 atf_check_equal 0 $? 163 164 if [ ${md_rnd} != ${md_ddev} ]; then 165 atf_fail "geli did not return the original data" 166 fi 167 if [ ${md_rnd} != ${md_edev} ]; then 168 atf_fail "geli encrypted the data even with the null cipher" 169 fi 170} 171onetime_null_cleanup() 172{ 173 geli_test_cleanup 174} 175 176atf_init_test_cases() 177{ 178 atf_add_test_case onetime 179 atf_add_test_case onetime_a 180 atf_add_test_case onetime_d 181 atf_add_test_case onetime_null 182} 183