1# $FreeBSD$ 2 3. $(atf_get_srcdir)/conf.sh 4 5onetime_test() 6{ 7 cipher=$1 8 secsize=$2 9 ealgo=${cipher%%:*} 10 keylen=${cipher##*:} 11 12 atf_check -s exit:0 -o ignore -e ignore \ 13 geli onetime -e $ealgo -l $keylen -s $secsize ${md} 14 15 atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none 16 17 md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` 18 atf_check_equal 0 $? 19 md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` 20 atf_check_equal 0 $? 21 md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none | md5` 22 atf_check_equal 0 $? 23 24 if [ ${md_rnd} != ${md_ddev} ]; then 25 atf_fail "geli did not return the original data" 26 fi 27 if [ ${md_rnd} == ${md_edev} ]; then 28 atf_fail "geli did not encrypt the data" 29 fi 30} 31atf_test_case onetime cleanup 32onetime_head() 33{ 34 atf_set "descr" "geli onetime can create temporary providers" 35 atf_set "require.user" "root" 36 atf_set "timeout" 1800 37} 38onetime_body() 39{ 40 geli_test_setup 41 42 sectors=100 43 44 dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none 45 for_each_geli_config_nointegrity onetime_test 46} 47onetime_cleanup() 48{ 49 geli_test_cleanup 50} 51 52onetime_a_test() 53{ 54 cipher=$1 55 aalgo=$2 56 secsize=$3 57 ealgo=${cipher%%:*} 58 keylen=${cipher##*:} 59 60 atf_check -s exit:0 -o ignore -e ignore \ 61 geli onetime -a $aalgo -e $ealgo -l $keylen -s $secsize ${md} 62 63 atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none 64 65 md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` 66 atf_check_equal 0 $? 67 md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` 68 atf_check_equal 0 $? 69 70 if [ ${md_rnd} != ${md_ddev} ]; then 71 atf_fail "Miscompare for aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" 72 fi 73} 74atf_test_case onetime_a cleanup 75onetime_a_head() 76{ 77 atf_set "descr" "geli onetime with HMACs" 78 atf_set "require.user" "root" 79 atf_set "timeout" 1800 80} 81onetime_a_body() 82{ 83 geli_test_setup 84 85 sectors=8 86 87 atf_check dd if=/dev/random of=rnd bs=$MAX_SECSIZE count=$sectors \ 88 status=none 89 for_each_geli_config onetime_a_test 90} 91onetime_a_cleanup() 92{ 93 geli_test_cleanup 94} 95 96atf_test_case onetime_d cleanup 97onetime_d_head() 98{ 99 atf_set "descr" "geli onetime -d will create providers that detach on last close" 100 atf_set "require.user" "root" 101} 102onetime_d_body() 103{ 104 geli_test_setup 105 106 sectors=100 107 md=$(attach_md -t malloc -s $sectors) 108 109 atf_check geli onetime -d ${md} 110 if [ ! -c /dev/${md}.eli ]; then 111 atf_fail "Provider not created, or immediately detached" 112 fi 113 114 # Be sure it doesn't detach on read. 115 atf_check dd if=/dev/${md}.eli of=/dev/null status=none 116 sleep 1 117 if [ ! -c /dev/${md}.eli ]; then 118 atf_fail "Provider detached when a reader closed" 119 fi 120 121 # It should detach when a writer closes 122 true > /dev/${md}.eli 123 sleep 1 124 if [ -c /dev/${md}.eli ]; then 125 atf_fail "Provider didn't detach on last close of a writer" 126 fi 127} 128onetime_d_cleanup() 129{ 130 geli_test_cleanup 131} 132 133atf_test_case onetime_null cleanup 134onetime_null_head() 135{ 136 atf_set "descr" "geli onetime can use the null cipher" 137 atf_set "require.user" "root" 138} 139onetime_null_body() 140{ 141 geli_test_setup 142 143 sectors=100 144 145 dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none 146 147 secsize=512 148 ealgo=${cipher%%:*} 149 keylen=${cipher##*:} 150 151 md=$(attach_md -t malloc -s 100k) 152 153 atf_check -s exit:0 -o ignore -e ignore \ 154 geli onetime -e null -s ${secsize} ${md} 155 156 atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none 157 158 md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` 159 atf_check_equal 0 $? 160 md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` 161 atf_check_equal 0 $? 162 md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none | md5` 163 atf_check_equal 0 $? 164 165 if [ ${md_rnd} != ${md_ddev} ]; then 166 atf_fail "geli did not return the original data" 167 fi 168 if [ ${md_rnd} != ${md_edev} ]; then 169 atf_fail "geli encrypted the data even with the null cipher" 170 fi 171} 172onetime_null_cleanup() 173{ 174 geli_test_cleanup 175} 176 177atf_init_test_cases() 178{ 179 atf_add_test_case onetime 180 atf_add_test_case onetime_a 181 atf_add_test_case onetime_d 182 atf_add_test_case onetime_null 183} 184