1#!/bin/sh 2# $FreeBSD$ 3 4. $(atf_get_srcdir)/conf.sh 5 6atf_test_case setkey cleanup 7setkey_head() 8{ 9 atf_set "descr" "geli setkey can change the key for an existing provider" 10 atf_set "require.user" "root" 11} 12setkey_body() 13{ 14 geli_test_setup 15 16 sectors=100 17 md=$(attach_md -t malloc -s `expr $sectors + 1`) 18 19 atf_check dd if=/dev/random of=rnd bs=512 count=${sectors} status=none 20 hash1=`dd if=rnd bs=512 count=${sectors} status=none | md5` 21 atf_check_equal 0 $? 22 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 23 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 24 atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 25 atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 26 atf_check dd if=/dev/random of=keyfile5 bs=512 count=16 status=none 27 28 atf_check geli init -B none -P -K keyfile1 ${md} 29 atf_check geli attach -p -k keyfile1 ${md} 30 31 atf_check \ 32 dd if=rnd of=/dev/${md}.eli bs=512 count=${sectors} status=none 33 hash2=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 34 atf_check_equal 0 $? 35 36 # Change current key (0) for attached provider. 37 atf_check -s exit:0 -o ignore geli setkey -P -K keyfile2 ${md} 38 atf_check geli detach ${md} 39 40 # We cannot use keyfile1 anymore. 41 atf_check -s not-exit:0 -e match:"Wrong key" \ 42 geli attach -p -k keyfile1 ${md} 43 44 # Attach with new key. 45 atf_check geli attach -p -k keyfile2 ${md} 46 hash3=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 47 atf_check_equal 0 $? 48 49 # Change key 1 for attached provider. 50 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile3 ${md} 51 atf_check geli detach ${md} 52 53 # Attach with key 1. 54 atf_check geli attach -p -k keyfile3 ${md} 55 hash4=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 56 atf_check_equal 0 $? 57 atf_check geli detach ${md} 58 59 # Change current (1) key for detached provider. 60 atf_check -s exit:0 -o ignore geli setkey -p -k keyfile3 -P -K keyfile4 ${md} 61 62 # We cannot use keyfile3 anymore. 63 atf_check -s not-exit:0 -e match:"Wrong key" \ 64 geli attach -p -k keyfile3 ${md} 65 66 # Attach with key 1. 67 atf_check geli attach -p -k keyfile4 ${md} 68 hash5=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 69 atf_check_equal 0 $? 70 atf_check geli detach ${md} 71 72 # Change key 0 for detached provider. 73 atf_check -s exit:0 -o ignore geli setkey -n 0 -p -k keyfile4 -P -K keyfile5 ${md} 74 75 # We cannot use keyfile2 anymore. 76 atf_check -s not-exit:0 -e match:"Wrong key" \ 77 geli attach -p -k keyfile2 ${md} 2>/dev/null 78 79 # Attach with key 0. 80 atf_check geli attach -p -k keyfile5 ${md} 81 hash6=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 82 atf_check_equal 0 $? 83 atf_check geli detach ${md} 84 85 atf_check_equal ${hash1} ${hash2} 86 atf_check_equal ${hash1} ${hash3} 87 atf_check_equal ${hash1} ${hash4} 88 atf_check_equal ${hash1} ${hash5} 89 atf_check_equal ${hash1} ${hash6} 90} 91setkey_cleanup() 92{ 93 geli_test_cleanup 94} 95 96atf_test_case setkey_readonly cleanup 97setkey_readonly_head() 98{ 99 atf_set "descr" "geli setkey cannot change the keys of a readonly provider" 100 atf_set "require.user" "root" 101} 102setkey_readonly_body() 103{ 104 geli_test_setup 105 106 sectors=100 107 md=$(attach_md -t malloc -s `expr $sectors + 1`) 108 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 109 110 atf_check geli init -B none -P -K keyfile ${md} 111 atf_check geli attach -r -p -k keyfile ${md} 112 113 atf_check -s not-exit:0 -e match:"read-only" \ 114 geli setkey -n 1 -P -K /dev/null ${md} 115} 116setkey_readonly_cleanup() 117{ 118 geli_test_cleanup 119} 120 121atf_test_case nokey cleanup 122nokey_head() 123{ 124 atf_set "descr" "geli setkey can change the key for an existing provider" 125 atf_set "require.user" "root" 126} 127nokey_body() 128{ 129 geli_test_setup 130 131 sectors=100 132 md=$(attach_md -t malloc -s `expr $sectors + 1`) 133 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 134 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 135 136 atf_check geli init -B none -P -K keyfile1 ${md} 137 138 # Try to set the key for a detached device without providing any 139 # components for the old key. 140 atf_check -s not-exit:0 -e match:"No key components given" \ 141 geli setkey -n 0 -p -P -K keyfile2 ${md} 142 143 # Try to set the key for a detached device without providing any 144 # components for the new key 145 atf_check -s not-exit:0 -e match:"No key components given" \ 146 geli setkey -n 0 -p -k keyfile1 -P ${md} 147 148 # Try to set a new key for an attached device with no components 149 atf_check geli attach -p -k keyfile1 ${md} 150 atf_check -s not-exit:0 -e match:"No key components given" \ 151 geli setkey -n 0 -P ${md} 152} 153nokey_cleanup() 154{ 155 geli_test_cleanup 156} 157 158atf_init_test_cases() 159{ 160 atf_add_test_case setkey 161 atf_add_test_case setkey_readonly 162 atf_add_test_case nokey 163} 164