1#!/bin/sh 2# $FreeBSD$ 3 4atf_test_case setkey cleanup 5setkey_head() 6{ 7 atf_set "descr" "geli setkey can change the key for an existing provider" 8 atf_set "require.user" "root" 9} 10setkey_body() 11{ 12 . $(atf_get_srcdir)/conf.sh 13 14 sectors=100 15 md=$(attach_md -t malloc -s `expr $sectors + 1`) 16 17 atf_check dd if=/dev/random of=rnd bs=512 count=${sectors} status=none 18 hash1=`dd if=rnd bs=512 count=${sectors} status=none | md5` 19 atf_check_equal 0 $? 20 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 21 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 22 atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 23 atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 24 atf_check dd if=/dev/random of=keyfile5 bs=512 count=16 status=none 25 26 atf_check geli init -B none -P -K keyfile1 ${md} 27 atf_check geli attach -p -k keyfile1 ${md} 28 29 atf_check \ 30 dd if=rnd of=/dev/${md}.eli bs=512 count=${sectors} status=none 31 hash2=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 32 atf_check_equal 0 $? 33 34 # Change current key (0) for attached provider. 35 atf_check -s exit:0 -o ignore geli setkey -P -K keyfile2 ${md} 36 atf_check geli detach ${md} 37 38 # We cannot use keyfile1 anymore. 39 atf_check -s not-exit:0 -e match:"Wrong key" \ 40 geli attach -p -k keyfile1 ${md} 41 42 # Attach with new key. 43 atf_check geli attach -p -k keyfile2 ${md} 44 hash3=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 45 atf_check_equal 0 $? 46 47 # Change key 1 for attached provider. 48 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile3 ${md} 49 atf_check geli detach ${md} 50 51 # Attach with key 1. 52 atf_check geli attach -p -k keyfile3 ${md} 53 hash4=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 54 atf_check_equal 0 $? 55 atf_check geli detach ${md} 56 57 # Change current (1) key for detached provider. 58 atf_check -s exit:0 -o ignore geli setkey -p -k keyfile3 -P -K keyfile4 ${md} 59 60 # We cannot use keyfile3 anymore. 61 atf_check -s not-exit:0 -e match:"Wrong key" \ 62 geli attach -p -k keyfile3 ${md} 63 64 # Attach with key 1. 65 atf_check geli attach -p -k keyfile4 ${md} 66 hash5=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 67 atf_check_equal 0 $? 68 atf_check geli detach ${md} 69 70 # Change key 0 for detached provider. 71 atf_check -s exit:0 -o ignore geli setkey -n 0 -p -k keyfile4 -P -K keyfile5 ${md} 72 73 # We cannot use keyfile2 anymore. 74 atf_check -s not-exit:0 -e match:"Wrong key" \ 75 geli attach -p -k keyfile2 ${md} 2>/dev/null 76 77 # Attach with key 0. 78 atf_check geli attach -p -k keyfile5 ${md} 79 hash6=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 80 atf_check_equal 0 $? 81 atf_check geli detach ${md} 82 83 atf_check_equal ${hash1} ${hash2} 84 atf_check_equal ${hash1} ${hash3} 85 atf_check_equal ${hash1} ${hash4} 86 atf_check_equal ${hash1} ${hash5} 87 atf_check_equal ${hash1} ${hash6} 88} 89setkey_cleanup() 90{ 91 . $(atf_get_srcdir)/conf.sh 92 geli_test_cleanup 93} 94 95atf_test_case setkey_readonly cleanup 96setkey_readonly_head() 97{ 98 atf_set "descr" "geli setkey cannot change the keys of a readonly provider" 99 atf_set "require.user" "root" 100} 101setkey_readonly_body() 102{ 103 . $(atf_get_srcdir)/conf.sh 104 105 sectors=100 106 md=$(attach_md -t malloc -s `expr $sectors + 1`) 107 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 108 109 atf_check geli init -B none -P -K keyfile ${md} 110 atf_check geli attach -r -p -k keyfile ${md} 111 112 atf_check -s not-exit:0 -e match:"read-only" \ 113 geli setkey -n 1 -P -K /dev/null ${md} 114} 115setkey_readonly_cleanup() 116{ 117 . $(atf_get_srcdir)/conf.sh 118 geli_test_cleanup 119} 120 121atf_test_case nokey cleanup 122nokey_head() 123{ 124 atf_set "descr" "geli setkey can change the key for an existing provider" 125 atf_set "require.user" "root" 126} 127nokey_body() 128{ 129 . $(atf_get_srcdir)/conf.sh 130 131 sectors=100 132 md=$(attach_md -t malloc -s `expr $sectors + 1`) 133 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 134 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 135 136 atf_check geli init -B none -P -K keyfile1 ${md} 137 138 # Try to set the key for a detached device without providing any 139 # components for the old key. 140 atf_check -s not-exit:0 -e match:"No key components given" \ 141 geli setkey -n 0 -p -P -K keyfile2 ${md} 142 143 # Try to set the key for a detached device without providing any 144 # components for the new key 145 atf_check -s not-exit:0 -e match:"No key components given" \ 146 geli setkey -n 0 -p -k keyfile1 -P ${md} 147 148 # Try to set a new key for an attached device with no components 149 atf_check geli attach -p -k keyfile1 ${md} 150 atf_check -s not-exit:0 -e match:"No key components given" \ 151 geli setkey -n 0 -P ${md} 152} 153nokey_cleanup() 154{ 155 . $(atf_get_srcdir)/conf.sh 156 geli_test_cleanup 157} 158 159atf_init_test_cases() 160{ 161 atf_add_test_case setkey 162 atf_add_test_case setkey_readonly 163 atf_add_test_case nokey 164} 165