1#!/bin/sh 2 3. $(atf_get_srcdir)/conf.sh 4 5atf_test_case setkey cleanup 6setkey_head() 7{ 8 atf_set "descr" "geli setkey can change the key for an existing provider" 9 atf_set "require.user" "root" 10} 11setkey_body() 12{ 13 geli_test_setup 14 15 sectors=100 16 md=$(attach_md -t malloc -s `expr $sectors + 1`) 17 18 atf_check dd if=/dev/random of=rnd bs=512 count=${sectors} status=none 19 hash1=`dd if=rnd bs=512 count=${sectors} status=none | md5` 20 atf_check_equal 0 $? 21 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 22 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 23 atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 24 atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 25 atf_check dd if=/dev/random of=keyfile5 bs=512 count=16 status=none 26 27 atf_check geli init -B none -P -K keyfile1 ${md} 28 atf_check geli attach -p -k keyfile1 ${md} 29 30 atf_check \ 31 dd if=rnd of=/dev/${md}.eli bs=512 count=${sectors} status=none 32 hash2=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 33 atf_check_equal 0 $? 34 35 # Change current key (0) for attached provider. 36 atf_check -s exit:0 -o ignore geli setkey -P -K keyfile2 ${md} 37 atf_check geli detach ${md} 38 39 # We cannot use keyfile1 anymore. 40 atf_check -s not-exit:0 -e match:"Wrong key" \ 41 geli attach -p -k keyfile1 ${md} 42 43 # Attach with new key. 44 atf_check geli attach -p -k keyfile2 ${md} 45 hash3=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 46 atf_check_equal 0 $? 47 48 # Change key 1 for attached provider. 49 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile3 ${md} 50 atf_check geli detach ${md} 51 52 # Attach with key 1. 53 atf_check geli attach -p -k keyfile3 ${md} 54 hash4=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 55 atf_check_equal 0 $? 56 atf_check geli detach ${md} 57 58 # Change current (1) key for detached provider. 59 atf_check -s exit:0 -o ignore geli setkey -p -k keyfile3 -P -K keyfile4 ${md} 60 61 # We cannot use keyfile3 anymore. 62 atf_check -s not-exit:0 -e match:"Wrong key" \ 63 geli attach -p -k keyfile3 ${md} 64 65 # Attach with key 1. 66 atf_check geli attach -p -k keyfile4 ${md} 67 hash5=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 68 atf_check_equal 0 $? 69 atf_check geli detach ${md} 70 71 # Change key 0 for detached provider. 72 atf_check -s exit:0 -o ignore geli setkey -n 0 -p -k keyfile4 -P -K keyfile5 ${md} 73 74 # We cannot use keyfile2 anymore. 75 atf_check -s not-exit:0 -e match:"Wrong key" \ 76 geli attach -p -k keyfile2 ${md} 2>/dev/null 77 78 # Attach with key 0. 79 atf_check geli attach -p -k keyfile5 ${md} 80 hash6=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 81 atf_check_equal 0 $? 82 atf_check geli detach ${md} 83 84 atf_check_equal ${hash1} ${hash2} 85 atf_check_equal ${hash1} ${hash3} 86 atf_check_equal ${hash1} ${hash4} 87 atf_check_equal ${hash1} ${hash5} 88 atf_check_equal ${hash1} ${hash6} 89} 90setkey_cleanup() 91{ 92 geli_test_cleanup 93} 94 95atf_test_case setkey_readonly cleanup 96setkey_readonly_head() 97{ 98 atf_set "descr" "geli setkey cannot change the keys of a readonly provider" 99 atf_set "require.user" "root" 100} 101setkey_readonly_body() 102{ 103 geli_test_setup 104 105 sectors=100 106 md=$(attach_md -t malloc -s `expr $sectors + 1`) 107 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 108 109 atf_check geli init -B none -P -K keyfile ${md} 110 atf_check geli attach -r -p -k keyfile ${md} 111 112 atf_check -s not-exit:0 -e match:"read-only" \ 113 geli setkey -n 1 -P -K /dev/null ${md} 114} 115setkey_readonly_cleanup() 116{ 117 geli_test_cleanup 118} 119 120atf_test_case nokey cleanup 121nokey_head() 122{ 123 atf_set "descr" "geli setkey can change the key for an existing provider" 124 atf_set "require.user" "root" 125} 126nokey_body() 127{ 128 geli_test_setup 129 130 sectors=100 131 md=$(attach_md -t malloc -s `expr $sectors + 1`) 132 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 133 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 134 135 atf_check geli init -B none -P -K keyfile1 ${md} 136 137 # Try to set the key for a detached device without providing any 138 # components for the old key. 139 atf_check -s not-exit:0 -e match:"No key components given" \ 140 geli setkey -n 0 -p -P -K keyfile2 ${md} 141 142 # Try to set the key for a detached device without providing any 143 # components for the new key 144 atf_check -s not-exit:0 -e match:"No key components given" \ 145 geli setkey -n 0 -p -k keyfile1 -P ${md} 146 147 # Try to set a new key for an attached device with no components 148 atf_check geli attach -p -k keyfile1 ${md} 149 atf_check -s not-exit:0 -e match:"No key components given" \ 150 geli setkey -n 0 -P ${md} 151} 152nokey_cleanup() 153{ 154 geli_test_cleanup 155} 156 157atf_init_test_cases() 158{ 159 atf_add_test_case setkey 160 atf_add_test_case setkey_readonly 161 atf_add_test_case nokey 162} 163