1148459Spjd#!/bin/sh
2148459Spjd# $FreeBSD: stable/11/tests/sys/geom/class/eli/setkey_test.sh 345394 2019-03-21 22:23:52Z asomers $
3148459Spjd
4345394Sasomers. $(atf_get_srcdir)/conf.sh
5345394Sasomers
6328811Sasomersatf_test_case setkey cleanup
7328811Sasomerssetkey_head()
8328811Sasomers{
9328811Sasomers	atf_set "descr" "geli setkey can change the key for an existing provider"
10328811Sasomers	atf_set "require.user" "root"
11328811Sasomers}
12328811Sasomerssetkey_body()
13328811Sasomers{
14345394Sasomers	geli_test_setup
15293436Sngie
16328811Sasomers	sectors=100
17328811Sasomers	md=$(attach_md -t malloc -s `expr $sectors + 1`)
18148459Spjd
19328811Sasomers	atf_check dd if=/dev/random of=rnd bs=512 count=${sectors} status=none
20328811Sasomers	hash1=`dd if=rnd bs=512 count=${sectors} status=none | md5`
21328811Sasomers	atf_check_equal 0 $?
22328811Sasomers	atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none
23328811Sasomers	atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none
24328811Sasomers	atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none
25328811Sasomers	atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none
26328811Sasomers	atf_check dd if=/dev/random of=keyfile5 bs=512 count=16 status=none
27148459Spjd
28328811Sasomers	atf_check geli init -B none -P -K keyfile1 ${md}
29328811Sasomers	atf_check geli attach -p -k keyfile1 ${md}
30148459Spjd
31328811Sasomers	atf_check \
32328811Sasomers		dd if=rnd of=/dev/${md}.eli bs=512 count=${sectors} status=none
33328811Sasomers	hash2=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
34328811Sasomers	atf_check_equal 0 $?
35148459Spjd
36328811Sasomers	# Change current key (0) for attached provider.
37328811Sasomers	atf_check -s exit:0 -o ignore geli setkey -P -K keyfile2 ${md}
38328811Sasomers	atf_check geli detach ${md}
39148459Spjd
40328811Sasomers	# We cannot use keyfile1 anymore.
41328811Sasomers	atf_check -s not-exit:0 -e match:"Wrong key" \
42328811Sasomers		geli attach -p -k keyfile1 ${md}
43148459Spjd
44328811Sasomers	# Attach with new key.
45328811Sasomers	atf_check geli attach -p -k keyfile2 ${md}
46328811Sasomers	hash3=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
47328811Sasomers	atf_check_equal 0 $?
48148459Spjd
49328811Sasomers	# Change key 1 for attached provider.
50328811Sasomers	atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile3 ${md}
51328811Sasomers	atf_check geli detach ${md}
52148459Spjd
53328811Sasomers	# Attach with key 1.
54328811Sasomers	atf_check geli attach -p -k keyfile3 ${md}
55328811Sasomers	hash4=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
56328811Sasomers	atf_check_equal 0 $?
57328811Sasomers	atf_check geli detach ${md}
58148459Spjd
59328811Sasomers	# Change current (1) key for detached provider.
60328811Sasomers	atf_check -s exit:0 -o ignore geli setkey -p -k keyfile3 -P -K keyfile4 ${md}
61148459Spjd
62328811Sasomers	# We cannot use keyfile3 anymore.
63328811Sasomers	atf_check -s not-exit:0 -e match:"Wrong key" \
64328811Sasomers		geli attach -p -k keyfile3 ${md}
65148459Spjd
66328811Sasomers	# Attach with key 1.
67328811Sasomers	atf_check geli attach -p -k keyfile4 ${md}
68328811Sasomers	hash5=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
69328811Sasomers	atf_check_equal 0 $?
70328811Sasomers	atf_check geli detach ${md}
71148459Spjd
72328811Sasomers	# Change key 0 for detached provider.
73328811Sasomers	atf_check -s exit:0 -o ignore geli setkey -n 0 -p -k keyfile4 -P -K keyfile5 ${md}
74148459Spjd
75328811Sasomers	# We cannot use keyfile2 anymore.
76328811Sasomers	atf_check -s not-exit:0 -e match:"Wrong key" \
77328811Sasomers		geli attach -p -k keyfile2 ${md} 2>/dev/null
78148459Spjd
79328811Sasomers	# Attach with key 0.
80328811Sasomers	atf_check geli attach -p -k keyfile5 ${md}
81328811Sasomers	hash6=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
82328811Sasomers	atf_check_equal 0 $?
83328811Sasomers	atf_check geli detach ${md}
84148459Spjd
85328811Sasomers	atf_check_equal ${hash1} ${hash2}
86328811Sasomers	atf_check_equal ${hash1} ${hash3}
87328811Sasomers	atf_check_equal ${hash1} ${hash4}
88328811Sasomers	atf_check_equal ${hash1} ${hash5}
89328811Sasomers	atf_check_equal ${hash1} ${hash6}
90328811Sasomers}
91328811Sasomerssetkey_cleanup()
92328811Sasomers{
93328811Sasomers	geli_test_cleanup
94328811Sasomers}
95148459Spjd
96328811Sasomersatf_test_case setkey_readonly cleanup
97328811Sasomerssetkey_readonly_head()
98328811Sasomers{
99328811Sasomers	atf_set "descr" "geli setkey cannot change the keys of a readonly provider"
100328811Sasomers	atf_set "require.user" "root"
101328811Sasomers}
102328811Sasomerssetkey_readonly_body()
103328811Sasomers{
104345394Sasomers	geli_test_setup
105148459Spjd
106328811Sasomers	sectors=100
107328811Sasomers	md=$(attach_md -t malloc -s `expr $sectors + 1`)
108328811Sasomers	atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none
109328811Sasomers
110328811Sasomers	atf_check geli init -B none -P -K keyfile ${md}
111328811Sasomers	atf_check geli attach -r -p -k keyfile ${md}
112328811Sasomers
113328811Sasomers	atf_check -s not-exit:0 -e match:"read-only" \
114328811Sasomers		geli setkey -n 1 -P -K /dev/null ${md}
115328811Sasomers}
116328811Sasomerssetkey_readonly_cleanup()
117328811Sasomers{
118328811Sasomers	geli_test_cleanup
119328811Sasomers}
120328811Sasomers
121328811Sasomersatf_test_case nokey cleanup
122328811Sasomersnokey_head()
123328811Sasomers{
124328811Sasomers	atf_set "descr" "geli setkey can change the key for an existing provider"
125328811Sasomers	atf_set "require.user" "root"
126328811Sasomers}
127328811Sasomersnokey_body()
128328811Sasomers{
129345394Sasomers	geli_test_setup
130328811Sasomers
131328811Sasomers	sectors=100
132328811Sasomers	md=$(attach_md -t malloc -s `expr $sectors + 1`)
133328811Sasomers	atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none
134328811Sasomers	atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none
135328811Sasomers
136328811Sasomers	atf_check geli init -B none -P -K keyfile1 ${md}
137328811Sasomers
138328811Sasomers	# Try to set the key for a detached device without providing any
139328811Sasomers	# components for the old key.
140328811Sasomers	atf_check -s not-exit:0 -e match:"No key components given" \
141328811Sasomers		geli setkey -n 0 -p -P -K keyfile2 ${md}
142328811Sasomers
143328811Sasomers	# Try to set the key for a detached device without providing any
144328811Sasomers	# components for the new key
145328811Sasomers	atf_check -s not-exit:0 -e match:"No key components given" \
146328811Sasomers		geli setkey -n 0 -p -k keyfile1 -P ${md}
147328811Sasomers
148328811Sasomers	# Try to set a new key for an attached device with no components
149328811Sasomers	atf_check geli attach -p -k keyfile1 ${md}
150328811Sasomers	atf_check -s not-exit:0 -e match:"No key components given" \
151328811Sasomers		geli setkey -n 0 -P ${md}
152328811Sasomers}
153328811Sasomersnokey_cleanup()
154328811Sasomers{
155328811Sasomers	geli_test_cleanup
156328811Sasomers}
157328811Sasomers
158328811Sasomersatf_init_test_cases()
159328811Sasomers{
160328811Sasomers	atf_add_test_case setkey
161328811Sasomers	atf_add_test_case setkey_readonly
162328811Sasomers	atf_add_test_case nokey
163328811Sasomers}
164