1148459Spjd#!/bin/sh 2148459Spjd# $FreeBSD: stable/11/tests/sys/geom/class/eli/setkey_test.sh 345394 2019-03-21 22:23:52Z asomers $ 3148459Spjd 4345394Sasomers. $(atf_get_srcdir)/conf.sh 5345394Sasomers 6328811Sasomersatf_test_case setkey cleanup 7328811Sasomerssetkey_head() 8328811Sasomers{ 9328811Sasomers atf_set "descr" "geli setkey can change the key for an existing provider" 10328811Sasomers atf_set "require.user" "root" 11328811Sasomers} 12328811Sasomerssetkey_body() 13328811Sasomers{ 14345394Sasomers geli_test_setup 15293436Sngie 16328811Sasomers sectors=100 17328811Sasomers md=$(attach_md -t malloc -s `expr $sectors + 1`) 18148459Spjd 19328811Sasomers atf_check dd if=/dev/random of=rnd bs=512 count=${sectors} status=none 20328811Sasomers hash1=`dd if=rnd bs=512 count=${sectors} status=none | md5` 21328811Sasomers atf_check_equal 0 $? 22328811Sasomers atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 23328811Sasomers atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 24328811Sasomers atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 25328811Sasomers atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 26328811Sasomers atf_check dd if=/dev/random of=keyfile5 bs=512 count=16 status=none 27148459Spjd 28328811Sasomers atf_check geli init -B none -P -K keyfile1 ${md} 29328811Sasomers atf_check geli attach -p -k keyfile1 ${md} 30148459Spjd 31328811Sasomers atf_check \ 32328811Sasomers dd if=rnd of=/dev/${md}.eli bs=512 count=${sectors} status=none 33328811Sasomers hash2=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 34328811Sasomers atf_check_equal 0 $? 35148459Spjd 36328811Sasomers # Change current key (0) for attached provider. 37328811Sasomers atf_check -s exit:0 -o ignore geli setkey -P -K keyfile2 ${md} 38328811Sasomers atf_check geli detach ${md} 39148459Spjd 40328811Sasomers # We cannot use keyfile1 anymore. 41328811Sasomers atf_check -s not-exit:0 -e match:"Wrong key" \ 42328811Sasomers geli attach -p -k keyfile1 ${md} 43148459Spjd 44328811Sasomers # Attach with new key. 45328811Sasomers atf_check geli attach -p -k keyfile2 ${md} 46328811Sasomers hash3=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 47328811Sasomers atf_check_equal 0 $? 48148459Spjd 49328811Sasomers # Change key 1 for attached provider. 50328811Sasomers atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile3 ${md} 51328811Sasomers atf_check geli detach ${md} 52148459Spjd 53328811Sasomers # Attach with key 1. 54328811Sasomers atf_check geli attach -p -k keyfile3 ${md} 55328811Sasomers hash4=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 56328811Sasomers atf_check_equal 0 $? 57328811Sasomers atf_check geli detach ${md} 58148459Spjd 59328811Sasomers # Change current (1) key for detached provider. 60328811Sasomers atf_check -s exit:0 -o ignore geli setkey -p -k keyfile3 -P -K keyfile4 ${md} 61148459Spjd 62328811Sasomers # We cannot use keyfile3 anymore. 63328811Sasomers atf_check -s not-exit:0 -e match:"Wrong key" \ 64328811Sasomers geli attach -p -k keyfile3 ${md} 65148459Spjd 66328811Sasomers # Attach with key 1. 67328811Sasomers atf_check geli attach -p -k keyfile4 ${md} 68328811Sasomers hash5=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 69328811Sasomers atf_check_equal 0 $? 70328811Sasomers atf_check geli detach ${md} 71148459Spjd 72328811Sasomers # Change key 0 for detached provider. 73328811Sasomers atf_check -s exit:0 -o ignore geli setkey -n 0 -p -k keyfile4 -P -K keyfile5 ${md} 74148459Spjd 75328811Sasomers # We cannot use keyfile2 anymore. 76328811Sasomers atf_check -s not-exit:0 -e match:"Wrong key" \ 77328811Sasomers geli attach -p -k keyfile2 ${md} 2>/dev/null 78148459Spjd 79328811Sasomers # Attach with key 0. 80328811Sasomers atf_check geli attach -p -k keyfile5 ${md} 81328811Sasomers hash6=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5` 82328811Sasomers atf_check_equal 0 $? 83328811Sasomers atf_check geli detach ${md} 84148459Spjd 85328811Sasomers atf_check_equal ${hash1} ${hash2} 86328811Sasomers atf_check_equal ${hash1} ${hash3} 87328811Sasomers atf_check_equal ${hash1} ${hash4} 88328811Sasomers atf_check_equal ${hash1} ${hash5} 89328811Sasomers atf_check_equal ${hash1} ${hash6} 90328811Sasomers} 91328811Sasomerssetkey_cleanup() 92328811Sasomers{ 93328811Sasomers geli_test_cleanup 94328811Sasomers} 95148459Spjd 96328811Sasomersatf_test_case setkey_readonly cleanup 97328811Sasomerssetkey_readonly_head() 98328811Sasomers{ 99328811Sasomers atf_set "descr" "geli setkey cannot change the keys of a readonly provider" 100328811Sasomers atf_set "require.user" "root" 101328811Sasomers} 102328811Sasomerssetkey_readonly_body() 103328811Sasomers{ 104345394Sasomers geli_test_setup 105148459Spjd 106328811Sasomers sectors=100 107328811Sasomers md=$(attach_md -t malloc -s `expr $sectors + 1`) 108328811Sasomers atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 109328811Sasomers 110328811Sasomers atf_check geli init -B none -P -K keyfile ${md} 111328811Sasomers atf_check geli attach -r -p -k keyfile ${md} 112328811Sasomers 113328811Sasomers atf_check -s not-exit:0 -e match:"read-only" \ 114328811Sasomers geli setkey -n 1 -P -K /dev/null ${md} 115328811Sasomers} 116328811Sasomerssetkey_readonly_cleanup() 117328811Sasomers{ 118328811Sasomers geli_test_cleanup 119328811Sasomers} 120328811Sasomers 121328811Sasomersatf_test_case nokey cleanup 122328811Sasomersnokey_head() 123328811Sasomers{ 124328811Sasomers atf_set "descr" "geli setkey can change the key for an existing provider" 125328811Sasomers atf_set "require.user" "root" 126328811Sasomers} 127328811Sasomersnokey_body() 128328811Sasomers{ 129345394Sasomers geli_test_setup 130328811Sasomers 131328811Sasomers sectors=100 132328811Sasomers md=$(attach_md -t malloc -s `expr $sectors + 1`) 133328811Sasomers atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 134328811Sasomers atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 135328811Sasomers 136328811Sasomers atf_check geli init -B none -P -K keyfile1 ${md} 137328811Sasomers 138328811Sasomers # Try to set the key for a detached device without providing any 139328811Sasomers # components for the old key. 140328811Sasomers atf_check -s not-exit:0 -e match:"No key components given" \ 141328811Sasomers geli setkey -n 0 -p -P -K keyfile2 ${md} 142328811Sasomers 143328811Sasomers # Try to set the key for a detached device without providing any 144328811Sasomers # components for the new key 145328811Sasomers atf_check -s not-exit:0 -e match:"No key components given" \ 146328811Sasomers geli setkey -n 0 -p -k keyfile1 -P ${md} 147328811Sasomers 148328811Sasomers # Try to set a new key for an attached device with no components 149328811Sasomers atf_check geli attach -p -k keyfile1 ${md} 150328811Sasomers atf_check -s not-exit:0 -e match:"No key components given" \ 151328811Sasomers geli setkey -n 0 -P ${md} 152328811Sasomers} 153328811Sasomersnokey_cleanup() 154328811Sasomers{ 155328811Sasomers geli_test_cleanup 156328811Sasomers} 157328811Sasomers 158328811Sasomersatf_init_test_cases() 159328811Sasomers{ 160328811Sasomers atf_add_test_case setkey 161328811Sasomers atf_add_test_case setkey_readonly 162328811Sasomers atf_add_test_case nokey 163328811Sasomers} 164