diff options
author | pjd <pjd@FreeBSD.org> | 2006-06-06 06:46:51 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2006-06-06 06:46:51 +0000 |
commit | 62a0cf2a9c834da408cf1dbf58692cd172f3fa9b (patch) | |
tree | 84461a1f44fcb33a44c7f53be67cce52c2102cf3 /tools/regression/geom_eli/integrity-copy.t | |
parent | 7515e1241c4c4dd4c26f41df0c12f419e41f3e02 (diff) | |
download | FreeBSD-src-62a0cf2a9c834da408cf1dbf58692cd172f3fa9b.zip FreeBSD-src-62a0cf2a9c834da408cf1dbf58692cd172f3fa9b.tar.gz |
Add regression tests for geli(8) authentication feature.
Supported by: Wheel Sp. z o.o. (http://www.wheel.pl)
Diffstat (limited to 'tools/regression/geom_eli/integrity-copy.t')
-rw-r--r-- | tools/regression/geom_eli/integrity-copy.t | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/tools/regression/geom_eli/integrity-copy.t b/tools/regression/geom_eli/integrity-copy.t new file mode 100644 index 0000000..eb4ce6c --- /dev/null +++ b/tools/regression/geom_eli/integrity-copy.t @@ -0,0 +1,90 @@ +#!/bin/sh +# $FreeBSD$ + +base=`basename $0` +no=45 +sectors=100 +keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1 +sector=`mktemp /tmp/$base.XXXXXX` || exit 1 + +echo "1..2160" + +i=1 +for cipher in aes:0 aes:128 aes:192 aes:256 \ + 3des:0 3des:192 \ + blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ + blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ + blowfish:416 blowfish:448; do + ealgo=${cipher%%:*} + keylen=${cipher##*:} + for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do + for secsize in 512 1024 2048 4096 8192; do + #mdconfig -a -t malloc -s `expr $secsize \* 2 + 512`b -u $no || exit 1 + mdconfig -a -t malloc -s $sectors -u $no || exit 1 + + dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1 + + geli init -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} + geli attach -p -k $keyfile md${no} + + dd if=/dev/random of=/dev/md${no}.eli bs=${secsize} count=1 >/dev/null 2>&1 + + dd if=/dev/md${no}.eli bs=${secsize} count=1 >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "ok $i - small 1 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + else + echo "not ok $i - small 1 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi + i=$((i+1)) + + geli detach md${no} + # Copy first small sector to the second small sector. + # This should be detected as corruption. + dd if=/dev/md${no} of=${sector} bs=512 count=1 >/dev/null 2>&1 + dd if=${sector} of=/dev/md${no} bs=512 count=1 seek=1 >/dev/null 2>&1 + geli attach -p -k $keyfile md${no} + + dd if=/dev/md${no}.eli of=/dev/null bs=${secsize} count=1 >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "ok $i - small 2 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + else + echo "not ok $i - small 2 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi + i=$((i+1)) + + ms=`diskinfo /dev/md${no} | awk '{print $3 - 512}'` + ns=`diskinfo /dev/md${no}.eli | awk '{print $4}'` + usecsize=`echo "($ms / $ns) - (($ms / $ns) % 512)" | bc` + + dd if=/dev/random of=/dev/md${no}.eli bs=${secsize} count=2 >/dev/null 2>&1 + + dd if=/dev/md${no}.eli bs=${secsize} count=2 >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "ok $i - big 1 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + else + echo "not ok $i - big 1 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi + i=$((i+1)) + + geli detach md${no} + # Copy first big sector to the second big sector. + # This should be detected as corruption. + dd if=/dev/md${no} of=${sector} bs=${usecsize} count=1 >/dev/null 2>&1 + dd if=${sector} of=/dev/md${no} bs=${usecsize} count=1 seek=1 >/dev/null 2>&1 + geli attach -p -k $keyfile md${no} + + dd if=/dev/md${no}.eli of=/dev/null bs=${secsize} count=2 >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "ok $i - big 2 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + else + echo "not ok $i - big 2 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi + i=$((i+1)) + + geli detach md${no} + mdconfig -d -u $no + done + done +done + +rm -f $keyfile $sector |