Attachment #216613 for bug #247954

View | Details | Raw Unified | Return to bug 247954
Collapse All | Expand All




	geli_test_cleanup
}

atf_test_case onetime cleanup
onetime_null_head()
{
	atf_set "descr" "geli onetime can use the null cipher"
	atf_set "require.user" "root"
}
onetime_null_body()
{
	geli_test_setup

	sectors=100

	dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none

	secsize=512
	ealgo=${cipher%%:*}
	keylen=${cipher##*:}

	md=$(attach_md -t malloc -s 100k)

	atf_check -s exit:0 -o ignore -e ignore \
		geli onetime -e null -s ${secsize} ${md}

	atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none

	md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5`
	atf_check_equal 0 $?
	md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5`
	atf_check_equal 0 $?
	md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none | md5`
	atf_check_equal 0 $?

	if [ ${md_rnd} != ${md_ddev} ]; then
		atf_fail "geli did not return the original data"
	fi
	if [ ${md_rnd} != ${md_edev} ]; then
		atf_fail "geli encrypted the data even with the null cipher"
	fi
}
onetime_null_cleanup()
{
	geli_test_cleanup
}

atf_init_test_cases()
{
	atf_add_test_case onetime
	atf_add_test_case onetime_a
	atf_add_test_case onetime_d
	atf_add_test_case onetime_null
}




		crp->crp_digest_start = 0;
		crp->crp_payload_start = sc->sc_alen;
		crp->crp_payload_length = data_secsize;
		crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
		if ((sc->sc_flags & G_ELI_FLAG_FIRST_KEY) == 0) {
			crp->crp_cipher_key = g_eli_key_hold(sc, dstoff,
			    encr_secsize);
		}
		if (g_eli_ivlen(sc->sc_ealgo) != 0) {
			crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
			g_eli_crypto_ivgen(sc, dstoff, crp->crp_iv,
			sizeof(crp->crp_iv));
		}

		g_eli_auth_keygen(sc, dstoff, authkey);
		crp->crp_auth_key = authkey;





		crp->crp_payload_start = 0;
		crp->crp_payload_length = secsize;
		crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
		if ((sc->sc_flags & G_ELI_FLAG_SINGLE_KEY) == 0) {
			crp->crp_cipher_key = g_eli_key_hold(sc, dstoff,
			    secsize);
		}
		if (g_eli_ivlen(sc->sc_ealgo) != 0) {
			crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
			g_eli_crypto_ivgen(sc, dstoff, crp->crp_iv,
			sizeof(crp->crp_iv));
		}

		error = crypto_dispatch(crp);
		KASSERT(error == 0, ("crypto_dispatch() failed (error=%d)",

Return to bug 247954

Lines 130-138 Link Here

(-)tests/sys/geom/class/eli/onetime_test.sh (+45 lines)
130	geli_test_cleanup	130	geli_test_cleanup
131	}	131	}
132		132
		133	atf_test_case onetime cleanup
		134	onetime_null_head()
		135	{
		136	atf_set "descr" "geli onetime can use the null cipher"
		137	atf_set "require.user" "root"
		138	}
		139	onetime_null_body()
		140	{
		141	geli_test_setup
		142
		143	sectors=100
		144
		145	dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none
		146
		147	secsize=512
		148	ealgo=${cipher%%:*}
		149	keylen=${cipher##*:}
		150
		151	md=$(attach_md -t malloc -s 100k)
		152
		153	atf_check -s exit:0 -o ignore -e ignore \
		154	geli onetime -e null -s ${secsize} ${md}
		155
		156	atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none
		157
		158	md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none \| md5`
		159	atf_check_equal 0 $?
		160	md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none \| md5`
		161	atf_check_equal 0 $?
		162	md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none \| md5`
		163	atf_check_equal 0 $?
		164
		165	if [ ${md_rnd} != ${md_ddev} ]; then
		166	atf_fail "geli did not return the original data"
		167	fi
		168	if [ ${md_rnd} != ${md_edev} ]; then
		169	atf_fail "geli encrypted the data even with the null cipher"
		170	fi
		171	}
		172	onetime_null_cleanup()
		173	{
		174	geli_test_cleanup
		175	}
		176
133	atf_init_test_cases()	177	atf_init_test_cases()
134	{	178	{
135	atf_add_test_case onetime	179	atf_add_test_case onetime
136	atf_add_test_case onetime_a	180	atf_add_test_case onetime_a
137	atf_add_test_case onetime_d	181	atf_add_test_case onetime_d
		182	atf_add_test_case onetime_null
138	}	183	}

Lines 536-548 Link Here

(-)sys/geom/eli/g_eli_integrity.c (-3 / +5 lines)
536	crp->crp_digest_start = 0;	536	crp->crp_digest_start = 0;
537	crp->crp_payload_start = sc->sc_alen;	537	crp->crp_payload_start = sc->sc_alen;
538	crp->crp_payload_length = data_secsize;	538	crp->crp_payload_length = data_secsize;
539	crp->crp_flags \|= CRYPTO_F_IV_SEPARATE;
540	if ((sc->sc_flags & G_ELI_FLAG_FIRST_KEY) == 0) {	539	if ((sc->sc_flags & G_ELI_FLAG_FIRST_KEY) == 0) {
541	crp->crp_cipher_key = g_eli_key_hold(sc, dstoff,	540	crp->crp_cipher_key = g_eli_key_hold(sc, dstoff,
542	encr_secsize);	541	encr_secsize);
543	}	542	}
544	g_eli_crypto_ivgen(sc, dstoff, crp->crp_iv,	543	if (g_eli_ivlen(sc->sc_ealgo) != 0) {
545	sizeof(crp->crp_iv));	544	crp->crp_flags \|= CRYPTO_F_IV_SEPARATE;
		545	g_eli_crypto_ivgen(sc, dstoff, crp->crp_iv,
		546	sizeof(crp->crp_iv));
		547	}
546		548
547	g_eli_auth_keygen(sc, dstoff, authkey);	549	g_eli_auth_keygen(sc, dstoff, authkey);
548	crp->crp_auth_key = authkey;	550	crp->crp_auth_key = authkey;

Lines 281-293 Link Here

(-)sys/geom/eli/g_eli_privacy.c (-3 / +5 lines)
281		281
282	crp->crp_payload_start = 0;	282	crp->crp_payload_start = 0;
283	crp->crp_payload_length = secsize;	283	crp->crp_payload_length = secsize;
284	crp->crp_flags \|= CRYPTO_F_IV_SEPARATE;
285	if ((sc->sc_flags & G_ELI_FLAG_SINGLE_KEY) == 0) {	284	if ((sc->sc_flags & G_ELI_FLAG_SINGLE_KEY) == 0) {
286	crp->crp_cipher_key = g_eli_key_hold(sc, dstoff,	285	crp->crp_cipher_key = g_eli_key_hold(sc, dstoff,
287	secsize);	286	secsize);
288	}	287	}
289	g_eli_crypto_ivgen(sc, dstoff, crp->crp_iv,	288	if (g_eli_ivlen(sc->sc_ealgo) != 0) {
290	sizeof(crp->crp_iv));	289	crp->crp_flags \|= CRYPTO_F_IV_SEPARATE;
		290	g_eli_crypto_ivgen(sc, dstoff, crp->crp_iv,
		291	sizeof(crp->crp_iv));
		292	}
291		293
292	error = crypto_dispatch(crp);	294	error = crypto_dispatch(crp);
293	KASSERT(error == 0, ("crypto_dispatch() failed (error=%d)",	295	KASSERT(error == 0, ("crypto_dispatch() failed (error=%d)",