Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/tests/dev Add rudimentary cgd tests. The tests use cgd to t...
details: https://anonhg.NetBSD.org/src/rev/a174c2d36b5a
branches: trunk
changeset: 758637:a174c2d36b5a
user: pooka <pooka%NetBSD.org@localhost>
date: Thu Nov 11 22:38:46 2010 +0000
description:
Add rudimentary cgd tests. The tests use cgd to transform a
plaintext into into an encrypted image and back into plaintext by
doing rump I/O on /dev/cgd. There is one test to check that giving
the same password for both encryption and decryption produces the
same plaintext and another to check that giving a different passwords
does not produce the same plaintext.
This could be fairly easily extended to test all feature of cgd
(hint hint). For example, now cgd.conf is included in cvs, but
the only reason for that is that without further hacking cgdconfig
uses /dev/random quality random to generate the salt for a
pkcsetcetc_kdf2 cgconfig -g, and making an automated test block on
the entropy pool is just not good form. Details are everything.
diffstat:
tests/dev/Makefile | 4 +-
tests/dev/cgd/Makefile | 18 +++
tests/dev/cgd/h_img2cgd/Makefile | 17 ++
tests/dev/cgd/h_img2cgd/cgd.conf | 8 +
tests/dev/cgd/h_img2cgd/img2cgd.c | 223 ++++++++++++++++++++++++++++++++++++++
tests/dev/cgd/t_cgd.sh | 74 ++++++++++++
6 files changed, 342 insertions(+), 2 deletions(-)
diffs (truncated from 376 to 300 lines):
diff -r 51889128a5b9 -r a174c2d36b5a tests/dev/Makefile
--- a/tests/dev/Makefile Thu Nov 11 22:18:53 2010 +0000
+++ b/tests/dev/Makefile Thu Nov 11 22:38:46 2010 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.3 2010/08/24 11:29:45 pooka Exp $
+# $NetBSD: Makefile,v 1.4 2010/11/11 22:38:46 pooka Exp $
#
.include <bsd.own.mk>
TESTSDIR= ${TESTSBASE}/dev
-TESTS_SUBDIRS+= audio scsipi sysmon
+TESTS_SUBDIRS+= audio cgd scsipi sysmon
.include <bsd.test.mk>
diff -r 51889128a5b9 -r a174c2d36b5a tests/dev/cgd/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/dev/cgd/Makefile Thu Nov 11 22:38:46 2010 +0000
@@ -0,0 +1,18 @@
+# $NetBSD: Makefile,v 1.1 2010/11/11 22:38:47 pooka Exp $
+#
+
+.include <bsd.own.mk>
+
+TESTSDIR= ${TESTSBASE}/dev/cgd
+
+TESTS_SH= t_cgd
+
+SUBDIR= h_img2cgd
+
+LDADD+= -lrumpdev_cgd -lrumpdev -lrumpvfs
+LDADD+= -lrump
+LDADD+= -lrumpuser -lpthread
+
+NOMAN=
+
+.include <bsd.test.mk>
diff -r 51889128a5b9 -r a174c2d36b5a tests/dev/cgd/h_img2cgd/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/dev/cgd/h_img2cgd/Makefile Thu Nov 11 22:38:46 2010 +0000
@@ -0,0 +1,17 @@
+# $NetBSD: Makefile,v 1.1 2010/11/11 22:38:47 pooka Exp $
+#
+
+PROG= h_img2cgd
+SRCS= img2cgd.c
+NOMAN=
+
+.include <bsd.own.mk>
+
+RUMP_ACTION= #defined
+CPPFLAGS+= -DCGDCONFIG_AS_LIB
+.include "${NETBSDSRCDIR}/sbin/cgdconfig/Makefile.cgdconfig"
+
+DBG= -g -O0
+WARNS= 3
+
+.include <bsd.prog.mk>
diff -r 51889128a5b9 -r a174c2d36b5a tests/dev/cgd/h_img2cgd/cgd.conf
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/dev/cgd/h_img2cgd/cgd.conf Thu Nov 11 22:38:46 2010 +0000
@@ -0,0 +1,8 @@
+algorithm aes-cbc;
+iv-method encblkno1;
+keylength 128;
+verify_method none;
+keygen pkcs5_pbkdf2/sha1 {
+ iterations 42;
+ salt AAAAgKajcCnHR7sR1k1RKQ9Q0uY=;
+};
diff -r 51889128a5b9 -r a174c2d36b5a tests/dev/cgd/h_img2cgd/img2cgd.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/dev/cgd/h_img2cgd/img2cgd.c Thu Nov 11 22:38:46 2010 +0000
@@ -0,0 +1,223 @@
+/* $NetBSD: img2cgd.c,v 1.1 2010/11/11 22:38:47 pooka Exp $ */
+
+/*
+ * Copyright (c) 2009 Antti Kantee. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/types.h>
+#include <sys/param.h>
+
+#include <assert.h>
+#include <err.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <rump/rump.h>
+#include <rump/rump_syscalls.h>
+
+#include "cgdconfig.h"
+
+/*
+ * We really should use disklabel. However, for the time being,
+ * use a endian independent magic number at offset == 0 and a
+ * 64bit size at offset == 8.
+ */
+#define MYMAGIC 0x11000a00000a0011LL
+#define MAGOFF 0
+#define SIZEOFF 8
+
+#define SKIPLABEL 8192
+#define IMG_MINSIZE (120*1024) /* label/mbr/etc search looks here and there */
+
+static void
+usage(void)
+{
+
+ fprintf(stderr, "usage: %s read|write cgd_image file\n", getprogname());
+ exit(1);
+}
+
+typedef ssize_t (*readfn)(int, void *, size_t);
+typedef ssize_t (*writefn)(int, const void *, size_t);
+
+#define BLOCKSIZE 512
+#define BLKROUND(a) (((a)+(BLOCKSIZE-1)) & ~(BLOCKSIZE-1))
+
+static void
+doxfer(int fd_from, int fd_to, off_t nbytes, readfn rfn, writefn wfn,
+ int roundwrite)
+{
+ char buf[8192];
+ ssize_t n;
+
+ assert(sizeof(buf) % BLOCKSIZE == 0);
+ if (roundwrite)
+ nbytes = BLKROUND(nbytes);
+
+ memset(buf, 0, sizeof(buf));
+ while (nbytes) {
+ n = rfn(fd_from, buf, sizeof(buf));
+ if (n == -1)
+ err(1, "read");
+ if (n == 0)
+ break;
+ n = MIN(n, nbytes);
+ if (roundwrite)
+ n = BLKROUND(n);
+ nbytes -= n;
+ if (wfn(fd_to, buf, n) == -1)
+ err(1, "write");
+ }
+}
+
+#define RFLAGS (O_RDONLY)
+#define WFLAGS (O_WRONLY | O_CREAT | O_TRUNC)
+int
+main(int argc, char *argv[])
+{
+ char *the_argv[10];
+ const char *cgd_file, *img_file;
+ char *config_file;
+ struct stat sb_cgd, sb_file;
+ off_t nbytes;
+ int error;
+ int fd, fd_r;
+ int readmode;
+
+ setprogname(argv[0]);
+
+ if (argc != 5)
+ usage();
+
+ readmode = 0; /* XXXgcc */
+ if (strcmp(argv[2], "read") == 0)
+ readmode = 1;
+ else if (strcmp(argv[2], "write") == 0)
+ readmode = 0;
+ else
+ usage();
+
+ config_file = argv[1];
+ cgd_file = argv[3];
+ img_file = argv[4];
+
+ if (stat(img_file, &sb_file) == -1) {
+ if (!readmode)
+ err(1, "cannot open file image %s", img_file);
+ } else {
+ if (!S_ISREG(sb_file.st_mode))
+ errx(1, "%s is not a regular file", img_file);
+ }
+
+ if (stat(cgd_file, &sb_cgd) == -1) {
+ if (readmode)
+ err(1, "cannot open cgd image %s", cgd_file);
+ } else {
+ if (!S_ISREG(sb_cgd.st_mode))
+ errx(1, "%s is not a regular file", cgd_file);
+ }
+
+ /*
+ * Create a file big enough to hold the file we are encrypting.
+ * This is because cgd works on a device internally and does
+ * not know how to enlarge a device (surprisingly ...).
+ */
+ if (!readmode) {
+ uint64_t tmpval;
+
+ fd = open(cgd_file, WFLAGS, 0755);
+ if (fd == -1)
+ err(1, "fd");
+ ftruncate(fd,
+ MAX(IMG_MINSIZE, BLKROUND(sb_file.st_size)) + SKIPLABEL);
+
+ /* write magic info */
+ tmpval = MYMAGIC;
+ if (pwrite(fd, &tmpval, 8, MAGOFF) != 8)
+ err(1, "magic write failed");
+ tmpval = htole64(sb_file.st_size);
+ if (pwrite(fd, &tmpval, 8, SIZEOFF) != 8)
+ err(1, "size write failed");
+
+ close(fd);
+
+ nbytes = sb_file.st_size;
+ } else {
+ uint64_t tmpval;
+
+ fd = open(cgd_file, RFLAGS);
+ if (fd == -1)
+ err(1, "image open failed");
+
+ if (pread(fd, &tmpval, 8, MAGOFF) != 8)
+ err(1, "magic read failed");
+ if (tmpval != MYMAGIC)
+ errx(1, "%s is not a valid image", cgd_file);
+ if (pread(fd, &tmpval, 8, SIZEOFF) != 8)
+ errx(1, "size read failed");
+ close(fd);
+
+ nbytes = le64toh(tmpval);
+ }
+
+ rump_init();
+ if ((error = rump_pub_etfs_register("/cryptfile", cgd_file,
+ RUMP_ETFS_BLK)) != 0) {
+ printf("etfs: %d\n", error);
+ exit(1);
+ }
+
+ the_argv[0] = strdup("cgdconfig");
+ the_argv[1] = strdup("-p");
+ the_argv[2] = strdup("cgd0");
+ the_argv[3] = strdup("/cryptfile");
+ the_argv[4] = config_file;
+ the_argv[5] = NULL;
+ error = cgdconfig(5, the_argv);
+ if (error) {
+ fprintf(stderr, "cgdconfig failed: %d (%s)\n",
+ error, strerror(error));
+ exit(1);
+ }
+
+ fd = open(img_file, readmode ? WFLAGS : RFLAGS, 0755);
+ if (fd == -1)
+ err(1, "fd");
+ fd_r = rump_sys_open("/dev/rcgd0d", O_RDWR, 0755);
+ if (fd_r == -1)
+ err(1, "fd_r");
+ if (rump_sys_lseek(fd_r, SKIPLABEL, SEEK_SET) == -1)
+ err(1, "rump lseek");
+
+ if (readmode) {
+ doxfer(fd_r, fd, nbytes, rump_sys_read, write, 0);
+ } else {
+ doxfer(fd, fd_r, sb_file.st_size, read, rump_sys_write, 1);
+ }
+
+ return 0;
+}
diff -r 51889128a5b9 -r a174c2d36b5a tests/dev/cgd/t_cgd.sh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
Home |
Main Index |
Thread Index |
Old Index