Commit 8295bde9 authored by Ondrej Kozina's avatar Ondrej Kozina Committed by Milan Broz

Update tests for token enhancements.

- add crypt_token_is_assigned tests
- test crypt_token_json_set extended to be able
  to create builtin tokens.
parent f3a9e95d
......@@ -1456,6 +1456,12 @@ static void Tokens(void)
#define BOGUS_TOKEN0_JSON "{\"type\":\"luks2-\",\"keyslots\":[]}"
#define BOGUS_TOKEN1_JSON "{\"type\":\"luks2-a\",\"keyslots\":[]}"
#define LUKS2_KEYRING_TOKEN_JSON(x, y) "{\"type\":\"luks2-keyring\",\"keyslots\":[" x "]," \
"\"key_description\":" y "}"
#define LUKS2_KEYRING_TOKEN_JSON_BAD(x, y) "{\"type\":\"luks2-keyring\",\"keyslots\":[" x "]," \
"\"key_description\":" y ", \"some_field\":\"some_value\"}"
struct crypt_device *cd;
const char *dummy;
......@@ -1544,10 +1550,12 @@ static void Tokens(void)
EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, PASSPHRASE, 0), 0);
OK_(crypt_deactivate(cd, CDEVICE_1));
EQ_(crypt_token_assign_keyslot(cd, 0, 1), 0);
OK_(crypt_token_is_assigned(cd, 0, 1));
EQ_(crypt_activate_by_token(cd, CDEVICE_1, 0, PASSPHRASE1, 0), 1);
OK_(crypt_deactivate(cd, CDEVICE_1));
EQ_(crypt_token_assign_keyslot(cd, 2, 3), 2);
OK_(crypt_token_is_assigned(cd, 2, 3));
EQ_(crypt_activate_by_token(cd, NULL, 2, PASSPHRASE, 0), 0);
EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, PASSPHRASE, 0), 0);
OK_(crypt_deactivate(cd, CDEVICE_1));
......@@ -1561,6 +1569,29 @@ static void Tokens(void)
FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, BOGUS_TOKEN0_JSON), "luks2- reserved prefix.");
FAIL_(crypt_token_json_set(cd, CRYPT_ANY_TOKEN, BOGUS_TOKEN1_JSON), "luks2- reserved prefix.");
// test we can use crypt_token_json_set for valid luks2-keyring token
FAIL_(crypt_token_json_set(cd, 12, LUKS2_KEYRING_TOKEN_JSON_BAD("\"0\"", "\"my_desc_x\"")), "Strict luks2-keyring token validation failed");
EQ_(crypt_token_status(cd, 12, NULL), CRYPT_TOKEN_INACTIVE);
FAIL_(crypt_token_json_set(cd, 12, LUKS2_KEYRING_TOKEN_JSON("\"5\"", "\"my_desc\"")), "Missing keyslot 5.");
EQ_(crypt_token_json_set(cd, 10, LUKS2_KEYRING_TOKEN_JSON("\"1\"", "\"my_desc\"")), 10);
EQ_(crypt_token_status(cd, 10, &dummy), CRYPT_TOKEN_INTERNAL);
OK_(strcmp(dummy, "luks2-keyring"));
params.key_description = NULL;
EQ_(crypt_token_luks2_keyring_get(cd, 10, &params), 10);
OK_(strcmp(params.key_description, "my_desc"));
OK_(crypt_token_is_assigned(cd, 10, 1));
// unassigned tests
EQ_(crypt_token_is_assigned(cd, 10, 21), -ENOENT);
EQ_(crypt_token_is_assigned(cd, 21, 1), -ENOENT);
// wrong keyslot or token id tests
EQ_(crypt_token_is_assigned(cd, -1, 1), -EINVAL);
EQ_(crypt_token_is_assigned(cd, 32, 1), -EINVAL);
EQ_(crypt_token_is_assigned(cd, 10, -1), -EINVAL);
EQ_(crypt_token_is_assigned(cd, 10, 32), -EINVAL);
EQ_(crypt_token_is_assigned(cd, -1, -1), -EINVAL);
EQ_(crypt_token_is_assigned(cd, 32, 32), -EINVAL);
crypt_free(cd);
}
......@@ -2657,6 +2688,11 @@ static void Luks2Requirements(void)
/* crypt_deactivate (unrestricted) */
OK_(crypt_deactivate(cd, CDEVICE_1));
/* crypt_token_is_assigned (unrestricted) */
OK_(crypt_token_is_assigned(cd, 1, 0));
OK_(crypt_token_is_assigned(cd, 6, 0));
EQ_(crypt_token_is_assigned(cd, 0, 0), -ENOENT);
/* crypt_keyslot_destroy (unrestricted) */
OK_(crypt_keyslot_destroy(cd, 0));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment