-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathluks_conversion_test.go
117 lines (90 loc) · 2.82 KB
/
luks_conversion_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package luks
import (
"os"
"os/exec"
"strings"
"testing"
"github.com/stretchr/testify/require"
)
func prepareLuksDisk(t *testing.T, password string, typ string, extraArgs ...string) (*os.File, error) {
disk, err := os.CreateTemp("", typ+".go.disk")
require.NoError(t, err)
require.NoError(t, disk.Truncate(2*1024*1024))
args := []string{"luksFormat", "--type", typ, "-q", disk.Name()}
args = append(args, extraArgs...)
cmd := exec.Command("cryptsetup", args...)
cmd.Stdin = strings.NewReader(password)
if testing.Verbose() {
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
}
require.NoError(t, cmd.Run())
return disk, err
}
func TestConvertV1toV2(t *testing.T) {
t.Parallel()
password := "test1"
disk, err := prepareLuksDisk(t, password, "luks1")
require.NoError(t, err)
defer disk.Close()
defer os.Remove(disk.Name())
d, err := initV1Device(disk.Name(), disk)
require.NoError(t, err)
tokens, err := d.Tokens()
require.NoError(t, err)
require.Empty(t, tokens)
uuid, err := blkidUUID(disk.Name())
require.NoError(t, err)
require.Equal(t, uuid, d.UUID())
_, err = d.UnsealVolume(0, []byte(password))
require.NoError(t, err)
// convert it to V2
err = exec.Command("cryptsetup", "convert", "--type", "luks2", disk.Name()).Run()
require.NoError(t, err)
d2, err := initV2Device(disk.Name(), disk)
require.NoError(t, err)
_, err = d2.UnsealVolume(0, []byte(password))
require.NoError(t, err)
// convert back to V1
err = exec.Command("cryptsetup", "convert", "--type", "luks1", disk.Name()).Run()
require.NoError(t, err)
d3, err := initV1Device(disk.Name(), disk)
require.NoError(t, err)
_, err = d3.UnsealVolume(0, []byte(password))
require.NoError(t, err)
}
func TestConvertV2toV1(t *testing.T) {
t.Parallel()
password := "test2"
disk, err := prepareLuksDisk(t, password, "luks2", "--sector-size", "512", "--pbkdf", "pbkdf2")
require.NoError(t, err)
defer disk.Close()
defer os.Remove(disk.Name())
d, err := initV2Device(disk.Name(), disk)
require.NoError(t, err)
tokens, err := d.Tokens()
require.NoError(t, err)
require.Empty(t, tokens)
uuid, err := blkidUUID(disk.Name())
require.NoError(t, err)
require.Equal(t, uuid, d.UUID())
_, err = d.UnsealVolume(0, []byte(password))
require.NoError(t, err)
// convert it to V1
cmd := exec.Command("cryptsetup", "convert", "--type", "luks1", disk.Name())
cmd.Stderr = os.Stderr
cmd.Stdout = os.Stdout
err = cmd.Run()
require.NoError(t, err)
d2, err := initV1Device(disk.Name(), disk)
require.NoError(t, err)
_, err = d2.UnsealVolume(0, []byte(password))
require.NoError(t, err)
// convert back to V2
err = exec.Command("cryptsetup", "convert", "--type", "luks2", disk.Name()).Run()
require.NoError(t, err)
d3, err := initV2Device(disk.Name(), disk)
require.NoError(t, err)
_, err = d3.UnsealVolume(0, []byte(password))
require.NoError(t, err)
}