#!/bin/bash

# check hash processing in create command

CRYPTSETUP=../src/cryptsetup
DEV_NAME=dmc_test
KEY_FILE=keyfile

DEV2=$DEV_NAME"_x"

dmremove() { # device
	udevadm settle >/dev/null 2>&1
	dmsetup remove $1 >/dev/null 2>&1
}

cleanup() {
	[ -b /dev/mapper/$DEV2 ] && dmremove $DEV2
	[ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
	rm -f $KEY_FILE
	exit $1
}

crypt_key() # hash keysize pwd/file name outkey [limit]
{
	DEV2=$DEV_NAME"_x"
	LIMIT=""
	MODE=aes-cbc-essiv:sha256
	[ $2 -gt 256 ] && MODE=aes-xts-plain
	[ -n "$6" ] && LIMIT="-l $6"

	echo -n "HASH: $1 KSIZE: $2 / $3"
	case "$3" in
	pwd)
		echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
		ret=$?
		;;
	stdin)
		echo -e -n "$4" | $CRYPTSETUP create -c $MODE -d "-" -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
		ret=$?
		;;
	cat)
		cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
		ret=$?
		;;
	file)
		$CRYPTSETUP create -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
		ret=$?
		;;
	*)
		fail
		;;
	esac

	if [ $ret -ne 0 ] ; then
		echo " [n/a]"
		return
	fi

	VKEY=$(dmsetup table $DEV2 --showkeys 2>/dev/null | cut -d' '  -f 5)
	if [ "$VKEY" != "$5" ] ; then
		echo " [FAILED]"
		echo "expected: $5"
		echo "real key: $VKEY"
		cleanup 100
	else
		echo " [OK]"
	fi

	dmremove $DEV2
}

if [ $(id -u) != 0 ]; then
	echo "WARNING: You must be root to run this test, test skipped."
	exit 0
fi

dmsetup create $DEV_NAME --table "0 10240 zero" >/dev/null 2>&1

crypt_key ripemd160   0 pwd "xxx" aeb26d1f69eb6dddfb9381eed4d7299f091e99aa5d3ff06866d4ce9f620f7aca
crypt_key ripemd160 256 pwd "xxx" aeb26d1f69eb6dddfb9381eed4d7299f091e99aa5d3ff06866d4ce9f620f7aca
crypt_key ripemd160 128 pwd "xxx" aeb26d1f69eb6dddfb9381eed4d7299f
crypt_key sha1      256 pwd "xxx" b60d121b438a380c343d5ec3c2037564b82ffef30b1e0a6ad9af7a73aa91c197
crypt_key sha1      128 pwd "xxx" b60d121b438a380c343d5ec3c2037564
crypt_key sha256    256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
crypt_key sha256    128 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7

crypt_key ripemd160   0 stdin "xxx"   aeb26d1f69eb6dddfb9381eed4d7299f091e99aa5d3ff06866d4ce9f620f7aca
crypt_key ripemd160 256 stdin "xxx\n" 625ce2a8dbdf08f1de400dba7ab9fab246f2a55ad6136e6cafd6703732dab8cf

# with keyfile, hash is ignored
crypt_key ripemd160 256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000
crypt_key sha256    256 file /dev/zero 0000000000000000000000000000000000000000000000000000000000000000

# limiting key
crypt_key sha256:20 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b4580588000000000000000000000000
crypt_key sha256:32 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860

# key file, 80 chars
echo -n -e "0123456789abcdef\n\x01\x00\x03\xff\xff\r\xff\xff\n\r" \
	   "2352j3rkjhadcfasc823rqaw7e1 3dq sdq3d 2dkjqw3h2=====" >$KEY_FILE
KEY_FILE_HEX="303132333435363738396162636465660a010003ffff0dffff0a0d20323335326a33726b6a686164636661736338323372716177376531203364712073647133"

crypt_key ripemd160 256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
crypt_key sha256    256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
crypt_key sha256    128 file $KEY_FILE ${KEY_FILE_HEX:0:32}
crypt_key sha256    512 file $KEY_FILE $KEY_FILE_HEX

# stdin can be limited
crypt_key plain     128 cat /dev/zero 00000000000000000000000000000000 16
crypt_key plain     128 cat /dev/zero 00000000000000000000000000000000 17
crypt_key plain     128 cat $KEY_FILE ${KEY_FILE_HEX:0:28}0000 14
crypt_key sha256    128 cat $KEY_FILE a82c9227cc54c7475620ce85ba1fca1e 14
crypt_key sha256:14 128 cat $KEY_FILE a82c9227cc54c7475620ce85ba1f0000 14

crypt_key sha256    128 pwd "0123456789abcdef" 9f9f5111f7b27a781f1f1ddde5ebc2dd 16
crypt_key sha256    128 pwd "0123456789abcdef" 1be2e452b46d7a0d9656bbb1f768e824  4
crypt_key sha256    128 pwd "0123"             1be2e452b46d7a0d9656bbb1f768e824  4

cleanup 0
