234 | 234 |
if not m or len(m.groups()) != 1:
|
235 | 235 |
self.fail("Failed to get pbkdf information from:\n%s %s" % (out, err))
|
236 | 236 |
self.assertEqual(int(m.group(1)), 5)
|
|
237 |
|
|
238 |
def _get_luks1_key_size(self, device):
|
|
239 |
_ret, out, err = run_command("cryptsetup luksDump %s" % device)
|
|
240 |
m = re.search(r"MK bits:\s*(\S+)\s*", out)
|
|
241 |
if not m or len(m.groups()) != 1:
|
|
242 |
self.fail("Failed to get key size information from:\n%s %s" % (out, err))
|
|
243 |
key_size = m.group(1)
|
|
244 |
if not key_size.isnumeric():
|
|
245 |
self.fail("Failed to get key size information from: %s" % key_size)
|
|
246 |
return int(key_size)
|
|
247 |
|
|
248 |
@tag_test(TestTags.SLOW, TestTags.CORE)
|
|
249 |
def test_luks_format_key_size(self):
|
|
250 |
"""Verify that formating device as LUKS works"""
|
|
251 |
|
|
252 |
# aes-xts: key size should default to 512
|
|
253 |
succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 0, PASSWD, None, 0)
|
|
254 |
self.assertTrue(succ)
|
|
255 |
|
|
256 |
key_size = self._get_luks1_key_size(self.loop_dev)
|
|
257 |
self.assertEqual(key_size, 512)
|
|
258 |
|
|
259 |
# aes-cbc: key size should default to 256
|
|
260 |
succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-cbc-essiv:sha256", 0, PASSWD, None, 0)
|
|
261 |
self.assertTrue(succ)
|
|
262 |
|
|
263 |
key_size = self._get_luks1_key_size(self.loop_dev)
|
|
264 |
self.assertEqual(key_size, 256)
|
|
265 |
|
|
266 |
# try specifying key size for aes-xts
|
|
267 |
succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 256, PASSWD, None, 0)
|
|
268 |
self.assertTrue(succ)
|
|
269 |
|
|
270 |
key_size = self._get_luks1_key_size(self.loop_dev)
|
|
271 |
self.assertEqual(key_size, 256)
|
|
272 |
|
237 | 273 |
|
238 | 274 |
class CryptoTestResize(CryptoTestCase):
|
239 | 275 |
|