cli-tests: add t_encrypt_login

Test encrypting a directory using a login (pam_passphrase) protector.
author: Eric Biggers <ebiggers@google.com> 2020-05-09 14:04:47 -0700
committer: Eric Biggers <ebiggers@google.com> 2020-05-09 14:04:47 -0700
commit: 280c466cff982ff536016cc35cc135dd439782a4 (patch)
tree: 4239a5a55e78a55d04301c3d5a3c2dd29c72e052 /cli-tests
parent: 992dfbcd72e35a9da38319c5cf37754dec118412 (diff)
2 files changed, 234 insertions, 0 deletions
diff --git a/cli-tests/t_encrypt_login.out b/cli-tests/t_encrypt_login.out
new file mode 100644
index 0000000..c6eb463
--- /dev/null
+++ b/cli-tests/t_encrypt_login.out
@@ -0,0 +1,148 @@
+
+# Encrypt with login protector
+See "MNT/dir/fscrypt_recovery_readme.txt" for important recovery instructions!
+ext4 filesystem "MNT" has 2 protectors and 1 policy
+
+PROTECTOR         LINKED                              DESCRIPTION
+desc1  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+desc2  No                                  custom protector "Recovery passphrase for dir"
+
+POLICY                            UNLOCKED  PROTECTORS
+desc3  Yes       desc1, desc2
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+
+PROTECTOR         LINKED  DESCRIPTION
+desc1  No      login protector for fscrypt-test-user
+"MNT/dir" is encrypted with fscrypt.
+
+Policy:   desc3
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 2 protectors:
+PROTECTOR         LINKED                              DESCRIPTION
+desc1  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+desc2  No                                  custom protector "Recovery passphrase for dir"
+
+# => Lock, then unlock with login passphrase
+"MNT/dir" is now locked.
+
+# => Lock, then unlock with recovery passphrase
+"MNT/dir" is now locked.
+
+# Encrypt with login protector, interactively
+spawn fscrypt encrypt MNT/dir
+The following protector sources are available:
+1 - Your login passphrase (pam_passphrase)
+2 - A custom passphrase (custom_passphrase)
+3 - A raw 256-bit key (raw_key)
+Enter the source number for the new protector [2 - custom_passphrase]: 1
+Enter login passphrase for fscrypt-test-user: 
+Protector is on a different filesystem! Generate a recovery passphrase (recommended)? [Y/n] y
+See "MNT/dir/fscrypt_recovery_readme.txt" for important recovery instructions!
+"MNT/dir" is now encrypted, unlocked, and ready for use.
+ext4 filesystem "MNT" has 2 protectors and 1 policy
+
+PROTECTOR         LINKED                              DESCRIPTION
+desc10  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+desc11  No                                  custom protector "Recovery passphrase for dir"
+
+POLICY                            UNLOCKED  PROTECTORS
+desc12  Yes       desc10, desc11
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+
+PROTECTOR         LINKED  DESCRIPTION
+desc10  No      login protector for fscrypt-test-user
+"MNT/dir" is encrypted with fscrypt.
+
+Policy:   desc12
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 2 protectors:
+PROTECTOR         LINKED                              DESCRIPTION
+desc10  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+desc11  No                                  custom protector "Recovery passphrase for dir"
+
+# Encrypt with login protector as root
+See "MNT/dir/fscrypt_recovery_readme.txt" for important recovery instructions!
+ext4 filesystem "MNT" has 2 protectors and 1 policy
+
+PROTECTOR         LINKED                              DESCRIPTION
+desc19  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+desc20  No                                  custom protector "Recovery passphrase for dir"
+
+POLICY                            UNLOCKED  PROTECTORS
+desc21  Yes       desc19, desc20
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+
+PROTECTOR         LINKED  DESCRIPTION
+desc19  No      login protector for fscrypt-test-user
+"MNT/dir" is encrypted with fscrypt.
+
+Policy:   desc21
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 2 protectors:
+PROTECTOR         LINKED                              DESCRIPTION
+desc19  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+desc20  No                                  custom protector "Recovery passphrase for dir"
+
+# Encrypt with login protector with --no-recovery
+ext4 filesystem "MNT" has 1 protector and 1 policy
+
+PROTECTOR         LINKED                              DESCRIPTION
+desc28  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+
+POLICY                            UNLOCKED  PROTECTORS
+desc29  Yes       desc28
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+
+PROTECTOR         LINKED  DESCRIPTION
+desc28  No      login protector for fscrypt-test-user
+"MNT/dir" is encrypted with fscrypt.
+
+Policy:   desc29
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 1 protector:
+PROTECTOR         LINKED                              DESCRIPTION
+desc28  Yes (MNT_ROOT)  login protector for fscrypt-test-user
+
+# Encrypt with login protector on root fs (shouldn't generate a recovery passphrase)
+"MNT_ROOT/dir" is encrypted with fscrypt.
+
+Policy:   desc34
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 1 protector:
+PROTECTOR         LINKED  DESCRIPTION
+desc35  No      login protector for fscrypt-test-user
+ext4 filesystem "MNT_ROOT" has 1 protector and 1 policy
+
+PROTECTOR         LINKED  DESCRIPTION
+desc35  No      login protector for fscrypt-test-user
+
+POLICY                            UNLOCKED  PROTECTORS
+desc34  Yes       desc35
+
+# Try to give a login protector a name
+[ERROR] fscrypt encrypt: login protectors do not need a name
+ext4 filesystem "MNT" has 0 protectors and 0 policies
+
+ext4 filesystem "MNT_ROOT" has 0 protectors and 0 policies
+
+[ERROR] fscrypt status: get encryption policy MNT/dir: file
+                        or directory not encrypted
+
+# Try to use the wrong login passphrase
+[ERROR] fscrypt encrypt: incorrect login passphrase
+ext4 filesystem "MNT" has 0 protectors and 0 policies
+
+ext4 filesystem "MNT_ROOT" has 0 protectors and 0 policies
+
+[ERROR] fscrypt status: get encryption policy MNT/dir: file
+                        or directory not encrypted
diff --git a/cli-tests/t_encrypt_login.sh b/cli-tests/t_encrypt_login.sh
new file mode 100755
index 0000000..11a62f1
--- /dev/null
+++ b/cli-tests/t_encrypt_login.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+
+# Test encrypting a directory using a login (pam_passphrase) protector.
+
+cd "$(dirname "$0")"
+. common.sh
+
+dir="$MNT/dir"
+
+begin()
+{
+	_reset_filesystems
+	mkdir "$dir"
+	_print_header "$1"
+}
+
+show_status()
+{
+	local encrypted=$1
+
+	fscrypt status "$MNT"
+	fscrypt status "$MNT_ROOT"
+	if $encrypted; then
+		fscrypt status "$dir"
+	else
+		_expect_failure "fscrypt status '$dir'"
+	fi
+}
+
+begin "Encrypt with login protector"
+chown "$TEST_USER" "$dir"
+_user_do "echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase '$dir'"
+show_status true
+recovery_passphrase=$(grep -E '^ +[a-z]{20}$' "$dir/fscrypt_recovery_readme.txt" | sed 's/^ +//')
+recovery_protector=$(fscrypt status "$dir" | awk '/Recovery passphrase/{print $1}')
+login_protector=$(fscrypt status "$dir" | awk '/login protector/{print $1}')
+_print_header "=> Lock, then unlock with login passphrase"
+_user_do "fscrypt lock '$dir'"
+# FIXME: should we be able to use $MNT:$login_protector here?
+_user_do "echo TEST_USER_PASS | fscrypt unlock --quiet --unlock-with=$MNT_ROOT:$login_protector '$dir'"
+_print_header "=> Lock, then unlock with recovery passphrase"
+_user_do "fscrypt lock '$dir'"
+_user_do "echo $recovery_passphrase | fscrypt unlock --quiet --unlock-with=$MNT:$recovery_protector '$dir'"
+
+begin "Encrypt with login protector, interactively"
+chown "$TEST_USER" "$dir"
+_user_do expect << EOF
+spawn fscrypt encrypt "$dir"
+expect "Enter the source number for the new protector"
+send "1\r"
+expect "Enter login passphrase"
+send "TEST_USER_PASS\r"
+expect "Protector is on a different filesystem! Generate a recovery passphrase (recommended)?"
+send "y\r"
+expect eof
+EOF
+show_status true
+
+begin "Encrypt with login protector as root"
+echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase --user="$TEST_USER" "$dir"
+show_status true
+
+begin "Encrypt with login protector with --no-recovery"
+chown "$TEST_USER" "$dir"
+_user_do "echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase --no-recovery '$dir'"
+show_status true
+
+begin "Encrypt with login protector on root fs (shouldn't generate a recovery passphrase)"
+mkdir "$MNT_ROOT/dir"
+chown "$TEST_USER" "$MNT_ROOT/dir"
+_user_do "echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase --no-recovery '$MNT_ROOT/dir'"
+fscrypt status "$MNT_ROOT/dir"
+fscrypt status "$MNT_ROOT"
+rmdir "$MNT_ROOT/dir"
+
+begin "Try to give a login protector a name"
+chown "$TEST_USER" "$dir"
+_user_do_and_expect_failure \
+	"echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase --name=prot '$dir'"
+show_status false
+
+begin "Try to use the wrong login passphrase"
+chown "$TEST_USER" "$dir"
+_user_do_and_expect_failure \
+	"echo wrong_passphrase | fscrypt encrypt --quiet --source=pam_passphrase '$dir'"
+show_status false
author	Eric Biggers <ebiggers@google.com>	2020-05-09 14:04:47 -0700
committer	Eric Biggers <ebiggers@google.com>	2020-05-09 14:04:47 -0700
commit	280c466cff982ff536016cc35cc135dd439782a4 (patch)
tree	4239a5a55e78a55d04301c3d5a3c2dd29c72e052 /cli-tests
parent	992dfbcd72e35a9da38319c5cf37754dec118412 (diff)