From a35a8a764e750c484dd649a463262f7c6fe692ba Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Sat, 9 May 2020 14:04:47 -0700
Subject: cli-tests: add t_encrypt_raw_key

Test encrypting a directory using a raw_key protector.
---
 cli-tests/t_encrypt_raw_key.sh | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100755 cli-tests/t_encrypt_raw_key.sh

(limited to 'cli-tests/t_encrypt_raw_key.sh')

diff --git a/cli-tests/t_encrypt_raw_key.sh b/cli-tests/t_encrypt_raw_key.sh
new file mode 100755
index 0000000..260b094
--- /dev/null
+++ b/cli-tests/t_encrypt_raw_key.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+# Test encrypting a directory using a raw_key protector.
+
+cd "$(dirname "$0")"
+. common.sh
+
+dir="$MNT/dir"
+raw_key_file="$TMPDIR/raw_key"
+
+begin()
+{
+	_reset_filesystems
+	mkdir "$dir"
+	_print_header "$1"
+}
+
+show_status()
+{
+	local encrypted=$1
+
+	fscrypt status "$MNT"
+	if $encrypted; then
+		fscrypt status "$dir"
+	else
+		_expect_failure "fscrypt status '$dir'"
+	fi
+}
+
+begin "Encrypt with raw_key protector"
+head -c 32 /dev/urandom > "$raw_key_file"
+fscrypt encrypt --quiet --name=prot --source=raw_key --key="$raw_key_file" "$dir"
+show_status true
+
+begin "Try to encrypt with raw_key protector, using wrong key length"
+head -c 16 /dev/urandom > "$raw_key_file"
+_expect_failure "fscrypt encrypt --quiet --name=prot --source=raw_key --key='$raw_key_file' '$dir'"
+show_status false
-- 
cgit v1.3