common/encrypt: add helper for ciphertext verification tests
authorEric Biggers <ebiggers@google.com>
Fri, 24 May 2019 22:04:22 +0000 (15:04 -0700)
committerEryu Guan <guaneryu@gmail.com>
Mon, 27 May 2019 12:14:44 +0000 (20:14 +0800)
commit04224f38e09a90a93114a2d9d6ddced6b2fb0857
treea697524479f54ba20b21a3fc34d0c42e86d329f6
parent35525fb5ed797fa2dcdf93d6cecc59b452dc8f8c
common/encrypt: add helper for ciphertext verification tests

Introduce a function _verify_ciphertext_for_encryption_policy() which
verifies the correctness of encryption with the specified settings.

Basically, it does the following:

1. If missing any prerequisites, skip the test.

2. Create files in encrypted directories on the scratch device.

3. Unmount the scratch device and compare the actual ciphertext stored
   on-disk to the ciphertext computed by the fscrypt-crypt-util program.

Both file contents and names are verified, and non-default encryption
modes are supported.  Previously, non-default encryption modes were
untested by xfstests.  Also, while there's an existing test generic/399
that checks that encrypted contents seem random, it doesn't actually
test for correctness, nor does it test filenames encryption.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
common/encrypt