#!/bin/bash -ex

function cleanup ()
{
	umount /mnt || :;
	cryptsetup remove "$cname" || :;
	losetup -d "$blk";
}

trap "cleanup; echo FAILED" ERR

blk="/dev/loop94";
cname="_dev_loop94";
cblk="/dev/mapper/$cname";
p128="128bitsXXXXXXXXX"
p256="256bitsXXXXXXXXXXXXXXXXXXXXXXXXX"
p512="512bitsXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";

rm -f t-crypt.fs;
truncate -s $[64*1048576] t-crypt.fs;
losetup "$blk" t-crypt.fs;

echo -en "$p256" | cryptsetup luksFormat "$blk";
echo -en "$p256" | cryptsetup luksOpen "$blk" "$cname";
mkfs.ext4 "$cblk";
cryptsetup luksClose "$cname";
echo -en "$p256" >t-crypt.key;
./mount.crypt -vo keyfile=t-crypt.key,fsk_cipher=none "$blk" /mnt;
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;

echo -en "abc" | cryptsetup luksFormat "$blk";
echo -en "abc\nxyz\n" | cryptsetup luksAddKey "$blk";
echo -en "abc" | cryptsetup luksOpen "$blk" "$cname";
mkfs.ext4 "$cblk";
cryptsetup luksClose "$cname";
echo -en "abc" | ./mount.crypt -v "$blk" /mnt;
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
echo -en "xyz" | ./mount.crypt -v "$blk" /mnt;
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;

echo -en "$p512" | \
	cryptsetup --key-file=- -c aes-xts-plain \
	-h sha512 -s 512 create "$cname" "$blk";
mkfs.ext4 "$cblk";
cryptsetup remove "$cname";
echo -en "$p512" | \
	./mount.crypt -vo "hash=sha512,keysize=512,cipher=aes-xts-plain" \
	"$blk" /mnt;
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;

echo -en "$p512" | \
	cryptsetup --key-file=- -c aes-xts-plain \
	-h plain -s 512 create "$cname" "$blk";
mkfs.ext4 "$cblk";
cryptsetup remove "$cname";
echo -en "$p512" | \
	./mount.crypt -vo "keysize=512,cipher=aes-xts-plain" \
	"$blk" /mnt;
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;

echo -en "$p512" >/dev/shm/p512.key;
echo -en "$p512" | openssl bf-cbc -pass pass:abc >/dev/shm/p512.enc;
cryptsetup --key-file=/dev/shm/p512.key -c aes-xts-plain -h plain -s 512 \
	create "$cname" "$blk";
mkfs.ext4 "$cblk";
cryptsetup remove "$cname";
echo -en abc | \
	./mount.crypt -vo keyfile=/dev/shm/p512.enc,cipher=aes-xts-plain,fsk_cipher=bf-cbc,fsk_hash=md5 \
	"$blk" /mnt;
PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;

for p in "short" "$p128" "$p256" "$p512"; do
	echo -en "$p" | cryptsetup --key-file=- -c aes-cbc-essiv:sha256 \
		-h sha512 create "$cname" "$blk";
	mkfs.ext4 "$cblk";
	cryptsetup remove "$cname";
	echo -en "$p" | ./mount.crypt -vo \
		hash=sha512,cipher=aes-cbc-essiv:sha256 "$blk" /mnt;
	PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
done;

for ((k = 32; k <= 448; k += 8)); do
	echo -en "$p512" | cryptsetup --key-file=- -c blowfish \
		-h sha512 -s "$k" create "$cname" "$blk";
	mkfs.ext4 "$cblk";
	cryptsetup remove "$cname";
	echo -en "$p512" | ./mount.crypt -vo \
		"hash=sha512,keysize=$k,cipher=blowfish" \
		"$blk" /mnt;
	PMT_DEBUG_UMOUNT=1 ./umount.crypt /mnt;
done;

trap "" ERR;
cleanup;
echo "All tests passed";
