| QA output created by 593 |
| |
| # ========================== |
| # Test with policy version 1 |
| # ========================== |
| |
| # Adding key to filesystem |
| Added encryption key with descriptor 0000111122223333 |
| |
| # Creating encrypted file |
| |
| # Removing key from filesystem |
| Removed encryption key with descriptor 0000111122223333 |
| cat: SCRATCH_MNT/dir/file: No such file or directory |
| |
| # Adding fscrypt-provisioning key |
| |
| # Adding key to filesystem via fscrypt-provisioning key |
| Added encryption key with descriptor 0000111122223333 |
| |
| # Reading encrypted file |
| contents |
| |
| # Cleaning up |
| |
| # ========================== |
| # Test with policy version 2 |
| # ========================== |
| |
| # Adding key to filesystem |
| Added encryption key with identifier 69b2f6edeee720cce0577937eb8a6751 |
| |
| # Creating encrypted file |
| |
| # Removing key from filesystem |
| Removed encryption key with identifier 69b2f6edeee720cce0577937eb8a6751 |
| cat: SCRATCH_MNT/dir/file: No such file or directory |
| |
| # Adding fscrypt-provisioning key |
| |
| # Adding key to filesystem via fscrypt-provisioning key |
| Added encryption key with identifier 69b2f6edeee720cce0577937eb8a6751 |
| |
| # Reading encrypted file |
| contents |
| |
| # Cleaning up |
| |
| # ================ |
| # Validation tests |
| # ================ |
| |
| # Adding an invalid fscrypt-provisioning key fails |
| # ... bad type |
| add_key: Invalid argument |
| # ... bad type |
| add_key: Invalid argument |
| # ... raw key too small |
| add_key: Invalid argument |
| # ... raw key too large |
| add_key: Invalid argument |
| |
| # keyctl_read() doesn't work on fscrypt-provisioning keys |
| keyctl_read_alloc: Operation not supported |
| |
| # Only keys with the correct fscrypt_provisioning_key_payload::type field can be added |
| # ... keyring key is v1, filesystem wants v2 key |
| Error adding encryption key: Key was rejected by service |
| # ... keyring key is v2, filesystem wants v1 key |
| Error adding encryption key: Key was rejected by service |
| |
| # Only keys of type fscrypt-provisioning can be added |
| Error adding encryption key: Key was rejected by service |