Implement the changePassword method
With this commit, it is now possible to change the password for the
LUKS-encrypted volume, using the changePassword D-Bus method for
eStoraged.
Tested:
$ busctl call xyz.openbmc_project.eStoraged \
/xyz/openbmc_project/inventory/storage/mmcblk0 \
xyz.openbmc_project.Inventory.Item.Volume FormatLuks ays 3 1 2 3 \
xyz.openbmc_project.Inventory.Item.Volume.FilesystemType.ext4 \
--timeout=60
$ busctl call xyz.openbmc_project.eStoraged \
/xyz/openbmc_project/inventory/storage/mmcblk0 \
xyz.openbmc_project.Inventory.Item.Volume ChangePassword \
ayay 3 1 2 3 3 4 5 6
$ busctl call xyz.openbmc_project.eStoraged \
/xyz/openbmc_project/inventory/storage/mmcblk0 \
xyz.openbmc_project.Inventory.Item.Volume Lock
Attempted to unlock using the old password. It failed as expected.
$ busctl call xyz.openbmc_project.eStoraged \
/xyz/openbmc_project/inventory/storage/mmcblk0 \
xyz.openbmc_project.Inventory.Item.Volume Unlock ay 3 1 2 3
Unlocked with the new password
$ busctl call xyz.openbmc_project.eStoraged \
/xyz/openbmc_project/inventory/storage/mmcblk0 \
xyz.openbmc_project.Inventory.Item.Volume Unlock ay 3 4 5 6
Signed-off-by: John Wedig <johnwedig@google.com>
Change-Id: If1395fb04f51b1fb1a3d26731422d21476205207
diff --git a/src/test/estoraged_test.cpp b/src/test/estoraged_test.cpp
index 0bbb32b..9fde533 100644
--- a/src/test/estoraged_test.cpp
+++ b/src/test/estoraged_test.cpp
@@ -452,4 +452,46 @@
EXPECT_FALSE(esObject->isLocked());
}
+/* Test case where we successfully change the password. */
+TEST_F(EStoragedTest, ChangePasswordSuccess)
+{
+ std::string newPasswordString("newPassword");
+ std::vector<uint8_t> newPassword(newPasswordString.begin(),
+ newPasswordString.end());
+
+ EXPECT_CALL(*mockCryptIface, cryptLoad(_, _, _)).Times(1);
+
+ EXPECT_CALL(*mockCryptIface,
+ cryptKeyslotChangeByPassphrase(
+ _, _, _, reinterpret_cast<const char*>(password.data()),
+ password.size(),
+ reinterpret_cast<const char*>(newPassword.data()),
+ newPassword.size()))
+ .WillOnce(Return(0));
+
+ /* Change the password for the LUKS-encrypted device. */
+ esObject->changePassword(password, newPassword);
+}
+
+/* Test case where we fail to change the password. */
+TEST_F(EStoragedTest, ChangePasswordFail)
+{
+ std::string newPasswordString("newPassword");
+ std::vector<uint8_t> newPassword(newPasswordString.begin(),
+ newPasswordString.end());
+
+ EXPECT_CALL(*mockCryptIface, cryptLoad(_, _, _)).Times(1);
+
+ EXPECT_CALL(*mockCryptIface,
+ cryptKeyslotChangeByPassphrase(
+ _, _, _, reinterpret_cast<const char*>(password.data()),
+ password.size(),
+ reinterpret_cast<const char*>(newPassword.data()),
+ newPassword.size()))
+ .WillOnce(Return(-1));
+
+ EXPECT_THROW(esObject->changePassword(password, newPassword),
+ InternalFailure);
+}
+
} // namespace estoraged_test
diff --git a/src/test/include/estoraged_test.hpp b/src/test/include/estoraged_test.hpp
index ebd9e11..6809c37 100644
--- a/src/test/include/estoraged_test.hpp
+++ b/src/test/include/estoraged_test.hpp
@@ -59,6 +59,12 @@
void* params),
(override));
+ MOCK_METHOD(int, cryptKeyslotChangeByPassphrase,
+ (struct crypt_device * cd, int keyslotOld, int keyslotNew,
+ const char* passphrase, size_t passphraseSize,
+ const char* newPassphrase, size_t newPassphraseSize),
+ (override));
+
MOCK_METHOD(int, cryptActivateByPassphrase,
(struct crypt_device * cd, const char* name, int keyslot,
const char* passphrase, size_t passphrase_size,