Add validation tests for json area in non compact version.

The non compact json area may contiain whitespace characters
in between json object key and value (e.g.: {"key":   "the_value"}).

For LUKS2 write optimization we need to check and do regression testing
for the case where LUKS2 metadata would contain valid LUKS2 json area in
non compact format. The test is meant to verify if the write optimization
does not leave invalid characters beyond valid and properly terminated
LUKS2 json area.

Author: oniko

tests/generators/generate-luks2-non-compact-json-4k-token-0.img.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+. lib.sh
+
+#
+# *** Description ***
+#
+# generate LUKS2 header with non compact (valid!)
+# json and additional token with id 0 with json
+# format aligned to 4K boundary.
+#
+# The image is tested for correct LUKS2 write optimization
+# where non compact json trailing bytes must not remain in LUKS2 json
+# area after write of shorter (e.g. compact) json.
+
+# $1 full target dir
+# $2 full source luks2 image
+
+generate()
+{
+	# add empty token
+	json_str=$(jq -c '.tokens."0" = {"type":"a", "keyslots":[]}' $TMPDIR/json0)
+	json_len_orig=${#json_str}
+	test $json_len_orig -lt $((LUKS2_JSON_SIZE*512)) || exit 2
+
+	# align to 4k and full 4K of whitespace if already aligned
+	json_fill_len=$((4096-(json_len_orig%4096)))
+	fill=$(repeat_str " " $json_fill_len)
+	json_str_new=$(echo -e $json_str | sed -e "s/\(\"type\":\)\(\"luks2\"\)/\1""$fill""\2/")
+	json_len_new=${#json_str_new}
+
+	test $((json_len_new%4096)) -eq 0 || exit 2
+	test $json_len_new -lt $((LUKS2_JSON_SIZE*512)) || exit 2
+	test $json_len_new -gt $json_len_orig || exit 2
+
+	printf '%s' "$json_str_new" | _dd of=$TMPDIR/json0 bs=4K conv=notrunc
+	printf '%s' "$json_str_new" | _dd of=$TMPDIR/json1 bs=4K conv=notrunc
+
+	lib_mangle_json_hdr0
+	lib_mangle_json_hdr1
+}
+
+check()
+{
+	lib_hdr0_checksum || exit 2
+	lib_hdr1_checksum || exit 2
+
+	read_luks2_json0 $TGT_IMG $TMPDIR/json_res0
+
+	read -r json_str_res < $TMPDIR/json_res0
+	test $((${#json_str_res}%4096)) -eq 0 || exit 2
+	test ${#json_str_res} -gt $json_len_orig || exit 2
+}
+
+lib_prepare $@
+generate
+check
+lib_cleanup

tests/generators/generate-luks2-non-compact-json-token-0.img.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+
+. lib.sh
+
+#
+# *** Description ***
+#
+# generate LUKS2 header with non compact (valid!)
+# json and additional token with id 0.
+#
+# The image is tested for correct LUKS2 write optimization
+# where non compact json trailing bytes must not remain in LUKS2 json
+# area after write of shorter (e.g. compact) json.
+
+# $1 full target dir
+# $2 full source luks2 image
+
+generate()
+{
+	# add empty token
+	json_str=$(jq -c '.tokens."0" = {"type":"a", "keyslots":[]}' $TMPDIR/json0)
+	json_len_orig=${#json_str}
+	test $json_len_orig -lt $((LUKS2_JSON_SIZE*512)) || exit 2
+
+	json_str_new=$(echo -n $json_str | sed -e 's/\(\"type\":\)\(\"luks2\"\)/\1 \2/')
+	json_len_new=${#json_str_new}
+
+	test $json_len_new -lt $((LUKS2_JSON_SIZE*512)) || exit 2
+	test $json_len_new -gt $json_len_orig || exit 2
+
+	printf '%s' "$json_str_new" | _dd of=$TMPDIR/json0 bs=1 conv=notrunc
+	printf '%s' "$json_str_new" | _dd of=$TMPDIR/json1 bs=1 conv=notrunc
+
+	lib_mangle_json_hdr0
+	lib_mangle_json_hdr1
+}
+
+check()
+{
+	lib_hdr0_checksum || exit 2
+	lib_hdr1_checksum || exit 2
+
+	read_luks2_json0 $TGT_IMG $TMPDIR/json_res0
+
+	read -r json_str_res < $TMPDIR/json_res0
+	test ${#json_str_res} -gt $json_len_orig || exit 2
+}
+
+lib_prepare $@
+generate
+check
+lib_cleanup

tests/luks2-validation-test

@@ -73,6 +73,20 @@ test_load()
 	test -z "$_DEBUG" || _debug="--debug"
 
 	case "$1" in
+	T)
+		if [ -n "$_debug" ]; then
+			$CRYPTSETUP token remove --token-id 0 $_debug $IMG
+		else
+			$CRYPTSETUP token remove --token-id 0 $IMG > /dev/null 2>&1
+		fi
+		test $? -eq 0 || return 1
+		if [ -n "$_debug" ]; then
+			$CRYPTSETUP luksDump $_debug $IMG
+		else
+			$CRYPTSETUP luksDump $IMG > /dev/null 2>&1
+		fi
+		test $? -eq 0 || return 1
+		;;
 	R)
 		if [ -n "$_debug" ]; then
 			$CRYPTSETUP luksDump $_debug $IMG
@@ -255,6 +269,10 @@ RUN luks2-keyslot-invalid-area-size.img			"F" "Invalid keyslot area size that ca
 RUN luks2-keyslot-invalid-objects.img			"F" "Invalid keyslot objects not rejected"
 RUN luks2-keyslot-invalid-af.img			"F" "Invalid keyslot objects types not rejected"
 
+echo "[8] Test non compact json does not break write optimization"
+RUN luks2-non-compact-json-token-0.img			"T" "Non compact json area corrupted after write"
+RUN luks2-non-compact-json-4k-token-0.img		"T" "Non compact 4K aligned json area corrupted after write"
+
 remove_mapping
 
 test $FAILS -eq 0 || fail "($FAILS wrong result(s) in total)"