#!/bin/bash -ex
# vim: set ts=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
#
# Copyright (c) 2020 Red Hat, Inc.
# Author: Sergio Correia <scorreia@redhat.com>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

TEST=$(basename "${0}")
. tests-common-functions
. clevis-luks-common-functions

on_exit() {
    [ -d "${TMP}" ] && rm -rf "${TMP}"
}

trap 'on_exit' EXIT

TMP="$(mktemp -d)"

ADV="${TMP}/adv.jws"
create_tang_adv "${ADV}"
CFG="$(printf '{"url":"foobar","adv":"%s"}' "$ADV")"

# LUKS1.
DEV="${TMP}/luks2-device"
new_device "luks2" "${DEV}"

for slt in 6 2 3; do
    if ! clevis luks bind -f -d "${DEV}" -s "${slt}" tang "${CFG}" <<< "${DEFAULT_PASS}"; then
        error "${TEST}: [slot: $slt] Binding is expected to succeed when given a correct (${DEFAULT_PASS}) password." >&2
    fi
done


# Backup device.
if ! clevis_luks_backup_dev "${DEV}" "${TMP}"; then
    error "${TEST}: problem performing device backup"
fi

# Save the original device for conference later.
BKPDEV="${TMP}"/device-for-conference
cp "${DEV}" "${BKPDEV}"

# Recreate device
new_device "luks2" "${DEV}"

used_slots=$(clevis_luks_used_slots "${DEV}")
if [ "${used_slots}" -ne 0 ]; then
    error "${TEST}: only used slot shold be 0 ($used_slots)"
fi

if compare_luks_header "${DEV}" "${BKPDEV}" "${TMP}"; then
    error "${TEST}: LUKS headers should not match"
fi

if compare_luks2_metadata "${DEV}" "${BKPDEV}"; then
    error "${TEST}: LUKS metadata should not match"
fi

# Restore from backup.
if ! clevis_luks_restore_dev "${TMP}"; then
    error "${TEST}: problem performing device restore"
fi

if ! compare_luks_header "${DEV}" "${BKPDEV}" "${TMP}"; then
    error "${TEST}: LUKS headers should match"
fi

if ! compare_luks2_metadata "${DEV}" "${BKPDEV}"; then
    error "${TEST}: metadata should match"
fi