Added ssh tests

This commit is contained in:
Sudhi Herle 2022-06-05 13:47:07 -07:00
parent 0ddf48c92f
commit a428db8feb

View file

@ -7,12 +7,17 @@ arch=`./build --print-arch`
bin=./bin/$arch/sigtool bin=./bin/$arch/sigtool
Z=`basename $0` Z=`basename $0`
# workdir
tmpdir=/tmp/sigtool$$
die() { die() {
echo "$Z: $@" 1>&2 echo "$Z: $@" 1>&2
echo "$Z: Test output in $tmpdir .." 1>&2
exit 1 exit 1
} }
mkdir -p $tmpdir || die "can't mkdir $tmpdir"
[ -x $bin ] || ./build || die "Can't build sigtool for $arch" [ -x $bin ] || ./build || die "Can't build sigtool for $arch"
# env name for reading the password # env name for reading the password
@ -21,9 +26,6 @@ passenv=FOO
# this is the password for SKs # this is the password for SKs
FOO=bar FOO=bar
# basename of keyfile
tmpdir=/tmp/sigtool$$
mkdir -p $tmpdir || die "can't mkdir $tmpdir"
#trap "rm -rf $tmpdir" EXIT #trap "rm -rf $tmpdir" EXIT
@ -41,6 +43,30 @@ decout=$tmpdir/$Z.dec
# exit on any failure # exit on any failure
set -e set -e
# Now try with ssh ed25519 keys
keygen=`which ssh-keygen`
[ -z "$keygen" ] && die "can't find ssh-keygen"
ssk1=$tmpdir/ssk1
spk1=$ssk1.pub
ssk2=$tmpdir/ssk2
spk2=$ssk2.pub
# first generate two ssh keys
$keygen -q -C 'ssk1@foo' -t ed25519 -f $ssk1 -N ""
$keygen -q -C 'ssk2@foo' -t ed25519 -f $ssk2 -N ""
$bin s --no-password $ssk1 -o $sig $0 || die "can't sign with $ssk1"
$bin v -q $spk1 $sig $0 || die "can't verify with $spk2"
$bin e --no-password -o $encout $spk2 $0 || die "can't encrypt to $spk2 with $ssk1"
$bin d --no-password -o $decout $ssk2 $encout || die "can't decrypt with $ssk2"
# cleanup state
rm -f $sig $encout $decout
# generate keys # generate keys
$bin g -E FOO $bn || die "can't gen keypair $pk, $sk" $bin g -E FOO $bn || die "can't gen keypair $pk, $sk"
$bin g -E FOO $bn && die "overwrote prev keypair" $bin g -E FOO $bn && die "overwrote prev keypair"
@ -62,6 +88,8 @@ $bin e -E FOO --overwrite -o $encout -s $sk $pk2 $0 || die "can't sender-en
$bin d -E FOO --overwrite -o $decout -v $pk $sk2 $encout || die "can't decrypt with $sk2" $bin d -E FOO --overwrite -o $decout -v $pk $sk2 $encout || die "can't decrypt with $sk2"
cmp -s $decout $0 || die "decrypted file mismatch with $0" cmp -s $decout $0 || die "decrypted file mismatch with $0"
# Only delete if everything worked
echo "$Z: All tests pass!"
rm -rf $tmpdir
# vim: tw=100 sw=4 ts=4 expandtab # vim: tw=100 sw=4 ts=4 expandtab