Added ssh tests

2022-06-05 13:47:07 -07:00 · 2022-06-05 13:47:07 -07:00 · a428db8feb
commit a428db8feb
parent 0ddf48c92f
1 changed files with 34 additions and 6 deletions
--- a/tests.sh
+++ b/tests.sh
@ -7,13 +7,18 @@ arch=`./build --print-arch`
 bin=./bin/$arch/sigtool
 Z=`basename $0`

+# workdir
+tmpdir=/tmp/sigtool$$
+
 die() {
    echo "$Z: $@" 1>&2
+    echo "$Z: Test output in $tmpdir .." 1>&2
    exit 1
 }


-[ -x $bin ] || ./build || die "Can't build sigtool for $arch"
+mkdir -p $tmpdir        || die "can't mkdir $tmpdir"
+[ -x $bin ] || ./build  || die "Can't build sigtool for $arch"

 # env name for reading the password
 passenv=FOO
@ -21,9 +26,6 @@ passenv=FOO
 # this is the password for SKs
 FOO=bar

-# basename of keyfile
-tmpdir=/tmp/sigtool$$
-mkdir -p $tmpdir || die "can't mkdir $tmpdir"

 #trap "rm -rf $tmpdir" EXIT

@ -41,11 +43,35 @@ decout=$tmpdir/$Z.dec
 # exit on any failure
 set -e

+# Now try with ssh ed25519 keys
+keygen=`which ssh-keygen`
+[ -z "$keygen" ] && die "can't find ssh-keygen"
+
+ssk1=$tmpdir/ssk1
+spk1=$ssk1.pub
+
+ssk2=$tmpdir/ssk2
+spk2=$ssk2.pub
+
+# first generate two ssh keys
+$keygen -q -C 'ssk1@foo' -t ed25519 -f $ssk1 -N "" 
+$keygen -q -C 'ssk2@foo' -t ed25519 -f $ssk2 -N "" 
+
+$bin s --no-password $ssk1 -o $sig $0 || die "can't sign with $ssk1"
+$bin v -q $spk1 $sig $0               || die "can't verify with $spk2"
+
+$bin e --no-password -o $encout $spk2 $0         || die "can't encrypt to $spk2 with $ssk1"
+$bin d --no-password -o $decout $ssk2 $encout    || die "can't decrypt with $ssk2"
+
+# cleanup state
+rm -f $sig $encout $decout
+
+
 # generate keys
 $bin g -E FOO $bn            || die "can't gen keypair $pk, $sk"
 $bin g -E FOO $bn            && die "overwrote prev keypair"
 $bin g -E FOO --overwrite $bn    || die "can't force gen keypair $pk, $sk"
-$bin g -E FOO $bn2           || die "can't force gen keypair $pk2, $sk2"
+$bin g -E FOO $bn2               || die "can't force gen keypair $pk2, $sk2"

 # sign and verify
 $bin s -E FOO $sk $0 -o $sig || die "can't sign $0"
@ -62,6 +88,8 @@ $bin e -E FOO --overwrite -o $encout -s $sk $pk2 $0      || die "can't sender-en
 $bin d -E FOO --overwrite -o $decout -v $pk $sk2 $encout || die "can't decrypt with $sk2"
 cmp -s $decout $0                            || die "decrypted file mismatch with $0"

-
+# Only delete if everything worked
+echo "$Z: All tests pass!"
+rm -rf $tmpdir

 # vim: tw=100 sw=4 ts=4 expandtab