#! /usr/bin/env bash # simple round-trip tests to verify the tool arch=`./build --print-arch` bin=./bin/$arch/sigtool Z=`basename $0` die() { echo "$Z: $@" 1>&2 exit 1 } [ -x $bin ] || ./build || die "Can't build sigtool for $arch" # env name for reading the password passenv=FOO # this is the password for SKs FOO=bar # basename of keyfile tmpdir=/tmp/sigtool$$ mkdir -p $tmpdir || die "can't mkdir $tmpdir" #trap "rm -rf $tmpdir" EXIT bn=$tmpdir/foo pk=$bn.pub sk=$bn.key sig=$tmpdir/$Z.sig bn2=$tmpdir/bar pk2=$bn2.pub sk2=$bn2.key encout=$tmpdir/$Z.enc decout=$tmpdir/$Z.dec # exit on any failure set -e # generate keys $bin g -E FOO $bn || die "can't gen keypair $pk, $sk" $bin g -E FOO $bn && die "overwrote prev keypair" $bin g -E FOO --overwrite $bn || die "can't force gen keypair $pk, $sk" $bin g -E FOO $bn2 || die "can't force gen keypair $pk2, $sk2" # sign and verify $bin s -E FOO $sk $0 -o $sig || die "can't sign $0" $bin v -q $pk $sig $0 || die "can't verify signature of $0" $bin v -q $pk2 $sig $0 && die "bad verification with wrong $pk2" # encrypt/decrypt $bin e -E FOO -o $encout $pk2 $0 || die "can't encrypt to $pk2" $bin d -E FOO -o $decout $sk2 $encout || die "can't decrypt with $sk2" cmp -s $decout $0 || die "decrypted file mismatch with $0" # now with sender verification $bin e -E FOO --overwrite -o $encout -s $sk $pk2 $0 || die "can't sender-encrypt to $pk2" $bin d -E FOO --overwrite -o $decout -v $pk $sk2 $encout || die "can't decrypt with $sk2" cmp -s $decout $0 || die "decrypted file mismatch with $0" # vim: tw=100 sw=4 ts=4 expandtab