Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/pkg
 Path: blob/main/tests/frontend/key.sh
2065 views
1
#! /usr/bin/env atf-sh

2


3
. $(atf_get_srcdir)/test_environment.sh

4


5
tests_init \

6
	key_create \

7
	key_pubout \

8
	key_sign

9


10
key_create_head() {

11
	atf_set "require.progs" "openssl"

12
}

13
key_create_body() {

14
	echo "secure msg" > msg

15


16
	atf_check -o save:repo.pub -e ignore -x pkg key --create -t rsa \

17
	    repo.key

18


19
	# Group permissions are OK, but let's strive for limited to the user.

20
	# This doesn't use stat(1) to side-step the differences between

21
	# platforms in how to request specific fields; the ls(1) mode

22
	# representation is usually consistent enough.

23
	atf_check -o match:'-{6}$' -x 'ls -l repo.key | cut -c1-10'

24
	# Should have also output the corresponding pub key.

25
	atf_check test -s repo.pub

26


27
	# Make sure it's functional.

28
	atf_check -o save:msg.sign openssl dgst -sign repo.key -sha256 \

29
	    -binary msg

30
	atf_check -o ignore openssl dgst -sha256 -verify repo.pub \

31
	    -signature msg.sign msg

32


33
	for signer in ecc ecdsa eddsa; do

34
		rm -f repo.key repo.pub

35
		atf_check -o save:repo.pub -e ignore -x pkg key --create \

36
		    -t "$signer" repo.key

37


38
		atf_check -o match:'-{6}$' -x 'ls -l repo.key | cut -c1-10'

39
		atf_check test -s repo.pub

40
	done

41
}

42


43
key_pubout_head() {

44
	atf_set "require.progs" "openssl"

45
}

46
key_pubout_body() {

47
	echo "secure msg" > msg

48


49
	atf_check -o ignore -e ignore -x pkg key --create -t rsa repo

50
	# Oops, we lost the public key.

51
	rm repo.pub

52
	atf_check test ! -f repo.pub

53
	atf_check -o save:repo.pub pkg key --public -t rsa repo

54


55
	# Make sure it's functional.

56
	atf_check -o save:msg.sign openssl dgst -sign repo -sha256 -binary msg

57
	atf_check -o ignore openssl dgst -sha256 -verify repo.pub -signature msg.sign msg

58
}

59


60
key_sign_head() {

61
	atf_set "require.progs" "openssl"

62
}

63
key_sign_body() {

64
	echo "secure msg" > msg

65


66
	for signer in rsa ecdsa; do

67
		rm -f repo.key repo.pub msg.sig

68


69
		# Generate a key with pkg

70
		atf_check -o save:repo.pub -e ignore \

71
		    pkg key --create -t "$signer" repo.key

72
		

73
		atf_check -o save:msg.sig \

74
		    pkg key --sign -t "$signer" repo.key < msg

75


76
		if [ $signer = ecdsa ]; then

77
			keyform="-keyform DER"

78
		else

79
			keyform=""

80
		fi

81


82
		atf_check -o ignore openssl dgst -sha256 $keyform -verify repo.pub \

83
		    -signature msg.sig msg

84
	done

85
}

86


87