diff options
author | Linus Nordberg <linus@nordberg.se> | 2022-03-28 15:45:33 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordberg.se> | 2022-03-28 15:45:33 +0200 |
commit | 0a11cb0cb7953facd6393e0f5189164f112ade1c (patch) | |
tree | 3feef3420147ce645f826a1a2a0115b174e9844f /cmd/sigsum/test/ssh.sh | |
parent | 468b097a63c52fbf851c4cc99d8b716a13c19aa9 (diff) |
sign using SSHSIG; add test using ssh-keygen -Y sign
Diffstat (limited to 'cmd/sigsum/test/ssh.sh')
-rwxr-xr-x | cmd/sigsum/test/ssh.sh | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/cmd/sigsum/test/ssh.sh b/cmd/sigsum/test/ssh.sh new file mode 100755 index 0000000..56cae70 --- /dev/null +++ b/cmd/sigsum/test/ssh.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +set -eu +trap cleanup EXIT + +priv=keys/ssh +pub=keys/ssh.pub +domain_hint=_sigsum_v0.ssh.test.sigsum.org +msg=msg-$(date +%s) +num_msg=3 + +function cleanup() { + set +e + + rm -f sigsum + for i in $(seq 1 $num_msg); do + rm -f $msg-$i{,.trunnel,.sig} + done + + exit +} + +go build ../ + +files="" +for i in $(seq 1 $num_msg); do + echo $msg-$i > $msg-$i + if ! openssl dgst -binary $msg-$i | ssh-keygen \ + -Y sign \ + -O hashalg=sha256 \ + -f $priv \ + -n $(./sigsum namespace) > $msg-$i.sig ; then + echo "[FAIL] sign for $num_msg ssh message(s)" >&2 + exit 1 + fi + files=$(echo -n $files $msg-$i) +done + +echo "[PASS] sign for $num_msg ssh message(s)" >&2 + +if ! ./sigsum bundle -t ssh -k $pub -d $domain_hint $files; then + echo "[FAIL] bundle for $num_msg ssh message(s)" >&2 + exit 1 +fi + +echo "[PASS] bundle for $num_msg ssh message(s)" >&2 + +if ! ./sigsum verify -t ssh -k $pub $files; then + echo "[FAIL] verify for $num_msg ssh message(s)" >&2 + exit 1 +fi + +echo "[PASS] verify for $num_msg ssh message(s)" >&2 |