blob: 56cae70f7c6ca6571cef360c271391c63ea5b3b8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#!/bin/bash
set -eu
trap cleanup EXIT
priv=keys/ssh
pub=keys/ssh.pub
domain_hint=_sigsum_v0.ssh.test.sigsum.org
msg=msg-$(date +%s)
num_msg=3
function cleanup() {
set +e
rm -f sigsum
for i in $(seq 1 $num_msg); do
rm -f $msg-$i{,.trunnel,.sig}
done
exit
}
go build ../
files=""
for i in $(seq 1 $num_msg); do
echo $msg-$i > $msg-$i
if ! openssl dgst -binary $msg-$i | ssh-keygen \
-Y sign \
-O hashalg=sha256 \
-f $priv \
-n $(./sigsum namespace) > $msg-$i.sig ; then
echo "[FAIL] sign for $num_msg ssh message(s)" >&2
exit 1
fi
files=$(echo -n $files $msg-$i)
done
echo "[PASS] sign for $num_msg ssh message(s)" >&2
if ! ./sigsum bundle -t ssh -k $pub -d $domain_hint $files; then
echo "[FAIL] bundle for $num_msg ssh message(s)" >&2
exit 1
fi
echo "[PASS] bundle for $num_msg ssh message(s)" >&2
if ! ./sigsum verify -t ssh -k $pub $files; then
echo "[FAIL] verify for $num_msg ssh message(s)" >&2
exit 1
fi
echo "[PASS] verify for $num_msg ssh message(s)" >&2
|