2020-02-14 11:50:13 +01:00
|
|
|
#!/bin/bash
|
|
|
|
cargo build || (echo "Failed to build"; exit 1)
|
2020-07-22 16:46:54 +02:00
|
|
|
(
|
|
|
|
cd ../clevis-pin-tpm2-signtool
|
|
|
|
go build
|
|
|
|
)
|
|
|
|
(
|
|
|
|
cd tests
|
|
|
|
rm -f policy_broken.json policy_working.json privatekey.pem publickey.json
|
|
|
|
../../clevis-pin-tpm2-signtool/clevis-pin-tpm2-signtool <policy_working.yaml >policy_working.json
|
|
|
|
../../clevis-pin-tpm2-signtool/clevis-pin-tpm2-signtool <policy_broken.yaml >policy_broken.json
|
|
|
|
)
|
|
|
|
echo "Working: with Policy" | ./target/debug/clevis-pin-tpm2 encrypt '{"policy_pubkey_path":"./tests/publickey.json", "policy_ref": "", "policy_path": "./tests/policy_working.json"}' | ./target/debug/clevis-pin-tpm2 decrypt
|
2020-02-14 11:50:13 +01:00
|
|
|
# Negative test (non-valid policy)
|
2020-07-22 16:46:54 +02:00
|
|
|
token=$(echo Failed | ./target/debug/clevis-pin-tpm2 encrypt '{"policy_pubkey_path":"./tests/publickey.json", "policy_ref": "", "policy_path": "./tests/policy_broken.json"}')
|
2020-07-22 16:30:36 +02:00
|
|
|
res=$(echo "$token" | ./target/debug/clevis-pin-tpm2 decrypt 2>&1)
|
2020-02-14 11:50:13 +01:00
|
|
|
ret=$?
|
|
|
|
if [ $ret == 0 -a "$res" == "Failed" ]
|
|
|
|
then
|
|
|
|
echo "Managed to decrypt with invalid policy"
|
|
|
|
exit 1
|
2020-07-22 16:30:36 +02:00
|
|
|
elif [ $ret == 0 ];
|
2020-02-14 11:50:13 +01:00
|
|
|
then
|
2020-07-22 16:30:36 +02:00
|
|
|
echo "Success returned but not decrypted"
|
2020-02-14 11:50:13 +01:00
|
|
|
exit 1
|
2020-07-22 16:30:36 +02:00
|
|
|
elif [[ $res =~ Esys_VerifySignature_Finish() ]]
|
|
|
|
then
|
2020-07-17 18:09:30 +02:00
|
|
|
echo "Working: with policy with invalid digest"
|
2020-07-22 16:30:36 +02:00
|
|
|
else
|
|
|
|
echo "Something went wrong: $res"
|
|
|
|
exit 1
|
2020-02-14 11:50:13 +01:00
|
|
|
fi
|