2020-02-14 11:50:13 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
cargo build || (echo "Failed to build"; exit 1)
|
2020-07-17 18:09:30 +02:00
|
|
|
echo "Working: with Policy" | ./target/debug/clevis-pin-tpm2 encrypt '{"policy_pubkey_path":"./tests/policy_pubkey.json", "policy_ref": "", "policy_path": "./tests/policy_working.json"}' | ./target/debug/clevis-pin-tpm2 decrypt
|
2020-02-14 11:50:13 +01:00
|
|
|
# Negative test (non-valid policy)
|
|
|
|
|
token=$(echo Failed | ./target/debug/clevis-pin-tpm2 encrypt '{"policy_pubkey_path":"./tests/policy_pubkey.json", "policy_ref": "", "policy_path": "./tests/policy_broken.json"}')
|
2020-07-22 16:30:36 +02:00
|
|
|
res=$(echo "$token" | ./target/debug/clevis-pin-tpm2 decrypt 2>&1)
|
2020-02-14 11:50:13 +01:00
|
|
|
ret=$?
|
|
|
|
|
if [ $ret == 0 -a "$res" == "Failed" ]
|
|
|
|
|
then
|
|
|
|
|
echo "Managed to decrypt with invalid policy"
|
|
|
|
|
exit 1
|
2020-07-22 16:30:36 +02:00
|
|
|
elif [ $ret == 0 ];
|
2020-02-14 11:50:13 +01:00
|
|
|
then
|
2020-07-22 16:30:36 +02:00
|
|
|
echo "Success returned but not decrypted"
|
2020-02-14 11:50:13 +01:00
|
|
|
exit 1
|
2020-07-22 16:30:36 +02:00
|
|
|
elif [[ $res =~ Esys_VerifySignature_Finish() ]]
|
|
|
|
|
then
|
2020-07-17 18:09:30 +02:00
|
|
|
echo "Working: with policy with invalid digest"
|
2020-07-22 16:30:36 +02:00
|
|
|
else
|
|
|
|
|
echo "Something went wrong: $res"
|
|
|
|
|
exit 1
|
2020-02-14 11:50:13 +01:00
|
|
|
fi
|
