diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2021-08-11 08:55:05 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2021-08-11 08:55:05 +0000 |
| commit | dc1ed6500e5815e38bc87809f020f3bda1254adf (patch) | |
| tree | 152740baed7e5eae20678db36fadf23c268b4a2b /regress | |
| parent | ac88912829f59240f685130dbbad8f11c35f7777 (diff) | |
test -Oprint-pubkey
Diffstat (limited to 'regress')
| -rw-r--r-- | regress/usr.bin/ssh/sshsig.sh | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/regress/usr.bin/ssh/sshsig.sh b/regress/usr.bin/ssh/sshsig.sh index 296013617e3..fc300a8dc3e 100644 --- a/regress/usr.bin/ssh/sshsig.sh +++ b/regress/usr.bin/ssh/sshsig.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sshsig.sh,v 1.6 2021/07/23 03:54:55 djm Exp $ +# $OpenBSD: sshsig.sh,v 1.7 2021/08/11 08:55:04 djm Exp $ # Placed in the Public Domain. tid="sshsig" @@ -64,6 +64,17 @@ for t in $SIGNKEYS; do < $DATA >/dev/null 2>&1 || \ fail "failed signature for $t key w/ limited namespace" + (printf "$sig_principal namespaces=\"$sig_namespace,whatever\" "; + cat $pubkey) > $OBJ/allowed_signers + ${SSHKEYGEN} -q -Y verify -s $sigfile -n $sig_namespace \ + -I $sig_principal -f $OBJ/allowed_signers \ + -O print-pubkey \ + < $DATA | cut -d' ' -f1-2 > ${OBJ}/${keybase}-fromsig.pub || \ + fail "failed signature for $t key w/ print-pubkey" + cut -d' ' -f1-2 ${OBJ}/${keybase}.pub > ${OBJ}/${keybase}-strip.pub + diff -r ${OBJ}/${keybase}-strip.pub ${OBJ}/${keybase}-fromsig.pub || \ + fail "print-pubkey differs from signature key" + # Invalid option (printf "$sig_principal octopus " ; cat $pubkey) > $OBJ/allowed_signers ${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \ |