upstream: Add test for exporting pubkey from a passphrase-protected

author dtucker@openbsd.org <dtucker@openbsd.org>

Fri, 23 Jul 2021 04:56:21 +0000 (04:56 +0000)

committer Darren Tucker <dtucker@dtucker.net>

Fri, 23 Jul 2021 05:25:34 +0000 (15:25 +1000)
author dtucker@openbsd.org <dtucker@openbsd.org>
Fri, 23 Jul 2021 04:56:21 +0000 (04:56 +0000)
committer Darren Tucker <dtucker@dtucker.net>
Fri, 23 Jul 2021 05:25:34 +0000 (15:25 +1000)
diff --git a/regress/Makefile b/regress/Makefile

index c4fc50ce953b3def099060636abd0592bd998f20..86f5f9435e18c3e69c7780c40224efd386ce90b7 100644 (file)
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#      $OpenBSD: Makefile,v 1.113 2021/07/19 02:46:34 dtucker Exp $
+#      $OpenBSD: Makefile,v 1.114 2021/07/23 04:56:21 dtucker Exp $
  
  tests:         prep file-tests t-exec unit
  
@@ -117,7 +117,7 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
                 host.ecdsa-sha2-nistp521 host.ssh-dss host.ssh-ed25519 \
                 host.ssh-rsa host_ca_key* host_krl_* host_revoked_* key.* \
                 key.dsa-* key.ecdsa-* key.ed25519-512 \
-               key.ed25519-512.pub key.rsa-* keys-command-args kh.* \
+               key.ed25519-512.pub key.rsa-* keys-command-args kh.* askpass \
                 known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \
                 modpipe netcat no_identity_config \
                 pidfile putty.rsa2 ready regress.log remote_pid \
diff --git a/regress/keygen-convert.sh b/regress/keygen-convert.sh

index fce110ea153cf127c4b3de95cada894b40c445cc..7764955800c6f51234138c378f405e2f46bea46e 100644 (file)
--- a/regress/keygen-convert.sh
+++ b/regress/keygen-convert.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: keygen-convert.sh,v 1.2 2019/07/23 07:55:29 dtucker Exp $
+#      $OpenBSD: keygen-convert.sh,v 1.3 2021/07/23 04:56:21 dtucker Exp $
  #      Placed in the Public Domain.
  
  tid="convert keys"
@@ -11,6 +11,12 @@ for i in ${SSH_KEYTYPES}; do
         esac
  done
  
+cat > $OBJ/askpass <<EOD
+#!/bin/sh
+echo hunter2
+EOD
+chmod u+x $OBJ/askpass
+
  for t in $types; do
         # generate user key for agent
         trace "generating $t key"
@@ -36,6 +42,16 @@ for t in $types; do
         cmp $OBJ/$t-key-nocomment.pub $OBJ/$t-rfc-imported || \
             fail "$t imported differs from original"
  
+       trace "set passphrase $t"
+       ${SSHKEYGEN} -q -p -P '' -N 'hunter2' -f $OBJ/$t-key >/dev/null || \
+           fail "$t set passphrase failed"
+
+       trace "export $t to public with passphrase"
+       SSH_ASKPASS=$OBJ/askpass SSH_ASKPASS_REQUIRE=force \
+           ${SSHKEYGEN} -y -f $OBJ/$t-key >$OBJ/$t-key-nocomment.pub
+       cmp $OBJ/$t-key.pub $OBJ/$t-key-nocomment.pub || \
+           fail "$t exported pubkey differs from generated"
+
         rm -f $OBJ/$t-key $OBJ/$t-key.pub $OBJ/$t-key-rfc $OBJ/$t-key-rfc.pub \
             $OBJ/$t-rfc-imported $OBJ/$t-key-nocomment.pub
  done
author	dtucker@openbsd.org <dtucker@openbsd.org>
	Fri, 23 Jul 2021 04:56:21 +0000 (04:56 +0000)
committer	Darren Tucker <dtucker@dtucker.net>
	Fri, 23 Jul 2021 05:25:34 +0000 (15:25 +1000)
regress/Makefile		patch \| blob \| blame \| history
regress/keygen-convert.sh		patch \| blob \| blame \| history