Add a PKINIT test using RSA

author Greg Hudson <ghudson@mit.edu>

Wed, 4 May 2016 15:25:32 +0000 (11:25 -0400)

committer Greg Hudson <ghudson@mit.edu>

Tue, 19 Jul 2016 23:02:05 +0000 (19:02 -0400)
author Greg Hudson <ghudson@mit.edu>
Wed, 4 May 2016 15:25:32 +0000 (11:25 -0400)
committer Greg Hudson <ghudson@mit.edu>
Tue, 19 Jul 2016 23:02:05 +0000 (19:02 -0400)
diff --git a/src/tests/t_pkinit.py b/src/tests/t_pkinit.py

index f0214b6529e45cc689eb8a76ad21080c3f55d2b2..526473b429f8f9e3065d27ee58a926b9fbd65793 100755 (executable)
--- a/src/tests/t_pkinit.py
+++ b/src/tests/t_pkinit.py
@@ -111,6 +111,12 @@ realm.kinit(realm.user_princ,
  realm.klist(realm.user_princ)
  realm.run([kvno, realm.host_princ])
  
+# Try again using RSA instead of DH.
+realm.kinit(realm.user_princ,
+            flags=['-X', 'X509_user_identity=%s' % file_identity,
+                   '-X', 'flag_RSA_PROTOCOL=yes'])
+realm.klist(realm.user_princ)
+
  # Run the basic test - PKINIT with FILE: identity, with a password on the key,
  # supplied by the prompter.
  # Expect failure if the responder does nothing, and we have no prompter.
author	Greg Hudson <ghudson@mit.edu>
	Wed, 4 May 2016 15:25:32 +0000 (11:25 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Tue, 19 Jul 2016 23:02:05 +0000 (19:02 -0400)