FilesExpand file tree

 main

/

keyscript.sh

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

executable file

·

127 lines (100 loc) · 2.45 KB

 main

/

keyscript.sh

Top

File metadata and controls

• Code
• Blame

executable file

·

127 lines (100 loc) · 2.45 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

#!/bin/sh

correctCsum="$(sha256sum tests/fixtures/unencrypted_keyfile | cut -d " " -f1)"

passphrase="somepassphrase"

url="https://raw.githubusercontent.com/stupidpupil/https-keyscript/master/tests/fixtures/encrypted_keyfile?$(date +%s)"

export CRYPTTAB_KEY="$passphrase:$url"

export CRYPTTAB_NAME="TestDevice"

export CRYPTTAB_TRIED=0

export HTTPSKEYSCRIPT_TESTING=1

# Run the test against the src version of the keyscript if its available

# or else against the installed version (which is useful for the initramfs test)

keyscriptPath="src/lib/cryptsetup/scripts/fetch_or_ask"

if [ ! -f "$keyscriptPath" ]; then

keyscriptPath="/lib/cryptsetup/scripts/fetch_or_ask"

fi

cExitCode=0

runTest ()

{

stdout="$(busybox sh "$keyscriptPath" 2> tmp/error.log)"

exitCode=$?

csum="$(echo "$stdout" | sha256sum | cut -d " " -f1)"

if [ "$exitCode" -ne 0 ];then

return "$exitCode"

fi

}

echoKeyscriptOutput ()

{

echo ""

echo "Output:"

echo "$stdout"

echo "Error:"

cat tmp/error.log

echo ""

}

# Assertions

assertChecksumIsCorrect ()

{

printf " checksum should be correct "

if [ "$csum" != "$correctCsum" ]; then

echo "❌"

echo "$stdout"

cExitCode=$((cExitCode+1))

echoKeyscriptOutput

return 1

fi

echo "✓"

}

assertExitedWithoutError ()

{

printf " should exit without error "

if [ "$exitCode" -ne 0 ];then

echo "❌"

cExitCode=$((cExitCode+1))

echoKeyscriptOutput

return 1

fi

echo "✓"

}

assertExitedWithAskpass ()

{

printf " should fallback to askpass "

if [ "$exitCode" -ne 42 ] || [ ! -z "$stdout" ];then

echo "❌"

cExitCode=$((cExitCode+1))

echoKeyscriptOutput

return 1

fi

echo "✓"

}

# Testcases

echo "When run with a valid passphrase and URL"

runTest

assertExitedWithoutError

assertChecksumIsCorrect

echo ""

echo "When run *again* a valid passphrase and URL"

runTest

assertExitedWithoutError

assertChecksumIsCorrect

echo ""

echo "When run with a faulty passphrase"

export CRYPTTAB_KEY="$passphrase/a:$url"

runTest

assertExitedWithAskpass

echo ""

echo "When run with a faulty URL"

export CRYPTTAB_KEY="$passphrase:https://not.a.real.address.example"

runTest

assertExitedWithAskpass

echo ""

echo "When run with an unparseable 'key file' field"

export CRYPTTAB_KEY="not an acceptable key file"

runTest

assertExitedWithAskpass

echo ""

echo "When run with CRYPTTAB_TRIED=1"

export CRYPTTAB_KEY="$passphrase:$url"

export CRYPTTAB_TRIED=1

runTest

assertExitedWithAskpass

exit "$cExitCode"