diff options
author | djm@openbsd.org <djm@openbsd.org> | 2021-08-11 08:55:04 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2021-08-11 18:56:35 +1000 |
commit | 2a2cd00783e1da45ee730b7f453408af1358ef5b (patch) | |
tree | 4060e983d82cc038b342cc167904d594b42af35e | |
parent | b9f4635ea5bc33ed5ebbacf332d79bae463b0f54 (diff) | |
download | openssh-git-2a2cd00783e1da45ee730b7f453408af1358ef5b.tar.gz |
upstream: test -Oprint-pubkey
OpenBSD-Regress-ID: 3d51afb6d1f287975fb6fddd7a2c00a3bc5094e0
-rw-r--r-- | regress/sshsig.sh | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/regress/sshsig.sh b/regress/sshsig.sh index 29601361..fc300a8d 100644 --- a/regress/sshsig.sh +++ b/regress/sshsig.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sshsig.sh,v 1.6 2021/07/23 03:54:55 djm Exp $ +# $OpenBSD: sshsig.sh,v 1.7 2021/08/11 08:55:04 djm Exp $ # Placed in the Public Domain. tid="sshsig" @@ -64,6 +64,17 @@ for t in $SIGNKEYS; do < $DATA >/dev/null 2>&1 || \ fail "failed signature for $t key w/ limited namespace" + (printf "$sig_principal namespaces=\"$sig_namespace,whatever\" "; + cat $pubkey) > $OBJ/allowed_signers + ${SSHKEYGEN} -q -Y verify -s $sigfile -n $sig_namespace \ + -I $sig_principal -f $OBJ/allowed_signers \ + -O print-pubkey \ + < $DATA | cut -d' ' -f1-2 > ${OBJ}/${keybase}-fromsig.pub || \ + fail "failed signature for $t key w/ print-pubkey" + cut -d' ' -f1-2 ${OBJ}/${keybase}.pub > ${OBJ}/${keybase}-strip.pub + diff -r ${OBJ}/${keybase}-strip.pub ${OBJ}/${keybase}-fromsig.pub || \ + fail "print-pubkey differs from signature key" + # Invalid option (printf "$sig_principal octopus " ; cat $pubkey) > $OBJ/allowed_signers ${SSHKEYGEN} -vvv -Y verify -s $sigfile -n $sig_namespace \ |