list-sss-tang-luks1 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. #!/bin/bash -ex
  2. # vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
  3. #
  4. # Copyright (c) 2019 Red Hat, Inc.
  5. # Author: Sergio Correia <scorreia@redhat.com>
  6. #
  7. # This program is free software: you can redistribute it and/or modify
  8. # it under the terms of the GNU General Public License as published by
  9. # the Free Software Foundation, either version 3 of the License, or
  10. # (at your option) any later version.
  11. #
  12. # This program is distributed in the hope that it will be useful,
  13. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. # GNU General Public License for more details.
  16. #
  17. # You should have received a copy of the GNU General Public License
  18. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. #
  20. TEST=$(basename "${0}")
  21. . tests-common-functions
  22. on_exit() {
  23. [ -d "${TMP}" ] && rm -rf "${TMP}"
  24. }
  25. trap 'on_exit' EXIT
  26. trap 'exit' ERR
  27. TMP="$(mktemp -d)"
  28. ADV="${TMP}/adv.jws"
  29. create_tang_adv "${ADV}"
  30. PIN="sss"
  31. CFG=$(printf '
  32. {
  33. "t": 2,
  34. "pins": {
  35. "tang": [
  36. {"url":"ADDR1","adv":"%s"},
  37. {"url":"ADDR2","adv":"%s"},
  38. {"url":"ADDR3","adv":"%s"},
  39. {"url":"ADDR4","adv":"%s"},
  40. {"url":"ADDR5","adv":"%s"}
  41. ]
  42. }
  43. }
  44. ' "${ADV}" "${ADV}" "${ADV}" "${ADV}" "${ADV}")
  45. # LUKS1.
  46. DEV="${TMP}/luks1-device"
  47. UUID="cb6e8904-81ff-40da-a84a-07ab9ab5715e"
  48. new_device "luks1" "${DEV}"
  49. if ! clevis luks bind -f -d "${DEV}" ${PIN} "${CFG}" <<< "${DEFAULT_PASS}"; then
  50. error "${TEST}: Binding is expected to succeed when given a correct (${DEFAULT_PASS}) password."
  51. fi
  52. SLT=1
  53. if ! read -r slot pin cfg < <(clevis luks list -d "${DEV}" -s "${SLT}"); then
  54. error "${TEST}: clevis luks list is expected to succeed for device(${DEV}) and slot (${SLT})"
  55. fi
  56. if [[ "${slot}" != "${SLT}:" ]]; then
  57. error "${TEST}: slot (${slot}) is expected to be ${SLT}"
  58. fi
  59. if [[ "${pin}" != "${PIN}" ]]; then
  60. error "${TEST}: pin (${pin}) is expected to be '${PIN}'"
  61. fi
  62. to_remove_from_cfg=$(printf ',"adv": "%s"' "${ADV}")
  63. cfg_for_cmp=${cfg//"${to_remove_from_cfg}"/}
  64. if ! pin_cfg_equal "${cfg}" "${cfg_for_cmp}"; then
  65. error "${TEST}: config obtained from clevis luks list (${cfg}) is expected to match the one used to bind the test (${cfg_for_cmp})"
  66. fi