diff options
Diffstat (limited to 'keyutils-1.5.6/tests/keyctl/reading/valid/runtest.sh')
-rw-r--r-- | keyutils-1.5.6/tests/keyctl/reading/valid/runtest.sh | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/keyutils-1.5.6/tests/keyctl/reading/valid/runtest.sh b/keyutils-1.5.6/tests/keyctl/reading/valid/runtest.sh new file mode 100644 index 0000000..462d7ec --- /dev/null +++ b/keyutils-1.5.6/tests/keyctl/reading/valid/runtest.sh @@ -0,0 +1,96 @@ +#!/bin/sh + +. ../../../prepare.inc.sh +. ../../../toolbox.inc.sh + + +# ---- do the actual testing ---- + +result=PASS +echo "++++ BEGINNING TEST" >$OUTPUTFILE + +# create a keyring and attach it to the session keyring +marker "ADD KEYRING" +create_keyring wibble @s +expect_keyid keyringid + +# stick a key in the keyring +marker "ADD KEY" +create_key user lizard gizzard $keyringid +expect_keyid keyid + +# check that the key is in the keyring +marker "LIST KEYRING" +list_keyring $keyringid +expect_keyring_rlist rlist $keyid + +# read the contents of the key +marker "PRINT KEY" +print_key $keyid +expect_payload payload "gizzard" + +# pipe the contents of the key and add a LF as the key doesn't have one +marker "PIPE KEY" +pipe_key $keyid +echo >>$OUTPUTFILE +expect_payload payload "gizzard" + +# read the key as hex +marker "READ KEY" +read_key $keyid +expect_payload payload "67697a7a 617264" + +# read the contents of the keyring as hex and match it to the key ID +marker "READ KEYRING" +read_key $keyringid +tmp=`printf %08x $keyid` +if [ "$endian" = "LE" ] +then + tmp=`echo $tmp | sed 's/\(..\)\(..\)\(..\)\(..\)/\4\3\2\1/'` +fi +expect_payload payload $tmp + +# remove read permission from the key and try reading it again +# - we should still have read permission because it's searchable in our +# keyrings +marker "REMOVE READ PERM" +set_key_perm $keyid 0x3d0000 +print_key $keyid +expect_payload payload "gizzard" + +# remove search permission from the key as well +# - we should still have read permission because it's searchable in our +# keyrings +marker "REMOVE SEARCH PERM" +set_key_perm $keyid 0x350000 +print_key --fail $keyid +expect_error EACCES + +# check that we can read it if we have to rely on possessor perms +# - we should still have read permission because it's searchable in our +# keyrings +marker "CHECK POSSESSOR READ" +set_key_perm $keyid 0x3d000000 +print_key $keyid +expect_payload payload "gizzard" + +# put read permission back again +marker "REINSTATE READ PERM" +set_key_perm $keyid 0x370000 +print_key $keyid +expect_payload payload "gizzard" + +# revoke the key +marker "REVOKE KEY" +revoke_key $keyid +print_key --fail $keyid +expect_error EKEYREVOKED + +# remove the keyring we added +marker "UNLINK KEYRING" +unlink_key $keyringid @s + +echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE + +# --- then report the results in the database --- +toolbox_report_result $TEST $result |