-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy patht_softfido.sh.in
66 lines (56 loc) · 2 KB
/
t_softfido.sh.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#ifndef HAVE_FIDO_CUSTOM_TRANSPORT
exec cat t_softfido.exp # cheat
#endif
set -Ceu
here="${0%/*}"
case $here in "/"*);; *) here=$(pwd);; esac
: ${FIDOCRYPT:="$here"/fidocrypt}
exec 2>&1 # test warning and error messages too
tmp=
trap 'cd /; test -n "$tmp" && rm -rf -- "$tmp"' EXIT INT HUP TERM
tmp=$(mktemp -d -t "${0##*/}.XXXXXXXX")
fidocrypt ()
{
echo >&2 '#' fidocrypt -Eq "$@"
$FIDOCRYPT -EqU "$@"
}
cd -- "$tmp"
head -c 32 </dev/urandom >key1
head -c 32 </dev/urandom >key2
head -c 32 </dev/urandom >key3
export FIDOCRYPT_RPID=fidocrypt.example.com
echo '#' export FIDOCRYPT_RPID="$FIDOCRYPT_RPID"
echo kOBtmMNyp83mIAbzs+xljmiDa1CcQ9iFz/JiKaIUv5s= \
| openssl base64 -d \
| fidocrypt -S key1 enroll -N Falken -u falken -n key1 -s - crypt
fidocrypt list crypt
fidocrypt rename -n key1 crypt key42
fidocrypt rename -i 1 crypt key54
fidocrypt rename -i 1 crypt key42
fidocrypt list crypt
fidocrypt -S key1 get -F base64 crypt
fidocrypt -S key1 get -F raw crypt | openssl base64
! fidocrypt -S key2 get -F raw crypt >/dev/null
! fidocrypt -S key3 get -F raw crypt >/dev/null
fidocrypt -S key1 -S key2 enroll -N Falken -u falken -n key2 crypt
fidocrypt list crypt
fidocrypt -S key1 get -F base64 crypt
fidocrypt -S key1 get -F raw crypt | openssl base64
fidocrypt -S key2 get -F base64 crypt
fidocrypt -S key2 get -F raw crypt | openssl base64
! fidocrypt -S key3 get -F raw crypt >/dev/null
fidocrypt unenroll -n key42 crypt
fidocrypt list crypt
! fidocrypt -S key1 get -F raw crypt >/dev/null
fidocrypt -S key2 get -F base64 crypt
fidocrypt -S key2 get -F raw crypt | openssl base64
! fidocrypt -S key3 get -F raw crypt >/dev/null
echo kOBtmMNyp83mIAbzs+xljmiDa1CcQ9iFz/JiKaIUv5s= \
| openssl base64 -d \
| fidocrypt -S key1 enroll -N Falken -u falken -n key1 -s - crypt
fidocrypt list crypt
fidocrypt -S key1 get -F base64 crypt
fidocrypt -S key1 get -F raw crypt | openssl base64
fidocrypt -S key2 get -F base64 crypt
fidocrypt -S key2 get -F raw crypt | openssl base64
! fidocrypt -S key3 get -F raw crypt >/dev/null