+++ /dev/null
-#! /bin/csh -f
-#
-# Run OpenSSH import/export tests.
-#
-# Run this from SecurityTests/clxutils/importExport. This
-# uses the importExportOpensshTool subtool to do most of its work.
-#
-
-echo === Begin OpenSSH test ===
-
-source setupCommon
-
-set SSHSUBTOOL=./importExportOpensshTool
-
-#
-# this is the wrap/unwrap password; it has to match the password in
-# the importExportOpensshTool tool
-#
-set PASSWORD=password
-
-# file names generated by ssh-keygen
-set SSH_KEY_NAME=sshkeygenKey
-set PRIV_KEY=${LOCAL_BUILD_DIR}/$SSH_KEY_NAME
-set PUB_KEY=${LOCAL_BUILD_DIR}/${SSH_KEY_NAME}.pub
-
-set SSH_KEYGEN=/usr/bin/ssh-keygen
-
-# determine whether to attempt ssh1 key generation and import
-# %%%FIXME this is currently disabled since OpenSSH 5.4 does not support it by default
-set TESTSSH1=NO
-
-# determine whether to attempt ssh2 key generation and import
-# %%%FIXME this is currently disabled due to <rdar://problem/8063663>
-set TESTSSH2=NO
-
-# user specified variables
-set QUIET=NO
-set KEYSIZE=1024
-set NOACL=NO
-set SECURE_PHRASE=NO
-set NOCLEAN=NO
-
-while ( $#argv > 0 )
- switch ( "$argv[1]" )
- case q:
- set QUIET=YES
- shift
- breaksw
- case n:
- set NOACL=YES
- shift
- breaksw
- case s:
- set SECURE_PHRASE=YES
- shift
- breaksw
- case N:
- set NOCLEAN=YES
- shift
- breaksw
- default:
- echo Usage: importExportOpenssh \[q\(uiet\)\] \[n\(oACL\)\] \[s\(ecurePassphrase\)\] \[N\(oClean\)\]
- exit(1)
- endsw
-end
-
-# delete existing keys - ssh-keygen is cautious about overwriting
-set cmd="rm -f $PRIV_KEY $PUB_KEY"
-if ($QUIET == NO) then
- echo $cmd
-endif
-$cmd || exit(1)
-
-if ($TESTSSH1 != NO) then
- #
- # RSA, SSH1, wrapped private key
- #
- set cmd="$SSH_KEYGEN -b $KEYSIZE -C someOldComment -N $PASSWORD -f $PRIV_KEY -t rsa1 -q"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
- set cmd="$SSHSUBTOOL $PRIV_KEY ssh1Wrap $PUB_KEY ssh1 rsa $QUIET $NOACL $SECURE_PHRASE $NOCLEAN"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- # delete existing keys
- set cmd="rm -f $PRIV_KEY $PUB_KEY"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- #
- # RSA, SSH1, cleartext private key
- #
- set cmd="$SSH_KEYGEN -b $KEYSIZE -C someOldComment -f $PRIV_KEY -t rsa1 -q -N"
- if ($QUIET == NO) then
- echo $cmd
- endif
- # note the shell hack we're using to insert an empty argument for the null password
- $cmd "" || exit(1)
- set cmd="$SSHSUBTOOL $PRIV_KEY ssh1 $PUB_KEY ssh1 rsa $QUIET $NOACL $SECURE_PHRASE $NOCLEAN"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- # delete existing keys
- set cmd="rm -f $PRIV_KEY $PUB_KEY"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
-else
- echo "WARNING: OpenSSH ssh1 key import tests are DISABLED (<rdar://8063663>)"
-endif
-
-if ($TESTSSH2 != NO) then
- #
- # RSA, SSH2, wrapped private key
- #
- set cmd="$SSH_KEYGEN -b $KEYSIZE -C someOldComment -N $PASSWORD -f $PRIV_KEY -t rsa -q"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
- set cmd="$SSHSUBTOOL $PRIV_KEY ssh2Wrap $PUB_KEY ssh2 rsa $QUIET $NOACL $SECURE_PHRASE $NOCLEAN"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- # delete existing keys
- set cmd="rm -f $PRIV_KEY $PUB_KEY"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- #
- # RSA, SSH2, cleartext private key
- #
- set cmd="$SSH_KEYGEN -b $KEYSIZE -C someOldComment -f $PRIV_KEY -t rsa -q -N"
- if ($QUIET == NO) then
- echo $cmd
- endif
- # note the shell hack we're using to insert an empty argument for the null password
- $cmd "" || exit(1)
- set cmd="$SSHSUBTOOL $PRIV_KEY ssh2 $PUB_KEY ssh2 rsa $QUIET $NOACL $SECURE_PHRASE $NOCLEAN"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- # delete existing keys
- set cmd="rm -f $PRIV_KEY $PUB_KEY"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- #
- # DSA, SSH2, wrapped private key
- #
- set cmd="$SSH_KEYGEN -b $KEYSIZE -C someOldComment -N $PASSWORD -f $PRIV_KEY -t dsa -q"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
- set cmd="$SSHSUBTOOL $PRIV_KEY ssh2Wrap $PUB_KEY ssh2 dsa $QUIET $NOACL $SECURE_PHRASE $NOCLEAN"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- # delete existing keys
- set cmd="rm -f $PRIV_KEY $PUB_KEY"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
- #
- # DSA, SSH2, cleartext private key
- #
- set cmd="$SSH_KEYGEN -b $KEYSIZE -C someOldComment -f $PRIV_KEY -t dsa -q -N"
- if ($QUIET == NO) then
- echo $cmd
- endif
- # note the shell hack we're using to insert an empty argument for the null password
- $cmd "" || exit(1)
- set cmd="$SSHSUBTOOL $PRIV_KEY ssh2 $PUB_KEY ssh2 dsa $QUIET $NOACL $SECURE_PHRASE $NOCLEAN"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-
-else
- echo "WARNING: OpenSSH ssh2 key import tests are DISABLED (<rdar://8063663>)"
-endif
-
-#
-# cleanup
-#
-if($NOCLEAN == NO) then
- set cmd="rm -f $PRIV_KEY $PUB_KEY"
- if ($QUIET == NO) then
- echo $cmd
- endif
- $cmd || exit(1)
-endif
-
-if ($QUIET == NO) then
- echo === OpenSSH test complete ===
-endif
projects / apple / security.git / blobdiff