1# $OpenBSD: agent-pkcs11.sh,v 1.13 2023/10/30 23:00:25 djm Exp $ 2# Placed in the Public Domain. 3 4tid="pkcs11 agent test" 5 6p11_setup || skip "No PKCS#11 library found" 7 8trace "start agent" 9eval `${SSHAGENT} ${EXTRA_AGENT_ARGS} -s` > /dev/null 10r=$? 11if [ $r -ne 0 ]; then 12 fail "could not start ssh-agent: exit code $r" 13else 14 trace "add pkcs11 key to agent" 15 p11_ssh_add -s ${TEST_SSH_PKCS11} > /dev/null 2>&1 16 r=$? 17 if [ $r -ne 0 ]; then 18 fail "ssh-add -s failed: exit code $r" 19 fi 20 21 trace "pkcs11 list via agent" 22 ${SSHADD} -l > /dev/null 2>&1 23 r=$? 24 if [ $r -ne 0 ]; then 25 fail "ssh-add -l failed: exit code $r" 26 fi 27 28 for k in $RSA $EC; do 29 trace "testing $k" 30 pub=$(cat $k.pub) 31 ${SSHADD} -L | grep -q "$pub" || \ 32 fail "key $k missing in ssh-add -L" 33 ${SSHADD} -T $k.pub || fail "ssh-add -T with $k failed" 34 35 # add to authorized keys 36 cat $k.pub > $OBJ/authorized_keys_$USER 37 trace "pkcs11 connect via agent ($k)" 38 ${SSH} -F $OBJ/ssh_proxy somehost exit 5 39 r=$? 40 if [ $r -ne 5 ]; then 41 fail "ssh connect failed (exit code $r)" 42 fi 43 done 44 45 trace "remove pkcs11 keys" 46 p11_ssh_add -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 47 r=$? 48 if [ $r -ne 0 ]; then 49 fail "ssh-add -e failed: exit code $r" 50 fi 51 52 trace "kill agent" 53 ${SSHAGENT} -k > /dev/null 54fi 55