Skip to content

Commit

Permalink
test all key types
Browse files Browse the repository at this point in the history
  • Loading branch information
petar committed Jul 14, 2020
1 parent a116c95 commit 2bc1ff0
Show file tree
Hide file tree
Showing 2 changed files with 64 additions and 46 deletions.
4 changes: 2 additions & 2 deletions cmd/ipfs/rotate.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ import (
)

const (
algorithmDefault = options.Ed25519Key
algorithmDefault = options.RSAKey
algorithmOptionName = "algorithm"
oldKeyOptionName = "oldkey"
)
Expand All @@ -36,7 +36,7 @@ environment variable:
Options: []cmds.Option{
cmds.StringOption(oldKeyOptionName, "o", "Keystore name for the old/rotated-out key."),
cmds.StringOption(algorithmOptionName, "a", "Cryptographic algorithm to use for key generation.").WithDefault(algorithmDefault),
cmds.IntOption(bitsOptionName, "b", "Number of bits to use in the generated RSA private key.").WithDefault(nBitsForKeypairDefault),
cmds.IntOption(bitsOptionName, "b", "Number of bits to use in the generated RSA private key."),
},
PreRun: func(req *cmds.Request, env cmds.Environment) error {
cctx := env.(*oldcmds.Context)
Expand Down
106 changes: 62 additions & 44 deletions test/sharness/t0027-rotate.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,47 +4,65 @@ test_description="Test rotate command"

. lib/test-lib.sh

test_init_ipfs

test_expect_success "Save first ID and key" '
ipfs id -f="<id>" > first_id &&
ipfs id -f="<pubkey>" > first_key
'

test_launch_ipfs_daemon

test_kill_ipfs_daemon

test_expect_success "rotating keys" '
ipfs rotate --oldkey=oldkey
'

test_expect_success "Compare second ID and key to first" '
ipfs id -f="<id>" > second_id &&
ipfs id -f="<pubkey>" > second_key &&
! test_cmp first_id second_id &&
! test_cmp first_key second_key
'

test_expect_success "checking ID" '
ipfs config Identity.PeerID > expected-id &&
ipfs id -f "<id>\n" > actual-id &&
ipfs key list -l | grep self | cut -d " " -f1 > keystore-id &&
ipfs key list -l | grep oldkey | cut -d " " -f1 | tr -d "\n" > old-keystore-id &&
test_cmp expected-id actual-id &&
test_cmp expected-id keystore-id &&
test_cmp old-keystore-id first_id
'

test_launch_ipfs_daemon

test_expect_success "publish name with new and old keys" '
echo "hello world" > msg &&
ipfs add msg | cut -d " " -f2 | tr -d "\n" > msg_hash &&
ipfs name publish --offline --allow-offline --key=self $(cat msg_hash) &&
ipfs name publish --offline --allow-offline --key=oldkey $(cat msg_hash)
'

test_kill_ipfs_daemon

test_done
# $1 must be one of 'rsa', 'ed25519' or '' (for default key algorithm).
test_rotate() {
TEST_ALG=$1

test_init_ipfs

test_expect_success "Save first ID and key" '
ipfs id -f="<id>" > first_id &&
ipfs id -f="<pubkey>" > first_key
'

test_launch_ipfs_daemon

test_kill_ipfs_daemon

test_expect_success "rotating keys" '
case $TEST_ALG in
rsa)
ipfs rotate -a=rsa -b=2048 --oldkey=oldkey
;;
ed25519)
ipfs rotate -a=ed25519 --oldkey=oldkey
;;
*)
ipfs rotate --oldkey=oldkey
;;
esac
'

test_expect_success "Compare second ID and key to first" '
ipfs id -f="<id>" > second_id &&
ipfs id -f="<pubkey>" > second_key &&
! test_cmp first_id second_id &&
! test_cmp first_key second_key
'

test_expect_success "checking ID" '
ipfs config Identity.PeerID > expected-id &&
ipfs id -f "<id>\n" > actual-id &&
ipfs key list -l | grep self | cut -d " " -f1 > keystore-id &&
ipfs key list -l | grep oldkey | cut -d " " -f1 | tr -d "\n" > old-keystore-id &&
test_cmp expected-id actual-id &&
test_cmp expected-id keystore-id &&
test_cmp old-keystore-id first_id
'

test_launch_ipfs_daemon

test_expect_success "publish name with new and old keys" '
echo "hello world" > msg &&
ipfs add msg | cut -d " " -f2 | tr -d "\n" > msg_hash &&
ipfs name publish --offline --allow-offline --key=self $(cat msg_hash) &&
ipfs name publish --offline --allow-offline --key=oldkey $(cat msg_hash)
'

test_kill_ipfs_daemon

test_done
}
test_rotate 'rsa'
test_rotate 'ed25519'
test_rotate ''

0 comments on commit 2bc1ff0

Please sign in to comment.