summaryrefslogtreecommitdiffstats
path: root/test/units/TEST-70-TPM2.creds.sh
diff options
context:
space:
mode:
Diffstat (limited to 'test/units/TEST-70-TPM2.creds.sh')
-rwxr-xr-xtest/units/TEST-70-TPM2.creds.sh16
1 files changed, 16 insertions, 0 deletions
diff --git a/test/units/TEST-70-TPM2.creds.sh b/test/units/TEST-70-TPM2.creds.sh
new file mode 100755
index 0000000..e66bfd1
--- /dev/null
+++ b/test/units/TEST-70-TPM2.creds.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+set -eux
+set -o pipefail
+
+export SYSTEMD_LOG_LEVEL=debug
+
+# Ensure that sandboxing doesn't stop creds from being accessible
+echo "test" > /tmp/testdata
+systemd-creds encrypt /tmp/testdata /tmp/testdata.encrypted --with-key=tpm2
+# LoadCredentialEncrypted
+systemd-run -p PrivateDevices=yes -p LoadCredentialEncrypted=testdata.encrypted:/tmp/testdata.encrypted --pipe --wait systemd-creds cat testdata.encrypted | cmp - /tmp/testdata
+# SetCredentialEncrypted
+systemd-run -p PrivateDevices=yes -p SetCredentialEncrypted=testdata.encrypted:"$(cat /tmp/testdata.encrypted)" --pipe --wait systemd-creds cat testdata.encrypted | cmp - /tmp/testdata
+
+rm -f /tmp/testdata