1#!/bin/sh -ex 2mkdir -p ~/.config/Yubico 3 4create_keys() { 5 pamu2fcfg -t es256 -N > /tmp/es256 6 [ "${U2F_TOKEN}" != "" ] && return 7 pamu2fcfg -t es256 -N -r -o originA > /tmp/es256.r 8 pamu2fcfg -t rs256 -N -r -o originB > /tmp/rs256.r 9} 10 11run_tests() { 12 [ "${U2F_TOKEN}" != "" ] && return 13 14 echo "auth sufficient pam_u2f.so" > /etc/pam.d/dummy 15 cp /tmp/es256 ~/.config/Yubico/u2f_keys 16 pamtester dummy root authenticate 17 18 echo "auth sufficient pam_u2f.so origin=originA" > /etc/pam.d/dummy 19 cp /tmp/es256.r ~/.config/Yubico/u2f_keys 20 pamtester dummy root authenticate 21 22 echo "auth sufficient pam_u2f.so origin=originB" > /etc/pam.d/dummy 23 cp /tmp/rs256.r ~/.config/Yubico/u2f_keys 24 pamtester dummy root authenticate 25} 26 27run_user_presence_tests() { 28 echo "auth sufficient pam_u2f.so" > /etc/pam.d/dummy 29 cat /tmp/es256 | sed 's/-$/p/' > ~/.config/Yubico/u2f_keys 30 pamtester dummy root authenticate 31 32 [ "${U2F_TOKEN}" != "" ] && return 33 34 echo "auth sufficient pam_u2f.so origin=originA" > /etc/pam.d/dummy 35 cat /tmp/es256.r | sed 's/-$/p/' > ~/.config/Yubico/u2f_keys 36 pamtester dummy root authenticate 37 38 echo "auth sufficient pam_u2f.so origin=originB" > /etc/pam.d/dummy 39 cat /tmp/rs256.r | sed 's/-$/p/' > ~/.config/Yubico/u2f_keys 40 pamtester dummy root authenticate 41} 42 43run_user_verification_tests() { 44 [ "${U2F_TOKEN}" != "" ] && return 45 [ "${FIDO2_PIN}" = "" ] && return 46 47 echo "auth sufficient pam_u2f.so" > /etc/pam.d/dummy 48 cat /tmp/es256 | sed 's/-$/v/' > ~/.config/Yubico/u2f_keys 49 pamtester dummy root authenticate 50 51 echo "auth sufficient pam_u2f.so origin=originA" > /etc/pam.d/dummy 52 cat /tmp/es256.r | sed 's/-$/v/' > ~/.config/Yubico/u2f_keys 53 pamtester dummy root authenticate 54 55 echo "auth sufficient pam_u2f.so origin=originB" > /etc/pam.d/dummy 56 cat /tmp/rs256.r | sed 's/-$/v/' > ~/.config/Yubico/u2f_keys 57 pamtester dummy root authenticate 58} 59 60create_keys 61run_tests 62run_user_presence_tests 63run_user_verification_tests 64