From c69620ef7fc460e83ffc4a0d43998b3f383b8e0a Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 24 Jun 2021 10:28:28 +0200
Subject: [PATCH] test: extend credentials test to cover encrypted credentials

---
 test/units/testsuite-54.sh | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/test/units/testsuite-54.sh b/test/units/testsuite-54.sh
index f8ddff4a30..d8c9ffa38b 100755
--- a/test/units/testsuite-54.sh
+++ b/test/units/testsuite-54.sh
@@ -27,6 +27,30 @@ systemd-run -p LoadCredential=passwd:/etc/passwd \
             rm '${CREDENTIALS_DIRECTORY}/passwd' \
     && { echo 'unexpected success'; exit 1; }
 
+# Now test encrypted credentials (only supported when built with OpenSSL though)
+
+if systemctl --version | grep -q -- +OPENSSL ; then
+    echo -n $RANDOM >/tmp/test-54-plaintext
+    systemd-creds encrypt --name=test-54 /tmp/test-54-plaintext /tmp/test-54-ciphertext
+    systemd-creds decrypt --name=test-54 /tmp/test-54-ciphertext | cmp /tmp/test-54-plaintext
+
+    systemd-run -p LoadCredentialEncrypted=test-54:/tmp/test-54-ciphertext \
+                --wait \
+                --pipe \
+                cat '${CREDENTIALS_DIRECTORY}/test-54' | cmp /tmp/test-54-plaintext
+
+    echo -n $RANDOM >/tmp/test-54-plaintext
+    systemd-creds encrypt --name=test-54 /tmp/test-54-plaintext /tmp/test-54-ciphertext
+    systemd-creds decrypt --name=test-54 /tmp/test-54-ciphertext | cmp /tmp/test-54-plaintext
+
+    systemd-run -p SetCredentialEncrypted=test-54:"`cat /tmp/test-54-ciphertext`" \
+                --wait \
+                --pipe \
+                cat '${CREDENTIALS_DIRECTORY}/test-54' | cmp /tmp/test-54-plaintext
+
+    rm /tmp/test-54-plaintext /tmp/test-54-ciphertext
+fi
+
 systemd-analyze log-level info
 
 echo OK >/testok
-- 
2.25.1