diff --git a/Cargo.lock b/Cargo.lock index 9da12ea41..d82186275 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1558,6 +1558,7 @@ dependencies = [ "serde", "serde_cbor", "serde_json", + "sha-crypt", "tempfile", "tera", "tokio", diff --git a/integration-tests/Cargo.toml b/integration-tests/Cargo.toml index 05bef4d3b..4a8003381 100644 --- a/integration-tests/Cargo.toml +++ b/integration-tests/Cargo.toml @@ -35,6 +35,7 @@ paste = "1.0" passwd = "0.0.1" pem = "2.0" users = "0.11.0" +sha-crypt = "0.5.0" fdo-data-formats = { path = "../data-formats" } fdo-util = { path = "../util" } diff --git a/integration-tests/tests/common/mod.rs b/integration-tests/tests/common/mod.rs index 2b683dee5..d16dc4272 100644 --- a/integration-tests/tests/common/mod.rs +++ b/integration-tests/tests/common/mod.rs @@ -808,6 +808,7 @@ impl<'a> TestServerConfigurator<'a> { users::get_current_username().unwrap().to_str().unwrap(), ); cfg.insert("sshkey", "sshkey_default"); + cfg.insert("password", "testpassword"); } else { L.l("per_device_serviceinfo is set, using device specific values"); cfg.insert( @@ -815,6 +816,7 @@ impl<'a> TestServerConfigurator<'a> { users::get_current_username().unwrap().to_str().unwrap(), ); cfg.insert("sshkey", "sshkey_per_device"); + cfg.insert("password", "testpassword"); } // TODO: Insert more defaults diff --git a/integration-tests/tests/e2e.rs b/integration-tests/tests/e2e.rs index 63792e8b9..8715dc471 100644 --- a/integration-tests/tests/e2e.rs +++ b/integration-tests/tests/e2e.rs @@ -138,6 +138,7 @@ where env::set_var("PER_DEVICE_SERVICEINFO", "false"); let mut ctx = TestContext::new().context("Error building test context")?; let new_user: &str = "testuser"; // new user to be created during onboarding + let new_pw: &str = "testpassword"; // new password to accompany new user during onboarding let encrypted_disk_loc = ctx.testpath().join("encrypted.img"); let rendezvous_server = ctx .start_test_server( @@ -156,7 +157,8 @@ where &encrypted_disk_loc.to_string_lossy(), ); if ci { - cfg.insert("user", new_user) + cfg.insert("user", new_user); + cfg.insert("password", new_pw); }; Ok(()) })?) diff --git a/integration-tests/tests/service_info.rs b/integration-tests/tests/service_info.rs index 005fe8fd5..68f2db85f 100644 --- a/integration-tests/tests/service_info.rs +++ b/integration-tests/tests/service_info.rs @@ -7,6 +7,8 @@ use common::{Binary, LogSide, TestContext}; use anyhow::{bail, Context, Result}; +use sha_crypt::{sha256_check}; + const L: LogSide = LogSide::Test; #[tokio::test] @@ -125,7 +127,7 @@ where env::set_var("PER_DEVICE_SERVICEINFO", "false"); let mut ctx = TestContext::new().context("Error building test context")?; let new_user: &str = "testuser"; // new user to be created during onboarding - let new_pw: &str = "testpassword"; // new password to accompany new user + let new_pw: &str = "testpassword"; // new password to accompany new user during onboarding let encrypted_disk_loc = ctx.testpath().join("encrypted2.img"); let rendezvous_server = ctx .start_test_server( @@ -145,7 +147,7 @@ where ); if ci { cfg.insert("user", new_user); - cfg.insert("password", new_pw) + cfg.insert("password", new_pw); }; Ok(()) })?) @@ -396,9 +398,13 @@ sshkey_default if let Some(test_user) = passwd::Passwd::from_name(new_user) { pretty_assertions::assert_eq!( test_user.password.is_empty(), - true, + false, "Password not created during onboarding" ); + let pwtest = String::from(test_user.password); + L.l("password output {}", pwtest); + assert!(sha256_check("testpassword", &test_user.password).is_ok()); + } } else { L.l("Skipped create initial user validation