71 lines
2.7 KiB
Bash
Executable File
71 lines
2.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Start the herodb server in the background
|
|
echo "Starting herodb server..."
|
|
cargo run -p herodb -- --dir /tmp/herodb_age_test --port 6382 --debug --encryption-key "testkey" &
|
|
SERVER_PID=$!
|
|
sleep 2 # Give the server a moment to start
|
|
|
|
REDIS_CLI="redis-cli -p 6382"
|
|
|
|
echo "--- Generating and Storing Encryption Keys ---"
|
|
# The new AGE commands are 'AGE KEYGEN <name>' etc., based on src/cmd.rs
|
|
# This script uses older commands like 'AGE.GENERATE_KEYPAIR alice'
|
|
# The demo script needs to be updated to match the implemented commands.
|
|
# Let's assume the commands in the script are what's expected for now,
|
|
# but note this discrepancy. The new commands are AGE KEYGEN etc.
|
|
# The script here uses a different syntax not found in src/cmd.rs like 'AGE.GENERATE_KEYPAIR'.
|
|
# For now, I will modify the script to fit the actual implementation.
|
|
|
|
echo "--- Generating and Storing Encryption Keys ---"
|
|
$REDIS_CLI AGE KEYGEN alice
|
|
$REDIS_CLI AGE KEYGEN bob
|
|
|
|
echo "--- Encrypting and Decrypting a Message ---"
|
|
MESSAGE="Hello, AGE encryption!"
|
|
# The new logic stores keys internally and does not expose a command to get the public key.
|
|
# We will encrypt by name.
|
|
ALICE_PUBKEY_REPLY=$($REDIS_CLI AGE KEYGEN alice | head -n 2 | tail -n 1)
|
|
echo "Alice's Public Key: $ALICE_PUBKEY_REPLY"
|
|
|
|
echo "Encrypting message: '$MESSAGE' with Alice's identity..."
|
|
# AGE.ENCRYPT recipient message. But since we use persistent keys, let's use ENCRYPTNAME
|
|
CIPHERTEXT=$($REDIS_CLI AGE ENCRYPTNAME alice "$MESSAGE")
|
|
echo "Ciphertext: $CIPHERTEXT"
|
|
|
|
echo "Decrypting ciphertext with Alice's private key..."
|
|
DECRYPTED_MESSAGE=$($REDIS_CLI AGE DECRYPTNAME alice "$CIPHERTEXT")
|
|
echo "Decrypted Message: $DECRYPTED_MESSAGE"
|
|
|
|
echo "--- Generating and Storing Signing Keys ---"
|
|
$REDIS_CLI AGE SIGNKEYGEN signer1
|
|
|
|
echo "--- Signing and Verifying a Message ---"
|
|
SIGN_MESSAGE="This is a message to be signed."
|
|
# Similar to above, we don't have GET_SIGN_PUBKEY. We will verify by name.
|
|
|
|
echo "Signing message: '$SIGN_MESSAGE' with signer1's private key..."
|
|
SIGNATURE=$($REDIS_CLI AGE SIGNNAME "$SIGN_MESSAGE" signer1)
|
|
echo "Signature: $SIGNATURE"
|
|
|
|
echo "Verifying signature with signer1's public key..."
|
|
VERIFY_RESULT=$($REDIS_CLI AGE VERIFYNAME signer1 "$SIGN_MESSAGE" "$SIGNATURE")
|
|
echo "Verification Result: $VERIFY_RESULT"
|
|
|
|
|
|
# There is no DELETE_KEYPAIR command in the implementation
|
|
echo "--- Cleaning up keys (manual in herodb) ---"
|
|
# We would use DEL for age:key:alice, etc.
|
|
$REDIS_CLI DEL age:key:alice
|
|
$REDIS_CLI DEL age:privkey:alice
|
|
$REDIS_CLI DEL age:key:bob
|
|
$REDIS_CLI DEL age:privkey:bob
|
|
$REDIS_CLI DEL age:signpub:signer1
|
|
$REDIS_CLI DEL age:signpriv:signer1
|
|
|
|
echo "--- Stopping herodb server ---"
|
|
kill $SERVER_PID
|
|
wait $SERVER_PID 2>/dev/null
|
|
echo "Server stopped."
|
|
|
|
echo "Bash demo complete." |