#! /bin/sh

set -e

# Skip test if we don't have connectivity to the DNS system.
host test.sigsum.org || exit 77

./bin/sigsum-key gen -o test.key
./bin/sigsum-key gen -o test.log.key

# Corresponding public key is registered on test.sigsum.org.
printf '%064x\n' 1 > test.sigsum.key

./bin/sigsum-token create -k test.sigsum.key --log-key test.log.key.pub --domain test.sigsum.org -o test.header
./bin/sigsum-token verify --log-key test.log.key.pub < test.header
# Check that validation fails when log key is changed.
if ./bin/sigsum-token verify --log-key test.key.pub < test.header 2>/dev/null; then
    exit 1
fi
