diff options
author | Colin Watson <cjwatson@debian.org> | 2020-06-07 10:19:24 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-06-07 11:03:12 +0100 |
commit | 30337f8b66c66af6b368d1e3c789e75f1247176c (patch) | |
tree | 17e0b8652fea31c04faa19ffc4cd088552ee473a /regress/keygen-comment.sh | |
parent | aef2be11c5ea90bc66e774923e6570213e54c195 (diff) | |
parent | 39b8d128ef980a410bb1ea0ee80e95ac9fff59c3 (diff) |
New upstream release (8.3p1)
Also update GSSAPI key exchange patch from
https://github.com/openssh-gsskex/openssh-gsskex.
Diffstat (limited to 'regress/keygen-comment.sh')
-rw-r--r-- | regress/keygen-comment.sh | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh new file mode 100644 index 000000000..af571d390 --- /dev/null +++ b/regress/keygen-comment.sh | |||
@@ -0,0 +1,52 @@ | |||
1 | # Placed in the Public Domain. | ||
2 | |||
3 | tid="Comment extraction from private key" | ||
4 | |||
5 | S1="secret1" | ||
6 | |||
7 | check_fingerprint () { | ||
8 | file="$1" | ||
9 | comment="$2" | ||
10 | trace "fingerprinting $file" | ||
11 | if ! ${SSHKEYGEN} -l -E sha256 -f $file > $OBJ/$t-fgp ; then | ||
12 | fail "ssh-keygen -l failed for $t-key" | ||
13 | fi | ||
14 | if ! egrep "^([0-9]+) SHA256:(.){43} ${comment} \(.*\)\$" \ | ||
15 | $OBJ/$t-fgp >/dev/null 2>&1 ; then | ||
16 | fail "comment is not correctly recovered for $t-key" | ||
17 | fi | ||
18 | rm -f $OBJ/$t-fgp | ||
19 | } | ||
20 | |||
21 | for fmt in '' RFC4716 PKCS8 PEM; do | ||
22 | for t in $SSH_KEYTYPES; do | ||
23 | trace "generating $t key in '$fmt' format" | ||
24 | rm -f $OBJ/$t-key* | ||
25 | oldfmt="" | ||
26 | case "$fmt" in | ||
27 | PKCS8|PEM) oldfmt=1 ;; | ||
28 | esac | ||
29 | # Some key types like ssh-ed25519 and *@openssh.com are never | ||
30 | # stored in old formats. | ||
31 | case "$t" in | ||
32 | ssh-ed25519|*openssh.com) test -z "$oldfmt" || continue ;; | ||
33 | esac | ||
34 | comment="foo bar" | ||
35 | fmtarg="" | ||
36 | test -z "$fmt" || fmtarg="-m $fmt" | ||
37 | ${SSHKEYGEN} $fmtarg -N '' -C "${comment}" \ | ||
38 | -t $t -f $OBJ/$t-key >/dev/null 2>&1 || \ | ||
39 | fatal "keygen of $t in format $fmt failed" | ||
40 | check_fingerprint $OBJ/$t-key "${comment}" | ||
41 | check_fingerprint $OBJ/$t-key.pub "${comment}" | ||
42 | # Output fingerprint using only private file | ||
43 | trace "fingerprinting $t key using private key file" | ||
44 | rm -f $OBJ/$t-key.pub | ||
45 | if [ ! -z "$oldfmt" ] ; then | ||
46 | # Comment cannot be recovered from old format keys. | ||
47 | comment="no comment" | ||
48 | fi | ||
49 | check_fingerprint $OBJ/$t-key "${comment}" | ||
50 | rm -f $OBJ/$t-key* | ||
51 | done | ||
52 | done | ||