Merge 6.7p1.

* New upstream release (http://www.openssh.com/txt/release-6.7): - sshd(8): The default set of ciphers and MACs has been altered to remove unsafe algorithms. In particular, CBC ciphers and arcfour* are disabled by default. The full set of algorithms remains available if configured explicitly via the Ciphers and MACs sshd_config options. - ssh(1), sshd(8): Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket (closes: #236718). - ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for ED25519 key types. - sftp(1): Allow resumption of interrupted uploads. - ssh(1): When rekeying, skip file/DNS lookups of the hostkey if it is the same as the one sent during initial key exchange. - sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind addresses when GatewayPorts=no; allows client to choose address family. - sshd(8): Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys option. - ssh(1): Add a %C escape sequence for LocalCommand and ControlPath that expands to a unique identifer based on a hash of the tuple of (local host, remote user, hostname, port). Helps avoid exceeding miserly pathname limits for Unix domain sockets in multiplexing control paths. - sshd(8): Make the "Too many authentication failures" message include the user, source address, port and protocol in a format similar to the authentication success / failure messages. - Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is available. It considers time spent suspended, thereby ensuring timeouts (e.g. for expiring agent keys) fire correctly (closes: #734553). - Use prctl() to prevent sftp-server from accessing /proc/self/{mem,maps}. * Restore TCP wrappers support, removed upstream in 6.7. It is true that dropping this reduces preauth attack surface in sshd. On the other hand, this support seems to be quite widely used, and abruptly dropping it (from the perspective of users who don't read openssh-unix-dev) could easily cause more serious problems in practice. It's not entirely clear what the right long-term answer for Debian is, but it at least probably doesn't involve dropping this feature shortly before a freeze. * Replace patch to disable OpenSSL version check with an updated version of Kurt Roeckx's patch from #732940 to just avoid checking the status field.
author: Colin Watson <cjwatson@debian.org> 2014-10-07 13:33:15 +0100
committer: Colin Watson <cjwatson@debian.org> 2014-10-07 14:27:30 +0100
commit: f0b009aea83e9ff3a50be30f51012099a5143c16 (patch)
tree: 3825e6f7e3b7ea4481d06ed89aba9a7a95150df5 /regress/unittests/sshkey/test_sshkey.c
parent: 47f0bad4330b16ec3bad870fcf9839c196e42c12 (diff)
parent: 762c062828f5a8f6ed189ed6e44ad38fd92f8b36 (diff)
1 files changed, 357 insertions, 0 deletions
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
new file mode 100644
index 000000000..ef0c67956
--- /dev/null
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -0,0 +1,357 @@
+/*      $OpenBSD: test_sshkey.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
+/*
+ * Regress test for sshkey.h key management API
+ *
+ * Placed in the public domain
+ */
+#include "includes.h"
+#include <sys/types.h>
+#include <sys/param.h>
+#include <stdio.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#ifdef OPENSSL_HAS_NISTP256
+# include <openssl/ec.h>
+#endif
+#include "../test_helper/test_helper.h"
+#include "ssherr.h"
+#include "sshbuf.h"
+#define SSHBUF_INTERNAL 1       /* access internals for testing */
+#include "sshkey.h"
+#include "authfile.h"
+#include "common.h"
+#include "ssh2.h"
+void sshkey_tests(void);
+static void
+build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
+    const struct sshkey *sign_key, const struct sshkey *ca_key)
+{
+        struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts;
+        u_char *sigblob;
+        size_t siglen;
+        ca_buf = sshbuf_new();
+        ASSERT_INT_EQ(sshkey_to_blob_buf(ca_key, ca_buf), 0);
+        /*
+         * Get the public key serialisation by rendering the key and skipping
+         * the type string. This is a bit of a hack :/
+         */
+        pk = sshbuf_new();
+        ASSERT_INT_EQ(sshkey_plain_to_blob_buf(k, pk), 0);
+        ASSERT_INT_EQ(sshbuf_skip_string(pk), 0);
+        principals = sshbuf_new();
+        ASSERT_INT_EQ(sshbuf_put_cstring(principals, "gsamsa"), 0);
+        ASSERT_INT_EQ(sshbuf_put_cstring(principals, "gregor"), 0);
+        critopts = sshbuf_new();
+        /* XXX fill this in */
+        exts = sshbuf_new();
+        /* XXX fill this in */
+        ASSERT_INT_EQ(sshbuf_put_cstring(b, type), 0);
+        ASSERT_INT_EQ(sshbuf_put_cstring(b, "noncenoncenonce!"), 0); /* nonce */
+        ASSERT_INT_EQ(sshbuf_putb(b, pk), 0); /* public key serialisation */
+        ASSERT_INT_EQ(sshbuf_put_u64(b, 1234), 0); /* serial */
+        ASSERT_INT_EQ(sshbuf_put_u32(b, SSH2_CERT_TYPE_USER), 0); /* type */
+        ASSERT_INT_EQ(sshbuf_put_cstring(b, "gregor"), 0); /* key ID */
+        ASSERT_INT_EQ(sshbuf_put_stringb(b, principals), 0); /* principals */
+        ASSERT_INT_EQ(sshbuf_put_u64(b, 0), 0); /* start */
+        ASSERT_INT_EQ(sshbuf_put_u64(b, 0xffffffffffffffffULL), 0); /* end */
+        ASSERT_INT_EQ(sshbuf_put_stringb(b, critopts), 0); /* options */
+        ASSERT_INT_EQ(sshbuf_put_stringb(b, exts), 0); /* extensions */
+        ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */
+        ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */
+        ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen,
+            sshbuf_ptr(b), sshbuf_len(b), 0), 0);
+        ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */
+        free(sigblob);
+        sshbuf_free(ca_buf);
+        sshbuf_free(exts);
+        sshbuf_free(critopts);
+        sshbuf_free(principals);
+        sshbuf_free(pk);
+}
+void
+sshkey_tests(void)
+{
+        struct sshkey *k1, *k2, *k3, *k4, *kr, *kd, *ke, *kf;
+        struct sshbuf *b;
+        TEST_START("new invalid");
+        k1 = sshkey_new(-42);
+        ASSERT_PTR_EQ(k1, NULL);
+        TEST_DONE();
+        TEST_START("new/free KEY_UNSPEC");
+        k1 = sshkey_new(KEY_UNSPEC);
+        ASSERT_PTR_NE(k1, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new/free KEY_RSA1");
+        k1 = sshkey_new(KEY_RSA1);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(k1->rsa, NULL);
+        ASSERT_PTR_NE(k1->rsa->n, NULL);
+        ASSERT_PTR_NE(k1->rsa->e, NULL);
+        ASSERT_PTR_EQ(k1->rsa->p, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new/free KEY_RSA");
+        k1 = sshkey_new(KEY_RSA);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(k1->rsa, NULL);
+        ASSERT_PTR_NE(k1->rsa->n, NULL);
+        ASSERT_PTR_NE(k1->rsa->e, NULL);
+        ASSERT_PTR_EQ(k1->rsa->p, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new/free KEY_DSA");
+        k1 = sshkey_new(KEY_DSA);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(k1->dsa, NULL);
+        ASSERT_PTR_NE(k1->dsa->g, NULL);
+        ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new/free KEY_ECDSA");
+        k1 = sshkey_new(KEY_ECDSA);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_EQ(k1->ecdsa, NULL);  /* Can't allocate without NID */
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new/free KEY_ED25519");
+        k1 = sshkey_new(KEY_ED25519);
+        ASSERT_PTR_NE(k1, NULL);
+        /* These should be blank until key loaded or generated */
+        ASSERT_PTR_EQ(k1->ed25519_sk, NULL);
+        ASSERT_PTR_EQ(k1->ed25519_pk, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new_private KEY_RSA");
+        k1 = sshkey_new_private(KEY_RSA);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(k1->rsa, NULL);
+        ASSERT_PTR_NE(k1->rsa->n, NULL);
+        ASSERT_PTR_NE(k1->rsa->e, NULL);
+        ASSERT_PTR_NE(k1->rsa->p, NULL);
+        ASSERT_INT_EQ(sshkey_add_private(k1), 0);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("new_private KEY_DSA");
+        k1 = sshkey_new_private(KEY_DSA);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(k1->dsa, NULL);
+        ASSERT_PTR_NE(k1->dsa->g, NULL);
+        ASSERT_PTR_NE(k1->dsa->priv_key, NULL);
+        ASSERT_INT_EQ(sshkey_add_private(k1), 0);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("generate KEY_RSA too small modulus");
+        ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 128, &k1),
+            SSH_ERR_INVALID_ARGUMENT);
+        ASSERT_PTR_EQ(k1, NULL);
+        TEST_DONE();
+        TEST_START("generate KEY_RSA too large modulus");
+        ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1 << 20, &k1),
+            SSH_ERR_INVALID_ARGUMENT);
+        ASSERT_PTR_EQ(k1, NULL);
+        TEST_DONE();
+        TEST_START("generate KEY_DSA wrong bits");
+        ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 2048, &k1),
+            SSH_ERR_INVALID_ARGUMENT);
+        ASSERT_PTR_EQ(k1, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("generate KEY_ECDSA wrong bits");
+        ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1),
+            SSH_ERR_INVALID_ARGUMENT);
+        ASSERT_PTR_EQ(k1, NULL);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("generate KEY_RSA");
+        ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0);
+        ASSERT_PTR_NE(kr, NULL);
+        ASSERT_PTR_NE(kr->rsa, NULL);
+        ASSERT_PTR_NE(kr->rsa->n, NULL);
+        ASSERT_PTR_NE(kr->rsa->e, NULL);
+        ASSERT_PTR_NE(kr->rsa->p, NULL);
+        ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 768);
+        TEST_DONE();
+        TEST_START("generate KEY_DSA");
+        ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0);
+        ASSERT_PTR_NE(kd, NULL);
+        ASSERT_PTR_NE(kd->dsa, NULL);
+        ASSERT_PTR_NE(kd->dsa->g, NULL);
+        ASSERT_PTR_NE(kd->dsa->priv_key, NULL);
+        TEST_DONE();
+#ifdef OPENSSL_HAS_ECC
+        TEST_START("generate KEY_ECDSA");
+        ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &ke), 0);
+        ASSERT_PTR_NE(ke, NULL);
+        ASSERT_PTR_NE(ke->ecdsa, NULL);
+        ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
+        ASSERT_PTR_NE(EC_KEY_get0_private_key(ke->ecdsa), NULL);
+        TEST_DONE();
+#endif
+        TEST_START("generate KEY_ED25519");
+        ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &kf), 0);
+        ASSERT_PTR_NE(kf, NULL);
+        ASSERT_INT_EQ(kf->type, KEY_ED25519);
+        ASSERT_PTR_NE(kf->ed25519_pk, NULL);
+        ASSERT_PTR_NE(kf->ed25519_sk, NULL);
+        TEST_DONE();
+        TEST_START("demote KEY_RSA");
+        ASSERT_INT_EQ(sshkey_demote(kr, &k1), 0);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(kr, k1);
+        ASSERT_INT_EQ(k1->type, KEY_RSA);
+        ASSERT_PTR_NE(k1->rsa, NULL);
+        ASSERT_PTR_NE(k1->rsa->n, NULL);
+        ASSERT_PTR_NE(k1->rsa->e, NULL);
+        ASSERT_PTR_EQ(k1->rsa->p, NULL);
+        TEST_DONE();
+        TEST_START("equal KEY_RSA/demoted KEY_RSA");
+        ASSERT_INT_EQ(sshkey_equal(kr, k1), 1);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("demote KEY_DSA");
+        ASSERT_INT_EQ(sshkey_demote(kd, &k1), 0);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(kd, k1);
+        ASSERT_INT_EQ(k1->type, KEY_DSA);
+        ASSERT_PTR_NE(k1->dsa, NULL);
+        ASSERT_PTR_NE(k1->dsa->g, NULL);
+        ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
+        TEST_DONE();
+        TEST_START("equal KEY_DSA/demoted KEY_DSA");
+        ASSERT_INT_EQ(sshkey_equal(kd, k1), 1);
+        sshkey_free(k1);
+        TEST_DONE();
+#ifdef OPENSSL_HAS_ECC
+        TEST_START("demote KEY_ECDSA");
+        ASSERT_INT_EQ(sshkey_demote(ke, &k1), 0);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(ke, k1);
+        ASSERT_INT_EQ(k1->type, KEY_ECDSA);
+        ASSERT_PTR_NE(k1->ecdsa, NULL);
+        ASSERT_INT_EQ(k1->ecdsa_nid, ke->ecdsa_nid);
+        ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
+        ASSERT_PTR_EQ(EC_KEY_get0_private_key(k1->ecdsa), NULL);
+        TEST_DONE();
+        TEST_START("equal KEY_ECDSA/demoted KEY_ECDSA");
+        ASSERT_INT_EQ(sshkey_equal(ke, k1), 1);
+        sshkey_free(k1);
+        TEST_DONE();
+#endif
+        TEST_START("demote KEY_ED25519");
+        ASSERT_INT_EQ(sshkey_demote(kf, &k1), 0);
+        ASSERT_PTR_NE(k1, NULL);
+        ASSERT_PTR_NE(kf, k1);
+        ASSERT_INT_EQ(k1->type, KEY_ED25519);
+        ASSERT_PTR_NE(k1->ed25519_pk, NULL);
+        ASSERT_PTR_EQ(k1->ed25519_sk, NULL);
+        TEST_DONE();
+        TEST_START("equal KEY_ED25519/demoted KEY_ED25519");
+        ASSERT_INT_EQ(sshkey_equal(kf, k1), 1);
+        sshkey_free(k1);
+        TEST_DONE();
+        TEST_START("equal mismatched key types");
+        ASSERT_INT_EQ(sshkey_equal(kd, kr), 0);
+#ifdef OPENSSL_HAS_ECC
+        ASSERT_INT_EQ(sshkey_equal(kd, ke), 0);
+        ASSERT_INT_EQ(sshkey_equal(kr, ke), 0);
+        ASSERT_INT_EQ(sshkey_equal(ke, kf), 0);
+#endif
+        ASSERT_INT_EQ(sshkey_equal(kd, kf), 0);
+        TEST_DONE();
+        TEST_START("equal different keys");
+        ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &k1), 0);
+        ASSERT_INT_EQ(sshkey_equal(kr, k1), 0);
+        sshkey_free(k1);
+        ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k1), 0);
+        ASSERT_INT_EQ(sshkey_equal(kd, k1), 0);
+        sshkey_free(k1);
+#ifdef OPENSSL_HAS_ECC
+        ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0);
+        ASSERT_INT_EQ(sshkey_equal(ke, k1), 0);
+        sshkey_free(k1);
+#endif
+        ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0);
+        ASSERT_INT_EQ(sshkey_equal(kf, k1), 0);
+        sshkey_free(k1);
+        TEST_DONE();
+        sshkey_free(kr);
+        sshkey_free(kd);
+#ifdef OPENSSL_HAS_ECC
+        sshkey_free(ke);
+#endif
+        sshkey_free(kf);
+/* XXX certify test */
+/* XXX sign test */
+/* XXX verify test */
+        TEST_START("nested certificate");
+        ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
+        ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
+            NULL), 0);
+        b = load_file("rsa_2");
+        ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", "rsa_1",
+            &k3, NULL), 0);
+        sshbuf_reset(b);
+        build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1);
+        ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4),
+            SSH_ERR_KEY_CERT_INVALID_SIGN_KEY);
+        ASSERT_PTR_EQ(k4, NULL);
+        sshbuf_free(b);
+        sshkey_free(k1);
+        sshkey_free(k2);
+        sshkey_free(k3);
+        TEST_DONE();
+}
author	Colin Watson <cjwatson@debian.org>	2014-10-07 13:33:15 +0100
committer	Colin Watson <cjwatson@debian.org>	2014-10-07 14:27:30 +0100
commit	f0b009aea83e9ff3a50be30f51012099a5143c16 (patch)
tree	3825e6f7e3b7ea4481d06ed89aba9a7a95150df5 /regress/unittests/sshkey/test_sshkey.c
parent	47f0bad4330b16ec3bad870fcf9839c196e42c12 (diff)
parent	762c062828f5a8f6ed189ed6e44ad38fd92f8b36 (diff)

diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c new file mode 100644 index 000000000..ef0c67956 --- /dev/null +++ b/regress/unittests/sshkey/test_sshkey.c
@@ -0,0 +1,357 @@
	1	/* $OpenBSD: test_sshkey.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
	2	/*
	3	* Regress test for sshkey.h key management API
	4	*
	5	* Placed in the public domain
	6	*/
	7
	8	#include "includes.h"
	9
	10	#include <sys/types.h>
	11	#include <sys/param.h>
	12	#include <stdio.h>
	13	#ifdef HAVE_STDINT_H
	14	#include <stdint.h>
	15	#endif
	16	#include <stdlib.h>
	17	#include <string.h>
	18
	19	#include <openssl/bn.h>
	20	#include <openssl/rsa.h>
	21	#include <openssl/dsa.h>
	22	#ifdef OPENSSL_HAS_NISTP256
	23	# include <openssl/ec.h>
	24	#endif
	25
	26	#include "../test_helper/test_helper.h"
	27
	28	#include "ssherr.h"
	29	#include "sshbuf.h"
	30	#define SSHBUF_INTERNAL 1 /* access internals for testing */
	31	#include "sshkey.h"
	32
	33	#include "authfile.h"
	34	#include "common.h"
	35	#include "ssh2.h"
	36
	37	void sshkey_tests(void);
	38
	39	static void
	40	build_cert(struct sshbuf b, const struct sshkey k, const char *type,
	41	const struct sshkey sign_key, const struct sshkey ca_key)
	42	{
	43	struct sshbuf ca_buf, pk, principals, critopts, *exts;
	44	u_char *sigblob;
	45	size_t siglen;
	46
	47	ca_buf = sshbuf_new();
	48	ASSERT_INT_EQ(sshkey_to_blob_buf(ca_key, ca_buf), 0);
	49
	50	/*
	51	* Get the public key serialisation by rendering the key and skipping
	52	* the type string. This is a bit of a hack :/
	53	*/
	54	pk = sshbuf_new();
	55	ASSERT_INT_EQ(sshkey_plain_to_blob_buf(k, pk), 0);
	56	ASSERT_INT_EQ(sshbuf_skip_string(pk), 0);
	57
	58	principals = sshbuf_new();
	59	ASSERT_INT_EQ(sshbuf_put_cstring(principals, "gsamsa"), 0);
	60	ASSERT_INT_EQ(sshbuf_put_cstring(principals, "gregor"), 0);
	61
	62	critopts = sshbuf_new();
	63	/* XXX fill this in */
	64
	65	exts = sshbuf_new();
	66	/* XXX fill this in */
	67
	68	ASSERT_INT_EQ(sshbuf_put_cstring(b, type), 0);
	69	ASSERT_INT_EQ(sshbuf_put_cstring(b, "noncenoncenonce!"), 0); /* nonce */
	70	ASSERT_INT_EQ(sshbuf_putb(b, pk), 0); /* public key serialisation */
	71	ASSERT_INT_EQ(sshbuf_put_u64(b, 1234), 0); /* serial */
	72	ASSERT_INT_EQ(sshbuf_put_u32(b, SSH2_CERT_TYPE_USER), 0); /* type */
	73	ASSERT_INT_EQ(sshbuf_put_cstring(b, "gregor"), 0); /* key ID */
	74	ASSERT_INT_EQ(sshbuf_put_stringb(b, principals), 0); /* principals */
	75	ASSERT_INT_EQ(sshbuf_put_u64(b, 0), 0); /* start */
	76	ASSERT_INT_EQ(sshbuf_put_u64(b, 0xffffffffffffffffULL), 0); /* end */
	77	ASSERT_INT_EQ(sshbuf_put_stringb(b, critopts), 0); /* options */
	78	ASSERT_INT_EQ(sshbuf_put_stringb(b, exts), 0); /* extensions */
	79	ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */
	80	ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */
	81	ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen,
	82	sshbuf_ptr(b), sshbuf_len(b), 0), 0);
	83	ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */
	84
	85	free(sigblob);
	86	sshbuf_free(ca_buf);
	87	sshbuf_free(exts);
	88	sshbuf_free(critopts);
	89	sshbuf_free(principals);
	90	sshbuf_free(pk);
	91	}
	92
	93	void
	94	sshkey_tests(void)
	95	{
	96	struct sshkey k1, k2, k3, k4, kr, kd, ke, kf;
	97	struct sshbuf *b;
	98
	99	TEST_START("new invalid");
	100	k1 = sshkey_new(-42);
	101	ASSERT_PTR_EQ(k1, NULL);
	102	TEST_DONE();
	103
	104	TEST_START("new/free KEY_UNSPEC");
	105	k1 = sshkey_new(KEY_UNSPEC);
	106	ASSERT_PTR_NE(k1, NULL);
	107	sshkey_free(k1);
	108	TEST_DONE();
	109
	110	TEST_START("new/free KEY_RSA1");
	111	k1 = sshkey_new(KEY_RSA1);
	112	ASSERT_PTR_NE(k1, NULL);
	113	ASSERT_PTR_NE(k1->rsa, NULL);
	114	ASSERT_PTR_NE(k1->rsa->n, NULL);
	115	ASSERT_PTR_NE(k1->rsa->e, NULL);
	116	ASSERT_PTR_EQ(k1->rsa->p, NULL);
	117	sshkey_free(k1);
	118	TEST_DONE();
	119
	120	TEST_START("new/free KEY_RSA");
	121	k1 = sshkey_new(KEY_RSA);
	122	ASSERT_PTR_NE(k1, NULL);
	123	ASSERT_PTR_NE(k1->rsa, NULL);
	124	ASSERT_PTR_NE(k1->rsa->n, NULL);
	125	ASSERT_PTR_NE(k1->rsa->e, NULL);
	126	ASSERT_PTR_EQ(k1->rsa->p, NULL);
	127	sshkey_free(k1);
	128	TEST_DONE();
	129
	130	TEST_START("new/free KEY_DSA");
	131	k1 = sshkey_new(KEY_DSA);
	132	ASSERT_PTR_NE(k1, NULL);
	133	ASSERT_PTR_NE(k1->dsa, NULL);
	134	ASSERT_PTR_NE(k1->dsa->g, NULL);
	135	ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
	136	sshkey_free(k1);
	137	TEST_DONE();
	138
	139	TEST_START("new/free KEY_ECDSA");
	140	k1 = sshkey_new(KEY_ECDSA);
	141	ASSERT_PTR_NE(k1, NULL);
	142	ASSERT_PTR_EQ(k1->ecdsa, NULL); /* Can't allocate without NID */
	143	sshkey_free(k1);
	144	TEST_DONE();
	145
	146	TEST_START("new/free KEY_ED25519");
	147	k1 = sshkey_new(KEY_ED25519);
	148	ASSERT_PTR_NE(k1, NULL);
	149	/* These should be blank until key loaded or generated */
	150	ASSERT_PTR_EQ(k1->ed25519_sk, NULL);
	151	ASSERT_PTR_EQ(k1->ed25519_pk, NULL);
	152	sshkey_free(k1);
	153	TEST_DONE();
	154
	155	TEST_START("new_private KEY_RSA");
	156	k1 = sshkey_new_private(KEY_RSA);
	157	ASSERT_PTR_NE(k1, NULL);
	158	ASSERT_PTR_NE(k1->rsa, NULL);
	159	ASSERT_PTR_NE(k1->rsa->n, NULL);
	160	ASSERT_PTR_NE(k1->rsa->e, NULL);
	161	ASSERT_PTR_NE(k1->rsa->p, NULL);
	162	ASSERT_INT_EQ(sshkey_add_private(k1), 0);
	163	sshkey_free(k1);
	164	TEST_DONE();
	165
	166	TEST_START("new_private KEY_DSA");
	167	k1 = sshkey_new_private(KEY_DSA);
	168	ASSERT_PTR_NE(k1, NULL);
	169	ASSERT_PTR_NE(k1->dsa, NULL);
	170	ASSERT_PTR_NE(k1->dsa->g, NULL);
	171	ASSERT_PTR_NE(k1->dsa->priv_key, NULL);
	172	ASSERT_INT_EQ(sshkey_add_private(k1), 0);
	173	sshkey_free(k1);
	174	TEST_DONE();
	175
	176	TEST_START("generate KEY_RSA too small modulus");
	177	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 128, &k1),
	178	SSH_ERR_INVALID_ARGUMENT);
	179	ASSERT_PTR_EQ(k1, NULL);
	180	TEST_DONE();
	181
	182	TEST_START("generate KEY_RSA too large modulus");
	183	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1 << 20, &k1),
	184	SSH_ERR_INVALID_ARGUMENT);
	185	ASSERT_PTR_EQ(k1, NULL);
	186	TEST_DONE();
	187
	188	TEST_START("generate KEY_DSA wrong bits");
	189	ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 2048, &k1),
	190	SSH_ERR_INVALID_ARGUMENT);
	191	ASSERT_PTR_EQ(k1, NULL);
	192	sshkey_free(k1);
	193	TEST_DONE();
	194
	195	TEST_START("generate KEY_ECDSA wrong bits");
	196	ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1),
	197	SSH_ERR_INVALID_ARGUMENT);
	198	ASSERT_PTR_EQ(k1, NULL);
	199	sshkey_free(k1);
	200	TEST_DONE();
	201
	202	TEST_START("generate KEY_RSA");
	203	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0);
	204	ASSERT_PTR_NE(kr, NULL);
	205	ASSERT_PTR_NE(kr->rsa, NULL);
	206	ASSERT_PTR_NE(kr->rsa->n, NULL);
	207	ASSERT_PTR_NE(kr->rsa->e, NULL);
	208	ASSERT_PTR_NE(kr->rsa->p, NULL);
	209	ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 768);
	210	TEST_DONE();
	211
	212	TEST_START("generate KEY_DSA");
	213	ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0);
	214	ASSERT_PTR_NE(kd, NULL);
	215	ASSERT_PTR_NE(kd->dsa, NULL);
	216	ASSERT_PTR_NE(kd->dsa->g, NULL);
	217	ASSERT_PTR_NE(kd->dsa->priv_key, NULL);
	218	TEST_DONE();
	219
	220	#ifdef OPENSSL_HAS_ECC
	221	TEST_START("generate KEY_ECDSA");
	222	ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &ke), 0);
	223	ASSERT_PTR_NE(ke, NULL);
	224	ASSERT_PTR_NE(ke->ecdsa, NULL);
	225	ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
	226	ASSERT_PTR_NE(EC_KEY_get0_private_key(ke->ecdsa), NULL);
	227	TEST_DONE();
	228	#endif
	229
	230	TEST_START("generate KEY_ED25519");
	231	ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &kf), 0);
	232	ASSERT_PTR_NE(kf, NULL);
	233	ASSERT_INT_EQ(kf->type, KEY_ED25519);
	234	ASSERT_PTR_NE(kf->ed25519_pk, NULL);
	235	ASSERT_PTR_NE(kf->ed25519_sk, NULL);
	236	TEST_DONE();
	237
	238	TEST_START("demote KEY_RSA");
	239	ASSERT_INT_EQ(sshkey_demote(kr, &k1), 0);
	240	ASSERT_PTR_NE(k1, NULL);
	241	ASSERT_PTR_NE(kr, k1);
	242	ASSERT_INT_EQ(k1->type, KEY_RSA);
	243	ASSERT_PTR_NE(k1->rsa, NULL);
	244	ASSERT_PTR_NE(k1->rsa->n, NULL);
	245	ASSERT_PTR_NE(k1->rsa->e, NULL);
	246	ASSERT_PTR_EQ(k1->rsa->p, NULL);
	247	TEST_DONE();
	248
	249	TEST_START("equal KEY_RSA/demoted KEY_RSA");
	250	ASSERT_INT_EQ(sshkey_equal(kr, k1), 1);
	251	sshkey_free(k1);
	252	TEST_DONE();
	253
	254	TEST_START("demote KEY_DSA");
	255	ASSERT_INT_EQ(sshkey_demote(kd, &k1), 0);
	256	ASSERT_PTR_NE(k1, NULL);
	257	ASSERT_PTR_NE(kd, k1);
	258	ASSERT_INT_EQ(k1->type, KEY_DSA);
	259	ASSERT_PTR_NE(k1->dsa, NULL);
	260	ASSERT_PTR_NE(k1->dsa->g, NULL);
	261	ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
	262	TEST_DONE();
	263
	264	TEST_START("equal KEY_DSA/demoted KEY_DSA");
	265	ASSERT_INT_EQ(sshkey_equal(kd, k1), 1);
	266	sshkey_free(k1);
	267	TEST_DONE();
	268
	269	#ifdef OPENSSL_HAS_ECC
	270	TEST_START("demote KEY_ECDSA");
	271	ASSERT_INT_EQ(sshkey_demote(ke, &k1), 0);
	272	ASSERT_PTR_NE(k1, NULL);
	273	ASSERT_PTR_NE(ke, k1);
	274	ASSERT_INT_EQ(k1->type, KEY_ECDSA);
	275	ASSERT_PTR_NE(k1->ecdsa, NULL);
	276	ASSERT_INT_EQ(k1->ecdsa_nid, ke->ecdsa_nid);
	277	ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
	278	ASSERT_PTR_EQ(EC_KEY_get0_private_key(k1->ecdsa), NULL);
	279	TEST_DONE();
	280
	281	TEST_START("equal KEY_ECDSA/demoted KEY_ECDSA");
	282	ASSERT_INT_EQ(sshkey_equal(ke, k1), 1);
	283	sshkey_free(k1);
	284	TEST_DONE();
	285	#endif
	286
	287	TEST_START("demote KEY_ED25519");
	288	ASSERT_INT_EQ(sshkey_demote(kf, &k1), 0);
	289	ASSERT_PTR_NE(k1, NULL);
	290	ASSERT_PTR_NE(kf, k1);
	291	ASSERT_INT_EQ(k1->type, KEY_ED25519);
	292	ASSERT_PTR_NE(k1->ed25519_pk, NULL);
	293	ASSERT_PTR_EQ(k1->ed25519_sk, NULL);
	294	TEST_DONE();
	295
	296	TEST_START("equal KEY_ED25519/demoted KEY_ED25519");
	297	ASSERT_INT_EQ(sshkey_equal(kf, k1), 1);
	298	sshkey_free(k1);
	299	TEST_DONE();
	300
	301	TEST_START("equal mismatched key types");
	302	ASSERT_INT_EQ(sshkey_equal(kd, kr), 0);
	303	#ifdef OPENSSL_HAS_ECC
	304	ASSERT_INT_EQ(sshkey_equal(kd, ke), 0);
	305	ASSERT_INT_EQ(sshkey_equal(kr, ke), 0);
	306	ASSERT_INT_EQ(sshkey_equal(ke, kf), 0);
	307	#endif
	308	ASSERT_INT_EQ(sshkey_equal(kd, kf), 0);
	309	TEST_DONE();
	310
	311	TEST_START("equal different keys");
	312	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &k1), 0);
	313	ASSERT_INT_EQ(sshkey_equal(kr, k1), 0);
	314	sshkey_free(k1);
	315	ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k1), 0);
	316	ASSERT_INT_EQ(sshkey_equal(kd, k1), 0);
	317	sshkey_free(k1);
	318	#ifdef OPENSSL_HAS_ECC
	319	ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0);
	320	ASSERT_INT_EQ(sshkey_equal(ke, k1), 0);
	321	sshkey_free(k1);
	322	#endif
	323	ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0);
	324	ASSERT_INT_EQ(sshkey_equal(kf, k1), 0);
	325	sshkey_free(k1);
	326	TEST_DONE();
	327
	328	sshkey_free(kr);
	329	sshkey_free(kd);
	330	#ifdef OPENSSL_HAS_ECC
	331	sshkey_free(ke);
	332	#endif
	333	sshkey_free(kf);
	334
	335	/* XXX certify test */
	336	/* XXX sign test */
	337	/* XXX verify test */
	338
	339	TEST_START("nested certificate");
	340	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
	341	ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
	342	NULL), 0);
	343	b = load_file("rsa_2");
	344	ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", "rsa_1",
	345	&k3, NULL), 0);
	346	sshbuf_reset(b);
	347	build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1);
	348	ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4),
	349	SSH_ERR_KEY_CERT_INVALID_SIGN_KEY);
	350	ASSERT_PTR_EQ(k4, NULL);
	351	sshbuf_free(b);
	352	sshkey_free(k1);
	353	sshkey_free(k2);
	354	sshkey_free(k3);
	355	TEST_DONE();
	356
	357	}