diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-06-19 04:32:09 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2020-06-19 16:06:06 +1000 |
commit | 5edfa1690e9a75048971fd8775f7c16d153779db (patch) | |
tree | f1471e549722b6154ac47e515f15513b9c05e68e /regress/unittests/sshsig/tests.c | |
parent | e95c0a0e964827722d29b4bc00d5c0ff4afe0ed2 (diff) |
upstream: basic unit test for sshsig.[ch], including FIDO keys
verification only so far
OpenBSD-Regress-ID: fb1f946c8fc59206bc6a6666e577b5d5d7e45896
Diffstat (limited to 'regress/unittests/sshsig/tests.c')
-rw-r--r-- | regress/unittests/sshsig/tests.c | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c new file mode 100644 index 000000000..ce59b96a2 --- /dev/null +++ b/regress/unittests/sshsig/tests.c | |||
@@ -0,0 +1,120 @@ | |||
1 | /* $OpenBSD: tests.c,v 1.1 2020/06/19 04:32:09 djm Exp $ */ | ||
2 | /* | ||
3 | * Regress test for sshbuf.h buffer API | ||
4 | * | ||
5 | * Placed in the public domain | ||
6 | */ | ||
7 | |||
8 | #include <sys/types.h> | ||
9 | #include <sys/param.h> | ||
10 | #include <sys/stat.h> | ||
11 | #include <fcntl.h> | ||
12 | #include <stdio.h> | ||
13 | #include <stdint.h> | ||
14 | #include <stdlib.h> | ||
15 | #include <string.h> | ||
16 | #include <unistd.h> | ||
17 | |||
18 | #include <openssl/evp.h> | ||
19 | #include <openssl/crypto.h> | ||
20 | |||
21 | #include "ssherr.h" | ||
22 | #include "authfile.h" | ||
23 | #include "sshkey.h" | ||
24 | #include "sshbuf.h" | ||
25 | #include "sshsig.h" | ||
26 | #include "log.h" | ||
27 | |||
28 | #include "test_helper.h" | ||
29 | |||
30 | static struct sshbuf * | ||
31 | load_file(const char *name) | ||
32 | { | ||
33 | struct sshbuf *ret = NULL; | ||
34 | |||
35 | ASSERT_INT_EQ(sshbuf_load_file(test_data_file(name), &ret), 0); | ||
36 | ASSERT_PTR_NE(ret, NULL); | ||
37 | return ret; | ||
38 | } | ||
39 | |||
40 | static struct sshkey * | ||
41 | load_key(const char *name) | ||
42 | { | ||
43 | struct sshkey *ret = NULL; | ||
44 | ASSERT_INT_EQ(sshkey_load_public(test_data_file(name), &ret, NULL), 0); | ||
45 | ASSERT_PTR_NE(ret, NULL); | ||
46 | return ret; | ||
47 | } | ||
48 | |||
49 | static void | ||
50 | check_sig(const char *keyname, const char *signame, const struct sshbuf *msg, | ||
51 | const char *namespace) | ||
52 | { | ||
53 | struct sshkey *k, *sign_key; | ||
54 | struct sshbuf *sig, *rawsig; | ||
55 | struct sshkey_sig_details *sig_details; | ||
56 | |||
57 | k = load_key(keyname); | ||
58 | sig = load_file(signame); | ||
59 | sign_key = NULL; | ||
60 | sig_details = NULL; | ||
61 | rawsig = NULL; | ||
62 | ASSERT_INT_EQ(sshsig_dearmor(sig, &rawsig), 0); | ||
63 | ASSERT_INT_EQ(sshsig_verifyb(rawsig, msg, namespace, | ||
64 | &sign_key, &sig_details), 0); | ||
65 | ASSERT_INT_EQ(sshkey_equal(k, sign_key), 1); | ||
66 | sshkey_free(k); | ||
67 | sshkey_free(sign_key); | ||
68 | sshkey_sig_details_free(sig_details); | ||
69 | sshbuf_free(sig); | ||
70 | sshbuf_free(rawsig); | ||
71 | } | ||
72 | |||
73 | void | ||
74 | tests(void) | ||
75 | { | ||
76 | struct sshbuf *msg; | ||
77 | char *namespace; | ||
78 | |||
79 | #if 0 | ||
80 | log_init("test_sshsig", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1); | ||
81 | #endif | ||
82 | |||
83 | OpenSSL_add_all_algorithms(); | ||
84 | ERR_load_CRYPTO_strings(); | ||
85 | |||
86 | TEST_START("load data"); | ||
87 | msg = load_file("namespace"); | ||
88 | namespace = sshbuf_dup_string(msg); | ||
89 | ASSERT_PTR_NE(namespace, NULL); | ||
90 | sshbuf_free(msg); | ||
91 | msg = load_file("signed-data"); | ||
92 | TEST_DONE(); | ||
93 | |||
94 | TEST_START("check RSA signature"); | ||
95 | check_sig("rsa", "rsa.sig", msg, namespace); | ||
96 | TEST_DONE(); | ||
97 | |||
98 | TEST_START("check DSA signature"); | ||
99 | check_sig("dsa", "dsa.sig", msg, namespace); | ||
100 | TEST_DONE(); | ||
101 | |||
102 | TEST_START("check ECDSA signature"); | ||
103 | check_sig("ecdsa", "ecdsa.sig", msg, namespace); | ||
104 | TEST_DONE(); | ||
105 | |||
106 | TEST_START("check ED25519 signature"); | ||
107 | check_sig("ed25519", "ed25519.sig", msg, namespace); | ||
108 | TEST_DONE(); | ||
109 | |||
110 | TEST_START("check ECDSA-SK signature"); | ||
111 | check_sig("ecdsa_sk", "ecdsa_sk.sig", msg, namespace); | ||
112 | TEST_DONE(); | ||
113 | |||
114 | TEST_START("check ED25519-SK signature"); | ||
115 | check_sig("ed25519_sk", "ed25519_sk.sig", msg, namespace); | ||
116 | TEST_DONE(); | ||
117 | |||
118 | sshbuf_free(msg); | ||
119 | free(namespace); | ||
120 | } | ||