New upstream release (8.0p1)

12 files changed, 160 insertions, 206 deletions

diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc
index b509f4452..428ef6836 100644
--- a/regress/unittests/Makefile.inc
+++ b/regress/unittests/Makefile.inc
@@ -1,8 +1,25 @@
-#       $OpenBSD: Makefile.inc,v 1.12 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile.inc,v 1.13 2018/10/17 23:28:05 djm Exp $
+
+REGRESS_FAIL_EARLY?=    yes
 
 .include <bsd.own.mk>
 .include <bsd.obj.mk>
 
+# User-settable options
+UNITTEST_FAST?= no      # Skip slow tests (e.g. less intensive fuzzing).
+UNITTEST_SLOW?= no      # Include slower tests (e.g. more intensive fuzzing).
+UNITTEST_VERBOSE?= no   # Verbose test output (inc. per-test names).
+
+MALLOC_OPTIONS?=        CFGJRSUX
+TEST_ENV?=              MALLOC_OPTIONS=${MALLOC_OPTIONS}
+
+# XXX detect from ssh binary?
+OPENSSL?=       yes
+
+.if (${OPENSSL:L} == "yes")
+CFLAGS+=        -DWITH_OPENSSL
+.endif
+
 # enable warnings
 WARNINGS=Yes
 
@@ -49,5 +66,21 @@ DPADD+=${.CURDIR}/../test_helper/libtest_helper.a
 
 .PATH: ${.CURDIR}/${SSHREL}
 
+LDADD+= -lutil
+DPADD+= ${LIBUTIL}
+
+.if (${OPENSSL:L} == "yes")
 LDADD+= -lcrypto
 DPADD+= ${LIBCRYPTO}
+.endif
+
+UNITTEST_ARGS?=
+
+.if (${UNITTEST_VERBOSE:L} != "no")
+UNITTEST_ARGS+= -v
+.endif
+.if (${UNITTEST_FAST:L} != "no")
+UNITTEST_ARGS+= -f
+.elif (${UNITTEST_SLOW:L} != "no")
+UNITTEST_ARGS+= -F
+.endif
diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile
index 5c61307a3..7b4c644e5 100644
--- a/regress/unittests/kex/Makefile
+++ b/regress/unittests/kex/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile,v 1.6 2019/01/21 12:35:20 djm Exp $
 
 PROG=test_kex
 SRCS=tests.c test_kex.c
@@ -9,12 +9,21 @@ SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c
 SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c
 SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c
 SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c
-SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c
-SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c
-SRCS+=dh.c compat.c
-SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c
+SRCS+=compat.c ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c
 SRCS+=cipher-chachapoly.c chacha.c poly1305.c
-SRCS+=smult_curve25519_ref.c
+
+SRCS+=  kex.c
+SRCS+=  dh.c
+SRCS+=  kexdh.c
+SRCS+=  kexecdh.c
+SRCS+=  kexgex.c
+SRCS+=  kexgexc.c
+SRCS+=  kexgexs.c
+SRCS+=  kexc25519.c
+SRCS+=  smult_curve25519_ref.c
+SRCS+=  kexgen.c
+SRCS+=  kexsntrup4591761x25519.c
+SRCS+=  sntrup4591761.c
 
 SRCS+=digest-openssl.c
 #SRCS+=digest-libc.c
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c
index 6e5999bb9..a860efc02 100644
--- a/regress/unittests/kex/test_kex.c
+++ b/regress/unittests/kex/test_kex.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_kex.c,v 1.2 2015/07/10 06:23:25 markus Exp $ */
+/*      $OpenBSD: test_kex.c,v 1.4 2019/01/21 12:35:20 djm Exp $ */
 /*
  * Regress test KEX
  *
@@ -24,8 +24,6 @@
 #include "packet.h"
 #include "myproposal.h"
 
-struct ssh *active_state = NULL; /* XXX - needed for linking */
-
 void kex_tests(void);
 static int do_debug = 0;
 
@@ -139,20 +137,19 @@ do_kex_with_key(char *kex, int keytype, int bits)
         ASSERT_INT_EQ(ssh_init(&server2, 1, NULL), 0);
         ASSERT_PTR_NE(server2, NULL);
         ASSERT_INT_EQ(ssh_add_hostkey(server2, private), 0);
-        kex_free(server2->kex); /* XXX or should ssh_packet_set_state()? */
         ASSERT_INT_EQ(ssh_packet_set_state(server2, state), 0);
         ASSERT_INT_EQ(sshbuf_len(state), 0);
         sshbuf_free(state);
         ASSERT_PTR_NE(server2->kex, NULL);
         /* XXX we need to set the callbacks */
-        server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-        server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
+        server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
+        server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
         server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 #ifdef OPENSSL_HAS_ECC
-        server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+        server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 #endif
-        server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+        server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
         server2->kex->load_host_public_key = server->kex->load_host_public_key;
         server2->kex->load_host_private_key = server->kex->load_host_private_key;
         server2->kex->sign = server->kex->sign;
diff --git a/regress/unittests/sshbuf/Makefile b/regress/unittests/sshbuf/Makefile
index 81d4f27a6..0e8e9fd10 100644
--- a/regress/unittests/sshbuf/Makefile
+++ b/regress/unittests/sshbuf/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.6 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile,v 1.7 2018/10/17 23:28:05 djm Exp $
 
 .include <bsd.regress.mk>
 
@@ -17,6 +17,5 @@ SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c
 SRCS+=atomicio.c
 
 run-regress-${PROG}: ${PROG}
-        env ${TEST_ENV} ./${PROG}
- 
+        env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS}
 
diff --git a/regress/unittests/sshbuf/test_sshbuf_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_fuzz.c
index c52376b53..e236c82f9 100644
--- a/regress/unittests/sshbuf/test_sshbuf_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_fuzz.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_fuzz.c,v 1.2 2018/10/17 23:28:05 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -30,10 +30,15 @@ sshbuf_fuzz_tests(void)
 {
         struct sshbuf *p1;
         u_char *dp;
-        size_t sz, sz2, i;
+        size_t sz, sz2, i, ntests = NUM_FUZZ_TESTS;
         u_int32_t r;
         int ret;
 
+        if (test_is_fast())
+                ntests >>= 2;
+        if (test_is_slow())
+                ntests <<= 2;
+
         /* NB. uses sshbuf internals */
         TEST_START("fuzz alloc/dealloc");
         p1 = sshbuf_new();
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
index a68e1329e..5d39e63e1 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_getput_crypto.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_getput_crypto.c,v 1.2 2019/01/21 12:29:35 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -33,7 +33,6 @@ sshbuf_getput_crypto_tests(void)
 {
         struct sshbuf *p1;
         BIGNUM *bn, *bn2;
-        /* This one has num_bits != num_bytes * 8 to test bignum1 encoding */
         const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10";
         /* This one has MSB set to test bignum2 encoding negative-avoidance */
         const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11";
@@ -77,54 +76,6 @@ sshbuf_getput_crypto_tests(void)
                 ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \
         } while (0)
 
-        TEST_START("sshbuf_put_bignum1");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 2);
-        ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
-        ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn1, sizeof(expbn1));
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_put_bignum1 limited");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
-        r = sshbuf_put_bignum1(p1, bn);
-        ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_put_bignum1 bn2");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 2);
-        ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
-        ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn2, sizeof(expbn2));
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_put_bignum1 bn2 limited");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
-        r = sshbuf_put_bignum1(p1, bn);
-        ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
         TEST_START("sshbuf_put_bignum2");
         MKBN(hexbn1, bn);
         p1 = sshbuf_new();
@@ -174,88 +125,6 @@ sshbuf_getput_crypto_tests(void)
         sshbuf_free(p1);
         TEST_DONE();
 
-        TEST_START("sshbuf_get_bignum1");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1));
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
-        ASSERT_BIGNUM_EQ(bn, bn2);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 truncated");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 giant");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xffff), 0);
-        ASSERT_INT_EQ(sshbuf_reserve(p1, (0xffff + 7) / 8, NULL), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 bn2");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2));
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
-        ASSERT_BIGNUM_EQ(bn, bn2);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 bn2 truncated");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
         TEST_START("sshbuf_get_bignum2");
         MKBN(hexbn1, bn);
         p1 = sshbuf_new();
@@ -264,8 +133,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1));
         ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);
+        bn2 = NULL;
+        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
         ASSERT_BIGNUM_EQ(bn, bn2);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
         BN_free(bn);
@@ -279,8 +148,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_PTR_NE(p1, NULL);
         ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
         ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3);
         BN_free(bn);
@@ -294,8 +163,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_PTR_NE(p1, NULL);
         ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0);
         ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4);
         BN_free(bn);
@@ -312,8 +181,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2));
         ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);
+        bn2 = NULL;
+        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
         ASSERT_BIGNUM_EQ(bn, bn2);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
         BN_free(bn);
@@ -328,8 +197,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0);
         ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0);
         ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1);
         BN_free(bn);
@@ -343,8 +212,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_PTR_NE(p1, NULL);
         ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
         ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4);
         BN_free(bn);
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
index c6b5c29d1..ca06bfb00 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.2 2014/05/02 02:54:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.4 2019/01/21 12:29:35 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -54,11 +54,8 @@ attempt_parse_blob(u_char *blob, size_t len)
                 bzero(s, l);
                 free(s);
         }
-        bn = BN_new();
-        sshbuf_get_bignum1(p1, bn);
-        BN_clear_free(bn);
-        bn = BN_new();
-        sshbuf_get_bignum2(p1, bn);
+        bn = NULL;
+        sshbuf_get_bignum2(p1, &bn);
         BN_clear_free(bn);
 #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
         eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
@@ -92,10 +89,6 @@ sshbuf_getput_fuzz_tests(void)
                 /* string */
                 0x00, 0x00, 0x00, 0x09,
                 'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!',
-                /* bignum1 */
-                0x79,
-                0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
-                0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
                 /* bignum2 */
                 0x00, 0x00, 0x00, 0x14,
                 0x00,
@@ -115,11 +108,15 @@ sshbuf_getput_fuzz_tests(void)
                 0x55, 0x0f, 0x69, 0xd8, 0x0e, 0xc2, 0x3c, 0xd4,
         };
         struct fuzz *fuzz;
+        u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_2_BIT_FLIP |
+            FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
+            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
+
+        if (test_is_fast())
+                fuzzers &= ~(FUZZ_2_BYTE_FLIP|FUZZ_2_BIT_FLIP);
 
         TEST_START("fuzz blob parsing");
-        fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_2_BIT_FLIP |
-            FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
-            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, blob, sizeof(blob));
+        fuzz = fuzz_begin(fuzzers, blob, sizeof(blob));
         TEST_ONERROR(onerror, fuzz);
         for(; !fuzz_done(fuzz); fuzz_next(fuzz))
                 attempt_parse_blob(blob, sizeof(blob));
diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile
index 1c940bec6..aa731df1c 100644
--- a/regress/unittests/sshkey/Makefile
+++ b/regress/unittests/sshkey/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile,v 1.6 2018/10/17 23:28:05 djm Exp $
 
 PROG=test_sshkey
 SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c
@@ -18,7 +18,7 @@ SRCS+=digest-openssl.c
 REGRESS_TARGETS=run-regress-${PROG}
 
 run-regress-${PROG}: ${PROG}
-        env ${TEST_ENV} ./${PROG} -d ${.CURDIR}/testdata
+        env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} -d ${.CURDIR}/testdata
 
 .include <bsd.regress.mk>
 
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index d3b0c92b4..5953de595 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_fuzz.c,v 1.8 2017/12/21 00:41:22 djm Exp $ */
+/*      $OpenBSD: test_fuzz.c,v 1.9 2018/10/17 23:28:05 djm Exp $ */
 /*
  * Fuzz tests for key parsing
  *
@@ -51,14 +51,16 @@ public_fuzz(struct sshkey *k)
         struct sshkey *k1;
         struct sshbuf *buf;
         struct fuzz *fuzz;
+        u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
+            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
 
+        if (test_is_fast())
+                fuzzers &= ~FUZZ_1_BIT_FLIP;
+        if (test_is_slow())
+                fuzzers |= FUZZ_2_BIT_FLIP | FUZZ_2_BYTE_FLIP;
         ASSERT_PTR_NE(buf = sshbuf_new(), NULL);
         ASSERT_INT_EQ(sshkey_putb(k, buf), 0);
-        /* XXX need a way to run the tests in "slow, but complete" mode */
-        fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* XXX too slow FUZZ_2_BIT_FLIP | */
-            FUZZ_1_BYTE_FLIP | /* XXX too slow FUZZ_2_BYTE_FLIP | */
-            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
-            sshbuf_mutable_ptr(buf), sshbuf_len(buf));
+        fuzz = fuzz_begin(fuzzers, sshbuf_mutable_ptr(buf), sshbuf_len(buf));
         ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(buf), sshbuf_len(buf),
             &k1), 0);
         sshkey_free(k1);
@@ -77,12 +79,17 @@ sig_fuzz(struct sshkey *k, const char *sig_alg)
         struct fuzz *fuzz;
         u_char *sig, c[] = "some junk to be signed";
         size_t l;
+        u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
+            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
+
+        if (test_is_fast())
+                fuzzers &= ~FUZZ_2_BYTE_FLIP;
+        if (test_is_slow())
+                fuzzers |= FUZZ_2_BIT_FLIP;
 
         ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0);
         ASSERT_SIZE_T_GT(l, 0);
-        fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */
-            FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
-            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, sig, l);
+        fuzz = fuzz_begin(fuzzers, sig, l);
         ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0), 0);
         free(sig);
         TEST_ONERROR(onerror, fuzz);
@@ -96,13 +103,15 @@ sig_fuzz(struct sshkey *k, const char *sig_alg)
         fuzz_cleanup(fuzz);
 }
 
+#define NUM_FAST_BASE64_TESTS   1024
+
 void
 sshkey_fuzz_tests(void)
 {
         struct sshkey *k1;
         struct sshbuf *buf, *fuzzed;
         struct fuzz *fuzz;
-        int r;
+        int r, i;
 
 
         TEST_START("fuzz RSA private");
@@ -114,12 +123,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -134,12 +145,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -154,12 +167,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -174,12 +189,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -195,12 +212,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -215,12 +234,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -236,12 +257,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
diff --git a/regress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c
index 13f265cdb..78aa9223d 100644
--- a/regress/unittests/sshkey/tests.c
+++ b/regress/unittests/sshkey/tests.c
@@ -7,8 +7,6 @@
 
 #include "includes.h"
 
-#include <openssl/evp.h>
-
 #include "../test_helper/test_helper.h"
 
 void sshkey_tests(void);
@@ -18,9 +16,6 @@ void sshkey_fuzz_tests(void);
 void
 tests(void)
 {
-        OpenSSL_add_all_algorithms();
-        ERR_load_CRYPTO_strings();
-
         sshkey_tests();
         sshkey_file_tests();
         sshkey_fuzz_tests();
diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c
index 4cc70852c..e7a47b265 100644
--- a/regress/unittests/test_helper/test_helper.c
+++ b/regress/unittests/test_helper/test_helper.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_helper.c,v 1.8 2018/02/08 08:46:20 djm Exp $     */
+/*      $OpenBSD: test_helper.c,v 1.11 2018/11/23 02:53:57 dtucker Exp $        */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -35,11 +35,13 @@
 #include <signal.h>
 
 #include <openssl/bn.h>
+#include <openssl/err.h>
 
 #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
 # include <vis.h>
 #endif
 
+#include "entropy.h"
 #include "test_helper.h"
 #include "atomicio.h"
 
@@ -115,12 +117,17 @@ static test_onerror_func_t *test_onerror = NULL;
 static void *onerror_ctx = NULL;
 static const char *data_dir = NULL;
 static char subtest_info[512];
+static int fast = 0;
+static int slow = 0;
 
 int
 main(int argc, char **argv)
 {
         int ch;
 
+        seed_rng();
+        ERR_load_CRYPTO_strings();
+
         /* Handle systems without __progname */
         if (__progname == NULL) {
                 __progname = strrchr(argv[0], '/');
@@ -134,8 +141,14 @@ main(int argc, char **argv)
                 }
         }
 
-        while ((ch = getopt(argc, argv, "vqd:")) != -1) {
+        while ((ch = getopt(argc, argv, "Ffvqd:")) != -1) {
                 switch (ch) {
+                case 'F':
+                        slow = 1;
+                        break;
+                case 'f':
+                        fast = 1;
+                        break;
                 case 'd':
                         data_dir = optarg;
                         break;
@@ -167,17 +180,29 @@ main(int argc, char **argv)
 }
 
 int
-test_is_verbose()
+test_is_verbose(void)
 {
         return verbose_mode;
 }
 
 int
-test_is_quiet()
+test_is_quiet(void)
 {
         return quiet_mode;
 }
 
+int
+test_is_fast(void)
+{
+        return fast;
+}
+
+int
+test_is_slow(void)
+{
+        return slow;
+}
+
 const char *
 test_data_file(const char *name)
 {
diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h
index 6da0066e9..1f893c8dd 100644
--- a/regress/unittests/test_helper/test_helper.h
+++ b/regress/unittests/test_helper/test_helper.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_helper.h,v 1.8 2018/02/08 08:46:20 djm Exp $     */
+/*      $OpenBSD: test_helper.h,v 1.9 2018/10/17 23:28:05 djm Exp $     */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -45,6 +45,8 @@ void set_onerror_func(test_onerror_func_t *f, void *ctx);
 void test_done(void);
 int test_is_verbose(void);
 int test_is_quiet(void);
+int test_is_fast(void);
+int test_is_slow(void);
 void test_subtest_info(const char *fmt, ...)
     __attribute__((format(printf, 1, 2)));
 void ssl_err_check(const char *file, int line);