diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2015-02-25 15:32:49 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2015-02-25 15:32:49 +1100 |
| commit | 5d5ec165c5b614b03678afdad881f10e25832e46 (patch) | |
| tree | 35805270fc194b91f98a04ed2efb481f8a245516 /regress | |
| parent | 1734e276d99b17e92d4233fac7aef3a3180aaca7 (diff) | |
Restrict ECDSA and ECDH tests.
ifdef out some more ECDSA and ECDH tests when built against an OpenSSL
that does not have eliptic curve functionality.
Diffstat (limited to 'regress')
| -rw-r--r-- | regress/unittests/hostkeys/test_iterate.c | 12 | ||||
| -rw-r--r-- | regress/unittests/kex/test_kex.c | 6 | ||||
| -rw-r--r-- | regress/unittests/sshkey/test_sshkey.c | 6 |
3 files changed, 24 insertions, 0 deletions
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 526e1c06e..68a70610e 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c | |||
| @@ -165,6 +165,7 @@ struct expected expected_full[] = { | |||
| 165 | NULL, /* filled at runtime */ | 165 | NULL, /* filled at runtime */ |
| 166 | "DSA #1", | 166 | "DSA #1", |
| 167 | } }, | 167 | } }, |
| 168 | #ifdef OPENSSL_HAS_ECC | ||
| 168 | { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { | 169 | { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { |
| 169 | NULL, | 170 | NULL, |
| 170 | 3, | 171 | 3, |
| @@ -178,6 +179,7 @@ struct expected expected_full[] = { | |||
| 178 | NULL, /* filled at runtime */ | 179 | NULL, /* filled at runtime */ |
| 179 | "ECDSA #1", | 180 | "ECDSA #1", |
| 180 | } }, | 181 | } }, |
| 182 | #endif | ||
| 181 | { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { | 183 | { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { |
| 182 | NULL, | 184 | NULL, |
| 183 | 4, | 185 | 4, |
| @@ -256,6 +258,7 @@ struct expected expected_full[] = { | |||
| 256 | NULL, /* filled at runtime */ | 258 | NULL, /* filled at runtime */ |
| 257 | "DSA #2", | 259 | "DSA #2", |
| 258 | } }, | 260 | } }, |
| 261 | #ifdef OPENSSL_HAS_ECC | ||
| 259 | { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 262 | { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
| 260 | NULL, | 263 | NULL, |
| 261 | 10, | 264 | 10, |
| @@ -269,6 +272,7 @@ struct expected expected_full[] = { | |||
| 269 | NULL, /* filled at runtime */ | 272 | NULL, /* filled at runtime */ |
| 270 | "ECDSA #2", | 273 | "ECDSA #2", |
| 271 | } }, | 274 | } }, |
| 275 | #endif | ||
| 272 | { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 276 | { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
| 273 | NULL, | 277 | NULL, |
| 274 | 11, | 278 | 11, |
| @@ -347,6 +351,7 @@ struct expected expected_full[] = { | |||
| 347 | NULL, /* filled at runtime */ | 351 | NULL, /* filled at runtime */ |
| 348 | "DSA #3", | 352 | "DSA #3", |
| 349 | } }, | 353 | } }, |
| 354 | #ifdef OPENSSL_HAS_ECC | ||
| 350 | { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 355 | { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
| 351 | NULL, | 356 | NULL, |
| 352 | 17, | 357 | 17, |
| @@ -360,6 +365,7 @@ struct expected expected_full[] = { | |||
| 360 | NULL, /* filled at runtime */ | 365 | NULL, /* filled at runtime */ |
| 361 | "ECDSA #3", | 366 | "ECDSA #3", |
| 362 | } }, | 367 | } }, |
| 368 | #endif | ||
| 363 | { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 369 | { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
| 364 | NULL, | 370 | NULL, |
| 365 | 18, | 371 | 18, |
| @@ -438,6 +444,7 @@ struct expected expected_full[] = { | |||
| 438 | NULL, /* filled at runtime */ | 444 | NULL, /* filled at runtime */ |
| 439 | "DSA #5", | 445 | "DSA #5", |
| 440 | } }, | 446 | } }, |
| 447 | #ifdef OPENSSL_HAS_ECC | ||
| 441 | { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { | 448 | { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { |
| 442 | NULL, | 449 | NULL, |
| 443 | 24, | 450 | 24, |
| @@ -451,6 +458,7 @@ struct expected expected_full[] = { | |||
| 451 | NULL, /* filled at runtime */ | 458 | NULL, /* filled at runtime */ |
| 452 | "ECDSA #5", | 459 | "ECDSA #5", |
| 453 | } }, | 460 | } }, |
| 461 | #endif | ||
| 454 | { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { | 462 | { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { |
| 455 | NULL, | 463 | NULL, |
| 456 | 25, | 464 | 25, |
| @@ -547,6 +555,7 @@ struct expected expected_full[] = { | |||
| 547 | NULL, /* filled at runtime */ | 555 | NULL, /* filled at runtime */ |
| 548 | "DSA #6", | 556 | "DSA #6", |
| 549 | } }, | 557 | } }, |
| 558 | #ifdef OPENSSL_HAS_ECC | ||
| 550 | { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { | 559 | { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { |
| 551 | NULL, | 560 | NULL, |
| 552 | 32, | 561 | 32, |
| @@ -586,6 +595,7 @@ struct expected expected_full[] = { | |||
| 586 | NULL, /* filled at runtime */ | 595 | NULL, /* filled at runtime */ |
| 587 | "ECDSA #6", | 596 | "ECDSA #6", |
| 588 | } }, | 597 | } }, |
| 598 | #endif | ||
| 589 | { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { | 599 | { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { |
| 590 | NULL, | 600 | NULL, |
| 591 | 35, | 601 | 35, |
| @@ -768,6 +778,7 @@ struct expected expected_full[] = { | |||
| 768 | NULL, /* filled at runtime */ | 778 | NULL, /* filled at runtime */ |
| 769 | "ED25519 #4", | 779 | "ED25519 #4", |
| 770 | } }, | 780 | } }, |
| 781 | #ifdef OPENSSL_HAS_ECC | ||
| 771 | { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { | 782 | { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { |
| 772 | NULL, | 783 | NULL, |
| 773 | 49, | 784 | 49, |
| @@ -781,6 +792,7 @@ struct expected expected_full[] = { | |||
| 781 | NULL, /* filled at runtime */ | 792 | NULL, /* filled at runtime */ |
| 782 | "ECDSA #4", | 793 | "ECDSA #4", |
| 783 | } }, | 794 | } }, |
| 795 | #endif | ||
| 784 | { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { | 796 | { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { |
| 785 | NULL, | 797 | NULL, |
| 786 | 50, | 798 | 50, |
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index d5edf7ed4..c61e2bdbb 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c | |||
| @@ -145,7 +145,9 @@ do_kex_with_key(char *kex, int keytype, int bits) | |||
| 145 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 145 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
| 146 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 146 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
| 147 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 147 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
| 148 | #ifdef OPENSSL_HAS_ECC | ||
| 148 | server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 149 | server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; |
| 150 | #endif | ||
| 149 | server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 151 | server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
| 150 | server2->kex->load_host_public_key = server->kex->load_host_public_key; | 152 | server2->kex->load_host_public_key = server->kex->load_host_public_key; |
| 151 | server2->kex->load_host_private_key = server->kex->load_host_private_key; | 153 | server2->kex->load_host_private_key = server->kex->load_host_private_key; |
| @@ -173,7 +175,9 @@ do_kex(char *kex) | |||
| 173 | { | 175 | { |
| 174 | do_kex_with_key(kex, KEY_RSA, 2048); | 176 | do_kex_with_key(kex, KEY_RSA, 2048); |
| 175 | do_kex_with_key(kex, KEY_DSA, 1024); | 177 | do_kex_with_key(kex, KEY_DSA, 1024); |
| 178 | #ifdef OPENSSL_HAS_ECC | ||
| 176 | do_kex_with_key(kex, KEY_ECDSA, 256); | 179 | do_kex_with_key(kex, KEY_ECDSA, 256); |
| 180 | #endif | ||
| 177 | do_kex_with_key(kex, KEY_ED25519, 256); | 181 | do_kex_with_key(kex, KEY_ED25519, 256); |
| 178 | } | 182 | } |
| 179 | 183 | ||
| @@ -181,9 +185,11 @@ void | |||
| 181 | kex_tests(void) | 185 | kex_tests(void) |
| 182 | { | 186 | { |
| 183 | do_kex("curve25519-sha256@libssh.org"); | 187 | do_kex("curve25519-sha256@libssh.org"); |
| 188 | #ifdef OPENSSL_HAS_ECC | ||
| 184 | do_kex("ecdh-sha2-nistp256"); | 189 | do_kex("ecdh-sha2-nistp256"); |
| 185 | do_kex("ecdh-sha2-nistp384"); | 190 | do_kex("ecdh-sha2-nistp384"); |
| 186 | do_kex("ecdh-sha2-nistp521"); | 191 | do_kex("ecdh-sha2-nistp521"); |
| 192 | #endif | ||
| 187 | do_kex("diffie-hellman-group-exchange-sha256"); | 193 | do_kex("diffie-hellman-group-exchange-sha256"); |
| 188 | do_kex("diffie-hellman-group-exchange-sha1"); | 194 | do_kex("diffie-hellman-group-exchange-sha1"); |
| 189 | do_kex("diffie-hellman-group14-sha1"); | 195 | do_kex("diffie-hellman-group14-sha1"); |
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 3e4e39b62..b233a254b 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c | |||
| @@ -217,12 +217,14 @@ sshkey_tests(void) | |||
| 217 | sshkey_free(k1); | 217 | sshkey_free(k1); |
| 218 | TEST_DONE(); | 218 | TEST_DONE(); |
| 219 | 219 | ||
| 220 | #ifdef OPENSSL_HAS_ECC | ||
| 220 | TEST_START("new/free KEY_ECDSA"); | 221 | TEST_START("new/free KEY_ECDSA"); |
| 221 | k1 = sshkey_new(KEY_ECDSA); | 222 | k1 = sshkey_new(KEY_ECDSA); |
| 222 | ASSERT_PTR_NE(k1, NULL); | 223 | ASSERT_PTR_NE(k1, NULL); |
| 223 | ASSERT_PTR_EQ(k1->ecdsa, NULL); /* Can't allocate without NID */ | 224 | ASSERT_PTR_EQ(k1->ecdsa, NULL); /* Can't allocate without NID */ |
| 224 | sshkey_free(k1); | 225 | sshkey_free(k1); |
| 225 | TEST_DONE(); | 226 | TEST_DONE(); |
| 227 | #endif | ||
| 226 | 228 | ||
| 227 | TEST_START("new/free KEY_ED25519"); | 229 | TEST_START("new/free KEY_ED25519"); |
| 228 | k1 = sshkey_new(KEY_ED25519); | 230 | k1 = sshkey_new(KEY_ED25519); |
| @@ -273,12 +275,14 @@ sshkey_tests(void) | |||
| 273 | sshkey_free(k1); | 275 | sshkey_free(k1); |
| 274 | TEST_DONE(); | 276 | TEST_DONE(); |
| 275 | 277 | ||
| 278 | #ifdef OPENSSL_HAS_ECC | ||
| 276 | TEST_START("generate KEY_ECDSA wrong bits"); | 279 | TEST_START("generate KEY_ECDSA wrong bits"); |
| 277 | ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1), | 280 | ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1), |
| 278 | SSH_ERR_INVALID_ARGUMENT); | 281 | SSH_ERR_INVALID_ARGUMENT); |
| 279 | ASSERT_PTR_EQ(k1, NULL); | 282 | ASSERT_PTR_EQ(k1, NULL); |
| 280 | sshkey_free(k1); | 283 | sshkey_free(k1); |
| 281 | TEST_DONE(); | 284 | TEST_DONE(); |
| 285 | #endif | ||
| 282 | 286 | ||
| 283 | TEST_START("generate KEY_RSA"); | 287 | TEST_START("generate KEY_RSA"); |
| 284 | ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0); | 288 | ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0); |
| @@ -474,6 +478,7 @@ sshkey_tests(void) | |||
| 474 | sshkey_free(k2); | 478 | sshkey_free(k2); |
| 475 | TEST_DONE(); | 479 | TEST_DONE(); |
| 476 | 480 | ||
| 481 | #ifdef OPENSSL_HAS_ECC | ||
| 477 | TEST_START("sign and verify ECDSA"); | 482 | TEST_START("sign and verify ECDSA"); |
| 478 | k1 = get_private("ecdsa_1"); | 483 | k1 = get_private("ecdsa_1"); |
| 479 | ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2, | 484 | ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2, |
| @@ -482,6 +487,7 @@ sshkey_tests(void) | |||
| 482 | sshkey_free(k1); | 487 | sshkey_free(k1); |
| 483 | sshkey_free(k2); | 488 | sshkey_free(k2); |
| 484 | TEST_DONE(); | 489 | TEST_DONE(); |
| 490 | #endif | ||
| 485 | 491 | ||
| 486 | TEST_START("sign and verify ED25519"); | 492 | TEST_START("sign and verify ED25519"); |
| 487 | k1 = get_private("ed25519_1"); | 493 | k1 = get_private("ed25519_1"); |