diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2020-06-19 04:32:09 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2020-06-19 16:06:06 +1000 |
| commit | 5edfa1690e9a75048971fd8775f7c16d153779db (patch) | |
| tree | f1471e549722b6154ac47e515f15513b9c05e68e /regress | |
| parent | e95c0a0e964827722d29b4bc00d5c0ff4afe0ed2 (diff) | |
upstream: basic unit test for sshsig.[ch], including FIDO keys
verification only so far
OpenBSD-Regress-ID: fb1f946c8fc59206bc6a6666e577b5d5d7e45896
Diffstat (limited to 'regress')
23 files changed, 339 insertions, 0 deletions
diff --git a/regress/unittests/sshsig/Makefile b/regress/unittests/sshsig/Makefile new file mode 100644 index 000000000..4b607df45 --- /dev/null +++ b/regress/unittests/sshsig/Makefile | |||
| @@ -0,0 +1,25 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.1 2020/06/19 04:32:09 djm Exp $ | ||
| 2 | |||
| 3 | PROG=test_sshsig | ||
| 4 | SRCS=tests.c | ||
| 5 | |||
| 6 | # From usr.bin/ssh | ||
| 7 | SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c | ||
| 8 | SRCS+=sshbuf-io.c atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c | ||
| 9 | SRCS+=ssh-dss.c ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c | ||
| 10 | SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c | ||
| 11 | SRCS+=addrmatch.c bitmap.c sshsig.c | ||
| 12 | SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c | ||
| 13 | SRCS+=cipher-chachapoly.c chacha.c poly1305.c ssh-ecdsa-sk.c ssh-sk.c | ||
| 14 | SRCS+=ssh-ed25519-sk.c sk-usbhid.c | ||
| 15 | |||
| 16 | SRCS+=digest-openssl.c | ||
| 17 | #SRCS+=digest-libc.c | ||
| 18 | SRCS+=utf8.c | ||
| 19 | |||
| 20 | REGRESS_TARGETS=run-regress-${PROG} | ||
| 21 | |||
| 22 | run-regress-${PROG}: ${PROG} | ||
| 23 | env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} -d ${.CURDIR}/testdata | ||
| 24 | |||
| 25 | .include <bsd.regress.mk> | ||
diff --git a/regress/unittests/sshsig/mktestdata.sh b/regress/unittests/sshsig/mktestdata.sh new file mode 100755 index 000000000..d2300f9c6 --- /dev/null +++ b/regress/unittests/sshsig/mktestdata.sh | |||
| @@ -0,0 +1,42 @@ | |||
| 1 | #!/bin/sh | ||
| 2 | # $OpenBSD: mktestdata.sh,v 1.1 2020/06/19 04:32:09 djm Exp $ | ||
| 3 | |||
| 4 | NAMESPACE=unittest | ||
| 5 | |||
| 6 | set -ex | ||
| 7 | |||
| 8 | cd testdata | ||
| 9 | |||
| 10 | if [ -f ../../../misc/sk-dummy/sk-dummy.so ] ; then | ||
| 11 | SK_DUMMY=../../../misc/sk-dummy/sk-dummy.so | ||
| 12 | elif [ -f ../../../misc/sk-dummy/obj/sk-dummy.so ] ; then | ||
| 13 | SK_DUMMY=../../../misc/sk-dummy/obj/sk-dummy.so | ||
| 14 | else | ||
| 15 | echo "Can't find sk-dummy.so" 1>&2 | ||
| 16 | exit 1 | ||
| 17 | fi | ||
| 18 | |||
| 19 | rm -f signed-data namespace | ||
| 20 | rm -f rsa dsa ecdsa ed25519 ecdsa_sk ed25519_sk | ||
| 21 | rm -f rsa.sig dsa.sig ecdsa.sig ed25519.sig ecdsa_sk.sig ed25519_sk.sig | ||
| 22 | |||
| 23 | printf "This is a test, this is only a test" > signed-data | ||
| 24 | printf "$NAMESPACE" > namespace | ||
| 25 | |||
| 26 | ssh-keygen -t rsa -C "RSA test" -N "" -f rsa -m PEM | ||
| 27 | ssh-keygen -t dsa -C "DSA test" -N "" -f dsa -m PEM | ||
| 28 | ssh-keygen -t ecdsa -C "ECDSA test" -N "" -f ecdsa -m PEM | ||
| 29 | ssh-keygen -t ed25519 -C "ED25519 test key" -N "" -f ed25519 | ||
| 30 | ssh-keygen -w "$SK_DUMMY" -t ecdsa-sk -C "ECDSA-SK test key" \ | ||
| 31 | -N "" -f ecdsa_sk | ||
| 32 | ssh-keygen -w "$SK_DUMMY" -t ed25519-sk -C "ED25519-SK test key" \ | ||
| 33 | -N "" -f ed25519_sk | ||
| 34 | |||
| 35 | ssh-keygen -Y sign -f rsa -n $NAMESPACE - < signed-data > rsa.sig | ||
| 36 | ssh-keygen -Y sign -f dsa -n $NAMESPACE - < signed-data > dsa.sig | ||
| 37 | ssh-keygen -Y sign -f ecdsa -n $NAMESPACE - < signed-data > ecdsa.sig | ||
| 38 | ssh-keygen -Y sign -f ed25519 -n $NAMESPACE - < signed-data > ed25519.sig | ||
| 39 | ssh-keygen -w "$SK_DUMMY" \ | ||
| 40 | -Y sign -f ecdsa_sk -n $NAMESPACE - < signed-data > ecdsa_sk.sig | ||
| 41 | ssh-keygen -w "$SK_DUMMY" \ | ||
| 42 | -Y sign -f ed25519_sk -n $NAMESPACE - < signed-data > ed25519_sk.sig | ||
diff --git a/regress/unittests/sshsig/testdata/dsa b/regress/unittests/sshsig/testdata/dsa new file mode 100644 index 000000000..7c0063efc --- /dev/null +++ b/regress/unittests/sshsig/testdata/dsa | |||
| @@ -0,0 +1,12 @@ | |||
| 1 | -----BEGIN DSA PRIVATE KEY----- | ||
| 2 | MIIBuwIBAAKBgQCXpndQdz2mQVnk+lYOF3nxDT+h6SiJmUvBFhnFWBv8tG4pTOkb | ||
| 3 | EwGufLEzGpzjTj+3bjVau7LFt37AFrqs4Num272BWNsYNIjOlGPgq7Xjv32FN00x | ||
| 4 | JYh1DoRs1cGGnvohlsWEamGGhTHD1a9ipctPEBV+NrxtZMrl+pO/ZZg8vQIVAKJB | ||
| 5 | P3iNYSpSuW74+q4WxLCuK8O3AoGAQldE+BIuxlvoG1IFiWesx0CU+H2KO0SEZc9A | ||
| 6 | SX/qjOabh0Fb78ofTlEf9gWHFfat8SvSJQIOPMVlb76Lio8AAMT8Eaa/qQKKYmQL | ||
| 7 | dNq4MLhhjxx5KLGt6J2JyFPExCv+qnHYHD59ngtLwKyqGjpSC8LPLktdXn8W/Aad | ||
| 8 | Ly1K7+MCgYBsMHBczhSeUh8w7i20CVg4OlNTmfJRVU2tO6OpMxZ/quitRm3hLKSN | ||
| 9 | u4xRkvHJwi4LhQtv1SXvLI5gs5P3gCG8tsIAiyCqLinHha63iBdJpqhnV/x/j7dB | ||
| 10 | yJr3xJbnmLdWLkkCtNk1Ir1/CuEz+ufAyLGdKWksEAu1UUlb501BkwIVAILIa3Rg | ||
| 11 | 0h7J9lQpHJphvF3K0M1T | ||
| 12 | -----END DSA PRIVATE KEY----- | ||
diff --git a/regress/unittests/sshsig/testdata/dsa.pub b/regress/unittests/sshsig/testdata/dsa.pub new file mode 100644 index 000000000..e77aa7ef4 --- /dev/null +++ b/regress/unittests/sshsig/testdata/dsa.pub | |||
| @@ -0,0 +1 @@ | |||
| ssh-dss AAAAB3NzaC1kc3MAAACBAJemd1B3PaZBWeT6Vg4XefENP6HpKImZS8EWGcVYG/y0bilM6RsTAa58sTManONOP7duNVq7ssW3fsAWuqzg26bbvYFY2xg0iM6UY+CrteO/fYU3TTEliHUOhGzVwYae+iGWxYRqYYaFMcPVr2Kly08QFX42vG1kyuX6k79lmDy9AAAAFQCiQT94jWEqUrlu+PquFsSwrivDtwAAAIBCV0T4Ei7GW+gbUgWJZ6zHQJT4fYo7RIRlz0BJf+qM5puHQVvvyh9OUR/2BYcV9q3xK9IlAg48xWVvvouKjwAAxPwRpr+pAopiZAt02rgwuGGPHHkosa3onYnIU8TEK/6qcdgcPn2eC0vArKoaOlILws8uS11efxb8Bp0vLUrv4wAAAIBsMHBczhSeUh8w7i20CVg4OlNTmfJRVU2tO6OpMxZ/quitRm3hLKSNu4xRkvHJwi4LhQtv1SXvLI5gs5P3gCG8tsIAiyCqLinHha63iBdJpqhnV/x/j7dByJr3xJbnmLdWLkkCtNk1Ir1/CuEz+ufAyLGdKWksEAu1UUlb501Bkw== DSA test | |||
diff --git a/regress/unittests/sshsig/testdata/dsa.sig b/regress/unittests/sshsig/testdata/dsa.sig new file mode 100644 index 000000000..0b14ad6b8 --- /dev/null +++ b/regress/unittests/sshsig/testdata/dsa.sig | |||
| @@ -0,0 +1,13 @@ | |||
| 1 | -----BEGIN SSH SIGNATURE----- | ||
| 2 | U1NIU0lHAAAAAQAAAbEAAAAHc3NoLWRzcwAAAIEAl6Z3UHc9pkFZ5PpWDhd58Q0/oekoiZ | ||
| 3 | lLwRYZxVgb/LRuKUzpGxMBrnyxMxqc404/t241Wruyxbd+wBa6rODbptu9gVjbGDSIzpRj | ||
| 4 | 4Ku14799hTdNMSWIdQ6EbNXBhp76IZbFhGphhoUxw9WvYqXLTxAVfja8bWTK5fqTv2WYPL | ||
| 5 | 0AAAAVAKJBP3iNYSpSuW74+q4WxLCuK8O3AAAAgEJXRPgSLsZb6BtSBYlnrMdAlPh9ijtE | ||
| 6 | hGXPQEl/6ozmm4dBW+/KH05RH/YFhxX2rfEr0iUCDjzFZW++i4qPAADE/BGmv6kCimJkC3 | ||
| 7 | TauDC4YY8ceSixreidichTxMQr/qpx2Bw+fZ4LS8Csqho6UgvCzy5LXV5/FvwGnS8tSu/j | ||
| 8 | AAAAgGwwcFzOFJ5SHzDuLbQJWDg6U1OZ8lFVTa07o6kzFn+q6K1GbeEspI27jFGS8cnCLg | ||
| 9 | uFC2/VJe8sjmCzk/eAIby2wgCLIKouKceFrreIF0mmqGdX/H+Pt0HImvfElueYt1YuSQK0 | ||
| 10 | 2TUivX8K4TP658DIsZ0paSwQC7VRSVvnTUGTAAAACHVuaXR0ZXN0AAAAAAAAAAZzaGE1MT | ||
| 11 | IAAAA3AAAAB3NzaC1kc3MAAAAodi5lr0pqBpO76OY4N1CtfR85BCgZ95qfVjP/e9lToj0q | ||
| 12 | lwjSJJXUjw== | ||
| 13 | -----END SSH SIGNATURE----- | ||
diff --git a/regress/unittests/sshsig/testdata/ecdsa b/regress/unittests/sshsig/testdata/ecdsa new file mode 100644 index 000000000..55fb440e0 --- /dev/null +++ b/regress/unittests/sshsig/testdata/ecdsa | |||
| @@ -0,0 +1,5 @@ | |||
| 1 | -----BEGIN EC PRIVATE KEY----- | ||
| 2 | MHcCAQEEIFg0ZCSEB5LNeLsXYL25g3kqEWsqh52DR+yNOjyQJqyZoAoGCCqGSM49 | ||
| 3 | AwEHoUQDQgAE3sud88FV0N8FPspZSV7LWqj6uPPLRZiSsenNuEYAteWPyDgrZsWb | ||
| 4 | LzXBuUJucepaCNuW/QWgHBRbrjWj3ERm3A== | ||
| 5 | -----END EC PRIVATE KEY----- | ||
diff --git a/regress/unittests/sshsig/testdata/ecdsa.pub b/regress/unittests/sshsig/testdata/ecdsa.pub new file mode 100644 index 000000000..14ec6cf12 --- /dev/null +++ b/regress/unittests/sshsig/testdata/ecdsa.pub | |||
| @@ -0,0 +1 @@ | |||
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN7LnfPBVdDfBT7KWUley1qo+rjzy0WYkrHpzbhGALXlj8g4K2bFmy81wblCbnHqWgjblv0FoBwUW641o9xEZtw= ECDSA test | |||
diff --git a/regress/unittests/sshsig/testdata/ecdsa.sig b/regress/unittests/sshsig/testdata/ecdsa.sig new file mode 100644 index 000000000..79781570c --- /dev/null +++ b/regress/unittests/sshsig/testdata/ecdsa.sig | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | -----BEGIN SSH SIGNATURE----- | ||
| 2 | U1NIU0lHAAAAAQAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAE | ||
| 3 | EE3sud88FV0N8FPspZSV7LWqj6uPPLRZiSsenNuEYAteWPyDgrZsWbLzXBuUJucepaCNuW | ||
| 4 | /QWgHBRbrjWj3ERm3AAAAAh1bml0dGVzdAAAAAAAAAAGc2hhNTEyAAAAZQAAABNlY2RzYS | ||
| 5 | 1zaGEyLW5pc3RwMjU2AAAASgAAACEAycVNsTlE+XEZYyYiDxWZlliruf/pPMhEEMR/XLdQ | ||
| 6 | a4MAAAAhALQt+5gES7L3uKGptHB6UZQMuZ2WyI0C6FJs4v6AtMIU | ||
| 7 | -----END SSH SIGNATURE----- | ||
diff --git a/regress/unittests/sshsig/testdata/ecdsa_sk b/regress/unittests/sshsig/testdata/ecdsa_sk new file mode 100644 index 000000000..62ae44cb0 --- /dev/null +++ b/regress/unittests/sshsig/testdata/ecdsa_sk | |||
| @@ -0,0 +1,13 @@ | |||
| 1 | -----BEGIN OPENSSH PRIVATE KEY----- | ||
| 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAfwAAACJzay1lY2 | ||
| 3 | RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQSg1WuY0XE+ | ||
| 4 | VexOsrJsFYuxyVoe6eQ/oXmyz2pEHKZw9moyWehv+Fs7oZWFp3JVmOtybKQ6dvfUZYauQE | ||
| 5 | /Ov4PAAAAABHNzaDoAAAGI6iV41+oleNcAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBv | ||
| 6 | cGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEoNVrmNFxPlXsTrKybBWLsclaHunkP6F5ss | ||
| 7 | 9qRBymcPZqMlnob/hbO6GVhadyVZjrcmykOnb31GWGrkBPzr+DwAAAAARzc2g6AQAAAOMt | ||
| 8 | LS0tLUJFR0lOIEVDIFBSSVZBVEUgS0VZLS0tLS0KTUhjQ0FRRUVJQm9oeW54M2tpTFVEeS | ||
| 9 | t5UjU3WXBXSU5KektnU1p6WnV2VTljYXFla3JGcW9Bb0dDQ3FHU000OQpBd0VIb1VRRFFn | ||
| 10 | QUVvTlZybU5GeFBsWHNUckt5YkJXTHNjbGFIdW5rUDZGNXNzOXFSQnltY1BacU1sbm9iL2 | ||
| 11 | hiCk82R1ZoYWR5VlpqcmNteWtPbmIzMUdXR3JrQlB6citEd0E9PQotLS0tLUVORCBFQyBQ | ||
| 12 | UklWQVRFIEtFWS0tLS0tCgAAAAAAAAARRUNEU0EtU0sgdGVzdCBrZXk= | ||
| 13 | -----END OPENSSH PRIVATE KEY----- | ||
diff --git a/regress/unittests/sshsig/testdata/ecdsa_sk.pub b/regress/unittests/sshsig/testdata/ecdsa_sk.pub new file mode 100644 index 000000000..385ebf15b --- /dev/null +++ b/regress/unittests/sshsig/testdata/ecdsa_sk.pub | |||
| @@ -0,0 +1 @@ | |||
| sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBKDVa5jRcT5V7E6ysmwVi7HJWh7p5D+hebLPakQcpnD2ajJZ6G/4WzuhlYWnclWY63JspDp299Rlhq5AT86/g8AAAAAEc3NoOg== ECDSA-SK test key | |||
diff --git a/regress/unittests/sshsig/testdata/ecdsa_sk.sig b/regress/unittests/sshsig/testdata/ecdsa_sk.sig new file mode 100644 index 000000000..86de36063 --- /dev/null +++ b/regress/unittests/sshsig/testdata/ecdsa_sk.sig | |||
| @@ -0,0 +1,8 @@ | |||
| 1 | -----BEGIN SSH SIGNATURE----- | ||
| 2 | U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ | ||
| 3 | AAAAhuaXN0cDI1NgAAAEEEoNVrmNFxPlXsTrKybBWLsclaHunkP6F5ss9qRBymcPZqMlno | ||
| 4 | b/hbO6GVhadyVZjrcmykOnb31GWGrkBPzr+DwAAAAARzc2g6AAAACHVuaXR0ZXN0AAAAAA | ||
| 5 | AAAAZzaGE1MTIAAAB3AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20A | ||
| 6 | AABIAAAAIHohGwyy8iKT3zwd1TYA9V/Ioo7h/3zCJUtyq/Qigt/HAAAAIGzidTwq7D/kFa | ||
| 7 | 7Xjcp/KkdbIs4MfQpfAW/0OciajlpzARI0Vng= | ||
| 8 | -----END SSH SIGNATURE----- | ||
diff --git a/regress/unittests/sshsig/testdata/ed25519 b/regress/unittests/sshsig/testdata/ed25519 new file mode 100644 index 000000000..b44a63d3e --- /dev/null +++ b/regress/unittests/sshsig/testdata/ed25519 | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | -----BEGIN OPENSSH PRIVATE KEY----- | ||
| 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW | ||
| 3 | QyNTUxOQAAACCJYs0iDdw0Fe/FTzY1b78I4H/j+R6mz2AmLtwTjHYwBAAAAJjpGas/6Rmr | ||
| 4 | PwAAAAtzc2gtZWQyNTUxOQAAACCJYs0iDdw0Fe/FTzY1b78I4H/j+R6mz2AmLtwTjHYwBA | ||
| 5 | AAAEDpSKRA1QKW6kYiQftGRWh+H0fNekzYLG6c3bzseoCpEolizSIN3DQV78VPNjVvvwjg | ||
| 6 | f+P5HqbPYCYu3BOMdjAEAAAAEEVEMjU1MTkgdGVzdCBrZXkBAgMEBQ== | ||
| 7 | -----END OPENSSH PRIVATE KEY----- | ||
diff --git a/regress/unittests/sshsig/testdata/ed25519.pub b/regress/unittests/sshsig/testdata/ed25519.pub new file mode 100644 index 000000000..b078e4516 --- /dev/null +++ b/regress/unittests/sshsig/testdata/ed25519.pub | |||
| @@ -0,0 +1 @@ | |||
| ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIlizSIN3DQV78VPNjVvvwjgf+P5HqbPYCYu3BOMdjAE ED25519 test key | |||
diff --git a/regress/unittests/sshsig/testdata/ed25519.sig b/regress/unittests/sshsig/testdata/ed25519.sig new file mode 100644 index 000000000..8e8ff2a8a --- /dev/null +++ b/regress/unittests/sshsig/testdata/ed25519.sig | |||
| @@ -0,0 +1,6 @@ | |||
| 1 | -----BEGIN SSH SIGNATURE----- | ||
| 2 | U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgiWLNIg3cNBXvxU82NW+/COB/4/ | ||
| 3 | keps9gJi7cE4x2MAQAAAAIdW5pdHRlc3QAAAAAAAAABnNoYTUxMgAAAFMAAAALc3NoLWVk | ||
| 4 | MjU1MTkAAABAihQsbUzuNEFflk5Tw1+H9aLS7tZQk0RG8KW1DtOmDYYnWe3D3UKiG3fcJa | ||
| 5 | DNg4vBWp1j1gLRiBMOF+gwYNegDg== | ||
| 6 | -----END SSH SIGNATURE----- | ||
diff --git a/regress/unittests/sshsig/testdata/ed25519_sk b/regress/unittests/sshsig/testdata/ed25519_sk new file mode 100644 index 000000000..3a434ecb9 --- /dev/null +++ b/regress/unittests/sshsig/testdata/ed25519_sk | |||
| @@ -0,0 +1,8 @@ | |||
| 1 | -----BEGIN OPENSSH PRIVATE KEY----- | ||
| 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAASgAAABpzay1zc2 | ||
| 3 | gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACCbGg2F0GK7nOm4pQmAyCuGEjnhvs5q0TtjPbdN | ||
| 4 | //+yxwAAAARzc2g6AAAAuBw56jAcOeowAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY2 | ||
| 5 | 9tAAAAIJsaDYXQYruc6bilCYDIK4YSOeG+zmrRO2M9t03//7LHAAAABHNzaDoBAAAAQFXc | ||
| 6 | 6dCwWewIk1EBofAouGZApW8+s0XekXenxtb78+x0mxoNhdBiu5zpuKUJgMgrhhI54b7Oat | ||
| 7 | E7Yz23Tf//sscAAAAAAAAAE0VEMjU1MTktU0sgdGVzdCBrZXkBAgMEBQY= | ||
| 8 | -----END OPENSSH PRIVATE KEY----- | ||
diff --git a/regress/unittests/sshsig/testdata/ed25519_sk.pub b/regress/unittests/sshsig/testdata/ed25519_sk.pub new file mode 100644 index 000000000..71051ec3b --- /dev/null +++ b/regress/unittests/sshsig/testdata/ed25519_sk.pub | |||
| @@ -0,0 +1 @@ | |||
| sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJsaDYXQYruc6bilCYDIK4YSOeG+zmrRO2M9t03//7LHAAAABHNzaDo= ED25519-SK test key | |||
diff --git a/regress/unittests/sshsig/testdata/ed25519_sk.sig b/regress/unittests/sshsig/testdata/ed25519_sk.sig new file mode 100644 index 000000000..49b6818da --- /dev/null +++ b/regress/unittests/sshsig/testdata/ed25519_sk.sig | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | -----BEGIN SSH SIGNATURE----- | ||
| 2 | U1NIU0lHAAAAAQAAAEoAAAAac2stc3NoLWVkMjU1MTlAb3BlbnNzaC5jb20AAAAgmxoNhd | ||
| 3 | Biu5zpuKUJgMgrhhI54b7OatE7Yz23Tf//sscAAAAEc3NoOgAAAAh1bml0dGVzdAAAAAAA | ||
| 4 | AAAGc2hhNTEyAAAAZwAAABpzay1zc2gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAAEAi+7eTjW | ||
| 5 | /+LQ2M+sCD+KFtH1n7VFFJon/SZFsxODyV8cWTlFKj617Ys1Ur5TV6uaEXQhck8rBA2oQI | ||
| 6 | HTPANLIPARI0Vng= | ||
| 7 | -----END SSH SIGNATURE----- | ||
diff --git a/regress/unittests/sshsig/testdata/namespace b/regress/unittests/sshsig/testdata/namespace new file mode 100644 index 000000000..1570cd548 --- /dev/null +++ b/regress/unittests/sshsig/testdata/namespace | |||
| @@ -0,0 +1 @@ | |||
| unittest \ No newline at end of file | |||
diff --git a/regress/unittests/sshsig/testdata/rsa b/regress/unittests/sshsig/testdata/rsa new file mode 100644 index 000000000..228fad797 --- /dev/null +++ b/regress/unittests/sshsig/testdata/rsa | |||
| @@ -0,0 +1,39 @@ | |||
| 1 | -----BEGIN RSA PRIVATE KEY----- | ||
| 2 | MIIG4wIBAAKCAYEA386lmjRHtJpyj87BrS+ssMmtvc/1SPN0gXTPs9jZ1hYAq98P | ||
| 3 | ca3/RYVM4HaSu6COztQJ2ZnZD3Te/XeBnIU2mfuvQEl+DiwisGeNglVyRCi7787f | ||
| 4 | PFFfcxzZfDa7EB2qY8S3oaSGZK8QqzuGwmGAImjlQXz6J+HCd/eD/58GoCSSirIE | ||
| 5 | CFWCAt+uNrOC/EmgAzsbfcfaIbbVzA40tlgU3hO2J42kddz8CisDTtDKQABFcOaQ | ||
| 6 | ZycSfn7HDP+WgXLXXBUI9wVM1Tif1f+9MX08xIsvCvGzo7yLgbbTFLSGr5SkA+tO | ||
| 7 | rYuoA7V8fge0id/3pnVtG1Ui3I7vejeAwf0HZqtFeBEnOwkIJFmZeMtFeOVf+4ki | ||
| 8 | 4h1rDqAvSscNvMtLp6OXpbAATATAuEWEkIQBl1rngnEe0iC9iU9itKMW6qJ4FtIb | ||
| 9 | 4ACH1EoU1x8vqrFecg2hvqfk5CZBJIbV28JFuGjac3OxBZ17Fqb8ljomUir1GrET | ||
| 10 | 2z66NMgb5TjDD7BVAgMBAAECggGACfjDGCPMLhfTkuS7bGP7ZcUWoKZrX1y5jCsQ | ||
| 11 | NgsraYaBcSb3ITGHdimCS139G68DreN0rOVV7oJejRyOAdNNo367SDn+C9ObmBCF | ||
| 12 | FZGJDdBiz0SAXceiYRaf+hDWNNmdheR16hXShxnlvDtivbZqZx4VWN2gp7Y/W+kD | ||
| 13 | UJhdSzVV8igMVfK5YDdnI7jL1UHSh1JS3z/QUEA9NmJLpvQ1uc9XBlwhP78g27Me | ||
| 14 | 6pwS5tccQPOE65OqF0i+xa19nzbmnC940Y34yZeI/UE+PYaO2+asapvOfu/sboBH | ||
| 15 | Yb5BuWXVEkSeRWI23SpuZbmfNTtVgiRoRqOvqM4G88LkhYjZ6xpDggxQwJiShiiD | ||
| 16 | oWCucs0v3pX8H8/LbGs8l50SGI5nzUqAdZ7/QQucU/GuDiQtampntkLEDgf9KIw/ | ||
| 17 | SDrtCw1E9fnCWj4Z71IYfepY9bVY6QUEcfTdnDcYSY1Z5tVpzeMHVLeo0lbNVZv9 | ||
| 18 | 2qmPnjjP/IvWbjjwu/PHpUWkUs0BAoHBAPx4YwPXWYgWnesMKXkjAHyO5KA4EyBr | ||
| 19 | +rcEmOZkZDibC8PKYzIK2ztptuthahVovW20R/QJhJkO5teGZMeGPFq+floCeC5P | ||
| 20 | la9CEYGYcTrzgSe1QM9IGMr1vGI1KIWck7VkJ0bkKoY40uIJSVZxnyG9pEpcwYSp | ||
| 21 | tnOqA/f5YZUFctWvXUz46OfiLKstXLrcrGIU7YRmLv2rW9twnpJYTzE98g3KpVJ2 | ||
| 22 | TI1pyvrDTdGeAQUTGCAjpviY6XR5d020vQKBwQDi76wsGLQ3XLI+OAE95Ljo0Mcl | ||
| 23 | +KdJPVVQPq/VcjKgZQndFloflMRrmgNHme9gmsHOrf8DLZvEDbtT+gbmWslMFZQ9 | ||
| 24 | om1kR404gfuGmfIYdBdOwWjuBLsZs3pfqDB4Xa3NkxljwOMYTp035n0r2UMFaSy3 | ||
| 25 | gvpW7fsdPOGAJsqNhSw/JNHcokHeBm7VbV0aD7tSyIghmARb5c98fmrSPbiEo8mP | ||
| 26 | ITIZlgbfZCq2KuXY4q16R3QvlpuSwitVobLR/3kCgcEAueH5JM7dQHFGe9RMhL/c | ||
| 27 | j9i1Q7GFg4183lsoKBkqIPMmylSsjB+qIihHYS4r6O9g6PCfOXH4iqiKFY0BjlWr | ||
| 28 | AjTW2naO/aniz1KZiQ0v8PNv2Eh/Gx4+AtDCjpwM5bLOnfLLaEp9dK1JttqXgGnP | ||
| 29 | fAwgdg+s+3votWgr29tkmU+VqPagfxeUg4Xm1XFkoL/wu5Yk+iIx3trXms1kMuOK | ||
| 30 | CvtMyBK3fetTmZqWs+Iv3XGz1oSkcqVNPiN3XyY/TJsRAoG/Q17jvjOXTNg4EkCO | ||
| 31 | HdHJE1Tnyl4HS7bpnOj/Sl6cqQFV7Ey2dKm1pjwSvS714bgP0UvWaRshIxLwif2w | ||
| 32 | DrLlD7FYUPPnhd24Dw6HnW4WcSwFv1uryv2cjgS6T6ueuB0Xe/AvmW2p/Y1ZHz9N | ||
| 33 | 6baWLwUKQXCg4S3FXui0CVd6yoi+mgBUTSveYguG29WbziDde7YMs+xtXtravhrJ | ||
| 34 | m6C3Jql5LQSt2uqvH6KdC3ewxLKGzcZot7f+d5MtSj6216ECgcEA9PGmWeUkhVuW | ||
| 35 | Xz2c9iBeHwCtmDso7gVwxNnHqdqirB4f1nDCGbrJS7hz5Ss7/wfzekP2W5if2P6U | ||
| 36 | JPUdfykAQgALNn1twAtj1a+UAp31ZWu8JK/Qzt4hLJPBxzMo7MenJq189JmYmDnm | ||
| 37 | 6D5d9vDLCW15gCZua89GZa8K8V50lYyeHBOHAyzNTfNlnMBkHyP645+nqpuEWzIT | ||
| 38 | 3mCe2OAbl60o8VvvVUlAQyQ/ObLq37HHEoDu0U/YAnP157cxpa84 | ||
| 39 | -----END RSA PRIVATE KEY----- | ||
diff --git a/regress/unittests/sshsig/testdata/rsa.pub b/regress/unittests/sshsig/testdata/rsa.pub new file mode 100644 index 000000000..30142ac0a --- /dev/null +++ b/regress/unittests/sshsig/testdata/rsa.pub | |||
| @@ -0,0 +1 @@ | |||
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfzqWaNEe0mnKPzsGtL6ywya29z/VI83SBdM+z2NnWFgCr3w9xrf9FhUzgdpK7oI7O1AnZmdkPdN79d4GchTaZ+69ASX4OLCKwZ42CVXJEKLvvzt88UV9zHNl8NrsQHapjxLehpIZkrxCrO4bCYYAiaOVBfPon4cJ394P/nwagJJKKsgQIVYIC3642s4L8SaADOxt9x9ohttXMDjS2WBTeE7YnjaR13PwKKwNO0MpAAEVw5pBnJxJ+fscM/5aBctdcFQj3BUzVOJ/V/70xfTzEiy8K8bOjvIuBttMUtIavlKQD606ti6gDtXx+B7SJ3/emdW0bVSLcju96N4DB/Qdmq0V4ESc7CQgkWZl4y0V45V/7iSLiHWsOoC9Kxw28y0uno5elsABMBMC4RYSQhAGXWueCcR7SIL2JT2K0oxbqongW0hvgAIfUShTXHy+qsV5yDaG+p+TkJkEkhtXbwkW4aNpzc7EFnXsWpvyWOiZSKvUasRPbPro0yBvlOMMPsFU= RSA test | |||
diff --git a/regress/unittests/sshsig/testdata/rsa.sig b/regress/unittests/sshsig/testdata/rsa.sig new file mode 100644 index 000000000..15a032e01 --- /dev/null +++ b/regress/unittests/sshsig/testdata/rsa.sig | |||
| @@ -0,0 +1,19 @@ | |||
| 1 | -----BEGIN SSH SIGNATURE----- | ||
| 2 | U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBAN/OpZo0R7Saco/Owa0vrL | ||
| 3 | DJrb3P9UjzdIF0z7PY2dYWAKvfD3Gt/0WFTOB2krugjs7UCdmZ2Q903v13gZyFNpn7r0BJ | ||
| 4 | fg4sIrBnjYJVckQou+/O3zxRX3Mc2Xw2uxAdqmPEt6GkhmSvEKs7hsJhgCJo5UF8+ifhwn | ||
| 5 | f3g/+fBqAkkoqyBAhVggLfrjazgvxJoAM7G33H2iG21cwONLZYFN4TtieNpHXc/AorA07Q | ||
| 6 | ykAARXDmkGcnEn5+xwz/loFy11wVCPcFTNU4n9X/vTF9PMSLLwrxs6O8i4G20xS0hq+UpA | ||
| 7 | PrTq2LqAO1fH4HtInf96Z1bRtVItyO73o3gMH9B2arRXgRJzsJCCRZmXjLRXjlX/uJIuId | ||
| 8 | aw6gL0rHDbzLS6ejl6WwAEwEwLhFhJCEAZda54JxHtIgvYlPYrSjFuqieBbSG+AAh9RKFN | ||
| 9 | cfL6qxXnINob6n5OQmQSSG1dvCRbho2nNzsQWdexam/JY6JlIq9RqxE9s+ujTIG+U4ww+w | ||
| 10 | VQAAAAh1bml0dGVzdAAAAAAAAAAGc2hhNTEyAAABlAAAAAxyc2Etc2hhMi01MTIAAAGACi | ||
| 11 | nEpBrQxZi0yOrrT6h98JFfZh0XXioih4fzmvtoV0yOReWClS+otGgXoJyZHcbaKNOjDwSM | ||
| 12 | rIkUoX6OUJmtHYP0HRELnKw35m33LdBPXpFGS4tRS7NeSpvc04KtjT6jYXY9FjWy5hcn17 | ||
| 13 | Sxc/3DnJqLgJBur8acY7FeIzpWmKixPd/dGkEjdWoD9gO6szLczGuQgrOdYmSRL4yKadTJ | ||
| 14 | lVjz5OSeKSYYGQy33US2XQassRRNYf4e9byTA3DKvHa/OcTt7lFerea0kZdDpAboqffz7T | ||
| 15 | Yaw/hFskAYLIEdTW3aoXBGHSOvu8AkDOtb7qwuxGSQ27pjkDLDNsp1ceCFaCaQ6X83RZuK | ||
| 16 | ACv9JUBI5KaSf81e0bs0KezJKkhB9czeZ6dk96qISbgayEBnvhYgXvUDKtHn7HzNlCJKfK | ||
| 17 | 5ABhNxfGG2CD+NKqcrndwFgS1sQO3hbA84zPQb26ShBovT8ytHBmW1F8ZK4O9Bz61Q6EZK | ||
| 18 | vs/u6xP6LUean/so5daa | ||
| 19 | -----END SSH SIGNATURE----- | ||
diff --git a/regress/unittests/sshsig/testdata/signed-data b/regress/unittests/sshsig/testdata/signed-data new file mode 100644 index 000000000..7df4bedd1 --- /dev/null +++ b/regress/unittests/sshsig/testdata/signed-data | |||
| @@ -0,0 +1 @@ | |||
| This is a test, this is only a test \ No newline at end of file | |||
diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c new file mode 100644 index 000000000..ce59b96a2 --- /dev/null +++ b/regress/unittests/sshsig/tests.c | |||
| @@ -0,0 +1,120 @@ | |||
| 1 | /* $OpenBSD: tests.c,v 1.1 2020/06/19 04:32:09 djm Exp $ */ | ||
| 2 | /* | ||
| 3 | * Regress test for sshbuf.h buffer API | ||
| 4 | * | ||
| 5 | * Placed in the public domain | ||
| 6 | */ | ||
| 7 | |||
| 8 | #include <sys/types.h> | ||
| 9 | #include <sys/param.h> | ||
| 10 | #include <sys/stat.h> | ||
| 11 | #include <fcntl.h> | ||
| 12 | #include <stdio.h> | ||
| 13 | #include <stdint.h> | ||
| 14 | #include <stdlib.h> | ||
| 15 | #include <string.h> | ||
| 16 | #include <unistd.h> | ||
| 17 | |||
| 18 | #include <openssl/evp.h> | ||
| 19 | #include <openssl/crypto.h> | ||
| 20 | |||
| 21 | #include "ssherr.h" | ||
| 22 | #include "authfile.h" | ||
| 23 | #include "sshkey.h" | ||
| 24 | #include "sshbuf.h" | ||
| 25 | #include "sshsig.h" | ||
| 26 | #include "log.h" | ||
| 27 | |||
| 28 | #include "test_helper.h" | ||
| 29 | |||
| 30 | static struct sshbuf * | ||
| 31 | load_file(const char *name) | ||
| 32 | { | ||
| 33 | struct sshbuf *ret = NULL; | ||
| 34 | |||
| 35 | ASSERT_INT_EQ(sshbuf_load_file(test_data_file(name), &ret), 0); | ||
| 36 | ASSERT_PTR_NE(ret, NULL); | ||
| 37 | return ret; | ||
| 38 | } | ||
| 39 | |||
| 40 | static struct sshkey * | ||
| 41 | load_key(const char *name) | ||
| 42 | { | ||
| 43 | struct sshkey *ret = NULL; | ||
| 44 | ASSERT_INT_EQ(sshkey_load_public(test_data_file(name), &ret, NULL), 0); | ||
| 45 | ASSERT_PTR_NE(ret, NULL); | ||
| 46 | return ret; | ||
| 47 | } | ||
| 48 | |||
| 49 | static void | ||
| 50 | check_sig(const char *keyname, const char *signame, const struct sshbuf *msg, | ||
| 51 | const char *namespace) | ||
| 52 | { | ||
| 53 | struct sshkey *k, *sign_key; | ||
| 54 | struct sshbuf *sig, *rawsig; | ||
| 55 | struct sshkey_sig_details *sig_details; | ||
| 56 | |||
| 57 | k = load_key(keyname); | ||
| 58 | sig = load_file(signame); | ||
| 59 | sign_key = NULL; | ||
| 60 | sig_details = NULL; | ||
| 61 | rawsig = NULL; | ||
| 62 | ASSERT_INT_EQ(sshsig_dearmor(sig, &rawsig), 0); | ||
| 63 | ASSERT_INT_EQ(sshsig_verifyb(rawsig, msg, namespace, | ||
| 64 | &sign_key, &sig_details), 0); | ||
| 65 | ASSERT_INT_EQ(sshkey_equal(k, sign_key), 1); | ||
| 66 | sshkey_free(k); | ||
| 67 | sshkey_free(sign_key); | ||
| 68 | sshkey_sig_details_free(sig_details); | ||
| 69 | sshbuf_free(sig); | ||
| 70 | sshbuf_free(rawsig); | ||
| 71 | } | ||
| 72 | |||
| 73 | void | ||
| 74 | tests(void) | ||
| 75 | { | ||
| 76 | struct sshbuf *msg; | ||
| 77 | char *namespace; | ||
| 78 | |||
| 79 | #if 0 | ||
| 80 | log_init("test_sshsig", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1); | ||
| 81 | #endif | ||
| 82 | |||
| 83 | OpenSSL_add_all_algorithms(); | ||
| 84 | ERR_load_CRYPTO_strings(); | ||
| 85 | |||
| 86 | TEST_START("load data"); | ||
| 87 | msg = load_file("namespace"); | ||
| 88 | namespace = sshbuf_dup_string(msg); | ||
| 89 | ASSERT_PTR_NE(namespace, NULL); | ||
| 90 | sshbuf_free(msg); | ||
| 91 | msg = load_file("signed-data"); | ||
| 92 | TEST_DONE(); | ||
| 93 | |||
| 94 | TEST_START("check RSA signature"); | ||
| 95 | check_sig("rsa", "rsa.sig", msg, namespace); | ||
| 96 | TEST_DONE(); | ||
| 97 | |||
| 98 | TEST_START("check DSA signature"); | ||
| 99 | check_sig("dsa", "dsa.sig", msg, namespace); | ||
| 100 | TEST_DONE(); | ||
| 101 | |||
| 102 | TEST_START("check ECDSA signature"); | ||
| 103 | check_sig("ecdsa", "ecdsa.sig", msg, namespace); | ||
| 104 | TEST_DONE(); | ||
| 105 | |||
| 106 | TEST_START("check ED25519 signature"); | ||
| 107 | check_sig("ed25519", "ed25519.sig", msg, namespace); | ||
| 108 | TEST_DONE(); | ||
| 109 | |||
| 110 | TEST_START("check ECDSA-SK signature"); | ||
| 111 | check_sig("ecdsa_sk", "ecdsa_sk.sig", msg, namespace); | ||
| 112 | TEST_DONE(); | ||
| 113 | |||
| 114 | TEST_START("check ED25519-SK signature"); | ||
| 115 | check_sig("ed25519_sk", "ed25519_sk.sig", msg, namespace); | ||
| 116 | TEST_DONE(); | ||
| 117 | |||
| 118 | sshbuf_free(msg); | ||
| 119 | free(namespace); | ||
| 120 | } | ||