diff options
-rw-r--r-- | kex.c | 4 | ||||
-rw-r--r-- | regress/unittests/hostkeys/test_iterate.c | 25 | ||||
-rw-r--r-- | regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | 8 | ||||
-rw-r--r-- | regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c | 4 | ||||
-rw-r--r-- | regress/unittests/sshkey/test_sshkey.c | 7 |
5 files changed, 27 insertions, 21 deletions
@@ -432,9 +432,11 @@ kex_free(struct kex *kex) | |||
432 | #ifdef WITH_OPENSSL | 432 | #ifdef WITH_OPENSSL |
433 | if (kex->dh) | 433 | if (kex->dh) |
434 | DH_free(kex->dh); | 434 | DH_free(kex->dh); |
435 | #ifdef OPENSSL_HAS_ECC | ||
435 | if (kex->ec_client_key) | 436 | if (kex->ec_client_key) |
436 | EC_KEY_free(kex->ec_client_key); | 437 | EC_KEY_free(kex->ec_client_key); |
437 | #endif | 438 | #endif /* OPENSSL_HAS_ECC */ |
439 | #endif /* WITH_OPENSSL */ | ||
438 | for (mode = 0; mode < MODE_MAX; mode++) { | 440 | for (mode = 0; mode < MODE_MAX; mode++) { |
439 | kex_free_newkeys(kex->newkeys[mode]); | 441 | kex_free_newkeys(kex->newkeys[mode]); |
440 | kex->newkeys[mode] = NULL; | 442 | kex->newkeys[mode] = NULL; |
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 7e5a13018..d81291b68 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c | |||
@@ -98,6 +98,15 @@ check(struct hostkey_foreach_line *l, void *_ctx) | |||
98 | parse_key = 0; | 98 | parse_key = 0; |
99 | } | 99 | } |
100 | #endif | 100 | #endif |
101 | #ifndef OPENSSL_HAS_ECC | ||
102 | if (expected->l.keytype == KEY_ECDSA || | ||
103 | expected->no_parse_keytype == KEY_ECDSA) { | ||
104 | expected_status = HKF_STATUS_INVALID; | ||
105 | expected_keytype = KEY_UNSPEC; | ||
106 | parse_key = 0; | ||
107 | } | ||
108 | #endif | ||
109 | |||
101 | UPDATE_MATCH_STATUS(match_host_p); | 110 | UPDATE_MATCH_STATUS(match_host_p); |
102 | UPDATE_MATCH_STATUS(match_host_s); | 111 | UPDATE_MATCH_STATUS(match_host_s); |
103 | UPDATE_MATCH_STATUS(match_ipv4); | 112 | UPDATE_MATCH_STATUS(match_ipv4); |
@@ -145,6 +154,10 @@ prepare_expected(struct expected *expected, size_t n) | |||
145 | if (expected[i].l.keytype == KEY_RSA1) | 154 | if (expected[i].l.keytype == KEY_RSA1) |
146 | continue; | 155 | continue; |
147 | #endif | 156 | #endif |
157 | #ifndef OPENSSL_HAS_ECC | ||
158 | if (expected[i].l.keytype == KEY_ECDSA) | ||
159 | continue; | ||
160 | #endif | ||
148 | ASSERT_INT_EQ(sshkey_load_public( | 161 | ASSERT_INT_EQ(sshkey_load_public( |
149 | test_data_file(expected[i].key_file), &expected[i].l.key, | 162 | test_data_file(expected[i].key_file), &expected[i].l.key, |
150 | NULL), 0); | 163 | NULL), 0); |
@@ -178,7 +191,6 @@ struct expected expected_full[] = { | |||
178 | NULL, /* filled at runtime */ | 191 | NULL, /* filled at runtime */ |
179 | "DSA #1", | 192 | "DSA #1", |
180 | } }, | 193 | } }, |
181 | #ifdef OPENSSL_HAS_ECC | ||
182 | { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { | 194 | { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { |
183 | NULL, | 195 | NULL, |
184 | 3, | 196 | 3, |
@@ -192,7 +204,6 @@ struct expected expected_full[] = { | |||
192 | NULL, /* filled at runtime */ | 204 | NULL, /* filled at runtime */ |
193 | "ECDSA #1", | 205 | "ECDSA #1", |
194 | } }, | 206 | } }, |
195 | #endif | ||
196 | { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { | 207 | { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { |
197 | NULL, | 208 | NULL, |
198 | 4, | 209 | 4, |
@@ -271,7 +282,6 @@ struct expected expected_full[] = { | |||
271 | NULL, /* filled at runtime */ | 282 | NULL, /* filled at runtime */ |
272 | "DSA #2", | 283 | "DSA #2", |
273 | } }, | 284 | } }, |
274 | #ifdef OPENSSL_HAS_ECC | ||
275 | { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 285 | { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
276 | NULL, | 286 | NULL, |
277 | 10, | 287 | 10, |
@@ -285,7 +295,6 @@ struct expected expected_full[] = { | |||
285 | NULL, /* filled at runtime */ | 295 | NULL, /* filled at runtime */ |
286 | "ECDSA #2", | 296 | "ECDSA #2", |
287 | } }, | 297 | } }, |
288 | #endif | ||
289 | { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 298 | { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
290 | NULL, | 299 | NULL, |
291 | 11, | 300 | 11, |
@@ -364,7 +373,6 @@ struct expected expected_full[] = { | |||
364 | NULL, /* filled at runtime */ | 373 | NULL, /* filled at runtime */ |
365 | "DSA #3", | 374 | "DSA #3", |
366 | } }, | 375 | } }, |
367 | #ifdef OPENSSL_HAS_ECC | ||
368 | { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 376 | { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
369 | NULL, | 377 | NULL, |
370 | 17, | 378 | 17, |
@@ -378,7 +386,6 @@ struct expected expected_full[] = { | |||
378 | NULL, /* filled at runtime */ | 386 | NULL, /* filled at runtime */ |
379 | "ECDSA #3", | 387 | "ECDSA #3", |
380 | } }, | 388 | } }, |
381 | #endif | ||
382 | { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { | 389 | { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { |
383 | NULL, | 390 | NULL, |
384 | 18, | 391 | 18, |
@@ -457,7 +464,6 @@ struct expected expected_full[] = { | |||
457 | NULL, /* filled at runtime */ | 464 | NULL, /* filled at runtime */ |
458 | "DSA #5", | 465 | "DSA #5", |
459 | } }, | 466 | } }, |
460 | #ifdef OPENSSL_HAS_ECC | ||
461 | { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { | 467 | { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { |
462 | NULL, | 468 | NULL, |
463 | 24, | 469 | 24, |
@@ -471,7 +477,6 @@ struct expected expected_full[] = { | |||
471 | NULL, /* filled at runtime */ | 477 | NULL, /* filled at runtime */ |
472 | "ECDSA #5", | 478 | "ECDSA #5", |
473 | } }, | 479 | } }, |
474 | #endif | ||
475 | { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { | 480 | { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { |
476 | NULL, | 481 | NULL, |
477 | 25, | 482 | 25, |
@@ -568,7 +573,6 @@ struct expected expected_full[] = { | |||
568 | NULL, /* filled at runtime */ | 573 | NULL, /* filled at runtime */ |
569 | "DSA #6", | 574 | "DSA #6", |
570 | } }, | 575 | } }, |
571 | #ifdef OPENSSL_HAS_ECC | ||
572 | { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { | 576 | { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { |
573 | NULL, | 577 | NULL, |
574 | 32, | 578 | 32, |
@@ -608,7 +612,6 @@ struct expected expected_full[] = { | |||
608 | NULL, /* filled at runtime */ | 612 | NULL, /* filled at runtime */ |
609 | "ECDSA #6", | 613 | "ECDSA #6", |
610 | } }, | 614 | } }, |
611 | #endif | ||
612 | { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { | 615 | { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { |
613 | NULL, | 616 | NULL, |
614 | 35, | 617 | 35, |
@@ -791,7 +794,6 @@ struct expected expected_full[] = { | |||
791 | NULL, /* filled at runtime */ | 794 | NULL, /* filled at runtime */ |
792 | "ED25519 #4", | 795 | "ED25519 #4", |
793 | } }, | 796 | } }, |
794 | #ifdef OPENSSL_HAS_ECC | ||
795 | { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { | 797 | { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { |
796 | NULL, | 798 | NULL, |
797 | 49, | 799 | 49, |
@@ -805,7 +807,6 @@ struct expected expected_full[] = { | |||
805 | NULL, /* filled at runtime */ | 807 | NULL, /* filled at runtime */ |
806 | "ECDSA #4", | 808 | "ECDSA #4", |
807 | } }, | 809 | } }, |
808 | #endif | ||
809 | { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { | 810 | { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { |
810 | NULL, | 811 | NULL, |
811 | 50, | 812 | 50, |
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index 0c4c71ecd..a68e1329e 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | |||
@@ -32,8 +32,6 @@ void | |||
32 | sshbuf_getput_crypto_tests(void) | 32 | sshbuf_getput_crypto_tests(void) |
33 | { | 33 | { |
34 | struct sshbuf *p1; | 34 | struct sshbuf *p1; |
35 | const u_char *d; | ||
36 | size_t s; | ||
37 | BIGNUM *bn, *bn2; | 35 | BIGNUM *bn, *bn2; |
38 | /* This one has num_bits != num_bytes * 8 to test bignum1 encoding */ | 36 | /* This one has num_bits != num_bytes * 8 to test bignum1 encoding */ |
39 | const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10"; | 37 | const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10"; |
@@ -48,7 +46,9 @@ sshbuf_getput_crypto_tests(void) | |||
48 | 0x70, 0x60, 0x50, 0x40, 0x30, 0x20, 0x10, 0x00, | 46 | 0x70, 0x60, 0x50, 0x40, 0x30, 0x20, 0x10, 0x00, |
49 | 0x7f, 0xff, 0x11 | 47 | 0x7f, 0xff, 0x11 |
50 | }; | 48 | }; |
51 | #ifdef OPENSSL_HAS_NISTP256 | 49 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) |
50 | const u_char *d; | ||
51 | size_t s; | ||
52 | BIGNUM *bn_x, *bn_y; | 52 | BIGNUM *bn_x, *bn_y; |
53 | int ec256_nid = NID_X9_62_prime256v1; | 53 | int ec256_nid = NID_X9_62_prime256v1; |
54 | char *ec256_x = "0C828004839D0106AA59575216191357" | 54 | char *ec256_x = "0C828004839D0106AA59575216191357" |
@@ -352,7 +352,7 @@ sshbuf_getput_crypto_tests(void) | |||
352 | sshbuf_free(p1); | 352 | sshbuf_free(p1); |
353 | TEST_DONE(); | 353 | TEST_DONE(); |
354 | 354 | ||
355 | #ifdef OPENSSL_HAS_NISTP256 | 355 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) |
356 | TEST_START("sshbuf_put_ec"); | 356 | TEST_START("sshbuf_put_ec"); |
357 | eck = EC_KEY_new_by_curve_name(ec256_nid); | 357 | eck = EC_KEY_new_by_curve_name(ec256_nid); |
358 | ASSERT_PTR_NE(eck, NULL); | 358 | ASSERT_PTR_NE(eck, NULL); |
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c index 8c3269b13..c6b5c29d1 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c | |||
@@ -33,7 +33,7 @@ attempt_parse_blob(u_char *blob, size_t len) | |||
33 | { | 33 | { |
34 | struct sshbuf *p1; | 34 | struct sshbuf *p1; |
35 | BIGNUM *bn; | 35 | BIGNUM *bn; |
36 | #ifdef OPENSSL_HAS_NISTP256 | 36 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) |
37 | EC_KEY *eck; | 37 | EC_KEY *eck; |
38 | #endif | 38 | #endif |
39 | u_char *s; | 39 | u_char *s; |
@@ -60,7 +60,7 @@ attempt_parse_blob(u_char *blob, size_t len) | |||
60 | bn = BN_new(); | 60 | bn = BN_new(); |
61 | sshbuf_get_bignum2(p1, bn); | 61 | sshbuf_get_bignum2(p1, bn); |
62 | BN_clear_free(bn); | 62 | BN_clear_free(bn); |
63 | #ifdef OPENSSL_HAS_NISTP256 | 63 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) |
64 | eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); | 64 | eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
65 | ASSERT_PTR_NE(eck, NULL); | 65 | ASSERT_PTR_NE(eck, NULL); |
66 | sshbuf_get_eckey(p1, eck); | 66 | sshbuf_get_eckey(p1, eck); |
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index b233a254b..ad10c9be2 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c | |||
@@ -19,7 +19,7 @@ | |||
19 | #include <openssl/bn.h> | 19 | #include <openssl/bn.h> |
20 | #include <openssl/rsa.h> | 20 | #include <openssl/rsa.h> |
21 | #include <openssl/dsa.h> | 21 | #include <openssl/dsa.h> |
22 | #ifdef OPENSSL_HAS_NISTP256 | 22 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) |
23 | # include <openssl/ec.h> | 23 | # include <openssl/ec.h> |
24 | #endif | 24 | #endif |
25 | 25 | ||
@@ -174,7 +174,10 @@ get_private(const char *n) | |||
174 | void | 174 | void |
175 | sshkey_tests(void) | 175 | sshkey_tests(void) |
176 | { | 176 | { |
177 | struct sshkey *k1, *k2, *k3, *k4, *kr, *kd, *ke, *kf; | 177 | struct sshkey *k1, *k2, *k3, *k4, *kr, *kd, *kf; |
178 | #ifdef OPENSSL_HAS_ECC | ||
179 | struct sshkey *ke; | ||
180 | #endif | ||
178 | struct sshbuf *b; | 181 | struct sshbuf *b; |
179 | 182 | ||
180 | TEST_START("new invalid"); | 183 | TEST_START("new invalid"); |