1 files changed, 52 insertions, 0 deletions
diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh
new file mode 100644
index 000000000..74a734af7
--- /dev/null
+++ b/regress/keygen-comment.sh
@@ -0,0 +1,52 @@
+#    Placed in the Public Domain.
+tid="Comment extraction from private key"
+S1="secret1"
+check_fingerprint () {
+        file="$1"
+        comment="$2"
+        trace "fingerprinting $file"
+        if ! ${SSHKEYGEN} -l -E sha256 -f $file > $OBJ/$t-fgp ; then
+                fail "ssh-keygen -l failed for $t-key"
+        fi
+        if ! egrep "^([0-9]+) SHA256:(.){43} ${comment} \(.*\)$" \
+            $OBJ/$t-fgp >/dev/null 2>&1 ; then
+                fail "comment is not correctly recovered for $t-key"
+        fi
+        rm -f $OBJ/$t-fgp
+}
+for fmt in '' RFC4716 PKCS8 PEM; do
+        for t in $SSH_KEYTYPES; do
+                trace "generating $t key in '$fmt' format"
+                rm -f $OBJ/$t-key*
+                oldfmt=""
+                case "$fmt" in
+                PKCS8|PEM) oldfmt=1 ;;
+                esac
+                # Some key types like ssh-ed25519 and *@openssh.com are never
+                # stored in old formats.
+                case "$t" in
+                ssh-ed25519|*openssh.com) test -z "$oldfmt" || continue ;;
+                esac
+                comment="foo bar"
+                fmtarg=""
+                test -z "$fmt" || fmtarg="-m $fmt"
+                ${SSHKEYGEN} $fmtarg -N '' -C "${comment}" \
+                    -t $t -f $OBJ/$t-key >/dev/null 2>&1 || \
+                        fatal "keygen of $t in format $fmt failed"
+                check_fingerprint $OBJ/$t-key "${comment}"
+                check_fingerprint $OBJ/$t-key.pub "${comment}"
+                # Output fingerprint using only private file
+                trace "fingerprinting $t key using private key file"
+                rm -f $OBJ/$t-key.pub
+                if [ ! -z "$oldfmt" ] ; then
+                        # Comment cannot be recovered from old format keys.
+                        comment="no comment"
+                fi
+                check_fingerprint $OBJ/$t-key "${comment}"
+                rm -f $OBJ/$t-key*
+        done
+done

diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh new file mode 100644 index 000000000..74a734af7 --- /dev/null +++ b/regress/keygen-comment.sh
@@ -0,0 +1,52 @@
	1	# Placed in the Public Domain.
	2
	3	tid="Comment extraction from private key"
	4
	5	S1="secret1"
	6
	7	check_fingerprint () {
	8	file="$1"
	9	comment="$2"
	10	trace "fingerprinting $file"
	11	if ! ${SSHKEYGEN} -l -E sha256 -f $file > $OBJ/$t-fgp ; then
	12	fail "ssh-keygen -l failed for $t-key"
	13	fi
	14	if ! egrep "^([0-9]+) SHA256:(.){43} ${comment} \(.*\)$" \
	15	$OBJ/$t-fgp >/dev/null 2>&1 ; then
	16	fail "comment is not correctly recovered for $t-key"
	17	fi
	18	rm -f $OBJ/$t-fgp
	19	}
	20
	21	for fmt in '' RFC4716 PKCS8 PEM; do
	22	for t in $SSH_KEYTYPES; do
	23	trace "generating $t key in '$fmt' format"
	24	rm -f $OBJ/$t-key*
	25	oldfmt=""
	26	case "$fmt" in
	27	PKCS8\|PEM) oldfmt=1 ;;
	28	esac
	29	# Some key types like ssh-ed25519 and *@openssh.com are never
	30	# stored in old formats.
	31	case "$t" in
	32	ssh-ed25519\|*openssh.com) test -z "$oldfmt" \|\| continue ;;
	33	esac
	34	comment="foo bar"
	35	fmtarg=""
	36	test -z "$fmt" \|\| fmtarg="-m $fmt"
	37	${SSHKEYGEN} $fmtarg -N '' -C "${comment}" \
	38	-t $t -f $OBJ/$t-key >/dev/null 2>&1 \|\| \
	39	fatal "keygen of $t in format $fmt failed"
	40	check_fingerprint $OBJ/$t-key "${comment}"
	41	check_fingerprint $OBJ/$t-key.pub "${comment}"
	42	# Output fingerprint using only private file
	43	trace "fingerprinting $t key using private key file"
	44	rm -f $OBJ/$t-key.pub
	45	if [ ! -z "$oldfmt" ] ; then
	46	# Comment cannot be recovered from old format keys.
	47	comment="no comment"
	48	fi
	49	check_fingerprint $OBJ/$t-key "${comment}"
	50	rm -f $OBJ/$t-key*
	51	done
	52	done