summaryrefslogtreecommitdiff
path: root/regress/unittests/sshkey
diff options
context:
space:
mode:
Diffstat (limited to 'regress/unittests/sshkey')
-rw-r--r--regress/unittests/sshkey/test_file.c42
-rw-r--r--regress/unittests/sshkey/test_fuzz.c102
-rw-r--r--regress/unittests/sshkey/test_sshkey.c46
3 files changed, 97 insertions, 93 deletions
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
index c8a236937..906491f2b 100644
--- a/regress/unittests/sshkey/test_file.c
+++ b/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_file.c,v 1.4 2015/07/07 14:53:30 markus Exp $ */ 1/* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -54,8 +54,7 @@ sshkey_file_tests(void)
54#ifdef WITH_SSH1 54#ifdef WITH_SSH1
55 TEST_START("parse RSA1 from private"); 55 TEST_START("parse RSA1 from private");
56 buf = load_file("rsa1_1"); 56 buf = load_file("rsa1_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1", 57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
58 &k1, NULL), 0);
59 sshbuf_free(buf); 58 sshbuf_free(buf);
60 ASSERT_PTR_NE(k1, NULL); 59 ASSERT_PTR_NE(k1, NULL);
61 a = load_bignum("rsa1_1.param.n"); 60 a = load_bignum("rsa1_1.param.n");
@@ -66,7 +65,7 @@ sshkey_file_tests(void)
66 TEST_START("parse RSA1 from private w/ passphrase"); 65 TEST_START("parse RSA1 from private w/ passphrase");
67 buf = load_file("rsa1_1_pw"); 66 buf = load_file("rsa1_1_pw");
68 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 67 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
69 (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0); 68 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
70 sshbuf_free(buf); 69 sshbuf_free(buf);
71 ASSERT_PTR_NE(k2, NULL); 70 ASSERT_PTR_NE(k2, NULL);
72 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 71 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -104,8 +103,7 @@ sshkey_file_tests(void)
104 103
105 TEST_START("parse RSA from private"); 104 TEST_START("parse RSA from private");
106 buf = load_file("rsa_1"); 105 buf = load_file("rsa_1");
107 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1", 106 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
108 &k1, NULL), 0);
109 sshbuf_free(buf); 107 sshbuf_free(buf);
110 ASSERT_PTR_NE(k1, NULL); 108 ASSERT_PTR_NE(k1, NULL);
111 a = load_bignum("rsa_1.param.n"); 109 a = load_bignum("rsa_1.param.n");
@@ -122,7 +120,7 @@ sshkey_file_tests(void)
122 TEST_START("parse RSA from private w/ passphrase"); 120 TEST_START("parse RSA from private w/ passphrase");
123 buf = load_file("rsa_1_pw"); 121 buf = load_file("rsa_1_pw");
124 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 122 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
125 (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0); 123 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
126 sshbuf_free(buf); 124 sshbuf_free(buf);
127 ASSERT_PTR_NE(k2, NULL); 125 ASSERT_PTR_NE(k2, NULL);
128 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 126 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -131,8 +129,7 @@ sshkey_file_tests(void)
131 129
132 TEST_START("parse RSA from new-format"); 130 TEST_START("parse RSA from new-format");
133 buf = load_file("rsa_n"); 131 buf = load_file("rsa_n");
134 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 132 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
135 "", "rsa_n", &k2, NULL), 0);
136 sshbuf_free(buf); 133 sshbuf_free(buf);
137 ASSERT_PTR_NE(k2, NULL); 134 ASSERT_PTR_NE(k2, NULL);
138 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 135 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -142,7 +139,7 @@ sshkey_file_tests(void)
142 TEST_START("parse RSA from new-format w/ passphrase"); 139 TEST_START("parse RSA from new-format w/ passphrase");
143 buf = load_file("rsa_n_pw"); 140 buf = load_file("rsa_n_pw");
144 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 141 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
145 (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0); 142 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
146 sshbuf_free(buf); 143 sshbuf_free(buf);
147 ASSERT_PTR_NE(k2, NULL); 144 ASSERT_PTR_NE(k2, NULL);
148 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 145 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -197,8 +194,7 @@ sshkey_file_tests(void)
197 194
198 TEST_START("parse DSA from private"); 195 TEST_START("parse DSA from private");
199 buf = load_file("dsa_1"); 196 buf = load_file("dsa_1");
200 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1", 197 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
201 &k1, NULL), 0);
202 sshbuf_free(buf); 198 sshbuf_free(buf);
203 ASSERT_PTR_NE(k1, NULL); 199 ASSERT_PTR_NE(k1, NULL);
204 a = load_bignum("dsa_1.param.g"); 200 a = load_bignum("dsa_1.param.g");
@@ -215,7 +211,7 @@ sshkey_file_tests(void)
215 TEST_START("parse DSA from private w/ passphrase"); 211 TEST_START("parse DSA from private w/ passphrase");
216 buf = load_file("dsa_1_pw"); 212 buf = load_file("dsa_1_pw");
217 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 213 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
218 (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0); 214 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
219 sshbuf_free(buf); 215 sshbuf_free(buf);
220 ASSERT_PTR_NE(k2, NULL); 216 ASSERT_PTR_NE(k2, NULL);
221 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 217 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -224,8 +220,7 @@ sshkey_file_tests(void)
224 220
225 TEST_START("parse DSA from new-format"); 221 TEST_START("parse DSA from new-format");
226 buf = load_file("dsa_n"); 222 buf = load_file("dsa_n");
227 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 223 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
228 "", "dsa_n", &k2, NULL), 0);
229 sshbuf_free(buf); 224 sshbuf_free(buf);
230 ASSERT_PTR_NE(k2, NULL); 225 ASSERT_PTR_NE(k2, NULL);
231 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 226 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -235,7 +230,7 @@ sshkey_file_tests(void)
235 TEST_START("parse DSA from new-format w/ passphrase"); 230 TEST_START("parse DSA from new-format w/ passphrase");
236 buf = load_file("dsa_n_pw"); 231 buf = load_file("dsa_n_pw");
237 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 232 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
238 (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0); 233 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
239 sshbuf_free(buf); 234 sshbuf_free(buf);
240 ASSERT_PTR_NE(k2, NULL); 235 ASSERT_PTR_NE(k2, NULL);
241 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 236 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -291,8 +286,7 @@ sshkey_file_tests(void)
291#ifdef OPENSSL_HAS_ECC 286#ifdef OPENSSL_HAS_ECC
292 TEST_START("parse ECDSA from private"); 287 TEST_START("parse ECDSA from private");
293 buf = load_file("ecdsa_1"); 288 buf = load_file("ecdsa_1");
294 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1", 289 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
295 &k1, NULL), 0);
296 sshbuf_free(buf); 290 sshbuf_free(buf);
297 ASSERT_PTR_NE(k1, NULL); 291 ASSERT_PTR_NE(k1, NULL);
298 buf = load_text_file("ecdsa_1.param.curve"); 292 buf = load_text_file("ecdsa_1.param.curve");
@@ -315,7 +309,7 @@ sshkey_file_tests(void)
315 TEST_START("parse ECDSA from private w/ passphrase"); 309 TEST_START("parse ECDSA from private w/ passphrase");
316 buf = load_file("ecdsa_1_pw"); 310 buf = load_file("ecdsa_1_pw");
317 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 311 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
318 (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0); 312 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
319 sshbuf_free(buf); 313 sshbuf_free(buf);
320 ASSERT_PTR_NE(k2, NULL); 314 ASSERT_PTR_NE(k2, NULL);
321 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 315 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -324,8 +318,7 @@ sshkey_file_tests(void)
324 318
325 TEST_START("parse ECDSA from new-format"); 319 TEST_START("parse ECDSA from new-format");
326 buf = load_file("ecdsa_n"); 320 buf = load_file("ecdsa_n");
327 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 321 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
328 "", "ecdsa_n", &k2, NULL), 0);
329 sshbuf_free(buf); 322 sshbuf_free(buf);
330 ASSERT_PTR_NE(k2, NULL); 323 ASSERT_PTR_NE(k2, NULL);
331 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 324 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -335,7 +328,7 @@ sshkey_file_tests(void)
335 TEST_START("parse ECDSA from new-format w/ passphrase"); 328 TEST_START("parse ECDSA from new-format w/ passphrase");
336 buf = load_file("ecdsa_n_pw"); 329 buf = load_file("ecdsa_n_pw");
337 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 330 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
338 (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0); 331 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
339 sshbuf_free(buf); 332 sshbuf_free(buf);
340 ASSERT_PTR_NE(k2, NULL); 333 ASSERT_PTR_NE(k2, NULL);
341 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 334 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -391,8 +384,7 @@ sshkey_file_tests(void)
391 384
392 TEST_START("parse Ed25519 from private"); 385 TEST_START("parse Ed25519 from private");
393 buf = load_file("ed25519_1"); 386 buf = load_file("ed25519_1");
394 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1", 387 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
395 &k1, NULL), 0);
396 sshbuf_free(buf); 388 sshbuf_free(buf);
397 ASSERT_PTR_NE(k1, NULL); 389 ASSERT_PTR_NE(k1, NULL);
398 ASSERT_INT_EQ(k1->type, KEY_ED25519); 390 ASSERT_INT_EQ(k1->type, KEY_ED25519);
@@ -402,7 +394,7 @@ sshkey_file_tests(void)
402 TEST_START("parse Ed25519 from private w/ passphrase"); 394 TEST_START("parse Ed25519 from private w/ passphrase");
403 buf = load_file("ed25519_1_pw"); 395 buf = load_file("ed25519_1_pw");
404 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 396 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
405 (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0); 397 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
406 sshbuf_free(buf); 398 sshbuf_free(buf);
407 ASSERT_PTR_NE(k2, NULL); 399 ASSERT_PTR_NE(k2, NULL);
408 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 400 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index 1f08a2e43..1f414e0ac 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_fuzz.c,v 1.4 2015/03/04 23:22:35 djm Exp $ */ 1/* $OpenBSD: test_fuzz.c,v 1.6 2015/12/07 02:20:46 djm Exp $ */
2/* 2/*
3 * Fuzz tests for key parsing 3 * Fuzz tests for key parsing
4 * 4 *
@@ -72,13 +72,13 @@ public_fuzz(struct sshkey *k)
72} 72}
73 73
74static void 74static void
75sig_fuzz(struct sshkey *k) 75sig_fuzz(struct sshkey *k, const char *sig_alg)
76{ 76{
77 struct fuzz *fuzz; 77 struct fuzz *fuzz;
78 u_char *sig, c[] = "some junk to be signed"; 78 u_char *sig, c[] = "some junk to be signed";
79 size_t l; 79 size_t l;
80 80
81 ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), 0), 0); 81 ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0);
82 ASSERT_SIZE_T_GT(l, 0); 82 ASSERT_SIZE_T_GT(l, 0);
83 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */ 83 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */
84 FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | 84 FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
@@ -110,8 +110,7 @@ sshkey_fuzz_tests(void)
110 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | 110 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
111 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, 111 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
112 sshbuf_mutable_ptr(buf), sshbuf_len(buf)); 112 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
113 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 113 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
114 &k1, NULL), 0);
115 sshkey_free(k1); 114 sshkey_free(k1);
116 sshbuf_free(buf); 115 sshbuf_free(buf);
117 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 116 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -119,8 +118,7 @@ sshkey_fuzz_tests(void)
119 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 118 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
120 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 119 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
121 ASSERT_INT_EQ(r, 0); 120 ASSERT_INT_EQ(r, 0);
122 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 121 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
123 &k1, NULL) == 0)
124 sshkey_free(k1); 122 sshkey_free(k1);
125 sshbuf_reset(fuzzed); 123 sshbuf_reset(fuzzed);
126 } 124 }
@@ -154,8 +152,7 @@ sshkey_fuzz_tests(void)
154 buf = load_file("rsa_1"); 152 buf = load_file("rsa_1");
155 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 153 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
156 sshbuf_len(buf)); 154 sshbuf_len(buf));
157 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 155 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
158 &k1, NULL), 0);
159 sshkey_free(k1); 156 sshkey_free(k1);
160 sshbuf_free(buf); 157 sshbuf_free(buf);
161 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 158 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -163,8 +160,7 @@ sshkey_fuzz_tests(void)
163 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 160 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
164 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 161 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
165 ASSERT_INT_EQ(r, 0); 162 ASSERT_INT_EQ(r, 0);
166 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 163 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
167 &k1, NULL) == 0)
168 sshkey_free(k1); 164 sshkey_free(k1);
169 sshbuf_reset(fuzzed); 165 sshbuf_reset(fuzzed);
170 } 166 }
@@ -176,8 +172,7 @@ sshkey_fuzz_tests(void)
176 buf = load_file("rsa_n"); 172 buf = load_file("rsa_n");
177 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 173 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
178 sshbuf_len(buf)); 174 sshbuf_len(buf));
179 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 175 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
180 &k1, NULL), 0);
181 sshkey_free(k1); 176 sshkey_free(k1);
182 sshbuf_free(buf); 177 sshbuf_free(buf);
183 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 178 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -185,8 +180,7 @@ sshkey_fuzz_tests(void)
185 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 180 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
186 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 181 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
187 ASSERT_INT_EQ(r, 0); 182 ASSERT_INT_EQ(r, 0);
188 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 183 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
189 &k1, NULL) == 0)
190 sshkey_free(k1); 184 sshkey_free(k1);
191 sshbuf_reset(fuzzed); 185 sshbuf_reset(fuzzed);
192 } 186 }
@@ -198,8 +192,7 @@ sshkey_fuzz_tests(void)
198 buf = load_file("dsa_1"); 192 buf = load_file("dsa_1");
199 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 193 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
200 sshbuf_len(buf)); 194 sshbuf_len(buf));
201 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 195 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
202 &k1, NULL), 0);
203 sshkey_free(k1); 196 sshkey_free(k1);
204 sshbuf_free(buf); 197 sshbuf_free(buf);
205 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 198 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -207,8 +200,7 @@ sshkey_fuzz_tests(void)
207 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 200 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
208 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 201 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
209 ASSERT_INT_EQ(r, 0); 202 ASSERT_INT_EQ(r, 0);
210 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 203 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
211 &k1, NULL) == 0)
212 sshkey_free(k1); 204 sshkey_free(k1);
213 sshbuf_reset(fuzzed); 205 sshbuf_reset(fuzzed);
214 } 206 }
@@ -220,8 +212,7 @@ sshkey_fuzz_tests(void)
220 buf = load_file("dsa_n"); 212 buf = load_file("dsa_n");
221 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 213 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
222 sshbuf_len(buf)); 214 sshbuf_len(buf));
223 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 215 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
224 &k1, NULL), 0);
225 sshkey_free(k1); 216 sshkey_free(k1);
226 sshbuf_free(buf); 217 sshbuf_free(buf);
227 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 218 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -229,8 +220,7 @@ sshkey_fuzz_tests(void)
229 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 220 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
230 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 221 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
231 ASSERT_INT_EQ(r, 0); 222 ASSERT_INT_EQ(r, 0);
232 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 223 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
233 &k1, NULL) == 0)
234 sshkey_free(k1); 224 sshkey_free(k1);
235 sshbuf_reset(fuzzed); 225 sshbuf_reset(fuzzed);
236 } 226 }
@@ -243,8 +233,7 @@ sshkey_fuzz_tests(void)
243 buf = load_file("ecdsa_1"); 233 buf = load_file("ecdsa_1");
244 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 234 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
245 sshbuf_len(buf)); 235 sshbuf_len(buf));
246 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 236 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
247 &k1, NULL), 0);
248 sshkey_free(k1); 237 sshkey_free(k1);
249 sshbuf_free(buf); 238 sshbuf_free(buf);
250 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 239 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -252,8 +241,7 @@ sshkey_fuzz_tests(void)
252 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 241 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
253 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 242 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
254 ASSERT_INT_EQ(r, 0); 243 ASSERT_INT_EQ(r, 0);
255 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 244 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
256 &k1, NULL) == 0)
257 sshkey_free(k1); 245 sshkey_free(k1);
258 sshbuf_reset(fuzzed); 246 sshbuf_reset(fuzzed);
259 } 247 }
@@ -265,8 +253,7 @@ sshkey_fuzz_tests(void)
265 buf = load_file("ecdsa_n"); 253 buf = load_file("ecdsa_n");
266 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 254 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
267 sshbuf_len(buf)); 255 sshbuf_len(buf));
268 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 256 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
269 &k1, NULL), 0);
270 sshkey_free(k1); 257 sshkey_free(k1);
271 sshbuf_free(buf); 258 sshbuf_free(buf);
272 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 259 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -274,8 +261,7 @@ sshkey_fuzz_tests(void)
274 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 261 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
275 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 262 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
276 ASSERT_INT_EQ(r, 0); 263 ASSERT_INT_EQ(r, 0);
277 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 264 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
278 &k1, NULL) == 0)
279 sshkey_free(k1); 265 sshkey_free(k1);
280 sshbuf_reset(fuzzed); 266 sshbuf_reset(fuzzed);
281 } 267 }
@@ -288,8 +274,7 @@ sshkey_fuzz_tests(void)
288 buf = load_file("ed25519_1"); 274 buf = load_file("ed25519_1");
289 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 275 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
290 sshbuf_len(buf)); 276 sshbuf_len(buf));
291 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 277 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
292 &k1, NULL), 0);
293 sshkey_free(k1); 278 sshkey_free(k1);
294 sshbuf_free(buf); 279 sshbuf_free(buf);
295 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 280 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -297,8 +282,7 @@ sshkey_fuzz_tests(void)
297 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 282 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
298 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 283 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
299 ASSERT_INT_EQ(r, 0); 284 ASSERT_INT_EQ(r, 0);
300 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 285 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
301 &k1, NULL) == 0)
302 sshkey_free(k1); 286 sshkey_free(k1);
303 sshbuf_reset(fuzzed); 287 sshbuf_reset(fuzzed);
304 } 288 }
@@ -308,8 +292,7 @@ sshkey_fuzz_tests(void)
308 292
309 TEST_START("fuzz RSA public"); 293 TEST_START("fuzz RSA public");
310 buf = load_file("rsa_1"); 294 buf = load_file("rsa_1");
311 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 295 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
312 &k1, NULL), 0);
313 sshbuf_free(buf); 296 sshbuf_free(buf);
314 public_fuzz(k1); 297 public_fuzz(k1);
315 sshkey_free(k1); 298 sshkey_free(k1);
@@ -323,8 +306,7 @@ sshkey_fuzz_tests(void)
323 306
324 TEST_START("fuzz DSA public"); 307 TEST_START("fuzz DSA public");
325 buf = load_file("dsa_1"); 308 buf = load_file("dsa_1");
326 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 309 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
327 &k1, NULL), 0);
328 sshbuf_free(buf); 310 sshbuf_free(buf);
329 public_fuzz(k1); 311 public_fuzz(k1);
330 sshkey_free(k1); 312 sshkey_free(k1);
@@ -339,8 +321,7 @@ sshkey_fuzz_tests(void)
339#ifdef OPENSSL_HAS_ECC 321#ifdef OPENSSL_HAS_ECC
340 TEST_START("fuzz ECDSA public"); 322 TEST_START("fuzz ECDSA public");
341 buf = load_file("ecdsa_1"); 323 buf = load_file("ecdsa_1");
342 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 324 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
343 &k1, NULL), 0);
344 sshbuf_free(buf); 325 sshbuf_free(buf);
345 public_fuzz(k1); 326 public_fuzz(k1);
346 sshkey_free(k1); 327 sshkey_free(k1);
@@ -355,8 +336,7 @@ sshkey_fuzz_tests(void)
355 336
356 TEST_START("fuzz Ed25519 public"); 337 TEST_START("fuzz Ed25519 public");
357 buf = load_file("ed25519_1"); 338 buf = load_file("ed25519_1");
358 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 339 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
359 &k1, NULL), 0);
360 sshbuf_free(buf); 340 sshbuf_free(buf);
361 public_fuzz(k1); 341 public_fuzz(k1);
362 sshkey_free(k1); 342 sshkey_free(k1);
@@ -370,39 +350,51 @@ sshkey_fuzz_tests(void)
370 350
371 TEST_START("fuzz RSA sig"); 351 TEST_START("fuzz RSA sig");
372 buf = load_file("rsa_1"); 352 buf = load_file("rsa_1");
373 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 353 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
374 &k1, NULL), 0);
375 sshbuf_free(buf); 354 sshbuf_free(buf);
376 sig_fuzz(k1); 355 sig_fuzz(k1, "ssh-rsa");
356 sshkey_free(k1);
357 TEST_DONE();
358
359 TEST_START("fuzz RSA SHA256 sig");
360 buf = load_file("rsa_1");
361 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
362 sshbuf_free(buf);
363 sig_fuzz(k1, "rsa-sha2-256");
364 sshkey_free(k1);
365 TEST_DONE();
366
367 TEST_START("fuzz RSA SHA512 sig");
368 buf = load_file("rsa_1");
369 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
370 sshbuf_free(buf);
371 sig_fuzz(k1, "rsa-sha2-512");
377 sshkey_free(k1); 372 sshkey_free(k1);
378 TEST_DONE(); 373 TEST_DONE();
379 374
380 TEST_START("fuzz DSA sig"); 375 TEST_START("fuzz DSA sig");
381 buf = load_file("dsa_1"); 376 buf = load_file("dsa_1");
382 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 377 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
383 &k1, NULL), 0);
384 sshbuf_free(buf); 378 sshbuf_free(buf);
385 sig_fuzz(k1); 379 sig_fuzz(k1, NULL);
386 sshkey_free(k1); 380 sshkey_free(k1);
387 TEST_DONE(); 381 TEST_DONE();
388 382
389#ifdef OPENSSL_HAS_ECC 383#ifdef OPENSSL_HAS_ECC
390 TEST_START("fuzz ECDSA sig"); 384 TEST_START("fuzz ECDSA sig");
391 buf = load_file("ecdsa_1"); 385 buf = load_file("ecdsa_1");
392 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 386 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
393 &k1, NULL), 0);
394 sshbuf_free(buf); 387 sshbuf_free(buf);
395 sig_fuzz(k1); 388 sig_fuzz(k1, NULL);
396 sshkey_free(k1); 389 sshkey_free(k1);
397 TEST_DONE(); 390 TEST_DONE();
398#endif 391#endif
399 392
400 TEST_START("fuzz Ed25519 sig"); 393 TEST_START("fuzz Ed25519 sig");
401 buf = load_file("ed25519_1"); 394 buf = load_file("ed25519_1");
402 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 395 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
403 &k1, NULL), 0);
404 sshbuf_free(buf); 396 sshbuf_free(buf);
405 sig_fuzz(k1); 397 sig_fuzz(k1, NULL);
406 sshkey_free(k1); 398 sshkey_free(k1);
407 TEST_DONE(); 399 TEST_DONE();
408 400
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 9b3ce7ee4..1f160d1a7 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_sshkey.c,v 1.7 2015/08/05 05:27:33 djm Exp $ */ 1/* $OpenBSD: test_sshkey.c,v 1.9 2015/12/07 02:20:46 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -52,7 +52,8 @@ put_opt(struct sshbuf *b, const char *name, const char *value)
52 52
53static void 53static void
54build_cert(struct sshbuf *b, const struct sshkey *k, const char *type, 54build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
55 const struct sshkey *sign_key, const struct sshkey *ca_key) 55 const struct sshkey *sign_key, const struct sshkey *ca_key,
56 const char *sig_alg)
56{ 57{
57 struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts; 58 struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts;
58 u_char *sigblob; 59 u_char *sigblob;
@@ -99,7 +100,7 @@ build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
99 ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */ 100 ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */
100 ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */ 101 ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */
101 ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen, 102 ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen,
102 sshbuf_ptr(b), sshbuf_len(b), 0), 0); 103 sshbuf_ptr(b), sshbuf_len(b), sig_alg, 0), 0);
103 ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */ 104 ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */
104 105
105 free(sigblob); 106 free(sigblob);
@@ -111,12 +112,13 @@ build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
111} 112}
112 113
113static void 114static void
114signature_test(struct sshkey *k, struct sshkey *bad, const u_char *d, size_t l) 115signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg,
116 const u_char *d, size_t l)
115{ 117{
116 size_t len; 118 size_t len;
117 u_char *sig; 119 u_char *sig;
118 120
119 ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, 0), 0); 121 ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, 0), 0);
120 ASSERT_SIZE_T_GT(len, 8); 122 ASSERT_SIZE_T_GT(len, 8);
121 ASSERT_PTR_NE(sig, NULL); 123 ASSERT_PTR_NE(sig, NULL);
122 ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0); 124 ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0);
@@ -143,7 +145,7 @@ banana(u_char *s, size_t l)
143} 145}
144 146
145static void 147static void
146signature_tests(struct sshkey *k, struct sshkey *bad) 148signature_tests(struct sshkey *k, struct sshkey *bad, const char *sig_alg)
147{ 149{
148 u_char i, buf[2049]; 150 u_char i, buf[2049];
149 size_t lens[] = { 151 size_t lens[] = {
@@ -155,7 +157,7 @@ signature_tests(struct sshkey *k, struct sshkey *bad)
155 test_subtest_info("%s key, banana length %zu", 157 test_subtest_info("%s key, banana length %zu",
156 sshkey_type(k), lens[i]); 158 sshkey_type(k), lens[i]);
157 banana(buf, lens[i]); 159 banana(buf, lens[i]);
158 signature_test(k, bad, buf, lens[i]); 160 signature_test(k, bad, sig_alg, buf, lens[i]);
159 } 161 }
160} 162}
161 163
@@ -166,7 +168,7 @@ get_private(const char *n)
166 struct sshkey *ret; 168 struct sshkey *ret;
167 169
168 b = load_file(n); 170 b = load_file(n);
169 ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", n, &ret, NULL), 0); 171 ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", &ret, NULL), 0);
170 sshbuf_free(b); 172 sshbuf_free(b);
171 return ret; 173 return ret;
172} 174}
@@ -469,7 +471,25 @@ sshkey_tests(void)
469 k1 = get_private("rsa_1"); 471 k1 = get_private("rsa_1");
470 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2, 472 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
471 NULL), 0); 473 NULL), 0);
472 signature_tests(k1, k2); 474 signature_tests(k1, k2, "ssh-rsa");
475 sshkey_free(k1);
476 sshkey_free(k2);
477 TEST_DONE();
478
479 TEST_START("sign and verify RSA-SHA256");
480 k1 = get_private("rsa_1");
481 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
482 NULL), 0);
483 signature_tests(k1, k2, "rsa-sha2-256");
484 sshkey_free(k1);
485 sshkey_free(k2);
486 TEST_DONE();
487
488 TEST_START("sign and verify RSA-SHA512");
489 k1 = get_private("rsa_1");
490 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
491 NULL), 0);
492 signature_tests(k1, k2, "rsa-sha2-512");
473 sshkey_free(k1); 493 sshkey_free(k1);
474 sshkey_free(k2); 494 sshkey_free(k2);
475 TEST_DONE(); 495 TEST_DONE();
@@ -478,7 +498,7 @@ sshkey_tests(void)
478 k1 = get_private("dsa_1"); 498 k1 = get_private("dsa_1");
479 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2, 499 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2,
480 NULL), 0); 500 NULL), 0);
481 signature_tests(k1, k2); 501 signature_tests(k1, k2, NULL);
482 sshkey_free(k1); 502 sshkey_free(k1);
483 sshkey_free(k2); 503 sshkey_free(k2);
484 TEST_DONE(); 504 TEST_DONE();
@@ -488,7 +508,7 @@ sshkey_tests(void)
488 k1 = get_private("ecdsa_1"); 508 k1 = get_private("ecdsa_1");
489 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2, 509 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2,
490 NULL), 0); 510 NULL), 0);
491 signature_tests(k1, k2); 511 signature_tests(k1, k2, NULL);
492 sshkey_free(k1); 512 sshkey_free(k1);
493 sshkey_free(k2); 513 sshkey_free(k2);
494 TEST_DONE(); 514 TEST_DONE();
@@ -498,7 +518,7 @@ sshkey_tests(void)
498 k1 = get_private("ed25519_1"); 518 k1 = get_private("ed25519_1");
499 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_2.pub"), &k2, 519 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_2.pub"), &k2,
500 NULL), 0); 520 NULL), 0);
501 signature_tests(k1, k2); 521 signature_tests(k1, k2, NULL);
502 sshkey_free(k1); 522 sshkey_free(k1);
503 sshkey_free(k2); 523 sshkey_free(k2);
504 TEST_DONE(); 524 TEST_DONE();
@@ -508,7 +528,7 @@ sshkey_tests(void)
508 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, 528 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
509 NULL), 0); 529 NULL), 0);
510 k3 = get_private("rsa_1"); 530 k3 = get_private("rsa_1");
511 build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1); 531 build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1, NULL);
512 ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4), 532 ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4),
513 SSH_ERR_KEY_CERT_INVALID_SIGN_KEY); 533 SSH_ERR_KEY_CERT_INVALID_SIGN_KEY);
514 ASSERT_PTR_EQ(k4, NULL); 534 ASSERT_PTR_EQ(k4, NULL);