summaryrefslogtreecommitdiff
path: root/regress/unittests/sshkey
diff options
context:
space:
mode:
Diffstat (limited to 'regress/unittests/sshkey')
-rwxr-xr-xregress/unittests/sshkey/mktestdata.sh35
-rw-r--r--regress/unittests/sshkey/test_file.c51
-rw-r--r--regress/unittests/sshkey/test_fuzz.c45
-rw-r--r--regress/unittests/sshkey/test_sshkey.c12
4 files changed, 7 insertions, 136 deletions
diff --git a/regress/unittests/sshkey/mktestdata.sh b/regress/unittests/sshkey/mktestdata.sh
index e11100145..8047bc62f 100755
--- a/regress/unittests/sshkey/mktestdata.sh
+++ b/regress/unittests/sshkey/mktestdata.sh
@@ -1,25 +1,8 @@
1#!/bin/sh 1#!/bin/sh
2# $OpenBSD: mktestdata.sh,v 1.5 2015/07/07 14:53:30 markus Exp $ 2# $OpenBSD: mktestdata.sh,v 1.6 2017/04/30 23:33:48 djm Exp $
3 3
4PW=mekmitasdigoat 4PW=mekmitasdigoat
5 5
6rsa1_params() {
7 _in="$1"
8 _outbase="$2"
9 set -e
10 ssh-keygen -f $_in -e -m pkcs8 | \
11 openssl rsa -noout -text -pubin | \
12 awk '/^Modulus:$/,/^Exponent:/' | \
13 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n
14 # XXX need conversion support in ssh-keygen for the other params
15 for x in n ; do
16 echo "" >> ${_outbase}.$x
17 echo ============ ${_outbase}.$x
18 cat ${_outbase}.$x
19 echo ============
20 done
21}
22
23rsa_params() { 6rsa_params() {
24 _in="$1" 7 _in="$1"
25 _outbase="$2" 8 _outbase="$2"
@@ -87,20 +70,18 @@ set -ex
87 70
88cd testdata 71cd testdata
89 72
90rm -f rsa1_1 rsa_1 dsa_1 ecdsa_1 ed25519_1 73rm -f rsa_1 dsa_1 ecdsa_1 ed25519_1
91rm -f rsa1_2 rsa_2 dsa_2 ecdsa_2 ed25519_2 74rm -f rsa_2 dsa_2 ecdsa_2 ed25519_2
92rm -f rsa_n dsa_n ecdsa_n # new-format keys 75rm -f rsa_n dsa_n ecdsa_n # new-format keys
93rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw 76rm -f rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw
94rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw 77rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw
95rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb 78rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb
96 79
97ssh-keygen -t rsa1 -b 1024 -C "RSA1 test key #1" -N "" -f rsa1_1
98ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1 80ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1
99ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1 81ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1
100ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1 82ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1
101ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1 83ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1
102 84
103ssh-keygen -t rsa1 -b 2048 -C "RSA1 test key #2" -N "" -f rsa1_2
104ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2 85ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2
105ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2 86ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2
106ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2 87ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2
@@ -110,7 +91,6 @@ cp rsa_1 rsa_n
110cp dsa_1 dsa_n 91cp dsa_1 dsa_n
111cp ecdsa_1 ecdsa_n 92cp ecdsa_1 ecdsa_n
112 93
113cp rsa1_1 rsa1_1_pw
114cp rsa_1 rsa_1_pw 94cp rsa_1 rsa_1_pw
115cp dsa_1 dsa_1_pw 95cp dsa_1 dsa_1_pw
116cp ecdsa_1 ecdsa_1_pw 96cp ecdsa_1 ecdsa_1_pw
@@ -119,7 +99,6 @@ cp rsa_1 rsa_n_pw
119cp dsa_1 dsa_n_pw 99cp dsa_1 dsa_n_pw
120cp ecdsa_1 ecdsa_n_pw 100cp ecdsa_1 ecdsa_n_pw
121 101
122ssh-keygen -pf rsa1_1_pw -N "$PW"
123ssh-keygen -pf rsa_1_pw -N "$PW" 102ssh-keygen -pf rsa_1_pw -N "$PW"
124ssh-keygen -pf dsa_1_pw -N "$PW" 103ssh-keygen -pf dsa_1_pw -N "$PW"
125ssh-keygen -pf ecdsa_1_pw -N "$PW" 104ssh-keygen -pf ecdsa_1_pw -N "$PW"
@@ -128,8 +107,6 @@ ssh-keygen -opf rsa_n_pw -N "$PW"
128ssh-keygen -opf dsa_n_pw -N "$PW" 107ssh-keygen -opf dsa_n_pw -N "$PW"
129ssh-keygen -opf ecdsa_n_pw -N "$PW" 108ssh-keygen -opf ecdsa_n_pw -N "$PW"
130 109
131rsa1_params rsa1_1 rsa1_1.param
132rsa1_params rsa1_2 rsa1_2.param
133rsa_params rsa_1 rsa_1.param 110rsa_params rsa_1 rsa_1.param
134rsa_params rsa_2 rsa_2.param 111rsa_params rsa_2 rsa_2.param
135dsa_params dsa_1 dsa_1.param 112dsa_params dsa_1 dsa_1.param
@@ -160,12 +137,10 @@ ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \
160ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ 137ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \
161 -V 19990101:20110101 -z 8 ed25519_1.pub 138 -V 19990101:20110101 -z 8 ed25519_1.pub
162 139
163ssh-keygen -lf rsa1_1 | awk '{print $2}' > rsa1_1.fp
164ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp 140ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp
165ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp 141ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp
166ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp 142ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp
167ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp 143ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp
168ssh-keygen -lf rsa1_2 | awk '{print $2}' > rsa1_2.fp
169ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp 144ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp
170ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp 145ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp
171ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp 146ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp
@@ -176,12 +151,10 @@ ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp
176ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp 151ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp
177ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp 152ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp
178 153
179ssh-keygen -Bf rsa1_1 | awk '{print $2}' > rsa1_1.fp.bb
180ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb 154ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb
181ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb 155ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb
182ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb 156ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb
183ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb 157ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb
184ssh-keygen -Bf rsa1_2 | awk '{print $2}' > rsa1_2.fp.bb
185ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb 158ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb
186ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb 159ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb
187ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb 160ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
index 906491f2b..99b7e21c0 100644
--- a/regress/unittests/sshkey/test_file.c
+++ b/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */ 1/* $OpenBSD: test_file.c,v 1.6 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -51,55 +51,6 @@ sshkey_file_tests(void)
51 pw = load_text_file("pw"); 51 pw = load_text_file("pw");
52 TEST_DONE(); 52 TEST_DONE();
53 53
54#ifdef WITH_SSH1
55 TEST_START("parse RSA1 from private");
56 buf = load_file("rsa1_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
58 sshbuf_free(buf);
59 ASSERT_PTR_NE(k1, NULL);
60 a = load_bignum("rsa1_1.param.n");
61 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
62 BN_free(a);
63 TEST_DONE();
64
65 TEST_START("parse RSA1 from private w/ passphrase");
66 buf = load_file("rsa1_1_pw");
67 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
68 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
69 sshbuf_free(buf);
70 ASSERT_PTR_NE(k2, NULL);
71 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
72 sshkey_free(k2);
73 TEST_DONE();
74
75 TEST_START("load RSA1 from public");
76 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2,
77 NULL), 0);
78 ASSERT_PTR_NE(k2, NULL);
79 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
80 sshkey_free(k2);
81 TEST_DONE();
82
83 TEST_START("RSA1 key hex fingerprint");
84 buf = load_text_file("rsa1_1.fp");
85 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
86 ASSERT_PTR_NE(cp, NULL);
87 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
88 sshbuf_free(buf);
89 free(cp);
90 TEST_DONE();
91
92 TEST_START("RSA1 key bubblebabble fingerprint");
93 buf = load_text_file("rsa1_1.fp.bb");
94 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
95 ASSERT_PTR_NE(cp, NULL);
96 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
97 sshbuf_free(buf);
98 free(cp);
99 TEST_DONE();
100
101 sshkey_free(k1);
102#endif
103 54
104 TEST_START("parse RSA from private"); 55 TEST_START("parse RSA from private");
105 buf = load_file("rsa_1"); 56 buf = load_file("rsa_1");
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index 1f414e0ac..6706045d5 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_fuzz.c,v 1.6 2015/12/07 02:20:46 djm Exp $ */ 1/* $OpenBSD: test_fuzz.c,v 1.7 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Fuzz tests for key parsing 3 * Fuzz tests for key parsing
4 * 4 *
@@ -104,49 +104,6 @@ sshkey_fuzz_tests(void)
104 struct fuzz *fuzz; 104 struct fuzz *fuzz;
105 int r; 105 int r;
106 106
107#ifdef WITH_SSH1
108 TEST_START("fuzz RSA1 private");
109 buf = load_file("rsa1_1");
110 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
111 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
112 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
113 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
114 sshkey_free(k1);
115 sshbuf_free(buf);
116 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
117 TEST_ONERROR(onerror, fuzz);
118 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
119 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
120 ASSERT_INT_EQ(r, 0);
121 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
122 sshkey_free(k1);
123 sshbuf_reset(fuzzed);
124 }
125 sshbuf_free(fuzzed);
126 fuzz_cleanup(fuzz);
127 TEST_DONE();
128
129 TEST_START("fuzz RSA1 public");
130 buf = load_file("rsa1_1_pw");
131 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
132 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
133 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
134 ASSERT_INT_EQ(sshkey_parse_public_rsa1_fileblob(buf, &k1, NULL), 0);
135 sshkey_free(k1);
136 sshbuf_free(buf);
137 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
138 TEST_ONERROR(onerror, fuzz);
139 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
140 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
141 ASSERT_INT_EQ(r, 0);
142 if (sshkey_parse_public_rsa1_fileblob(fuzzed, &k1, NULL) == 0)
143 sshkey_free(k1);
144 sshbuf_reset(fuzzed);
145 }
146 sshbuf_free(fuzzed);
147 fuzz_cleanup(fuzz);
148 TEST_DONE();
149#endif
150 107
151 TEST_START("fuzz RSA private"); 108 TEST_START("fuzz RSA private");
152 buf = load_file("rsa_1"); 109 buf = load_file("rsa_1");
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 1476dc2e3..32f8cb63c 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_sshkey.c,v 1.10 2016/05/02 09:52:00 djm Exp $ */ 1/* $OpenBSD: test_sshkey.c,v 1.11 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -193,16 +193,6 @@ sshkey_tests(void)
193 sshkey_free(k1); 193 sshkey_free(k1);
194 TEST_DONE(); 194 TEST_DONE();
195 195
196 TEST_START("new/free KEY_RSA1");
197 k1 = sshkey_new(KEY_RSA1);
198 ASSERT_PTR_NE(k1, NULL);
199 ASSERT_PTR_NE(k1->rsa, NULL);
200 ASSERT_PTR_NE(k1->rsa->n, NULL);
201 ASSERT_PTR_NE(k1->rsa->e, NULL);
202 ASSERT_PTR_EQ(k1->rsa->p, NULL);
203 sshkey_free(k1);
204 TEST_DONE();
205
206 TEST_START("new/free KEY_RSA"); 196 TEST_START("new/free KEY_RSA");
207 k1 = sshkey_new(KEY_RSA); 197 k1 = sshkey_new(KEY_RSA);
208 ASSERT_PTR_NE(k1, NULL); 198 ASSERT_PTR_NE(k1, NULL);