summaryrefslogtreecommitdiff
path: root/regress/unittests/sshkey
diff options
context:
space:
mode:
Diffstat (limited to 'regress/unittests/sshkey')
-rw-r--r--regress/unittests/sshkey/Makefile13
-rw-r--r--regress/unittests/sshkey/common.c80
-rw-r--r--regress/unittests/sshkey/common.h16
-rwxr-xr-xregress/unittests/sshkey/mktestdata.sh189
-rw-r--r--regress/unittests/sshkey/test_file.c451
-rw-r--r--regress/unittests/sshkey/test_fuzz.c396
-rw-r--r--regress/unittests/sshkey/test_sshkey.c343
-rw-r--r--regress/unittests/sshkey/testdata/dsa_112
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1-cert.fp1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1-cert.pub1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1.fp1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1.param.g1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1.param.priv1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1.param.pub1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1.pub1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_1_pw15
-rw-r--r--regress/unittests/sshkey/testdata/dsa_212
-rw-r--r--regress/unittests/sshkey/testdata/dsa_2.fp1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_2.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_2.pub1
-rw-r--r--regress/unittests/sshkey/testdata/dsa_n12
-rw-r--r--regress/unittests/sshkey/testdata/dsa_n_pw21
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_15
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1-cert.fp1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1-cert.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1.fp1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1.param.curve1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1.param.priv1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1.param.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_1_pw8
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_27
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_2.fp1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_2.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_2.param.curve1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_2.param.priv1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_2.param.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_2.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_n5
-rw-r--r--regress/unittests/sshkey/testdata/ecdsa_n_pw9
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_17
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_1-cert.fp1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_1-cert.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_1.fp1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_1.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_1.pub1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_1_pw8
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_27
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_2.fp1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_2.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/ed25519_2.pub1
-rw-r--r--regress/unittests/sshkey/testdata/pw1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_1bin0 -> 421 bytes
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_1.fp1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_1.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_1.param.n1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_1.pub1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_1_pwbin0 -> 421 bytes
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_2bin0 -> 981 bytes
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_2.fp1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_2.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_2.param.n1
-rw-r--r--regress/unittests/sshkey/testdata/rsa1_2.pub1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_112
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1-cert.fp1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1-cert.pub1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1.fp1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1.param.n1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1.param.p1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1.param.q1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1.pub1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_1_pw15
-rw-r--r--regress/unittests/sshkey/testdata/rsa_227
-rw-r--r--regress/unittests/sshkey/testdata/rsa_2.fp1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_2.fp.bb1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_2.param.n1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_2.param.p1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_2.param.q1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_2.pub1
-rw-r--r--regress/unittests/sshkey/testdata/rsa_n12
-rw-r--r--regress/unittests/sshkey/testdata/rsa_n_pw14
-rw-r--r--regress/unittests/sshkey/tests.c27
85 files changed, 1779 insertions, 0 deletions
diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile
new file mode 100644
index 000000000..1bcd26676
--- /dev/null
+++ b/regress/unittests/sshkey/Makefile
@@ -0,0 +1,13 @@
1# $OpenBSD: Makefile,v 1.1 2014/06/24 01:14:18 djm Exp $
2
3TEST_ENV= "MALLOC_OPTIONS=AFGJPRX"
4
5PROG=test_sshkey
6SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c
7REGRESS_TARGETS=run-regress-${PROG}
8
9run-regress-${PROG}: ${PROG}
10 env ${TEST_ENV} ./${PROG} -d ${.CURDIR}/testdata
11
12.include <bsd.regress.mk>
13
diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c
new file mode 100644
index 000000000..b73a788dd
--- /dev/null
+++ b/regress/unittests/sshkey/common.c
@@ -0,0 +1,80 @@
1/* $OpenBSD: common.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
2/*
3 * Helpers for key API tests
4 *
5 * Placed in the public domain
6 */
7
8#include "includes.h"
9
10#include <sys/types.h>
11#include <sys/param.h>
12#include <sys/stat.h>
13#include <fcntl.h>
14#include <stdio.h>
15#include <stdint.h>
16#include <stdlib.h>
17#include <string.h>
18#include <unistd.h>
19
20#include <openssl/bn.h>
21#include <openssl/ec.h>
22#include <openssl/rsa.h>
23#include <openssl/dsa.h>
24#include <openssl/objects.h>
25
26#include "../test_helper/test_helper.h"
27
28#include "ssherr.h"
29#include "authfile.h"
30#include "sshkey.h"
31#include "sshbuf.h"
32
33#include "common.h"
34
35struct sshbuf *
36load_file(const char *name)
37{
38 int fd;
39 struct sshbuf *ret;
40
41 ASSERT_PTR_NE(ret = sshbuf_new(), NULL);
42 ASSERT_INT_NE(fd = open(test_data_file(name), O_RDONLY), -1);
43 ASSERT_INT_EQ(sshkey_load_file(fd, name, ret), 0);
44 close(fd);
45 return ret;
46}
47
48struct sshbuf *
49load_text_file(const char *name)
50{
51 struct sshbuf *ret = load_file(name);
52 const u_char *p;
53
54 /* Trim whitespace at EOL */
55 for (p = sshbuf_ptr(ret); sshbuf_len(ret) > 0;) {
56 if (p[sshbuf_len(ret) - 1] == '\r' ||
57 p[sshbuf_len(ret) - 1] == '\t' ||
58 p[sshbuf_len(ret) - 1] == ' ' ||
59 p[sshbuf_len(ret) - 1] == '\n')
60 ASSERT_INT_EQ(sshbuf_consume_end(ret, 1), 0);
61 else
62 break;
63 }
64 /* \0 terminate */
65 ASSERT_INT_EQ(sshbuf_put_u8(ret, 0), 0);
66 return ret;
67}
68
69BIGNUM *
70load_bignum(const char *name)
71{
72 BIGNUM *ret = NULL;
73 struct sshbuf *buf;
74
75 buf = load_text_file(name);
76 ASSERT_INT_NE(BN_hex2bn(&ret, (const char *)sshbuf_ptr(buf)), 0);
77 sshbuf_free(buf);
78 return ret;
79}
80
diff --git a/regress/unittests/sshkey/common.h b/regress/unittests/sshkey/common.h
new file mode 100644
index 000000000..bf7d19dce
--- /dev/null
+++ b/regress/unittests/sshkey/common.h
@@ -0,0 +1,16 @@
1/* $OpenBSD: common.h,v 1.1 2014/06/24 01:14:18 djm Exp $ */
2/*
3 * Helpers for key API tests
4 *
5 * Placed in the public domain
6 */
7
8/* Load a binary file into a buffer */
9struct sshbuf *load_file(const char *name);
10
11/* Load a text file into a buffer */
12struct sshbuf *load_text_file(const char *name);
13
14/* Load a bignum from a file */
15BIGNUM *load_bignum(const char *name);
16
diff --git a/regress/unittests/sshkey/mktestdata.sh b/regress/unittests/sshkey/mktestdata.sh
new file mode 100755
index 000000000..2039bf974
--- /dev/null
+++ b/regress/unittests/sshkey/mktestdata.sh
@@ -0,0 +1,189 @@
1#!/bin/sh
2
3PW=mekmitasdigoat
4
5rsa1_params() {
6 _in="$1"
7 _outbase="$2"
8 set -e
9 ssh-keygen -f $_in -e -m pkcs8 | \
10 openssl rsa -noout -text -pubin | \
11 awk '/^Modulus:$/,/^Exponent:/' | \
12 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n
13 # XXX need conversion support in ssh-keygen for the other params
14 for x in n ; do
15 echo "" >> ${_outbase}.$x
16 echo ============ ${_outbase}.$x
17 cat ${_outbase}.$x
18 echo ============
19 done
20}
21
22rsa_params() {
23 _in="$1"
24 _outbase="$2"
25 set -e
26 openssl rsa -noout -text -in $_in | \
27 awk '/^modulus:$/,/^publicExponent:/' | \
28 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n
29 openssl rsa -noout -text -in $_in | \
30 awk '/^prime1:$/,/^prime2:/' | \
31 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.p
32 openssl rsa -noout -text -in $_in | \
33 awk '/^prime2:$/,/^exponent1:/' | \
34 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.q
35 for x in n p q ; do
36 echo "" >> ${_outbase}.$x
37 echo ============ ${_outbase}.$x
38 cat ${_outbase}.$x
39 echo ============
40 done
41}
42
43dsa_params() {
44 _in="$1"
45 _outbase="$2"
46 set -e
47 openssl dsa -noout -text -in $_in | \
48 awk '/^priv:$/,/^pub:/' | \
49 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.priv
50 openssl dsa -noout -text -in $_in | \
51 awk '/^pub:/,/^P:/' | #\
52 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.pub
53 openssl dsa -noout -text -in $_in | \
54 awk '/^G:/,0' | \
55 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.g
56 for x in priv pub g ; do
57 echo "" >> ${_outbase}.$x
58 echo ============ ${_outbase}.$x
59 cat ${_outbase}.$x
60 echo ============
61 done
62}
63
64ecdsa_params() {
65 _in="$1"
66 _outbase="$2"
67 set -e
68 openssl ec -noout -text -in $_in | \
69 awk '/^priv:$/,/^pub:/' | \
70 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.priv
71 openssl ec -noout -text -in $_in | \
72 awk '/^pub:/,/^ASN1 OID:/' | #\
73 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.pub
74 openssl ec -noout -text -in $_in | \
75 grep "ASN1 OID:" | tr -d '\n' | \
76 sed 's/.*: //;s/ *$//' > ${_outbase}.curve
77 for x in priv pub curve ; do
78 echo "" >> ${_outbase}.$x
79 echo ============ ${_outbase}.$x
80 cat ${_outbase}.$x
81 echo ============
82 done
83}
84
85set -ex
86
87cd testdata
88
89rm -f rsa1_1 rsa_1 dsa_1 ecdsa_1 ed25519_1
90rm -f rsa1_2 rsa_2 dsa_2 ecdsa_2 ed25519_2
91rm -f rsa_n dsa_n ecdsa_n # new-format keys
92rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw
93rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw
94rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb
95
96ssh-keygen -t rsa1 -b 768 -C "RSA1 test key #1" -N "" -f rsa1_1
97ssh-keygen -t rsa -b 768 -C "RSA test key #1" -N "" -f rsa_1
98ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1
99ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1
100ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1
101
102ssh-keygen -t rsa1 -b 2048 -C "RSA1 test key #2" -N "" -f rsa1_2
103ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2
104ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2
105ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2
106ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_2
107
108cp rsa_1 rsa_n
109cp dsa_1 dsa_n
110cp ecdsa_1 ecdsa_n
111
112cp rsa1_1 rsa1_1_pw
113cp rsa_1 rsa_1_pw
114cp dsa_1 dsa_1_pw
115cp ecdsa_1 ecdsa_1_pw
116cp ed25519_1 ed25519_1_pw
117cp rsa_1 rsa_n_pw
118cp dsa_1 dsa_n_pw
119cp ecdsa_1 ecdsa_n_pw
120
121ssh-keygen -pf rsa1_1_pw -N "$PW"
122ssh-keygen -pf rsa_1_pw -N "$PW"
123ssh-keygen -pf dsa_1_pw -N "$PW"
124ssh-keygen -pf ecdsa_1_pw -N "$PW"
125ssh-keygen -pf ed25519_1_pw -N "$PW"
126ssh-keygen -opf rsa_n_pw -N "$PW"
127ssh-keygen -opf dsa_n_pw -N "$PW"
128ssh-keygen -opf ecdsa_n_pw -N "$PW"
129
130rsa1_params rsa1_1 rsa1_1.param
131rsa1_params rsa1_2 rsa1_2.param
132rsa_params rsa_1 rsa_1.param
133rsa_params rsa_2 rsa_2.param
134dsa_params dsa_1 dsa_1.param
135dsa_params dsa_1 dsa_1.param
136ecdsa_params ecdsa_1 ecdsa_1.param
137ecdsa_params ecdsa_2 ecdsa_2.param
138# XXX ed25519 params
139
140ssh-keygen -s rsa_2 -I hugo -n user1,user2 \
141 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \
142 -V 19990101:20110101 -z 1 rsa_1.pub
143ssh-keygen -s rsa_2 -I hugo -n user1,user2 \
144 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \
145 -V 19990101:20110101 -z 2 dsa_1.pub
146ssh-keygen -s rsa_2 -I hugo -n user1,user2 \
147 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \
148 -V 19990101:20110101 -z 3 ecdsa_1.pub
149ssh-keygen -s rsa_2 -I hugo -n user1,user2 \
150 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \
151 -V 19990101:20110101 -z 4 ed25519_1.pub
152
153ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \
154 -V 19990101:20110101 -z 5 rsa_1.pub
155ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \
156 -V 19990101:20110101 -z 6 dsa_1.pub
157ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \
158 -V 19990101:20110101 -z 7 ecdsa_1.pub
159ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \
160 -V 19990101:20110101 -z 8 ed25519_1.pub
161
162ssh-keygen -lf rsa1_1 | awk '{print $2}' > rsa1_1.fp
163ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp
164ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp
165ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp
166ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp
167ssh-keygen -lf rsa1_2 | awk '{print $2}' > rsa1_2.fp
168ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp
169ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp
170ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp
171ssh-keygen -lf ed25519_2 | awk '{print $2}' > ed25519_2.fp
172
173ssh-keygen -lf dsa_1-cert.pub | awk '{print $2}' > dsa_1-cert.fp
174ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp
175ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp
176ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp
177
178ssh-keygen -Bf rsa1_1 | awk '{print $2}' > rsa1_1.fp.bb
179ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb
180ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb
181ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb
182ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb
183ssh-keygen -Bf rsa1_2 | awk '{print $2}' > rsa1_2.fp.bb
184ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb
185ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb
186ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb
187ssh-keygen -Bf ed25519_2 | awk '{print $2}' > ed25519_2.fp.bb
188
189echo "$PW" > pw
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
new file mode 100644
index 000000000..3c84f1561
--- /dev/null
+++ b/regress/unittests/sshkey/test_file.c
@@ -0,0 +1,451 @@
1/* $OpenBSD: test_file.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
2/*
3 * Regress test for sshkey.h key management API
4 *
5 * Placed in the public domain
6 */
7
8#include "includes.h"
9
10#include <sys/types.h>
11#include <sys/param.h>
12#include <sys/stat.h>
13#include <fcntl.h>
14#include <stdio.h>
15#include <stdint.h>
16#include <stdlib.h>
17#include <string.h>
18#include <unistd.h>
19
20#include <openssl/bn.h>
21#include <openssl/ec.h>
22#include <openssl/rsa.h>
23#include <openssl/dsa.h>
24#include <openssl/objects.h>
25
26#include "../test_helper/test_helper.h"
27
28#include "ssherr.h"
29#include "authfile.h"
30#include "sshkey.h"
31#include "sshbuf.h"
32
33#include "common.h"
34
35void sshkey_file_tests(void);
36
37void
38sshkey_file_tests(void)
39{
40 struct sshkey *k1, *k2;
41 struct sshbuf *buf, *pw;
42 BIGNUM *a, *b, *c;
43 char *cp;
44
45 TEST_START("load passphrase");
46 pw = load_text_file("pw");
47 TEST_DONE();
48
49 TEST_START("parse RSA1 from private");
50 buf = load_file("rsa1_1");
51 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1",
52 &k1, NULL), 0);
53 sshbuf_free(buf);
54 ASSERT_PTR_NE(k1, NULL);
55 a = load_bignum("rsa1_1.param.n");
56 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
57 BN_free(a);
58 TEST_DONE();
59
60 TEST_START("parse RSA1 from private w/ passphrase");
61 buf = load_file("rsa1_1_pw");
62 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
63 (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0);
64 sshbuf_free(buf);
65 ASSERT_PTR_NE(k2, NULL);
66 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
67 sshkey_free(k2);
68 TEST_DONE();
69
70 TEST_START("load RSA1 from public");
71 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2,
72 NULL), 0);
73 ASSERT_PTR_NE(k2, NULL);
74 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
75 sshkey_free(k2);
76 TEST_DONE();
77
78 TEST_START("RSA1 key hex fingerprint");
79 buf = load_text_file("rsa1_1.fp");
80 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
81 ASSERT_PTR_NE(cp, NULL);
82 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
83 sshbuf_free(buf);
84 free(cp);
85 TEST_DONE();
86
87 TEST_START("RSA1 key bubblebabble fingerprint");
88 buf = load_text_file("rsa1_1.fp.bb");
89 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
90 ASSERT_PTR_NE(cp, NULL);
91 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
92 sshbuf_free(buf);
93 free(cp);
94 TEST_DONE();
95
96 sshkey_free(k1);
97
98 TEST_START("parse RSA from private");
99 buf = load_file("rsa_1");
100 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1",
101 &k1, NULL), 0);
102 sshbuf_free(buf);
103 ASSERT_PTR_NE(k1, NULL);
104 a = load_bignum("rsa_1.param.n");
105 b = load_bignum("rsa_1.param.p");
106 c = load_bignum("rsa_1.param.q");
107 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
108 ASSERT_BIGNUM_EQ(k1->rsa->p, b);
109 ASSERT_BIGNUM_EQ(k1->rsa->q, c);
110 BN_free(a);
111 BN_free(b);
112 BN_free(c);
113 TEST_DONE();
114
115 TEST_START("parse RSA from private w/ passphrase");
116 buf = load_file("rsa_1_pw");
117 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
118 (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0);
119 sshbuf_free(buf);
120 ASSERT_PTR_NE(k2, NULL);
121 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
122 sshkey_free(k2);
123 TEST_DONE();
124
125 TEST_START("parse RSA from new-format");
126 buf = load_file("rsa_n");
127 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
128 "", "rsa_n", &k2, NULL), 0);
129 sshbuf_free(buf);
130 ASSERT_PTR_NE(k2, NULL);
131 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
132 sshkey_free(k2);
133 TEST_DONE();
134
135 TEST_START("parse RSA from new-format w/ passphrase");
136 buf = load_file("rsa_n_pw");
137 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
138 (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0);
139 sshbuf_free(buf);
140 ASSERT_PTR_NE(k2, NULL);
141 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
142 sshkey_free(k2);
143 TEST_DONE();
144
145 TEST_START("load RSA from public");
146 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
147 NULL), 0);
148 ASSERT_PTR_NE(k2, NULL);
149 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
150 sshkey_free(k2);
151 TEST_DONE();
152
153 TEST_START("load RSA cert");
154 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0);
155 ASSERT_PTR_NE(k2, NULL);
156 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
157 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
158 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
159 TEST_DONE();
160
161 TEST_START("RSA key hex fingerprint");
162 buf = load_text_file("rsa_1.fp");
163 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
164 ASSERT_PTR_NE(cp, NULL);
165 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
166 sshbuf_free(buf);
167 free(cp);
168 TEST_DONE();
169
170 TEST_START("RSA cert hex fingerprint");
171 buf = load_text_file("rsa_1-cert.fp");
172 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
173 ASSERT_PTR_NE(cp, NULL);
174 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
175 sshbuf_free(buf);
176 free(cp);
177 sshkey_free(k2);
178 TEST_DONE();
179
180 TEST_START("RSA key bubblebabble fingerprint");
181 buf = load_text_file("rsa_1.fp.bb");
182 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
183 ASSERT_PTR_NE(cp, NULL);
184 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
185 sshbuf_free(buf);
186 free(cp);
187 TEST_DONE();
188
189 sshkey_free(k1);
190
191 TEST_START("parse DSA from private");
192 buf = load_file("dsa_1");
193 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1",
194 &k1, NULL), 0);
195 sshbuf_free(buf);
196 ASSERT_PTR_NE(k1, NULL);
197 a = load_bignum("dsa_1.param.g");
198 b = load_bignum("dsa_1.param.priv");
199 c = load_bignum("dsa_1.param.pub");
200 ASSERT_BIGNUM_EQ(k1->dsa->g, a);
201 ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
202 ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
203 BN_free(a);
204 BN_free(b);
205 BN_free(c);
206 TEST_DONE();
207
208 TEST_START("parse DSA from private w/ passphrase");
209 buf = load_file("dsa_1_pw");
210 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
211 (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0);
212 sshbuf_free(buf);
213 ASSERT_PTR_NE(k2, NULL);
214 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
215 sshkey_free(k2);
216 TEST_DONE();
217
218 TEST_START("parse DSA from new-format");
219 buf = load_file("dsa_n");
220 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
221 "", "dsa_n", &k2, NULL), 0);
222 sshbuf_free(buf);
223 ASSERT_PTR_NE(k2, NULL);
224 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
225 sshkey_free(k2);
226 TEST_DONE();
227
228 TEST_START("parse DSA from new-format w/ passphrase");
229 buf = load_file("dsa_n_pw");
230 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
231 (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0);
232 sshbuf_free(buf);
233 ASSERT_PTR_NE(k2, NULL);
234 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
235 sshkey_free(k2);
236 TEST_DONE();
237
238 TEST_START("load DSA from public");
239 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2,
240 NULL), 0);
241 ASSERT_PTR_NE(k2, NULL);
242 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
243 sshkey_free(k2);
244 TEST_DONE();
245
246 TEST_START("load DSA cert");
247 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0);
248 ASSERT_PTR_NE(k2, NULL);
249 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT);
250 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
251 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
252 TEST_DONE();
253
254 TEST_START("DSA key hex fingerprint");
255 buf = load_text_file("dsa_1.fp");
256 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
257 ASSERT_PTR_NE(cp, NULL);
258 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
259 sshbuf_free(buf);
260 free(cp);
261 TEST_DONE();
262
263 TEST_START("DSA cert hex fingerprint");
264 buf = load_text_file("dsa_1-cert.fp");
265 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
266 ASSERT_PTR_NE(cp, NULL);
267 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
268 sshbuf_free(buf);
269 free(cp);
270 sshkey_free(k2);
271 TEST_DONE();
272
273 TEST_START("DSA key bubblebabble fingerprint");
274 buf = load_text_file("dsa_1.fp.bb");
275 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
276 ASSERT_PTR_NE(cp, NULL);
277 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
278 sshbuf_free(buf);
279 free(cp);
280 TEST_DONE();
281
282 sshkey_free(k1);
283
284 TEST_START("parse ECDSA from private");
285 buf = load_file("ecdsa_1");
286 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1",
287 &k1, NULL), 0);
288 sshbuf_free(buf);
289 ASSERT_PTR_NE(k1, NULL);
290 buf = load_text_file("ecdsa_1.param.curve");
291 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf),
292 OBJ_nid2sn(k1->ecdsa_nid));
293 sshbuf_free(buf);
294 a = load_bignum("ecdsa_1.param.priv");
295 b = load_bignum("ecdsa_1.param.pub");
296 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa),
297 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED,
298 NULL, NULL);
299 ASSERT_PTR_NE(c, NULL);
300 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a);
301 ASSERT_BIGNUM_EQ(b, c);
302 BN_free(a);
303 BN_free(b);
304 BN_free(c);
305 TEST_DONE();
306
307 TEST_START("parse ECDSA from private w/ passphrase");
308 buf = load_file("ecdsa_1_pw");
309 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
310 (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0);
311 sshbuf_free(buf);
312 ASSERT_PTR_NE(k2, NULL);
313 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
314 sshkey_free(k2);
315 TEST_DONE();
316
317 TEST_START("parse ECDSA from new-format");
318 buf = load_file("ecdsa_n");
319 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
320 "", "ecdsa_n", &k2, NULL), 0);
321 sshbuf_free(buf);
322 ASSERT_PTR_NE(k2, NULL);
323 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
324 sshkey_free(k2);
325 TEST_DONE();
326
327 TEST_START("parse ECDSA from new-format w/ passphrase");
328 buf = load_file("ecdsa_n_pw");
329 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
330 (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0);
331 sshbuf_free(buf);
332 ASSERT_PTR_NE(k2, NULL);
333 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
334 sshkey_free(k2);
335 TEST_DONE();
336
337 TEST_START("load ECDSA from public");
338 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2,
339 NULL), 0);
340 ASSERT_PTR_NE(k2, NULL);
341 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
342 sshkey_free(k2);
343 TEST_DONE();
344
345 TEST_START("load ECDSA cert");
346 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0);
347 ASSERT_PTR_NE(k2, NULL);
348 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT);
349 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
350 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
351 TEST_DONE();
352
353 TEST_START("ECDSA key hex fingerprint");
354 buf = load_text_file("ecdsa_1.fp");
355 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
356 ASSERT_PTR_NE(cp, NULL);
357 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
358 sshbuf_free(buf);
359 free(cp);
360 TEST_DONE();
361
362 TEST_START("ECDSA cert hex fingerprint");
363 buf = load_text_file("ecdsa_1-cert.fp");
364 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
365 ASSERT_PTR_NE(cp, NULL);
366 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
367 sshbuf_free(buf);
368 free(cp);
369 sshkey_free(k2);
370 TEST_DONE();
371
372 TEST_START("ECDSA key bubblebabble fingerprint");
373 buf = load_text_file("ecdsa_1.fp.bb");
374 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
375 ASSERT_PTR_NE(cp, NULL);
376 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
377 sshbuf_free(buf);
378 free(cp);
379 TEST_DONE();
380
381 sshkey_free(k1);
382
383 TEST_START("parse Ed25519 from private");
384 buf = load_file("ed25519_1");
385 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1",
386 &k1, NULL), 0);
387 sshbuf_free(buf);
388 ASSERT_PTR_NE(k1, NULL);
389 ASSERT_INT_EQ(k1->type, KEY_ED25519);
390 /* XXX check key contents */
391 TEST_DONE();
392
393 TEST_START("parse Ed25519 from private w/ passphrase");
394 buf = load_file("ed25519_1_pw");
395 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
396 (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0);
397 sshbuf_free(buf);
398 ASSERT_PTR_NE(k2, NULL);
399 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
400 sshkey_free(k2);
401 TEST_DONE();
402
403 TEST_START("load Ed25519 from public");
404 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2,
405 NULL), 0);
406 ASSERT_PTR_NE(k2, NULL);
407 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
408 sshkey_free(k2);
409 TEST_DONE();
410
411 TEST_START("load Ed25519 cert");
412 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0);
413 ASSERT_PTR_NE(k2, NULL);
414 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT);
415 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
416 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
417 TEST_DONE();
418
419 TEST_START("Ed25519 key hex fingerprint");
420 buf = load_text_file("ed25519_1.fp");
421 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
422 ASSERT_PTR_NE(cp, NULL);
423 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
424 sshbuf_free(buf);
425 free(cp);
426 TEST_DONE();
427
428 TEST_START("Ed25519 cert hex fingerprint");
429 buf = load_text_file("ed25519_1-cert.fp");
430 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
431 ASSERT_PTR_NE(cp, NULL);
432 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
433 sshbuf_free(buf);
434 free(cp);
435 sshkey_free(k2);
436 TEST_DONE();
437
438 TEST_START("Ed25519 key bubblebabble fingerprint");
439 buf = load_text_file("ed25519_1.fp.bb");
440 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
441 ASSERT_PTR_NE(cp, NULL);
442 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
443 sshbuf_free(buf);
444 free(cp);
445 TEST_DONE();
446
447 sshkey_free(k1);
448
449 sshbuf_free(pw);
450
451}
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
new file mode 100644
index 000000000..be309f5d8
--- /dev/null
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -0,0 +1,396 @@
1/* $OpenBSD: test_fuzz.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
2/*
3 * Fuzz tests for key parsing
4 *
5 * Placed in the public domain
6 */
7
8#include "includes.h"
9
10#include <sys/types.h>
11#include <sys/param.h>
12#include <sys/stat.h>
13#include <fcntl.h>
14#include <stdio.h>
15#include <stdint.h>
16#include <stdlib.h>
17#include <string.h>
18#include <unistd.h>
19
20#include <openssl/bn.h>
21#include <openssl/ec.h>
22#include <openssl/rsa.h>
23#include <openssl/dsa.h>
24#include <openssl/objects.h>
25
26#include "../test_helper/test_helper.h"
27
28#include "ssherr.h"
29#include "authfile.h"
30#include "sshkey.h"
31#include "sshbuf.h"
32
33#include "common.h"
34
35void sshkey_fuzz_tests(void);
36
37static void
38onerror(void *fuzz)
39{
40 fprintf(stderr, "Failed during fuzz:\n");
41 fuzz_dump((struct fuzz *)fuzz);
42}
43
44static void
45public_fuzz(struct sshkey *k)
46{
47 struct sshkey *k1;
48 struct sshbuf *buf;
49 struct fuzz *fuzz;
50
51 ASSERT_PTR_NE(buf = sshbuf_new(), NULL);
52 ASSERT_INT_EQ(sshkey_to_blob_buf(k, buf), 0);
53 /* XXX need a way to run the tests in "slow, but complete" mode */
54 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* XXX too slow FUZZ_2_BIT_FLIP | */
55 FUZZ_1_BYTE_FLIP | /* XXX too slow FUZZ_2_BYTE_FLIP | */
56 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
57 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
58 ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(buf), sshbuf_len(buf),
59 &k1), 0);
60 sshkey_free(k1);
61 sshbuf_free(buf);
62 TEST_ONERROR(onerror, fuzz);
63 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
64 if (sshkey_from_blob(fuzz_ptr(fuzz), fuzz_len(fuzz), &k1) == 0)
65 sshkey_free(k1);
66 }
67 fuzz_cleanup(fuzz);
68}
69
70static void
71sig_fuzz(struct sshkey *k)
72{
73 struct fuzz *fuzz;
74 u_char *sig, c[] = "some junk to be signed";
75 size_t l;
76
77 ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), 0), 0);
78 ASSERT_SIZE_T_GT(l, 0);
79 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */
80 FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
81 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, sig, l);
82 ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), 0), 0);
83 free(sig);
84 TEST_ONERROR(onerror, fuzz);
85 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
86 sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz),
87 c, sizeof(c), 0);
88 }
89 fuzz_cleanup(fuzz);
90}
91
92void
93sshkey_fuzz_tests(void)
94{
95 struct sshkey *k1;
96 struct sshbuf *buf, *fuzzed;
97 struct fuzz *fuzz;
98 int r;
99
100 TEST_START("fuzz RSA1 private");
101 buf = load_file("rsa1_1");
102 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
103 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
104 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
105 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
106 &k1, NULL), 0);
107 sshkey_free(k1);
108 sshbuf_free(buf);
109 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
110 TEST_ONERROR(onerror, fuzz);
111 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
112 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
113 ASSERT_INT_EQ(r, 0);
114 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
115 &k1, NULL) == 0)
116 sshkey_free(k1);
117 sshbuf_reset(fuzzed);
118 }
119 sshbuf_free(fuzzed);
120 fuzz_cleanup(fuzz);
121 TEST_DONE();
122
123 TEST_START("fuzz RSA1 public");
124 buf = load_file("rsa1_1_pw");
125 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
126 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
127 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
128 ASSERT_INT_EQ(sshkey_parse_public_rsa1_fileblob(buf, &k1, NULL), 0);
129 sshkey_free(k1);
130 sshbuf_free(buf);
131 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
132 TEST_ONERROR(onerror, fuzz);
133 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
134 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
135 ASSERT_INT_EQ(r, 0);
136 if (sshkey_parse_public_rsa1_fileblob(fuzzed, &k1, NULL) == 0)
137 sshkey_free(k1);
138 sshbuf_reset(fuzzed);
139 }
140 sshbuf_free(fuzzed);
141 fuzz_cleanup(fuzz);
142 TEST_DONE();
143
144 TEST_START("fuzz RSA private");
145 buf = load_file("rsa_1");
146 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
147 sshbuf_len(buf));
148 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
149 &k1, NULL), 0);
150 sshkey_free(k1);
151 sshbuf_free(buf);
152 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
153 TEST_ONERROR(onerror, fuzz);
154 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
155 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
156 ASSERT_INT_EQ(r, 0);
157 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
158 &k1, NULL) == 0)
159 sshkey_free(k1);
160 sshbuf_reset(fuzzed);
161 }
162 sshbuf_free(fuzzed);
163 fuzz_cleanup(fuzz);
164 TEST_DONE();
165
166 TEST_START("fuzz RSA new-format private");
167 buf = load_file("rsa_n");
168 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
169 sshbuf_len(buf));
170 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
171 &k1, NULL), 0);
172 sshkey_free(k1);
173 sshbuf_free(buf);
174 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
175 TEST_ONERROR(onerror, fuzz);
176 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
177 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
178 ASSERT_INT_EQ(r, 0);
179 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
180 &k1, NULL) == 0)
181 sshkey_free(k1);
182 sshbuf_reset(fuzzed);
183 }
184 sshbuf_free(fuzzed);
185 fuzz_cleanup(fuzz);
186 TEST_DONE();
187
188 TEST_START("fuzz DSA private");
189 buf = load_file("dsa_1");
190 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
191 sshbuf_len(buf));
192 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
193 &k1, NULL), 0);
194 sshkey_free(k1);
195 sshbuf_free(buf);
196 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
197 TEST_ONERROR(onerror, fuzz);
198 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
199 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
200 ASSERT_INT_EQ(r, 0);
201 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
202 &k1, NULL) == 0)
203 sshkey_free(k1);
204 sshbuf_reset(fuzzed);
205 }
206 sshbuf_free(fuzzed);
207 fuzz_cleanup(fuzz);
208 TEST_DONE();
209
210 TEST_START("fuzz DSA new-format private");
211 buf = load_file("dsa_n");
212 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
213 sshbuf_len(buf));
214 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
215 &k1, NULL), 0);
216 sshkey_free(k1);
217 sshbuf_free(buf);
218 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
219 TEST_ONERROR(onerror, fuzz);
220 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
221 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
222 ASSERT_INT_EQ(r, 0);
223 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
224 &k1, NULL) == 0)
225 sshkey_free(k1);
226 sshbuf_reset(fuzzed);
227 }
228 sshbuf_free(fuzzed);
229 fuzz_cleanup(fuzz);
230 TEST_DONE();
231
232 TEST_START("fuzz ECDSA private");
233 buf = load_file("ecdsa_1");
234 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
235 sshbuf_len(buf));
236 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
237 &k1, NULL), 0);
238 sshkey_free(k1);
239 sshbuf_free(buf);
240 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
241 TEST_ONERROR(onerror, fuzz);
242 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
243 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
244 ASSERT_INT_EQ(r, 0);
245 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
246 &k1, NULL) == 0)
247 sshkey_free(k1);
248 sshbuf_reset(fuzzed);
249 }
250 sshbuf_free(fuzzed);
251 fuzz_cleanup(fuzz);
252 TEST_DONE();
253
254 TEST_START("fuzz ECDSA new-format private");
255 buf = load_file("ecdsa_n");
256 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
257 sshbuf_len(buf));
258 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
259 &k1, NULL), 0);
260 sshkey_free(k1);
261 sshbuf_free(buf);
262 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
263 TEST_ONERROR(onerror, fuzz);
264 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
265 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
266 ASSERT_INT_EQ(r, 0);
267 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
268 &k1, NULL) == 0)
269 sshkey_free(k1);
270 sshbuf_reset(fuzzed);
271 }
272 sshbuf_free(fuzzed);
273 fuzz_cleanup(fuzz);
274 TEST_DONE();
275
276 TEST_START("fuzz Ed25519 private");
277 buf = load_file("ed25519_1");
278 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
279 sshbuf_len(buf));
280 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
281 &k1, NULL), 0);
282 sshkey_free(k1);
283 sshbuf_free(buf);
284 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
285 TEST_ONERROR(onerror, fuzz);
286 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
287 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
288 ASSERT_INT_EQ(r, 0);
289 if (sshkey_parse_private_fileblob(fuzzed, "", "key",
290 &k1, NULL) == 0)
291 sshkey_free(k1);
292 sshbuf_reset(fuzzed);
293 }
294 sshbuf_free(fuzzed);
295 fuzz_cleanup(fuzz);
296 TEST_DONE();
297
298 TEST_START("fuzz RSA public");
299 buf = load_file("rsa_1");
300 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
301 &k1, NULL), 0);
302 sshbuf_free(buf);
303 public_fuzz(k1);
304 sshkey_free(k1);
305 TEST_DONE();
306
307 TEST_START("fuzz RSA cert");
308 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
309 public_fuzz(k1);
310 sshkey_free(k1);
311 TEST_DONE();
312
313 TEST_START("fuzz DSA public");
314 buf = load_file("dsa_1");
315 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
316 &k1, NULL), 0);
317 sshbuf_free(buf);
318 public_fuzz(k1);
319 sshkey_free(k1);
320 TEST_DONE();
321
322 TEST_START("fuzz DSA cert");
323 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k1), 0);
324 public_fuzz(k1);
325 sshkey_free(k1);
326 TEST_DONE();
327
328 TEST_START("fuzz ECDSA public");
329 buf = load_file("ecdsa_1");
330 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
331 &k1, NULL), 0);
332 sshbuf_free(buf);
333 public_fuzz(k1);
334 sshkey_free(k1);
335 TEST_DONE();
336
337 TEST_START("fuzz ECDSA cert");
338 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k1), 0);
339 public_fuzz(k1);
340 sshkey_free(k1);
341 TEST_DONE();
342
343 TEST_START("fuzz Ed25519 public");
344 buf = load_file("ed25519_1");
345 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
346 &k1, NULL), 0);
347 sshbuf_free(buf);
348 public_fuzz(k1);
349 sshkey_free(k1);
350 TEST_DONE();
351
352 TEST_START("fuzz Ed25519 cert");
353 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k1), 0);
354 public_fuzz(k1);
355 sshkey_free(k1);
356 TEST_DONE();
357
358 TEST_START("fuzz RSA sig");
359 buf = load_file("rsa_1");
360 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
361 &k1, NULL), 0);
362 sshbuf_free(buf);
363 sig_fuzz(k1);
364 sshkey_free(k1);
365 TEST_DONE();
366
367 TEST_START("fuzz DSA sig");
368 buf = load_file("dsa_1");
369 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
370 &k1, NULL), 0);
371 sshbuf_free(buf);
372 sig_fuzz(k1);
373 sshkey_free(k1);
374 TEST_DONE();
375
376 TEST_START("fuzz ECDSA sig");
377 buf = load_file("ecdsa_1");
378 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
379 &k1, NULL), 0);
380 sshbuf_free(buf);
381 sig_fuzz(k1);
382 sshkey_free(k1);
383 TEST_DONE();
384
385 TEST_START("fuzz Ed25519 sig");
386 buf = load_file("ed25519_1");
387 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key",
388 &k1, NULL), 0);
389 sshbuf_free(buf);
390 sig_fuzz(k1);
391 sshkey_free(k1);
392 TEST_DONE();
393
394/* XXX fuzz decoded new-format blobs too */
395
396}
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
new file mode 100644
index 000000000..2d69b4d0d
--- /dev/null
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -0,0 +1,343 @@
1/* $OpenBSD: test_sshkey.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
2/*
3 * Regress test for sshkey.h key management API
4 *
5 * Placed in the public domain
6 */
7
8#include "includes.h"
9
10#include <sys/types.h>
11#include <sys/param.h>
12#include <stdio.h>
13#include <stdint.h>
14#include <stdlib.h>
15#include <string.h>
16
17#include <openssl/bn.h>
18#include <openssl/ec.h>
19#include <openssl/rsa.h>
20#include <openssl/dsa.h>
21
22#include "../test_helper/test_helper.h"
23
24#include "ssherr.h"
25#include "sshbuf.h"
26#define SSHBUF_INTERNAL 1 /* access internals for testing */
27#include "sshkey.h"
28
29#include "authfile.h"
30#include "common.h"
31#include "ssh2.h"
32
33void sshkey_tests(void);
34
35static void
36build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
37 const struct sshkey *sign_key, const struct sshkey *ca_key)
38{
39 struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts;
40 u_char *sigblob;
41 size_t siglen;
42
43 ca_buf = sshbuf_new();
44 ASSERT_INT_EQ(sshkey_to_blob_buf(ca_key, ca_buf), 0);
45
46 /*
47 * Get the public key serialisation by rendering the key and skipping
48 * the type string. This is a bit of a hack :/
49 */
50 pk = sshbuf_new();
51 ASSERT_INT_EQ(sshkey_plain_to_blob_buf(k, pk), 0);
52 ASSERT_INT_EQ(sshbuf_skip_string(pk), 0);
53
54 principals = sshbuf_new();
55 ASSERT_INT_EQ(sshbuf_put_cstring(principals, "gsamsa"), 0);
56 ASSERT_INT_EQ(sshbuf_put_cstring(principals, "gregor"), 0);
57
58 critopts = sshbuf_new();
59 /* XXX fill this in */
60
61 exts = sshbuf_new();
62 /* XXX fill this in */
63
64 ASSERT_INT_EQ(sshbuf_put_cstring(b, type), 0);
65 ASSERT_INT_EQ(sshbuf_put_cstring(b, "noncenoncenonce!"), 0); /* nonce */
66 ASSERT_INT_EQ(sshbuf_putb(b, pk), 0); /* public key serialisation */
67 ASSERT_INT_EQ(sshbuf_put_u64(b, 1234), 0); /* serial */
68 ASSERT_INT_EQ(sshbuf_put_u32(b, SSH2_CERT_TYPE_USER), 0); /* type */
69 ASSERT_INT_EQ(sshbuf_put_cstring(b, "gregor"), 0); /* key ID */
70 ASSERT_INT_EQ(sshbuf_put_stringb(b, principals), 0); /* principals */
71 ASSERT_INT_EQ(sshbuf_put_u64(b, 0), 0); /* start */
72 ASSERT_INT_EQ(sshbuf_put_u64(b, 0xffffffffffffffffULL), 0); /* end */
73 ASSERT_INT_EQ(sshbuf_put_stringb(b, critopts), 0); /* options */
74 ASSERT_INT_EQ(sshbuf_put_stringb(b, exts), 0); /* extensions */
75 ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */
76 ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */
77 ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen,
78 sshbuf_ptr(b), sshbuf_len(b), 0), 0);
79 ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */
80
81 free(sigblob);
82 sshbuf_free(ca_buf);
83 sshbuf_free(exts);
84 sshbuf_free(critopts);
85 sshbuf_free(principals);
86 sshbuf_free(pk);
87}
88
89void
90sshkey_tests(void)
91{
92 struct sshkey *k1, *k2, *k3, *k4, *kr, *kd, *ke, *kf;
93 struct sshbuf *b;
94
95 TEST_START("new invalid");
96 k1 = sshkey_new(-42);
97 ASSERT_PTR_EQ(k1, NULL);
98 TEST_DONE();
99
100 TEST_START("new/free KEY_UNSPEC");
101 k1 = sshkey_new(KEY_UNSPEC);
102 ASSERT_PTR_NE(k1, NULL);
103 sshkey_free(k1);
104 TEST_DONE();
105
106 TEST_START("new/free KEY_RSA1");
107 k1 = sshkey_new(KEY_RSA1);
108 ASSERT_PTR_NE(k1, NULL);
109 ASSERT_PTR_NE(k1->rsa, NULL);
110 ASSERT_PTR_NE(k1->rsa->n, NULL);
111 ASSERT_PTR_NE(k1->rsa->e, NULL);
112 ASSERT_PTR_EQ(k1->rsa->p, NULL);
113 sshkey_free(k1);
114 TEST_DONE();
115
116 TEST_START("new/free KEY_RSA");
117 k1 = sshkey_new(KEY_RSA);
118 ASSERT_PTR_NE(k1, NULL);
119 ASSERT_PTR_NE(k1->rsa, NULL);
120 ASSERT_PTR_NE(k1->rsa->n, NULL);
121 ASSERT_PTR_NE(k1->rsa->e, NULL);
122 ASSERT_PTR_EQ(k1->rsa->p, NULL);
123 sshkey_free(k1);
124 TEST_DONE();
125
126 TEST_START("new/free KEY_DSA");
127 k1 = sshkey_new(KEY_DSA);
128 ASSERT_PTR_NE(k1, NULL);
129 ASSERT_PTR_NE(k1->dsa, NULL);
130 ASSERT_PTR_NE(k1->dsa->g, NULL);
131 ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
132 sshkey_free(k1);
133 TEST_DONE();
134
135 TEST_START("new/free KEY_ECDSA");
136 k1 = sshkey_new(KEY_ECDSA);
137 ASSERT_PTR_NE(k1, NULL);
138 ASSERT_PTR_EQ(k1->ecdsa, NULL); /* Can't allocate without NID */
139 sshkey_free(k1);
140 TEST_DONE();
141
142 TEST_START("new/free KEY_ED25519");
143 k1 = sshkey_new(KEY_ED25519);
144 ASSERT_PTR_NE(k1, NULL);
145 /* These should be blank until key loaded or generated */
146 ASSERT_PTR_EQ(k1->ed25519_sk, NULL);
147 ASSERT_PTR_EQ(k1->ed25519_pk, NULL);
148 sshkey_free(k1);
149 TEST_DONE();
150
151 TEST_START("new_private KEY_RSA");
152 k1 = sshkey_new_private(KEY_RSA);
153 ASSERT_PTR_NE(k1, NULL);
154 ASSERT_PTR_NE(k1->rsa, NULL);
155 ASSERT_PTR_NE(k1->rsa->n, NULL);
156 ASSERT_PTR_NE(k1->rsa->e, NULL);
157 ASSERT_PTR_NE(k1->rsa->p, NULL);
158 ASSERT_INT_EQ(sshkey_add_private(k1), 0);
159 sshkey_free(k1);
160 TEST_DONE();
161
162 TEST_START("new_private KEY_DSA");
163 k1 = sshkey_new_private(KEY_DSA);
164 ASSERT_PTR_NE(k1, NULL);
165 ASSERT_PTR_NE(k1->dsa, NULL);
166 ASSERT_PTR_NE(k1->dsa->g, NULL);
167 ASSERT_PTR_NE(k1->dsa->priv_key, NULL);
168 ASSERT_INT_EQ(sshkey_add_private(k1), 0);
169 sshkey_free(k1);
170 TEST_DONE();
171
172 TEST_START("generate KEY_RSA too small modulus");
173 ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 128, &k1),
174 SSH_ERR_INVALID_ARGUMENT);
175 ASSERT_PTR_EQ(k1, NULL);
176 TEST_DONE();
177
178 TEST_START("generate KEY_RSA too large modulus");
179 ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1 << 20, &k1),
180 SSH_ERR_INVALID_ARGUMENT);
181 ASSERT_PTR_EQ(k1, NULL);
182 TEST_DONE();
183
184 TEST_START("generate KEY_DSA wrong bits");
185 ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 2048, &k1),
186 SSH_ERR_INVALID_ARGUMENT);
187 ASSERT_PTR_EQ(k1, NULL);
188 sshkey_free(k1);
189 TEST_DONE();
190
191 TEST_START("generate KEY_ECDSA wrong bits");
192 ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1),
193 SSH_ERR_INVALID_ARGUMENT);
194 ASSERT_PTR_EQ(k1, NULL);
195 sshkey_free(k1);
196 TEST_DONE();
197
198 TEST_START("generate KEY_RSA");
199 ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0);
200 ASSERT_PTR_NE(kr, NULL);
201 ASSERT_PTR_NE(kr->rsa, NULL);
202 ASSERT_PTR_NE(kr->rsa->n, NULL);
203 ASSERT_PTR_NE(kr->rsa->e, NULL);
204 ASSERT_PTR_NE(kr->rsa->p, NULL);
205 ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 768);
206 TEST_DONE();
207
208 TEST_START("generate KEY_DSA");
209 ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0);
210 ASSERT_PTR_NE(kd, NULL);
211 ASSERT_PTR_NE(kd->dsa, NULL);
212 ASSERT_PTR_NE(kd->dsa->g, NULL);
213 ASSERT_PTR_NE(kd->dsa->priv_key, NULL);
214 TEST_DONE();
215
216 TEST_START("generate KEY_ECDSA");
217 ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &ke), 0);
218 ASSERT_PTR_NE(ke, NULL);
219 ASSERT_PTR_NE(ke->ecdsa, NULL);
220 ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
221 ASSERT_PTR_NE(EC_KEY_get0_private_key(ke->ecdsa), NULL);
222 TEST_DONE();
223
224 TEST_START("generate KEY_ED25519");
225 ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &kf), 0);
226 ASSERT_PTR_NE(kf, NULL);
227 ASSERT_INT_EQ(kf->type, KEY_ED25519);
228 ASSERT_PTR_NE(kf->ed25519_pk, NULL);
229 ASSERT_PTR_NE(kf->ed25519_sk, NULL);
230 TEST_DONE();
231
232 TEST_START("demote KEY_RSA");
233 ASSERT_INT_EQ(sshkey_demote(kr, &k1), 0);
234 ASSERT_PTR_NE(k1, NULL);
235 ASSERT_PTR_NE(kr, k1);
236 ASSERT_INT_EQ(k1->type, KEY_RSA);
237 ASSERT_PTR_NE(k1->rsa, NULL);
238 ASSERT_PTR_NE(k1->rsa->n, NULL);
239 ASSERT_PTR_NE(k1->rsa->e, NULL);
240 ASSERT_PTR_EQ(k1->rsa->p, NULL);
241 TEST_DONE();
242
243 TEST_START("equal KEY_RSA/demoted KEY_RSA");
244 ASSERT_INT_EQ(sshkey_equal(kr, k1), 1);
245 sshkey_free(k1);
246 TEST_DONE();
247
248 TEST_START("demote KEY_DSA");
249 ASSERT_INT_EQ(sshkey_demote(kd, &k1), 0);
250 ASSERT_PTR_NE(k1, NULL);
251 ASSERT_PTR_NE(kd, k1);
252 ASSERT_INT_EQ(k1->type, KEY_DSA);
253 ASSERT_PTR_NE(k1->dsa, NULL);
254 ASSERT_PTR_NE(k1->dsa->g, NULL);
255 ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
256 TEST_DONE();
257
258 TEST_START("equal KEY_DSA/demoted KEY_DSA");
259 ASSERT_INT_EQ(sshkey_equal(kd, k1), 1);
260 sshkey_free(k1);
261 TEST_DONE();
262
263 TEST_START("demote KEY_ECDSA");
264 ASSERT_INT_EQ(sshkey_demote(ke, &k1), 0);
265 ASSERT_PTR_NE(k1, NULL);
266 ASSERT_PTR_NE(ke, k1);
267 ASSERT_INT_EQ(k1->type, KEY_ECDSA);
268 ASSERT_PTR_NE(k1->ecdsa, NULL);
269 ASSERT_INT_EQ(k1->ecdsa_nid, ke->ecdsa_nid);
270 ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
271 ASSERT_PTR_EQ(EC_KEY_get0_private_key(k1->ecdsa), NULL);
272 TEST_DONE();
273
274 TEST_START("equal KEY_ECDSA/demoted KEY_ECDSA");
275 ASSERT_INT_EQ(sshkey_equal(ke, k1), 1);
276 sshkey_free(k1);
277 TEST_DONE();
278
279 TEST_START("demote KEY_ED25519");
280 ASSERT_INT_EQ(sshkey_demote(kf, &k1), 0);
281 ASSERT_PTR_NE(k1, NULL);
282 ASSERT_PTR_NE(kf, k1);
283 ASSERT_INT_EQ(k1->type, KEY_ED25519);
284 ASSERT_PTR_NE(k1->ed25519_pk, NULL);
285 ASSERT_PTR_EQ(k1->ed25519_sk, NULL);
286 TEST_DONE();
287
288 TEST_START("equal KEY_ED25519/demoted KEY_ED25519");
289 ASSERT_INT_EQ(sshkey_equal(kf, k1), 1);
290 sshkey_free(k1);
291 TEST_DONE();
292
293 TEST_START("equal mismatched key types");
294 ASSERT_INT_EQ(sshkey_equal(kd, kr), 0);
295 ASSERT_INT_EQ(sshkey_equal(kd, ke), 0);
296 ASSERT_INT_EQ(sshkey_equal(kr, ke), 0);
297 ASSERT_INT_EQ(sshkey_equal(ke, kf), 0);
298 ASSERT_INT_EQ(sshkey_equal(kd, kf), 0);
299 TEST_DONE();
300
301 TEST_START("equal different keys");
302 ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &k1), 0);
303 ASSERT_INT_EQ(sshkey_equal(kr, k1), 0);
304 sshkey_free(k1);
305 ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k1), 0);
306 ASSERT_INT_EQ(sshkey_equal(kd, k1), 0);
307 sshkey_free(k1);
308 ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0);
309 ASSERT_INT_EQ(sshkey_equal(ke, k1), 0);
310 sshkey_free(k1);
311 ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0);
312 ASSERT_INT_EQ(sshkey_equal(kf, k1), 0);
313 sshkey_free(k1);
314 TEST_DONE();
315
316 sshkey_free(kr);
317 sshkey_free(kd);
318 sshkey_free(ke);
319 sshkey_free(kf);
320
321/* XXX certify test */
322/* XXX sign test */
323/* XXX verify test */
324
325 TEST_START("nested certificate");
326 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
327 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
328 NULL), 0);
329 b = load_file("rsa_2");
330 ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", "rsa_1",
331 &k3, NULL), 0);
332 sshbuf_reset(b);
333 build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1);
334 ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4),
335 SSH_ERR_KEY_CERT_INVALID_SIGN_KEY);
336 ASSERT_PTR_EQ(k4, NULL);
337 sshbuf_free(b);
338 sshkey_free(k1);
339 sshkey_free(k2);
340 sshkey_free(k3);
341 TEST_DONE();
342
343}
diff --git a/regress/unittests/sshkey/testdata/dsa_1 b/regress/unittests/sshkey/testdata/dsa_1
new file mode 100644
index 000000000..7517963d4
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1
@@ -0,0 +1,12 @@
1-----BEGIN DSA PRIVATE KEY-----
2MIIBuwIBAAKBgQCB2IZRhajAULw+W8SLX5kxD/88CuVIKqojrZD5C+4T5D4YwQ0L
36DvbvPHRhid1jmL4VLrG1MfOQvFMbePC9ydvf6CKDK/LPb8Wiq0cR2uBit2CVDIo
44M7bk4X9+u7AwgENNbEAbdNBJRuMxwJiv4OawFGmFaASFNqVCRaq7MzA8wIVAMHA
5azJLtfjdILh3uV77BT3MxGIPAoGASU6xzUFx2PG3g81RBIO09NauCcf/0EYpyMls
6xNJ3MrQnVPWQwqjFepsEcU95ItbsUVkav0mqW319Am6/EAvroYcCHDyo+JUAUPiL
7WXmF6eEMNa97aNM5cQQwzYQvqt+F2mjK4SPxQObCA3O/YEmB8xUtn09BPDP2r/4Z
8y2ywGIECgYB6/rbpAUv4klwv7fX+v5nBFB3pnt5QPZrC6BxDmhG1v5vdNkvIWo4t
9OYnxV/5O3vJQQGi81uA0LjrpH3K9HRos8QP7QnsDYdAYyqLekrFzmnQOxMnYoj0n
10rZBr07TFifBI/m+/vboaegF93/xyNiGcG39i9sWoUQ+Qu1rsdLLg7QIVAITGqmpX
11T8lOnqkCA3X/7XZfZKUb
12-----END DSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/dsa_1-cert.fp b/regress/unittests/sshkey/testdata/dsa_1-cert.fp
new file mode 100644
index 000000000..79009e5dd
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1-cert.fp
@@ -0,0 +1 @@
6d:a9:24:3f:d5:b0:51:76:6d:98:2a:eb:64:ad:e1:3e
diff --git a/regress/unittests/sshkey/testdata/dsa_1-cert.pub b/regress/unittests/sshkey/testdata/dsa_1-cert.pub
new file mode 100644
index 000000000..ccc9e34f8
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1-cert.pub
@@ -0,0 +1 @@
ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgyiDlcNJnT+1aDuTAT6IFROmPV36yZXS1+eg8j93Lbv4AAACBAIHYhlGFqMBQvD5bxItfmTEP/zwK5UgqqiOtkPkL7hPkPhjBDQvoO9u88dGGJ3WOYvhUusbUx85C8Uxt48L3J29/oIoMr8s9vxaKrRxHa4GK3YJUMijgztuThf367sDCAQ01sQBt00ElG4zHAmK/g5rAUaYVoBIU2pUJFqrszMDzAAAAFQDBwGsyS7X43SC4d7le+wU9zMRiDwAAAIBJTrHNQXHY8beDzVEEg7T01q4Jx//QRinIyWzE0ncytCdU9ZDCqMV6mwRxT3ki1uxRWRq/SapbfX0Cbr8QC+uhhwIcPKj4lQBQ+ItZeYXp4Qw1r3to0zlxBDDNhC+q34XaaMrhI/FA5sIDc79gSYHzFS2fT0E8M/av/hnLbLAYgQAAAIB6/rbpAUv4klwv7fX+v5nBFB3pnt5QPZrC6BxDmhG1v5vdNkvIWo4tOYnxV/5O3vJQQGi81uA0LjrpH3K9HRos8QP7QnsDYdAYyqLekrFzmnQOxMnYoj0nrZBr07TFifBI/m+/vboaegF93/xyNiGcG39i9sWoUQ+Qu1rsdLLg7QAAAAAAAAAGAAAAAgAAAAZqdWxpdXMAAAASAAAABWhvc3QxAAAABWhvc3QyAAAAADaLg2AAAAAATR3h4AAAAAAAAAAAAAAAAAAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAEEEeFVBN9rCVt76ZAhb71aQxLwcmq5SigrJG8nRvoBI3Tzfa8/Sp16hupzUeHJht3/BNI8sPvcI1DMVTuOREstl6wAAAGQAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAEkAAAAgMIrMGDb0MQT95GiXw93m4l7D+ruiJKLclEP/e68J/GMAAAAhAMbXfc7vVtOU4ofibChKSTHAUrDotY+qr50UDVhCIBhJ DSA test key #1
diff --git a/regress/unittests/sshkey/testdata/dsa_1.fp b/regress/unittests/sshkey/testdata/dsa_1.fp
new file mode 100644
index 000000000..79009e5dd
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1.fp
@@ -0,0 +1 @@
6d:a9:24:3f:d5:b0:51:76:6d:98:2a:eb:64:ad:e1:3e
diff --git a/regress/unittests/sshkey/testdata/dsa_1.fp.bb b/regress/unittests/sshkey/testdata/dsa_1.fp.bb
new file mode 100644
index 000000000..9d0d51a63
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1.fp.bb
@@ -0,0 +1 @@
xumel-lusic-nevym-gyfup-ginyg-deliv-tetam-humef-vykul-tadit-pixix
diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.g b/regress/unittests/sshkey/testdata/dsa_1.param.g
new file mode 100644
index 000000000..deb29000c
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1.param.g
@@ -0,0 +1 @@
494eb1cd4171d8f1b783cd510483b4f4d6ae09c7ffd04629c8c96cc4d27732b42754f590c2a8c57a9b04714f7922d6ec51591abf49aa5b7d7d026ebf100beba187021c3ca8f8950050f88b597985e9e10c35af7b68d339710430cd842faadf85da68cae123f140e6c20373bf604981f3152d9f4f413c33f6affe19cb6cb01881
diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.priv b/regress/unittests/sshkey/testdata/dsa_1.param.priv
new file mode 100644
index 000000000..314148b55
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1.param.priv
@@ -0,0 +1 @@
0084c6aa6a574fc94e9ea9020375ffed765f64a51b
diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.pub b/regress/unittests/sshkey/testdata/dsa_1.param.pub
new file mode 100644
index 000000000..bde5b10a3
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1.param.pub
@@ -0,0 +1 @@
7afeb6e9014bf8925c2fedf5febf99c1141de99ede503d9ac2e81c439a11b5bf9bdd364bc85a8e2d3989f157fe4edef2504068bcd6e0342e3ae91f72bd1d1a2cf103fb427b0361d018caa2de92b1739a740ec4c9d8a23d27ad906bd3b4c589f048fe6fbfbdba1a7a017ddffc7236219c1b7f62f6c5a8510f90bb5aec74b2e0ed
diff --git a/regress/unittests/sshkey/testdata/dsa_1.pub b/regress/unittests/sshkey/testdata/dsa_1.pub
new file mode 100644
index 000000000..51c2c1bb3
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1.pub
@@ -0,0 +1 @@
ssh-dss AAAAB3NzaC1kc3MAAACBAIHYhlGFqMBQvD5bxItfmTEP/zwK5UgqqiOtkPkL7hPkPhjBDQvoO9u88dGGJ3WOYvhUusbUx85C8Uxt48L3J29/oIoMr8s9vxaKrRxHa4GK3YJUMijgztuThf367sDCAQ01sQBt00ElG4zHAmK/g5rAUaYVoBIU2pUJFqrszMDzAAAAFQDBwGsyS7X43SC4d7le+wU9zMRiDwAAAIBJTrHNQXHY8beDzVEEg7T01q4Jx//QRinIyWzE0ncytCdU9ZDCqMV6mwRxT3ki1uxRWRq/SapbfX0Cbr8QC+uhhwIcPKj4lQBQ+ItZeYXp4Qw1r3to0zlxBDDNhC+q34XaaMrhI/FA5sIDc79gSYHzFS2fT0E8M/av/hnLbLAYgQAAAIB6/rbpAUv4klwv7fX+v5nBFB3pnt5QPZrC6BxDmhG1v5vdNkvIWo4tOYnxV/5O3vJQQGi81uA0LjrpH3K9HRos8QP7QnsDYdAYyqLekrFzmnQOxMnYoj0nrZBr07TFifBI/m+/vboaegF93/xyNiGcG39i9sWoUQ+Qu1rsdLLg7Q== DSA test key #1
diff --git a/regress/unittests/sshkey/testdata/dsa_1_pw b/regress/unittests/sshkey/testdata/dsa_1_pw
new file mode 100644
index 000000000..1bedcb0ce
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_1_pw
@@ -0,0 +1,15 @@
1-----BEGIN DSA PRIVATE KEY-----
2Proc-Type: 4,ENCRYPTED
3DEK-Info: AES-128-CBC,65B3055CF40728FF588846F0AEFE21B2
4
5I3cUBSbhjltkTMvTaDABixfwLr8faxL9/YOoEFenmBj0JwwrSV7L8VGbb68BbwCr
65EOgySFEazgXUbiuILg47lWxp/IKegz1KrO6bXoE1bKT+UxjrI+e8CDi4kpEh98F
7jM6V0QZmotMVwJh6NIfuuOBN92mS8In8remGGBA08VWPjW1CsmjmTDFNzOW5Uzo9
8gG9dM08NljQ8Mf3L2iKoTpLQVr//0Q//0Ei3qCEUOvOOH05mWiecGwPAiCSH2jSO
9GlP59jbwxfIZ2klGrj9D8xCBzTZgdHDlS2cdnJ0GasaPiFnWwX91zaatK+vCvWp6
10apWY6biRn0g9EGJob9YZ6eg3ZGHcFsf/7yDbSjuG3Uj8FhmrP/MkK7Ht7db2hiGL
119uUrNcZhLUFyynTcEfBOFuAtoqktDNTN2VjMj9szJWipF8U9hGeRfw4hFeMXYPHD
12k/+j4qS4fc5EAx1Vd6iMXRzxiUre8GGzyq2nSm1POtyQPG+3UQTRU3zBBudIx9N9
13WCXWHw0+xNHgOX/HtLUkq+2ghxnU+6Whew5eqSdKLMoB7KIKxsxf8wNkv4yOM1KJ
14JWXaXOCyIWclCuc1Uj27Zw==
15-----END DSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/dsa_2 b/regress/unittests/sshkey/testdata/dsa_2
new file mode 100644
index 000000000..2ad7393c4
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_2
@@ -0,0 +1,12 @@
1-----BEGIN DSA PRIVATE KEY-----
2MIIBvAIBAAKBgQDzY25r/QuRHe5YvbwajDpB4/DyY3LH/OTVWcQdflDH2xH6823W
3H2i7FwnuYzsAJkbM1L9n3N9bOXhiGmYIpUKfkE1EKRekNnLW9D0/AvkVzcBN/Lqc
4zy4TxmE7oxClIS+6uksoRHhohFkHPWZDYTxo6mD5vVfzCh2jSSzjEhzFLwIVANtk
5v40w5aRP8C8TQciVJCUy5yp1AoGBAO+s5wkzEftttboUCci3pK0L9wUPHkhTNgC+
6sFjdtiVVpptGkLsujyllEyIFChVUrN5ZNgjv7bzSEe0FSU0XtmZ77GU96ff7jWmD
79xUqm4aIwu/3DSgitOO+XLgb2J08eLY+Lglp40AoWFfwy57flpPMT4q5nk77QfS1
8gzC2X0CtAoGAPfbEG6KUOec9H1xfnwb8AVCk6jOy+XfiGtE3cnlECNQjQkPcp1Jm
9CrhrEh1rRmOwJdMkDLhmOHy6IFnzvj85IAm9qY6M2f8svZ/ASCAnQ6SnHDwhl3eO
10ZQPi03Fka3QXjkwJb/gnmoWuGayM7dPbJg0Ib62GrPGj6/vkaQsGy3ACFQDL5o4e
11vjA1Kf3kA2WYhOy/8kfeJg==
12-----END DSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/dsa_2.fp b/regress/unittests/sshkey/testdata/dsa_2.fp
new file mode 100644
index 000000000..a9a2a45de
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_2.fp
@@ -0,0 +1 @@
3d:fb:a3:22:95:17:89:1f:24:31:e7:ec:9f:ce:09:0b
diff --git a/regress/unittests/sshkey/testdata/dsa_2.fp.bb b/regress/unittests/sshkey/testdata/dsa_2.fp.bb
new file mode 100644
index 000000000..788bffee5
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_2.fp.bb
@@ -0,0 +1 @@
xuzoh-nuhut-lyrum-luhap-givyl-nygiz-nybyr-higes-pahor-nivic-zyxex
diff --git a/regress/unittests/sshkey/testdata/dsa_2.pub b/regress/unittests/sshkey/testdata/dsa_2.pub
new file mode 100644
index 000000000..da4ac7f87
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_2.pub
@@ -0,0 +1 @@
ssh-dss AAAAB3NzaC1kc3MAAACBAPNjbmv9C5Ed7li9vBqMOkHj8PJjcsf85NVZxB1+UMfbEfrzbdYfaLsXCe5jOwAmRszUv2fc31s5eGIaZgilQp+QTUQpF6Q2ctb0PT8C+RXNwE38upzPLhPGYTujEKUhL7q6SyhEeGiEWQc9ZkNhPGjqYPm9V/MKHaNJLOMSHMUvAAAAFQDbZL+NMOWkT/AvE0HIlSQlMucqdQAAAIEA76znCTMR+221uhQJyLekrQv3BQ8eSFM2AL6wWN22JVWmm0aQuy6PKWUTIgUKFVSs3lk2CO/tvNIR7QVJTRe2ZnvsZT3p9/uNaYP3FSqbhojC7/cNKCK0475cuBvYnTx4tj4uCWnjQChYV/DLnt+Wk8xPirmeTvtB9LWDMLZfQK0AAACAPfbEG6KUOec9H1xfnwb8AVCk6jOy+XfiGtE3cnlECNQjQkPcp1JmCrhrEh1rRmOwJdMkDLhmOHy6IFnzvj85IAm9qY6M2f8svZ/ASCAnQ6SnHDwhl3eOZQPi03Fka3QXjkwJb/gnmoWuGayM7dPbJg0Ib62GrPGj6/vkaQsGy3A= DSA test key #2
diff --git a/regress/unittests/sshkey/testdata/dsa_n b/regress/unittests/sshkey/testdata/dsa_n
new file mode 100644
index 000000000..7517963d4
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_n
@@ -0,0 +1,12 @@
1-----BEGIN DSA PRIVATE KEY-----
2MIIBuwIBAAKBgQCB2IZRhajAULw+W8SLX5kxD/88CuVIKqojrZD5C+4T5D4YwQ0L
36DvbvPHRhid1jmL4VLrG1MfOQvFMbePC9ydvf6CKDK/LPb8Wiq0cR2uBit2CVDIo
44M7bk4X9+u7AwgENNbEAbdNBJRuMxwJiv4OawFGmFaASFNqVCRaq7MzA8wIVAMHA
5azJLtfjdILh3uV77BT3MxGIPAoGASU6xzUFx2PG3g81RBIO09NauCcf/0EYpyMls
6xNJ3MrQnVPWQwqjFepsEcU95ItbsUVkav0mqW319Am6/EAvroYcCHDyo+JUAUPiL
7WXmF6eEMNa97aNM5cQQwzYQvqt+F2mjK4SPxQObCA3O/YEmB8xUtn09BPDP2r/4Z
8y2ywGIECgYB6/rbpAUv4klwv7fX+v5nBFB3pnt5QPZrC6BxDmhG1v5vdNkvIWo4t
9OYnxV/5O3vJQQGi81uA0LjrpH3K9HRos8QP7QnsDYdAYyqLekrFzmnQOxMnYoj0n
10rZBr07TFifBI/m+/vboaegF93/xyNiGcG39i9sWoUQ+Qu1rsdLLg7QIVAITGqmpX
11T8lOnqkCA3X/7XZfZKUb
12-----END DSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/dsa_n_pw b/regress/unittests/sshkey/testdata/dsa_n_pw
new file mode 100644
index 000000000..568f8512d
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/dsa_n_pw
@@ -0,0 +1,21 @@
1-----BEGIN OPENSSH PRIVATE KEY-----
2b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABB7JzB0sx
3h4pg63zhB6eD3vAAAAEAAAAAEAAAGxAAAAB3NzaC1kc3MAAACBAIHYhlGFqMBQvD5bxItf
4mTEP/zwK5UgqqiOtkPkL7hPkPhjBDQvoO9u88dGGJ3WOYvhUusbUx85C8Uxt48L3J29/oI
5oMr8s9vxaKrRxHa4GK3YJUMijgztuThf367sDCAQ01sQBt00ElG4zHAmK/g5rAUaYVoBIU
62pUJFqrszMDzAAAAFQDBwGsyS7X43SC4d7le+wU9zMRiDwAAAIBJTrHNQXHY8beDzVEEg7
7T01q4Jx//QRinIyWzE0ncytCdU9ZDCqMV6mwRxT3ki1uxRWRq/SapbfX0Cbr8QC+uhhwIc
8PKj4lQBQ+ItZeYXp4Qw1r3to0zlxBDDNhC+q34XaaMrhI/FA5sIDc79gSYHzFS2fT0E8M/
9av/hnLbLAYgQAAAIB6/rbpAUv4klwv7fX+v5nBFB3pnt5QPZrC6BxDmhG1v5vdNkvIWo4t
10OYnxV/5O3vJQQGi81uA0LjrpH3K9HRos8QP7QnsDYdAYyqLekrFzmnQOxMnYoj0nrZBr07
11TFifBI/m+/vboaegF93/xyNiGcG39i9sWoUQ+Qu1rsdLLg7QAAAeDozqkOSFq7z2LnfJ2b
12jVVwsNdNDn1K3DBONYaoz3R1CyNSmfdTOylCkw/VXQ/7Wlw52+ot/mEIdtjv6uK7NCjAyL
13XLGkq2yMRmitPFxiLRSNo9/Sirpviaq7zJyOBbZiB+wrJgnSdg+185u1t5Qd19hi+XEKcM
14DyTfAj6MPGe/uBmuxIVaVEf9BknyQ74+D5HD6KApcxWI6WNJH9hAkSON8hA1EUWRc+N2hD
15624dEkuJBkCBCgmFbfD7QthBXrGMuSo78Xz0XRpuP+cOQvs/U2wl8OLXuqyzmZtGnDGfjW
169Z2qF4sKUKV2A3Q97WAjm/p04TxDXUEChI3D12dbwN0dGYEZW2XSBYxhK/YbTpjKKXzpJs
17R7U2Avm1krEql7+4fEb876i1+/6w2aFBfn8tx5vvdRehvIXqcg6n4KhIO7d3MS62A19m68
18OYQu1veaUxu9oO2D5byV0GIqZbVWCtaVh/8hLQcGMgz+43HGIMHiJRX9EWenOqEeK7Pam0
19BLkCoFycbGa3fI/reyoQ/g/tlmHjq3kdO9SKZYIcUPk4tnImStHsPEU1X7/WbvV+j0jTtZ
20nxJ2E/z5gdeDeJ9VJcdwofd6BpEwd2WML1o3kZYNwY+K2HJ3JnYfWsJanb6YlRA=
21-----END OPENSSH PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1 b/regress/unittests/sshkey/testdata/ecdsa_1
new file mode 100644
index 000000000..9b8b9f432
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1
@@ -0,0 +1,5 @@
1-----BEGIN EC PRIVATE KEY-----
2MHcCAQEEIDUJpHhcwtTxAYqTeBC2WNcZJ3VJrAI97F2n2PeootjCoAoGCCqGSM49
3AwEHoUQDQgAEeFVBN9rCVt76ZAhb71aQxLwcmq5SigrJG8nRvoBI3Tzfa8/Sp16h
4upzUeHJht3/BNI8sPvcI1DMVTuOREstl6w==
5-----END EC PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp b/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp
new file mode 100644
index 000000000..fec523c47
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp
@@ -0,0 +1 @@
db:df:20:25:bf:74:fc:1d:61:2f:c0:cd:53:7f:a0:69
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub b/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
new file mode 100644
index 000000000..1dde0640c
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
@@ -0,0 +1 @@
ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg99cLkLZdAh1Q9TLiiFjDgLeXcncoQ2ChPj6vheH5aDAAAAAIbmlzdHAyNTYAAABBBHhVQTfawlbe+mQIW+9WkMS8HJquUooKyRvJ0b6ASN0832vP0qdeobqc1HhyYbd/wTSPLD73CNQzFU7jkRLLZesAAAAAAAAABwAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHhVQTfawlbe+mQIW+9WkMS8HJquUooKyRvJ0b6ASN0832vP0qdeobqc1HhyYbd/wTSPLD73CNQzFU7jkRLLZesAAABlAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABKAAAAIQCNyzewlmw65HO5pgVlhNhTds90xhHWG7E26+w37vS6AQAAACEAofQD+jXVJIw0JFuL/4pEpHV8LA9swBOlr+0QSHOvrO8= ECDSA test key #1
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.fp b/regress/unittests/sshkey/testdata/ecdsa_1.fp
new file mode 100644
index 000000000..fec523c47
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1.fp
@@ -0,0 +1 @@
db:df:20:25:bf:74:fc:1d:61:2f:c0:cd:53:7f:a0:69
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb b/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb
new file mode 100644
index 000000000..9816feccd
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb
@@ -0,0 +1 @@
xeroh-pefer-fypid-kipem-fosag-ludoz-vilym-nuvoz-rilyv-nonut-raxex
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.param.curve b/regress/unittests/sshkey/testdata/ecdsa_1.param.curve
new file mode 100644
index 000000000..fa0400467
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1.param.curve
@@ -0,0 +1 @@
prime256v1
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.param.priv b/regress/unittests/sshkey/testdata/ecdsa_1.param.priv
new file mode 100644
index 000000000..7196f0c73
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1.param.priv
@@ -0,0 +1 @@
3509a4785cc2d4f1018a937810b658d719277549ac023dec5da7d8f7a8a2d8c2
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.param.pub b/regress/unittests/sshkey/testdata/ecdsa_1.param.pub
new file mode 100644
index 000000000..189f31828
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1.param.pub
@@ -0,0 +1 @@
0478554137dac256defa64085bef5690c4bc1c9aae528a0ac91bc9d1be8048dd3cdf6bcfd2a75ea1ba9cd4787261b77fc1348f2c3ef708d433154ee39112cb65eb
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.pub b/regress/unittests/sshkey/testdata/ecdsa_1.pub
new file mode 100644
index 000000000..cea2861b5
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1.pub
@@ -0,0 +1 @@
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHhVQTfawlbe+mQIW+9WkMS8HJquUooKyRvJ0b6ASN0832vP0qdeobqc1HhyYbd/wTSPLD73CNQzFU7jkRLLZes= ECDSA test key #1
diff --git a/regress/unittests/sshkey/testdata/ecdsa_1_pw b/regress/unittests/sshkey/testdata/ecdsa_1_pw
new file mode 100644
index 000000000..7fcf57a03
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_1_pw
@@ -0,0 +1,8 @@
1-----BEGIN EC PRIVATE KEY-----
2Proc-Type: 4,ENCRYPTED
3DEK-Info: AES-128-CBC,332EEE2B8008A91D1F4342B9DEBE4FEA
4
5nMCab7D2wbVoKZvM37ZbTXiajSmyvWFQd3Mt3zeeEBoL6ib/48BFDogWlcDvRP7y
6tgKYhqK7JBO4GjSssL4Bu/rQgNK/0ZmS/V7hLN7wsU3DcrHYhfHknL8LbRfiJarB
7772nLAie9oaQcZZloNVa477CBGh7WXux/vRk2NlJ0Uo=
8-----END EC PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2 b/regress/unittests/sshkey/testdata/ecdsa_2
new file mode 100644
index 000000000..651b00c93
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2
@@ -0,0 +1,7 @@
1-----BEGIN EC PRIVATE KEY-----
2MIHcAgEBBEIB7SsuJvR+4aK3Js4gEaJ5UDEa2hJTCBM+/PBYv9ZUkf9PohUvfPfh
3xHRcF6tUhZDmChFeNQpt3sic2uTXa4lU8oigBwYFK4EEACOhgYkDgYYABABLAXz5
4fCAiumZWlWqzG5NxJx1a17WgZ2o+ffYrAJgXVrGGJudmIZSCDWFABtpuY7Ws3zRa
5CM3DZj+ua+qMWsUysQGwiC6n1YEUdVZste5Vdh1YqhImJcT3//TzJ6lfMaUpJxdU
6MeYe8bw+zuNAEJ+ax8W6lWKQwu4sh3Ffc6WmU+qYkg==
7-----END EC PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.fp b/regress/unittests/sshkey/testdata/ecdsa_2.fp
new file mode 100644
index 000000000..a8b8320fb
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2.fp
@@ -0,0 +1 @@
1e:54:1d:9d:43:f0:c9:2b:68:7a:6a:c3:33:36:66:92
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb b/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb
new file mode 100644
index 000000000..5863db4ca
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb
@@ -0,0 +1 @@
xefak-fyfim-lytem-nusir-kycog-vybyt-peguk-deniv-pukub-bydyr-rexux
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.param.curve b/regress/unittests/sshkey/testdata/ecdsa_2.param.curve
new file mode 100644
index 000000000..617ea2fb8
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2.param.curve
@@ -0,0 +1 @@
secp521r1
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.param.priv b/regress/unittests/sshkey/testdata/ecdsa_2.param.priv
new file mode 100644
index 000000000..66d882390
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2.param.priv
@@ -0,0 +1 @@
01ed2b2e26f47ee1a2b726ce2011a27950311ada125308133efcf058bfd65491ff4fa2152f7cf7e1c4745c17ab548590e60a115e350a6ddec89cdae4d76b8954f288
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.param.pub b/regress/unittests/sshkey/testdata/ecdsa_2.param.pub
new file mode 100644
index 000000000..646a3769c
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2.param.pub
@@ -0,0 +1 @@
04004b017cf97c2022ba6656956ab31b9371271d5ad7b5a0676a3e7df62b00981756b18626e7662194820d614006da6e63b5acdf345a08cdc3663fae6bea8c5ac532b101b0882ea7d5811475566cb5ee55761d58aa122625c4f7fff4f327a95f31a52927175431e61ef1bc3ecee340109f9ac7c5ba956290c2ee2c87715f73a5a653ea9892
diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.pub b/regress/unittests/sshkey/testdata/ecdsa_2.pub
new file mode 100644
index 000000000..2ca38b7b0
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_2.pub
@@ -0,0 +1 @@
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBABLAXz5fCAiumZWlWqzG5NxJx1a17WgZ2o+ffYrAJgXVrGGJudmIZSCDWFABtpuY7Ws3zRaCM3DZj+ua+qMWsUysQGwiC6n1YEUdVZste5Vdh1YqhImJcT3//TzJ6lfMaUpJxdUMeYe8bw+zuNAEJ+ax8W6lWKQwu4sh3Ffc6WmU+qYkg== ECDSA test key #2
diff --git a/regress/unittests/sshkey/testdata/ecdsa_n b/regress/unittests/sshkey/testdata/ecdsa_n
new file mode 100644
index 000000000..9b8b9f432
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_n
@@ -0,0 +1,5 @@
1-----BEGIN EC PRIVATE KEY-----
2MHcCAQEEIDUJpHhcwtTxAYqTeBC2WNcZJ3VJrAI97F2n2PeootjCoAoGCCqGSM49
3AwEHoUQDQgAEeFVBN9rCVt76ZAhb71aQxLwcmq5SigrJG8nRvoBI3Tzfa8/Sp16h
4upzUeHJht3/BNI8sPvcI1DMVTuOREstl6w==
5-----END EC PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ecdsa_n_pw b/regress/unittests/sshkey/testdata/ecdsa_n_pw
new file mode 100644
index 000000000..1a232a530
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ecdsa_n_pw
@@ -0,0 +1,9 @@
1-----BEGIN OPENSSH PRIVATE KEY-----
2b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABBjrPF4oU
3razQUC36K0kiJSAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
4dHAyNTYAAABBBHhVQTfawlbe+mQIW+9WkMS8HJquUooKyRvJ0b6ASN0832vP0qdeobqc1H
5hyYbd/wTSPLD73CNQzFU7jkRLLZesAAACwRIjJkfLwAv6pn+FV4zyB7jwNpiM/Tvi8G9L1
6tyjowAbH5QspKcUk2QlGwAfDzZkwZaeO3AHN+jrxUZe59U39nBPUQTJtfwHB/9YDQmkxDf
7PSjPhSUgTJTjO7ZnJhiBhopSecrLlw9jEG3aU6jXrtLHvoeWsqgNC4FPR+NONY56Cp6HH/
8xcNMcG3bdfsLV7/aKN6L8xFOcwv5PZguUX+akbm28L2RtdwomHLlinxCBZQ=
9-----END OPENSSH PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ed25519_1 b/regress/unittests/sshkey/testdata/ed25519_1
new file mode 100644
index 000000000..9834e6b16
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1
@@ -0,0 +1,7 @@
1-----BEGIN OPENSSH PRIVATE KEY-----
2b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
3QyNTUxOQAAACD9nC84xPJD/K1WHPNss8ONwRTYYXhE+JfNMTACxwMC9QAAAJgHI6RaByOk
4WgAAAAtzc2gtZWQyNTUxOQAAACD9nC84xPJD/K1WHPNss8ONwRTYYXhE+JfNMTACxwMC9Q
5AAAEBTSW4tcSIyBvJIs9X0+veV3KEnF5tMFTuDRn2UUCDg4f2cLzjE8kP8rVYc82yzw43B
6FNhheET4l80xMALHAwL1AAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg==
7-----END OPENSSH PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ed25519_1-cert.fp b/regress/unittests/sshkey/testdata/ed25519_1-cert.fp
new file mode 100644
index 000000000..a1065afb1
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1-cert.fp
@@ -0,0 +1 @@
c5:bc:c6:f0:71:ff:18:01:b6:bb:20:0e:5c:c9:45:dd
diff --git a/regress/unittests/sshkey/testdata/ed25519_1-cert.pub b/regress/unittests/sshkey/testdata/ed25519_1-cert.pub
new file mode 100644
index 000000000..e1af85b51
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1-cert.pub
@@ -0,0 +1 @@
ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAICJMFRc+O68lpgxZhFEBSABACLSyhq6uRr5p64SX7rG8AAAAIP2cLzjE8kP8rVYc82yzw43BFNhheET4l80xMALHAwL1AAAAAAAAAAgAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANouDYAAAAABNHeHgAAAAAAAAAAAAAAAAAAAAaAAAABNlY2RzYS1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQR4VUE32sJW3vpkCFvvVpDEvByarlKKCskbydG+gEjdPN9rz9KnXqG6nNR4cmG3f8E0jyw+9wjUMxVO45ESy2XrAAAAZQAAABNlY2RzYS1zaGEyLW5pc3RwMjU2AAAASgAAACEAmB/afp9JrHKRDZjHg7t4gguDZUlM7TbJh/QGWBJtKNwAAAAhAIfciGrKUngYx8c+MrLs9xm/H15UjQ1b/hmDjHPnBUXJ ED25519 test key #1
diff --git a/regress/unittests/sshkey/testdata/ed25519_1.fp b/regress/unittests/sshkey/testdata/ed25519_1.fp
new file mode 100644
index 000000000..a1065afb1
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1.fp
@@ -0,0 +1 @@
c5:bc:c6:f0:71:ff:18:01:b6:bb:20:0e:5c:c9:45:dd
diff --git a/regress/unittests/sshkey/testdata/ed25519_1.fp.bb b/regress/unittests/sshkey/testdata/ed25519_1.fp.bb
new file mode 100644
index 000000000..19fed0819
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1.fp.bb
@@ -0,0 +1 @@
xunad-cibit-losah-sapes-fegor-fypyg-sifuv-buciv-cacim-votid-guxex
diff --git a/regress/unittests/sshkey/testdata/ed25519_1.pub b/regress/unittests/sshkey/testdata/ed25519_1.pub
new file mode 100644
index 000000000..585c72389
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1.pub
@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2cLzjE8kP8rVYc82yzw43BFNhheET4l80xMALHAwL1 ED25519 test key #1
diff --git a/regress/unittests/sshkey/testdata/ed25519_1_pw b/regress/unittests/sshkey/testdata/ed25519_1_pw
new file mode 100644
index 000000000..995e4c06a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_1_pw
@@ -0,0 +1,8 @@
1-----BEGIN OPENSSH PRIVATE KEY-----
2b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABDAj0Bpln
3j9yho1+E35Cs50AAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIP2cLzjE8kP8rVYc
482yzw43BFNhheET4l80xMALHAwL1AAAAkOUMXMXJCs4Ra9eTz7ZmI+62mynIdc75adQIJ6
5Y1FhHU1FiNKA6thIsJQ2GkVraYUbsRr2cSId0wOdDyqCz8qGtUJGJf/CpC8xGyDiFxSRmX
6Q/jVwSPluusjq3hXSXgVkhMCl7x6wvdOYrgir1JAmt7xZ+GH16h9UshdQJQP2WRreYzBGa
7epCGVXiKDRt1h6qQ==
8-----END OPENSSH PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ed25519_2 b/regress/unittests/sshkey/testdata/ed25519_2
new file mode 100644
index 000000000..cffc23eba
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_2
@@ -0,0 +1,7 @@
1-----BEGIN OPENSSH PRIVATE KEY-----
2b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
3QyNTUxOQAAACD9RTuggxlEg440MCY7b8x7AXErFCkvyqOBzGa2H72HgAAAAJjVTVis1U1Y
4rAAAAAtzc2gtZWQyNTUxOQAAACD9RTuggxlEg440MCY7b8x7AXErFCkvyqOBzGa2H72HgA
5AAAECg5ZFCAGyGayR8cfdh9Z+atBw2D7iDCyhlM/Z9BhS8Y/1FO6CDGUSDjjQwJjtvzHsB
6cSsUKS/Ko4HMZrYfvYeAAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg==
7-----END OPENSSH PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/ed25519_2.fp b/regress/unittests/sshkey/testdata/ed25519_2.fp
new file mode 100644
index 000000000..bd9bdf1bb
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_2.fp
@@ -0,0 +1 @@
8a:9b:6b:7a:72:4a:33:e7:82:f4:44:36:4f:03:ab:fb
diff --git a/regress/unittests/sshkey/testdata/ed25519_2.fp.bb b/regress/unittests/sshkey/testdata/ed25519_2.fp.bb
new file mode 100644
index 000000000..d344f8b7a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_2.fp.bb
@@ -0,0 +1 @@
xopaz-sytem-gohun-gekug-nupyz-mizeb-satur-gykyz-bytuk-cynak-zoxax
diff --git a/regress/unittests/sshkey/testdata/ed25519_2.pub b/regress/unittests/sshkey/testdata/ed25519_2.pub
new file mode 100644
index 000000000..36f769ade
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/ed25519_2.pub
@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP1FO6CDGUSDjjQwJjtvzHsBcSsUKS/Ko4HMZrYfvYeA ED25519 test key #1
diff --git a/regress/unittests/sshkey/testdata/pw b/regress/unittests/sshkey/testdata/pw
new file mode 100644
index 000000000..8a1dff98a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/pw
@@ -0,0 +1 @@
mekmitasdigoat
diff --git a/regress/unittests/sshkey/testdata/rsa1_1 b/regress/unittests/sshkey/testdata/rsa1_1
new file mode 100644
index 000000000..2ec1d9ee6
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_1
Binary files differ
diff --git a/regress/unittests/sshkey/testdata/rsa1_1.fp b/regress/unittests/sshkey/testdata/rsa1_1.fp
new file mode 100644
index 000000000..f124ea658
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_1.fp
@@ -0,0 +1 @@
ca:c8:b5:7e:5e:c3:0d:b9:7a:01:08:07:e6:8d:84:ff
diff --git a/regress/unittests/sshkey/testdata/rsa1_1.fp.bb b/regress/unittests/sshkey/testdata/rsa1_1.fp.bb
new file mode 100644
index 000000000..cbcd469dc
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_1.fp.bb
@@ -0,0 +1 @@
xolod-lezac-hozas-zyvam-femup-resyn-tabeh-cimil-todab-pimak-maxox
diff --git a/regress/unittests/sshkey/testdata/rsa1_1.param.n b/regress/unittests/sshkey/testdata/rsa1_1.param.n
new file mode 100644
index 000000000..50b9f6805
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_1.param.n
@@ -0,0 +1 @@
00c410f14bcebcbddc6ffeaa710252ad90fbef0d050ec87d3383a9d238d6711fbef589e4878403c264c7966fe49bad711536dce5d87a955b85e59407cb05b42fa7403d9f69ff0939dc6c706bdcf06b6b261d989bd36b3285406a2ed222823c2395
diff --git a/regress/unittests/sshkey/testdata/rsa1_1.pub b/regress/unittests/sshkey/testdata/rsa1_1.pub
new file mode 100644
index 000000000..bc70397b7
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_1.pub
@@ -0,0 +1 @@
768 65537 1189048026044302003027146850139461857907776498392388644081572317839873971656566933581374195515931390619470169918301657448827055049126798186766951463208246494942453808397018298947013383501856813897052663039958494425741000753698055061 RSA1 test key #1
diff --git a/regress/unittests/sshkey/testdata/rsa1_1_pw b/regress/unittests/sshkey/testdata/rsa1_1_pw
new file mode 100644
index 000000000..a3a18aa8c
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_1_pw
Binary files differ
diff --git a/regress/unittests/sshkey/testdata/rsa1_2 b/regress/unittests/sshkey/testdata/rsa1_2
new file mode 100644
index 000000000..ae266299a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_2
Binary files differ
diff --git a/regress/unittests/sshkey/testdata/rsa1_2.fp b/regress/unittests/sshkey/testdata/rsa1_2.fp
new file mode 100644
index 000000000..8b3bdd3a9
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_2.fp
@@ -0,0 +1 @@
81:76:19:cb:e3:ea:6f:5d:44:0d:c2:0b:de:f1:57:c4
diff --git a/regress/unittests/sshkey/testdata/rsa1_2.fp.bb b/regress/unittests/sshkey/testdata/rsa1_2.fp.bb
new file mode 100644
index 000000000..d519e7b9b
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_2.fp.bb
@@ -0,0 +1 @@
xocoh-kufyf-rirac-kepuc-gurig-mekog-pylir-fezyd-nosub-govug-lyxyx
diff --git a/regress/unittests/sshkey/testdata/rsa1_2.param.n b/regress/unittests/sshkey/testdata/rsa1_2.param.n
new file mode 100644
index 000000000..6a88ee87f
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_2.param.n
@@ -0,0 +1 @@
00f41a2e0ea0e61ba8c26cf6e1bd44a78406681186a7791de3242bedc244e06c17a18747fb88b1380aeba3c857923452b9e38673817bd1a23f7d2075923b1d95d9969bbcd21aa04dfe467e4c7d8a47a10bd63dd6dce4ffe779a61f4540bcfcd9300d69055260be095e5e8460e82396779c0a50625fb85604899e443135ca261860351264b5cd9347b3b2d0493dc8ab58a76739834e94e6a931a81b47ec07a0d18e6326cf141c4cecf21ce33e55c4337b58e81f98ba37aa2363c4b7b9b681832fc82bfd065e78225963b5dee3339fc5f93b1e03fb23b944af1044c428face1e9074cac094e1b1466567bcd0052c7a3cd54413e0223cd3ead772c224fe9992a1cc4d
diff --git a/regress/unittests/sshkey/testdata/rsa1_2.pub b/regress/unittests/sshkey/testdata/rsa1_2.pub
new file mode 100644
index 000000000..c57a552dd
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa1_2.pub
@@ -0,0 +1 @@
2048 65537 30815056206845718337883693475648720850145825019377625660339254990170671928186378018861225635606515759973597729576094610770872780661576141002020091115398326221356676709078132441993985409561447755934597661311399662597377239284991122793182116387265444497738700221133645372503575578155284370786624391167692459891729408171168746091407569853493645212173229529277332482208795686490659301613799014974247858014846717332898701883748838319394666276585141978582467494951081034069208462692298663692548804886954137194606203245934935998707318505433583480495694779849614216589821145199486122690013311036780783985671309143185809329229 RSA1 test key #2
diff --git a/regress/unittests/sshkey/testdata/rsa_1 b/regress/unittests/sshkey/testdata/rsa_1
new file mode 100644
index 000000000..a84a9e2eb
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1
@@ -0,0 +1,12 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIIByQIBAAJhAKAJGOfpr4S2inakOMcqjGQ1RLNwp4FWvWYc+xxnAqfJS7vwZ8ie
32fcniZMS69o9CXiACUw2LYbNGZMfrnzjQEaKlObDi5HB1XNE+9z01m2GS9XH+Eg0
4ilNeAx/hfNEDVQIDAQABAmB8O3OtHHhXYskMHqHA4qPHap6hWZN+0RIIQfkhbEng
5bGAxTgeS8tWrinK+zFJwwS3tYmSc8YfT/4gX/DG1nudv+Pjjhwom/HMTiK/Tw4JN
6ZhWCPKB8T1rICkGAtbMq2KECMQDTa9o6g/Nb2zkvJq+04SQ5ivqZdWXaeZixz1Xt
7JKgqRLoMxny81E/LaeeKXfNACE0CMQDBx4hGEBlm8aJwj6SdZ50Ulu8c4hz4ZcJo
8v2T+BY8ogmlaF1ADcFXeHDmE7Cg16ykCMF7zTCIFirERRqBXdof8qSEyupNa9zBk
9deA9ZrDHSsMY9JmyNukzTNblLDinMwzp7QIwUq/O4X6rKDdBhmB08MmuyINjQuLl
10U8UwQLwy3wYGQVXsmInMFbuQmHdYv/R5cBCJAjAquE/FnCRxuI2NEhoqrO3FG0wO
11cByLc/Svz1ct3eGUMabUxfQdi8Ka97gv9CW9EbI=
12-----END RSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/rsa_1-cert.fp b/regress/unittests/sshkey/testdata/rsa_1-cert.fp
new file mode 100644
index 000000000..66002343a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1-cert.fp
@@ -0,0 +1 @@
93:53:33:f1:ca:bc:c2:df:a1:a2:0e:df:2d:d4:32:77
diff --git a/regress/unittests/sshkey/testdata/rsa_1-cert.pub b/regress/unittests/sshkey/testdata/rsa_1-cert.pub
new file mode 100644
index 000000000..aea5a04d6
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1-cert.pub
@@ -0,0 +1 @@
ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgAkIaUrWrYvXkf55DvHtHsjLNCn22Hvx4PpKyeW7fvA0AAAADAQABAAAAYQCgCRjn6a+Etop2pDjHKoxkNUSzcKeBVr1mHPscZwKnyUu78GfIntn3J4mTEuvaPQl4gAlMNi2GzRmTH65840BGipTmw4uRwdVzRPvc9NZthkvVx/hINIpTXgMf4XzRA1UAAAAAAAAABQAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHhVQTfawlbe+mQIW+9WkMS8HJquUooKyRvJ0b6ASN0832vP0qdeobqc1HhyYbd/wTSPLD73CNQzFU7jkRLLZesAAABlAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABKAAAAIQDEZOWcEwfnm+mpfKMsGdXgWkTZDM9FD7tXGjHhTAIXnwAAACEA4eTYbu8nl1ycJnHUAWmy4sayJNm4vHZNYH1Wzvsh3dQ= RSA test key #1
diff --git a/regress/unittests/sshkey/testdata/rsa_1.fp b/regress/unittests/sshkey/testdata/rsa_1.fp
new file mode 100644
index 000000000..66002343a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1.fp
@@ -0,0 +1 @@
93:53:33:f1:ca:bc:c2:df:a1:a2:0e:df:2d:d4:32:77
diff --git a/regress/unittests/sshkey/testdata/rsa_1.fp.bb b/regress/unittests/sshkey/testdata/rsa_1.fp.bb
new file mode 100644
index 000000000..11f62b459
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1.fp.bb
@@ -0,0 +1 @@
xiriz-botoh-migez-rorom-fekat-hytar-bykys-selos-hanez-sukil-moxox
diff --git a/regress/unittests/sshkey/testdata/rsa_1.param.n b/regress/unittests/sshkey/testdata/rsa_1.param.n
new file mode 100644
index 000000000..6c83fd794
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1.param.n
@@ -0,0 +1 @@
00a00918e7e9af84b68a76a438c72a8c643544b370a78156bd661cfb1c6702a7c94bbbf067c89ed9f727899312ebda3d097880094c362d86cd19931fae7ce340468a94e6c38b91c1d57344fbdcf4d66d864bd5c7f848348a535e031fe17cd10355
diff --git a/regress/unittests/sshkey/testdata/rsa_1.param.p b/regress/unittests/sshkey/testdata/rsa_1.param.p
new file mode 100644
index 000000000..92c064b2a
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1.param.p
@@ -0,0 +1 @@
00d36bda3a83f35bdb392f26afb4e124398afa997565da7998b1cf55ed24a82a44ba0cc67cbcd44fcb69e78a5df340084d
diff --git a/regress/unittests/sshkey/testdata/rsa_1.param.q b/regress/unittests/sshkey/testdata/rsa_1.param.q
new file mode 100644
index 000000000..f19e1b769
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1.param.q
@@ -0,0 +1 @@
00c1c78846101966f1a2708fa49d679d1496ef1ce21cf865c268bf64fe058f2882695a1750037055de1c3984ec2835eb29
diff --git a/regress/unittests/sshkey/testdata/rsa_1.pub b/regress/unittests/sshkey/testdata/rsa_1.pub
new file mode 100644
index 000000000..54517b47c
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1.pub
@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQCgCRjn6a+Etop2pDjHKoxkNUSzcKeBVr1mHPscZwKnyUu78GfIntn3J4mTEuvaPQl4gAlMNi2GzRmTH65840BGipTmw4uRwdVzRPvc9NZthkvVx/hINIpTXgMf4XzRA1U= RSA test key #1
diff --git a/regress/unittests/sshkey/testdata/rsa_1_pw b/regress/unittests/sshkey/testdata/rsa_1_pw
new file mode 100644
index 000000000..c2df77196
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_1_pw
@@ -0,0 +1,15 @@
1-----BEGIN RSA PRIVATE KEY-----
2Proc-Type: 4,ENCRYPTED
3DEK-Info: AES-128-CBC,64F8EBAD788B4A84B988458AE466E543
4
5Sce5ZTGCDNjY3mXUZohtyPyR7CFo9zaC4NWRDhYVOYT1l3vOX/ULXvvGo/VtsXOw
6eP+TCKYRKAm9yoOVh0E+MwI1TN4vnS8tuE6H5HJxpsE126Q3wFX1mY3ar+laTbrJ
73uMm2suNSKSh4p46XRC9XFBnxjxaN7RfbwvAaSckqbNjc++NRDOfbE9QS9VlbPA1
8LxUzjAOhgRtQouaQzh2fwcv2xwq2K53iQch/eKe1BqUyv0v6Xb5SalrZa582c9ax
9W4OErS+NrvpI2DxKmoptM24kGaulRggANh+b6k2ZK5GtkSE00kPSVz30po4oo9vb
10oj1tTPjjlW4AGhiCOJM8EGpBJQztGzOCrOLT9bLL0GKE8m3MuwD5+xg/mWAylVnI
11a4LB20Nv9q8yv+6gKgDuMMVdnQit2NEN/s/vW9XOftDO45DgQkib6UTKi/QfVpNW
12/t2Cdd/NH/JRZuvsq/ywMxHf7r65YZ0Ncgv8oEhvIi0mNRI7i3MIvDB0eo8rFQ8E
13R+hNgVkOQS1XGSPacj0GktvQHvysKqzlAq/LDE2tsb9bVh1R8st99R7nCN0RZ1Fc
14PgQkod7cQluBexoqIPTPYJJzVVF0OYjV1WnLXc4MTcY=
15-----END RSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/rsa_2 b/regress/unittests/sshkey/testdata/rsa_2
new file mode 100644
index 000000000..9ab9fa4ee
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2
@@ -0,0 +1,27 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIIEpgIBAAKCAQEA48Cz/hGQvEfUsgObwAZo73nBa/aplYHvUuFJgcTJOXXWRmqI
3St4S2aA2YRZ/vSEo5d8XVTDqQlsxhDFQt1fI72N3rljMut/DLev96MzyCiCUFjP9
4U0c7mYHRh5WZccGBfTD6EcBC3XhDa4znJWsfbyHE0USdYrWjRav37p5+//ZQ3F5k
5Nk6d5zw9lvRHyl1T6b7iux375JWYbWVpwc+bpXRIS7EdZNQKkCIhJoUFBWy3O3vg
67i9leY5tOtbiAAzWR7ccE/3MPKPwK/pZHWftJVPgBUNwrTPR7K/fviUhdMWmV9d3
7Nz4YBru2y87d4HiJte3D0OXAroUnPxDlGtbTfQIDAQABAoIBAQCIUTzqYyUYLH44
8FkTQyIViYKPOtRKHs//Ewac3jstKIyefegAdn5H0xBoIPmkykHhkLgVPLjnogaC/
9mKzRMC/KaOSna+sOJwQxpkCRaKmuOhWovHFxuP8JQFRjLL1tAv84KWpj2Ymr+WGR
10LALluJpV8AZXoxP4kvMormd1YVRuaqR5qpUlOLUDhGWPq+C/KGfe+eMAYARY8yaq
11YKc880Y9Szgp0OH1QVY9vByq0nn61Gt1GsmDSlesjXbKXgeDFp/OQ9Ir5dYn+Z9O
12Owltm3MwfUaDIbHHR/wpoN6+uzFHNuNiqfu8XsrVRhaM9tu3++DwAqGqDgsbwjVV
132NMqw/lZAoGBAPpbuMcqo7f0xjZY6px6qDRt7drOm7hEbuMeKWbsihMNLlftJ1Hb
14hfHEbnQxCdhSICkNh4GHA6Uw1hg8MFnIEA8wTRt6dHg2VKkko+RlvE2uqL3SYhUk
15yqTtTA6ZQmY8v4hTeNTorsQKlk3o3rExfJnTreNEDB+xNIrMT4GTlywnAoGBAOji
16ksymSgvxEXoyIzKAymsF3K/h8VLgsw1MyPSHsmWzm9q/WvobZN0jc7POL3pADimI
17xdK8KDh6tDYxF+T52za2EgnKZGOcUwPjIK574kgnwz+Jy8aVaamPj9Pp8NCirOLQ
18RJduiQQM86ri7dIUhc4oHBN6EcKnQ4Z6/ZSifrW7AoGBAOGan9MSMIBHmgpFa/1g
19Zo0AdrOTNS4CtO4DMwnlo7LxUM65DZKtQHGSMnqP6jA+KW71GyP0t6s3a+Zg7q0p
20JJebThCx85yUUQwu0WWy69IQz0xm9i3ZfqbKk5wgLX6VxX8iwSMTHtHYPIOukmaY
21kpDH+M1wd4BjnlZpMEgy6KpHAoGBAIIxWFwsgqzWYizsJp0vPvpB1rRFHgJ1N+Qx
22jw6VZfhRRsotvBCii+rMzPwyQnyXntM9cUp0gg/BGUpKe884l4KomsD6ctD1Lbu4
23mCazfzdTc2XsBQ3Jrb5rUb7oxAX/S6OpRw9ZbiPjkb1xC/8sFfnAlqGU1qT5mVhv
24HaCgjzHNAoGBAM9VmCbSUOdIQhS2QgpnFOWjpMblzmLW4zP9GmUt61myf/l6qckb
25qfqL614w2awtzaFCU7mmfjNqg8zcJ01sI2rT+Sxk9pjK2dbrfGq6eyw1JaZDTAiK
26TQRKjwzfIyzecxWQW7PXBYh12G7a82sJMIQdEQ+wCKpOHDZ/BPmGUaSX
27-----END RSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/rsa_2.fp b/regress/unittests/sshkey/testdata/rsa_2.fp
new file mode 100644
index 000000000..b0188f744
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2.fp
@@ -0,0 +1 @@
01:8d:df:4c:ac:4a:94:eb:27:97:cb:94:fd:cb:7a:15
diff --git a/regress/unittests/sshkey/testdata/rsa_2.fp.bb b/regress/unittests/sshkey/testdata/rsa_2.fp.bb
new file mode 100644
index 000000000..eafc066a6
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2.fp.bb
@@ -0,0 +1 @@
xekar-cohun-vigov-suzus-filiv-vomit-dobor-kimuk-bekop-rinal-hexox
diff --git a/regress/unittests/sshkey/testdata/rsa_2.param.n b/regress/unittests/sshkey/testdata/rsa_2.param.n
new file mode 100644
index 000000000..891f02072
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2.param.n
@@ -0,0 +1 @@
00e3c0b3fe1190bc47d4b2039bc00668ef79c16bf6a99581ef52e14981c4c93975d6466a884ade12d9a03661167fbd2128e5df175530ea425b31843150b757c8ef6377ae58ccbadfc32debfde8ccf20a20941633fd53473b9981d187959971c1817d30fa11c042dd78436b8ce7256b1f6f21c4d1449d62b5a345abf7ee9e7efff650dc5e64364e9de73c3d96f447ca5d53e9bee2bb1dfbe495986d6569c1cf9ba574484bb11d64d40a902221268505056cb73b7be0ee2f65798e6d3ad6e2000cd647b71c13fdcc3ca3f02bfa591d67ed2553e0054370ad33d1ecafdfbe252174c5a657d777373e1806bbb6cbcedde07889b5edc3d0e5c0ae85273f10e51ad6d37d
diff --git a/regress/unittests/sshkey/testdata/rsa_2.param.p b/regress/unittests/sshkey/testdata/rsa_2.param.p
new file mode 100644
index 000000000..e0933e108
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2.param.p
@@ -0,0 +1 @@
00fa5bb8c72aa3b7f4c63658ea9c7aa8346deddace9bb8446ee31e2966ec8a130d2e57ed2751db85f1c46e743109d85220290d87818703a530d6183c3059c8100f304d1b7a74783654a924a3e465bc4daea8bdd2621524caa4ed4c0e9942663cbf885378d4e8aec40a964de8deb1317c99d3ade3440c1fb1348acc4f8193972c27
diff --git a/regress/unittests/sshkey/testdata/rsa_2.param.q b/regress/unittests/sshkey/testdata/rsa_2.param.q
new file mode 100644
index 000000000..62fc21076
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2.param.q
@@ -0,0 +1 @@
00e8e292cca64a0bf1117a32233280ca6b05dcafe1f152e0b30d4cc8f487b265b39bdabf5afa1b64dd2373b3ce2f7a400e2988c5d2bc28387ab4363117e4f9db36b61209ca64639c5303e320ae7be24827c33f89cbc69569a98f8fd3e9f0d0a2ace2d044976e89040cf3aae2edd21485ce281c137a11c2a743867afd94a27eb5bb
diff --git a/regress/unittests/sshkey/testdata/rsa_2.pub b/regress/unittests/sshkey/testdata/rsa_2.pub
new file mode 100644
index 000000000..9af3bf39f
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_2.pub
@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjwLP+EZC8R9SyA5vABmjvecFr9qmVge9S4UmBxMk5ddZGaohK3hLZoDZhFn+9ISjl3xdVMOpCWzGEMVC3V8jvY3euWMy638Mt6/3ozPIKIJQWM/1TRzuZgdGHlZlxwYF9MPoRwELdeENrjOclax9vIcTRRJ1itaNFq/funn7/9lDcXmQ2Tp3nPD2W9EfKXVPpvuK7HfvklZhtZWnBz5uldEhLsR1k1AqQIiEmhQUFbLc7e+DuL2V5jm061uIADNZHtxwT/cw8o/Ar+lkdZ+0lU+AFQ3CtM9Hsr9++JSF0xaZX13c3PhgGu7bLzt3geIm17cPQ5cCuhSc/EOUa1tN9 RSA test key #2
diff --git a/regress/unittests/sshkey/testdata/rsa_n b/regress/unittests/sshkey/testdata/rsa_n
new file mode 100644
index 000000000..a84a9e2eb
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_n
@@ -0,0 +1,12 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIIByQIBAAJhAKAJGOfpr4S2inakOMcqjGQ1RLNwp4FWvWYc+xxnAqfJS7vwZ8ie
32fcniZMS69o9CXiACUw2LYbNGZMfrnzjQEaKlObDi5HB1XNE+9z01m2GS9XH+Eg0
4ilNeAx/hfNEDVQIDAQABAmB8O3OtHHhXYskMHqHA4qPHap6hWZN+0RIIQfkhbEng
5bGAxTgeS8tWrinK+zFJwwS3tYmSc8YfT/4gX/DG1nudv+Pjjhwom/HMTiK/Tw4JN
6ZhWCPKB8T1rICkGAtbMq2KECMQDTa9o6g/Nb2zkvJq+04SQ5ivqZdWXaeZixz1Xt
7JKgqRLoMxny81E/LaeeKXfNACE0CMQDBx4hGEBlm8aJwj6SdZ50Ulu8c4hz4ZcJo
8v2T+BY8ogmlaF1ADcFXeHDmE7Cg16ykCMF7zTCIFirERRqBXdof8qSEyupNa9zBk
9deA9ZrDHSsMY9JmyNukzTNblLDinMwzp7QIwUq/O4X6rKDdBhmB08MmuyINjQuLl
10U8UwQLwy3wYGQVXsmInMFbuQmHdYv/R5cBCJAjAquE/FnCRxuI2NEhoqrO3FG0wO
11cByLc/Svz1ct3eGUMabUxfQdi8Ka97gv9CW9EbI=
12-----END RSA PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/testdata/rsa_n_pw b/regress/unittests/sshkey/testdata/rsa_n_pw
new file mode 100644
index 000000000..1f8b01b2c
--- /dev/null
+++ b/regress/unittests/sshkey/testdata/rsa_n_pw
@@ -0,0 +1,14 @@
1-----BEGIN OPENSSH PRIVATE KEY-----
2b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABAXd4Cj36
33zRAFUwdBRAs0yAAAAEAAAAAEAAAB3AAAAB3NzaC1yc2EAAAADAQABAAAAYQCgCRjn6a+E
4top2pDjHKoxkNUSzcKeBVr1mHPscZwKnyUu78GfIntn3J4mTEuvaPQl4gAlMNi2GzRmTH6
55840BGipTmw4uRwdVzRPvc9NZthkvVx/hINIpTXgMf4XzRA1UAAAGQYoRrooXzXUXdgJVU
66oeuIcZiBeomdRKu5LrGZF3l2TjLy51+OzJI3ML7f61QneTh8YF8p0UIu6hUM14kifbTse
7qPJZPiLcSM0wbqQz/TRsWwC02wNo4nrHOHwLhqog1l5R52+Ac9O3axuA8t5zfqEMbU8tNE
8GR090/TL1dSQ8z9sHa2ofzODqyuNQZRLKWwhVq/auUiaaUYdTi5i5lInVc9iHaEoCvvp0k
9maG34o4GMHrrp857EmhTL7BrOa5VKYnHW9A3eHcf3JvDNR0crt5ER0wvmivPVr4efy9Cln
10sNBCtZ8rvgsABgM6U6DneX92IogICQGT6nRfyttsMXPO6wt0HUTUAXuD90IAjBueJSvMIO
11g5os68pBvL5rDuB2XCasBIJU27f4NnDQ3aPoSzBA+UgluUs5iWP9+FakY4cQ1cH6tMXGDM
12yW/hSSGzLWukKnFj2XX41boSdH53ZJamL3OoM+ApKSKryOvpTGHQexuFdp1jlZbemKZwBM
135R7E70V2EaRAxqkRzJyHBQtWIoVQ==
14-----END OPENSSH PRIVATE KEY-----
diff --git a/regress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c
new file mode 100644
index 000000000..13f265cdb
--- /dev/null
+++ b/regress/unittests/sshkey/tests.c
@@ -0,0 +1,27 @@
1/* $OpenBSD: tests.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
2/*
3 * Regress test for sshbuf.h buffer API
4 *
5 * Placed in the public domain
6 */
7
8#include "includes.h"
9
10#include <openssl/evp.h>
11
12#include "../test_helper/test_helper.h"
13
14void sshkey_tests(void);
15void sshkey_file_tests(void);
16void sshkey_fuzz_tests(void);
17
18void
19tests(void)
20{
21 OpenSSL_add_all_algorithms();
22 ERR_load_CRYPTO_strings();
23
24 sshkey_tests();
25 sshkey_file_tests();
26 sshkey_fuzz_tests();
27}