diff options
Diffstat (limited to 'regress/unittests/sshsig/tests.c')
-rw-r--r-- | regress/unittests/sshsig/tests.c | 139 |
1 files changed, 139 insertions, 0 deletions
diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c new file mode 100644 index 000000000..bf59d58d1 --- /dev/null +++ b/regress/unittests/sshsig/tests.c | |||
@@ -0,0 +1,139 @@ | |||
1 | /* $OpenBSD: tests.c,v 1.2 2020/06/22 06:00:06 djm Exp $ */ | ||
2 | /* | ||
3 | * Regress test for sshbuf.h buffer API | ||
4 | * | ||
5 | * Placed in the public domain | ||
6 | */ | ||
7 | |||
8 | #include "includes.h" | ||
9 | |||
10 | #include <sys/types.h> | ||
11 | #include <sys/param.h> | ||
12 | #include <sys/stat.h> | ||
13 | #include <fcntl.h> | ||
14 | #include <stdio.h> | ||
15 | #ifdef HAVE_STDINT_H | ||
16 | #include <stdint.h> | ||
17 | #endif | ||
18 | #include <stdlib.h> | ||
19 | #include <string.h> | ||
20 | #include <unistd.h> | ||
21 | |||
22 | #include <openssl/evp.h> | ||
23 | #include <openssl/crypto.h> | ||
24 | |||
25 | #include "ssherr.h" | ||
26 | #include "authfile.h" | ||
27 | #include "sshkey.h" | ||
28 | #include "sshbuf.h" | ||
29 | #include "sshsig.h" | ||
30 | #include "log.h" | ||
31 | |||
32 | #include "../test_helper/test_helper.h" | ||
33 | |||
34 | static struct sshbuf * | ||
35 | load_file(const char *name) | ||
36 | { | ||
37 | struct sshbuf *ret = NULL; | ||
38 | |||
39 | ASSERT_INT_EQ(sshbuf_load_file(test_data_file(name), &ret), 0); | ||
40 | ASSERT_PTR_NE(ret, NULL); | ||
41 | return ret; | ||
42 | } | ||
43 | |||
44 | static struct sshkey * | ||
45 | load_key(const char *name) | ||
46 | { | ||
47 | struct sshkey *ret = NULL; | ||
48 | ASSERT_INT_EQ(sshkey_load_public(test_data_file(name), &ret, NULL), 0); | ||
49 | ASSERT_PTR_NE(ret, NULL); | ||
50 | return ret; | ||
51 | } | ||
52 | |||
53 | static void | ||
54 | check_sig(const char *keyname, const char *signame, const struct sshbuf *msg, | ||
55 | const char *namespace) | ||
56 | { | ||
57 | struct sshkey *k, *sign_key; | ||
58 | struct sshbuf *sig, *rawsig; | ||
59 | struct sshkey_sig_details *sig_details; | ||
60 | |||
61 | k = load_key(keyname); | ||
62 | sig = load_file(signame); | ||
63 | sign_key = NULL; | ||
64 | sig_details = NULL; | ||
65 | rawsig = NULL; | ||
66 | ASSERT_INT_EQ(sshsig_dearmor(sig, &rawsig), 0); | ||
67 | ASSERT_INT_EQ(sshsig_verifyb(rawsig, msg, namespace, | ||
68 | &sign_key, &sig_details), 0); | ||
69 | ASSERT_INT_EQ(sshkey_equal(k, sign_key), 1); | ||
70 | sshkey_free(k); | ||
71 | sshkey_free(sign_key); | ||
72 | sshkey_sig_details_free(sig_details); | ||
73 | sshbuf_free(sig); | ||
74 | sshbuf_free(rawsig); | ||
75 | } | ||
76 | |||
77 | void | ||
78 | tests(void) | ||
79 | { | ||
80 | struct sshbuf *msg; | ||
81 | char *namespace; | ||
82 | |||
83 | #if 0 | ||
84 | log_init("test_sshsig", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1); | ||
85 | #endif | ||
86 | |||
87 | #ifdef WITH_OPENSSL | ||
88 | OpenSSL_add_all_algorithms(); | ||
89 | ERR_load_CRYPTO_strings(); | ||
90 | #endif | ||
91 | |||
92 | TEST_START("load data"); | ||
93 | msg = load_file("namespace"); | ||
94 | namespace = sshbuf_dup_string(msg); | ||
95 | ASSERT_PTR_NE(namespace, NULL); | ||
96 | sshbuf_free(msg); | ||
97 | msg = load_file("signed-data"); | ||
98 | TEST_DONE(); | ||
99 | |||
100 | #ifdef WITH_OPENSSL | ||
101 | TEST_START("check RSA signature"); | ||
102 | check_sig("rsa.pub", "rsa.sig", msg, namespace); | ||
103 | TEST_DONE(); | ||
104 | |||
105 | TEST_START("check DSA signature"); | ||
106 | check_sig("dsa.pub", "dsa.sig", msg, namespace); | ||
107 | TEST_DONE(); | ||
108 | |||
109 | #ifdef OPENSSL_HAS_ECC | ||
110 | TEST_START("check ECDSA signature"); | ||
111 | check_sig("ecdsa.pub", "ecdsa.sig", msg, namespace); | ||
112 | TEST_DONE(); | ||
113 | #endif | ||
114 | #endif | ||
115 | |||
116 | TEST_START("check ED25519 signature"); | ||
117 | check_sig("ed25519.pub", "ed25519.sig", msg, namespace); | ||
118 | TEST_DONE(); | ||
119 | |||
120 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
121 | TEST_START("check ECDSA-SK signature"); | ||
122 | check_sig("ecdsa_sk.pub", "ecdsa_sk.sig", msg, namespace); | ||
123 | TEST_DONE(); | ||
124 | #endif | ||
125 | |||
126 | TEST_START("check ED25519-SK signature"); | ||
127 | check_sig("ed25519_sk.pub", "ed25519_sk.sig", msg, namespace); | ||
128 | TEST_DONE(); | ||
129 | |||
130 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
131 | TEST_START("check ECDSA-SK webauthn signature"); | ||
132 | check_sig("ecdsa_sk_webauthn.pub", "ecdsa_sk_webauthn.sig", | ||
133 | msg, namespace); | ||
134 | TEST_DONE(); | ||
135 | #endif | ||
136 | |||
137 | sshbuf_free(msg); | ||
138 | free(namespace); | ||
139 | } | ||