1 files changed, 139 insertions, 0 deletions
diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c
new file mode 100644
index 000000000..bf59d58d1
--- /dev/null
+++ b/regress/unittests/sshsig/tests.c
@@ -0,0 +1,139 @@
+/*      $OpenBSD: tests.c,v 1.2 2020/06/22 06:00:06 djm Exp $ */
+/*
+ * Regress test for sshbuf.h buffer API
+ *
+ * Placed in the public domain
+ */
+#include "includes.h"
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <stdio.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <openssl/evp.h>
+#include <openssl/crypto.h>
+#include "ssherr.h"
+#include "authfile.h"
+#include "sshkey.h"
+#include "sshbuf.h"
+#include "sshsig.h"
+#include "log.h"
+#include "../test_helper/test_helper.h"
+static struct sshbuf *
+load_file(const char *name)
+{
+        struct sshbuf *ret = NULL;
+        ASSERT_INT_EQ(sshbuf_load_file(test_data_file(name), &ret), 0);
+        ASSERT_PTR_NE(ret, NULL);
+        return ret;
+}
+static struct sshkey *
+load_key(const char *name)
+{
+        struct sshkey *ret = NULL;
+        ASSERT_INT_EQ(sshkey_load_public(test_data_file(name), &ret, NULL), 0);
+        ASSERT_PTR_NE(ret, NULL);
+        return ret;
+}
+static void
+check_sig(const char *keyname, const char *signame, const struct sshbuf *msg,
+    const char *namespace)
+{
+        struct sshkey *k, *sign_key;
+        struct sshbuf *sig, *rawsig;
+        struct sshkey_sig_details *sig_details;
+        k = load_key(keyname);
+        sig = load_file(signame);
+        sign_key = NULL;
+        sig_details = NULL;
+        rawsig = NULL;
+        ASSERT_INT_EQ(sshsig_dearmor(sig, &rawsig), 0);
+        ASSERT_INT_EQ(sshsig_verifyb(rawsig, msg, namespace,
+            &sign_key, &sig_details), 0);
+        ASSERT_INT_EQ(sshkey_equal(k, sign_key), 1);
+        sshkey_free(k);
+        sshkey_free(sign_key);
+        sshkey_sig_details_free(sig_details);
+        sshbuf_free(sig);
+        sshbuf_free(rawsig);
+}
+void
+tests(void)
+{
+        struct sshbuf *msg;
+        char *namespace;
+#if 0
+        log_init("test_sshsig", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1);
+#endif
+#ifdef WITH_OPENSSL
+        OpenSSL_add_all_algorithms();
+        ERR_load_CRYPTO_strings();
+#endif
+        TEST_START("load data");
+        msg = load_file("namespace");
+        namespace = sshbuf_dup_string(msg);
+        ASSERT_PTR_NE(namespace, NULL);
+        sshbuf_free(msg);
+        msg = load_file("signed-data");
+        TEST_DONE();
+#ifdef WITH_OPENSSL
+        TEST_START("check RSA signature");
+        check_sig("rsa.pub", "rsa.sig", msg, namespace);
+        TEST_DONE();
+        TEST_START("check DSA signature");
+        check_sig("dsa.pub", "dsa.sig", msg, namespace);
+        TEST_DONE();
+#ifdef OPENSSL_HAS_ECC
+        TEST_START("check ECDSA signature");
+        check_sig("ecdsa.pub", "ecdsa.sig", msg, namespace);
+        TEST_DONE();
+#endif
+#endif
+        TEST_START("check ED25519 signature");
+        check_sig("ed25519.pub", "ed25519.sig", msg, namespace);
+        TEST_DONE();
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
+        TEST_START("check ECDSA-SK signature");
+        check_sig("ecdsa_sk.pub", "ecdsa_sk.sig", msg, namespace);
+        TEST_DONE();
+#endif
+        TEST_START("check ED25519-SK signature");
+        check_sig("ed25519_sk.pub", "ed25519_sk.sig", msg, namespace);
+        TEST_DONE();
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
+        TEST_START("check ECDSA-SK webauthn signature");
+        check_sig("ecdsa_sk_webauthn.pub", "ecdsa_sk_webauthn.sig",
+            msg, namespace);
+        TEST_DONE();
+#endif
+        sshbuf_free(msg);
+        free(namespace);
+}

diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c new file mode 100644 index 000000000..bf59d58d1 --- /dev/null +++ b/regress/unittests/sshsig/tests.c
@@ -0,0 +1,139 @@
	1	/* $OpenBSD: tests.c,v 1.2 2020/06/22 06:00:06 djm Exp $ */
	2	/*
	3	* Regress test for sshbuf.h buffer API
	4	*
	5	* Placed in the public domain
	6	*/
	7
	8	#include "includes.h"
	9
	10	#include <sys/types.h>
	11	#include <sys/param.h>
	12	#include <sys/stat.h>
	13	#include <fcntl.h>
	14	#include <stdio.h>
	15	#ifdef HAVE_STDINT_H
	16	#include <stdint.h>
	17	#endif
	18	#include <stdlib.h>
	19	#include <string.h>
	20	#include <unistd.h>
	21
	22	#include <openssl/evp.h>
	23	#include <openssl/crypto.h>
	24
	25	#include "ssherr.h"
	26	#include "authfile.h"
	27	#include "sshkey.h"
	28	#include "sshbuf.h"
	29	#include "sshsig.h"
	30	#include "log.h"
	31
	32	#include "../test_helper/test_helper.h"
	33
	34	static struct sshbuf *
	35	load_file(const char *name)
	36	{
	37	struct sshbuf *ret = NULL;
	38
	39	ASSERT_INT_EQ(sshbuf_load_file(test_data_file(name), &ret), 0);
	40	ASSERT_PTR_NE(ret, NULL);
	41	return ret;
	42	}
	43
	44	static struct sshkey *
	45	load_key(const char *name)
	46	{
	47	struct sshkey *ret = NULL;
	48	ASSERT_INT_EQ(sshkey_load_public(test_data_file(name), &ret, NULL), 0);
	49	ASSERT_PTR_NE(ret, NULL);
	50	return ret;
	51	}
	52
	53	static void
	54	check_sig(const char keyname, const char signame, const struct sshbuf *msg,
	55	const char *namespace)
	56	{
	57	struct sshkey k, sign_key;
	58	struct sshbuf sig, rawsig;
	59	struct sshkey_sig_details *sig_details;
	60
	61	k = load_key(keyname);
	62	sig = load_file(signame);
	63	sign_key = NULL;
	64	sig_details = NULL;
	65	rawsig = NULL;
	66	ASSERT_INT_EQ(sshsig_dearmor(sig, &rawsig), 0);
	67	ASSERT_INT_EQ(sshsig_verifyb(rawsig, msg, namespace,
	68	&sign_key, &sig_details), 0);
	69	ASSERT_INT_EQ(sshkey_equal(k, sign_key), 1);
	70	sshkey_free(k);
	71	sshkey_free(sign_key);
	72	sshkey_sig_details_free(sig_details);
	73	sshbuf_free(sig);
	74	sshbuf_free(rawsig);
	75	}
	76
	77	void
	78	tests(void)
	79	{
	80	struct sshbuf *msg;
	81	char *namespace;
	82
	83	#if 0
	84	log_init("test_sshsig", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1);
	85	#endif
	86
	87	#ifdef WITH_OPENSSL
	88	OpenSSL_add_all_algorithms();
	89	ERR_load_CRYPTO_strings();
	90	#endif
	91
	92	TEST_START("load data");
	93	msg = load_file("namespace");
	94	namespace = sshbuf_dup_string(msg);
	95	ASSERT_PTR_NE(namespace, NULL);
	96	sshbuf_free(msg);
	97	msg = load_file("signed-data");
	98	TEST_DONE();
	99
	100	#ifdef WITH_OPENSSL
	101	TEST_START("check RSA signature");
	102	check_sig("rsa.pub", "rsa.sig", msg, namespace);
	103	TEST_DONE();
	104
	105	TEST_START("check DSA signature");
	106	check_sig("dsa.pub", "dsa.sig", msg, namespace);
	107	TEST_DONE();
	108
	109	#ifdef OPENSSL_HAS_ECC
	110	TEST_START("check ECDSA signature");
	111	check_sig("ecdsa.pub", "ecdsa.sig", msg, namespace);
	112	TEST_DONE();
	113	#endif
	114	#endif
	115
	116	TEST_START("check ED25519 signature");
	117	check_sig("ed25519.pub", "ed25519.sig", msg, namespace);
	118	TEST_DONE();
	119
	120	#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
	121	TEST_START("check ECDSA-SK signature");
	122	check_sig("ecdsa_sk.pub", "ecdsa_sk.sig", msg, namespace);
	123	TEST_DONE();
	124	#endif
	125
	126	TEST_START("check ED25519-SK signature");
	127	check_sig("ed25519_sk.pub", "ed25519_sk.sig", msg, namespace);
	128	TEST_DONE();
	129
	130	#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
	131	TEST_START("check ECDSA-SK webauthn signature");
	132	check_sig("ecdsa_sk_webauthn.pub", "ecdsa_sk_webauthn.sig",
	133	msg, namespace);
	134	TEST_DONE();
	135	#endif
	136
	137	sshbuf_free(msg);
	138	free(namespace);
	139	}