summaryrefslogtreecommitdiff
path: root/regress
diff options
context:
space:
mode:
Diffstat (limited to 'regress')
-rw-r--r--regress/unittests/Makefile.inc2
-rw-r--r--regress/unittests/hostkeys/mktestdata.sh16
-rw-r--r--regress/unittests/hostkeys/test_iterate.c249
-rw-r--r--regress/unittests/hostkeys/testdata/known_hosts45
-rwxr-xr-xregress/unittests/sshkey/mktestdata.sh35
-rw-r--r--regress/unittests/sshkey/test_file.c51
-rw-r--r--regress/unittests/sshkey/test_fuzz.c45
-rw-r--r--regress/unittests/sshkey/test_sshkey.c12
8 files changed, 76 insertions, 379 deletions
diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc
index 00c9dd191..36d1ff42c 100644
--- a/regress/unittests/Makefile.inc
+++ b/regress/unittests/Makefile.inc
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile.inc,v 1.10 2017/04/17 11:02:31 jsg Exp $ 1# $OpenBSD: Makefile.inc,v 1.11 2017/04/30 23:33:48 djm Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4.include <bsd.obj.mk> 4.include <bsd.obj.mk>
diff --git a/regress/unittests/hostkeys/mktestdata.sh b/regress/unittests/hostkeys/mktestdata.sh
index 36890ba11..5a46de990 100644
--- a/regress/unittests/hostkeys/mktestdata.sh
+++ b/regress/unittests/hostkeys/mktestdata.sh
@@ -1,11 +1,11 @@
1#!/bin/sh 1#!/bin/sh
2# $OpenBSD: mktestdata.sh,v 1.1 2015/02/16 22:18:34 djm Exp $ 2# $OpenBSD: mktestdata.sh,v 1.2 2017/04/30 23:33:48 djm Exp $
3 3
4set -ex 4set -ex
5 5
6cd testdata 6cd testdata
7 7
8rm -f rsa1* rsa* dsa* ecdsa* ed25519* 8rm -f rsa* dsa* ecdsa* ed25519*
9rm -f known_hosts* 9rm -f known_hosts*
10 10
11gen_all() { 11gen_all() {
@@ -13,13 +13,12 @@ gen_all() {
13 _ecdsa_bits=256 13 _ecdsa_bits=256
14 test "x$_n" = "x1" && _ecdsa_bits=384 14 test "x$_n" = "x1" && _ecdsa_bits=384
15 test "x$_n" = "x2" && _ecdsa_bits=521 15 test "x$_n" = "x2" && _ecdsa_bits=521
16 ssh-keygen -qt rsa1 -b 1024 -C "RSA1 #$_n" -N "" -f rsa1_$_n
17 ssh-keygen -qt rsa -b 1024 -C "RSA #$_n" -N "" -f rsa_$_n 16 ssh-keygen -qt rsa -b 1024 -C "RSA #$_n" -N "" -f rsa_$_n
18 ssh-keygen -qt dsa -b 1024 -C "DSA #$_n" -N "" -f dsa_$_n 17 ssh-keygen -qt dsa -b 1024 -C "DSA #$_n" -N "" -f dsa_$_n
19 ssh-keygen -qt ecdsa -b $_ecdsa_bits -C "ECDSA #$_n" -N "" -f ecdsa_$_n 18 ssh-keygen -qt ecdsa -b $_ecdsa_bits -C "ECDSA #$_n" -N "" -f ecdsa_$_n
20 ssh-keygen -qt ed25519 -C "ED25519 #$_n" -N "" -f ed25519_$_n 19 ssh-keygen -qt ed25519 -C "ED25519 #$_n" -N "" -f ed25519_$_n
21 # Don't need private keys 20 # Don't need private keys
22 rm -f rsa1_$_n rsa_$_n dsa_$_n ecdsa_$_n ed25519_$_n 21 rm -f rsa_$_n dsa_$_n ecdsa_$_n ed25519_$_n
23} 22}
24 23
25hentries() { 24hentries() {
@@ -64,7 +63,6 @@ rm -f known_hosts_hash_frag.old
64 echo 63 echo
65 64
66 echo "# Revoked and CA keys" 65 echo "# Revoked and CA keys"
67 printf "@revoked sisyphus.example.com " ; cat rsa1_4.pub
68 printf "@revoked sisyphus.example.com " ; cat ed25519_4.pub 66 printf "@revoked sisyphus.example.com " ; cat ed25519_4.pub
69 printf "@cert-authority prometheus.example.com " ; cat ecdsa_4.pub 67 printf "@cert-authority prometheus.example.com " ; cat ecdsa_4.pub
70 printf "@cert-authority *.example.com " ; cat dsa_4.pub 68 printf "@cert-authority *.example.com " ; cat dsa_4.pub
@@ -72,19 +70,13 @@ rm -f known_hosts_hash_frag.old
72 printf "\n" 70 printf "\n"
73 echo "# Some invalid lines" 71 echo "# Some invalid lines"
74 # Invalid marker 72 # Invalid marker
75 printf "@what sisyphus.example.com " ; cat rsa1_1.pub 73 printf "@what sisyphus.example.com " ; cat dsa_1.pub
76 # Key missing 74 # Key missing
77 echo "sisyphus.example.com " 75 echo "sisyphus.example.com "
78 # Key blob missing 76 # Key blob missing
79 echo "prometheus.example.com ssh-ed25519 " 77 echo "prometheus.example.com ssh-ed25519 "
80 # Key blob truncated 78 # Key blob truncated
81 echo "sisyphus.example.com ssh-dsa AAAATgAAAAdz" 79 echo "sisyphus.example.com ssh-dsa AAAATgAAAAdz"
82 # RSA1 key truncated after key bits
83 echo "prometheus.example.com 1024 "
84 # RSA1 key truncated after exponent
85 echo "sisyphus.example.com 1024 65535 "
86 # RSA1 key incorrect key bits
87 printf "prometheus.example.com 1025 " ; cut -d' ' -f2- < rsa1_1.pub
88 # Invalid type 80 # Invalid type
89 echo "sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg==" 81 echo "sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
90 # Type mismatch with blob 82 # Type mismatch with blob
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c
index 2eaaf063a..751825dda 100644
--- a/regress/unittests/hostkeys/test_iterate.c
+++ b/regress/unittests/hostkeys/test_iterate.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_iterate.c,v 1.4 2015/03/31 22:59:01 djm Exp $ */ 1/* $OpenBSD: test_iterate.c,v 1.5 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Regress test for hostfile.h hostkeys_foreach() 3 * Regress test for hostfile.h hostkeys_foreach()
4 * 4 *
@@ -90,14 +90,6 @@ check(struct hostkey_foreach_line *l, void *_ctx)
90 expected_keytype = (parse_key || expected->no_parse_keytype < 0) ? 90 expected_keytype = (parse_key || expected->no_parse_keytype < 0) ?
91 expected->l.keytype : expected->no_parse_keytype; 91 expected->l.keytype : expected->no_parse_keytype;
92 92
93#ifndef WITH_SSH1
94 if (parse_key && (expected->l.keytype == KEY_RSA1 ||
95 expected->no_parse_keytype == KEY_RSA1)) {
96 expected_status = HKF_STATUS_INVALID;
97 expected_keytype = KEY_UNSPEC;
98 parse_key = 0;
99 }
100#endif
101#ifndef OPENSSL_HAS_ECC 93#ifndef OPENSSL_HAS_ECC
102 if (expected->l.keytype == KEY_ECDSA || 94 if (expected->l.keytype == KEY_ECDSA ||
103 expected->no_parse_keytype == KEY_ECDSA) { 95 expected->no_parse_keytype == KEY_ECDSA) {
@@ -150,10 +142,6 @@ prepare_expected(struct expected *expected, size_t n)
150 for (i = 0; i < n; i++) { 142 for (i = 0; i < n; i++) {
151 if (expected[i].key_file == NULL) 143 if (expected[i].key_file == NULL)
152 continue; 144 continue;
153#ifndef WITH_SSH1
154 if (expected[i].l.keytype == KEY_RSA1)
155 continue;
156#endif
157#ifndef OPENSSL_HAS_ECC 145#ifndef OPENSSL_HAS_ECC
158 if (expected[i].l.keytype == KEY_ECDSA) 146 if (expected[i].l.keytype == KEY_ECDSA)
159 continue; 147 continue;
@@ -217,22 +205,9 @@ struct expected expected_full[] = {
217 NULL, /* filled at runtime */ 205 NULL, /* filled at runtime */
218 "ED25519 #1", 206 "ED25519 #1",
219 } }, 207 } },
220 { "rsa1_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
221 NULL,
222 5,
223 HKF_STATUS_OK,
224 0,
225 NULL,
226 MRK_NONE,
227 "sisyphus.example.com",
228 NULL,
229 KEY_RSA1,
230 NULL, /* filled at runtime */
231 "RSA1 #1",
232 } },
233 { "rsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { 208 { "rsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
234 NULL, 209 NULL,
235 6, 210 5,
236 HKF_STATUS_OK, 211 HKF_STATUS_OK,
237 0, 212 0,
238 NULL, 213 NULL,
@@ -245,7 +220,7 @@ struct expected expected_full[] = {
245 } }, 220 } },
246 { NULL, -1, -1, 0, 0, 0, 0, -1, { 221 { NULL, -1, -1, 0, 0, 0, 0, -1, {
247 NULL, 222 NULL,
248 7, 223 6,
249 HKF_STATUS_COMMENT, 224 HKF_STATUS_COMMENT,
250 0, 225 0,
251 "", 226 "",
@@ -258,7 +233,7 @@ struct expected expected_full[] = {
258 } }, 233 } },
259 { NULL, -1, -1, 0, 0, 0, 0, -1, { 234 { NULL, -1, -1, 0, 0, 0, 0, -1, {
260 NULL, 235 NULL,
261 8, 236 7,
262 HKF_STATUS_COMMENT, 237 HKF_STATUS_COMMENT,
263 0, 238 0,
264 "# Plain host keys, hostnames + addresses", 239 "# Plain host keys, hostnames + addresses",
@@ -271,7 +246,7 @@ struct expected expected_full[] = {
271 } }, 246 } },
272 { "dsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 247 { "dsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
273 NULL, 248 NULL,
274 9, 249 8,
275 HKF_STATUS_OK, 250 HKF_STATUS_OK,
276 0, 251 0,
277 NULL, 252 NULL,
@@ -284,7 +259,7 @@ struct expected expected_full[] = {
284 } }, 259 } },
285 { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 260 { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
286 NULL, 261 NULL,
287 10, 262 9,
288 HKF_STATUS_OK, 263 HKF_STATUS_OK,
289 0, 264 0,
290 NULL, 265 NULL,
@@ -297,7 +272,7 @@ struct expected expected_full[] = {
297 } }, 272 } },
298 { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 273 { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
299 NULL, 274 NULL,
300 11, 275 10,
301 HKF_STATUS_OK, 276 HKF_STATUS_OK,
302 0, 277 0,
303 NULL, 278 NULL,
@@ -308,22 +283,9 @@ struct expected expected_full[] = {
308 NULL, /* filled at runtime */ 283 NULL, /* filled at runtime */
309 "ED25519 #2", 284 "ED25519 #2",
310 } }, 285 } },
311 { "rsa1_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
312 NULL,
313 12,
314 HKF_STATUS_OK,
315 0,
316 NULL,
317 MRK_NONE,
318 "prometheus.example.com,192.0.2.1,2001:db8::1",
319 NULL,
320 KEY_RSA1,
321 NULL, /* filled at runtime */
322 "RSA1 #2",
323 } },
324 { "rsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 286 { "rsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
325 NULL, 287 NULL,
326 13, 288 11,
327 HKF_STATUS_OK, 289 HKF_STATUS_OK,
328 0, 290 0,
329 NULL, 291 NULL,
@@ -336,7 +298,7 @@ struct expected expected_full[] = {
336 } }, 298 } },
337 { NULL, -1, -1, 0, 0, 0, 0, -1, { 299 { NULL, -1, -1, 0, 0, 0, 0, -1, {
338 NULL, 300 NULL,
339 14, 301 12,
340 HKF_STATUS_COMMENT, 302 HKF_STATUS_COMMENT,
341 0, 303 0,
342 "", 304 "",
@@ -349,7 +311,7 @@ struct expected expected_full[] = {
349 } }, 311 } },
350 { NULL, -1, -1, 0, 0, 0, 0, -1, { 312 { NULL, -1, -1, 0, 0, 0, 0, -1, {
351 NULL, 313 NULL,
352 15, 314 13,
353 HKF_STATUS_COMMENT, 315 HKF_STATUS_COMMENT,
354 0, 316 0,
355 "# Some hosts with wildcard names / IPs", 317 "# Some hosts with wildcard names / IPs",
@@ -362,7 +324,7 @@ struct expected expected_full[] = {
362 } }, 324 } },
363 { "dsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 325 { "dsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
364 NULL, 326 NULL,
365 16, 327 14,
366 HKF_STATUS_OK, 328 HKF_STATUS_OK,
367 0, 329 0,
368 NULL, 330 NULL,
@@ -375,7 +337,7 @@ struct expected expected_full[] = {
375 } }, 337 } },
376 { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 338 { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
377 NULL, 339 NULL,
378 17, 340 15,
379 HKF_STATUS_OK, 341 HKF_STATUS_OK,
380 0, 342 0,
381 NULL, 343 NULL,
@@ -388,7 +350,7 @@ struct expected expected_full[] = {
388 } }, 350 } },
389 { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 351 { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
390 NULL, 352 NULL,
391 18, 353 16,
392 HKF_STATUS_OK, 354 HKF_STATUS_OK,
393 0, 355 0,
394 NULL, 356 NULL,
@@ -399,22 +361,9 @@ struct expected expected_full[] = {
399 NULL, /* filled at runtime */ 361 NULL, /* filled at runtime */
400 "ED25519 #3", 362 "ED25519 #3",
401 } }, 363 } },
402 { "rsa1_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
403 NULL,
404 19,
405 HKF_STATUS_OK,
406 0,
407 NULL,
408 MRK_NONE,
409 "*.example.com,192.0.2.*,2001:*",
410 NULL,
411 KEY_RSA1,
412 NULL, /* filled at runtime */
413 "RSA1 #3",
414 } },
415 { "rsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { 364 { "rsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
416 NULL, 365 NULL,
417 20, 366 17,
418 HKF_STATUS_OK, 367 HKF_STATUS_OK,
419 0, 368 0,
420 NULL, 369 NULL,
@@ -427,7 +376,7 @@ struct expected expected_full[] = {
427 } }, 376 } },
428 { NULL, -1, -1, 0, 0, 0, 0, -1, { 377 { NULL, -1, -1, 0, 0, 0, 0, -1, {
429 NULL, 378 NULL,
430 21, 379 18,
431 HKF_STATUS_COMMENT, 380 HKF_STATUS_COMMENT,
432 0, 381 0,
433 "", 382 "",
@@ -440,7 +389,7 @@ struct expected expected_full[] = {
440 } }, 389 } },
441 { NULL, -1, -1, 0, 0, 0, 0, -1, { 390 { NULL, -1, -1, 0, 0, 0, 0, -1, {
442 NULL, 391 NULL,
443 22, 392 19,
444 HKF_STATUS_COMMENT, 393 HKF_STATUS_COMMENT,
445 0, 394 0,
446 "# Hashed hostname and address entries", 395 "# Hashed hostname and address entries",
@@ -453,7 +402,7 @@ struct expected expected_full[] = {
453 } }, 402 } },
454 { "dsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { 403 { "dsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
455 NULL, 404 NULL,
456 23, 405 20,
457 HKF_STATUS_OK, 406 HKF_STATUS_OK,
458 0, 407 0,
459 NULL, 408 NULL,
@@ -466,7 +415,7 @@ struct expected expected_full[] = {
466 } }, 415 } },
467 { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { 416 { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
468 NULL, 417 NULL,
469 24, 418 21,
470 HKF_STATUS_OK, 419 HKF_STATUS_OK,
471 0, 420 0,
472 NULL, 421 NULL,
@@ -479,7 +428,7 @@ struct expected expected_full[] = {
479 } }, 428 } },
480 { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { 429 { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
481 NULL, 430 NULL,
482 25, 431 22,
483 HKF_STATUS_OK, 432 HKF_STATUS_OK,
484 0, 433 0,
485 NULL, 434 NULL,
@@ -490,22 +439,9 @@ struct expected expected_full[] = {
490 NULL, /* filled at runtime */ 439 NULL, /* filled at runtime */
491 "ED25519 #5", 440 "ED25519 #5",
492 } }, 441 } },
493 { "rsa1_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
494 NULL,
495 26,
496 HKF_STATUS_OK,
497 0,
498 NULL,
499 MRK_NONE,
500 NULL,
501 NULL,
502 KEY_RSA1,
503 NULL, /* filled at runtime */
504 "RSA1 #5",
505 } },
506 { "rsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { 442 { "rsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
507 NULL, 443 NULL,
508 27, 444 23,
509 HKF_STATUS_OK, 445 HKF_STATUS_OK,
510 0, 446 0,
511 NULL, 447 NULL,
@@ -518,7 +454,7 @@ struct expected expected_full[] = {
518 } }, 454 } },
519 { NULL, -1, -1, 0, 0, 0, 0, -1, { 455 { NULL, -1, -1, 0, 0, 0, 0, -1, {
520 NULL, 456 NULL,
521 28, 457 24,
522 HKF_STATUS_COMMENT, 458 HKF_STATUS_COMMENT,
523 0, 459 0,
524 "", 460 "",
@@ -536,7 +472,7 @@ struct expected expected_full[] = {
536 */ 472 */
537 { "dsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { 473 { "dsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
538 NULL, 474 NULL,
539 29, 475 25,
540 HKF_STATUS_OK, 476 HKF_STATUS_OK,
541 0, 477 0,
542 NULL, 478 NULL,
@@ -549,7 +485,7 @@ struct expected expected_full[] = {
549 } }, 485 } },
550 { "dsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { 486 { "dsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
551 NULL, 487 NULL,
552 30, 488 26,
553 HKF_STATUS_OK, 489 HKF_STATUS_OK,
554 0, 490 0,
555 NULL, 491 NULL,
@@ -562,7 +498,7 @@ struct expected expected_full[] = {
562 } }, 498 } },
563 { "dsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { 499 { "dsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
564 NULL, 500 NULL,
565 31, 501 27,
566 HKF_STATUS_OK, 502 HKF_STATUS_OK,
567 0, 503 0,
568 NULL, 504 NULL,
@@ -575,7 +511,7 @@ struct expected expected_full[] = {
575 } }, 511 } },
576 { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { 512 { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
577 NULL, 513 NULL,
578 32, 514 28,
579 HKF_STATUS_OK, 515 HKF_STATUS_OK,
580 0, 516 0,
581 NULL, 517 NULL,
@@ -588,7 +524,7 @@ struct expected expected_full[] = {
588 } }, 524 } },
589 { "ecdsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { 525 { "ecdsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
590 NULL, 526 NULL,
591 33, 527 29,
592 HKF_STATUS_OK, 528 HKF_STATUS_OK,
593 0, 529 0,
594 NULL, 530 NULL,
@@ -601,7 +537,7 @@ struct expected expected_full[] = {
601 } }, 537 } },
602 { "ecdsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { 538 { "ecdsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
603 NULL, 539 NULL,
604 34, 540 30,
605 HKF_STATUS_OK, 541 HKF_STATUS_OK,
606 0, 542 0,
607 NULL, 543 NULL,
@@ -614,7 +550,7 @@ struct expected expected_full[] = {
614 } }, 550 } },
615 { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { 551 { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
616 NULL, 552 NULL,
617 35, 553 31,
618 HKF_STATUS_OK, 554 HKF_STATUS_OK,
619 0, 555 0,
620 NULL, 556 NULL,
@@ -627,7 +563,7 @@ struct expected expected_full[] = {
627 } }, 563 } },
628 { "ed25519_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { 564 { "ed25519_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
629 NULL, 565 NULL,
630 36, 566 32,
631 HKF_STATUS_OK, 567 HKF_STATUS_OK,
632 0, 568 0,
633 NULL, 569 NULL,
@@ -640,7 +576,7 @@ struct expected expected_full[] = {
640 } }, 576 } },
641 { "ed25519_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { 577 { "ed25519_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
642 NULL, 578 NULL,
643 37, 579 33,
644 HKF_STATUS_OK, 580 HKF_STATUS_OK,
645 0, 581 0,
646 NULL, 582 NULL,
@@ -651,48 +587,9 @@ struct expected expected_full[] = {
651 NULL, /* filled at runtime */ 587 NULL, /* filled at runtime */
652 "ED25519 #6", 588 "ED25519 #6",
653 } }, 589 } },
654 { "rsa1_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
655 NULL,
656 38,
657 HKF_STATUS_OK,
658 0,
659 NULL,
660 MRK_NONE,
661 NULL,
662 NULL,
663 KEY_RSA1,
664 NULL, /* filled at runtime */
665 "RSA1 #6",
666 } },
667 { "rsa1_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
668 NULL,
669 39,
670 HKF_STATUS_OK,
671 0,
672 NULL,
673 MRK_NONE,
674 NULL,
675 NULL,
676 KEY_RSA1,
677 NULL, /* filled at runtime */
678 "RSA1 #6",
679 } },
680 { "rsa1_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
681 NULL,
682 40,
683 HKF_STATUS_OK,
684 0,
685 NULL,
686 MRK_NONE,
687 NULL,
688 NULL,
689 KEY_RSA1,
690 NULL, /* filled at runtime */
691 "RSA1 #6",
692 } },
693 { "rsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { 590 { "rsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
694 NULL, 591 NULL,
695 41, 592 34,
696 HKF_STATUS_OK, 593 HKF_STATUS_OK,
697 0, 594 0,
698 NULL, 595 NULL,
@@ -705,7 +602,7 @@ struct expected expected_full[] = {
705 } }, 602 } },
706 { "rsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, { 603 { "rsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
707 NULL, 604 NULL,
708 42, 605 35,
709 HKF_STATUS_OK, 606 HKF_STATUS_OK,
710 0, 607 0,
711 NULL, 608 NULL,
@@ -718,7 +615,7 @@ struct expected expected_full[] = {
718 } }, 615 } },
719 { "rsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, { 616 { "rsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
720 NULL, 617 NULL,
721 43, 618 36,
722 HKF_STATUS_OK, 619 HKF_STATUS_OK,
723 0, 620 0,
724 NULL, 621 NULL,
@@ -731,7 +628,7 @@ struct expected expected_full[] = {
731 } }, 628 } },
732 { NULL, -1, -1, 0, 0, 0, 0, -1, { 629 { NULL, -1, -1, 0, 0, 0, 0, -1, {
733 NULL, 630 NULL,
734 44, 631 37,
735 HKF_STATUS_COMMENT, 632 HKF_STATUS_COMMENT,
736 0, 633 0,
737 "", 634 "",
@@ -744,7 +641,7 @@ struct expected expected_full[] = {
744 } }, 641 } },
745 { NULL, -1, -1, 0, 0, 0, 0, -1, { 642 { NULL, -1, -1, 0, 0, 0, 0, -1, {
746 NULL, 643 NULL,
747 45, 644 38,
748 HKF_STATUS_COMMENT, 645 HKF_STATUS_COMMENT,
749 0, 646 0,
750 "", 647 "",
@@ -757,7 +654,7 @@ struct expected expected_full[] = {
757 } }, 654 } },
758 { NULL, -1, -1, 0, 0, 0, 0, -1, { 655 { NULL, -1, -1, 0, 0, 0, 0, -1, {
759 NULL, 656 NULL,
760 46, 657 39,
761 HKF_STATUS_COMMENT, 658 HKF_STATUS_COMMENT,
762 0, 659 0,
763 "# Revoked and CA keys", 660 "# Revoked and CA keys",
@@ -768,22 +665,9 @@ struct expected expected_full[] = {
768 NULL, 665 NULL,
769 NULL, 666 NULL,
770 } }, 667 } },
771 { "rsa1_4.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
772 NULL,
773 47,
774 HKF_STATUS_OK,
775 0,
776 NULL,
777 MRK_REVOKE,
778 "sisyphus.example.com",
779 NULL,
780 KEY_RSA1,
781 NULL, /* filled at runtime */
782 "RSA1 #4",
783 } },
784 { "ed25519_4.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { 668 { "ed25519_4.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
785 NULL, 669 NULL,
786 48, 670 40,
787 HKF_STATUS_OK, 671 HKF_STATUS_OK,
788 0, 672 0,
789 NULL, 673 NULL,
@@ -796,7 +680,7 @@ struct expected expected_full[] = {
796 } }, 680 } },
797 { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { 681 { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
798 NULL, 682 NULL,
799 49, 683 41,
800 HKF_STATUS_OK, 684 HKF_STATUS_OK,
801 0, 685 0,
802 NULL, 686 NULL,
@@ -809,7 +693,7 @@ struct expected expected_full[] = {
809 } }, 693 } },
810 { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { 694 { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, {
811 NULL, 695 NULL,
812 50, 696 42,
813 HKF_STATUS_OK, 697 HKF_STATUS_OK,
814 0, 698 0,
815 NULL, 699 NULL,
@@ -822,7 +706,7 @@ struct expected expected_full[] = {
822 } }, 706 } },
823 { NULL, -1, -1, 0, 0, 0, 0, -1, { 707 { NULL, -1, -1, 0, 0, 0, 0, -1, {
824 NULL, 708 NULL,
825 51, 709 43,
826 HKF_STATUS_COMMENT, 710 HKF_STATUS_COMMENT,
827 0, 711 0,
828 "", 712 "",
@@ -835,7 +719,7 @@ struct expected expected_full[] = {
835 } }, 719 } },
836 { NULL, -1, -1, 0, 0, 0, 0, -1, { 720 { NULL, -1, -1, 0, 0, 0, 0, -1, {
837 NULL, 721 NULL,
838 52, 722 44,
839 HKF_STATUS_COMMENT, 723 HKF_STATUS_COMMENT,
840 0, 724 0,
841 "# Some invalid lines", 725 "# Some invalid lines",
@@ -848,7 +732,7 @@ struct expected expected_full[] = {
848 } }, 732 } },
849 { NULL, -1, -1, 0, 0, 0, 0, -1, { 733 { NULL, -1, -1, 0, 0, 0, 0, -1, {
850 NULL, 734 NULL,
851 53, 735 45,
852 HKF_STATUS_INVALID, 736 HKF_STATUS_INVALID,
853 0, 737 0,
854 NULL, 738 NULL,
@@ -861,7 +745,7 @@ struct expected expected_full[] = {
861 } }, 745 } },
862 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { 746 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
863 NULL, 747 NULL,
864 54, 748 46,
865 HKF_STATUS_INVALID, 749 HKF_STATUS_INVALID,
866 0, 750 0,
867 NULL, 751 NULL,
@@ -874,7 +758,7 @@ struct expected expected_full[] = {
874 } }, 758 } },
875 { NULL, -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { 759 { NULL, -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
876 NULL, 760 NULL,
877 55, 761 47,
878 HKF_STATUS_INVALID, 762 HKF_STATUS_INVALID,
879 0, 763 0,
880 NULL, 764 NULL,
@@ -887,33 +771,7 @@ struct expected expected_full[] = {
887 } }, 771 } },
888 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { 772 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
889 NULL, 773 NULL,
890 56, 774 48,
891 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
892 0,
893 NULL,
894 MRK_NONE,
895 "sisyphus.example.com",
896 NULL,
897 KEY_UNSPEC,
898 NULL,
899 NULL,
900 } },
901 { NULL, -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
902 NULL,
903 57,
904 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
905 0,
906 NULL,
907 MRK_NONE,
908 "prometheus.example.com",
909 NULL,
910 KEY_UNSPEC,
911 NULL,
912 NULL,
913 } },
914 { NULL, HKF_STATUS_OK, KEY_RSA1, 0, HKF_MATCH_HOST, 0, 0, -1, {
915 NULL,
916 58,
917 HKF_STATUS_INVALID, /* Would be ok if key not parsed */ 775 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
918 0, 776 0,
919 NULL, 777 NULL,
@@ -924,22 +782,9 @@ struct expected expected_full[] = {
924 NULL, 782 NULL,
925 NULL, 783 NULL,
926 } }, 784 } },
927 { NULL, HKF_STATUS_OK, KEY_RSA1, HKF_MATCH_HOST, 0, 0, 0, -1, {
928 NULL,
929 59,
930 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
931 0,
932 NULL,
933 MRK_NONE,
934 "prometheus.example.com",
935 NULL,
936 KEY_UNSPEC,
937 NULL, /* filled at runtime */
938 NULL,
939 } },
940 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { 785 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
941 NULL, 786 NULL,
942 60, 787 49,
943 HKF_STATUS_INVALID, 788 HKF_STATUS_INVALID,
944 0, 789 0,
945 NULL, 790 NULL,
@@ -952,7 +797,7 @@ struct expected expected_full[] = {
952 } }, 797 } },
953 { NULL, HKF_STATUS_OK, KEY_RSA, HKF_MATCH_HOST, 0, 0, 0, -1, { 798 { NULL, HKF_STATUS_OK, KEY_RSA, HKF_MATCH_HOST, 0, 0, 0, -1, {
954 NULL, 799 NULL,
955 61, 800 50,
956 HKF_STATUS_INVALID, /* Would be ok if key not parsed */ 801 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
957 0, 802 0,
958 NULL, 803 NULL,
diff --git a/regress/unittests/hostkeys/testdata/known_hosts b/regress/unittests/hostkeys/testdata/known_hosts
index 3740f674b..4446f45df 100644
--- a/regress/unittests/hostkeys/testdata/known_hosts
+++ b/regress/unittests/hostkeys/testdata/known_hosts
@@ -2,60 +2,49 @@
2sisyphus.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAOqffHxEW4c+Z9q/r3l4sYK8F7qrBsU8XF9upGsW62T9InROFFq9IO0x3pQ6mDA0Wtw0sqcDmkPCHPyP4Ok/fU3/drLaZusHoVYu8pBBrWsIDrKgkeX9TEodBsSrYdl4Sqtqq9EZv9+DttV6LStZrgYyUTOKwOF95wGantpLynX5AAAAFQDdt+zjRNlETDsgmxcSYFgREirJrQAAAIBQlrPaiPhR24FhnMLcHH4016vL7AqDDID6Qw7PhbXGa4/XlxWMIigjBKrIPKvnZ6p712LSnCKtcbfdx0MtmJlNa01CYqPaRhgRaf+uGdvTkTUcdaq8R5lLJL+JMNwUhcC8ijm3NqEjXjffuebGe1EzIeiITbA7Nndcd+GytwRDegAAAIEAkRYPjSVcUxfUHhHdpP6V8CuY1+CYSs9EPJ7iiWTDuXWVIBTU32oJLAnrmAcOwtIzEfPvm+rff5FI/Yhon2pB3VTXhPPEBjYzE5qANanAT4e6tzAVc5f3DUhHaDknwRYfDz86GFvuLtDjeE/UZ9t6OofYoEsCBpYozLAprBvNIQY= DSA #1 2sisyphus.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAOqffHxEW4c+Z9q/r3l4sYK8F7qrBsU8XF9upGsW62T9InROFFq9IO0x3pQ6mDA0Wtw0sqcDmkPCHPyP4Ok/fU3/drLaZusHoVYu8pBBrWsIDrKgkeX9TEodBsSrYdl4Sqtqq9EZv9+DttV6LStZrgYyUTOKwOF95wGantpLynX5AAAAFQDdt+zjRNlETDsgmxcSYFgREirJrQAAAIBQlrPaiPhR24FhnMLcHH4016vL7AqDDID6Qw7PhbXGa4/XlxWMIigjBKrIPKvnZ6p712LSnCKtcbfdx0MtmJlNa01CYqPaRhgRaf+uGdvTkTUcdaq8R5lLJL+JMNwUhcC8ijm3NqEjXjffuebGe1EzIeiITbA7Nndcd+GytwRDegAAAIEAkRYPjSVcUxfUHhHdpP6V8CuY1+CYSs9EPJ7iiWTDuXWVIBTU32oJLAnrmAcOwtIzEfPvm+rff5FI/Yhon2pB3VTXhPPEBjYzE5qANanAT4e6tzAVc5f3DUhHaDknwRYfDz86GFvuLtDjeE/UZ9t6OofYoEsCBpYozLAprBvNIQY= DSA #1
3sisyphus.example.com ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBF6yQEtD9yBw9gmDRf477WBBzvWhAa0ioBI3nbA4emKykj0RbuQd5C4XdQAEOZGzE7v//FcCjwB2wi+JH5eKkxCtN6CjohDASZ1huoIV2UVyYIicZJEEOg1IWjjphvaxtw== ECDSA #1 3sisyphus.example.com ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBF6yQEtD9yBw9gmDRf477WBBzvWhAa0ioBI3nbA4emKykj0RbuQd5C4XdQAEOZGzE7v//FcCjwB2wi+JH5eKkxCtN6CjohDASZ1huoIV2UVyYIicZJEEOg1IWjjphvaxtw== ECDSA #1
4sisyphus.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9ks7jkua5YWIwByRnnnc6UPJQWI75O0e/UJdPYU1JI ED25519 #1 4sisyphus.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9ks7jkua5YWIwByRnnnc6UPJQWI75O0e/UJdPYU1JI ED25519 #1
5sisyphus.example.com 1024 65537 153895431603677073925890314548566704948446776958334195280085080329934839226701954473292358821568047724356487621573742372399387931887004184139835510820577359977148363519970774657801798872789118894962853659233045778161859413980935372685480527355016624825696983269800574755126132814333241868538220824608980319407 RSA1 #1
6sisyphus.example.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDg4hB4vAZHJ0PVRiJajOv/GlytFWNpv5/9xgB9+5BIbvp8LOrFZ5D9K0Gsmwpd4G4rfaAz8j896DhMArg0vtkilIPPGt/6VzWMERgvaIQPJ/IE99X3+fjcAG56oAWwy29JX10lQMzBPU6XJIaN/zqpkb6qUBiAHBdLpxrFBBU0/w== RSA #1 5sisyphus.example.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDg4hB4vAZHJ0PVRiJajOv/GlytFWNpv5/9xgB9+5BIbvp8LOrFZ5D9K0Gsmwpd4G4rfaAz8j896DhMArg0vtkilIPPGt/6VzWMERgvaIQPJ/IE99X3+fjcAG56oAWwy29JX10lQMzBPU6XJIaN/zqpkb6qUBiAHBdLpxrFBBU0/w== RSA #1
7 6
8# Plain host keys, hostnames + addresses 7# Plain host keys, hostnames + addresses
9prometheus.example.com,192.0.2.1,2001:db8::1 ssh-dss AAAAB3NzaC1kc3MAAACBAI38Hy/61/O5Bp6yUG8J5XQCeNjRS0xvjlCdzKLyXCueMa+L+X2L/u9PWUsy5SVbTjGgpB8sF6UkCNsV+va7S8zCCHas2MZ7GPlxP6GZBkRPTIFR0N/Pu7wfBzDQz0t0iL4VmxBfTBQv/SxkGWZg+yHihIQP9fwdSAwD/7aVh6ItAAAAFQDSyihIUlINlswM0PJ8wXSti3yIMwAAAIB+oqzaB6ozqs8YxpN5oQOBa/9HEBQEsp8RSIlQmVubXRNgktp42n+Ii1waU9UUk8DX5ahhIeR6B7ojWkqmDAji4SKpoHf4kmr6HvYo85ZSTSx0W4YK/gJHSpDJwhlT52tAfb1JCbWSObjl09B4STv7KedCHcR5oXQvvrV+XoKOSAAAAIAue/EXrs2INw1RfaKNHC0oqOMxmRitv0BFMuNVPo1VDj39CE5kA7AHjwvS1TNeaHtK5Hhgeb6vsmLmNPTOc8xCob0ilyQbt9O0GbONeF2Ge7D2UJyULA/hxql+tCYFIC6yUrmo35fF9XiNisXLoaflk9fjp7ROWWVwnki/jstaQw== DSA #2 8prometheus.example.com,192.0.2.1,2001:db8::1 ssh-dss AAAAB3NzaC1kc3MAAACBAI38Hy/61/O5Bp6yUG8J5XQCeNjRS0xvjlCdzKLyXCueMa+L+X2L/u9PWUsy5SVbTjGgpB8sF6UkCNsV+va7S8zCCHas2MZ7GPlxP6GZBkRPTIFR0N/Pu7wfBzDQz0t0iL4VmxBfTBQv/SxkGWZg+yHihIQP9fwdSAwD/7aVh6ItAAAAFQDSyihIUlINlswM0PJ8wXSti3yIMwAAAIB+oqzaB6ozqs8YxpN5oQOBa/9HEBQEsp8RSIlQmVubXRNgktp42n+Ii1waU9UUk8DX5ahhIeR6B7ojWkqmDAji4SKpoHf4kmr6HvYo85ZSTSx0W4YK/gJHSpDJwhlT52tAfb1JCbWSObjl09B4STv7KedCHcR5oXQvvrV+XoKOSAAAAIAue/EXrs2INw1RfaKNHC0oqOMxmRitv0BFMuNVPo1VDj39CE5kA7AHjwvS1TNeaHtK5Hhgeb6vsmLmNPTOc8xCob0ilyQbt9O0GbONeF2Ge7D2UJyULA/hxql+tCYFIC6yUrmo35fF9XiNisXLoaflk9fjp7ROWWVwnki/jstaQw== DSA #2
10prometheus.example.com,192.0.2.1,2001:db8::1 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAB8qVcXwgBM92NCmReQlPrZAoui4Bz/mW0VUBFOpHXXW1n+15b/Y7Pc6UBd/ITTZmaBciXY+PWaSBGdwc5GdqGdLgFyJ/QAGrFMPNpVutm/82gNQzlxpNwjbMcKyiZEXzSgnjS6DzMQ0WuSMdzIBXq8OW/Kafxg4ZkU6YqALUXxlQMZuQ== ECDSA #2 9prometheus.example.com,192.0.2.1,2001:db8::1 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAB8qVcXwgBM92NCmReQlPrZAoui4Bz/mW0VUBFOpHXXW1n+15b/Y7Pc6UBd/ITTZmaBciXY+PWaSBGdwc5GdqGdLgFyJ/QAGrFMPNpVutm/82gNQzlxpNwjbMcKyiZEXzSgnjS6DzMQ0WuSMdzIBXq8OW/Kafxg4ZkU6YqALUXxlQMZuQ== ECDSA #2
11prometheus.example.com,192.0.2.1,2001:db8::1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBp6PVW0z2o9C4Ukv/JOgmK7QMFe1pD1s3ADFF7IQob ED25519 #2 10prometheus.example.com,192.0.2.1,2001:db8::1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBp6PVW0z2o9C4Ukv/JOgmK7QMFe1pD1s3ADFF7IQob ED25519 #2
12prometheus.example.com,192.0.2.1,2001:db8::1 1024 65537 135970715082947442639683969597180728933388298633245835186618852623800675939308729462220235058285909679252157995530180587329132927339620517781785310829060832352381015614725360278571924286986474946772141568893116432268565829418506866604294073334978275702221949783314402806080929601995102334442541344606109853641 RSA1 #2
13prometheus.example.com,192.0.2.1,2001:db8::1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDmbUhNabB5AmBDX6GNHZ3lbn7pRxqfpW+f53QqNGlK0sLV+0gkMIrOfUp1kdE2ZLE6tfzdicatj/RlH6/wuo4yyYb+Pyx3G0vxdmAIiA4aANq38XweDucBC0TZkRWVHK+Gs5V/uV0z7N0axJvkkJujMLvST3CRiiWwlficBc6yVQ== RSA #2 11prometheus.example.com,192.0.2.1,2001:db8::1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDmbUhNabB5AmBDX6GNHZ3lbn7pRxqfpW+f53QqNGlK0sLV+0gkMIrOfUp1kdE2ZLE6tfzdicatj/RlH6/wuo4yyYb+Pyx3G0vxdmAIiA4aANq38XweDucBC0TZkRWVHK+Gs5V/uV0z7N0axJvkkJujMLvST3CRiiWwlficBc6yVQ== RSA #2
14 12
15# Some hosts with wildcard names / IPs 13# Some hosts with wildcard names / IPs
16*.example.com,192.0.2.*,2001:* ssh-dss AAAAB3NzaC1kc3MAAACBAI6lz2Ip9bzE7TGuDD4SjO9S4Ac90gq0h6ai1O06eI8t/Ot2uJ5Jk2QyVr2jvIZHDl/5bwBx7+5oyjlwRoUrAPPD814wf5tU2tSnmdu1Wbf0cBswif5q0r4tevzmopp/AtgH11QHo3u0/pfyJd10qBDLV2FaYSKMmZvyPfZJ0s9pAAAAFQD5Eqjl6Rx2qVePodD9OwAPT0bU6wAAAIAfnDm6csZF0sFaJR3NIJvaYgSGr8s7cqlsk2gLltB/1wOOO2yX+NeEC+B0H93hlMfaUsPa08bwgmYxnavSMqEBpmtPceefJiEd68zwYqXd38f88wyWZ9Z5iwaI/6OVZPHzCbDxOa4ewVTevRNYUKP1xUTZNT8/gSMfZLYPk4T2AQAAAIAUKroozRMyV+3V/rxt0gFnNxRXBKk+9cl3vgsQ7ktkI9cYg7V1T2K0XF21AVMK9gODszy6PBJjV6ruXBV6TRiqIbQauivp3bHHKYsG6wiJNqwdbVwIjfvv8nn1qFoZQLXG3sdONr9NwN8KzrX89OV0BlR2dVM5qqp+YxOXymP9yg== DSA #3 14*.example.com,192.0.2.*,2001:* ssh-dss AAAAB3NzaC1kc3MAAACBAI6lz2Ip9bzE7TGuDD4SjO9S4Ac90gq0h6ai1O06eI8t/Ot2uJ5Jk2QyVr2jvIZHDl/5bwBx7+5oyjlwRoUrAPPD814wf5tU2tSnmdu1Wbf0cBswif5q0r4tevzmopp/AtgH11QHo3u0/pfyJd10qBDLV2FaYSKMmZvyPfZJ0s9pAAAAFQD5Eqjl6Rx2qVePodD9OwAPT0bU6wAAAIAfnDm6csZF0sFaJR3NIJvaYgSGr8s7cqlsk2gLltB/1wOOO2yX+NeEC+B0H93hlMfaUsPa08bwgmYxnavSMqEBpmtPceefJiEd68zwYqXd38f88wyWZ9Z5iwaI/6OVZPHzCbDxOa4ewVTevRNYUKP1xUTZNT8/gSMfZLYPk4T2AQAAAIAUKroozRMyV+3V/rxt0gFnNxRXBKk+9cl3vgsQ7ktkI9cYg7V1T2K0XF21AVMK9gODszy6PBJjV6ruXBV6TRiqIbQauivp3bHHKYsG6wiJNqwdbVwIjfvv8nn1qFoZQLXG3sdONr9NwN8KzrX89OV0BlR2dVM5qqp+YxOXymP9yg== DSA #3
17*.example.com,192.0.2.*,2001:* ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIb3BhJZk+vUQPg5TQc1koIzuGqloCq7wjr9LjlhG24IBeiFHLsdWw74HDlH4DrOmlxToVYk2lTdnjARleRByjk= ECDSA #3 15*.example.com,192.0.2.*,2001:* ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIb3BhJZk+vUQPg5TQc1koIzuGqloCq7wjr9LjlhG24IBeiFHLsdWw74HDlH4DrOmlxToVYk2lTdnjARleRByjk= ECDSA #3
18*.example.com,192.0.2.*,2001:* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlYfExtYZAPqYvYdrlpGlSWhh/XNHcH3v3c2JzsVNbB ED25519 #3 16*.example.com,192.0.2.*,2001:* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlYfExtYZAPqYvYdrlpGlSWhh/XNHcH3v3c2JzsVNbB ED25519 #3
19*.example.com,192.0.2.*,2001:* 1024 65537 125895605498029643697051635076028105429632810811904702876152645261610759866299221305725069141163240694267669117205342283569102183636228981857946763978553664895308762890072813014496700601576921921752482059207749978374872713540759920335553799711267170948655579130584031555334229966603000896364091459595522912269 RSA1 #3
20*.example.com,192.0.2.*,2001:* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDX8F93W3SH4ZSus4XUQ2cw9dqcuyUETTlKEeGv3zlknV3YCoe2Mp04naDhiuwj8sOsytrZSESzLY1ZEyzrjxE6ZFVv8NKgck/AbRjcwlRFOcx9oKUxOrXRa0IoXlTq0kyjKCJfaHBKnGitZThknCPTbVmpATkm5xx6J0WEDozfoQ== RSA #3 17*.example.com,192.0.2.*,2001:* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDX8F93W3SH4ZSus4XUQ2cw9dqcuyUETTlKEeGv3zlknV3YCoe2Mp04naDhiuwj8sOsytrZSESzLY1ZEyzrjxE6ZFVv8NKgck/AbRjcwlRFOcx9oKUxOrXRa0IoXlTq0kyjKCJfaHBKnGitZThknCPTbVmpATkm5xx6J0WEDozfoQ== RSA #3
21 18
22# Hashed hostname and address entries 19# Hashed hostname and address entries
23|1|6FWxoqTCAfm8sZ7T/q73OmxCFGM=|S4eQmusok4cbyDzzGEFGIAthDbw= ssh-dss AAAAB3NzaC1kc3MAAACBALrFy7w5ihlaOG+qR+6fj+vm5EQaO3qwxgACLcgH+VfShuOG4mkx8qFJmf+OZ3fh5iKngjNZfKtfcqI7zHWdk6378TQfQC52/kbZukjNXOLCpyNkogahcjA00onIoTK1RUDuMW28edAHwPFbpttXDTaqis+8JPMY8hZwsZGENCzTAAAAFQD6+It5vozwGgaN9ROYPMlByhi6jwAAAIBz2mcAC694vNzz9b6614gkX9d9E99PzJYfU1MPkXDziKg7MrjBw7Opd5y1jL09S3iL6lSTlHkKwVKvQ3pOwWRwXXRrKVus4I0STveoApm526jmp6mY0YEtqR98vMJ0v97h1ydt8FikKlihefCsnXVicb8887PXs2Y8C6GuFT3tfQAAAIBbmHtV5tPcrMRDkULhaQ/Whap2VKvT2DUhIHA7lx6oy/KpkltOpxDZOIGUHKqffGbiR7Jh01/y090AY5L2eCf0S2Ytx93+eADwVVpJbFJo6zSwfeey2Gm6L2oA+rCz9zTdmtZoekpD3/RAOQjnJIAPwbs7mXwabZTw4xRtiYIRrw== DSA #5 20|1|z3xOIdT5ue3Vuf3MzT67kaioqjw=|GZhhe5uwDOBQrC9N4cCjpbLpSn4= ssh-dss AAAAB3NzaC1kc3MAAACBALrFy7w5ihlaOG+qR+6fj+vm5EQaO3qwxgACLcgH+VfShuOG4mkx8qFJmf+OZ3fh5iKngjNZfKtfcqI7zHWdk6378TQfQC52/kbZukjNXOLCpyNkogahcjA00onIoTK1RUDuMW28edAHwPFbpttXDTaqis+8JPMY8hZwsZGENCzTAAAAFQD6+It5vozwGgaN9ROYPMlByhi6jwAAAIBz2mcAC694vNzz9b6614gkX9d9E99PzJYfU1MPkXDziKg7MrjBw7Opd5y1jL09S3iL6lSTlHkKwVKvQ3pOwWRwXXRrKVus4I0STveoApm526jmp6mY0YEtqR98vMJ0v97h1ydt8FikKlihefCsnXVicb8887PXs2Y8C6GuFT3tfQAAAIBbmHtV5tPcrMRDkULhaQ/Whap2VKvT2DUhIHA7lx6oy/KpkltOpxDZOIGUHKqffGbiR7Jh01/y090AY5L2eCf0S2Ytx93+eADwVVpJbFJo6zSwfeey2Gm6L2oA+rCz9zTdmtZoekpD3/RAOQjnJIAPwbs7mXwabZTw4xRtiYIRrw== DSA #5
24|1|hTrfD0CuuB9ZbOa1CHFYvIk/gKE=|tPmW50t7flncm1UyM+DR97ubDNU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIudcagzq4QPtP1jkpje34+0POLB0jwT64hqrbCqhTH2T800KDZ0h2vwlJYa3OP3Oqru9AB5pnuHsKw7mAhUGY= ECDSA #5 21|1|B7t/AYabn8zgwU47Cb4A/Nqt3eI=|arQPZyRphkzisr7w6wwikvhaOyE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIudcagzq4QPtP1jkpje34+0POLB0jwT64hqrbCqhTH2T800KDZ0h2vwlJYa3OP3Oqru9AB5pnuHsKw7mAhUGY= ECDSA #5
25|1|fOGqe75X5ZpTz4c7DitP4E8/y30=|Lmcch2fh54bUYoV//S2VqDFVeiY= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINf63qSV8rD57N+digID8t28WVhd3Yf2K2UhaoG8TsWQ ED25519 #5 22|1|JR81WxEocTP5d7goIRkl8fHBbno=|l6sj6FOsoXxgEZMzn/BnOfPKN68= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINf63qSV8rD57N+digID8t28WVhd3Yf2K2UhaoG8TsWQ ED25519 #5
26|1|0RVzLjY3lwE3MRweguaAXaCCWk8=|DbcIgJQcRZJMYI6NYDOM6oJycPk= 1024 65537 127931411493401587586867047972295564331543694182352197506125410692673654572057908999642645524647232712160516076508316152810117209181150078352725299319149726341058893406440426414316276977768958023952319602422835879783057966985348561111880658922724668687074412548487722084792283453716871417610020757212399252171 RSA1 #5 23|1|W7x4zY6KtTZJgsopyOusJqvVPag=|QauLt7hKezBZFZi2i4Xopho7Nsk= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC/C15Q4sfnk7BZff1er8bscay+5s51oD4eWArlHWMK/ZfYeeTAccTy+7B7Jv+MS4nKCpflrvJI2RQz4kS8vF0ATdBbi4jeWefStlHNg0HLhnCY7NAfDIlRdaN9lm3Pqm2vmr+CkqwcJaSpycDg8nPN9yNAuD6pv7NDuUnECezojQ== RSA #5
27|1|4q79XnHpKBNQhyMLAqbPPDN+JKo=|k1Wvjjb52zDdrXWM801+wX5oH8U= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC/C15Q4sfnk7BZff1er8bscay+5s51oD4eWArlHWMK/ZfYeeTAccTy+7B7Jv+MS4nKCpflrvJI2RQz4kS8vF0ATdBbi4jeWefStlHNg0HLhnCY7NAfDIlRdaN9lm3Pqm2vmr+CkqwcJaSpycDg8nPN9yNAuD6pv7NDuUnECezojQ== RSA #5
28 24
29|1|0M6PIx6THA3ipIOvTl3fcgn2z+A=|bwEJAOwJz+Sm7orFdgj170mD/zY= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 25|1|mxnU8luzqWLvfVi5qBm5xVIyCRM=|9Epopft7LBd80Bf6RmWPIpwa8yU= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6
30|1|a6WGHcL+9gX3e96tMlgDSDJwtSg=|5Dqlb/yqNEf7jgfllrp/ygLmRV8= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 26|1|klvLmvh2vCpkNMDEjVvrE8SJWTg=|e/dqEEBLnbgqmwEesl4cDRu/7TM= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6
31|1|OeCpi7Pn5Q6c8la4fPf9G8YctT8=|sC6D7lDXTafIpokZJ1+1xWg2R6Q= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6 27|1|wsk3ddB3UjuxEsoeNCeZjZ6NvZs=|O3O/q2Z/u7DrxoTiIq6kzCevQT0= ssh-dss AAAAB3NzaC1kc3MAAACBAIutigAse65TCW6hHDOEGXenE9L4L0talHbs65hj3UUNtWflKdQeXLofqXgW8AwaDKmnuRPrxRoxVNXj84n45wtBEdt4ztmdAZteAbXSnHqpcxME3jDxh3EtxzGPXLs+RUmKPVguraSgo7W2oN7KFx6VM+AcAtxANSTlvDid3s47AAAAFQCd9Q3kkHSLWe77sW0eRaayI45ovwAAAIAw6srGF6xvFasI44Y3r9JJ2K+3ezozl3ldL3p2+p2HG3iWafC4SdV8pB6ZIxKlYAywiiFb3LzH/JweGFq1jtoFDRM3MlYORBevydU4zPz7b5QLDVB0sY4evYtWmg2BFJvoWRfhLnlZVW7h5N8v4fNIwdVmVsw4Ljes7iF2HRGhHgAAAIBDFT3fww2Oby1xUA6G9pDAcVikrQFqp1sJRylNTUyeyQ37SNAGzYxwHJFgQr8gZLdRQ1UW+idYpqVbVNcYFMOiw/zSqK2OfVwPZ9U+TTKdc992ChSup6vJEKM/ZVIyDWDbJr7igQ4ahy7jo9mFvm8ljN926EnspQzCvs0Dxk6tHA== DSA #6
32|1|BHESVyiJ7G2NN0lxrw7vT109jmk=|TKof+015J77bXqibsh0N1Lp0MKk= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6 28|1|B8epmkLSni+vGZDijr/EwxeR2k4=|7ct8yzNOVJhKm3ZD2w0XIT7df8E= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6
33|1|wY53mZNASDJ5/P3JYCJ4FUNa6WQ=|v8p0MfV5lqlZB2J0yLxl/gsWVQo= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6 29|1|JojD885UhYhbCu571rgyM/5PpYU=|BJaU2aE1FebQZy3B5tzTDRWFRG0= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6
34|1|horeoyFPwfKhyFN+zJZ5LCfOo/I=|2ofvp0tNwCbKsV8FuiFA4gQG2Z8= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6 30|1|5t7UDHDybVrDZVQPCpwdnr6nk4k=|EqJ73W/veIL3H2x+YWHcJxI5ETA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK1wRLyKtvK3Mmhd0XPkKwW4ev1KBVf8J4aG8lESq1TsaqqfOXYGyxMq5pN8fCGiD5UPOqyTYz/ZNzClRhJRHao= ECDSA #6
35|1|Aw4fXumZfx6jEIJuDGIyeEMd81A=|5FdLtdm2JeKNsS8IQeQlGYIadOE= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLW0ZwCkRQldpLa4I5BpwGa/om+WE6OgC8jdVqakt0Z ED25519 #6 31|1|OCcBfGc/b9+ip+W6Gp+3ftdluO4=|VbrKUdzOOtIBOOmEE+jlK4SD3Xc= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLW0ZwCkRQldpLa4I5BpwGa/om+WE6OgC8jdVqakt0Z ED25519 #6
36|1|+dGUNpv6GblrDd5fgHLlOWpSbEo=|He/pQ1yJjtiCyTNWpGwjBD4sZFI= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLW0ZwCkRQldpLa4I5BpwGa/om+WE6OgC8jdVqakt0Z ED25519 #6 32|1|9fLN0YdP+BJ25lKuKvYuOdUo93w=|vZyr0rOiX01hv5XbghhHMW+Zb3U= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLW0ZwCkRQldpLa4I5BpwGa/om+WE6OgC8jdVqakt0Z ED25519 #6
37|1|E/PACGl8m1T7QnPedOoooozstP0=|w6DQAFT8yZgj0Hlkz5R1TppYHCA= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLW0ZwCkRQldpLa4I5BpwGa/om+WE6OgC8jdVqakt0Z ED25519 #6 33|1|nc9RoaaQ0s5jdPxwlUmluGHU3uk=|un6OsJajokKQ3MgyS9mfDNeyP6U= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLW0ZwCkRQldpLa4I5BpwGa/om+WE6OgC8jdVqakt0Z ED25519 #6
38|1|SaoyMStgxpYfwedSXBAghi8Zo0s=|Gz78k69GaE6iViV3OOvbStKqyTA= 1024 65537 140883028436203600354693376066567741282115117509696517282419557936340193768851493584179972504103033755515036493433917203732876685813283050574208967197963391667532902202382549275760997891673884333346000558018002659506756213191532156293935482587878596032743105911487673274674568768638010598205190227631909167257 RSA1 #6 34|1|rsHB6juT9q6GOY91qOeOwL6TSJE=|ps/vXF9Izuues5PbOn887Gw/2Dg= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQClu/3I6GG1Ai89Imnw0vXmWJ2OW0ftQwRrsbIAD0qzLFYpkJ76QWnzpCehvK9u0L5hcw7z2Y6mRLcSBsqONc+HVU73Qi7M4zHRvtjprPs3SOyLpf0J9sL1WiHBDwg2P0miHMCdqHDd5nVXkJB2d4eeecmgezGLa29NOHZjbza5yw== RSA #6
39|1|8qfGeiT5WTCzWYbXPQ+lsLg7km4=|1sIBwiSUr8IGkvrUGm3/9QYurmA= 1024 65537 140883028436203600354693376066567741282115117509696517282419557936340193768851493584179972504103033755515036493433917203732876685813283050574208967197963391667532902202382549275760997891673884333346000558018002659506756213191532156293935482587878596032743105911487673274674568768638010598205190227631909167257 RSA1 #6 35|1|BsckdLH2aRyWQooRmv+Yo3t4dKg=|Lf3tJc5Iyx0KxNwAG89FsImsfEE= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQClu/3I6GG1Ai89Imnw0vXmWJ2OW0ftQwRrsbIAD0qzLFYpkJ76QWnzpCehvK9u0L5hcw7z2Y6mRLcSBsqONc+HVU73Qi7M4zHRvtjprPs3SOyLpf0J9sL1WiHBDwg2P0miHMCdqHDd5nVXkJB2d4eeecmgezGLa29NOHZjbza5yw== RSA #6
40|1|87M1OtyHg1BZiDY3rT6lYsZFnAU=|eddAQVcMNbn2OB87XWXFQnYo6R4= 1024 65537 140883028436203600354693376066567741282115117509696517282419557936340193768851493584179972504103033755515036493433917203732876685813283050574208967197963391667532902202382549275760997891673884333346000558018002659506756213191532156293935482587878596032743105911487673274674568768638010598205190227631909167257 RSA1 #6 36|1|plqkBA4hq7UATyd5+/Xl+zL7ghw=|stacofaUed46666mfqxp9gJFjt4= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQClu/3I6GG1Ai89Imnw0vXmWJ2OW0ftQwRrsbIAD0qzLFYpkJ76QWnzpCehvK9u0L5hcw7z2Y6mRLcSBsqONc+HVU73Qi7M4zHRvtjprPs3SOyLpf0J9sL1WiHBDwg2P0miHMCdqHDd5nVXkJB2d4eeecmgezGLa29NOHZjbza5yw== RSA #6
41|1|60w3wFfC0XWI+rRmRlxIRhh8lwE=|yMhsGrzBJKiesAdSQ/PVgkCrDKk= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQClu/3I6GG1Ai89Imnw0vXmWJ2OW0ftQwRrsbIAD0qzLFYpkJ76QWnzpCehvK9u0L5hcw7z2Y6mRLcSBsqONc+HVU73Qi7M4zHRvtjprPs3SOyLpf0J9sL1WiHBDwg2P0miHMCdqHDd5nVXkJB2d4eeecmgezGLa29NOHZjbza5yw== RSA #6
42|1|5gdEMmLUJC7grqWhRJPy2OTaSyE=|/XTfmLMa/B8npcVCGFRdaHl+d/0= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQClu/3I6GG1Ai89Imnw0vXmWJ2OW0ftQwRrsbIAD0qzLFYpkJ76QWnzpCehvK9u0L5hcw7z2Y6mRLcSBsqONc+HVU73Qi7M4zHRvtjprPs3SOyLpf0J9sL1WiHBDwg2P0miHMCdqHDd5nVXkJB2d4eeecmgezGLa29NOHZjbza5yw== RSA #6
43|1|6FGCWUr42GHdMB/eifnHNCuwgdk=|ONJvYZ/ANmi59R5HrOhLPmvYENM= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQClu/3I6GG1Ai89Imnw0vXmWJ2OW0ftQwRrsbIAD0qzLFYpkJ76QWnzpCehvK9u0L5hcw7z2Y6mRLcSBsqONc+HVU73Qi7M4zHRvtjprPs3SOyLpf0J9sL1WiHBDwg2P0miHMCdqHDd5nVXkJB2d4eeecmgezGLa29NOHZjbza5yw== RSA #6
44 37
45 38
46# Revoked and CA keys 39# Revoked and CA keys
47@revoked sisyphus.example.com 1024 65537 174143366122697048196335388217056770310345753698079464367148030836533360510864881734142526411160017107552815906024399248049666856133771656680462456979369587903909343046704480897527203474513676654933090991684252819423129896444427656841613263783484827101210734799449281639493127615902427443211183258155381810593 RSA1 #4
48@revoked sisyphus.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFP8L9REfN/iYy1KIRtFqSCn3V2+vOCpoZYENFGLdOF ED25519 #4 40@revoked sisyphus.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFP8L9REfN/iYy1KIRtFqSCn3V2+vOCpoZYENFGLdOF ED25519 #4
49@cert-authority prometheus.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZd0OXHIWwK3xnjAdMZ1tojxWycdu38pORO/UX5cqsKMgGCKQVBWWO3TFk1ePkGIE9VMWT1hCGqWRRwYlH+dSE= ECDSA #4 41@cert-authority prometheus.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZd0OXHIWwK3xnjAdMZ1tojxWycdu38pORO/UX5cqsKMgGCKQVBWWO3TFk1ePkGIE9VMWT1hCGqWRRwYlH+dSE= ECDSA #4
50@cert-authority *.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAKvjnFHm0VvMr5h2Zu3nURsxQKGoxm+DCzYDxRYcilK07Cm5c4XTrFbA2X86+9sGs++W7QRMcTJUYIg0a+UtIMtAjwORd6ZPXM2K5dBW+gh1oHyvKi767tWX7I2c+1ZPJDY95mUUfZQUEfdy9eGDSBmw/pSsveQ1ur6XNUh/MtP/AAAAFQDHnXk/9jBJAdce1pHtLWnbdPSGdQAAAIEAm2OLy8tZBfiEO3c3X1yyB/GTcDwrQCqRMDkhnsmrliec3dWkOfNTzu+MrdvF8ymTWLEqPpbMheYtvNyZ3TF0HO5W7aVBpdGZbOdOAIfB+6skqGbI8A5Up1d7dak/bSsqL2r5NjwbDOdq+1hBzzvbl/qjh+sQarV2zHrpKoQaV28AAACANtkBVedBbqIAdphCrN/LbUi9WlyuF9UZz+tlpVLYrj8GJVwnplV2tvOmUw6yP5/pzCimTsao8dpL5PWxm7fKxLWVxA+lEsA4WeC885CiZn8xhdaJOCN+NyJ2bqkz+4VPI7oDGBm0aFwUqJn+M1PiSgvI50XdF2dBsFRTRNY0wzA= DSA #4 42@cert-authority *.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAKvjnFHm0VvMr5h2Zu3nURsxQKGoxm+DCzYDxRYcilK07Cm5c4XTrFbA2X86+9sGs++W7QRMcTJUYIg0a+UtIMtAjwORd6ZPXM2K5dBW+gh1oHyvKi767tWX7I2c+1ZPJDY95mUUfZQUEfdy9eGDSBmw/pSsveQ1ur6XNUh/MtP/AAAAFQDHnXk/9jBJAdce1pHtLWnbdPSGdQAAAIEAm2OLy8tZBfiEO3c3X1yyB/GTcDwrQCqRMDkhnsmrliec3dWkOfNTzu+MrdvF8ymTWLEqPpbMheYtvNyZ3TF0HO5W7aVBpdGZbOdOAIfB+6skqGbI8A5Up1d7dak/bSsqL2r5NjwbDOdq+1hBzzvbl/qjh+sQarV2zHrpKoQaV28AAACANtkBVedBbqIAdphCrN/LbUi9WlyuF9UZz+tlpVLYrj8GJVwnplV2tvOmUw6yP5/pzCimTsao8dpL5PWxm7fKxLWVxA+lEsA4WeC885CiZn8xhdaJOCN+NyJ2bqkz+4VPI7oDGBm0aFwUqJn+M1PiSgvI50XdF2dBsFRTRNY0wzA= DSA #4
51 43
52# Some invalid lines 44# Some invalid lines
53@what sisyphus.example.com 1024 65537 153895431603677073925890314548566704948446776958334195280085080329934839226701954473292358821568047724356487621573742372399387931887004184139835510820577359977148363519970774657801798872789118894962853659233045778161859413980935372685480527355016624825696983269800574755126132814333241868538220824608980319407 RSA1 #1 45@what sisyphus.example.com ssh-dss AAAAB3NzaC1kc3MAAACBAOqffHxEW4c+Z9q/r3l4sYK8F7qrBsU8XF9upGsW62T9InROFFq9IO0x3pQ6mDA0Wtw0sqcDmkPCHPyP4Ok/fU3/drLaZusHoVYu8pBBrWsIDrKgkeX9TEodBsSrYdl4Sqtqq9EZv9+DttV6LStZrgYyUTOKwOF95wGantpLynX5AAAAFQDdt+zjRNlETDsgmxcSYFgREirJrQAAAIBQlrPaiPhR24FhnMLcHH4016vL7AqDDID6Qw7PhbXGa4/XlxWMIigjBKrIPKvnZ6p712LSnCKtcbfdx0MtmJlNa01CYqPaRhgRaf+uGdvTkTUcdaq8R5lLJL+JMNwUhcC8ijm3NqEjXjffuebGe1EzIeiITbA7Nndcd+GytwRDegAAAIEAkRYPjSVcUxfUHhHdpP6V8CuY1+CYSs9EPJ7iiWTDuXWVIBTU32oJLAnrmAcOwtIzEfPvm+rff5FI/Yhon2pB3VTXhPPEBjYzE5qANanAT4e6tzAVc5f3DUhHaDknwRYfDz86GFvuLtDjeE/UZ9t6OofYoEsCBpYozLAprBvNIQY= DSA #1
54sisyphus.example.com 46sisyphus.example.com
55prometheus.example.com ssh-ed25519 47prometheus.example.com ssh-ed25519
56sisyphus.example.com ssh-dsa AAAATgAAAAdz 48sisyphus.example.com ssh-dsa AAAATgAAAAdz
57prometheus.example.com 1024
58sisyphus.example.com 1024 65535
59prometheus.example.com 1025 65537 153895431603677073925890314548566704948446776958334195280085080329934839226701954473292358821568047724356487621573742372399387931887004184139835510820577359977148363519970774657801798872789118894962853659233045778161859413980935372685480527355016624825696983269800574755126132814333241868538220824608980319407 RSA1 #1
60sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg== 49sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg==
61prometheus.example.com ssh-rsa AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg== 50prometheus.example.com ssh-rsa AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg==
diff --git a/regress/unittests/sshkey/mktestdata.sh b/regress/unittests/sshkey/mktestdata.sh
index e11100145..8047bc62f 100755
--- a/regress/unittests/sshkey/mktestdata.sh
+++ b/regress/unittests/sshkey/mktestdata.sh
@@ -1,25 +1,8 @@
1#!/bin/sh 1#!/bin/sh
2# $OpenBSD: mktestdata.sh,v 1.5 2015/07/07 14:53:30 markus Exp $ 2# $OpenBSD: mktestdata.sh,v 1.6 2017/04/30 23:33:48 djm Exp $
3 3
4PW=mekmitasdigoat 4PW=mekmitasdigoat
5 5
6rsa1_params() {
7 _in="$1"
8 _outbase="$2"
9 set -e
10 ssh-keygen -f $_in -e -m pkcs8 | \
11 openssl rsa -noout -text -pubin | \
12 awk '/^Modulus:$/,/^Exponent:/' | \
13 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n
14 # XXX need conversion support in ssh-keygen for the other params
15 for x in n ; do
16 echo "" >> ${_outbase}.$x
17 echo ============ ${_outbase}.$x
18 cat ${_outbase}.$x
19 echo ============
20 done
21}
22
23rsa_params() { 6rsa_params() {
24 _in="$1" 7 _in="$1"
25 _outbase="$2" 8 _outbase="$2"
@@ -87,20 +70,18 @@ set -ex
87 70
88cd testdata 71cd testdata
89 72
90rm -f rsa1_1 rsa_1 dsa_1 ecdsa_1 ed25519_1 73rm -f rsa_1 dsa_1 ecdsa_1 ed25519_1
91rm -f rsa1_2 rsa_2 dsa_2 ecdsa_2 ed25519_2 74rm -f rsa_2 dsa_2 ecdsa_2 ed25519_2
92rm -f rsa_n dsa_n ecdsa_n # new-format keys 75rm -f rsa_n dsa_n ecdsa_n # new-format keys
93rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw 76rm -f rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw
94rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw 77rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw
95rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb 78rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb
96 79
97ssh-keygen -t rsa1 -b 1024 -C "RSA1 test key #1" -N "" -f rsa1_1
98ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1 80ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1
99ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1 81ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1
100ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1 82ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1
101ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1 83ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1
102 84
103ssh-keygen -t rsa1 -b 2048 -C "RSA1 test key #2" -N "" -f rsa1_2
104ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2 85ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2
105ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2 86ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2
106ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2 87ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2
@@ -110,7 +91,6 @@ cp rsa_1 rsa_n
110cp dsa_1 dsa_n 91cp dsa_1 dsa_n
111cp ecdsa_1 ecdsa_n 92cp ecdsa_1 ecdsa_n
112 93
113cp rsa1_1 rsa1_1_pw
114cp rsa_1 rsa_1_pw 94cp rsa_1 rsa_1_pw
115cp dsa_1 dsa_1_pw 95cp dsa_1 dsa_1_pw
116cp ecdsa_1 ecdsa_1_pw 96cp ecdsa_1 ecdsa_1_pw
@@ -119,7 +99,6 @@ cp rsa_1 rsa_n_pw
119cp dsa_1 dsa_n_pw 99cp dsa_1 dsa_n_pw
120cp ecdsa_1 ecdsa_n_pw 100cp ecdsa_1 ecdsa_n_pw
121 101
122ssh-keygen -pf rsa1_1_pw -N "$PW"
123ssh-keygen -pf rsa_1_pw -N "$PW" 102ssh-keygen -pf rsa_1_pw -N "$PW"
124ssh-keygen -pf dsa_1_pw -N "$PW" 103ssh-keygen -pf dsa_1_pw -N "$PW"
125ssh-keygen -pf ecdsa_1_pw -N "$PW" 104ssh-keygen -pf ecdsa_1_pw -N "$PW"
@@ -128,8 +107,6 @@ ssh-keygen -opf rsa_n_pw -N "$PW"
128ssh-keygen -opf dsa_n_pw -N "$PW" 107ssh-keygen -opf dsa_n_pw -N "$PW"
129ssh-keygen -opf ecdsa_n_pw -N "$PW" 108ssh-keygen -opf ecdsa_n_pw -N "$PW"
130 109
131rsa1_params rsa1_1 rsa1_1.param
132rsa1_params rsa1_2 rsa1_2.param
133rsa_params rsa_1 rsa_1.param 110rsa_params rsa_1 rsa_1.param
134rsa_params rsa_2 rsa_2.param 111rsa_params rsa_2 rsa_2.param
135dsa_params dsa_1 dsa_1.param 112dsa_params dsa_1 dsa_1.param
@@ -160,12 +137,10 @@ ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \
160ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ 137ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \
161 -V 19990101:20110101 -z 8 ed25519_1.pub 138 -V 19990101:20110101 -z 8 ed25519_1.pub
162 139
163ssh-keygen -lf rsa1_1 | awk '{print $2}' > rsa1_1.fp
164ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp 140ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp
165ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp 141ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp
166ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp 142ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp
167ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp 143ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp
168ssh-keygen -lf rsa1_2 | awk '{print $2}' > rsa1_2.fp
169ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp 144ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp
170ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp 145ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp
171ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp 146ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp
@@ -176,12 +151,10 @@ ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp
176ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp 151ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp
177ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp 152ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp
178 153
179ssh-keygen -Bf rsa1_1 | awk '{print $2}' > rsa1_1.fp.bb
180ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb 154ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb
181ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb 155ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb
182ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb 156ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb
183ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb 157ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb
184ssh-keygen -Bf rsa1_2 | awk '{print $2}' > rsa1_2.fp.bb
185ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb 158ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb
186ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb 159ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb
187ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb 160ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
index 906491f2b..99b7e21c0 100644
--- a/regress/unittests/sshkey/test_file.c
+++ b/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */ 1/* $OpenBSD: test_file.c,v 1.6 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -51,55 +51,6 @@ sshkey_file_tests(void)
51 pw = load_text_file("pw"); 51 pw = load_text_file("pw");
52 TEST_DONE(); 52 TEST_DONE();
53 53
54#ifdef WITH_SSH1
55 TEST_START("parse RSA1 from private");
56 buf = load_file("rsa1_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
58 sshbuf_free(buf);
59 ASSERT_PTR_NE(k1, NULL);
60 a = load_bignum("rsa1_1.param.n");
61 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
62 BN_free(a);
63 TEST_DONE();
64
65 TEST_START("parse RSA1 from private w/ passphrase");
66 buf = load_file("rsa1_1_pw");
67 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
68 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
69 sshbuf_free(buf);
70 ASSERT_PTR_NE(k2, NULL);
71 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
72 sshkey_free(k2);
73 TEST_DONE();
74
75 TEST_START("load RSA1 from public");
76 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2,
77 NULL), 0);
78 ASSERT_PTR_NE(k2, NULL);
79 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
80 sshkey_free(k2);
81 TEST_DONE();
82
83 TEST_START("RSA1 key hex fingerprint");
84 buf = load_text_file("rsa1_1.fp");
85 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
86 ASSERT_PTR_NE(cp, NULL);
87 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
88 sshbuf_free(buf);
89 free(cp);
90 TEST_DONE();
91
92 TEST_START("RSA1 key bubblebabble fingerprint");
93 buf = load_text_file("rsa1_1.fp.bb");
94 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
95 ASSERT_PTR_NE(cp, NULL);
96 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
97 sshbuf_free(buf);
98 free(cp);
99 TEST_DONE();
100
101 sshkey_free(k1);
102#endif
103 54
104 TEST_START("parse RSA from private"); 55 TEST_START("parse RSA from private");
105 buf = load_file("rsa_1"); 56 buf = load_file("rsa_1");
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index 1f414e0ac..6706045d5 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_fuzz.c,v 1.6 2015/12/07 02:20:46 djm Exp $ */ 1/* $OpenBSD: test_fuzz.c,v 1.7 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Fuzz tests for key parsing 3 * Fuzz tests for key parsing
4 * 4 *
@@ -104,49 +104,6 @@ sshkey_fuzz_tests(void)
104 struct fuzz *fuzz; 104 struct fuzz *fuzz;
105 int r; 105 int r;
106 106
107#ifdef WITH_SSH1
108 TEST_START("fuzz RSA1 private");
109 buf = load_file("rsa1_1");
110 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
111 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
112 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
113 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
114 sshkey_free(k1);
115 sshbuf_free(buf);
116 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
117 TEST_ONERROR(onerror, fuzz);
118 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
119 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
120 ASSERT_INT_EQ(r, 0);
121 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
122 sshkey_free(k1);
123 sshbuf_reset(fuzzed);
124 }
125 sshbuf_free(fuzzed);
126 fuzz_cleanup(fuzz);
127 TEST_DONE();
128
129 TEST_START("fuzz RSA1 public");
130 buf = load_file("rsa1_1_pw");
131 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
132 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
133 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
134 ASSERT_INT_EQ(sshkey_parse_public_rsa1_fileblob(buf, &k1, NULL), 0);
135 sshkey_free(k1);
136 sshbuf_free(buf);
137 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
138 TEST_ONERROR(onerror, fuzz);
139 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
140 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
141 ASSERT_INT_EQ(r, 0);
142 if (sshkey_parse_public_rsa1_fileblob(fuzzed, &k1, NULL) == 0)
143 sshkey_free(k1);
144 sshbuf_reset(fuzzed);
145 }
146 sshbuf_free(fuzzed);
147 fuzz_cleanup(fuzz);
148 TEST_DONE();
149#endif
150 107
151 TEST_START("fuzz RSA private"); 108 TEST_START("fuzz RSA private");
152 buf = load_file("rsa_1"); 109 buf = load_file("rsa_1");
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 1476dc2e3..32f8cb63c 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_sshkey.c,v 1.10 2016/05/02 09:52:00 djm Exp $ */ 1/* $OpenBSD: test_sshkey.c,v 1.11 2017/04/30 23:33:48 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -193,16 +193,6 @@ sshkey_tests(void)
193 sshkey_free(k1); 193 sshkey_free(k1);
194 TEST_DONE(); 194 TEST_DONE();
195 195
196 TEST_START("new/free KEY_RSA1");
197 k1 = sshkey_new(KEY_RSA1);
198 ASSERT_PTR_NE(k1, NULL);
199 ASSERT_PTR_NE(k1->rsa, NULL);
200 ASSERT_PTR_NE(k1->rsa->n, NULL);
201 ASSERT_PTR_NE(k1->rsa->e, NULL);
202 ASSERT_PTR_EQ(k1->rsa->p, NULL);
203 sshkey_free(k1);
204 TEST_DONE();
205
206 TEST_START("new/free KEY_RSA"); 196 TEST_START("new/free KEY_RSA");
207 k1 = sshkey_new(KEY_RSA); 197 k1 = sshkey_new(KEY_RSA);
208 ASSERT_PTR_NE(k1, NULL); 198 ASSERT_PTR_NE(k1, NULL);