From dd8b1dd7933eb6f5652641b0cdced34a387f2e80 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 2 Jul 2014 17:38:31 +1000
Subject:    - djm@cvs.openbsd.org 2014/06/24 01:14:17      [Makefile.in
 regress/Makefile regress/unittests/Makefile]     
 [regress/unittests/sshkey/Makefile]      [regress/unittests/sshkey/common.c] 
     [regress/unittests/sshkey/common.h]     
 [regress/unittests/sshkey/mktestdata.sh]     
 [regress/unittests/sshkey/test_file.c]     
 [regress/unittests/sshkey/test_fuzz.c]     
 [regress/unittests/sshkey/test_sshkey.c]     
 [regress/unittests/sshkey/tests.c]     
 [regress/unittests/sshkey/testdata/dsa_1]     
 [regress/unittests/sshkey/testdata/dsa_1-cert.fp]     
 [regress/unittests/sshkey/testdata/dsa_1-cert.pub]     
 [regress/unittests/sshkey/testdata/dsa_1.fp]     
 [regress/unittests/sshkey/testdata/dsa_1.fp.bb]     
 [regress/unittests/sshkey/testdata/dsa_1.param.g]     
 [regress/unittests/sshkey/testdata/dsa_1.param.priv]     
 [regress/unittests/sshkey/testdata/dsa_1.param.pub]     
 [regress/unittests/sshkey/testdata/dsa_1.pub]     
 [regress/unittests/sshkey/testdata/dsa_1_pw]     
 [regress/unittests/sshkey/testdata/dsa_2]     
 [regress/unittests/sshkey/testdata/dsa_2.fp]     
 [regress/unittests/sshkey/testdata/dsa_2.fp.bb]     
 [regress/unittests/sshkey/testdata/dsa_2.pub]     
 [regress/unittests/sshkey/testdata/dsa_n]     
 [regress/unittests/sshkey/testdata/dsa_n_pw]     
 [regress/unittests/sshkey/testdata/ecdsa_1]     
 [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]     
 [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]     
 [regress/unittests/sshkey/testdata/ecdsa_1.fp]     
 [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]     
 [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]     
 [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]     
 [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]     
 [regress/unittests/sshkey/testdata/ecdsa_1.pub]     
 [regress/unittests/sshkey/testdata/ecdsa_1_pw]     
 [regress/unittests/sshkey/testdata/ecdsa_2]     
 [regress/unittests/sshkey/testdata/ecdsa_2.fp]     
 [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]     
 [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]     
 [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]     
 [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]     
 [regress/unittests/sshkey/testdata/ecdsa_2.pub]     
 [regress/unittests/sshkey/testdata/ecdsa_n]     
 [regress/unittests/sshkey/testdata/ecdsa_n_pw]     
 [regress/unittests/sshkey/testdata/ed25519_1]     
 [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]     
 [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]     
 [regress/unittests/sshkey/testdata/ed25519_1.fp]     
 [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]     
 [regress/unittests/sshkey/testdata/ed25519_1.pub]     
 [regress/unittests/sshkey/testdata/ed25519_1_pw]     
 [regress/unittests/sshkey/testdata/ed25519_2]     
 [regress/unittests/sshkey/testdata/ed25519_2.fp]     
 [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]     
 [regress/unittests/sshkey/testdata/ed25519_2.pub]     
 [regress/unittests/sshkey/testdata/pw]     
 [regress/unittests/sshkey/testdata/rsa1_1]     
 [regress/unittests/sshkey/testdata/rsa1_1.fp]     
 [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]     
 [regress/unittests/sshkey/testdata/rsa1_1.param.n]     
 [regress/unittests/sshkey/testdata/rsa1_1.pub]     
 [regress/unittests/sshkey/testdata/rsa1_1_pw]     
 [regress/unittests/sshkey/testdata/rsa1_2]     
 [regress/unittests/sshkey/testdata/rsa1_2.fp]     
 [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]     
 [regress/unittests/sshkey/testdata/rsa1_2.param.n]     
 [regress/unittests/sshkey/testdata/rsa1_2.pub]     
 [regress/unittests/sshkey/testdata/rsa_1]     
 [regress/unittests/sshkey/testdata/rsa_1-cert.fp]     
 [regress/unittests/sshkey/testdata/rsa_1-cert.pub]     
 [regress/unittests/sshkey/testdata/rsa_1.fp]     
 [regress/unittests/sshkey/testdata/rsa_1.fp.bb]     
 [regress/unittests/sshkey/testdata/rsa_1.param.n]     
 [regress/unittests/sshkey/testdata/rsa_1.param.p]     
 [regress/unittests/sshkey/testdata/rsa_1.param.q]     
 [regress/unittests/sshkey/testdata/rsa_1.pub]     
 [regress/unittests/sshkey/testdata/rsa_1_pw]     
 [regress/unittests/sshkey/testdata/rsa_2]     
 [regress/unittests/sshkey/testdata/rsa_2.fp]     
 [regress/unittests/sshkey/testdata/rsa_2.fp.bb]     
 [regress/unittests/sshkey/testdata/rsa_2.param.n]     
 [regress/unittests/sshkey/testdata/rsa_2.param.p]     
 [regress/unittests/sshkey/testdata/rsa_2.param.q]     
 [regress/unittests/sshkey/testdata/rsa_2.pub]     
 [regress/unittests/sshkey/testdata/rsa_n]     
 [regress/unittests/sshkey/testdata/rsa_n_pw]      unit and fuzz tests for new
 key API

---
 regress/unittests/sshkey/test_file.c | 451 +++++++++++++++++++++++++++++++++++
 1 file changed, 451 insertions(+)
 create mode 100644 regress/unittests/sshkey/test_file.c

(limited to 'regress/unittests/sshkey/test_file.c')

diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
new file mode 100644
index 000000000..3c84f1561
--- /dev/null
+++ b/regress/unittests/sshkey/test_file.c
@@ -0,0 +1,451 @@
+/* 	$OpenBSD: test_file.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */
+/*
+ * Regress test for sshkey.h key management API
+ *
+ * Placed in the public domain
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/objects.h>
+
+#include "../test_helper/test_helper.h"
+
+#include "ssherr.h"
+#include "authfile.h"
+#include "sshkey.h"
+#include "sshbuf.h"
+
+#include "common.h"
+
+void sshkey_file_tests(void);
+
+void
+sshkey_file_tests(void)
+{
+	struct sshkey *k1, *k2;
+	struct sshbuf *buf, *pw;
+	BIGNUM *a, *b, *c;
+	char *cp;
+
+	TEST_START("load passphrase");
+	pw = load_text_file("pw");
+	TEST_DONE();
+
+	TEST_START("parse RSA1 from private");
+	buf = load_file("rsa1_1");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1",
+	    &k1, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k1, NULL);
+	a = load_bignum("rsa1_1.param.n");
+	ASSERT_BIGNUM_EQ(k1->rsa->n, a);
+	BN_free(a);
+	TEST_DONE();
+
+	TEST_START("parse RSA1 from private w/ passphrase");
+	buf = load_file("rsa1_1_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load RSA1 from public");
+	ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2,
+	    NULL), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("RSA1 key hex fingerprint");
+	buf = load_text_file("rsa1_1.fp");
+	cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	TEST_START("RSA1 key bubblebabble fingerprint");
+	buf = load_text_file("rsa1_1.fp.bb");
+	cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	sshkey_free(k1);
+
+	TEST_START("parse RSA from private");
+	buf = load_file("rsa_1");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1",
+	    &k1, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k1, NULL);
+	a = load_bignum("rsa_1.param.n");
+	b = load_bignum("rsa_1.param.p");
+	c = load_bignum("rsa_1.param.q");
+	ASSERT_BIGNUM_EQ(k1->rsa->n, a);
+	ASSERT_BIGNUM_EQ(k1->rsa->p, b);
+	ASSERT_BIGNUM_EQ(k1->rsa->q, c);
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	TEST_DONE();
+
+	TEST_START("parse RSA from private w/ passphrase");
+	buf = load_file("rsa_1_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("parse RSA from new-format");
+	buf = load_file("rsa_n");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    "", "rsa_n", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("parse RSA from new-format w/ passphrase");
+	buf = load_file("rsa_n_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load RSA from public");
+	ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
+	    NULL), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load RSA cert");
+	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
+	ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
+	TEST_DONE();
+
+	TEST_START("RSA key hex fingerprint");
+	buf = load_text_file("rsa_1.fp");
+	cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	TEST_START("RSA cert hex fingerprint");
+	buf = load_text_file("rsa_1-cert.fp");
+	cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("RSA key bubblebabble fingerprint");
+	buf = load_text_file("rsa_1.fp.bb");
+	cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	sshkey_free(k1);
+
+	TEST_START("parse DSA from private");
+	buf = load_file("dsa_1");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1",
+	    &k1, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k1, NULL);
+	a = load_bignum("dsa_1.param.g");
+	b = load_bignum("dsa_1.param.priv");
+	c = load_bignum("dsa_1.param.pub");
+	ASSERT_BIGNUM_EQ(k1->dsa->g, a);
+	ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
+	ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	TEST_DONE();
+
+	TEST_START("parse DSA from private w/ passphrase");
+	buf = load_file("dsa_1_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("parse DSA from new-format");
+	buf = load_file("dsa_n");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    "", "dsa_n", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("parse DSA from new-format w/ passphrase");
+	buf = load_file("dsa_n_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load DSA from public");
+	ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2,
+	    NULL), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load DSA cert");
+	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(k2->type, KEY_DSA_CERT);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
+	ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
+	TEST_DONE();
+
+	TEST_START("DSA key hex fingerprint");
+	buf = load_text_file("dsa_1.fp");
+	cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	TEST_START("DSA cert hex fingerprint");
+	buf = load_text_file("dsa_1-cert.fp");
+	cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("DSA key bubblebabble fingerprint");
+	buf = load_text_file("dsa_1.fp.bb");
+	cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	sshkey_free(k1);
+
+	TEST_START("parse ECDSA from private");
+	buf = load_file("ecdsa_1");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1",
+	    &k1, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k1, NULL);
+	buf = load_text_file("ecdsa_1.param.curve");
+	ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf),
+	    OBJ_nid2sn(k1->ecdsa_nid));
+	sshbuf_free(buf);
+	a = load_bignum("ecdsa_1.param.priv");
+	b = load_bignum("ecdsa_1.param.pub");
+	c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa),
+	    EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED,
+	    NULL, NULL);
+	ASSERT_PTR_NE(c, NULL);
+	ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a);
+	ASSERT_BIGNUM_EQ(b, c);
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	TEST_DONE();
+
+	TEST_START("parse ECDSA from private w/ passphrase");
+	buf = load_file("ecdsa_1_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("parse ECDSA from new-format");
+	buf = load_file("ecdsa_n");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    "", "ecdsa_n", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("parse ECDSA from new-format w/ passphrase");
+	buf = load_file("ecdsa_n_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load ECDSA from public");
+	ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2,
+	    NULL), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load ECDSA cert");
+	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
+	ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
+	TEST_DONE();
+
+	TEST_START("ECDSA key hex fingerprint");
+	buf = load_text_file("ecdsa_1.fp");
+	cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	TEST_START("ECDSA cert hex fingerprint");
+	buf = load_text_file("ecdsa_1-cert.fp");
+	cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("ECDSA key bubblebabble fingerprint");
+	buf = load_text_file("ecdsa_1.fp.bb");
+	cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	sshkey_free(k1);
+
+	TEST_START("parse Ed25519 from private");
+	buf = load_file("ed25519_1");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1",
+	    &k1, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k1, NULL);
+	ASSERT_INT_EQ(k1->type, KEY_ED25519);
+	/* XXX check key contents */
+	TEST_DONE();
+
+	TEST_START("parse Ed25519 from private w/ passphrase");
+	buf = load_file("ed25519_1_pw");
+	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
+	    (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0);
+	sshbuf_free(buf);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load Ed25519 from public");
+	ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2,
+	    NULL), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("load Ed25519 cert");
+	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0);
+	ASSERT_PTR_NE(k2, NULL);
+	ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT);
+	ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
+	ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
+	TEST_DONE();
+
+	TEST_START("Ed25519 key hex fingerprint");
+	buf = load_text_file("ed25519_1.fp");
+	cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	TEST_START("Ed25519 cert hex fingerprint");
+	buf = load_text_file("ed25519_1-cert.fp");
+	cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	sshkey_free(k2);
+	TEST_DONE();
+
+	TEST_START("Ed25519 key bubblebabble fingerprint");
+	buf = load_text_file("ed25519_1.fp.bb");
+	cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE);
+	ASSERT_PTR_NE(cp, NULL);
+	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
+	sshbuf_free(buf);
+	free(cp);
+	TEST_DONE();
+
+	sshkey_free(k1);
+
+	sshbuf_free(pw);
+
+}
-- 
cgit v1.2.3