shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 12:20:42 +09:00
Code Issues Packages Projects Releases Wiki Activity

tests: Verify the keys loaded from new OpenSSH format

Browse Source 
This runs the same test that are ran on the legacy PEM files
also with the new OpenSSH key files.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit eaaa4131de)
This commit is contained in:
Jakub Jelen
2018-09-06 17:58:04 +02:00
committed by Andreas Schneider
parent 91d8f1a256
commit 7e25963130
3 changed files with 224 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
tests/unittests/torture_pki_dsa.c
View File

@@ -28,7 +28,28 @@ static int setup_dsa_key(void **state)
torture_write_file(LIBSSH_DSA_TESTKEY,
torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
torture_write_file(LIBSSH_DSA_TESTKEY_PASSPHRASE,
torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1));
torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0));
return 0;
}
static int setup_openssh_dsa_key(void **state)
{
(void) state; /* unused */
unlink(LIBSSH_DSA_TESTKEY);
unlink(LIBSSH_DSA_TESTKEY_PASSPHRASE);
unlink(LIBSSH_DSA_TESTKEY ".pub");
unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
torture_write_file(LIBSSH_DSA_TESTKEY,
torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0, 0));
torture_write_file(LIBSSH_DSA_TESTKEY_PASSPHRASE,
torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0, 1));
torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
@@ -217,6 +238,79 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
#endif /* HAVE_LIBCRYPTO */
}
static void
torture_pki_dsa_import_openssh_privkey_base64_passphrase(void **state)
{
int rc;
ssh_key key = NULL;
const char *passphrase = torture_get_testkey_passphrase();
const char *keystring = NULL;
(void) state; /* unused */
keystring = torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0, 1);
assert_true(keystring != NULL);
rc = ssh_pki_import_privkey_base64(keystring,
passphrase,
NULL,
NULL,
&key);
assert_return_code(rc, errno);
rc = ssh_key_is_private(key);
assert_true(rc == 1);
ssh_key_free(key);
key = NULL;
/* test if it returns -1 if passphrase is wrong */
rc = ssh_pki_import_privkey_base64(keystring,
"wrong passphrase !!",
NULL,
NULL,
&key);
assert_true(rc == -1);
/* test if it returns -1 if passphrase is NULL */
rc = ssh_pki_import_privkey_base64(keystring,
NULL,
NULL,
NULL,
&key);
assert_true(rc == -1);
rc = ssh_pki_import_privkey_base64(keystring,
passphrase,
NULL,
NULL,
&key);
assert_return_code(rc, errno);
rc = ssh_key_is_private(key);
assert_true(rc == 1);
ssh_key_free(key);
key = NULL;
/* test if it returns -1 if passphrase is wrong */
rc = ssh_pki_import_privkey_base64(keystring,
"wrong passphrase !!",
NULL,
NULL,
&key);
assert_true(rc == -1);
/* test if it returns -1 if passphrase is NULL */
rc = ssh_pki_import_privkey_base64(keystring,
NULL,
NULL,
NULL,
&key);
assert_true(rc == -1);
}
static void torture_pki_dsa_publickey_from_privatekey(void **state)
{
int rc;
@@ -451,6 +545,9 @@ int torture_run_tests(void)
cmocka_unit_test_setup_teardown(torture_pki_dsa_import_privkey_base64,
setup_dsa_key,
teardown_dsa_key),
cmocka_unit_test_setup_teardown(torture_pki_dsa_import_privkey_base64,
setup_openssh_dsa_key,
teardown_dsa_key),
cmocka_unit_test_setup_teardown(torture_pki_dsa_publickey_from_privatekey,
setup_dsa_key,
teardown_dsa_key),
@@ -463,6 +560,7 @@ int torture_run_tests(void)
teardown_dsa_key),
#endif
cmocka_unit_test(torture_pki_dsa_import_privkey_base64_passphrase),
cmocka_unit_test(torture_pki_dsa_import_openssh_privkey_base64_passphrase),
/* public key */
cmocka_unit_test_setup_teardown(torture_pki_dsa_publickey_base64,

55
tests/unittests/torture_pki_ecdsa.c
View File

@@ -26,7 +26,30 @@ static int setup_ecdsa_key(void **state, int ecdsa_bits)
torture_write_file(LIBSSH_ECDSA_TESTKEY,
torture_get_testkey(SSH_KEYTYPE_ECDSA, ecdsa_bits, 0));
torture_write_file(LIBSSH_ECDSA_TESTKEY_PASSPHRASE,
torture_get_testkey(SSH_KEYTYPE_ECDSA, ecdsa_bits, 0));
torture_get_testkey(SSH_KEYTYPE_ECDSA, ecdsa_bits, 1));
torture_write_file(LIBSSH_ECDSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_ECDSA, ecdsa_bits));
return 0;
}
static int setup_openssh_ecdsa_key(void **state, int ecdsa_bits)
{
const char *keystring = NULL;
(void) state; /* unused */
unlink(LIBSSH_ECDSA_TESTKEY);
unlink(LIBSSH_ECDSA_TESTKEY_PASSPHRASE);
unlink(LIBSSH_ECDSA_TESTKEY ".pub");
keystring = torture_get_openssh_testkey(SSH_KEYTYPE_ECDSA, ecdsa_bits, 0);
torture_write_file(LIBSSH_ECDSA_TESTKEY,
keystring);
keystring = torture_get_openssh_testkey(SSH_KEYTYPE_ECDSA, ecdsa_bits, 1);
torture_write_file(LIBSSH_ECDSA_TESTKEY_PASSPHRASE,
keystring);
torture_write_file(LIBSSH_ECDSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_ECDSA, ecdsa_bits));
@@ -54,6 +77,27 @@ static int setup_ecdsa_key_256(void **state)
return 0;
}
static int setup_openssh_ecdsa_key_521(void **state)
{
setup_openssh_ecdsa_key(state, 521);
return 0;
}
static int setup_openssh_ecdsa_key_384(void **state)
{
setup_openssh_ecdsa_key(state, 384);
return 0;
}
static int setup_openssh_ecdsa_key_256(void **state)
{
setup_openssh_ecdsa_key(state, 256);
return 0;
}
static int teardown(void **state)
{
(void) state; /* unused */
@@ -461,6 +505,15 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_import_privkey_base64,
setup_ecdsa_key_521,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_import_privkey_base64,
setup_openssh_ecdsa_key_256,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_import_privkey_base64,
setup_openssh_ecdsa_key_384,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_import_privkey_base64,
setup_openssh_ecdsa_key_521,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_publickey_from_privatekey,
setup_ecdsa_key_256,
teardown),

71
tests/unittests/torture_pki_rsa.c
View File

@@ -34,6 +34,25 @@ static int setup_rsa_key(void **state)
torture_get_testkey(SSH_KEYTYPE_RSA, 0, 1));
torture_write_file(LIBSSH_RSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_RSA, 0));
torture_write_file(LIBSSH_RSA_TESTKEY "-cert.pub",
torture_get_testkey_pub(SSH_KEYTYPE_RSA_CERT01, 0));
return 0;
}
static int setup_rsa_openssh_key(void **state)
{
(void) state; /* unused */
unlink(LIBSSH_RSA_TESTKEY);
unlink(LIBSSH_RSA_TESTKEY_PASSPHRASE);
unlink(LIBSSH_RSA_TESTKEY ".pub");
unlink(LIBSSH_RSA_TESTKEY "-cert.pub");
torture_write_file(LIBSSH_RSA_TESTKEY,
torture_get_openssh_testkey(SSH_KEYTYPE_RSA, 0, 0));
torture_write_file(LIBSSH_RSA_TESTKEY_PASSPHRASE,
torture_get_openssh_testkey(SSH_KEYTYPE_RSA, 0, 1));
torture_write_file(LIBSSH_RSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_RSA, 0));
torture_write_file(LIBSSH_RSA_TESTKEY "-cert.pub",
@@ -568,6 +587,54 @@ static void torture_pki_rsa_import_privkey_base64_passphrase(void **state)
#endif
}
static void
torture_pki_rsa_import_openssh_privkey_base64_passphrase(void **state)
{
int rc;
ssh_key key = NULL;
const char *passphrase = torture_get_testkey_passphrase();
const char *keystring = NULL;
(void) state; /* unused */
keystring = torture_get_openssh_testkey(SSH_KEYTYPE_RSA, 0, 1);
assert_true(keystring != NULL);
rc = ssh_pki_import_privkey_base64(keystring,
passphrase,
NULL,
NULL,
&key);
assert_return_code(rc, errno);
rc = ssh_key_is_private(key);
assert_true(rc == 1);
ssh_key_free(key);
key = NULL;
/* test if it returns -1 if passphrase is wrong */
rc = ssh_pki_import_privkey_base64(keystring,
"wrong passphrase !!",
NULL,
NULL,
&key);
assert_true(rc == -1);
ssh_key_free(key);
key = NULL;
/* test if it returns -1 if passphrase is NULL */
/* libcrypto asks for a passphrase, so skip this test */
rc = ssh_pki_import_privkey_base64(keystring,
NULL,
NULL,
NULL,
&key);
assert_true(rc == -1);
ssh_key_free(key);
key = NULL;
}
int torture_run_tests(void) {
int rc;
struct CMUnitTest tests[] = {
@@ -583,10 +650,14 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64,
setup_rsa_key,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64,
setup_rsa_openssh_key,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_rsa_publickey_from_privatekey,
setup_rsa_key,
teardown),
cmocka_unit_test(torture_pki_rsa_import_privkey_base64_passphrase),
cmocka_unit_test(torture_pki_rsa_import_openssh_privkey_base64_passphrase),
cmocka_unit_test_setup_teardown(torture_pki_rsa_copy_cert_to_privkey,
setup_rsa_key,
teardown),