libssh: deprecate SSH_KEYTYPE_ECDSA

This type is imprecise. We often need the ecdsa_nid in addition to the key type in order to do anything. We replace this singluar ECDSA type with one type per curve. Signed-off-by: Ben Toews <mastahyeti@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2026-02-10 10:26:47 +09:00 · 2019-03-12 10:25:49 -06:00
parent 78f764b7c9
commit b1f3cfec34
29 changed files with 546 additions and 359 deletions
--- a/tests/unittests/torture_pki_dsa.c
+++ b/tests/unittests/torture_pki_dsa.c
@@ -49,13 +49,13 @@ static int setup_dsa_key(void **state)
    printf("Changed directory to: %s\n", tmp_dir);

    torture_write_file(LIBSSH_DSA_TESTKEY,
-                       torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
+                       torture_get_testkey(SSH_KEYTYPE_DSS, 0));
    torture_write_file(LIBSSH_DSA_TESTKEY_PASSPHRASE,
-                       torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1));
+                       torture_get_testkey(SSH_KEYTYPE_DSS, 1));
    torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
-                       torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+                       torture_get_testkey_pub(SSH_KEYTYPE_DSS));
    torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
-                       torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0));
+                       torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01));

    return 0;
 }
@@ -85,13 +85,13 @@ static int setup_openssh_dsa_key(void **state)
    assert_int_equal(rc, 0);

    torture_write_file(LIBSSH_DSA_TESTKEY,
-                       torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0, 0));
+                       torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0));
    torture_write_file(LIBSSH_DSA_TESTKEY_PASSPHRASE,
-                       torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0, 1));
+                       torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 1));
    torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
-                       torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+                       torture_get_testkey_pub(SSH_KEYTYPE_DSS));
    torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
-                       torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0));
+                       torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01));

    return 0;
 }
@@ -158,7 +158,7 @@ static void torture_pki_dsa_import_privkey_base64(void **state)

    (void) state; /* unused */

-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0),
                                       passphrase,
                                       NULL,
                                       NULL,
@@ -258,7 +258,7 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)

    (void) state; /* unused */

-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 1),
                                       passphrase,
                                       NULL,
                                       NULL,
@@ -272,7 +272,7 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
    SSH_KEY_FREE(key);

    /* test if it returns -1 if passphrase is wrong */
-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 1),
                                       "wrong passphrase !!",
                                       NULL,
                                       NULL,
@@ -283,7 +283,7 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
    /* test if it returns -1 if passphrase is NULL */
    /* libcrypto asks for a passphrase, so skip this test */
 #ifndef HAVE_LIBCRYPTO
-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 1),
                                       NULL,
                                       NULL,
                                       NULL,
@@ -292,7 +292,7 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
    assert_null(key);
 #endif

-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 1),
                                       passphrase,
                                       NULL,
                                       NULL,
@@ -306,7 +306,7 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
    SSH_KEY_FREE(key);

    /* test if it returns -1 if passphrase is wrong */
-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 1),
                                       "wrong passphrase !!",
                                       NULL,
                                       NULL,
@@ -320,7 +320,7 @@ static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
 #ifndef HAVE_LIBCRYPTO
    /* test if it returns -1 if passphrase is NULL */
    /* libcrypto asks for a passphrase, so skip this test */
-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 1),
                                       NULL,
                                       NULL,
                                       NULL,
@@ -343,7 +343,7 @@ torture_pki_dsa_import_openssh_privkey_base64_passphrase(void **state)

    (void) state; /* unused */

-    keystring = torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 0, 1);
+    keystring = torture_get_openssh_testkey(SSH_KEYTYPE_DSS, 1);
    assert_non_null(keystring);

    rc = ssh_pki_import_privkey_base64(keystring,
@@ -424,7 +424,7 @@ static void torture_pki_dsa_publickey_from_privatekey(void **state)

    (void) state; /* unused */

-    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0),
+    rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0),
                                       passphrase,
                                       NULL,
                                       NULL,
@@ -476,7 +476,7 @@ static void torture_pki_dsa_publickey_base64(void **state)

    (void) state; /* unused */

-    key_buf = strdup(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+    key_buf = strdup(torture_get_testkey_pub(SSH_KEYTYPE_DSS));
    assert_non_null(key_buf);

    keylen = strlen(key_buf);
@@ -550,8 +550,8 @@ static void torture_pki_dsa_generate_pubkey_from_privkey(void **state)
                               sizeof(pubkey_generated));
    assert_true(rc == 0);

-    len = torture_pubkey_len(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
-    assert_memory_equal(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0),
+    len = torture_pubkey_len(torture_get_testkey_pub(SSH_KEYTYPE_DSS));
+    assert_memory_equal(torture_get_testkey_pub(SSH_KEYTYPE_DSS),
                        pubkey_generated,
                        len);