shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 02:39:48 +09:00
Code Issues Packages Projects Releases Wiki Activity

pki: Remove unused function pki_signature_verify()

Browse Source 
This removes unused function pki_signature_verify()
from pki_{crypto, mbedcrypto, gcrypt}.  The function was also removed
from include/libssh/pki_priv.h.  The function ssh_pki_signature_verify()
was changed to receive a const unsigned char *input.

All tests calling pki_signature_verify() were changed to call
ssh_pki_signature_verify() instead.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 55cd04fbee)
This commit is contained in:
Anderson Toshiyuki Sasaki
2019-08-23 13:30:46 +02:00
parent c60ac3fe02
commit b56ffd8424
12 changed files with 35 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/unittests/torture_pki.c
View File

@@ -331,7 +331,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_int_equal(import_sig->type, key->type);
assert_string_equal(import_sig->type_c, skey_attrs.sig_type_c);
rc = pki_signature_verify(session,
rc = ssh_pki_signature_verify(session,
import_sig,
pubkey,
INPUT,
@@ -374,7 +374,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_non_null(verify_pubkey);
/* Should gracefully fail, but not crash */
rc = pki_signature_verify(session,
rc = ssh_pki_signature_verify(session,
sign,
verify_pubkey,
INPUT,
@@ -382,7 +382,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_true(rc != SSH_OK);
/* Try the same with the imported signature */
rc = pki_signature_verify(session,
rc = ssh_pki_signature_verify(session,
import_sig,
verify_pubkey,
INPUT,
@@ -401,7 +401,7 @@ static void torture_pki_verify_mismatch(void **state)
assert_string_equal(new_sig->type_c, skey_attrs.sig_type_c);
/* The verification should not work */
rc = pki_signature_verify(session,
rc = ssh_pki_signature_verify(session,
new_sig,
verify_pubkey,
INPUT,

8
tests/unittests/torture_pki_dsa.c
View File

@@ -809,7 +809,7 @@ static void torture_pki_dsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -823,7 +823,7 @@ static void torture_pki_dsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -837,7 +837,7 @@ static void torture_pki_dsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -868,7 +868,7 @@ static void torture_pki_dsa_cert_verify(void **state)
sign = pki_do_sign(privkey, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(privkey);

14
tests/unittests/torture_pki_ecdsa.c
View File

@@ -546,7 +546,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P256);
@@ -568,7 +568,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P256);
@@ -589,7 +589,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA384);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P384);
@@ -611,7 +611,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA384);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P384);
@@ -632,7 +632,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA512);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P521);
@@ -654,7 +654,7 @@ static void torture_pki_generate_key_ecdsa(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA512);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ECDSA_P521);
@@ -696,7 +696,7 @@ static void torture_pki_ecdsa_cert_verify(void **state)
sign = pki_do_sign(privkey, INPUT, sizeof(INPUT), hash_type);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(privkey);

12
tests/unittests/torture_pki_ed25519.c
View File

@@ -440,7 +440,7 @@ static void torture_pki_ed25519_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, HASH, 20, SSH_DIGEST_AUTO);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, HASH, 20);
rc = ssh_pki_signature_verify(session, sign, pubkey, HASH, 20);
assert_true(rc == SSH_OK);
type = ssh_key_type(key);
assert_true(type == SSH_KEYTYPE_ED25519);
@@ -455,7 +455,7 @@ static void torture_pki_ed25519_generate_key(void **state)
#endif
assert_non_null(raw_sig_data);
(raw_sig_data)[3]^= 0xff;
rc = pki_signature_verify(session, sign, pubkey, HASH, 20);
rc = ssh_pki_signature_verify(session, sign, pubkey, HASH, 20);
assert_true(rc == SSH_ERROR);
ssh_signature_free(sign);
@@ -494,7 +494,7 @@ static void torture_pki_ed25519_cert_verify(void **state)
sign = pki_do_sign(privkey, HASH, 20, SSH_DIGEST_AUTO);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, cert, HASH, 20);
rc = ssh_pki_signature_verify(session, sign, cert, HASH, 20);
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(privkey);
@@ -683,7 +683,7 @@ static void torture_pki_ed25519_verify(void **state){
sig = pki_signature_from_blob(pubkey, blob, SSH_KEYTYPE_ED25519, SSH_DIGEST_AUTO);
assert_non_null(sig);
rc = pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
rc = ssh_pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
assert_true(rc == SSH_OK);
/* Alter signature and expect verification error */
@@ -694,7 +694,7 @@ static void torture_pki_ed25519_verify(void **state){
#endif
assert_non_null(raw_sig_data);
(raw_sig_data)[3]^= 0xff;
rc = pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
rc = ssh_pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
assert_true(rc == SSH_ERROR);
ssh_signature_free(sig);
@@ -741,7 +741,7 @@ static void torture_pki_ed25519_verify_bad(void **state){
sig = pki_signature_from_blob(pubkey, blob, SSH_KEYTYPE_ED25519, SSH_DIGEST_AUTO);
assert_non_null(sig);
rc = pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
rc = ssh_pki_signature_verify(session, sig, pubkey, HASH, sizeof(HASH));
assert_true(rc == SSH_ERROR);
ssh_signature_free(sig);

18
tests/unittests/torture_pki_rsa.c
View File

@@ -553,7 +553,7 @@ static void torture_pki_rsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -570,7 +570,7 @@ static void torture_pki_rsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -586,7 +586,7 @@ static void torture_pki_rsa_generate_key(void **state)
assert_non_null(pubkey);
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_true(rc == SSH_OK);
ssh_signature_free(sign);
SSH_KEY_FREE(key);
@@ -625,9 +625,9 @@ static void torture_pki_rsa_sha2(void **state)
/* Sign using old SHA1 digest */
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA1);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
}
@@ -635,18 +635,18 @@ static void torture_pki_rsa_sha2(void **state)
/* Sign using new SHA256 digest */
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
/* Sign using rsa-sha2-512 algorithm */
sign = pki_do_sign(key, INPUT, sizeof(INPUT), SSH_DIGEST_SHA512);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, pubkey, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
rc = pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
rc = ssh_pki_signature_verify(session, sign, cert, INPUT, sizeof(INPUT));
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);

6
tests/unittests/torture_threads_pki_rsa.c
View File

@@ -583,7 +583,7 @@ static void *thread_pki_rsa_generate_key(void *threadid)
sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
rc = ssh_pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
@@ -602,7 +602,7 @@ static void *thread_pki_rsa_generate_key(void *threadid)
sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
rc = ssh_pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
assert_ssh_return_code(session, rc);
ssh_signature_free(sign);
@@ -620,7 +620,7 @@ static void *thread_pki_rsa_generate_key(void *threadid)
sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
assert_non_null(sign);
rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
rc = ssh_pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
assert_true(rc == SSH_OK);
ssh_signature_free(sign);