pkd: Run tests with ecdsa and ed25519 keys with dropbear

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

tests/pkd/pkd_hello.c

@@ -592,9 +592,21 @@ PKDTESTS_MAC_OPENSSHONLY(emit_keytest, openssh_ed, OPENSSH_MAC_CMD)
 #undef CLIENT_ID_FILE
 
 #define CLIENT_ID_FILE DROPBEAR_RSA_TESTKEY
-PKDTESTS_DEFAULT(emit_keytest, dropbear, DROPBEAR_CMD)
+PKDTESTS_DEFAULT(emit_keytest, dropbear_rsa, DROPBEAR_CMD)
-PKDTESTS_CIPHER(emit_keytest, dropbear, DROPBEAR_CIPHER_CMD)
+PKDTESTS_CIPHER(emit_keytest, dropbear_rsa, DROPBEAR_CIPHER_CMD)
-PKDTESTS_MAC(emit_keytest, dropbear, DROPBEAR_MAC_CMD)
+PKDTESTS_MAC(emit_keytest, dropbear_rsa, DROPBEAR_MAC_CMD)
+#undef CLIENT_ID_FILE
+
+#define CLIENT_ID_FILE DROPBEAR_ECDSA256_TESTKEY
+PKDTESTS_DEFAULT(emit_keytest, dropbear_e256, DROPBEAR_CMD)
+PKDTESTS_CIPHER(emit_keytest, dropbear_e256, DROPBEAR_CIPHER_CMD)
+PKDTESTS_MAC(emit_keytest, dropbear_e256, DROPBEAR_MAC_CMD)
+#undef CLIENT_ID_FILE
+
+#define CLIENT_ID_FILE DROPBEAR_ED25519_TESTKEY
+PKDTESTS_DEFAULT(emit_keytest, dropbear_ed, DROPBEAR_CMD)
+PKDTESTS_CIPHER(emit_keytest, dropbear_ed, DROPBEAR_CIPHER_CMD)
+PKDTESTS_MAC(emit_keytest, dropbear_ed, DROPBEAR_MAC_CMD)
 #undef CLIENT_ID_FILE
 
 /*
@@ -648,9 +660,17 @@ struct {
     PKDTESTS_MAC_OPENSSHONLY(emit_testmap, openssh_ed, OPENSSH_MAC_CMD)
 
     /* Dropbear */
-    PKDTESTS_DEFAULT(emit_testmap, dropbear, DROPBEAR_CMD)
+    PKDTESTS_DEFAULT(emit_testmap, dropbear_rsa, DROPBEAR_CMD)
-    PKDTESTS_CIPHER(emit_testmap, dropbear, DROPBEAR_CIPHER_CMD)
+    PKDTESTS_CIPHER(emit_testmap, dropbear_rsa, DROPBEAR_CIPHER_CMD)
-    PKDTESTS_MAC(emit_testmap, dropbear, DROPBEAR_MAC_CMD)
+    PKDTESTS_MAC(emit_testmap, dropbear_rsa, DROPBEAR_MAC_CMD)
+
+    PKDTESTS_DEFAULT(emit_testmap, dropbear_e256, DROPBEAR_CMD)
+    PKDTESTS_CIPHER(emit_testmap, dropbear_e256, DROPBEAR_CIPHER_CMD)
+    PKDTESTS_MAC(emit_testmap, dropbear_e256, DROPBEAR_MAC_CMD)
+
+    PKDTESTS_DEFAULT(emit_testmap, dropbear_ed, DROPBEAR_CMD)
+    PKDTESTS_CIPHER(emit_testmap, dropbear_ed, DROPBEAR_CIPHER_CMD)
+    PKDTESTS_MAC(emit_testmap, dropbear_ed, DROPBEAR_MAC_CMD)
 
     /* Noop */
     emit_testmap(client, noop, "", setup_noop, teardown)
@@ -701,9 +721,17 @@ static int pkd_run_tests(void) {
      * through cli (see 'man dbclient')
      */
     const struct CMUnitTest dropbear_tests[] = {
-        PKDTESTS_DEFAULT(emit_unit_test_comma, dropbear, DROPBEAR_CMD)
+        PKDTESTS_DEFAULT(emit_unit_test_comma, dropbear_rsa, DROPBEAR_CMD)
-        PKDTESTS_CIPHER(emit_unit_test_comma, dropbear, DROPBEAR_CIPHER_CMD)
+        PKDTESTS_CIPHER(emit_unit_test_comma, dropbear_rsa, DROPBEAR_CIPHER_CMD)
-        PKDTESTS_MAC(emit_unit_test_comma, dropbear, DROPBEAR_MAC_CMD)
+        PKDTESTS_MAC(emit_unit_test_comma, dropbear_rsa, DROPBEAR_MAC_CMD)
+
+        PKDTESTS_DEFAULT(emit_unit_test_comma, dropbear_e256, DROPBEAR_CMD)
+        PKDTESTS_CIPHER(emit_unit_test_comma, dropbear_e256, DROPBEAR_CIPHER_CMD)
+        PKDTESTS_MAC(emit_unit_test_comma, dropbear_e256, DROPBEAR_MAC_CMD)
+
+        PKDTESTS_DEFAULT(emit_unit_test_comma, dropbear_ed, DROPBEAR_CMD)
+        PKDTESTS_CIPHER(emit_unit_test_comma, dropbear_ed, DROPBEAR_CIPHER_CMD)
+        PKDTESTS_MAC(emit_unit_test_comma, dropbear_ed, DROPBEAR_MAC_CMD)
     };
 
     const struct CMUnitTest openssh_fips_tests[] = {
@@ -748,7 +776,7 @@ static int pkd_run_tests(void) {
     }
 
     if (is_dropbear_client_enabled()) {
-        setup_dropbear_client_rsa_key();
+        setup_dropbear_client_keys();
         if (!ssh_fips_mode()) {
             memcpy(&all_tests[tindex], &dropbear_tests[0], sizeof(dropbear_tests));
             tindex += (sizeof(dropbear_tests) / sizeof(dropbear_tests[0]));
@@ -800,7 +828,7 @@ static int pkd_run_tests(void) {
 
     /* Clean up client keys for each enabled client. */
     if (is_dropbear_client_enabled()) {
-        cleanup_dropbear_client_rsa_key();
+        cleanup_dropbear_client_keys();
     }
 
     if (is_openssh_client_enabled()) {

tests/pkd/pkd_keyutil.c

@@ -167,15 +167,31 @@ void cleanup_openssh_client_keys(void) {
     }
 }
 
-void setup_dropbear_client_rsa_key(void) {
+void setup_dropbear_client_keys(void)
+{
     int rc = 0;
     if (access(DROPBEAR_RSA_TESTKEY, F_OK) != 0) {
         rc = system_checked(DROPBEAR_KEYGEN " -t rsa -f "
                             DROPBEAR_RSA_TESTKEY " 1>/dev/null 2>/dev/null");
     }
     assert_int_equal(rc, 0);
+    if (access(DROPBEAR_ECDSA256_TESTKEY, F_OK) != 0) {
+        rc = system_checked(DROPBEAR_KEYGEN " -t ecdsa -f "
+                            DROPBEAR_ECDSA256_TESTKEY
+                            " 1>/dev/null 2>/dev/null");
+    }
+    assert_int_equal(rc, 0);
+    if (access(DROPBEAR_ED25519_TESTKEY, F_OK) != 0) {
+        rc = system_checked(DROPBEAR_KEYGEN " -t ed25519 -f "
+                            DROPBEAR_ED25519_TESTKEY
+                            " 1>/dev/null 2>/dev/null");
+    }
+    assert_int_equal(rc, 0);
 }
 
-void cleanup_dropbear_client_rsa_key(void) {
+void cleanup_dropbear_client_keys(void)
-    unlink(DROPBEAR_RSA_TESTKEY);
+{
+    cleanup_key(DROPBEAR_RSA_TESTKEY);
+    cleanup_key(DROPBEAR_ECDSA256_TESTKEY);
+    cleanup_key(DROPBEAR_ED25519_TESTKEY);
 }

tests/pkd/pkd_keyutil.h

@@ -32,12 +32,14 @@ void cleanup_ecdsa_keys(void);
 #define OPENSSH_CA_TESTKEY        "libssh_testkey.ca"
 
 #define DROPBEAR_RSA_TESTKEY      "dropbear_testkey.id_rsa"
+#define DROPBEAR_ECDSA256_TESTKEY "dropbear_testkey.id_ecdsa256"
+#define DROPBEAR_ED25519_TESTKEY  "dropbear_testkey.id_ed25519"
 
 void setup_openssh_client_keys(void);
 void cleanup_openssh_client_keys(void);
 
-void setup_dropbear_client_rsa_key(void);
+void setup_dropbear_client_keys(void);
-void cleanup_dropbear_client_rsa_key(void);
+void cleanup_dropbear_client_keys(void);
 
 #define cleanup_file(name) do {\
     if (access((name), F_OK) != -1) {\