aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2018-01-08 21:49:49 +0100
committerAndreas Schneider <asn@cryptomilk.org>2018-01-10 22:27:52 +0100
commit59308bc269c92cded590bdda1d9dc997a409275f (patch)
treefe6491974805d29975904c81728caa083390a6e5
parentfd2ef07f372819e4eccbd85b7a0388c9c41eb31d (diff)
downloadlibssh-59308bc269c92cded590bdda1d9dc997a409275f.tar.gz
libssh-59308bc269c92cded590bdda1d9dc997a409275f.tar.xz
libssh-59308bc269c92cded590bdda1d9dc997a409275f.zip
tests: Move dsa tests to own test file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--tests/unittests/CMakeLists.txt4
-rw-r--r--tests/unittests/torture_pki.c391
-rw-r--r--tests/unittests/torture_pki_dsa.c431
3 files changed, 439 insertions, 387 deletions
diff --git a/tests/unittests/CMakeLists.txt b/tests/unittests/CMakeLists.txt
index e1351574..e9639474 100644
--- a/tests/unittests/CMakeLists.txt
+++ b/tests/unittests/CMakeLists.txt
@@ -16,6 +16,10 @@ if (UNIX AND NOT WIN32)
# requires ssh-keygen
add_cmocka_test(torture_keyfiles torture_keyfiles.c ${TORTURE_LIBRARY})
add_cmocka_test(torture_pki torture_pki.c ${TORTURE_LIBRARY})
+
+ if (HAVE_DSA)
+ add_cmocka_test(torture_pki_dsa torture_pki_dsa.c ${TORTURE_LIBRARY})
+ endif()
# requires /dev/null
add_cmocka_test(torture_channel torture_channel.c ${TORTURE_LIBRARY})
# requires pthread
diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c
index 350c6b09..c2850772 100644
--- a/tests/unittests/torture_pki.c
+++ b/tests/unittests/torture_pki.c
@@ -2,16 +2,14 @@
#define LIBSSH_STATIC
+#include <sys/stat.h>
+#include <fcntl.h>
+
#include "torture.h"
#include "torture_pki.h"
#include "pki.c"
-#include <sys/stat.h>
-#include <fcntl.h>
#define LIBSSH_RSA_TESTKEY "libssh_testkey.id_rsa"
-#ifdef HAVE_DSA
-#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa"
-#endif
#define LIBSSH_ECDSA_TESTKEY "libssh_testkey.id_ecdsa"
#define LIBSSH_ED25519_TESTKEY "libssh_testkey.id_ed25519"
@@ -35,25 +33,6 @@ static int setup_rsa_key(void **state)
return 0;
}
-#ifdef HAVE_DSA
-static int setup_dsa_key(void **state) {
- (void) state; /* unused */
-
- unlink(LIBSSH_DSA_TESTKEY);
- unlink(LIBSSH_DSA_TESTKEY ".pub");
- unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
-
- torture_write_file(LIBSSH_DSA_TESTKEY,
- torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
- torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
- torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
- torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
- torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0));
-
- return 0;
-}
-#endif
-
#ifdef HAVE_ECC
static int setup_ecdsa_key(void **state, int ecdsa_bits) {
@@ -108,9 +87,6 @@ static int setup_both_keys(void **state) {
(void) state; /* unused */
setup_rsa_key(state);
-#ifdef HAVE_DSA
- setup_dsa_key(state);
-#endif
return 0;
}
@@ -118,12 +94,6 @@ static int setup_both_keys(void **state) {
static int teardown(void **state) {
(void) state; /* unused */
-#ifdef HAVE_DSA
- unlink(LIBSSH_DSA_TESTKEY);
- unlink(LIBSSH_DSA_TESTKEY ".pub");
- unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
-#endif
-
unlink(LIBSSH_RSA_TESTKEY);
unlink(LIBSSH_RSA_TESTKEY ".pub");
unlink(LIBSSH_RSA_TESTKEY "-cert.pub");
@@ -226,25 +196,6 @@ static void torture_pki_import_privkey_base64_NULL_str(void **state) {
ssh_key_free(key);
}
-#ifdef HAVE_DSA
-static void torture_pki_import_privkey_base64_DSA(void **state) {
- int rc;
- ssh_key key;
- const char *passphrase = torture_get_testkey_passphrase();
-
- (void) state; /* unused */
-
- rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0),
- passphrase,
- NULL,
- NULL,
- &key);
- assert_true(rc == 0);
-
- ssh_key_free(key);
-}
-#endif
-
#ifdef HAVE_ECC
static void torture_pki_import_privkey_base64_ECDSA(void **state) {
int rc;
@@ -311,42 +262,7 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
ssh_key_free(key);
key = NULL;
#endif
-#ifdef HAVE_DSA
- /* same for DSA */
-
- rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
- passphrase,
- NULL,
- NULL,
- &key);
- assert_return_code(rc, errno);
-
- rc = ssh_key_is_private(key);
- assert_true(rc == 1);
-
- ssh_key_free(key);
- key = NULL;
-
- /* test if it returns -1 if passphrase is wrong */
- rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
- "wrong passphrase !!",
- NULL,
- NULL,
- &key);
- assert_true(rc == -1);
-
-#ifndef HAVE_LIBCRYPTO
- /* test if it returns -1 if passphrase is NULL */
- /* libcrypto asks for a passphrase, so skip this test */
- rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
- NULL,
- NULL,
- NULL,
- &key);
- assert_true(rc == -1);
-#endif /* HAVE_LIBCRYPTO */
-#endif /* HAVE_DSA */
/* same for ED25519 */
rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_ED25519, 0, 1),
passphrase,
@@ -424,33 +340,6 @@ static void torture_pki_pki_publickey_from_privatekey_RSA(void **state) {
ssh_key_free(pubkey);
}
-#ifdef HAVE_DSA
-static void torture_pki_pki_publickey_from_privatekey_DSA(void **state) {
- int rc;
- ssh_key key;
- ssh_key pubkey;
- const char *passphrase = NULL;
-
- (void) state; /* unused */
-
- rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0),
- passphrase,
- NULL,
- NULL,
- &key);
- assert_true(rc == 0);
-
- rc = ssh_key_is_private(key);
- assert_true(rc == 1);
-
- rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
- assert_true(rc == SSH_OK);
-
- ssh_key_free(key);
- ssh_key_free(pubkey);
-}
-#endif
-
static void torture_pki_pki_publickey_from_privatekey_ed25519(void **state){
int rc;
ssh_key key;
@@ -573,64 +462,6 @@ static void torture_pki_import_cert_file_rsa(void **state) {
ssh_key_free(cert);
}
-#ifdef HAVE_DSA
-static void torture_pki_import_cert_file_dsa(void **state) {
- int rc;
- ssh_key cert;
- enum ssh_keytypes_e type;
-
- (void) state; /* unused */
-
- rc = ssh_pki_import_cert_file(LIBSSH_DSA_TESTKEY "-cert.pub", &cert);
- assert_true(rc == 0);
-
- type = ssh_key_type(cert);
- assert_true(type == SSH_KEYTYPE_DSS_CERT01);
-
- rc = ssh_key_is_public(cert);
- assert_true(rc == 1);
-
- ssh_key_free(cert);
-}
-
-static void torture_pki_publickey_dsa_base64(void **state)
-{
- enum ssh_keytypes_e type;
- char *b64_key, *key_buf, *p;
- const char *q;
- ssh_key key;
- int rc;
-
- (void) state; /* unused */
-
- key_buf = strdup(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
- assert_true(key_buf != NULL);
-
- q = p = key_buf;
- while (*p != ' ') p++;
- *p = '\0';
-
- type = ssh_key_type_from_name(q);
- assert_true(type == SSH_KEYTYPE_DSS);
-
- q = ++p;
- while (*p != ' ') p++;
- *p = '\0';
-
- rc = ssh_pki_import_pubkey_base64(q, type, &key);
- assert_true(rc == 0);
-
- rc = ssh_pki_export_pubkey_base64(key, &b64_key);
- assert_true(rc == 0);
-
- assert_string_equal(q, b64_key);
-
- free(b64_key);
- free(key_buf);
- ssh_key_free(key);
-}
-#endif
-
#ifdef HAVE_ECC
static void torture_pki_publickey_ecdsa_base64(void **state)
{
@@ -783,47 +614,6 @@ static void torture_generate_pubkey_from_privkey_rsa(void **state) {
ssh_key_free(pubkey);
}
-#ifdef HAVE_DSA
-static void torture_generate_pubkey_from_privkey_dsa(void **state) {
- char pubkey_generated[4096] = {0};
- ssh_key privkey;
- ssh_key pubkey;
- int len;
- int rc;
-
- (void) state; /* unused */
-
- /* remove the public key, generate it from the private key and write it. */
- unlink(LIBSSH_DSA_TESTKEY ".pub");
-
- rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
- NULL,
- NULL,
- NULL,
- &privkey);
- assert_true(rc == 0);
-
- rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey);
- assert_true(rc == SSH_OK);
-
- rc = ssh_pki_export_pubkey_file(pubkey, LIBSSH_DSA_TESTKEY ".pub");
- assert_true(rc == 0);
-
- rc = torture_read_one_line(LIBSSH_DSA_TESTKEY ".pub",
- pubkey_generated,
- sizeof(pubkey_generated));
- assert_true(rc == 0);
-
- len = torture_pubkey_len(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
- assert_memory_equal(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0),
- pubkey_generated,
- len);
-
- ssh_key_free(privkey);
- ssh_key_free(pubkey);
-}
-#endif
-
static void torture_generate_pubkey_from_privkey_ed25519(void **state){
char pubkey_generated[4096] = {0};
ssh_key privkey;
@@ -953,54 +743,6 @@ static void torture_pki_duplicate_key_rsa(void **state)
ssh_string_free_char(b64_key_gen);
}
-#ifdef HAVE_DSA
-static void torture_pki_duplicate_key_dsa(void **state)
-{
- int rc;
- char *b64_key;
- char *b64_key_gen;
- ssh_key pubkey;
- ssh_key privkey;
- ssh_key privkey_dup;
-
- (void) state;
-
- rc = ssh_pki_import_pubkey_file(LIBSSH_DSA_TESTKEY ".pub", &pubkey);
- assert_true(rc == 0);
-
- rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key);
- assert_true(rc == 0);
- ssh_key_free(pubkey);
-
- rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
- NULL,
- NULL,
- NULL,
- &privkey);
- assert_true(rc == 0);
-
- privkey_dup = ssh_key_dup(privkey);
- assert_true(privkey_dup != NULL);
-
- rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey);
- assert_true(rc == SSH_OK);
-
- rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key_gen);
- assert_true(rc == 0);
-
- assert_string_equal(b64_key, b64_key_gen);
-
- rc = ssh_key_cmp(privkey, privkey_dup, SSH_KEY_CMP_PRIVATE);
- assert_true(rc == 0);
-
- ssh_key_free(pubkey);
- ssh_key_free(privkey);
- ssh_key_free(privkey_dup);
- ssh_string_free_char(b64_key);
- ssh_string_free_char(b64_key_gen);
-}
-#endif
-
#ifdef HAVE_ECC
static void torture_pki_duplicate_key_ecdsa(void **state)
{
@@ -1173,52 +915,6 @@ static void torture_pki_generate_key_rsa1(void **state)
ssh_free(session);
}
-#ifdef HAVE_DSA
-static void torture_pki_generate_key_dsa(void **state)
-{
- int rc;
- ssh_key key;
- ssh_signature sign;
- ssh_session session=ssh_new();
- (void) state;
-
- rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 1024, &key);
- assert_true(rc == SSH_OK);
- assert_true(key != NULL);
- sign = pki_do_sign(key, HASH, 20);
- assert_true(sign != NULL);
- rc = pki_signature_verify(session,sign,key,HASH,20);
- assert_true(rc == SSH_OK);
- ssh_signature_free(sign);
- ssh_key_free(key);
- key=NULL;
-
- rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 2048, &key);
- assert_true(rc == SSH_OK);
- assert_true(key != NULL);
- sign = pki_do_sign(key, HASH, 20);
- assert_true(sign != NULL);
- rc = pki_signature_verify(session,sign,key,HASH,20);
- assert_true(rc == SSH_OK);
- ssh_signature_free(sign);
- ssh_key_free(key);
- key=NULL;
-
- rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 3072, &key);
- assert_true(rc == SSH_OK);
- assert_true(key != NULL);
- sign = pki_do_sign(key, HASH, 20);
- assert_true(sign != NULL);
- rc = pki_signature_verify(session,sign,key,HASH,20);
- assert_true(rc == SSH_OK);
- ssh_signature_free(sign);
- ssh_key_free(key);
- key=NULL;
-
- ssh_free(session);
-}
-#endif
-
#ifdef HAVE_ECC
static void torture_pki_generate_key_ecdsa(void **state)
{
@@ -1362,44 +1058,6 @@ static void torture_pki_write_privkey_rsa(void **state)
ssh_key_free(privkey);
}
-static void torture_pki_write_privkey_dsa(void **state)
-{
- ssh_key origkey;
- ssh_key privkey;
- int rc;
-
- (void) state; /* unused */
-
- rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
- NULL,
- NULL,
- NULL,
- &origkey);
- assert_true(rc == 0);
-
- unlink(LIBSSH_DSA_TESTKEY);
-
- rc = ssh_pki_export_privkey_file(origkey,
- "",
- NULL,
- NULL,
- LIBSSH_DSA_TESTKEY);
- assert_true(rc == 0);
-
- rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
- NULL,
- NULL,
- NULL,
- &privkey);
- assert_true(rc == 0);
-
- rc = ssh_key_cmp(origkey, privkey, SSH_KEY_CMP_PRIVATE);
- assert_true(rc == 0);
-
- ssh_key_free(origkey);
- ssh_key_free(privkey);
-}
-
#ifdef HAVE_ECC
static void torture_pki_write_privkey_ecdsa(void **state)
{
@@ -1561,11 +1219,6 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_RSA,
setup_rsa_key,
teardown),
-#ifdef HAVE_DSA
- cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_DSA,
- setup_dsa_key,
- teardown),
-#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_ECDSA,
setup_ecdsa_key_256,
@@ -1585,11 +1238,6 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_RSA,
setup_rsa_key,
teardown),
-#ifdef HAVE_DSA
- cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_DSA,
- setup_dsa_key,
- teardown),
-#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_publickey_from_privatekey_ECDSA,
setup_ecdsa_key_256,
@@ -1620,16 +1268,6 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_rsa,
setup_rsa_key,
teardown),
-#ifdef HAVE_DSA
- cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_dsa,
- setup_dsa_key,
- teardown),
-
- /* public key */
- cmocka_unit_test_setup_teardown(torture_pki_publickey_dsa_base64,
- setup_dsa_key,
- teardown),
-#endif
cmocka_unit_test_setup_teardown(torture_pki_publickey_rsa_base64,
setup_rsa_key,
teardown),
@@ -1647,11 +1285,6 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_publickey_ed25519_base64,
setup_ed25519_key,
teardown),
-#ifdef HAVE_DSA
- cmocka_unit_test_setup_teardown(torture_generate_pubkey_from_privkey_dsa,
- setup_dsa_key,
- teardown),
-#endif
cmocka_unit_test_setup_teardown(torture_generate_pubkey_from_privkey_rsa,
setup_rsa_key,
teardown),
@@ -1672,11 +1305,6 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_rsa,
setup_rsa_key,
teardown),
-#ifdef HAVE_DSA
- cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_dsa,
- setup_dsa_key,
- teardown),
-#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_ecdsa,
setup_ecdsa_key_256,
@@ -1688,16 +1316,8 @@ int torture_run_tests(void) {
setup_ecdsa_key_521,
teardown),
#endif
-#ifdef HAVE_DSA
- cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_dsa,
- setup_dsa_key,
- teardown),
-#endif
cmocka_unit_test(torture_pki_generate_key_rsa),
cmocka_unit_test(torture_pki_generate_key_rsa1),
-#ifdef HAVE_DSA
- cmocka_unit_test(torture_pki_generate_key_dsa),
-#endif
#ifdef HAVE_ECC
cmocka_unit_test(torture_pki_generate_key_ecdsa),
#endif
@@ -1706,9 +1326,6 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_write_privkey_rsa,
setup_rsa_key,
teardown),
- cmocka_unit_test_setup_teardown(torture_pki_write_privkey_dsa,
- setup_dsa_key,
- teardown),
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_write_privkey_ecdsa,
setup_ecdsa_key_256,
@@ -1723,7 +1340,7 @@ int torture_run_tests(void) {
#endif /* HAVE_LIBCRYPTO */
#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_write_privkey_ed25519,
- setup_dsa_key,
+ NULL,
teardown),
#endif
diff --git a/tests/unittests/torture_pki_dsa.c b/tests/unittests/torture_pki_dsa.c
new file mode 100644
index 00000000..4fced83d
--- /dev/null
+++ b/tests/unittests/torture_pki_dsa.c
@@ -0,0 +1,431 @@
+#include "config.h"
+
+#define LIBSSH_STATIC
+
+#include <string.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include "torture.h"
+#include "torture_pki.h"
+#include "pki.c"
+
+#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa"
+
+const unsigned char DSA_HASH[] = "12345678901234567890";
+
+static int setup_dsa_key(void **state)
+{
+ (void) state; /* unused */
+
+ unlink(LIBSSH_DSA_TESTKEY);
+ unlink(LIBSSH_DSA_TESTKEY ".pub");
+ unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
+
+ torture_write_file(LIBSSH_DSA_TESTKEY,
+ torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
+ torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
+ torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+ torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
+ torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0));
+
+ return 0;
+}
+
+static int teardown_dsa_key(void **state)
+{
+ (void)state;
+
+ unlink(LIBSSH_DSA_TESTKEY);
+ unlink(LIBSSH_DSA_TESTKEY ".pub");
+ unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
+
+ return 0;
+}
+
+static void torture_pki_dsa_import_privkey_base64(void **state)
+{
+ int rc;
+ ssh_key key;
+ const char *passphrase = torture_get_testkey_passphrase();
+
+ (void) state; /* unused */
+
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0),
+ passphrase,
+ NULL,
+ NULL,
+ &key);
+ assert_true(rc == 0);
+
+ ssh_key_free(key);
+}
+
+#ifdef HAVE_LIBCRYPTO
+static void torture_pki_dsa_write_privkey(void **state)
+{
+ ssh_key origkey;
+ ssh_key privkey;
+ int rc;
+
+ (void) state; /* unused */
+
+ rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
+ NULL,
+ NULL,
+ NULL,
+ &origkey);
+ assert_true(rc == 0);
+
+ unlink(LIBSSH_DSA_TESTKEY);
+
+ rc = ssh_pki_export_privkey_file(origkey,
+ "",
+ NULL,
+ NULL,
+ LIBSSH_DSA_TESTKEY);
+ assert_true(rc == 0);
+
+ rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
+ NULL,
+ NULL,
+ NULL,
+ &privkey);
+ assert_true(rc == 0);
+
+ rc = ssh_key_cmp(origkey, privkey, SSH_KEY_CMP_PRIVATE);
+ assert_true(rc == 0);
+
+ ssh_key_free(origkey);
+ ssh_key_free(privkey);
+}
+#endif
+
+static void torture_pki_dsa_import_privkey_base64_passphrase(void **state)
+{
+ int rc;
+ ssh_key key = NULL;
+ const char *passphrase = torture_get_testkey_passphrase();
+
+ (void) state; /* unused */
+
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+ passphrase,
+ NULL,
+ NULL,
+ &key);
+ assert_return_code(rc, errno);
+
+ rc = ssh_key_is_private(key);
+ assert_true(rc == 1);
+
+ ssh_key_free(key);
+ key = NULL;
+
+ /* test if it returns -1 if passphrase is wrong */
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+ "wrong passphrase !!",
+ NULL,
+ NULL,
+ &key);
+ assert_true(rc == -1);
+
+ /* test if it returns -1 if passphrase is NULL */
+ /* libcrypto asks for a passphrase, so skip this test */
+#ifndef HAVE_LIBCRYPTO
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+ NULL,
+ NULL,
+ NULL,
+ &key);
+ assert_true(rc == -1);
+#endif
+
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+ passphrase,
+ NULL,
+ NULL,
+ &key);
+ assert_return_code(rc, errno);
+
+ rc = ssh_key_is_private(key);
+ assert_true(rc == 1);
+
+ ssh_key_free(key);
+ key = NULL;
+
+ /* test if it returns -1 if passphrase is wrong */
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+ "wrong passphrase !!",
+ NULL,
+ NULL,
+ &key);
+ assert_true(rc == -1);
+
+#ifndef HAVE_LIBCRYPTO
+ /* test if it returns -1 if passphrase is NULL */
+ /* libcrypto asks for a passphrase, so skip this test */
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
+ NULL,
+ NULL,
+ NULL,
+ &key);
+ assert_true(rc == -1);
+#endif /* HAVE_LIBCRYPTO */
+}
+
+static void torture_pki_dsa_publickey_from_privatekey(void **state)
+{
+ int rc;
+ ssh_key key;
+ ssh_key pubkey;
+ const char *passphrase = NULL;
+
+ (void) state; /* unused */
+
+ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0),
+ passphrase,
+ NULL,
+ NULL,
+ &key);
+ assert_true(rc == 0);
+
+ rc = ssh_key_is_private(key);
+ assert_true(rc == 1);
+
+ rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
+ assert_true(rc == SSH_OK);
+
+ ssh_key_free(key);
+ ssh_key_free(pubkey);
+}
+
+static void torture_pki_dsa_import_cert_file(void **state)
+{
+ int rc;
+ ssh_key cert;
+ enum ssh_keytypes_e type;
+
+ (void) state; /* unused */
+
+ rc = ssh_pki_import_cert_file(LIBSSH_DSA_TESTKEY "-cert.pub", &cert);
+ assert_true(rc == 0);
+
+ type = ssh_key_type(cert);
+ assert_true(type == SSH_KEYTYPE_DSS_CERT01);
+
+ rc = ssh_key_is_public(cert);
+ assert_true(rc == 1);
+
+ ssh_key_free(cert);
+}
+
+static void torture_pki_dsa_publickey_base64(void **state)
+{
+ enum ssh_keytypes_e type;
+ char *b64_key, *key_buf, *p;
+ const char *q;
+ ssh_key key;
+ int rc;
+
+ (void) state; /* unused */
+
+ key_buf = strdup(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+ assert_true(key_buf != NULL);
+
+ q = p = key_buf;
+ while (*p != ' ') p++;
+ *p = '\0';
+
+ type = ssh_key_type_from_name(q);
+ assert_true(type == SSH_KEYTYPE_DSS);
+
+ q = ++p;
+ while (*p != ' ') p++;
+ *p = '\0';
+
+ rc = ssh_pki_import_pubkey_base64(q, type, &key);
+ assert_true(rc == 0);
+
+ rc = ssh_pki_export_pubkey_base64(key, &b64_key);
+ assert_true(rc == 0);
+
+ assert_string_equal(q, b64_key);
+
+ free(b64_key);
+ free(key_buf);
+ ssh_key_free(key);
+}
+
+static void torture_pki_dsa_generate_pubkey_from_privkey(void **state)
+{
+ char pubkey_generated[4096] = {0};
+ ssh_key privkey;
+ ssh_key pubkey;
+ int len;
+ int rc;
+
+ (void) state; /* unused */
+
+ /* remove the public key, generate it from the private key and write it. */
+ unlink(LIBSSH_DSA_TESTKEY ".pub");
+
+ rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
+ NULL,
+ NULL,
+ NULL,
+ &privkey);
+ assert_true(rc == 0);
+
+ rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey);
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_pki_export_pubkey_file(pubkey, LIBSSH_DSA_TESTKEY ".pub");
+ assert_true(rc == 0);
+
+ rc = torture_read_one_line(LIBSSH_DSA_TESTKEY ".pub",
+ pubkey_generated,
+ sizeof(pubkey_generated));
+ assert_true(rc == 0);
+
+ len = torture_pubkey_len(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+ assert_memory_equal(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0),
+ pubkey_generated,
+ len);
+
+ ssh_key_free(privkey);
+ ssh_key_free(pubkey);
+}
+
+static void torture_pki_dsa_duplicate_key(void **state)
+{
+ int rc;
+ char *b64_key;
+ char *b64_key_gen;
+ ssh_key pubkey;
+ ssh_key privkey;
+ ssh_key privkey_dup;
+
+ (void) state;
+
+ rc = ssh_pki_import_pubkey_file(LIBSSH_DSA_TESTKEY ".pub", &pubkey);
+ assert_true(rc == 0);
+
+ rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key);
+ assert_true(rc == 0);
+ ssh_key_free(pubkey);
+
+ rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
+ NULL,
+ NULL,
+ NULL,
+ &privkey);
+ assert_true(rc == 0);
+
+ privkey_dup = ssh_key_dup(privkey);
+ assert_true(privkey_dup != NULL);
+
+ rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey);
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key_gen);
+ assert_true(rc == 0);
+
+ assert_string_equal(b64_key, b64_key_gen);
+
+ rc = ssh_key_cmp(privkey, privkey_dup, SSH_KEY_CMP_PRIVATE);
+ assert_true(rc == 0);
+
+ ssh_key_free(pubkey);
+ ssh_key_free(privkey);
+ ssh_key_free(privkey_dup);
+ ssh_string_free_char(b64_key);
+ ssh_string_free_char(b64_key_gen);
+}
+
+static void torture_pki_dsa_generate_key(void **state)
+{
+ int rc;
+ ssh_key key;
+ ssh_signature sign;
+ ssh_session session=ssh_new();
+ (void) state;
+
+ rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 1024, &key);
+ assert_true(rc == SSH_OK);
+ assert_true(key != NULL);
+ sign = pki_do_sign(key, DSA_HASH, 20);
+ assert_true(sign != NULL);
+ rc = pki_signature_verify(session,sign,key,DSA_HASH,20);
+ assert_true(rc == SSH_OK);
+ ssh_signature_free(sign);
+ ssh_key_free(key);
+ key=NULL;
+
+ rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 2048, &key);
+ assert_true(rc == SSH_OK);
+ assert_true(key != NULL);
+ sign = pki_do_sign(key, DSA_HASH, 20);
+ assert_true(sign != NULL);
+ rc = pki_signature_verify(session,sign,key,DSA_HASH,20);
+ assert_true(rc == SSH_OK);
+ ssh_signature_free(sign);
+ ssh_key_free(key);
+ key=NULL;
+
+ rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 3072, &key);
+ assert_true(rc == SSH_OK);
+ assert_true(key != NULL);
+ sign = pki_do_sign(key, DSA_HASH, 20);
+ assert_true(sign != NULL);
+ rc = pki_signature_verify(session,sign,key,DSA_HASH,20);
+ assert_true(rc == SSH_OK);
+ ssh_signature_free(sign);
+ ssh_key_free(key);
+ key=NULL;
+
+ ssh_free(session);
+}
+
+int torture_run_tests(void)
+{
+ int rc;
+ struct CMUnitTest tests[] = {
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_import_privkey_base64,
+ setup_dsa_key,
+ teardown_dsa_key),
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_publickey_from_privatekey,
+ setup_dsa_key,
+ teardown_dsa_key),
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_import_cert_file,
+ setup_dsa_key,
+ teardown_dsa_key),
+#ifdef HAVE_LIBCRYPTO
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_write_privkey,
+ setup_dsa_key,
+ teardown_dsa_key),
+#endif
+ cmocka_unit_test(torture_pki_dsa_import_privkey_base64_passphrase),
+
+ /* public key */
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_publickey_base64,
+ setup_dsa_key,
+ teardown_dsa_key),
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_generate_pubkey_from_privkey,
+ setup_dsa_key,
+ teardown_dsa_key),
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_duplicate_key,
+ setup_dsa_key,
+ teardown_dsa_key),
+ cmocka_unit_test_setup_teardown(torture_pki_dsa_duplicate_key,
+ setup_dsa_key,
+ teardown_dsa_key),
+ cmocka_unit_test(torture_pki_dsa_generate_key),
+ };
+
+ ssh_init();
+ torture_filter_tests(tests);
+ rc = cmocka_run_group_tests(tests, NULL, NULL);
+ ssh_finalize();
+ return rc;
+}