diff options
author | Ben Toews <mastahyeti@gmail.com> | 2019-02-14 16:06:38 -0700 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-04-17 10:21:42 +0200 |
commit | 4a014968106af27702ac5ead15e0e9bc48451212 (patch) | |
tree | 5b34c9f57f207b537f530da21d72fb830a87f53f /tests/unittests/torture_pki_ecdsa.c | |
parent | 2f26b5d63cde0da954e237aff176701d51760ea1 (diff) | |
download | libssh-4a014968106af27702ac5ead15e0e9bc48451212.tar.gz libssh-4a014968106af27702ac5ead15e0e9bc48451212.tar.xz libssh-4a014968106af27702ac5ead15e0e9bc48451212.zip |
tests/unittests: test that signatures can be verified with certs
Signed-off-by: Ben Toews <mastahyeti@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'tests/unittests/torture_pki_ecdsa.c')
-rw-r--r-- | tests/unittests/torture_pki_ecdsa.c | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/tests/unittests/torture_pki_ecdsa.c b/tests/unittests/torture_pki_ecdsa.c index 43803a74..138ee267 100644 --- a/tests/unittests/torture_pki_ecdsa.c +++ b/tests/unittests/torture_pki_ecdsa.c @@ -579,6 +579,37 @@ static void torture_pki_generate_key_ecdsa(void **state) ssh_free(session); } +static void torture_pki_ecdsa_cert_verify(void **state) +{ + int rc; + ssh_key privkey = NULL, cert = NULL; + ssh_signature sign = NULL; + ssh_session session=ssh_new(); + (void) state; + + rc = ssh_pki_import_privkey_file(LIBSSH_ECDSA_TESTKEY, + NULL, + NULL, + NULL, + &privkey); + assert_true(rc == 0); + assert_non_null(privkey); + + rc = ssh_pki_import_cert_file(LIBSSH_ECDSA_TESTKEY "-cert.pub", &cert); + assert_true(rc == 0); + assert_non_null(cert); + + sign = pki_do_sign(privkey, ECDSA_HASH, 20); + assert_non_null(sign); + rc = pki_signature_verify(session, sign, cert, ECDSA_HASH, 20); + assert_true(rc == SSH_OK); + ssh_signature_free(sign); + SSH_KEY_FREE(privkey); + SSH_KEY_FREE(cert); + + ssh_free(session); +} + #ifdef HAVE_LIBCRYPTO static void torture_pki_ecdsa_write_privkey(void **state) { @@ -788,6 +819,15 @@ int torture_run_tests(void) { setup_ecdsa_key_521, teardown), cmocka_unit_test(torture_pki_generate_key_ecdsa), + cmocka_unit_test_setup_teardown(torture_pki_ecdsa_cert_verify, + setup_ecdsa_key_256, + teardown), + cmocka_unit_test_setup_teardown(torture_pki_ecdsa_cert_verify, + setup_ecdsa_key_384, + teardown), + cmocka_unit_test_setup_teardown(torture_pki_ecdsa_cert_verify, + setup_ecdsa_key_521, + teardown), #ifdef HAVE_LIBCRYPTO cmocka_unit_test_setup_teardown(torture_pki_ecdsa_write_privkey, setup_ecdsa_key_256, |