diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2018-01-08 21:49:49 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-01-10 22:27:52 +0100 |
commit | 59308bc269c92cded590bdda1d9dc997a409275f (patch) | |
tree | fe6491974805d29975904c81728caa083390a6e5 /tests | |
parent | fd2ef07f372819e4eccbd85b7a0388c9c41eb31d (diff) | |
download | libssh-59308bc269c92cded590bdda1d9dc997a409275f.tar.gz libssh-59308bc269c92cded590bdda1d9dc997a409275f.tar.xz libssh-59308bc269c92cded590bdda1d9dc997a409275f.zip |
tests: Move dsa tests to own test file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/unittests/CMakeLists.txt | 4 | ||||
-rw-r--r-- | tests/unittests/torture_pki.c | 391 | ||||
-rw-r--r-- | tests/unittests/torture_pki_dsa.c | 431 |
3 files changed, 439 insertions, 387 deletions
diff --git a/tests/unittests/CMakeLists.txt b/tests/unittests/CMakeLists.txt index e1351574..e9639474 100644 --- a/tests/unittests/CMakeLists.txt +++ b/tests/unittests/CMakeLists.txt @@ -16,6 +16,10 @@ if (UNIX AND NOT WIN32) # requires ssh-keygen add_cmocka_test(torture_keyfiles torture_keyfiles.c ${TORTURE_LIBRARY}) add_cmocka_test(torture_pki torture_pki.c ${TORTURE_LIBRARY}) + + if (HAVE_DSA) + add_cmocka_test(torture_pki_dsa torture_pki_dsa.c ${TORTURE_LIBRARY}) + endif() # requires /dev/null add_cmocka_test(torture_channel torture_channel.c ${TORTURE_LIBRARY}) # requires pthread diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c index 350c6b09..c2850772 100644 --- a/tests/unittests/torture_pki.c +++ b/tests/unittests/torture_pki.c @@ -2,16 +2,14 @@ #define LIBSSH_STATIC +#include <sys/stat.h> +#include <fcntl.h> + #include "torture.h" #include "torture_pki.h" #include "pki.c" -#include <sys/stat.h> -#include <fcntl.h> #define LIBSSH_RSA_TESTKEY "libssh_testkey.id_rsa" -#ifdef HAVE_DSA -#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa" -#endif #define LIBSSH_ECDSA_TESTKEY "libssh_testkey.id_ecdsa" #define LIBSSH_ED25519_TESTKEY "libssh_testkey.id_ed25519" @@ -35,25 +33,6 @@ static int setup_rsa_key(void **state) return 0; } -#ifdef HAVE_DSA -static int setup_dsa_key(void **state) { - (void) state; /* unused */ - - unlink(LIBSSH_DSA_TESTKEY); - unlink(LIBSSH_DSA_TESTKEY ".pub"); - unlink(LIBSSH_DSA_TESTKEY "-cert.pub"); - - torture_write_file(LIBSSH_DSA_TESTKEY, - torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0)); - torture_write_file(LIBSSH_DSA_TESTKEY ".pub", - torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0)); - torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub", - torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0)); - - return 0; -} -#endif - #ifdef HAVE_ECC static int setup_ecdsa_key(void **state, int ecdsa_bits) { @@ -108,9 +87,6 @@ static int setup_both_keys(void **state) { (void) state; /* unused */ setup_rsa_key(state); -#ifdef HAVE_DSA - setup_dsa_key(state); -#endif return 0; } @@ -118,12 +94,6 @@ static int setup_both_keys(void **state) { static int teardown(void **state) { (void) state; /* unused */ -#ifdef HAVE_DSA - unlink(LIBSSH_DSA_TESTKEY); - unlink(LIBSSH_DSA_TESTKEY ".pub"); - unlink(LIBSSH_DSA_TESTKEY "-cert.pub"); -#endif - unlink(LIBSSH_RSA_TESTKEY); unlink(LIBSSH_RSA_TESTKEY ".pub"); unlink(LIBSSH_RSA_TESTKEY "-cert.pub"); @@ -226,25 +196,6 @@ static void torture_pki_import_privkey_base64_NULL_str(void **state) { ssh_key_free(key); } -#ifdef HAVE_DSA -static void torture_pki_import_privkey_base64_DSA(void **state) { - int rc; - ssh_key key; - const char *passphrase = torture_get_testkey_passphrase(); - - (void) state; /* unused */ - - rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0), - passphrase, - NULL, - NULL, - &key); - assert_true(rc == 0); - - ssh_key_free(key); -} -#endif - #ifdef HAVE_ECC static void torture_pki_import_privkey_base64_ECDSA(void **state) { int rc; @@ -311,42 +262,7 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) { ssh_key_free(key); key = NULL; #endif -#ifdef HAVE_DSA - /* same for DSA */ - - rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), - passphrase, - NULL, - NULL, - &key); - assert_return_code(rc, errno); - - rc = ssh_key_is_private(key); - assert_true(rc == 1); - - ssh_key_free(key); - key = NULL; - - /* test if it returns -1 if passphrase is wrong */ - rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), - "wrong passphrase !!", - NULL, - NULL, - &key); - assert_true(rc == -1); - -#ifndef HAVE_LIBCRYPTO - /* test if it returns -1 if passphrase is NULL */ - /* libcrypto asks for a passphrase, so skip this test */ - rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), - NULL, - NULL, - NULL, - &key); - assert_true(rc == -1); -#endif /* HAVE_LIBCRYPTO */ -#endif /* HAVE_DSA */ /* same for ED25519 */ rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_ED25519, 0, 1), passphrase, @@ -424,33 +340,6 @@ static void torture_pki_pki_publickey_from_privatekey_RSA(void **state) { ssh_key_free(pubkey); } -#ifdef HAVE_DSA -static void torture_pki_pki_publickey_from_privatekey_DSA(void **state) { - int rc; - ssh_key key; - ssh_key pubkey; - const char *passphrase = NULL; - - (void) state; /* unused */ - - rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0), - passphrase, - NULL, - NULL, - &key); - assert_true(rc == 0); - - rc = ssh_key_is_private(key); - assert_true(rc == 1); - - rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey); - assert_true(rc == SSH_OK); - - ssh_key_free(key); - ssh_key_free(pubkey); -} -#endif - static void torture_pki_pki_publickey_from_privatekey_ed25519(void **state){ int rc; ssh_key key; @@ -573,64 +462,6 @@ static void torture_pki_import_cert_file_rsa(void **state) { ssh_key_free(cert); } -#ifdef HAVE_DSA -static void torture_pki_import_cert_file_dsa(void **state) { - int rc; - ssh_key cert; - enum ssh_keytypes_e type; - - (void) state; /* unused */ - - rc = ssh_pki_import_cert_file(LIBSSH_DSA_TESTKEY "-cert.pub", &cert); - assert_true(rc == 0); - - type = ssh_key_type(cert); - assert_true(type == SSH_KEYTYPE_DSS_CERT01); - - rc = ssh_key_is_public(cert); - assert_true(rc == 1); - - ssh_key_free(cert); -} - -static void torture_pki_publickey_dsa_base64(void **state) -{ - enum ssh_keytypes_e type; - char *b64_key, *key_buf, *p; - const char *q; - ssh_key key; - int rc; - - (void) state; /* unused */ - - key_buf = strdup(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0)); - assert_true(key_buf != NULL); - - q = p = key_buf; - while (*p != ' ') p++; - *p = '\0'; - - type = ssh_key_type_from_name(q); - assert_true(type == SSH_KEYTYPE_DSS); - - q = ++p; - while (*p != ' ') p++; - *p = '\0'; - - rc = ssh_pki_import_pubkey_base64(q, type, &key); - assert_true(rc == 0); - - rc = ssh_pki_export_pubkey_base64(key, &b64_key); - assert_true(rc == 0); - - assert_string_equal(q, b64_key); - - free(b64_key); - free(key_buf); - ssh_key_free(key); -} -#endif - #ifdef HAVE_ECC static void torture_pki_publickey_ecdsa_base64(void **state) { @@ -783,47 +614,6 @@ static void torture_generate_pubkey_from_privkey_rsa(void **state) { ssh_key_free(pubkey); } -#ifdef HAVE_DSA -static void torture_generate_pubkey_from_privkey_dsa(void **state) { - char pubkey_generated[4096] = {0}; - ssh_key privkey; - ssh_key pubkey; - int len; - int rc; - - (void) state; /* unused */ - - /* remove the public key, generate it from the private key and write it. */ - unlink(LIBSSH_DSA_TESTKEY ".pub"); - - rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, - NULL, - NULL, - NULL, - &privkey); - assert_true(rc == 0); - - rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey); - assert_true(rc == SSH_OK); - - rc = ssh_pki_export_pubkey_file(pubkey, LIBSSH_DSA_TESTKEY ".pub"); - assert_true(rc == 0); - - rc = torture_read_one_line(LIBSSH_DSA_TESTKEY ".pub", - pubkey_generated, - sizeof(pubkey_generated)); - assert_true(rc == 0); - - len = torture_pubkey_len(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0)); - assert_memory_equal(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0), - pubkey_generated, - len); - - ssh_key_free(privkey); - ssh_key_free(pubkey); -} -#endif - static void torture_generate_pubkey_from_privkey_ed25519(void **state){ char pubkey_generated[4096] = {0}; ssh_key privkey; @@ -953,54 +743,6 @@ static void torture_pki_duplicate_key_rsa(void **state) ssh_string_free_char(b64_key_gen); } -#ifdef HAVE_DSA -static void torture_pki_duplicate_key_dsa(void **state) -{ - int rc; - char *b64_key; - char *b64_key_gen; - ssh_key pubkey; - ssh_key privkey; - ssh_key privkey_dup; - - (void) state; - - rc = ssh_pki_import_pubkey_file(LIBSSH_DSA_TESTKEY ".pub", &pubkey); - assert_true(rc == 0); - - rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key); - assert_true(rc == 0); - ssh_key_free(pubkey); - - rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, - NULL, - NULL, - NULL, - &privkey); - assert_true(rc == 0); - - privkey_dup = ssh_key_dup(privkey); - assert_true(privkey_dup != NULL); - - rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey); - assert_true(rc == SSH_OK); - - rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key_gen); - assert_true(rc == 0); - - assert_string_equal(b64_key, b64_key_gen); - - rc = ssh_key_cmp(privkey, privkey_dup, SSH_KEY_CMP_PRIVATE); - assert_true(rc == 0); - - ssh_key_free(pubkey); - ssh_key_free(privkey); - ssh_key_free(privkey_dup); - ssh_string_free_char(b64_key); - ssh_string_free_char(b64_key_gen); -} -#endif - #ifdef HAVE_ECC static void torture_pki_duplicate_key_ecdsa(void **state) { @@ -1173,52 +915,6 @@ static void torture_pki_generate_key_rsa1(void **state) ssh_free(session); } -#ifdef HAVE_DSA -static void torture_pki_generate_key_dsa(void **state) -{ - int rc; - ssh_key key; - ssh_signature sign; - ssh_session session=ssh_new(); - (void) state; - - rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 1024, &key); - assert_true(rc == SSH_OK); - assert_true(key != NULL); - sign = pki_do_sign(key, HASH, 20); - assert_true(sign != NULL); - rc = pki_signature_verify(session,sign,key,HASH,20); - assert_true(rc == SSH_OK); - ssh_signature_free(sign); - ssh_key_free(key); - key=NULL; - - rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 2048, &key); - assert_true(rc == SSH_OK); - assert_true(key != NULL); - sign = pki_do_sign(key, HASH, 20); - assert_true(sign != NULL); - rc = pki_signature_verify(session,sign,key,HASH,20); - assert_true(rc == SSH_OK); - ssh_signature_free(sign); - ssh_key_free(key); - key=NULL; - - rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 3072, &key); - assert_true(rc == SSH_OK); - assert_true(key != NULL); - sign = pki_do_sign(key, HASH, 20); - assert_true(sign != NULL); - rc = pki_signature_verify(session,sign,key,HASH,20); - assert_true(rc == SSH_OK); - ssh_signature_free(sign); - ssh_key_free(key); - key=NULL; - - ssh_free(session); -} -#endif - #ifdef HAVE_ECC static void torture_pki_generate_key_ecdsa(void **state) { @@ -1362,44 +1058,6 @@ static void torture_pki_write_privkey_rsa(void **state) ssh_key_free(privkey); } -static void torture_pki_write_privkey_dsa(void **state) -{ - ssh_key origkey; - ssh_key privkey; - int rc; - - (void) state; /* unused */ - - rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, - NULL, - NULL, - NULL, - &origkey); - assert_true(rc == 0); - - unlink(LIBSSH_DSA_TESTKEY); - - rc = ssh_pki_export_privkey_file(origkey, - "", - NULL, - NULL, - LIBSSH_DSA_TESTKEY); - assert_true(rc == 0); - - rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, - NULL, - NULL, - NULL, - &privkey); - assert_true(rc == 0); - - rc = ssh_key_cmp(origkey, privkey, SSH_KEY_CMP_PRIVATE); - assert_true(rc == 0); - - ssh_key_free(origkey); - ssh_key_free(privkey); -} - #ifdef HAVE_ECC static void torture_pki_write_privkey_ecdsa(void **state) { @@ -1561,11 +1219,6 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_RSA, setup_rsa_key, teardown), -#ifdef HAVE_DSA - cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_DSA, - setup_dsa_key, - teardown), -#endif #ifdef HAVE_ECC cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_ECDSA, setup_ecdsa_key_256, @@ -1585,11 +1238,6 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_RSA, setup_rsa_key, teardown), -#ifdef HAVE_DSA - cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_DSA, - setup_dsa_key, - teardown), -#endif #ifdef HAVE_ECC cmocka_unit_test_setup_teardown(torture_pki_publickey_from_privatekey_ECDSA, setup_ecdsa_key_256, @@ -1620,16 +1268,6 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_rsa, setup_rsa_key, teardown), -#ifdef HAVE_DSA - cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_dsa, - setup_dsa_key, - teardown), - - /* public key */ - cmocka_unit_test_setup_teardown(torture_pki_publickey_dsa_base64, - setup_dsa_key, - teardown), -#endif cmocka_unit_test_setup_teardown(torture_pki_publickey_rsa_base64, setup_rsa_key, teardown), @@ -1647,11 +1285,6 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_pki_publickey_ed25519_base64, setup_ed25519_key, teardown), -#ifdef HAVE_DSA - cmocka_unit_test_setup_teardown(torture_generate_pubkey_from_privkey_dsa, - setup_dsa_key, - teardown), -#endif cmocka_unit_test_setup_teardown(torture_generate_pubkey_from_privkey_rsa, setup_rsa_key, teardown), @@ -1672,11 +1305,6 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_rsa, setup_rsa_key, teardown), -#ifdef HAVE_DSA - cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_dsa, - setup_dsa_key, - teardown), -#endif #ifdef HAVE_ECC cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_ecdsa, setup_ecdsa_key_256, @@ -1688,16 +1316,8 @@ int torture_run_tests(void) { setup_ecdsa_key_521, teardown), #endif -#ifdef HAVE_DSA - cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_dsa, - setup_dsa_key, - teardown), -#endif cmocka_unit_test(torture_pki_generate_key_rsa), cmocka_unit_test(torture_pki_generate_key_rsa1), -#ifdef HAVE_DSA - cmocka_unit_test(torture_pki_generate_key_dsa), -#endif #ifdef HAVE_ECC cmocka_unit_test(torture_pki_generate_key_ecdsa), #endif @@ -1706,9 +1326,6 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_pki_write_privkey_rsa, setup_rsa_key, teardown), - cmocka_unit_test_setup_teardown(torture_pki_write_privkey_dsa, - setup_dsa_key, - teardown), #ifdef HAVE_ECC cmocka_unit_test_setup_teardown(torture_pki_write_privkey_ecdsa, setup_ecdsa_key_256, @@ -1723,7 +1340,7 @@ int torture_run_tests(void) { #endif /* HAVE_LIBCRYPTO */ #ifdef HAVE_DSA cmocka_unit_test_setup_teardown(torture_pki_write_privkey_ed25519, - setup_dsa_key, + NULL, teardown), #endif diff --git a/tests/unittests/torture_pki_dsa.c b/tests/unittests/torture_pki_dsa.c new file mode 100644 index 00000000..4fced83d --- /dev/null +++ b/tests/unittests/torture_pki_dsa.c @@ -0,0 +1,431 @@ +#include "config.h" + +#define LIBSSH_STATIC + +#include <string.h> +#include <sys/stat.h> +#include <fcntl.h> + +#include "torture.h" +#include "torture_pki.h" +#include "pki.c" + +#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa" + +const unsigned char DSA_HASH[] = "12345678901234567890"; + +static int setup_dsa_key(void **state) +{ + (void) state; /* unused */ + + unlink(LIBSSH_DSA_TESTKEY); + unlink(LIBSSH_DSA_TESTKEY ".pub"); + unlink(LIBSSH_DSA_TESTKEY "-cert.pub"); + + torture_write_file(LIBSSH_DSA_TESTKEY, + torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0)); + torture_write_file(LIBSSH_DSA_TESTKEY ".pub", + torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0)); + torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub", + torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0)); + + return 0; +} + +static int teardown_dsa_key(void **state) +{ + (void)state; + + unlink(LIBSSH_DSA_TESTKEY); + unlink(LIBSSH_DSA_TESTKEY ".pub"); + unlink(LIBSSH_DSA_TESTKEY "-cert.pub"); + + return 0; +} + +static void torture_pki_dsa_import_privkey_base64(void **state) +{ + int rc; + ssh_key key; + const char *passphrase = torture_get_testkey_passphrase(); + + (void) state; /* unused */ + + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0), + passphrase, + NULL, + NULL, + &key); + assert_true(rc == 0); + + ssh_key_free(key); +} + +#ifdef HAVE_LIBCRYPTO +static void torture_pki_dsa_write_privkey(void **state) +{ + ssh_key origkey; + ssh_key privkey; + int rc; + + (void) state; /* unused */ + + rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, + NULL, + NULL, + NULL, + &origkey); + assert_true(rc == 0); + + unlink(LIBSSH_DSA_TESTKEY); + + rc = ssh_pki_export_privkey_file(origkey, + "", + NULL, + NULL, + LIBSSH_DSA_TESTKEY); + assert_true(rc == 0); + + rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, + NULL, + NULL, + NULL, + &privkey); + assert_true(rc == 0); + + rc = ssh_key_cmp(origkey, privkey, SSH_KEY_CMP_PRIVATE); + assert_true(rc == 0); + + ssh_key_free(origkey); + ssh_key_free(privkey); +} +#endif + +static void torture_pki_dsa_import_privkey_base64_passphrase(void **state) +{ + int rc; + ssh_key key = NULL; + const char *passphrase = torture_get_testkey_passphrase(); + + (void) state; /* unused */ + + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), + passphrase, + NULL, + NULL, + &key); + assert_return_code(rc, errno); + + rc = ssh_key_is_private(key); + assert_true(rc == 1); + + ssh_key_free(key); + key = NULL; + + /* test if it returns -1 if passphrase is wrong */ + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), + "wrong passphrase !!", + NULL, + NULL, + &key); + assert_true(rc == -1); + + /* test if it returns -1 if passphrase is NULL */ + /* libcrypto asks for a passphrase, so skip this test */ +#ifndef HAVE_LIBCRYPTO + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), + NULL, + NULL, + NULL, + &key); + assert_true(rc == -1); +#endif + + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), + passphrase, + NULL, + NULL, + &key); + assert_return_code(rc, errno); + + rc = ssh_key_is_private(key); + assert_true(rc == 1); + + ssh_key_free(key); + key = NULL; + + /* test if it returns -1 if passphrase is wrong */ + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), + "wrong passphrase !!", + NULL, + NULL, + &key); + assert_true(rc == -1); + +#ifndef HAVE_LIBCRYPTO + /* test if it returns -1 if passphrase is NULL */ + /* libcrypto asks for a passphrase, so skip this test */ + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1), + NULL, + NULL, + NULL, + &key); + assert_true(rc == -1); +#endif /* HAVE_LIBCRYPTO */ +} + +static void torture_pki_dsa_publickey_from_privatekey(void **state) +{ + int rc; + ssh_key key; + ssh_key pubkey; + const char *passphrase = NULL; + + (void) state; /* unused */ + + rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0), + passphrase, + NULL, + NULL, + &key); + assert_true(rc == 0); + + rc = ssh_key_is_private(key); + assert_true(rc == 1); + + rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey); + assert_true(rc == SSH_OK); + + ssh_key_free(key); + ssh_key_free(pubkey); +} + +static void torture_pki_dsa_import_cert_file(void **state) +{ + int rc; + ssh_key cert; + enum ssh_keytypes_e type; + + (void) state; /* unused */ + + rc = ssh_pki_import_cert_file(LIBSSH_DSA_TESTKEY "-cert.pub", &cert); + assert_true(rc == 0); + + type = ssh_key_type(cert); + assert_true(type == SSH_KEYTYPE_DSS_CERT01); + + rc = ssh_key_is_public(cert); + assert_true(rc == 1); + + ssh_key_free(cert); +} + +static void torture_pki_dsa_publickey_base64(void **state) +{ + enum ssh_keytypes_e type; + char *b64_key, *key_buf, *p; + const char *q; + ssh_key key; + int rc; + + (void) state; /* unused */ + + key_buf = strdup(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0)); + assert_true(key_buf != NULL); + + q = p = key_buf; + while (*p != ' ') p++; + *p = '\0'; + + type = ssh_key_type_from_name(q); + assert_true(type == SSH_KEYTYPE_DSS); + + q = ++p; + while (*p != ' ') p++; + *p = '\0'; + + rc = ssh_pki_import_pubkey_base64(q, type, &key); + assert_true(rc == 0); + + rc = ssh_pki_export_pubkey_base64(key, &b64_key); + assert_true(rc == 0); + + assert_string_equal(q, b64_key); + + free(b64_key); + free(key_buf); + ssh_key_free(key); +} + +static void torture_pki_dsa_generate_pubkey_from_privkey(void **state) +{ + char pubkey_generated[4096] = {0}; + ssh_key privkey; + ssh_key pubkey; + int len; + int rc; + + (void) state; /* unused */ + + /* remove the public key, generate it from the private key and write it. */ + unlink(LIBSSH_DSA_TESTKEY ".pub"); + + rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, + NULL, + NULL, + NULL, + &privkey); + assert_true(rc == 0); + + rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey); + assert_true(rc == SSH_OK); + + rc = ssh_pki_export_pubkey_file(pubkey, LIBSSH_DSA_TESTKEY ".pub"); + assert_true(rc == 0); + + rc = torture_read_one_line(LIBSSH_DSA_TESTKEY ".pub", + pubkey_generated, + sizeof(pubkey_generated)); + assert_true(rc == 0); + + len = torture_pubkey_len(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0)); + assert_memory_equal(torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0), + pubkey_generated, + len); + + ssh_key_free(privkey); + ssh_key_free(pubkey); +} + +static void torture_pki_dsa_duplicate_key(void **state) +{ + int rc; + char *b64_key; + char *b64_key_gen; + ssh_key pubkey; + ssh_key privkey; + ssh_key privkey_dup; + + (void) state; + + rc = ssh_pki_import_pubkey_file(LIBSSH_DSA_TESTKEY ".pub", &pubkey); + assert_true(rc == 0); + + rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key); + assert_true(rc == 0); + ssh_key_free(pubkey); + + rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY, + NULL, + NULL, + NULL, + &privkey); + assert_true(rc == 0); + + privkey_dup = ssh_key_dup(privkey); + assert_true(privkey_dup != NULL); + + rc = ssh_pki_export_privkey_to_pubkey(privkey, &pubkey); + assert_true(rc == SSH_OK); + + rc = ssh_pki_export_pubkey_base64(pubkey, &b64_key_gen); + assert_true(rc == 0); + + assert_string_equal(b64_key, b64_key_gen); + + rc = ssh_key_cmp(privkey, privkey_dup, SSH_KEY_CMP_PRIVATE); + assert_true(rc == 0); + + ssh_key_free(pubkey); + ssh_key_free(privkey); + ssh_key_free(privkey_dup); + ssh_string_free_char(b64_key); + ssh_string_free_char(b64_key_gen); +} + +static void torture_pki_dsa_generate_key(void **state) +{ + int rc; + ssh_key key; + ssh_signature sign; + ssh_session session=ssh_new(); + (void) state; + + rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 1024, &key); + assert_true(rc == SSH_OK); + assert_true(key != NULL); + sign = pki_do_sign(key, DSA_HASH, 20); + assert_true(sign != NULL); + rc = pki_signature_verify(session,sign,key,DSA_HASH,20); + assert_true(rc == SSH_OK); + ssh_signature_free(sign); + ssh_key_free(key); + key=NULL; + + rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 2048, &key); + assert_true(rc == SSH_OK); + assert_true(key != NULL); + sign = pki_do_sign(key, DSA_HASH, 20); + assert_true(sign != NULL); + rc = pki_signature_verify(session,sign,key,DSA_HASH,20); + assert_true(rc == SSH_OK); + ssh_signature_free(sign); + ssh_key_free(key); + key=NULL; + + rc = ssh_pki_generate(SSH_KEYTYPE_DSS, 3072, &key); + assert_true(rc == SSH_OK); + assert_true(key != NULL); + sign = pki_do_sign(key, DSA_HASH, 20); + assert_true(sign != NULL); + rc = pki_signature_verify(session,sign,key,DSA_HASH,20); + assert_true(rc == SSH_OK); + ssh_signature_free(sign); + ssh_key_free(key); + key=NULL; + + ssh_free(session); +} + +int torture_run_tests(void) +{ + int rc; + struct CMUnitTest tests[] = { + cmocka_unit_test_setup_teardown(torture_pki_dsa_import_privkey_base64, + setup_dsa_key, + teardown_dsa_key), + cmocka_unit_test_setup_teardown(torture_pki_dsa_publickey_from_privatekey, + setup_dsa_key, + teardown_dsa_key), + cmocka_unit_test_setup_teardown(torture_pki_dsa_import_cert_file, + setup_dsa_key, + teardown_dsa_key), +#ifdef HAVE_LIBCRYPTO + cmocka_unit_test_setup_teardown(torture_pki_dsa_write_privkey, + setup_dsa_key, + teardown_dsa_key), +#endif + cmocka_unit_test(torture_pki_dsa_import_privkey_base64_passphrase), + + /* public key */ + cmocka_unit_test_setup_teardown(torture_pki_dsa_publickey_base64, + setup_dsa_key, + teardown_dsa_key), + cmocka_unit_test_setup_teardown(torture_pki_dsa_generate_pubkey_from_privkey, + setup_dsa_key, + teardown_dsa_key), + cmocka_unit_test_setup_teardown(torture_pki_dsa_duplicate_key, + setup_dsa_key, + teardown_dsa_key), + cmocka_unit_test_setup_teardown(torture_pki_dsa_duplicate_key, + setup_dsa_key, + teardown_dsa_key), + cmocka_unit_test(torture_pki_dsa_generate_key), + }; + + ssh_init(); + torture_filter_tests(tests); + rc = cmocka_run_group_tests(tests, NULL, NULL); + ssh_finalize(); + return rc; +} |