aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/client/torture_knownhosts.c14
-rw-r--r--tests/pkd/pkd_daemon.c2
-rw-r--r--tests/pkd/pkd_daemon.h2
-rw-r--r--tests/pkd/pkd_hello.c99
-rw-r--r--tests/pkd/pkd_keyutil.c8
-rw-r--r--tests/pkd/pkd_keyutil.h10
-rw-r--r--tests/test_ssh_bind_accept_fd.c8
-rw-r--r--tests/torture.c24
-rw-r--r--tests/unittests/torture_keyfiles.c18
-rw-r--r--tests/unittests/torture_options.c2
-rw-r--r--tests/unittests/torture_pki.c53
11 files changed, 234 insertions, 6 deletions
diff --git a/tests/client/torture_knownhosts.c b/tests/client/torture_knownhosts.c
index 1702b467..cfa47deb 100644
--- a/tests/client/torture_knownhosts.c
+++ b/tests/client/torture_knownhosts.c
@@ -40,6 +40,7 @@
"YgIytryNn7LLiwYfoSxvWigFrTTZsrVtCOYyNgklmffpGdzuC43wdANvTewfI9G" \
"o71r8EXmEc228CrYPmb8Scv3mpXFK/BosohSGkPlEHu9lf3YjnknBicDaVtJOYp" \
"wnXJPjZo2EhG79HxDRpjJHH"
+#ifdef HAVE_DSA
#define BADDSA "AAAAB3NzaC1kc3MAAACBAITDKqGQ5aC5wHySG6ZdL1+BVBY2nLP5vzw3i3pvZfP" \
"yNUS0UCwrt5pajsMvDRGXXebTJhWVonDnv8tpSgiuIBXMZrma8CU1KCFGRzwb/n8" \
"cc5tJmIphlOUTrObjBmsRz7u1eZmoaddXC9ask6BNnt0DmhzYi2esL3mbardy8IN" \
@@ -50,6 +51,7 @@
"EcxqLVllrNEvd2EGD9p16BYO2yaalYon8im59PtOcul2ay5XQ6rVDQ2T0pgNUpsI" \
"h0dSi8VJXI1wes5HTyLsv9VBmU1uCXUUvufoQKfF/OcSH0ufcCpnd62g1/adZcy2" \
"WJg=="
+#endif
static int sshd_setup(void **state)
{
@@ -187,6 +189,7 @@ static void torture_knownhosts_fail(void **state) {
assert_int_equal(rc, SSH_SERVER_KNOWN_CHANGED);
}
+#ifdef HAVE_DSA
static void torture_knownhosts_other(void **state) {
struct torture_state *s = *state;
ssh_session session = s->ssh.session;
@@ -272,6 +275,7 @@ static void torture_knownhosts_other_auto(void **state) {
/* session will be freed by session_teardown() */
}
+#endif
static void torture_knownhosts_conflict(void **state) {
struct torture_state *s = *state;
@@ -298,7 +302,9 @@ static void torture_knownhosts_conflict(void **state) {
file = fopen(known_hosts_file, "w");
assert_true(file != NULL);
fprintf(file, "127.0.0.10 ssh-rsa %s\n", BADRSA);
+#ifdef HAVE_DSA
fprintf(file, "127.0.0.10 ssh-dss %s\n", BADDSA);
+#endif
fclose(file);
rc = ssh_connect(session);
@@ -356,15 +362,21 @@ static void torture_knownhosts_precheck(void **state) {
file = fopen(known_hosts_file, "w");
assert_true(file != NULL);
fprintf(file, "127.0.0.10 ssh-rsa %s\n", BADRSA);
+#ifdef HAVE_DSA
fprintf(file, "127.0.0.10 ssh-dss %s\n", BADDSA);
+#endif
fclose(file);
kex = ssh_knownhosts_algorithms(session);
assert_true(kex != NULL);
assert_string_equal(kex[0],"ssh-rsa");
+#ifdef HAVE_DSA
assert_string_equal(kex[1],"ssh-dss");
assert_true(kex[2]==NULL);
free(kex[1]);
+#else
+ assert_true(kex[1]==NULL);
+#endif
free(kex[0]);
free(kex);
}
@@ -378,12 +390,14 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_knownhosts_fail,
session_setup,
session_teardown),
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_knownhosts_other,
session_setup,
session_teardown),
cmocka_unit_test_setup_teardown(torture_knownhosts_other_auto,
session_setup,
session_teardown),
+#endif
cmocka_unit_test_setup_teardown(torture_knownhosts_conflict,
session_setup,
session_teardown),
diff --git a/tests/pkd/pkd_daemon.c b/tests/pkd/pkd_daemon.c
index 9860ca56..a128c8e9 100644
--- a/tests/pkd/pkd_daemon.c
+++ b/tests/pkd/pkd_daemon.c
@@ -253,8 +253,10 @@ static int pkd_exec_hello(int fd, struct pkd_daemon_args *args) {
if (type == PKD_RSA) {
opts = SSH_BIND_OPTIONS_RSAKEY;
+#ifdef HAVE_DSA
} else if (type == PKD_DSA) {
opts = SSH_BIND_OPTIONS_DSAKEY;
+#endif
} else if (type == PKD_ECDSA) {
opts = SSH_BIND_OPTIONS_ECDSAKEY;
} else {
diff --git a/tests/pkd/pkd_daemon.h b/tests/pkd/pkd_daemon.h
index 7f553fdf..3107ed1e 100644
--- a/tests/pkd/pkd_daemon.h
+++ b/tests/pkd/pkd_daemon.h
@@ -10,7 +10,9 @@
enum pkd_hostkey_type_e {
PKD_RSA,
+#ifdef HAVE_DSA
PKD_DSA,
+#endif
PKD_ECDSA
};
diff --git a/tests/pkd/pkd_hello.c b/tests/pkd/pkd_hello.c
index 4db8ee5c..e0c0cbf6 100644
--- a/tests/pkd/pkd_hello.c
+++ b/tests/pkd/pkd_hello.c
@@ -146,12 +146,14 @@ static int torture_pkd_setup_rsa(void **state) {
return 0;
}
+#ifdef HAVE_DSA
static int torture_pkd_setup_dsa(void **state) {
setup_dsa_key();
*state = (void *) torture_pkd_setup(PKD_DSA, LIBSSH_DSA_TESTKEY);
return 0;
}
+#endif
static int torture_pkd_setup_ecdsa_256(void **state) {
setup_ecdsa_keys();
@@ -178,6 +180,7 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
* Test matrices: f(clientname, testname, ssh-command, setup-function, teardown-function).
*/
+#ifdef HAVE_DSA
#define PKDTESTS_DEFAULT(f, client, cmd) \
/* Default passes by server key type. */ \
f(client, rsa_default, cmd, setup_rsa, teardown) \
@@ -185,7 +188,16 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_256_default, cmd, setup_ecdsa_256, teardown) \
f(client, ecdsa_384_default, cmd, setup_ecdsa_384, teardown) \
f(client, ecdsa_521_default, cmd, setup_ecdsa_521, teardown)
+#else
+#define PKDTESTS_DEFAULT(f, client, cmd) \
+ /* Default passes by server key type. */ \
+ f(client, rsa_default, cmd, setup_rsa, teardown) \
+ f(client, ecdsa_256_default, cmd, setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_default, cmd, setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_default, cmd, setup_ecdsa_521, teardown)
+#endif
+#ifdef HAVE_DSA
#define PKDTESTS_KEX(f, client, kexcmd) \
/* Kex algorithms. */ \
f(client, rsa_curve25519_sha256, kexcmd("curve25519-sha256@libssh.org"), setup_rsa, teardown) \
@@ -218,7 +230,28 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_521_ecdh_sha2_nistp521, kexcmd("ecdh-sha2-nistp521 "), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_521, teardown)
+#else
+#define PKDTESTS_KEX(f, client, kexcmd) \
+ /* Kex algorithms. */ \
+ f(client, rsa_curve25519_sha256, kexcmd("curve25519-sha256@libssh.org"), setup_rsa, teardown) \
+ f(client, rsa_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256 "), setup_rsa, teardown) \
+ f(client, rsa_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_rsa, teardown) \
+ f(client, rsa_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_rsa, teardown) \
+ f(client, ecdsa_256_curve25519_sha256, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256 "), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_curve25519_sha256, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256 "), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_curve25519_sha256, kexcmd("curve25519-sha256@libssh.org"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_ecdh_sha2_nistp256, kexcmd("ecdh-sha2-nistp256 "), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_diffie_hellman_group14_sha1, kexcmd("diffie-hellman-group14-sha1"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_diffie_hellman_group1_sha1, kexcmd("diffie-hellman-group1-sha1"), setup_ecdsa_521, teardown)
+#endif
+#ifdef HAVE_DSA
#define PKDTESTS_CIPHER(f, client, ciphercmd) \
/* Ciphers. */ \
f(client, rsa_3des_cbc, ciphercmd("3des-cbc"), setup_rsa, teardown) \
@@ -251,7 +284,36 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_521_aes256_cbc, ciphercmd("aes256-cbc"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_aes256_ctr, ciphercmd("aes256-ctr"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_blowfish_cbc, ciphercmd("blowfish-cbc"), setup_ecdsa_521, teardown)
+#else
+#define PKDTESTS_CIPHER(f, client, ciphercmd) \
+ /* Ciphers. */ \
+ f(client, rsa_3des_cbc, ciphercmd("3des-cbc"), setup_rsa, teardown) \
+ f(client, rsa_aes128_cbc, ciphercmd("aes128-cbc"), setup_rsa, teardown) \
+ f(client, rsa_aes128_ctr, ciphercmd("aes128-ctr"), setup_rsa, teardown) \
+ f(client, rsa_aes256_cbc, ciphercmd("aes256-cbc"), setup_rsa, teardown) \
+ f(client, rsa_aes256_ctr, ciphercmd("aes256-ctr"), setup_rsa, teardown) \
+ f(client, rsa_blowfish_cbc, ciphercmd("blowfish-cbc"), setup_rsa, teardown) \
+ f(client, ecdsa_256_3des_cbc, ciphercmd("3des-cbc"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_aes128_cbc, ciphercmd("aes128-cbc"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_aes128_ctr, ciphercmd("aes128-ctr"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_aes256_cbc, ciphercmd("aes256-cbc"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_aes256_ctr, ciphercmd("aes256-ctr"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_blowfish_cbc, ciphercmd("blowfish-cbc"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_3des_cbc, ciphercmd("3des-cbc"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_aes128_cbc, ciphercmd("aes128-cbc"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_aes128_ctr, ciphercmd("aes128-ctr"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_aes256_cbc, ciphercmd("aes256-cbc"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_aes256_ctr, ciphercmd("aes256-ctr"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_blowfish_cbc, ciphercmd("blowfish-cbc"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_3des_cbc, ciphercmd("3des-cbc"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_aes128_cbc, ciphercmd("aes128-cbc"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_aes128_ctr, ciphercmd("aes128-ctr"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_aes256_cbc, ciphercmd("aes256-cbc"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_aes256_ctr, ciphercmd("aes256-ctr"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_blowfish_cbc, ciphercmd("blowfish-cbc"), setup_ecdsa_521, teardown)
+#endif
+#ifdef HAVE_DSA
#define PKDTESTS_CIPHER_OPENSSHONLY(f, client, ciphercmd) \
/* Ciphers. */ \
f(client, rsa_aes192_cbc, ciphercmd("aes192-cbc"), setup_rsa, teardown) \
@@ -264,7 +326,20 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_384_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_384, teardown) \
f(client, ecdsa_521_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_521, teardown) \
f(client, ecdsa_521_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_521, teardown)
+#else
+#define PKDTESTS_CIPHER_OPENSSHONLY(f, client, ciphercmd) \
+ /* Ciphers. */ \
+ f(client, rsa_aes192_cbc, ciphercmd("aes192-cbc"), setup_rsa, teardown) \
+ f(client, rsa_aes192_ctr, ciphercmd("aes192-ctr"), setup_rsa, teardown) \
+ f(client, ecdsa_256_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_256_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_384_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_521, teardown) \
+ f(client, ecdsa_521_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_521, teardown)
+#endif
+#ifdef HAVE_DSA
#define PKDTESTS_MAC(f, client, maccmd) \
/* MACs. */ \
f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \
@@ -282,6 +357,22 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \
f(client, ecdsa_384_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_384, teardown) \
f(client, ecdsa_521_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_521, teardown)
+#else
+#define PKDTESTS_MAC(f, client, maccmd) \
+ /* MACs. */ \
+ f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \
+ f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \
+ f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown) \
+ f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) \
+ f(client, rsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_rsa, teardown) \
+ f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \
+ f(client, ecdsa_384_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_384, teardown) \
+ f(client, ecdsa_521_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_521, teardown)
+#endif
static void torture_pkd_client_noop(void **state) {
struct pkd_state *pstate = (struct pkd_state *) (*state);
@@ -328,6 +419,7 @@ static void torture_pkd_runtest(const char *testname,
* Actual test functions are emitted here.
*/
+#ifdef HAVE_DSA
#define CLIENT_ID_FILE OPENSSH_DSA_TESTKEY
PKDTESTS_DEFAULT(emit_keytest, openssh_dsa, OPENSSH_CMD)
PKDTESTS_KEX(emit_keytest, openssh_dsa, OPENSSH_KEX_CMD)
@@ -335,6 +427,7 @@ PKDTESTS_CIPHER(emit_keytest, openssh_dsa, OPENSSH_CIPHER_CMD)
PKDTESTS_CIPHER_OPENSSHONLY(emit_keytest, openssh_dsa, OPENSSH_CIPHER_CMD)
PKDTESTS_MAC(emit_keytest, openssh_dsa, OPENSSH_MAC_CMD)
#undef CLIENT_ID_FILE
+#endif
#define CLIENT_ID_FILE OPENSSH_RSA_TESTKEY
PKDTESTS_DEFAULT(emit_keytest, openssh_rsa, OPENSSH_CMD)
@@ -393,11 +486,13 @@ struct {
const struct CMUnitTest test;
} testmap[] = {
/* OpenSSH */
+#ifdef HAVE_DSA
PKDTESTS_DEFAULT(emit_testmap, openssh_dsa, OPENSSH_CMD)
PKDTESTS_KEX(emit_testmap, openssh_dsa, OPENSSH_KEX_CMD)
PKDTESTS_CIPHER(emit_testmap, openssh_dsa, OPENSSH_CIPHER_CMD)
PKDTESTS_CIPHER_OPENSSHONLY(emit_testmap, openssh_dsa, OPENSSH_CIPHER_CMD)
PKDTESTS_MAC(emit_testmap, openssh_dsa, OPENSSH_MAC_CMD)
+#endif
PKDTESTS_DEFAULT(emit_testmap, openssh_rsa, OPENSSH_CMD)
PKDTESTS_KEX(emit_testmap, openssh_rsa, OPENSSH_KEX_CMD)
@@ -438,11 +533,13 @@ static int pkd_run_tests(void) {
int tindex = 0;
const struct CMUnitTest openssh_tests[] = {
+#ifdef HAVE_DSA
PKDTESTS_DEFAULT(emit_unit_test_comma, openssh_dsa, OPENSSH_CMD)
PKDTESTS_KEX(emit_unit_test_comma, openssh_dsa, OPENSSH_KEX_CMD)
PKDTESTS_CIPHER(emit_unit_test_comma, openssh_dsa, OPENSSH_CIPHER_CMD)
PKDTESTS_CIPHER_OPENSSHONLY(emit_unit_test_comma, openssh_dsa, OPENSSH_CIPHER_CMD)
PKDTESTS_MAC(emit_unit_test_comma, openssh_dsa, OPENSSH_MAC_CMD)
+#endif
PKDTESTS_DEFAULT(emit_unit_test_comma, openssh_rsa, OPENSSH_CMD)
PKDTESTS_KEX(emit_unit_test_comma, openssh_rsa, OPENSSH_KEX_CMD)
@@ -546,7 +643,9 @@ static int pkd_run_tests(void) {
/* Clean up any server keys that were generated. */
cleanup_rsa_key();
+#ifdef HAVE_DSA
cleanup_dsa_key();
+#endif
cleanup_ecdsa_keys();
return rc;
diff --git a/tests/pkd/pkd_keyutil.c b/tests/pkd/pkd_keyutil.c
index e1e1ecb8..7cb2ed48 100644
--- a/tests/pkd/pkd_keyutil.c
+++ b/tests/pkd/pkd_keyutil.c
@@ -27,6 +27,7 @@ void setup_rsa_key() {
assert_int_equal(rc, 0);
}
+#ifdef HAVE_DSA
void setup_dsa_key() {
int rc = 0;
if (access(LIBSSH_DSA_TESTKEY, F_OK) != 0) {
@@ -35,6 +36,7 @@ void setup_dsa_key() {
}
assert_int_equal(rc, 0);
}
+#endif
void setup_ecdsa_keys() {
int rc = 0;
@@ -65,9 +67,11 @@ void cleanup_rsa_key() {
cleanup_key(LIBSSH_RSA_TESTKEY, LIBSSH_RSA_TESTKEY ".pub");
}
+#ifdef HAVE_DSA
void cleanup_dsa_key() {
cleanup_key(LIBSSH_DSA_TESTKEY, LIBSSH_DSA_TESTKEY ".pub");
}
+#endif
void cleanup_ecdsa_keys() {
cleanup_key(LIBSSH_ECDSA_256_TESTKEY, LIBSSH_ECDSA_256_TESTKEY ".pub");
@@ -78,11 +82,13 @@ void cleanup_ecdsa_keys() {
void setup_openssh_client_keys() {
int rc = 0;
+#ifdef HAVE_DSA
if (access(OPENSSH_DSA_TESTKEY, F_OK) != 0) {
rc = system_checked(OPENSSH_KEYGEN " -t dsa -q -N \"\" -f "
OPENSSH_DSA_TESTKEY);
}
assert_int_equal(rc, 0);
+#endif
if (access(OPENSSH_RSA_TESTKEY, F_OK) != 0) {
rc = system_checked(OPENSSH_KEYGEN " -t rsa -q -N \"\" -f "
@@ -116,7 +122,9 @@ void setup_openssh_client_keys() {
}
void cleanup_openssh_client_keys() {
+#ifdef HAVE_DSA
cleanup_key(OPENSSH_DSA_TESTKEY, OPENSSH_DSA_TESTKEY ".pub");
+#endif
cleanup_key(OPENSSH_RSA_TESTKEY, OPENSSH_RSA_TESTKEY ".pub");
cleanup_key(OPENSSH_ECDSA256_TESTKEY, OPENSSH_ECDSA256_TESTKEY ".pub");
cleanup_key(OPENSSH_ECDSA384_TESTKEY, OPENSSH_ECDSA384_TESTKEY ".pub");
diff --git a/tests/pkd/pkd_keyutil.h b/tests/pkd/pkd_keyutil.h
index 8e9de009..3d0ae5a7 100644
--- a/tests/pkd/pkd_keyutil.h
+++ b/tests/pkd/pkd_keyutil.h
@@ -7,22 +7,32 @@
#ifndef __PKD_KEYUTIL_H__
#define __PKD_KEYUTIL_H__
+#include "config.h"
+
/* Server keys. */
+#ifdef HAVE_DSA
#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa"
+#endif
#define LIBSSH_RSA_TESTKEY "libssh_testkey.id_rsa"
#define LIBSSH_ECDSA_256_TESTKEY "libssh_testkey.id_ecdsa256"
#define LIBSSH_ECDSA_384_TESTKEY "libssh_testkey.id_ecdsa384"
#define LIBSSH_ECDSA_521_TESTKEY "libssh_testkey.id_ecdsa521"
+#ifdef HAVE_DSA
void setup_dsa_key(void);
+#endif
void setup_rsa_key(void);
void setup_ecdsa_keys(void);
+#ifdef HAVE_DSA
void cleanup_dsa_key(void);
+#endif
void cleanup_rsa_key(void);
void cleanup_ecdsa_keys(void);
/* Client keys. */
+#ifdef HAVE_DSA
#define OPENSSH_DSA_TESTKEY "openssh_testkey.id_dsa"
+#endif
#define OPENSSH_RSA_TESTKEY "openssh_testkey.id_rsa"
#define OPENSSH_ECDSA256_TESTKEY "openssh_testkey.id_ecdsa256"
#define OPENSSH_ECDSA384_TESTKEY "openssh_testkey.id_ecdsa384"
diff --git a/tests/test_ssh_bind_accept_fd.c b/tests/test_ssh_bind_accept_fd.c
index 7611cf4c..5aa8211a 100644
--- a/tests/test_ssh_bind_accept_fd.c
+++ b/tests/test_ssh_bind_accept_fd.c
@@ -73,10 +73,18 @@ void ssh_server() {
errx(1, "ssh_bind_new");
}
+#ifdef HAVE_DSA
+ /*TODO mbedtls this is probably required */
if (ssh_bind_options_set(bind, SSH_BIND_OPTIONS_DSAKEY,
options.server_keyfile) != SSH_OK) {
errx(1, "ssh_bind_options_set(SSH_BIND_OPTIONS_DSAKEY");
}
+#else
+ if (ssh_bind_options_set(bind, SSH_BIND_OPTIONS_RSAKEY,
+ options.server_keyfile) != SSH_OK) {
+ errx(1, "ssh_bind_options_set(SSH_BIND_OPTIONS_RSAKEY");
+ }
+#endif
session = ssh_new();
if (!session) {
diff --git a/tests/torture.c b/tests/torture.c
index 8486eb41..26f15ce0 100644
--- a/tests/torture.c
+++ b/tests/torture.c
@@ -113,6 +113,7 @@ static const char torture_rsa_testkey_cert[] =
"neB6OdgTpKFsmgPZVtqrvhjw+b5T8a4W4iWSl+6wg6gowAm "
"rsa_privkey.pub\n";
+#ifdef HAVE_DSA
static const char torture_dsa_testkey[] =
"-----BEGIN DSA PRIVATE KEY-----\n"
"MIIBuwIBAAKBgQCUyvVPEkn3UnZDjzCzSzSHpTltzr0Ec+1mz/JACjHMBJ9C/W/P\n"
@@ -167,6 +168,7 @@ static const char torture_dsa_testkey_cert[] =
"4mMXgzaLViFtcwah6wHGlW0UPQMvrq/RqigAkyUszSccfibkIXJ+wGAgsRYhVAMwME"
"JqPZ6GHOEIjLBKUegsclHb7Pk0YO8Auaw== "
"aris@aris-air\n";
+#endif
static const char torture_rsa_testkey_pp[] =
"-----BEGIN RSA PRIVATE KEY-----\n"
@@ -200,6 +202,7 @@ static const char torture_rsa_testkey_pp[] =
"JSvUyxoaZUjQkT7iF94HsF+FVVJdI55UjgnMiZ0d5vKffWyTHYcYHkFYaSloAMWN\n"
"-----END RSA PRIVATE KEY-----\n";
+#ifdef HAVE_DSA
static const char torture_dsa_testkey_pp[] =
"-----BEGIN DSA PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n"
@@ -216,6 +219,7 @@ static const char torture_dsa_testkey_pp[] =
"HTSuHZ7edjoWqwnl/vkc3+nG//IEj8LqAacx0i4krDcQpGuQ6BnPfwPFco2NQQpw\n"
"wHBOL6HrOnD+gGs6DUFwzA==\n"
"-----END DSA PRIVATE KEY-----\n";
+#endif
static const char torture_ecdsa256_testkey[] =
"-----BEGIN EC PRIVATE KEY-----\n"
@@ -571,9 +575,11 @@ ssh_bind torture_ssh_bind(const char *addr,
}
switch (key_type) {
+#ifdef HAVE_DSA
case SSH_KEYTYPE_DSS:
opts = SSH_BIND_OPTIONS_DSAKEY;
break;
+#endif
case SSH_KEYTYPE_RSA:
opts = SSH_BIND_OPTIONS_RSAKEY;
break;
@@ -694,6 +700,7 @@ static const char *torture_get_testkey_internal(enum ssh_keytypes_e type,
int pubkey)
{
switch (type) {
+#ifdef HAVE_DSA
case SSH_KEYTYPE_DSS:
if (pubkey) {
return torture_dsa_testkey_pub;
@@ -701,6 +708,7 @@ static const char *torture_get_testkey_internal(enum ssh_keytypes_e type,
return torture_dsa_testkey_pp;
}
return torture_dsa_testkey;
+#endif
case SSH_KEYTYPE_RSA:
if (pubkey) {
return torture_rsa_testkey_pub;
@@ -738,8 +746,10 @@ static const char *torture_get_testkey_internal(enum ssh_keytypes_e type,
return torture_ed25519_testkey_pp;
}
return torture_ed25519_testkey;
+#ifdef HAVE_DSA
case SSH_KEYTYPE_DSS_CERT01:
return torture_dsa_testkey_cert;
+#endif
case SSH_KEYTYPE_RSA_CERT01:
return torture_rsa_testkey_cert;
case SSH_KEYTYPE_RSA1:
@@ -862,7 +872,9 @@ void torture_setup_socket_dir(void **state)
static void torture_setup_create_sshd_config(void **state)
{
struct torture_state *s = *state;
+#ifdef HAVE_DSA
char dsa_hostkey[1024];
+#endif
char rsa_hostkey[1024];
char ecdsa_hostkey[1024];
char trusted_ca_pubkey[1024];
@@ -882,7 +894,9 @@ static void torture_setup_create_sshd_config(void **state)
const char config_string[]=
"Port 22\n"
"ListenAddress 127.0.0.10\n"
+#ifdef HAVE_DSA
"HostKey %s\n"
+#endif
"HostKey %s\n"
"HostKey %s\n"
"\n"
@@ -901,8 +915,12 @@ static void torture_setup_create_sshd_config(void **state)
"UsePAM yes\n"
"\n"
#if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7)
+# ifdef HAVE_DSA
"HostKeyAlgorithms +ssh-dss\n"
-# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6)
+# else
+ "HostKeyAlgorithms +ssh-rsa\n"
+# endif
+# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6)
"Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n"
# else
"Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc\n"
@@ -939,11 +957,13 @@ static void torture_setup_create_sshd_config(void **state)
rc = mkdir(sshd_path, 0755);
assert_return_code(rc, errno);
+#ifdef HAVE_DSA
snprintf(dsa_hostkey,
sizeof(dsa_hostkey),
"%s/sshd/ssh_host_dsa_key",
s->socket_dir);
torture_write_file(dsa_hostkey, torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
+#endif
snprintf(rsa_hostkey,
sizeof(rsa_hostkey),
@@ -980,7 +1000,9 @@ static void torture_setup_create_sshd_config(void **state)
snprintf(sshd_config, sizeof(sshd_config),
config_string,
+#ifdef HAVE_DSA
dsa_hostkey,
+#endif
rsa_hostkey,
ecdsa_hostkey,
trusted_ca_pubkey,
diff --git a/tests/unittests/torture_keyfiles.c b/tests/unittests/torture_keyfiles.c
index 023396e7..ea456050 100644
--- a/tests/unittests/torture_keyfiles.c
+++ b/tests/unittests/torture_keyfiles.c
@@ -6,7 +6,9 @@
#include "legacy.c"
#define LIBSSH_RSA_TESTKEY "libssh_testkey.id_rsa"
+#ifdef HAVE_DSA
#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa"
+#endif
static int setup_rsa_key(void **state)
{
@@ -26,6 +28,7 @@ static int setup_rsa_key(void **state)
return 0;
}
+#ifdef HAVE_DSA
static int setup_dsa_key(void **state)
{
ssh_session session;
@@ -43,6 +46,7 @@ static int setup_dsa_key(void **state)
return 0;
}
+#endif
static int setup_both_keys(void **state) {
int rc;
@@ -51,9 +55,11 @@ static int setup_both_keys(void **state) {
if (rc != 0) {
return rc;
}
+#ifdef HAVE_DSA
ssh_free(*state);
rc = setup_dsa_key(state);
+#endif
return rc;
}
@@ -67,10 +73,12 @@ static int setup_both_keys_passphrase(void **state)
torture_write_file(LIBSSH_RSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_RSA, 0));
+#ifdef HAVE_DSA
torture_write_file(LIBSSH_DSA_TESTKEY,
torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1));
torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
+#endif
session = ssh_new();
*state = session;
@@ -80,8 +88,10 @@ static int setup_both_keys_passphrase(void **state)
static int teardown(void **state)
{
+#ifdef HAVE_DSA
unlink(LIBSSH_DSA_TESTKEY);
unlink(LIBSSH_DSA_TESTKEY ".pub");
+#endif
unlink(LIBSSH_RSA_TESTKEY);
unlink(LIBSSH_RSA_TESTKEY ".pub");
@@ -216,12 +226,14 @@ static void torture_privatekey_from_file(void **state) {
key = NULL;
}
+#ifdef HAVE_DSA
key = privatekey_from_file(session, LIBSSH_DSA_TESTKEY, SSH_KEYTYPE_DSS, NULL);
assert_true(key != NULL);
if (key != NULL) {
privatekey_free(key);
key = NULL;
}
+#endif
/* Test the automatic type discovery */
key = privatekey_from_file(session, LIBSSH_RSA_TESTKEY, 0, NULL);
@@ -231,12 +243,14 @@ static void torture_privatekey_from_file(void **state) {
key = NULL;
}
+#ifdef HAVE_DSA
key = privatekey_from_file(session, LIBSSH_DSA_TESTKEY, 0, NULL);
assert_true(key != NULL);
if (key != NULL) {
privatekey_free(key);
key = NULL;
}
+#endif
}
/**
@@ -253,12 +267,14 @@ static void torture_privatekey_from_file_passphrase(void **state) {
key = NULL;
}
+#ifdef HAVE_DSA
key = privatekey_from_file(session, LIBSSH_DSA_TESTKEY, SSH_KEYTYPE_DSS, TORTURE_TESTKEY_PASSWORD);
assert_true(key != NULL);
if (key != NULL) {
privatekey_free(key);
key = NULL;
}
+#endif
/* Test the automatic type discovery */
key = privatekey_from_file(session, LIBSSH_RSA_TESTKEY, 0, TORTURE_TESTKEY_PASSWORD);
@@ -268,12 +284,14 @@ static void torture_privatekey_from_file_passphrase(void **state) {
key = NULL;
}
+#ifdef HAVE_DSA
key = privatekey_from_file(session, LIBSSH_DSA_TESTKEY, 0, TORTURE_TESTKEY_PASSWORD);
assert_true(key != NULL);
if (key != NULL) {
privatekey_free(key);
key = NULL;
}
+#endif
}
int torture_run_tests(void) {
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index 66348147..0203ab67 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -366,11 +366,13 @@ static void torture_bind_options_import_key(void **state)
ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key);
rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_IMPORT_KEY, key);
assert_int_equal(rc, 0);
+#ifdef HAVE_DSA
/* set dsa key */
base64_key = torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0);
ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key);
rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_IMPORT_KEY, key);
assert_int_equal(rc, 0);
+#endif
/* set ecdsa key */
base64_key = torture_get_testkey(SSH_KEYTYPE_ECDSA, 512, 0);
ssh_pki_import_privkey_base64(base64_key, NULL, NULL, NULL, &key);
diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c
index b0e6840c..33e7cd89 100644
--- a/tests/unittests/torture_pki.c
+++ b/tests/unittests/torture_pki.c
@@ -8,7 +8,9 @@
#include <fcntl.h>
#define LIBSSH_RSA_TESTKEY "libssh_testkey.id_rsa"
+#ifdef HAVE_DSA
#define LIBSSH_DSA_TESTKEY "libssh_testkey.id_dsa"
+#endif
#define LIBSSH_ECDSA_TESTKEY "libssh_testkey.id_ecdsa"
#define LIBSSH_ED25519_TESTKEY "libssh_testkey.id_ed25519"
@@ -32,6 +34,7 @@ static int setup_rsa_key(void **state)
return 0;
}
+#ifdef HAVE_DSA
static int setup_dsa_key(void **state) {
(void) state; /* unused */
@@ -48,6 +51,7 @@ static int setup_dsa_key(void **state) {
return 0;
}
+#endif
#ifdef HAVE_ECC
static int setup_ecdsa_key(void **state, int ecdsa_bits) {
@@ -103,7 +107,9 @@ static int setup_both_keys(void **state) {
(void) state; /* unused */
setup_rsa_key(state);
+#ifdef HAVE_DSA
setup_dsa_key(state);
+#endif
return 0;
}
@@ -111,9 +117,11 @@ static int setup_both_keys(void **state) {
static int teardown(void **state) {
(void) state; /* unused */
+#ifdef HAVE_DSA
unlink(LIBSSH_DSA_TESTKEY);
unlink(LIBSSH_DSA_TESTKEY ".pub");
unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
+#endif
unlink(LIBSSH_RSA_TESTKEY);
unlink(LIBSSH_RSA_TESTKEY ".pub");
@@ -281,6 +289,7 @@ static void torture_pki_import_privkey_base64_NULL_str(void **state) {
ssh_key_free(key);
}
+#ifdef HAVE_DSA
static void torture_pki_import_privkey_base64_DSA(void **state) {
int rc;
ssh_key key;
@@ -297,6 +306,7 @@ static void torture_pki_import_privkey_base64_DSA(void **state) {
ssh_key_free(key);
}
+#endif
#ifdef HAVE_ECC
static void torture_pki_import_privkey_base64_ECDSA(void **state) {
@@ -349,6 +359,8 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
NULL,
&key);
assert_true(rc == -1);
+ ssh_key_free(key);
+ key = NULL;
#ifndef HAVE_LIBCRYPTO
/* test if it returns -1 if passphrase is NULL */
@@ -359,7 +371,10 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
NULL,
&key);
assert_true(rc == -1);
+ ssh_key_free(key);
+ key = NULL;
#endif
+#ifdef HAVE_DSA
/* same for DSA */
@@ -384,7 +399,6 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
&key);
assert_true(rc == -1);
-#ifndef HAVE_LIBCRYPTO
/* test if it returns -1 if passphrase is NULL */
/* libcrypto asks for a passphrase, so skip this test */
rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_DSS, 0, 1),
@@ -393,10 +407,8 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
NULL,
&key);
assert_true(rc == -1);
-#endif
-
+# endif
/* same for ED25519 */
-
rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_ED25519, 0, 1),
passphrase,
NULL,
@@ -417,7 +429,6 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) {
NULL,
&key);
assert_true(rc == -1);
-
}
static void torture_pki_import_privkey_base64_ed25519(void **state){
@@ -474,6 +485,7 @@ static void torture_pki_pki_publickey_from_privatekey_RSA(void **state) {
ssh_key_free(pubkey);
}
+#ifdef HAVE_DSA
static void torture_pki_pki_publickey_from_privatekey_DSA(void **state) {
int rc;
ssh_key key;
@@ -498,6 +510,7 @@ static void torture_pki_pki_publickey_from_privatekey_DSA(void **state) {
ssh_key_free(key);
ssh_key_free(pubkey);
}
+#endif
static void torture_pki_pki_publickey_from_privatekey_ed25519(void **state){
int rc;
@@ -621,6 +634,7 @@ static void torture_pki_import_cert_file_rsa(void **state) {
ssh_key_free(cert);
}
+#ifdef HAVE_DSA
static void torture_pki_import_cert_file_dsa(void **state) {
int rc;
ssh_key cert;
@@ -676,6 +690,7 @@ static void torture_pki_publickey_dsa_base64(void **state)
free(key_buf);
ssh_key_free(key);
}
+#endif
#ifdef HAVE_ECC
static void torture_pki_publickey_ecdsa_base64(void **state)
@@ -829,6 +844,7 @@ static void torture_generate_pubkey_from_privkey_rsa(void **state) {
ssh_key_free(pubkey);
}
+#ifdef HAVE_DSA
static void torture_generate_pubkey_from_privkey_dsa(void **state) {
char pubkey_generated[4096] = {0};
ssh_key privkey;
@@ -867,6 +883,7 @@ static void torture_generate_pubkey_from_privkey_dsa(void **state) {
ssh_key_free(privkey);
ssh_key_free(pubkey);
}
+#endif
static void torture_generate_pubkey_from_privkey_ed25519(void **state){
char pubkey_generated[4096] = {0};
@@ -997,6 +1014,7 @@ static void torture_pki_duplicate_key_rsa(void **state)
ssh_string_free_char(b64_key_gen);
}
+#ifdef HAVE_DSA
static void torture_pki_duplicate_key_dsa(void **state)
{
int rc;
@@ -1042,6 +1060,7 @@ static void torture_pki_duplicate_key_dsa(void **state)
ssh_string_free_char(b64_key);
ssh_string_free_char(b64_key_gen);
}
+#endif
#ifdef HAVE_ECC
static void torture_pki_duplicate_key_ecdsa(void **state)
@@ -1080,8 +1099,11 @@ static void torture_pki_duplicate_key_ecdsa(void **state)
assert_string_equal(b64_key, b64_key_gen);
+#ifndef HAVE_LIBMBEDCRYPTO
+ /* libmbedcrypto can't compare ecdsa keys */
rc = ssh_key_cmp(privkey, privkey_dup, SSH_KEY_CMP_PRIVATE);
assert_true(rc == 0);
+#endif
ssh_key_free(pubkey);
ssh_key_free(privkey);
@@ -1212,6 +1234,7 @@ static void torture_pki_generate_key_rsa1(void **state)
ssh_free(session);
}
+#ifdef HAVE_DSA
static void torture_pki_generate_key_dsa(void **state)
{
int rc;
@@ -1255,6 +1278,7 @@ static void torture_pki_generate_key_dsa(void **state)
ssh_free(session);
}
+#endif
#ifdef HAVE_ECC
static void torture_pki_generate_key_ecdsa(void **state)
@@ -1478,6 +1502,8 @@ static void torture_pki_write_privkey_ecdsa(void **state)
#endif
#endif /* HAVE_LIBCRYPTO */
+#ifdef HAVE_DSA
+/* TODO mbedtls check if rsa can be used instead of dsa */
static void torture_pki_write_privkey_ed25519(void **state){
ssh_key origkey;
ssh_key privkey;
@@ -1543,6 +1569,7 @@ static void torture_pki_write_privkey_ed25519(void **state){
ssh_key_free(origkey);
ssh_key_free(privkey);
}
+#endif
#ifdef HAVE_ECC
static void torture_pki_ecdsa_name(void **state, const char *expected_name)
@@ -1595,9 +1622,11 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_RSA,
setup_rsa_key,
teardown),
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_DSA,
setup_dsa_key,
teardown),
+#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_import_privkey_base64_ECDSA,
setup_ecdsa_key_256,
@@ -1617,9 +1646,11 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_RSA,
setup_rsa_key,
teardown),
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_DSA,
setup_dsa_key,
teardown),
+#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_publickey_from_privatekey_ECDSA,
setup_ecdsa_key_256,
@@ -1650,6 +1681,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_rsa,
setup_rsa_key,
teardown),
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_dsa,
setup_dsa_key,
teardown),
@@ -1658,6 +1690,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_publickey_dsa_base64,
setup_dsa_key,
teardown),
+#endif
cmocka_unit_test_setup_teardown(torture_pki_publickey_rsa_base64,
setup_rsa_key,
teardown),
@@ -1675,9 +1708,11 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_publickey_ed25519_base64,
setup_ed25519_key,
teardown),
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_generate_pubkey_from_privkey_dsa,
setup_dsa_key,
teardown),
+#endif
cmocka_unit_test_setup_teardown(torture_generate_pubkey_from_privkey_rsa,
setup_rsa_key,
teardown),
@@ -1698,9 +1733,11 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_rsa,
setup_rsa_key,
teardown),
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_dsa,
setup_dsa_key,
teardown),
+#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_ecdsa,
setup_ecdsa_key_256,
@@ -1712,12 +1749,16 @@ int torture_run_tests(void) {
setup_ecdsa_key_521,
teardown),
#endif
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_duplicate_key_dsa,
setup_dsa_key,
teardown),
+#endif
cmocka_unit_test(torture_pki_generate_key_rsa),
cmocka_unit_test(torture_pki_generate_key_rsa1),
+#ifdef HAVE_DSA
cmocka_unit_test(torture_pki_generate_key_dsa),
+#endif
#ifdef HAVE_ECC
cmocka_unit_test(torture_pki_generate_key_ecdsa),
#endif
@@ -1741,9 +1782,11 @@ int torture_run_tests(void) {
teardown),
#endif
#endif /* HAVE_LIBCRYPTO */
+#ifdef HAVE_DSA
cmocka_unit_test_setup_teardown(torture_pki_write_privkey_ed25519,
setup_dsa_key,
teardown),
+#endif
#ifdef HAVE_ECC
cmocka_unit_test_setup_teardown(torture_pki_ecdsa_name256,