aboutsummaryrefslogtreecommitdiff
path: root/tests/keys
AgeCommit message (Collapse)AuthorFilesLines
2023-12-05tests: Convert key to PEM so we can not access public key directlyJakub Jelen1-28/+30
There are several tests that depended in the past on the fact that we can not read public key from private encrypted keys. This is no longer the case for some time as the OpenSSH file format has public key in plaintext. This change just converts the same key into the PEM Format, which should still be opaque for us and trigger code paths that enforce opening of the accompanied public key file. Converted using the following command: $ ssh-keygen -m PEM -p -N secret -P secret -f tests/keys/id_rsa_protected Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Sahana Prasad <sahana@redhat.com>
2023-02-02Remove support for DSA KeysMohammad Shehar Yaar Tausif2-13/+0
Solving issue #110. The original work is at !231 Some changes were needed because the newly added features in master through time Signed-off-by: Mohammad Shehar Yaar Tausif <sheharyaar48@gmail.com> Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2022-05-12Generate new 2k certificate key working in FIPSJakub Jelen3-29/+29
The original key had 2018 bits, which falls short for current security requirements Steps I used: $ ssh-keygen -f tests/keys/certauth/id_rsa -t rsa -b 2048 -C libssh_torture_auth -N '' $ ssh-keygen -s tests/keys/user_ca -I torture_auth_carlos -n alice ./tests/keys/certauth/id_rsa.pub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-10auth: Add ssh_userauth_publickey_auto_get_current_identity()Marius Vollmer2-0/+29
Signed-off-by: Marius Vollmer <mvollmer@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-20keys: Adds new keys to generate PKCS11 URIs used to authenticate with the ↵Sahana Prasad14-0/+83
ssh server. Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19tests: Verify we can authenticate using ed25519 keyJakub Jelen2-0/+9
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-17tests: Verify the pubkey authentication works with ECDSA keysJakub Jelen2-0/+6
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2016-03-15torture_auth: Add tests for client side certificate authenticationAxel Eppe4-0/+56
- enabled TrustedUserCAKeys option in torture.c - adds a new set of (signed) keys for bob in a separate dir The private key used to generate the certs is included, but not required. Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14tests: Add public keys for bobAndreas Schneider2-0/+28
This also allows bob to auth as alice. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14tests: Add ssh host keys for test environment.Andreas Schneider8-0/+48
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>