1 /* $OpenBSD: test_file.c,v 1.6 2017/04/30 23:33:48 djm Exp $ */
3 * Regress test for sshkey.h key management API
5 * Placed in the public domain
10 #include <sys/types.h>
11 #include <sys/param.h>
22 #include <openssl/bn.h>
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/objects.h>
26 #ifdef OPENSSL_HAS_NISTP256
27 # include <openssl/ec.h>
30 #include "../test_helper/test_helper.h"
40 void sshkey_file_tests(void);
43 sshkey_file_tests(void)
45 struct sshkey *k1, *k2;
46 struct sshbuf *buf, *pw;
50 TEST_START("load passphrase");
51 pw = load_text_file("pw");
55 TEST_START("parse RSA from private");
56 buf = load_file("rsa_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
59 ASSERT_PTR_NE(k1, NULL);
60 a = load_bignum("rsa_1.param.n");
61 b = load_bignum("rsa_1.param.p");
62 c = load_bignum("rsa_1.param.q");
63 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
64 ASSERT_BIGNUM_EQ(k1->rsa->p, b);
65 ASSERT_BIGNUM_EQ(k1->rsa->q, c);
71 TEST_START("parse RSA from private w/ passphrase");
72 buf = load_file("rsa_1_pw");
73 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
74 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
76 ASSERT_PTR_NE(k2, NULL);
77 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
81 TEST_START("parse RSA from new-format");
82 buf = load_file("rsa_n");
83 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
85 ASSERT_PTR_NE(k2, NULL);
86 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
90 TEST_START("parse RSA from new-format w/ passphrase");
91 buf = load_file("rsa_n_pw");
92 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
93 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
95 ASSERT_PTR_NE(k2, NULL);
96 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
100 TEST_START("load RSA from public");
101 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
103 ASSERT_PTR_NE(k2, NULL);
104 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
108 TEST_START("load RSA cert");
109 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0);
110 ASSERT_PTR_NE(k2, NULL);
111 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
112 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
113 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
116 TEST_START("RSA key hex fingerprint");
117 buf = load_text_file("rsa_1.fp");
118 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
119 ASSERT_PTR_NE(cp, NULL);
120 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
125 TEST_START("RSA cert hex fingerprint");
126 buf = load_text_file("rsa_1-cert.fp");
127 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
128 ASSERT_PTR_NE(cp, NULL);
129 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
135 TEST_START("RSA key bubblebabble fingerprint");
136 buf = load_text_file("rsa_1.fp.bb");
137 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
138 ASSERT_PTR_NE(cp, NULL);
139 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
146 TEST_START("parse DSA from private");
147 buf = load_file("dsa_1");
148 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
150 ASSERT_PTR_NE(k1, NULL);
151 a = load_bignum("dsa_1.param.g");
152 b = load_bignum("dsa_1.param.priv");
153 c = load_bignum("dsa_1.param.pub");
154 ASSERT_BIGNUM_EQ(k1->dsa->g, a);
155 ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
156 ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
162 TEST_START("parse DSA from private w/ passphrase");
163 buf = load_file("dsa_1_pw");
164 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
165 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
167 ASSERT_PTR_NE(k2, NULL);
168 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
172 TEST_START("parse DSA from new-format");
173 buf = load_file("dsa_n");
174 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
176 ASSERT_PTR_NE(k2, NULL);
177 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
181 TEST_START("parse DSA from new-format w/ passphrase");
182 buf = load_file("dsa_n_pw");
183 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
184 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
186 ASSERT_PTR_NE(k2, NULL);
187 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
191 TEST_START("load DSA from public");
192 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2,
194 ASSERT_PTR_NE(k2, NULL);
195 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
199 TEST_START("load DSA cert");
200 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0);
201 ASSERT_PTR_NE(k2, NULL);
202 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT);
203 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
204 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
207 TEST_START("DSA key hex fingerprint");
208 buf = load_text_file("dsa_1.fp");
209 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
210 ASSERT_PTR_NE(cp, NULL);
211 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
216 TEST_START("DSA cert hex fingerprint");
217 buf = load_text_file("dsa_1-cert.fp");
218 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
219 ASSERT_PTR_NE(cp, NULL);
220 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
226 TEST_START("DSA key bubblebabble fingerprint");
227 buf = load_text_file("dsa_1.fp.bb");
228 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
229 ASSERT_PTR_NE(cp, NULL);
230 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
237 #ifdef OPENSSL_HAS_ECC
238 TEST_START("parse ECDSA from private");
239 buf = load_file("ecdsa_1");
240 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
242 ASSERT_PTR_NE(k1, NULL);
243 buf = load_text_file("ecdsa_1.param.curve");
244 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf),
245 OBJ_nid2sn(k1->ecdsa_nid));
247 a = load_bignum("ecdsa_1.param.priv");
248 b = load_bignum("ecdsa_1.param.pub");
249 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa),
250 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED,
252 ASSERT_PTR_NE(c, NULL);
253 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a);
254 ASSERT_BIGNUM_EQ(b, c);
260 TEST_START("parse ECDSA from private w/ passphrase");
261 buf = load_file("ecdsa_1_pw");
262 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
263 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
265 ASSERT_PTR_NE(k2, NULL);
266 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
270 TEST_START("parse ECDSA from new-format");
271 buf = load_file("ecdsa_n");
272 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
274 ASSERT_PTR_NE(k2, NULL);
275 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
279 TEST_START("parse ECDSA from new-format w/ passphrase");
280 buf = load_file("ecdsa_n_pw");
281 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
282 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
284 ASSERT_PTR_NE(k2, NULL);
285 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
289 TEST_START("load ECDSA from public");
290 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2,
292 ASSERT_PTR_NE(k2, NULL);
293 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
297 TEST_START("load ECDSA cert");
298 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0);
299 ASSERT_PTR_NE(k2, NULL);
300 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT);
301 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
302 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
305 TEST_START("ECDSA key hex fingerprint");
306 buf = load_text_file("ecdsa_1.fp");
307 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
308 ASSERT_PTR_NE(cp, NULL);
309 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
314 TEST_START("ECDSA cert hex fingerprint");
315 buf = load_text_file("ecdsa_1-cert.fp");
316 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
317 ASSERT_PTR_NE(cp, NULL);
318 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
324 TEST_START("ECDSA key bubblebabble fingerprint");
325 buf = load_text_file("ecdsa_1.fp.bb");
326 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
327 ASSERT_PTR_NE(cp, NULL);
328 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
334 #endif /* OPENSSL_HAS_ECC */
336 TEST_START("parse Ed25519 from private");
337 buf = load_file("ed25519_1");
338 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
340 ASSERT_PTR_NE(k1, NULL);
341 ASSERT_INT_EQ(k1->type, KEY_ED25519);
342 /* XXX check key contents */
345 TEST_START("parse Ed25519 from private w/ passphrase");
346 buf = load_file("ed25519_1_pw");
347 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
348 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
350 ASSERT_PTR_NE(k2, NULL);
351 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
355 TEST_START("load Ed25519 from public");
356 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2,
358 ASSERT_PTR_NE(k2, NULL);
359 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
363 TEST_START("load Ed25519 cert");
364 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0);
365 ASSERT_PTR_NE(k2, NULL);
366 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT);
367 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
368 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
371 TEST_START("Ed25519 key hex fingerprint");
372 buf = load_text_file("ed25519_1.fp");
373 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
374 ASSERT_PTR_NE(cp, NULL);
375 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
380 TEST_START("Ed25519 cert hex fingerprint");
381 buf = load_text_file("ed25519_1-cert.fp");
382 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
383 ASSERT_PTR_NE(cp, NULL);
384 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
390 TEST_START("Ed25519 key bubblebabble fingerprint");
391 buf = load_text_file("ed25519_1.fp.bb");
392 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
393 ASSERT_PTR_NE(cp, NULL);
394 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));