1 /* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */
3 * Regress test for sshkey.h key management API
5 * Placed in the public domain
10 #include <sys/types.h>
11 #include <sys/param.h>
22 #include <openssl/bn.h>
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/objects.h>
26 #ifdef OPENSSL_HAS_NISTP256
27 # include <openssl/ec.h>
30 #include "../test_helper/test_helper.h"
40 void sshkey_file_tests(void);
43 sshkey_file_tests(void)
45 struct sshkey *k1, *k2;
46 struct sshbuf *buf, *pw;
50 TEST_START("load passphrase");
51 pw = load_text_file("pw");
55 TEST_START("parse RSA1 from private");
56 buf = load_file("rsa1_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
59 ASSERT_PTR_NE(k1, NULL);
60 a = load_bignum("rsa1_1.param.n");
61 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
65 TEST_START("parse RSA1 from private w/ passphrase");
66 buf = load_file("rsa1_1_pw");
67 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
68 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
70 ASSERT_PTR_NE(k2, NULL);
71 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
75 TEST_START("load RSA1 from public");
76 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2,
78 ASSERT_PTR_NE(k2, NULL);
79 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
83 TEST_START("RSA1 key hex fingerprint");
84 buf = load_text_file("rsa1_1.fp");
85 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
86 ASSERT_PTR_NE(cp, NULL);
87 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
92 TEST_START("RSA1 key bubblebabble fingerprint");
93 buf = load_text_file("rsa1_1.fp.bb");
94 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
95 ASSERT_PTR_NE(cp, NULL);
96 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
104 TEST_START("parse RSA from private");
105 buf = load_file("rsa_1");
106 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
108 ASSERT_PTR_NE(k1, NULL);
109 a = load_bignum("rsa_1.param.n");
110 b = load_bignum("rsa_1.param.p");
111 c = load_bignum("rsa_1.param.q");
112 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
113 ASSERT_BIGNUM_EQ(k1->rsa->p, b);
114 ASSERT_BIGNUM_EQ(k1->rsa->q, c);
120 TEST_START("parse RSA from private w/ passphrase");
121 buf = load_file("rsa_1_pw");
122 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
123 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
125 ASSERT_PTR_NE(k2, NULL);
126 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
130 TEST_START("parse RSA from new-format");
131 buf = load_file("rsa_n");
132 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
134 ASSERT_PTR_NE(k2, NULL);
135 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
139 TEST_START("parse RSA from new-format w/ passphrase");
140 buf = load_file("rsa_n_pw");
141 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
142 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
144 ASSERT_PTR_NE(k2, NULL);
145 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
149 TEST_START("load RSA from public");
150 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
152 ASSERT_PTR_NE(k2, NULL);
153 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
157 TEST_START("load RSA cert");
158 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0);
159 ASSERT_PTR_NE(k2, NULL);
160 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
161 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
162 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
165 TEST_START("RSA key hex fingerprint");
166 buf = load_text_file("rsa_1.fp");
167 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
168 ASSERT_PTR_NE(cp, NULL);
169 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
174 TEST_START("RSA cert hex fingerprint");
175 buf = load_text_file("rsa_1-cert.fp");
176 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
177 ASSERT_PTR_NE(cp, NULL);
178 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
184 TEST_START("RSA key bubblebabble fingerprint");
185 buf = load_text_file("rsa_1.fp.bb");
186 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
187 ASSERT_PTR_NE(cp, NULL);
188 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
195 TEST_START("parse DSA from private");
196 buf = load_file("dsa_1");
197 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
199 ASSERT_PTR_NE(k1, NULL);
200 a = load_bignum("dsa_1.param.g");
201 b = load_bignum("dsa_1.param.priv");
202 c = load_bignum("dsa_1.param.pub");
203 ASSERT_BIGNUM_EQ(k1->dsa->g, a);
204 ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
205 ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
211 TEST_START("parse DSA from private w/ passphrase");
212 buf = load_file("dsa_1_pw");
213 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
214 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
216 ASSERT_PTR_NE(k2, NULL);
217 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
221 TEST_START("parse DSA from new-format");
222 buf = load_file("dsa_n");
223 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
225 ASSERT_PTR_NE(k2, NULL);
226 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
230 TEST_START("parse DSA from new-format w/ passphrase");
231 buf = load_file("dsa_n_pw");
232 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
233 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
235 ASSERT_PTR_NE(k2, NULL);
236 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
240 TEST_START("load DSA from public");
241 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2,
243 ASSERT_PTR_NE(k2, NULL);
244 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
248 TEST_START("load DSA cert");
249 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0);
250 ASSERT_PTR_NE(k2, NULL);
251 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT);
252 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
253 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
256 TEST_START("DSA key hex fingerprint");
257 buf = load_text_file("dsa_1.fp");
258 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
259 ASSERT_PTR_NE(cp, NULL);
260 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
265 TEST_START("DSA cert hex fingerprint");
266 buf = load_text_file("dsa_1-cert.fp");
267 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
268 ASSERT_PTR_NE(cp, NULL);
269 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
275 TEST_START("DSA key bubblebabble fingerprint");
276 buf = load_text_file("dsa_1.fp.bb");
277 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
278 ASSERT_PTR_NE(cp, NULL);
279 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
286 #ifdef OPENSSL_HAS_ECC
287 TEST_START("parse ECDSA from private");
288 buf = load_file("ecdsa_1");
289 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
291 ASSERT_PTR_NE(k1, NULL);
292 buf = load_text_file("ecdsa_1.param.curve");
293 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf),
294 OBJ_nid2sn(k1->ecdsa_nid));
296 a = load_bignum("ecdsa_1.param.priv");
297 b = load_bignum("ecdsa_1.param.pub");
298 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa),
299 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED,
301 ASSERT_PTR_NE(c, NULL);
302 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a);
303 ASSERT_BIGNUM_EQ(b, c);
309 TEST_START("parse ECDSA from private w/ passphrase");
310 buf = load_file("ecdsa_1_pw");
311 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
312 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
314 ASSERT_PTR_NE(k2, NULL);
315 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
319 TEST_START("parse ECDSA from new-format");
320 buf = load_file("ecdsa_n");
321 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
323 ASSERT_PTR_NE(k2, NULL);
324 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
328 TEST_START("parse ECDSA from new-format w/ passphrase");
329 buf = load_file("ecdsa_n_pw");
330 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
331 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
333 ASSERT_PTR_NE(k2, NULL);
334 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
338 TEST_START("load ECDSA from public");
339 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2,
341 ASSERT_PTR_NE(k2, NULL);
342 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
346 TEST_START("load ECDSA cert");
347 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0);
348 ASSERT_PTR_NE(k2, NULL);
349 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT);
350 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
351 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
354 TEST_START("ECDSA key hex fingerprint");
355 buf = load_text_file("ecdsa_1.fp");
356 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
357 ASSERT_PTR_NE(cp, NULL);
358 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
363 TEST_START("ECDSA cert hex fingerprint");
364 buf = load_text_file("ecdsa_1-cert.fp");
365 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
366 ASSERT_PTR_NE(cp, NULL);
367 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
373 TEST_START("ECDSA key bubblebabble fingerprint");
374 buf = load_text_file("ecdsa_1.fp.bb");
375 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
376 ASSERT_PTR_NE(cp, NULL);
377 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
383 #endif /* OPENSSL_HAS_ECC */
385 TEST_START("parse Ed25519 from private");
386 buf = load_file("ed25519_1");
387 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
389 ASSERT_PTR_NE(k1, NULL);
390 ASSERT_INT_EQ(k1->type, KEY_ED25519);
391 /* XXX check key contents */
394 TEST_START("parse Ed25519 from private w/ passphrase");
395 buf = load_file("ed25519_1_pw");
396 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
397 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
399 ASSERT_PTR_NE(k2, NULL);
400 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
404 TEST_START("load Ed25519 from public");
405 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2,
407 ASSERT_PTR_NE(k2, NULL);
408 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
412 TEST_START("load Ed25519 cert");
413 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0);
414 ASSERT_PTR_NE(k2, NULL);
415 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT);
416 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
417 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
420 TEST_START("Ed25519 key hex fingerprint");
421 buf = load_text_file("ed25519_1.fp");
422 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
423 ASSERT_PTR_NE(cp, NULL);
424 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
429 TEST_START("Ed25519 cert hex fingerprint");
430 buf = load_text_file("ed25519_1-cert.fp");
431 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
432 ASSERT_PTR_NE(cp, NULL);
433 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
439 TEST_START("Ed25519 key bubblebabble fingerprint");
440 buf = load_text_file("ed25519_1.fp.bb");
441 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
442 ASSERT_PTR_NE(cp, NULL);
443 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));