1 /* $OpenBSD: test_file.c,v 1.4 2015/07/07 14:53:30 markus Exp $ */
3 * Regress test for sshkey.h key management API
5 * Placed in the public domain
10 #include <sys/types.h>
11 #include <sys/param.h>
22 #include <openssl/bn.h>
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/objects.h>
26 #ifdef OPENSSL_HAS_NISTP256
27 # include <openssl/ec.h>
30 #include "../test_helper/test_helper.h"
40 void sshkey_file_tests(void);
43 sshkey_file_tests(void)
45 struct sshkey *k1, *k2;
46 struct sshbuf *buf, *pw;
50 TEST_START("load passphrase");
51 pw = load_text_file("pw");
55 TEST_START("parse RSA1 from private");
56 buf = load_file("rsa1_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1",
60 ASSERT_PTR_NE(k1, NULL);
61 a = load_bignum("rsa1_1.param.n");
62 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
66 TEST_START("parse RSA1 from private w/ passphrase");
67 buf = load_file("rsa1_1_pw");
68 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
69 (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0);
71 ASSERT_PTR_NE(k2, NULL);
72 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
76 TEST_START("load RSA1 from public");
77 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2,
79 ASSERT_PTR_NE(k2, NULL);
80 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
84 TEST_START("RSA1 key hex fingerprint");
85 buf = load_text_file("rsa1_1.fp");
86 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
87 ASSERT_PTR_NE(cp, NULL);
88 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
93 TEST_START("RSA1 key bubblebabble fingerprint");
94 buf = load_text_file("rsa1_1.fp.bb");
95 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
96 ASSERT_PTR_NE(cp, NULL);
97 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
105 TEST_START("parse RSA from private");
106 buf = load_file("rsa_1");
107 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1",
110 ASSERT_PTR_NE(k1, NULL);
111 a = load_bignum("rsa_1.param.n");
112 b = load_bignum("rsa_1.param.p");
113 c = load_bignum("rsa_1.param.q");
114 ASSERT_BIGNUM_EQ(k1->rsa->n, a);
115 ASSERT_BIGNUM_EQ(k1->rsa->p, b);
116 ASSERT_BIGNUM_EQ(k1->rsa->q, c);
122 TEST_START("parse RSA from private w/ passphrase");
123 buf = load_file("rsa_1_pw");
124 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
125 (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0);
127 ASSERT_PTR_NE(k2, NULL);
128 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
132 TEST_START("parse RSA from new-format");
133 buf = load_file("rsa_n");
134 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
135 "", "rsa_n", &k2, NULL), 0);
137 ASSERT_PTR_NE(k2, NULL);
138 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
142 TEST_START("parse RSA from new-format w/ passphrase");
143 buf = load_file("rsa_n_pw");
144 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
145 (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0);
147 ASSERT_PTR_NE(k2, NULL);
148 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
152 TEST_START("load RSA from public");
153 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
155 ASSERT_PTR_NE(k2, NULL);
156 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
160 TEST_START("load RSA cert");
161 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0);
162 ASSERT_PTR_NE(k2, NULL);
163 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
164 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
165 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
168 TEST_START("RSA key hex fingerprint");
169 buf = load_text_file("rsa_1.fp");
170 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
171 ASSERT_PTR_NE(cp, NULL);
172 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
177 TEST_START("RSA cert hex fingerprint");
178 buf = load_text_file("rsa_1-cert.fp");
179 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
180 ASSERT_PTR_NE(cp, NULL);
181 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
187 TEST_START("RSA key bubblebabble fingerprint");
188 buf = load_text_file("rsa_1.fp.bb");
189 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
190 ASSERT_PTR_NE(cp, NULL);
191 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
198 TEST_START("parse DSA from private");
199 buf = load_file("dsa_1");
200 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1",
203 ASSERT_PTR_NE(k1, NULL);
204 a = load_bignum("dsa_1.param.g");
205 b = load_bignum("dsa_1.param.priv");
206 c = load_bignum("dsa_1.param.pub");
207 ASSERT_BIGNUM_EQ(k1->dsa->g, a);
208 ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
209 ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
215 TEST_START("parse DSA from private w/ passphrase");
216 buf = load_file("dsa_1_pw");
217 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
218 (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0);
220 ASSERT_PTR_NE(k2, NULL);
221 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
225 TEST_START("parse DSA from new-format");
226 buf = load_file("dsa_n");
227 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
228 "", "dsa_n", &k2, NULL), 0);
230 ASSERT_PTR_NE(k2, NULL);
231 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
235 TEST_START("parse DSA from new-format w/ passphrase");
236 buf = load_file("dsa_n_pw");
237 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
238 (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0);
240 ASSERT_PTR_NE(k2, NULL);
241 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
245 TEST_START("load DSA from public");
246 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2,
248 ASSERT_PTR_NE(k2, NULL);
249 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
253 TEST_START("load DSA cert");
254 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0);
255 ASSERT_PTR_NE(k2, NULL);
256 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT);
257 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
258 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
261 TEST_START("DSA key hex fingerprint");
262 buf = load_text_file("dsa_1.fp");
263 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
264 ASSERT_PTR_NE(cp, NULL);
265 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
270 TEST_START("DSA cert hex fingerprint");
271 buf = load_text_file("dsa_1-cert.fp");
272 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
273 ASSERT_PTR_NE(cp, NULL);
274 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
280 TEST_START("DSA key bubblebabble fingerprint");
281 buf = load_text_file("dsa_1.fp.bb");
282 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
283 ASSERT_PTR_NE(cp, NULL);
284 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
291 #ifdef OPENSSL_HAS_ECC
292 TEST_START("parse ECDSA from private");
293 buf = load_file("ecdsa_1");
294 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1",
297 ASSERT_PTR_NE(k1, NULL);
298 buf = load_text_file("ecdsa_1.param.curve");
299 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf),
300 OBJ_nid2sn(k1->ecdsa_nid));
302 a = load_bignum("ecdsa_1.param.priv");
303 b = load_bignum("ecdsa_1.param.pub");
304 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa),
305 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED,
307 ASSERT_PTR_NE(c, NULL);
308 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a);
309 ASSERT_BIGNUM_EQ(b, c);
315 TEST_START("parse ECDSA from private w/ passphrase");
316 buf = load_file("ecdsa_1_pw");
317 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
318 (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0);
320 ASSERT_PTR_NE(k2, NULL);
321 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
325 TEST_START("parse ECDSA from new-format");
326 buf = load_file("ecdsa_n");
327 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
328 "", "ecdsa_n", &k2, NULL), 0);
330 ASSERT_PTR_NE(k2, NULL);
331 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
335 TEST_START("parse ECDSA from new-format w/ passphrase");
336 buf = load_file("ecdsa_n_pw");
337 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
338 (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0);
340 ASSERT_PTR_NE(k2, NULL);
341 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
345 TEST_START("load ECDSA from public");
346 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2,
348 ASSERT_PTR_NE(k2, NULL);
349 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
353 TEST_START("load ECDSA cert");
354 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0);
355 ASSERT_PTR_NE(k2, NULL);
356 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT);
357 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
358 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
361 TEST_START("ECDSA key hex fingerprint");
362 buf = load_text_file("ecdsa_1.fp");
363 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
364 ASSERT_PTR_NE(cp, NULL);
365 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
370 TEST_START("ECDSA cert hex fingerprint");
371 buf = load_text_file("ecdsa_1-cert.fp");
372 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
373 ASSERT_PTR_NE(cp, NULL);
374 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
380 TEST_START("ECDSA key bubblebabble fingerprint");
381 buf = load_text_file("ecdsa_1.fp.bb");
382 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
383 ASSERT_PTR_NE(cp, NULL);
384 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
390 #endif /* OPENSSL_HAS_ECC */
392 TEST_START("parse Ed25519 from private");
393 buf = load_file("ed25519_1");
394 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1",
397 ASSERT_PTR_NE(k1, NULL);
398 ASSERT_INT_EQ(k1->type, KEY_ED25519);
399 /* XXX check key contents */
402 TEST_START("parse Ed25519 from private w/ passphrase");
403 buf = load_file("ed25519_1_pw");
404 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
405 (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0);
407 ASSERT_PTR_NE(k2, NULL);
408 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
412 TEST_START("load Ed25519 from public");
413 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2,
415 ASSERT_PTR_NE(k2, NULL);
416 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
420 TEST_START("load Ed25519 cert");
421 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0);
422 ASSERT_PTR_NE(k2, NULL);
423 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT);
424 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
425 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
428 TEST_START("Ed25519 key hex fingerprint");
429 buf = load_text_file("ed25519_1.fp");
430 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
431 ASSERT_PTR_NE(cp, NULL);
432 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
437 TEST_START("Ed25519 cert hex fingerprint");
438 buf = load_text_file("ed25519_1-cert.fp");
439 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
440 ASSERT_PTR_NE(cp, NULL);
441 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
447 TEST_START("Ed25519 key bubblebabble fingerprint");
448 buf = load_text_file("ed25519_1.fp.bb");
449 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
450 ASSERT_PTR_NE(cp, NULL);
451 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));