1 /* $OpenBSD: test_file.c,v 1.11 2024/01/11 01:45:58 djm Exp $ */
2 /*
3 * Regress test for sshkey.h key management API
4 *
5 * Placed in the public domain
6 */
7
8 #include "includes.h"
9
10 #include <sys/types.h>
11 #include <sys/stat.h>
12 #include <fcntl.h>
13 #include <stdio.h>
14 #ifdef HAVE_STDINT_H
15 #include <stdint.h>
16 #endif
17 #include <stdlib.h>
18 #include <string.h>
19 #include <unistd.h>
20
21 #ifdef WITH_OPENSSL
22 #include <openssl/bn.h>
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/objects.h>
26 #ifdef OPENSSL_HAS_NISTP256
27 # include <openssl/ec.h>
28 #endif /* OPENSSL_HAS_NISTP256 */
29 #endif /* WITH_OPENSSL */
30
31 #include "../test_helper/test_helper.h"
32
33 #include "ssherr.h"
34 #include "authfile.h"
35 #include "sshkey.h"
36 #include "sshbuf.h"
37 #include "digest.h"
38
39 #include "common.h"
40
41 void sshkey_file_tests(void);
42
43 void
sshkey_file_tests(void)44 sshkey_file_tests(void)
45 {
46 struct sshkey *k1, *k2;
47 struct sshbuf *buf, *pw;
48 #ifdef WITH_OPENSSL
49 BIGNUM *a, *b, *c;
50 #endif
51 char *cp;
52
53 TEST_START("load passphrase");
54 pw = load_text_file("pw");
55 TEST_DONE();
56
57
58 #ifdef WITH_OPENSSL
59 TEST_START("parse RSA from private");
60 buf = load_file("rsa_1");
61 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
62 sshbuf_free(buf);
63 ASSERT_PTR_NE(k1, NULL);
64 a = load_bignum("rsa_1.param.n");
65 b = load_bignum("rsa_1.param.p");
66 c = load_bignum("rsa_1.param.q");
67 ASSERT_BIGNUM_EQ(rsa_n(k1), a);
68 ASSERT_BIGNUM_EQ(rsa_p(k1), b);
69 ASSERT_BIGNUM_EQ(rsa_q(k1), c);
70 BN_free(a);
71 BN_free(b);
72 BN_free(c);
73 TEST_DONE();
74
75 TEST_START("parse RSA from private w/ passphrase");
76 buf = load_file("rsa_1_pw");
77 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
78 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
79 sshbuf_free(buf);
80 ASSERT_PTR_NE(k2, NULL);
81 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
82 sshkey_free(k2);
83 TEST_DONE();
84
85 TEST_START("parse RSA from new-format");
86 buf = load_file("rsa_n");
87 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
88 sshbuf_free(buf);
89 ASSERT_PTR_NE(k2, NULL);
90 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
91 sshkey_free(k2);
92 TEST_DONE();
93
94 TEST_START("parse RSA from new-format w/ passphrase");
95 buf = load_file("rsa_n_pw");
96 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
97 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
98 sshbuf_free(buf);
99 ASSERT_PTR_NE(k2, NULL);
100 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
101 sshkey_free(k2);
102 TEST_DONE();
103
104 TEST_START("load RSA from public");
105 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
106 NULL), 0);
107 ASSERT_PTR_NE(k2, NULL);
108 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
109 sshkey_free(k2);
110 TEST_DONE();
111
112 TEST_START("load RSA cert with SHA1 signature");
113 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha1"), &k2), 0);
114 ASSERT_PTR_NE(k2, NULL);
115 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
116 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
117 ASSERT_STRING_EQ(k2->cert->signature_type, "ssh-rsa");
118 sshkey_free(k2);
119 TEST_DONE();
120
121 TEST_START("load RSA cert with SHA512 signature");
122 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha512"), &k2), 0);
123 ASSERT_PTR_NE(k2, NULL);
124 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
125 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
126 ASSERT_STRING_EQ(k2->cert->signature_type, "rsa-sha2-512");
127 sshkey_free(k2);
128 TEST_DONE();
129
130 TEST_START("load RSA cert");
131 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0);
132 ASSERT_PTR_NE(k2, NULL);
133 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT);
134 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
135 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
136 TEST_DONE();
137
138 TEST_START("RSA key hex fingerprint");
139 buf = load_text_file("rsa_1.fp");
140 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
141 ASSERT_PTR_NE(cp, NULL);
142 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
143 sshbuf_free(buf);
144 free(cp);
145 TEST_DONE();
146
147 TEST_START("RSA cert hex fingerprint");
148 buf = load_text_file("rsa_1-cert.fp");
149 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
150 ASSERT_PTR_NE(cp, NULL);
151 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
152 sshbuf_free(buf);
153 free(cp);
154 sshkey_free(k2);
155 TEST_DONE();
156
157 TEST_START("RSA key bubblebabble fingerprint");
158 buf = load_text_file("rsa_1.fp.bb");
159 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
160 ASSERT_PTR_NE(cp, NULL);
161 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
162 sshbuf_free(buf);
163 free(cp);
164 TEST_DONE();
165
166 sshkey_free(k1);
167
168 #ifdef WITH_DSA
169 TEST_START("parse DSA from private");
170 buf = load_file("dsa_1");
171 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
172 sshbuf_free(buf);
173 ASSERT_PTR_NE(k1, NULL);
174 a = load_bignum("dsa_1.param.g");
175 b = load_bignum("dsa_1.param.priv");
176 c = load_bignum("dsa_1.param.pub");
177 ASSERT_BIGNUM_EQ(dsa_g(k1), a);
178 ASSERT_BIGNUM_EQ(dsa_priv_key(k1), b);
179 ASSERT_BIGNUM_EQ(dsa_pub_key(k1), c);
180 BN_free(a);
181 BN_free(b);
182 BN_free(c);
183 TEST_DONE();
184
185 TEST_START("parse DSA from private w/ passphrase");
186 buf = load_file("dsa_1_pw");
187 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
188 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
189 sshbuf_free(buf);
190 ASSERT_PTR_NE(k2, NULL);
191 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
192 sshkey_free(k2);
193 TEST_DONE();
194
195 TEST_START("parse DSA from new-format");
196 buf = load_file("dsa_n");
197 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
198 sshbuf_free(buf);
199 ASSERT_PTR_NE(k2, NULL);
200 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
201 sshkey_free(k2);
202 TEST_DONE();
203
204 TEST_START("parse DSA from new-format w/ passphrase");
205 buf = load_file("dsa_n_pw");
206 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
207 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
208 sshbuf_free(buf);
209 ASSERT_PTR_NE(k2, NULL);
210 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
211 sshkey_free(k2);
212 TEST_DONE();
213
214 TEST_START("load DSA from public");
215 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2,
216 NULL), 0);
217 ASSERT_PTR_NE(k2, NULL);
218 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
219 sshkey_free(k2);
220 TEST_DONE();
221
222 TEST_START("load DSA cert");
223 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0);
224 ASSERT_PTR_NE(k2, NULL);
225 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT);
226 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
227 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
228 TEST_DONE();
229
230 TEST_START("DSA key hex fingerprint");
231 buf = load_text_file("dsa_1.fp");
232 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
233 ASSERT_PTR_NE(cp, NULL);
234 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
235 sshbuf_free(buf);
236 free(cp);
237 TEST_DONE();
238
239 TEST_START("DSA cert hex fingerprint");
240 buf = load_text_file("dsa_1-cert.fp");
241 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
242 ASSERT_PTR_NE(cp, NULL);
243 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
244 sshbuf_free(buf);
245 free(cp);
246 sshkey_free(k2);
247 TEST_DONE();
248
249 TEST_START("DSA key bubblebabble fingerprint");
250 buf = load_text_file("dsa_1.fp.bb");
251 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
252 ASSERT_PTR_NE(cp, NULL);
253 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
254 sshbuf_free(buf);
255 free(cp);
256 TEST_DONE();
257
258 sshkey_free(k1);
259 #endif
260
261 #ifdef OPENSSL_HAS_ECC
262 TEST_START("parse ECDSA from private");
263 buf = load_file("ecdsa_1");
264 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
265 sshbuf_free(buf);
266 ASSERT_PTR_NE(k1, NULL);
267 buf = load_text_file("ecdsa_1.param.curve");
268 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf),
269 OBJ_nid2sn(k1->ecdsa_nid));
270 sshbuf_free(buf);
271 #ifndef OPENSSL_IS_BORINGSSL /* lacks EC_POINT_point2bn() */
272 a = load_bignum("ecdsa_1.param.priv");
273 b = load_bignum("ecdsa_1.param.pub");
274 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa),
275 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED,
276 NULL, NULL);
277 ASSERT_PTR_NE(c, NULL);
278 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a);
279 ASSERT_BIGNUM_EQ(b, c);
280 BN_free(a);
281 BN_free(b);
282 BN_free(c);
283 #endif /* OPENSSL_IS_BORINGSSL */
284 TEST_DONE();
285
286 TEST_START("parse ECDSA from private w/ passphrase");
287 buf = load_file("ecdsa_1_pw");
288 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
289 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
290 sshbuf_free(buf);
291 ASSERT_PTR_NE(k2, NULL);
292 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
293 sshkey_free(k2);
294 TEST_DONE();
295
296 TEST_START("parse ECDSA from new-format");
297 buf = load_file("ecdsa_n");
298 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
299 sshbuf_free(buf);
300 ASSERT_PTR_NE(k2, NULL);
301 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
302 sshkey_free(k2);
303 TEST_DONE();
304
305 TEST_START("parse ECDSA from new-format w/ passphrase");
306 buf = load_file("ecdsa_n_pw");
307 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
308 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
309 sshbuf_free(buf);
310 ASSERT_PTR_NE(k2, NULL);
311 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
312 sshkey_free(k2);
313 TEST_DONE();
314
315 TEST_START("load ECDSA from public");
316 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2,
317 NULL), 0);
318 ASSERT_PTR_NE(k2, NULL);
319 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
320 sshkey_free(k2);
321 TEST_DONE();
322
323 TEST_START("load ECDSA cert");
324 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0);
325 ASSERT_PTR_NE(k2, NULL);
326 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT);
327 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
328 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
329 TEST_DONE();
330
331 TEST_START("ECDSA key hex fingerprint");
332 buf = load_text_file("ecdsa_1.fp");
333 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
334 ASSERT_PTR_NE(cp, NULL);
335 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
336 sshbuf_free(buf);
337 free(cp);
338 TEST_DONE();
339
340 TEST_START("ECDSA cert hex fingerprint");
341 buf = load_text_file("ecdsa_1-cert.fp");
342 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
343 ASSERT_PTR_NE(cp, NULL);
344 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
345 sshbuf_free(buf);
346 free(cp);
347 sshkey_free(k2);
348 TEST_DONE();
349
350 TEST_START("ECDSA key bubblebabble fingerprint");
351 buf = load_text_file("ecdsa_1.fp.bb");
352 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
353 ASSERT_PTR_NE(cp, NULL);
354 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
355 sshbuf_free(buf);
356 free(cp);
357 TEST_DONE();
358
359 sshkey_free(k1);
360 #endif /* OPENSSL_HAS_ECC */
361 #endif /* WITH_OPENSSL */
362
363 TEST_START("parse Ed25519 from private");
364 buf = load_file("ed25519_1");
365 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
366 sshbuf_free(buf);
367 ASSERT_PTR_NE(k1, NULL);
368 ASSERT_INT_EQ(k1->type, KEY_ED25519);
369 /* XXX check key contents */
370 TEST_DONE();
371
372 TEST_START("parse Ed25519 from private w/ passphrase");
373 buf = load_file("ed25519_1_pw");
374 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
375 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
376 sshbuf_free(buf);
377 ASSERT_PTR_NE(k2, NULL);
378 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
379 sshkey_free(k2);
380 TEST_DONE();
381
382 TEST_START("load Ed25519 from public");
383 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2,
384 NULL), 0);
385 ASSERT_PTR_NE(k2, NULL);
386 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
387 sshkey_free(k2);
388 TEST_DONE();
389
390 TEST_START("load Ed25519 cert");
391 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0);
392 ASSERT_PTR_NE(k2, NULL);
393 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT);
394 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
395 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
396 TEST_DONE();
397
398 TEST_START("Ed25519 key hex fingerprint");
399 buf = load_text_file("ed25519_1.fp");
400 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
401 ASSERT_PTR_NE(cp, NULL);
402 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
403 sshbuf_free(buf);
404 free(cp);
405 TEST_DONE();
406
407 TEST_START("Ed25519 cert hex fingerprint");
408 buf = load_text_file("ed25519_1-cert.fp");
409 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
410 ASSERT_PTR_NE(cp, NULL);
411 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
412 sshbuf_free(buf);
413 free(cp);
414 sshkey_free(k2);
415 TEST_DONE();
416
417 TEST_START("Ed25519 key bubblebabble fingerprint");
418 buf = load_text_file("ed25519_1.fp.bb");
419 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
420 ASSERT_PTR_NE(cp, NULL);
421 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
422 sshbuf_free(buf);
423 free(cp);
424 TEST_DONE();
425
426 sshkey_free(k1);
427
428 #ifdef ENABLE_SK
429 #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
430 TEST_START("parse ECDSA-SK from private");
431 buf = load_file("ecdsa_sk1");
432 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
433 sshbuf_free(buf);
434 ASSERT_PTR_NE(k1, NULL);
435 ASSERT_INT_EQ(k1->type, KEY_ECDSA_SK);
436 TEST_DONE();
437
438 TEST_START("parse ECDSA-SK from private w/ passphrase");
439 buf = load_file("ecdsa_sk1_pw");
440 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
441 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
442 sshbuf_free(buf);
443 ASSERT_PTR_NE(k2, NULL);
444 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
445 sshkey_free(k2);
446 TEST_DONE();
447
448 TEST_START("load ECDSA-SK from public");
449 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_sk1.pub"), &k2,
450 NULL), 0);
451 ASSERT_PTR_NE(k2, NULL);
452 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
453 sshkey_free(k2);
454 TEST_DONE();
455
456 TEST_START("load ECDSA-SK cert");
457 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_sk1"), &k2), 0);
458 ASSERT_PTR_NE(k2, NULL);
459 ASSERT_INT_EQ(k2->type, KEY_ECDSA_SK_CERT);
460 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
461 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
462 TEST_DONE();
463
464 TEST_START("ECDSA-SK key hex fingerprint");
465 buf = load_text_file("ecdsa_sk1.fp");
466 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
467 ASSERT_PTR_NE(cp, NULL);
468 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
469 sshbuf_free(buf);
470 free(cp);
471 TEST_DONE();
472
473 TEST_START("ECDSA-SK cert hex fingerprint");
474 buf = load_text_file("ecdsa_sk1-cert.fp");
475 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
476 ASSERT_PTR_NE(cp, NULL);
477 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
478 sshbuf_free(buf);
479 free(cp);
480 sshkey_free(k2);
481 TEST_DONE();
482
483 TEST_START("ECDSA-SK key bubblebabble fingerprint");
484 buf = load_text_file("ecdsa_sk1.fp.bb");
485 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
486 ASSERT_PTR_NE(cp, NULL);
487 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
488 sshbuf_free(buf);
489 free(cp);
490 TEST_DONE();
491
492 sshkey_free(k1);
493 #endif
494
495 TEST_START("parse Ed25519-SK from private");
496 buf = load_file("ed25519_sk1");
497 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
498 sshbuf_free(buf);
499 ASSERT_PTR_NE(k1, NULL);
500 ASSERT_INT_EQ(k1->type, KEY_ED25519_SK);
501 /* XXX check key contents */
502 TEST_DONE();
503
504 TEST_START("parse Ed25519-SK from private w/ passphrase");
505 buf = load_file("ed25519_sk1_pw");
506 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
507 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
508 sshbuf_free(buf);
509 ASSERT_PTR_NE(k2, NULL);
510 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
511 sshkey_free(k2);
512 TEST_DONE();
513
514 TEST_START("load Ed25519-SK from public");
515 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_sk1.pub"),
516 &k2, NULL), 0);
517 ASSERT_PTR_NE(k2, NULL);
518 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
519 sshkey_free(k2);
520 TEST_DONE();
521
522 TEST_START("load Ed25519-SK cert");
523 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_sk1"), &k2), 0);
524 ASSERT_PTR_NE(k2, NULL);
525 ASSERT_INT_EQ(k2->type, KEY_ED25519_SK_CERT);
526 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0);
527 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1);
528 TEST_DONE();
529
530 TEST_START("Ed25519-SK key hex fingerprint");
531 buf = load_text_file("ed25519_sk1.fp");
532 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
533 ASSERT_PTR_NE(cp, NULL);
534 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
535 sshbuf_free(buf);
536 free(cp);
537 TEST_DONE();
538
539 TEST_START("Ed25519-SK cert hex fingerprint");
540 buf = load_text_file("ed25519_sk1-cert.fp");
541 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
542 ASSERT_PTR_NE(cp, NULL);
543 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
544 sshbuf_free(buf);
545 free(cp);
546 sshkey_free(k2);
547 TEST_DONE();
548
549 TEST_START("Ed25519-SK key bubblebabble fingerprint");
550 buf = load_text_file("ed25519_sk1.fp.bb");
551 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE);
552 ASSERT_PTR_NE(cp, NULL);
553 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
554 sshbuf_free(buf);
555 free(cp);
556 TEST_DONE();
557
558 sshkey_free(k1);
559 #endif /* ENABLE_SK */
560
561 sshbuf_free(pw);
562
563 }
564