1 /* $OpenBSD: test_file.c,v 1.1 2014/06/24 01:14:18 djm Exp $ */ 2 /* 3 * Regress test for sshkey.h key management API 4 * 5 * Placed in the public domain 6 */ 7 8 #include <sys/types.h> 9 #include <sys/param.h> 10 #include <sys/stat.h> 11 #include <fcntl.h> 12 #include <stdio.h> 13 #include <stdint.h> 14 #include <stdlib.h> 15 #include <string.h> 16 #include <unistd.h> 17 18 #include <openssl/bn.h> 19 #include <openssl/ec.h> 20 #include <openssl/rsa.h> 21 #include <openssl/dsa.h> 22 #include <openssl/objects.h> 23 24 #include "test_helper.h" 25 26 #include "ssherr.h" 27 #include "authfile.h" 28 #include "sshkey.h" 29 #include "sshbuf.h" 30 31 #include "common.h" 32 33 void sshkey_file_tests(void); 34 35 void 36 sshkey_file_tests(void) 37 { 38 struct sshkey *k1, *k2; 39 struct sshbuf *buf, *pw; 40 BIGNUM *a, *b, *c; 41 char *cp; 42 43 TEST_START("load passphrase"); 44 pw = load_text_file("pw"); 45 TEST_DONE(); 46 47 TEST_START("parse RSA1 from private"); 48 buf = load_file("rsa1_1"); 49 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1", 50 &k1, NULL), 0); 51 sshbuf_free(buf); 52 ASSERT_PTR_NE(k1, NULL); 53 a = load_bignum("rsa1_1.param.n"); 54 ASSERT_BIGNUM_EQ(k1->rsa->n, a); 55 BN_free(a); 56 TEST_DONE(); 57 58 TEST_START("parse RSA1 from private w/ passphrase"); 59 buf = load_file("rsa1_1_pw"); 60 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 61 (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0); 62 sshbuf_free(buf); 63 ASSERT_PTR_NE(k2, NULL); 64 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 65 sshkey_free(k2); 66 TEST_DONE(); 67 68 TEST_START("load RSA1 from public"); 69 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2, 70 NULL), 0); 71 ASSERT_PTR_NE(k2, NULL); 72 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 73 sshkey_free(k2); 74 TEST_DONE(); 75 76 TEST_START("RSA1 key hex fingerprint"); 77 buf = load_text_file("rsa1_1.fp"); 78 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX); 79 ASSERT_PTR_NE(cp, NULL); 80 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 81 sshbuf_free(buf); 82 free(cp); 83 TEST_DONE(); 84 85 TEST_START("RSA1 key bubblebabble fingerprint"); 86 buf = load_text_file("rsa1_1.fp.bb"); 87 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE); 88 ASSERT_PTR_NE(cp, NULL); 89 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 90 sshbuf_free(buf); 91 free(cp); 92 TEST_DONE(); 93 94 sshkey_free(k1); 95 96 TEST_START("parse RSA from private"); 97 buf = load_file("rsa_1"); 98 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1", 99 &k1, NULL), 0); 100 sshbuf_free(buf); 101 ASSERT_PTR_NE(k1, NULL); 102 a = load_bignum("rsa_1.param.n"); 103 b = load_bignum("rsa_1.param.p"); 104 c = load_bignum("rsa_1.param.q"); 105 ASSERT_BIGNUM_EQ(k1->rsa->n, a); 106 ASSERT_BIGNUM_EQ(k1->rsa->p, b); 107 ASSERT_BIGNUM_EQ(k1->rsa->q, c); 108 BN_free(a); 109 BN_free(b); 110 BN_free(c); 111 TEST_DONE(); 112 113 TEST_START("parse RSA from private w/ passphrase"); 114 buf = load_file("rsa_1_pw"); 115 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 116 (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0); 117 sshbuf_free(buf); 118 ASSERT_PTR_NE(k2, NULL); 119 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 120 sshkey_free(k2); 121 TEST_DONE(); 122 123 TEST_START("parse RSA from new-format"); 124 buf = load_file("rsa_n"); 125 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 126 "", "rsa_n", &k2, NULL), 0); 127 sshbuf_free(buf); 128 ASSERT_PTR_NE(k2, NULL); 129 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 130 sshkey_free(k2); 131 TEST_DONE(); 132 133 TEST_START("parse RSA from new-format w/ passphrase"); 134 buf = load_file("rsa_n_pw"); 135 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 136 (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0); 137 sshbuf_free(buf); 138 ASSERT_PTR_NE(k2, NULL); 139 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 140 sshkey_free(k2); 141 TEST_DONE(); 142 143 TEST_START("load RSA from public"); 144 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, 145 NULL), 0); 146 ASSERT_PTR_NE(k2, NULL); 147 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 148 sshkey_free(k2); 149 TEST_DONE(); 150 151 TEST_START("load RSA cert"); 152 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0); 153 ASSERT_PTR_NE(k2, NULL); 154 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 155 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 156 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 157 TEST_DONE(); 158 159 TEST_START("RSA key hex fingerprint"); 160 buf = load_text_file("rsa_1.fp"); 161 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX); 162 ASSERT_PTR_NE(cp, NULL); 163 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 164 sshbuf_free(buf); 165 free(cp); 166 TEST_DONE(); 167 168 TEST_START("RSA cert hex fingerprint"); 169 buf = load_text_file("rsa_1-cert.fp"); 170 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX); 171 ASSERT_PTR_NE(cp, NULL); 172 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 173 sshbuf_free(buf); 174 free(cp); 175 sshkey_free(k2); 176 TEST_DONE(); 177 178 TEST_START("RSA key bubblebabble fingerprint"); 179 buf = load_text_file("rsa_1.fp.bb"); 180 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE); 181 ASSERT_PTR_NE(cp, NULL); 182 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 183 sshbuf_free(buf); 184 free(cp); 185 TEST_DONE(); 186 187 sshkey_free(k1); 188 189 TEST_START("parse DSA from private"); 190 buf = load_file("dsa_1"); 191 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1", 192 &k1, NULL), 0); 193 sshbuf_free(buf); 194 ASSERT_PTR_NE(k1, NULL); 195 a = load_bignum("dsa_1.param.g"); 196 b = load_bignum("dsa_1.param.priv"); 197 c = load_bignum("dsa_1.param.pub"); 198 ASSERT_BIGNUM_EQ(k1->dsa->g, a); 199 ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b); 200 ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c); 201 BN_free(a); 202 BN_free(b); 203 BN_free(c); 204 TEST_DONE(); 205 206 TEST_START("parse DSA from private w/ passphrase"); 207 buf = load_file("dsa_1_pw"); 208 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 209 (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0); 210 sshbuf_free(buf); 211 ASSERT_PTR_NE(k2, NULL); 212 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 213 sshkey_free(k2); 214 TEST_DONE(); 215 216 TEST_START("parse DSA from new-format"); 217 buf = load_file("dsa_n"); 218 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 219 "", "dsa_n", &k2, NULL), 0); 220 sshbuf_free(buf); 221 ASSERT_PTR_NE(k2, NULL); 222 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 223 sshkey_free(k2); 224 TEST_DONE(); 225 226 TEST_START("parse DSA from new-format w/ passphrase"); 227 buf = load_file("dsa_n_pw"); 228 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 229 (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0); 230 sshbuf_free(buf); 231 ASSERT_PTR_NE(k2, NULL); 232 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 233 sshkey_free(k2); 234 TEST_DONE(); 235 236 TEST_START("load DSA from public"); 237 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2, 238 NULL), 0); 239 ASSERT_PTR_NE(k2, NULL); 240 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 241 sshkey_free(k2); 242 TEST_DONE(); 243 244 TEST_START("load DSA cert"); 245 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0); 246 ASSERT_PTR_NE(k2, NULL); 247 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT); 248 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 249 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 250 TEST_DONE(); 251 252 TEST_START("DSA key hex fingerprint"); 253 buf = load_text_file("dsa_1.fp"); 254 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX); 255 ASSERT_PTR_NE(cp, NULL); 256 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 257 sshbuf_free(buf); 258 free(cp); 259 TEST_DONE(); 260 261 TEST_START("DSA cert hex fingerprint"); 262 buf = load_text_file("dsa_1-cert.fp"); 263 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX); 264 ASSERT_PTR_NE(cp, NULL); 265 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 266 sshbuf_free(buf); 267 free(cp); 268 sshkey_free(k2); 269 TEST_DONE(); 270 271 TEST_START("DSA key bubblebabble fingerprint"); 272 buf = load_text_file("dsa_1.fp.bb"); 273 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE); 274 ASSERT_PTR_NE(cp, NULL); 275 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 276 sshbuf_free(buf); 277 free(cp); 278 TEST_DONE(); 279 280 sshkey_free(k1); 281 282 TEST_START("parse ECDSA from private"); 283 buf = load_file("ecdsa_1"); 284 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1", 285 &k1, NULL), 0); 286 sshbuf_free(buf); 287 ASSERT_PTR_NE(k1, NULL); 288 buf = load_text_file("ecdsa_1.param.curve"); 289 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf), 290 OBJ_nid2sn(k1->ecdsa_nid)); 291 sshbuf_free(buf); 292 a = load_bignum("ecdsa_1.param.priv"); 293 b = load_bignum("ecdsa_1.param.pub"); 294 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa), 295 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED, 296 NULL, NULL); 297 ASSERT_PTR_NE(c, NULL); 298 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a); 299 ASSERT_BIGNUM_EQ(b, c); 300 BN_free(a); 301 BN_free(b); 302 BN_free(c); 303 TEST_DONE(); 304 305 TEST_START("parse ECDSA from private w/ passphrase"); 306 buf = load_file("ecdsa_1_pw"); 307 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 308 (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0); 309 sshbuf_free(buf); 310 ASSERT_PTR_NE(k2, NULL); 311 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 312 sshkey_free(k2); 313 TEST_DONE(); 314 315 TEST_START("parse ECDSA from new-format"); 316 buf = load_file("ecdsa_n"); 317 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 318 "", "ecdsa_n", &k2, NULL), 0); 319 sshbuf_free(buf); 320 ASSERT_PTR_NE(k2, NULL); 321 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 322 sshkey_free(k2); 323 TEST_DONE(); 324 325 TEST_START("parse ECDSA from new-format w/ passphrase"); 326 buf = load_file("ecdsa_n_pw"); 327 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 328 (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0); 329 sshbuf_free(buf); 330 ASSERT_PTR_NE(k2, NULL); 331 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 332 sshkey_free(k2); 333 TEST_DONE(); 334 335 TEST_START("load ECDSA from public"); 336 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2, 337 NULL), 0); 338 ASSERT_PTR_NE(k2, NULL); 339 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 340 sshkey_free(k2); 341 TEST_DONE(); 342 343 TEST_START("load ECDSA cert"); 344 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0); 345 ASSERT_PTR_NE(k2, NULL); 346 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT); 347 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 348 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 349 TEST_DONE(); 350 351 TEST_START("ECDSA key hex fingerprint"); 352 buf = load_text_file("ecdsa_1.fp"); 353 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX); 354 ASSERT_PTR_NE(cp, NULL); 355 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 356 sshbuf_free(buf); 357 free(cp); 358 TEST_DONE(); 359 360 TEST_START("ECDSA cert hex fingerprint"); 361 buf = load_text_file("ecdsa_1-cert.fp"); 362 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX); 363 ASSERT_PTR_NE(cp, NULL); 364 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 365 sshbuf_free(buf); 366 free(cp); 367 sshkey_free(k2); 368 TEST_DONE(); 369 370 TEST_START("ECDSA key bubblebabble fingerprint"); 371 buf = load_text_file("ecdsa_1.fp.bb"); 372 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE); 373 ASSERT_PTR_NE(cp, NULL); 374 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 375 sshbuf_free(buf); 376 free(cp); 377 TEST_DONE(); 378 379 sshkey_free(k1); 380 381 TEST_START("parse Ed25519 from private"); 382 buf = load_file("ed25519_1"); 383 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1", 384 &k1, NULL), 0); 385 sshbuf_free(buf); 386 ASSERT_PTR_NE(k1, NULL); 387 ASSERT_INT_EQ(k1->type, KEY_ED25519); 388 /* XXX check key contents */ 389 TEST_DONE(); 390 391 TEST_START("parse Ed25519 from private w/ passphrase"); 392 buf = load_file("ed25519_1_pw"); 393 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 394 (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0); 395 sshbuf_free(buf); 396 ASSERT_PTR_NE(k2, NULL); 397 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 398 sshkey_free(k2); 399 TEST_DONE(); 400 401 TEST_START("load Ed25519 from public"); 402 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2, 403 NULL), 0); 404 ASSERT_PTR_NE(k2, NULL); 405 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 406 sshkey_free(k2); 407 TEST_DONE(); 408 409 TEST_START("load Ed25519 cert"); 410 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0); 411 ASSERT_PTR_NE(k2, NULL); 412 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT); 413 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 414 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 415 TEST_DONE(); 416 417 TEST_START("Ed25519 key hex fingerprint"); 418 buf = load_text_file("ed25519_1.fp"); 419 cp = sshkey_fingerprint(k1, SSH_FP_MD5, SSH_FP_HEX); 420 ASSERT_PTR_NE(cp, NULL); 421 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 422 sshbuf_free(buf); 423 free(cp); 424 TEST_DONE(); 425 426 TEST_START("Ed25519 cert hex fingerprint"); 427 buf = load_text_file("ed25519_1-cert.fp"); 428 cp = sshkey_fingerprint(k2, SSH_FP_MD5, SSH_FP_HEX); 429 ASSERT_PTR_NE(cp, NULL); 430 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 431 sshbuf_free(buf); 432 free(cp); 433 sshkey_free(k2); 434 TEST_DONE(); 435 436 TEST_START("Ed25519 key bubblebabble fingerprint"); 437 buf = load_text_file("ed25519_1.fp.bb"); 438 cp = sshkey_fingerprint(k1, SSH_FP_SHA1, SSH_FP_BUBBLEBABBLE); 439 ASSERT_PTR_NE(cp, NULL); 440 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 441 sshbuf_free(buf); 442 free(cp); 443 TEST_DONE(); 444 445 sshkey_free(k1); 446 447 sshbuf_free(pw); 448 449 } 450