xref: /openbsd-src/regress/usr.bin/ssh/unittests/sshkey/test_fuzz.c (revision 33ada5827e27260bfc1e486f1788d2885ea92e11) 
1*33ada582Sdjm /* 	$OpenBSD: test_fuzz.c,v 1.14 2024/01/11 01:45:58 djm Exp $ */
2a7772ff7Sdjm /*
3a7772ff7Sdjm  * Fuzz tests for key parsing
4a7772ff7Sdjm  *
5a7772ff7Sdjm  * Placed in the public domain
6a7772ff7Sdjm  */
7a7772ff7Sdjm 
8a7772ff7Sdjm #include <sys/types.h>
9a7772ff7Sdjm #include <sys/stat.h>
10a7772ff7Sdjm #include <fcntl.h>
11a7772ff7Sdjm #include <stdio.h>
12a7772ff7Sdjm #include <stdint.h>
13a7772ff7Sdjm #include <stdlib.h>
14a7772ff7Sdjm #include <string.h>
15a7772ff7Sdjm #include <unistd.h>
16a7772ff7Sdjm 
17a7772ff7Sdjm #include <openssl/bn.h>
18a7772ff7Sdjm #include <openssl/ec.h>
19a7772ff7Sdjm #include <openssl/rsa.h>
20a7772ff7Sdjm #include <openssl/dsa.h>
21a7772ff7Sdjm #include <openssl/objects.h>
22a7772ff7Sdjm 
23a7772ff7Sdjm #include "test_helper.h"
24a7772ff7Sdjm 
25a7772ff7Sdjm #include "ssherr.h"
26a7772ff7Sdjm #include "authfile.h"
27a7772ff7Sdjm #include "sshkey.h"
28a7772ff7Sdjm #include "sshbuf.h"
29a7772ff7Sdjm 
30a7772ff7Sdjm #include "common.h"
31a7772ff7Sdjm 
32a7772ff7Sdjm void sshkey_fuzz_tests(void);
33a7772ff7Sdjm 
34a7772ff7Sdjm static void
onerror(void * fuzz)35a7772ff7Sdjm onerror(void *fuzz)
36a7772ff7Sdjm {
37a7772ff7Sdjm 	fprintf(stderr, "Failed during fuzz:\n");
38a7772ff7Sdjm 	fuzz_dump((struct fuzz *)fuzz);
39a7772ff7Sdjm }
40a7772ff7Sdjm 
41a7772ff7Sdjm static void
public_fuzz(struct sshkey * k)42a7772ff7Sdjm public_fuzz(struct sshkey *k)
43a7772ff7Sdjm {
44a7772ff7Sdjm 	struct sshkey *k1;
45a7772ff7Sdjm 	struct sshbuf *buf;
46a7772ff7Sdjm 	struct fuzz *fuzz;
47a76a1e99Sdjm 	u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
48a76a1e99Sdjm 	    FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
49a7772ff7Sdjm 
50a76a1e99Sdjm 	if (test_is_fast())
51a76a1e99Sdjm 		fuzzers &= ~FUZZ_1_BIT_FLIP;
52a76a1e99Sdjm 	if (test_is_slow())
53a76a1e99Sdjm 		fuzzers |= FUZZ_2_BIT_FLIP | FUZZ_2_BYTE_FLIP;
54a7772ff7Sdjm 	ASSERT_PTR_NE(buf = sshbuf_new(), NULL);
55f427794eSdjm 	ASSERT_INT_EQ(sshkey_putb(k, buf), 0);
56a76a1e99Sdjm 	fuzz = fuzz_begin(fuzzers, sshbuf_mutable_ptr(buf), sshbuf_len(buf));
57a7772ff7Sdjm 	ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(buf), sshbuf_len(buf),
58a7772ff7Sdjm 	    &k1), 0);
59a7772ff7Sdjm 	sshkey_free(k1);
60a7772ff7Sdjm 	sshbuf_free(buf);
61a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
62a7772ff7Sdjm 	for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
63a7772ff7Sdjm 		if (sshkey_from_blob(fuzz_ptr(fuzz), fuzz_len(fuzz), &k1) == 0)
64a7772ff7Sdjm 			sshkey_free(k1);
65a7772ff7Sdjm 	}
66a7772ff7Sdjm 	fuzz_cleanup(fuzz);
67a7772ff7Sdjm }
68a7772ff7Sdjm 
69a7772ff7Sdjm static void
sig_fuzz(struct sshkey * k,const char * sig_alg)703382e080Sdjm sig_fuzz(struct sshkey *k, const char *sig_alg)
71a7772ff7Sdjm {
72a7772ff7Sdjm 	struct fuzz *fuzz;
73a7772ff7Sdjm 	u_char *sig, c[] = "some junk to be signed";
74a7772ff7Sdjm 	size_t l;
75a76a1e99Sdjm 	u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
76a76a1e99Sdjm 	    FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
77a76a1e99Sdjm 
78a76a1e99Sdjm 	if (test_is_fast())
79a76a1e99Sdjm 		fuzzers &= ~FUZZ_2_BYTE_FLIP;
80a76a1e99Sdjm 	if (test_is_slow())
81a76a1e99Sdjm 		fuzzers |= FUZZ_2_BIT_FLIP;
82a7772ff7Sdjm 
832f595249Sdjm 	ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c),
84d83aa1b4Sdjm 	    sig_alg, NULL, NULL, 0), 0);
85a7772ff7Sdjm 	ASSERT_SIZE_T_GT(l, 0);
86a76a1e99Sdjm 	fuzz = fuzz_begin(fuzzers, sig, l);
87760ae021Sdjm 	ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0, NULL), 0);
88a7772ff7Sdjm 	free(sig);
89a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
90a7772ff7Sdjm 	for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
9157907c7aSdjm 		/* Ensure 1-bit difference at least */
9257907c7aSdjm 		if (fuzz_matches_original(fuzz))
9357907c7aSdjm 			continue;
9457907c7aSdjm 		ASSERT_INT_NE(sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz),
95760ae021Sdjm 		    c, sizeof(c), NULL, 0, NULL), 0);
96a7772ff7Sdjm 	}
97a7772ff7Sdjm 	fuzz_cleanup(fuzz);
98a7772ff7Sdjm }
99a7772ff7Sdjm 
100a76a1e99Sdjm #define NUM_FAST_BASE64_TESTS	1024
101a76a1e99Sdjm 
102a7772ff7Sdjm void
sshkey_fuzz_tests(void)103a7772ff7Sdjm sshkey_fuzz_tests(void)
104a7772ff7Sdjm {
105a7772ff7Sdjm 	struct sshkey *k1;
106a7772ff7Sdjm 	struct sshbuf *buf, *fuzzed;
107a7772ff7Sdjm 	struct fuzz *fuzz;
108a76a1e99Sdjm 	int r, i;
109a7772ff7Sdjm 
110a7772ff7Sdjm 
111a7772ff7Sdjm 	TEST_START("fuzz RSA private");
112a7772ff7Sdjm 	buf = load_file("rsa_1");
113a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
114a7772ff7Sdjm 	    sshbuf_len(buf));
11534c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
116a7772ff7Sdjm 	sshkey_free(k1);
117a7772ff7Sdjm 	sshbuf_free(buf);
118a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
119a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
120a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
121a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
122a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
12334c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
124a7772ff7Sdjm 			sshkey_free(k1);
125a7772ff7Sdjm 		sshbuf_reset(fuzzed);
126a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
127a76a1e99Sdjm 			break;
128a7772ff7Sdjm 	}
129a7772ff7Sdjm 	sshbuf_free(fuzzed);
130a7772ff7Sdjm 	fuzz_cleanup(fuzz);
131a7772ff7Sdjm 	TEST_DONE();
132a7772ff7Sdjm 
133a7772ff7Sdjm 	TEST_START("fuzz RSA new-format private");
134a7772ff7Sdjm 	buf = load_file("rsa_n");
135a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
136a7772ff7Sdjm 	    sshbuf_len(buf));
13734c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
138a7772ff7Sdjm 	sshkey_free(k1);
139a7772ff7Sdjm 	sshbuf_free(buf);
140a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
141a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
142a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
143a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
144a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
14534c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
146a7772ff7Sdjm 			sshkey_free(k1);
147a7772ff7Sdjm 		sshbuf_reset(fuzzed);
148a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
149a76a1e99Sdjm 			break;
150a7772ff7Sdjm 	}
151a7772ff7Sdjm 	sshbuf_free(fuzzed);
152a7772ff7Sdjm 	fuzz_cleanup(fuzz);
153a7772ff7Sdjm 	TEST_DONE();
154a7772ff7Sdjm 
155*33ada582Sdjm #ifdef WITH_DSA
156a7772ff7Sdjm 	TEST_START("fuzz DSA private");
157a7772ff7Sdjm 	buf = load_file("dsa_1");
158a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
159a7772ff7Sdjm 	    sshbuf_len(buf));
16034c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
161a7772ff7Sdjm 	sshkey_free(k1);
162a7772ff7Sdjm 	sshbuf_free(buf);
163a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
164a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
165a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
166a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
167a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
16834c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
169a7772ff7Sdjm 			sshkey_free(k1);
170a7772ff7Sdjm 		sshbuf_reset(fuzzed);
171a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
172a76a1e99Sdjm 			break;
173a7772ff7Sdjm 	}
174a7772ff7Sdjm 	sshbuf_free(fuzzed);
175a7772ff7Sdjm 	fuzz_cleanup(fuzz);
176a7772ff7Sdjm 	TEST_DONE();
177a7772ff7Sdjm 
178a7772ff7Sdjm 	TEST_START("fuzz DSA new-format private");
179a7772ff7Sdjm 	buf = load_file("dsa_n");
180a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
181a7772ff7Sdjm 	    sshbuf_len(buf));
18234c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
183a7772ff7Sdjm 	sshkey_free(k1);
184a7772ff7Sdjm 	sshbuf_free(buf);
185a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
186a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
187a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
188a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
189a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
19034c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
191a7772ff7Sdjm 			sshkey_free(k1);
192a7772ff7Sdjm 		sshbuf_reset(fuzzed);
193a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
194a76a1e99Sdjm 			break;
195a7772ff7Sdjm 	}
196a7772ff7Sdjm 	sshbuf_free(fuzzed);
197a7772ff7Sdjm 	fuzz_cleanup(fuzz);
198a7772ff7Sdjm 	TEST_DONE();
199*33ada582Sdjm #endif
200a7772ff7Sdjm 
201a7772ff7Sdjm 	TEST_START("fuzz ECDSA private");
202a7772ff7Sdjm 	buf = load_file("ecdsa_1");
203a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
204a7772ff7Sdjm 	    sshbuf_len(buf));
20534c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
206a7772ff7Sdjm 	sshkey_free(k1);
207a7772ff7Sdjm 	sshbuf_free(buf);
208a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
209a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
210a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
211a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
212a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
21334c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
214a7772ff7Sdjm 			sshkey_free(k1);
215a7772ff7Sdjm 		sshbuf_reset(fuzzed);
216a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
217a76a1e99Sdjm 			break;
218a7772ff7Sdjm 	}
219a7772ff7Sdjm 	sshbuf_free(fuzzed);
220a7772ff7Sdjm 	fuzz_cleanup(fuzz);
221a7772ff7Sdjm 	TEST_DONE();
222a7772ff7Sdjm 
223a7772ff7Sdjm 	TEST_START("fuzz ECDSA new-format private");
224a7772ff7Sdjm 	buf = load_file("ecdsa_n");
225a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
226a7772ff7Sdjm 	    sshbuf_len(buf));
22734c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
228a7772ff7Sdjm 	sshkey_free(k1);
229a7772ff7Sdjm 	sshbuf_free(buf);
230a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
231a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
232a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
233a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
234a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
23534c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
236a7772ff7Sdjm 			sshkey_free(k1);
237a7772ff7Sdjm 		sshbuf_reset(fuzzed);
238a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
239a76a1e99Sdjm 			break;
240a7772ff7Sdjm 	}
241a7772ff7Sdjm 	sshbuf_free(fuzzed);
242a7772ff7Sdjm 	fuzz_cleanup(fuzz);
243a7772ff7Sdjm 	TEST_DONE();
244a7772ff7Sdjm 
245a7772ff7Sdjm 	TEST_START("fuzz Ed25519 private");
246a7772ff7Sdjm 	buf = load_file("ed25519_1");
247a7772ff7Sdjm 	fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
248a7772ff7Sdjm 	    sshbuf_len(buf));
24934c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
250a7772ff7Sdjm 	sshkey_free(k1);
251a7772ff7Sdjm 	sshbuf_free(buf);
252a7772ff7Sdjm 	ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
253a7772ff7Sdjm 	TEST_ONERROR(onerror, fuzz);
254a76a1e99Sdjm 	for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
255a7772ff7Sdjm 		r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
256a7772ff7Sdjm 		ASSERT_INT_EQ(r, 0);
25734c8ff87Sdjm 		if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
258a7772ff7Sdjm 			sshkey_free(k1);
259a7772ff7Sdjm 		sshbuf_reset(fuzzed);
260a76a1e99Sdjm 		if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
261a76a1e99Sdjm 			break;
262a7772ff7Sdjm 	}
263a7772ff7Sdjm 	sshbuf_free(fuzzed);
264a7772ff7Sdjm 	fuzz_cleanup(fuzz);
265a7772ff7Sdjm 	TEST_DONE();
266a7772ff7Sdjm 
267a7772ff7Sdjm 	TEST_START("fuzz RSA public");
268a7772ff7Sdjm 	buf = load_file("rsa_1");
26934c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
270a7772ff7Sdjm 	sshbuf_free(buf);
271a7772ff7Sdjm 	public_fuzz(k1);
272a7772ff7Sdjm 	sshkey_free(k1);
273a7772ff7Sdjm 	TEST_DONE();
274a7772ff7Sdjm 
275a7772ff7Sdjm 	TEST_START("fuzz RSA cert");
276a7772ff7Sdjm 	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
277a7772ff7Sdjm 	public_fuzz(k1);
278a7772ff7Sdjm 	sshkey_free(k1);
279a7772ff7Sdjm 	TEST_DONE();
280a7772ff7Sdjm 
281*33ada582Sdjm #ifdef WITH_DSA
282a7772ff7Sdjm 	TEST_START("fuzz DSA public");
283a7772ff7Sdjm 	buf = load_file("dsa_1");
28434c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
285a7772ff7Sdjm 	sshbuf_free(buf);
286a7772ff7Sdjm 	public_fuzz(k1);
287a7772ff7Sdjm 	sshkey_free(k1);
288a7772ff7Sdjm 	TEST_DONE();
289a7772ff7Sdjm 
290a7772ff7Sdjm 	TEST_START("fuzz DSA cert");
291a7772ff7Sdjm 	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k1), 0);
292a7772ff7Sdjm 	public_fuzz(k1);
293a7772ff7Sdjm 	sshkey_free(k1);
294a7772ff7Sdjm 	TEST_DONE();
295*33ada582Sdjm #endif
296a7772ff7Sdjm 
297a7772ff7Sdjm 	TEST_START("fuzz ECDSA public");
298a7772ff7Sdjm 	buf = load_file("ecdsa_1");
29934c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
300a7772ff7Sdjm 	sshbuf_free(buf);
301a7772ff7Sdjm 	public_fuzz(k1);
302a7772ff7Sdjm 	sshkey_free(k1);
303a7772ff7Sdjm 	TEST_DONE();
304a7772ff7Sdjm 
305a7772ff7Sdjm 	TEST_START("fuzz ECDSA cert");
306a7772ff7Sdjm 	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k1), 0);
307a7772ff7Sdjm 	public_fuzz(k1);
308a7772ff7Sdjm 	sshkey_free(k1);
309a7772ff7Sdjm 	TEST_DONE();
310a7772ff7Sdjm 
311a7772ff7Sdjm 	TEST_START("fuzz Ed25519 public");
312a7772ff7Sdjm 	buf = load_file("ed25519_1");
31334c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
314a7772ff7Sdjm 	sshbuf_free(buf);
315a7772ff7Sdjm 	public_fuzz(k1);
316a7772ff7Sdjm 	sshkey_free(k1);
317a7772ff7Sdjm 	TEST_DONE();
318a7772ff7Sdjm 
319a7772ff7Sdjm 	TEST_START("fuzz Ed25519 cert");
320a7772ff7Sdjm 	ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k1), 0);
321a7772ff7Sdjm 	public_fuzz(k1);
322a7772ff7Sdjm 	sshkey_free(k1);
323a7772ff7Sdjm 	TEST_DONE();
324a7772ff7Sdjm 
325a7772ff7Sdjm 	TEST_START("fuzz RSA sig");
326a7772ff7Sdjm 	buf = load_file("rsa_1");
32734c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
328a7772ff7Sdjm 	sshbuf_free(buf);
3293382e080Sdjm 	sig_fuzz(k1, "ssh-rsa");
3303382e080Sdjm 	sshkey_free(k1);
3313382e080Sdjm 	TEST_DONE();
3323382e080Sdjm 
3333382e080Sdjm 	TEST_START("fuzz RSA SHA256 sig");
3343382e080Sdjm 	buf = load_file("rsa_1");
3353382e080Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
3363382e080Sdjm 	sshbuf_free(buf);
3373382e080Sdjm 	sig_fuzz(k1, "rsa-sha2-256");
3383382e080Sdjm 	sshkey_free(k1);
3393382e080Sdjm 	TEST_DONE();
3403382e080Sdjm 
3413382e080Sdjm 	TEST_START("fuzz RSA SHA512 sig");
3423382e080Sdjm 	buf = load_file("rsa_1");
3433382e080Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
3443382e080Sdjm 	sshbuf_free(buf);
3453382e080Sdjm 	sig_fuzz(k1, "rsa-sha2-512");
346a7772ff7Sdjm 	sshkey_free(k1);
347a7772ff7Sdjm 	TEST_DONE();
348a7772ff7Sdjm 
349*33ada582Sdjm #ifdef WITH_DSA
350a7772ff7Sdjm 	TEST_START("fuzz DSA sig");
351a7772ff7Sdjm 	buf = load_file("dsa_1");
35234c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
353a7772ff7Sdjm 	sshbuf_free(buf);
3543382e080Sdjm 	sig_fuzz(k1, NULL);
355a7772ff7Sdjm 	sshkey_free(k1);
356a7772ff7Sdjm 	TEST_DONE();
357*33ada582Sdjm #endif
358a7772ff7Sdjm 
359a7772ff7Sdjm 	TEST_START("fuzz ECDSA sig");
360a7772ff7Sdjm 	buf = load_file("ecdsa_1");
36134c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
362a7772ff7Sdjm 	sshbuf_free(buf);
3633382e080Sdjm 	sig_fuzz(k1, NULL);
364a7772ff7Sdjm 	sshkey_free(k1);
365a7772ff7Sdjm 	TEST_DONE();
366a7772ff7Sdjm 
367a7772ff7Sdjm 	TEST_START("fuzz Ed25519 sig");
368a7772ff7Sdjm 	buf = load_file("ed25519_1");
36934c8ff87Sdjm 	ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
370a7772ff7Sdjm 	sshbuf_free(buf);
3713382e080Sdjm 	sig_fuzz(k1, NULL);
372a7772ff7Sdjm 	sshkey_free(k1);
373a7772ff7Sdjm 	TEST_DONE();
374a7772ff7Sdjm 
375a7772ff7Sdjm /* XXX fuzz decoded new-format blobs too */
376a7772ff7Sdjm 
377a7772ff7Sdjm }
378