1
1

tests: Refactor and provide plain PKCS8 PEM format

This also allows testing mbedtls with the PKCS8 PEM files

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Jakub Jelen 2022-07-04 19:50:04 +02:00 коммит произвёл Andreas Schneider
родитель f193e6840d
Коммит 66be590657

Просмотреть файл

@ -28,8 +28,14 @@
#include "torture.h" #include "torture.h"
#include "torture_key.h" #include "torture_key.h"
enum torture_format_e {
FORMAT_PEM = 0,
FORMAT_OPENSSH,
FORMAT_PKCS8,
};
/**************************************************************************** /****************************************************************************
* DSA KEYS * RSA KEYS
****************************************************************************/ ****************************************************************************/
static const char torture_rsa_private_testkey[] = static const char torture_rsa_private_testkey[] =
"-----BEGIN RSA PRIVATE KEY-----\n" "-----BEGIN RSA PRIVATE KEY-----\n"
@ -60,6 +66,36 @@ static const char torture_rsa_private_testkey[] =
"pOqNt/VMBPjJ/ysHJqmLfQK9A35JV6Cmdphe+OIl28bcKhAOz8Dw\n" "pOqNt/VMBPjJ/ysHJqmLfQK9A35JV6Cmdphe+OIl28bcKhAOz8Dw\n"
"-----END RSA PRIVATE KEY-----\n"; "-----END RSA PRIVATE KEY-----\n";
static const char torture_rsa_private_pkcs8_testkey[] =
"-----BEGIN PRIVATE KEY-----\n"
"MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCsA5ERRaUFckAp\n"
"nmEAFjLGdFrINk/Vsl4ts9Ur6enF6auEfJmCN1tjcAOi34lHJaO+WXbDYYj7duW3\n"
"SP7H9lbCMwq79BhzJxinkcvTWCjE7G66xluL4qIdEYHrPQQx1cztTzZTuUD+P/8f\n"
"JmmnIONQOeJZptdAmB7ySwZcZOIV4An/rzu5X4klyMY/EAYVDHPKOK1/8Wsv1LRY\n"
"YplvKp4YPPJ4FnU0si5qI45HIsZJbh24csM3vwSawmfCqDaAlCZFJoPgE1kyO1t+\n"
"IVxIv1TDhdAVOxa6BQMRjUBThzmDXWeHMfMGL2ow63kPOtlCkPiPSADYs4ekeGg5\n"
"2DVm4esZAgMBAAECggEAUlNqrL+OWWry9nhMqIP3TTAG+uezke1KUclN7zSGpChP\n"
"5JrVxZLE9HR56QvfYePL2KBszNnze5bOHsia2A04PL29F3Od+A7wJ9MJoF8DNCyM\n"
"WmvxCKQxPoRQj8umJEvVRoaw06VIS+dJLRlvW4PMB2uMv6ewQcQMm534r2PBKQJG\n"
"J9UzLt8t9q6b5gql14TPsrYyCbmkn9WD72y8jZXWrscA4jh5RVOAk0dfLl52JEmV\n"
"qNAd/+U1TMcqqfuIf4lGXTWC3rZfyugbrZtNsXKVuF6oyb1rC5IXa5w5zH6C67CG\n"
"Q+KvwEQxvTyPeGIr5N/A91jQXpAfg6GIorsxOpNWAQKBgQDS+aa7kY4G3BGarqBU\n"
"0IeF0sNBZrEBmpBGZFvPFWEWlu/QaNtAQXu222rd+MOvMN/oIT1G1lbDYFRJdWr4\n"
"hcH9tdvWSBZTbFbLCb44UOT05dCzy6L4xjsWI/fK6rdgmhvaDkIKxVBaXYIe9YaZ\n"
"MuETU4OWXf23tjW7B1wOhsk34QKBgQDQuVGF8yPJ1abCqihT1MONc0GbC5/JiU0V\n"
"MffnVqZiAVQOk1/flIwI/iEOixTD/MJMOlz7XDTgEkl+QfVI29dI6KWl1phFNi6v\n"
"IO8aZYLrorYpfWcsSuGWGzXsLDNX33udiAMfc45Tgd+ogqZ0ZuO9aWSZj6YsfIbX\n"
"Rtuk5Nu6OQKBgBzrzEd6NJYMJP2nYqM90tYthka45RrrLUv5BfzlWWHXXxiaxzOP\n"
"xn3Splu3dlvVv1v68oN7bnlqAyPuzLM04tr8yx4c07Kr71n2A/WEYV6RAoMjLzwb\n"
"MI5gb9+JPYoolhjWS4dedR1uJCBKWCE4MFKN6EP8roM4nzT8VUpIf90BAoGBAMn5\n"
"qlPOlmEnZ/mTovaMOrdUQrYAJ51kSb0q31NzXAoWcvqvzeSS4HeLQv3JxExq+LG/\n"
"AF8UOO5jg86zkOHyKn+Y8UJrSGohJke9vOJ0PJ48k73OZdpMk8MnjaR+mSh9UCd+\n"
"iFcVATL5yC5OTzjwn4yYwgp/ITSHRAxpuv3zoFSxAoGARWCiLhFfCa0ai+0x7DTU\n"
"5E9X0w5fe/5WewKAPj/npREo4CeCJLvTEQ843A1tMJa66/jccbMmhUWIAwadA/UE\n"
"AnuCQeSNJ6A4YqSLDXYQ9RaEVwyD4aSA+Fyk6o239UwE+Mn/KwcmqYt9Ar0DfklX\n"
"oKZ2mF744iXbxtwqEA7PwPA=\n"
"-----END PRIVATE KEY-----\n";
static const char torture_rsa_private_testkey_passphrase[] = static const char torture_rsa_private_testkey_passphrase[] =
"-----BEGIN RSA PRIVATE KEY-----\n" "-----BEGIN RSA PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n" "Proc-Type: 4,ENCRYPTED\n"
@ -187,7 +223,6 @@ static const char torture_rsa_private_openssh_testkey[] =
"zfm1MJUNDFOr3DM0VBIf34Bn1hU/isPXAAAAAAEC\n" "zfm1MJUNDFOr3DM0VBIf34Bn1hU/isPXAAAAAAEC\n"
"-----END OPENSSH PRIVATE KEY-----\n"; "-----END OPENSSH PRIVATE KEY-----\n";
static const char torture_rsa_public_testkey[] = static const char torture_rsa_public_testkey[] =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsA5ERRaUFckApnmEAFjLGdFrIN" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsA5ERRaUFckApnmEAFjLGdFrIN"
"k/Vsl4ts9Ur6enF6auEfJmCN1tjcAOi34lHJaO+WXbDYYj7duW3SP7H9lbCMwq79B" "k/Vsl4ts9Ur6enF6auEfJmCN1tjcAOi34lHJaO+WXbDYYj7duW3SP7H9lbCMwq79B"
@ -208,7 +243,6 @@ static const char torture_rsa_public_testkey_pem[] =
"GQIDAQAB\n" "GQIDAQAB\n"
"-----END PUBLIC KEY-----\n"; "-----END PUBLIC KEY-----\n";
static const char torture_rsa_testkey_cert[] = static const char torture_rsa_testkey_cert[] =
"ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNz" "ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNz"
"aC5jb20AAAAgL77S/SgY969FbEtNBsbLvvtGFgnEHaPb+V7ajwuf+R0AAAADAQABA" "aC5jb20AAAAgL77S/SgY969FbEtNBsbLvvtGFgnEHaPb+V7ajwuf+R0AAAADAQABA"
@ -253,6 +287,17 @@ static const char torture_dsa_private_testkey[] =
"Pzsg7bTzoNvjQL+Noyiy\n" "Pzsg7bTzoNvjQL+Noyiy\n"
"-----END DSA PRIVATE KEY-----\n"; "-----END DSA PRIVATE KEY-----\n";
static const char torture_dsa_private_pkcs8_testkey[] =
"-----BEGIN PRIVATE KEY-----\n"
"MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAJTK9U8SSfdSdkOPMLNLNIelOW3O\n"
"vQRz7WbP8kAKMcwEn0L9b8/C8ffKOR+gWGFES+hjsg+fAC7ltzHDxOQhKrthE5Dj\n"
"T0+rDA+/LQ3cZSn/6QpLbrwEgn5Uo3nXddF/t4vV7hodQn5qX3HUnFOZzpPQYGrW\n"
"XK74JNRTKHblo0MXAhUArziPbQaZT7N7CNDCwhe5VvoL88cCgYBeG4hWwnFRAnmd\n"
"ZBEt/ujdcQZD4RxWYc7MwHXEKweNiekSGFyj6v8cNlIPfWTMN4BlTJzPfVaoYvzJ\n"
"ev45lEuoSwYLt3AQDM+JcO6XTMdyXTKIo+tGsuA0kd4pxPol+UGeAruNBEhVSDcX\n"
"fXTh9tVravBqeIuXgZIFk9cylR2eDwQXAhUAjUd3z+I/OyDttPOg2+NAv42jKLI=\n"
"-----END PRIVATE KEY-----\n";
static const char torture_dsa_private_testkey_passphrase[] = static const char torture_dsa_private_testkey_passphrase[] =
"-----BEGIN DSA PRIVATE KEY-----\n" "-----BEGIN DSA PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n" "Proc-Type: 4,ENCRYPTED\n"
@ -384,6 +429,13 @@ static const char torture_ecdsa256_private_testkey[] =
"89Mlr7AUxcFPd+kCo+NE6yq/mNQcL7E6iQ==\n" "89Mlr7AUxcFPd+kCo+NE6yq/mNQcL7E6iQ==\n"
"-----END EC PRIVATE KEY-----\n"; "-----END EC PRIVATE KEY-----\n";
static const char torture_ecdsa256_private_pkcs8_testkey[] =
"-----BEGIN PRIVATE KEY-----\n"
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgEIN55hgC1fcSew/S\n"
"tq3BWk1NoD/grU3pW8cyJRmVV2GhRANCAATH7253zxDkZa0t37Iy1hpqkLzmD7Zk\n"
"untW0UcDQRs0eoFRDGiH4iTz0yWvsBTFwU936QKj40TrKr+Y1BwvsTqJ\n"
"-----END PRIVATE KEY-----\n";
static const char torture_ecdsa256_private_testkey_passphrase[] = static const char torture_ecdsa256_private_testkey_passphrase[] =
"-----BEGIN EC PRIVATE KEY-----\n" "-----BEGIN EC PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n" "Proc-Type: 4,ENCRYPTED\n"
@ -460,6 +512,14 @@ static const char torture_ecdsa384_private_testkey[] =
"jkXlc5YbYHjueBbp0oeNXqsXHNAWQZo=\n" "jkXlc5YbYHjueBbp0oeNXqsXHNAWQZo=\n"
"-----END EC PRIVATE KEY-----\n"; "-----END EC PRIVATE KEY-----\n";
static const char torture_ecdsa384_private_pkcs8_testkey[] =
"-----BEGIN PRIVATE KEY-----\n"
"MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBY8jEa5DtRy4AVeTWh\n"
"PJ/TK257behiC3uafEi6YA2oHORibqX55EDNwz29MT40mQShZANiAARXc4BN6BrV\n"
"o1QMi3+i/B85Lu7SMuzBi+1PbJti8xz+Szgq64gaBGOK9o+WOdLAd/w7p7DJLdzt\n"
"J0bYoyT4V3B3ZqR9RyGq6mYCjkXlc5YbYHjueBbp0oeNXqsXHNAWQZo=\n"
"-----END PRIVATE KEY-----\n";
static const char torture_ecdsa384_private_testkey_passphrase[] = static const char torture_ecdsa384_private_testkey_passphrase[] =
"-----BEGIN EC PRIVATE KEY-----\n" "-----BEGIN EC PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n" "Proc-Type: 4,ENCRYPTED\n"
@ -544,6 +604,16 @@ static const char torture_ecdsa521_private_testkey[] =
"KATU3h8gzTMkbrx8DJTFHEIjXBShs44HsSYVl3Xy\n" "KATU3h8gzTMkbrx8DJTFHEIjXBShs44HsSYVl3Xy\n"
"-----END EC PRIVATE KEY-----\n"; "-----END EC PRIVATE KEY-----\n";
static const char torture_ecdsa521_private_pkcs8_testkey[] =
"-----BEGIN PRIVATE KEY-----\n"
"MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAvN50idki6IgbxJLt\n"
"SbXkClsf17ekx5LIAu66yGk1Jjc5PutH9LAgphpZdHYK2S5niMPk7ZxtRNtFWX5Q\n"
"iqviHZGhgYkDgYYABAHOg+9vHW2kJB50j7c7WkcCcOtwgZdeXMpAeEl17sFnTTrT\n"
"8wYo1FCzE07wV262vIC+AE3fXUJ7sJ/CkFIdk/8/gQEY1jyoXB3Bsee16VwhJGsM\n"
"zGGh1FJ0XXhRJjUbG18qbH9JiSgE1N4fIM0zJG68fAyUxRxCI1wUobOOB7EmFZd1\n"
"8g==\n"
"-----END PRIVATE KEY-----\n";
static const char torture_ecdsa521_private_testkey_passphrase[] = static const char torture_ecdsa521_private_testkey_passphrase[] =
"-----BEGIN EC PRIVATE KEY-----\n" "-----BEGIN EC PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n" "Proc-Type: 4,ENCRYPTED\n"
@ -597,7 +667,6 @@ static const char torture_ecdsa521_private_openssh_testkey_passphrase[] =
"Z6+gi3jd+kOyUk3NifHcre9K6ie7LL33JayM\n" "Z6+gi3jd+kOyUk3NifHcre9K6ie7LL33JayM\n"
"-----END OPENSSH PRIVATE KEY-----\n"; "-----END OPENSSH PRIVATE KEY-----\n";
static const char torture_ecdsa521_public_testkey[] = static const char torture_ecdsa521_public_testkey[] =
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj" "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj"
"EAAACFBAHOg+9vHW2kJB50j7c7WkcCcOtwgZdeXMpAeEl17sFnTTrT8wYo1FCzE07w" "EAAACFBAHOg+9vHW2kJB50j7c7WkcCcOtwgZdeXMpAeEl17sFnTTrT8wYo1FCzE07w"
@ -683,131 +752,39 @@ static const char torture_ed25519_testkey_cert[] =
"d8AogGWM6njfejbazFVyfnjNiWqatx6IV3Nnqc3LjCiPY19fqIPe2YJSzytHwLTD5X" "d8AogGWM6njfejbazFVyfnjNiWqatx6IV3Nnqc3LjCiPY19fqIPe2YJSzytHwLTD5X"
"IjD2bJpq2ZfjQwXpO0J ./ed.pub"; "IjD2bJpq2ZfjQwXpO0J ./ed.pub";
static const char *torture_get_testkey_internal(enum ssh_keytypes_e type, static const char *
bool with_passphrase, torture_get_testkey_public_internal(enum ssh_keytypes_e type,
int pubkey, enum torture_format_e format)
int format)
{ {
switch (type) { switch (type) {
case SSH_KEYTYPE_DSS: case SSH_KEYTYPE_DSS:
if (pubkey) {
return torture_dsa_public_testkey; return torture_dsa_public_testkey;
} else if (with_passphrase) {
if (format == 1) {
return torture_dsa_private_openssh_testkey_passphrase;
}
if (format == 2) {
return torture_dsa_private_pkcs8_testkey_passphrase;
} else {
return torture_dsa_private_testkey_passphrase;
}
}
if (format == 1) {
return torture_dsa_private_openssh_testkey;
}
return torture_dsa_private_testkey;
case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA:
if (pubkey) { if (format == FORMAT_OPENSSH) {
if (format == 1) {
return torture_rsa_public_testkey_pem;
} else {
return torture_rsa_public_testkey; return torture_rsa_public_testkey;
} }
} else if (with_passphrase) { return torture_rsa_public_testkey_pem;
if (format == 1) {
return torture_rsa_private_openssh_testkey_passphrase;
}
if (format == 2) {
return torture_rsa_private_pkcs8_testkey_passphrase;
} else {
return torture_rsa_private_testkey_passphrase;
}
}
if (format == 1) {
return torture_rsa_private_openssh_testkey;
}
return torture_rsa_private_testkey;
case SSH_KEYTYPE_ECDSA_P521: case SSH_KEYTYPE_ECDSA_P521:
if (pubkey) { if (format == FORMAT_OPENSSH) {
if (format == 1) {
return torture_ecdsa521_public_testkey_pem;
} else {
return torture_ecdsa521_public_testkey; return torture_ecdsa521_public_testkey;
} }
} else if (with_passphrase) { return torture_ecdsa521_public_testkey_pem;
if (format == 1) {
return torture_ecdsa521_private_openssh_testkey_passphrase;
}
if (format == 2) {
return torture_ecdsa521_private_pkcs8_testkey_passphrase;
} else {
return torture_ecdsa521_private_testkey_passphrase;
}
}
if (format == 1) {
return torture_ecdsa521_private_openssh_testkey;
}
return torture_ecdsa521_private_testkey;
case SSH_KEYTYPE_ECDSA_P384: case SSH_KEYTYPE_ECDSA_P384:
if (pubkey) { if (format == FORMAT_OPENSSH) {
if (format == 1) {
return torture_ecdsa384_public_testkey_pem;
} else {
return torture_ecdsa384_public_testkey; return torture_ecdsa384_public_testkey;
} }
} else if (with_passphrase){ return torture_ecdsa384_public_testkey_pem;
if (format == 1) {
return torture_ecdsa384_private_openssh_testkey_passphrase;
}
if (format == 2) {
return torture_ecdsa384_private_pkcs8_testkey_passphrase;
} else {
return torture_ecdsa384_private_testkey_passphrase;
}
}
if (format == 1) {
return torture_ecdsa384_private_openssh_testkey;
}
return torture_ecdsa384_private_testkey;
case SSH_KEYTYPE_ECDSA_P256: case SSH_KEYTYPE_ECDSA_P256:
if (pubkey) { if (format == FORMAT_OPENSSH) {
if (format == 1) {
return torture_ecdsa256_public_testkey_pem;
} else {
return torture_ecdsa256_public_testkey; return torture_ecdsa256_public_testkey;
} }
} else if (with_passphrase){ return torture_ecdsa256_public_testkey_pem;
if (format == 1) {
return torture_ecdsa256_private_openssh_testkey_pasphrase;
}
if (format == 2) {
return torture_ecdsa256_private_pkcs8_testkey_passphrase;
} else {
return torture_ecdsa256_private_testkey_passphrase;
}
}
if (format == 1) {
return torture_ecdsa256_private_openssh_testkey;
}
return torture_ecdsa256_private_testkey;
case SSH_KEYTYPE_ED25519: case SSH_KEYTYPE_ED25519:
if (pubkey) { if (format == FORMAT_OPENSSH) {
return torture_ed25519_public_testkey; return torture_ed25519_public_testkey;
} else if (with_passphrase) {
if (format == 1) {
return torture_ed25519_private_openssh_testkey_passphrase;
} }
if (format == 2) { /* not available in other formats */
return torture_ed25519_private_pkcs8_testkey_passphrase;
}
/* ed25519 keys are not available in legacy PEM format */
return NULL; return NULL;
}
if (format == 1) {
return torture_ed25519_private_openssh_testkey;
}
/* ed25519 keys are not available in legacy PEM format */
return torture_ed25519_private_pkcs8_testkey;
case SSH_KEYTYPE_DSS_CERT01: case SSH_KEYTYPE_DSS_CERT01:
return torture_dsa_testkey_cert; return torture_dsa_testkey_cert;
case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_RSA_CERT01:
@ -833,35 +810,222 @@ static const char *torture_get_testkey_internal(enum ssh_keytypes_e type,
return NULL; return NULL;
} }
/* Return the encrypted private key in a new OpenSSH format */ static const char *
const char *torture_get_openssh_testkey(enum ssh_keytypes_e type, torture_get_testkey_encrypted_internal(enum ssh_keytypes_e type,
bool with_passphrase) enum torture_format_e format)
{ {
return torture_get_testkey_internal(type, with_passphrase, 0, 1); switch (type) {
case SSH_KEYTYPE_DSS:
switch (format) {
case FORMAT_OPENSSH:
return torture_dsa_private_openssh_testkey_passphrase;
case FORMAT_PKCS8:
return torture_dsa_private_pkcs8_testkey_passphrase;
case FORMAT_PEM:
return torture_dsa_private_testkey_passphrase;
}
return NULL;
case SSH_KEYTYPE_RSA:
switch (format) {
case FORMAT_OPENSSH:
return torture_rsa_private_openssh_testkey_passphrase;
case FORMAT_PKCS8:
return torture_rsa_private_pkcs8_testkey_passphrase;
case FORMAT_PEM:
return torture_rsa_private_testkey_passphrase;
}
return NULL;
case SSH_KEYTYPE_ECDSA_P521:
switch (format) {
case FORMAT_OPENSSH:
return torture_ecdsa521_private_openssh_testkey_passphrase;
case FORMAT_PKCS8:
return torture_ecdsa521_private_pkcs8_testkey_passphrase;
case FORMAT_PEM:
return torture_ecdsa521_private_testkey_passphrase;
}
return NULL;
case SSH_KEYTYPE_ECDSA_P384:
switch (format) {
case FORMAT_OPENSSH:
return torture_ecdsa384_private_openssh_testkey_passphrase;
case FORMAT_PKCS8:
return torture_ecdsa384_private_pkcs8_testkey_passphrase;
case FORMAT_PEM:
return torture_ecdsa384_private_testkey_passphrase;
}
return NULL;
case SSH_KEYTYPE_ECDSA_P256:
switch (format) {
case FORMAT_OPENSSH:
return torture_ecdsa256_private_openssh_testkey_pasphrase;
case FORMAT_PKCS8:
return torture_ecdsa256_private_pkcs8_testkey_passphrase;
case FORMAT_PEM:
return torture_ecdsa256_private_testkey_passphrase;
}
return NULL;
case SSH_KEYTYPE_ED25519:
switch (format) {
case FORMAT_OPENSSH:
return torture_ed25519_private_openssh_testkey_passphrase;
case FORMAT_PKCS8:
return torture_ed25519_private_pkcs8_testkey_passphrase;
case FORMAT_PEM:
/* ed25519 keys are not available in legacy PEM format */
return NULL;
}
return NULL;
case SSH_KEYTYPE_DSS_CERT01:
case SSH_KEYTYPE_RSA_CERT01:
case SSH_KEYTYPE_ECDSA_P256_CERT01:
case SSH_KEYTYPE_ECDSA_P384_CERT01:
case SSH_KEYTYPE_ECDSA_P521_CERT01:
case SSH_KEYTYPE_ED25519_CERT01:
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_ECDSA:
case SSH_KEYTYPE_SK_ECDSA:
case SSH_KEYTYPE_SK_ECDSA_CERT01:
case SSH_KEYTYPE_SK_ED25519:
case SSH_KEYTYPE_SK_ED25519_CERT01:
case SSH_KEYTYPE_UNKNOWN:
return NULL;
}
return NULL;
}
static const char *
torture_get_testkey_internal(enum ssh_keytypes_e type,
enum torture_format_e format)
{
switch (type) {
case SSH_KEYTYPE_DSS:
switch (format) {
case FORMAT_OPENSSH:
return torture_dsa_private_openssh_testkey;
case FORMAT_PKCS8:
return torture_dsa_private_pkcs8_testkey;
case FORMAT_PEM:
return torture_dsa_private_testkey;
}
return NULL;
case SSH_KEYTYPE_RSA:
switch (format) {
case FORMAT_OPENSSH:
return torture_rsa_private_openssh_testkey;
case FORMAT_PKCS8:
return torture_rsa_private_pkcs8_testkey;
case FORMAT_PEM:
return torture_rsa_private_testkey;
}
return NULL;
case SSH_KEYTYPE_ECDSA_P521:
switch (format) {
case FORMAT_OPENSSH:
return torture_ecdsa521_private_openssh_testkey;
case FORMAT_PKCS8:
return torture_ecdsa521_private_pkcs8_testkey;
case FORMAT_PEM:
return torture_ecdsa521_private_testkey;
}
return NULL;
case SSH_KEYTYPE_ECDSA_P384:
switch (format) {
case FORMAT_OPENSSH:
return torture_ecdsa384_private_openssh_testkey;
case FORMAT_PKCS8:
return torture_ecdsa384_private_pkcs8_testkey;
case FORMAT_PEM:
return torture_ecdsa384_private_testkey;
}
return NULL;
case SSH_KEYTYPE_ECDSA_P256:
switch (format) {
case FORMAT_OPENSSH:
return torture_ecdsa256_private_openssh_testkey;
case FORMAT_PKCS8:
return torture_ecdsa256_private_pkcs8_testkey;
case FORMAT_PEM:
return torture_ecdsa256_private_testkey;
}
return NULL;
case SSH_KEYTYPE_ED25519:
switch (format) {
case FORMAT_OPENSSH:
return torture_ed25519_private_openssh_testkey;
case FORMAT_PKCS8:
return torture_ed25519_private_pkcs8_testkey;
case FORMAT_PEM:
/* ed25519 keys are not available in legacy PEM format */
return NULL;
}
return NULL;
case SSH_KEYTYPE_DSS_CERT01:
case SSH_KEYTYPE_RSA_CERT01:
case SSH_KEYTYPE_ECDSA_P256_CERT01:
case SSH_KEYTYPE_ECDSA_P384_CERT01:
case SSH_KEYTYPE_ECDSA_P521_CERT01:
case SSH_KEYTYPE_ED25519_CERT01:
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_ECDSA:
case SSH_KEYTYPE_SK_ECDSA:
case SSH_KEYTYPE_SK_ECDSA_CERT01:
case SSH_KEYTYPE_SK_ED25519:
case SSH_KEYTYPE_SK_ED25519_CERT01:
case SSH_KEYTYPE_UNKNOWN:
return NULL;
}
return NULL;
}
/* Return the encrypted private key in a new OpenSSH format */
const char *
torture_get_openssh_testkey(enum ssh_keytypes_e type, bool with_passphrase)
{
if (with_passphrase) {
return torture_get_testkey_encrypted_internal(type, FORMAT_OPENSSH);
} else {
return torture_get_testkey_internal(type, FORMAT_OPENSSH);
}
} }
/* Return the private key in PEM format */ /* Return the private key in PEM format */
const char *torture_get_testkey(enum ssh_keytypes_e type, const char *
bool with_passphrase) torture_get_testkey(enum ssh_keytypes_e type, bool with_passphrase)
{ {
enum torture_format_e format = FORMAT_PEM;
if (with_passphrase) {
/* This is the new PKCS8 PEM format, which works only in OpenSSL */
#if defined(HAVE_LIBCRYPTO) #if defined(HAVE_LIBCRYPTO)
return torture_get_testkey_internal(type, with_passphrase, 0, 2); format = FORMAT_PKCS8;
#else
return torture_get_testkey_internal(type, with_passphrase, 0, 0);
#endif #endif
return torture_get_testkey_encrypted_internal(type, format);
} else {
/* The unencrypted format works also in mbedTLS */
#if defined(HAVE_LIBCRYPTO) || defined(HAVE_LIBMBEDCRYPTO)
format = FORMAT_PKCS8;
#endif
return torture_get_testkey_internal(type, format);
}
} }
const char *torture_get_testkey_pub(enum ssh_keytypes_e type) const char *
torture_get_testkey_pub(enum ssh_keytypes_e type)
{ {
return torture_get_testkey_internal(type, 0, 1, 0); return torture_get_testkey_public_internal(type, FORMAT_OPENSSH);
} }
const char *torture_get_testkey_pub_pem(enum ssh_keytypes_e type) const char *
torture_get_testkey_pub_pem(enum ssh_keytypes_e type)
{ {
return torture_get_testkey_internal(type, 0, 1, 1); return torture_get_testkey_public_internal(type, FORMAT_PEM);
} }
const char *torture_get_testkey_passphrase(void) const char *
torture_get_testkey_passphrase(void)
{ {
return TORTURE_TESTKEY_PASSWORD; return TORTURE_TESTKEY_PASSWORD;
} }