ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность

tests: Add tests for the new ssh_pki cert functions

Просмотр исходного кода 
Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Этот коммит содержится в:
Axel Eppe 2015-08-23 17:53:55 +01:00 коммит произвёл Andreas Schneider
родитель bdfe6870f6
Коммит d8be35de7f
2 изменённых файлов: 169 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

59
tests/torture.c
Просмотреть файл

@ -80,6 +80,32 @@ static const char torture_rsa_testkey_pub[] =
"QMRjUBThzmDXWeHMfMGL2ow63kPOtlCkPiPSADYs4ekeGg52DVm4esZ "
"aris@aris-air\n";
static const char torture_rsa_testkey_cert[] =
"ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNz"
"aC5jb20AAAAgL77S/SgY969FbEtNBsbLvvtGFgnEHaPb+V7ajwuf+R0AAAADAQABA"
"AABAQCsA5ERRaUFckApnmEAFjLGdFrINk/Vsl4ts9Ur6enF6auEfJmCN1tjcAOi34"
"lHJaO+WXbDYYj7duW3SP7H9lbCMwq79BhzJxinkcvTWCjE7G66xluL4qIdEYHrPQQ"
"x1cztTzZTuUD+P/8fJmmnIONQOeJZptdAmB7ySwZcZOIV4An/rzu5X4klyMY/EAYV"
"DHPKOK1/8Wsv1LRYYplvKp4YPPJ4FnU0si5qI45HIsZJbh24csM3vwSawmfCqDaAl"
"CZFJoPgE1kyO1t+IVxIv1TDhdAVOxa6BQMRjUBThzmDXWeHMfMGL2ow63kPOtlCkP"
"iPSADYs4ekeGg52DVm4esZAAAAAAAAAAAAAAABAAAADmxpYnNzaF90b3J0dXJlAAA"
"AAAAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRp"
"bmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtc"
"G9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdX"
"Nlci1yYwAAAAAAAAAAAAABFwAAAAdzc2gtcnNhAAAAAwEAAQAAAQEAoowcv2Gn8tO"
"eDyw/lgdMpoBsLtHTTdVVOOo5HwMFvj/lFkbZlb6J2n9GIE64HNPE45vSnIdJZwz4"
"UYfTvtnNKNHp1MgMrjK1Z6EjyZsGqDZ+BhmvcKA6IckkhBJnDV7U9dMrovAWha61Z"
"9GpDqB1naRfbwqJQwSRHF1p71Cnf0fZKxOhAVx0ophmYGz3x3qq4PeOZv3Yl0AHTV"
"dRmqmeELDUxeuXN2bgSyb881zEgdaKHH5oWySykP4uwjn6T7ETuL2MsDdG3HZHDhn"
"LzLmfzOZ/cNadMCrgauMluQKc5dYF2TSeDaUxwun/NPMQBVZdETHLAMBgkGmhRUku"
"flVDIQAAAQ8AAAAHc3NoLXJzYQAAAQADSp4b/Zta8zs6v47iwmxV2Gbucvt1kDrvT"
"vKAKSbGN0+zoMyXiNfMHM/OvZObDS/WWGs4GMRqbJavwO3ja/dQY17oJss23lZ+Rc"
"Lw4Rqsi3/ZEPCnX6ficiRS/yRN/LAkoXvx9vBx9QHfxlzF6JXq07wTt21zxW0tntd"
"8dL+JI9ZZ9YylnxF3gHqfRFe2ahJpiywmxm0yOZgDmimOhep59i6BH5zHiPALvpge"
"Mbk075oA5K9XKsHTflCcsQRQH+pXqaNQGL37z2CFz9oezxQYvIqqKF0w/eeRIARoA"
"neB6OdgTpKFsmgPZVtqrvhjw+b5T8a4W4iWSl+6wg6gowAm "
"rsa_privkey.pub\n";
static const char torture_dsa_testkey[] =
"-----BEGIN DSA PRIVATE KEY-----\n"
"MIIBuwIBAAKBgQCUyvVPEkn3UnZDjzCzSzSHpTltzr0Ec+1mz/JACjHMBJ9C/W/P\n"
@ -106,6 +132,35 @@ static const char torture_dsa_testkey_pub[] =
"7b2uADmhirI6dRZUVO+/iMGUvDxa66OI4hDV055pbwQhtxupUatThyDzIg== "
"aris@aris-air\n";
static const char torture_dsa_testkey_cert[] =
"ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNza"
"C5jb20AAAAgKAd9MpIBrzctQyJvCYYJ2WUD5fyWlXMSv1G/3VihbCAAAACBAJTK9U8"
"SSfdSdkOPMLNLNIelOW3OvQRz7WbP8kAKMcwEn0L9b8/C8ffKOR+gWGFES+hjsg+fA"
"C7ltzHDxOQhKrthE5DjT0+rDA+/LQ3cZSn/6QpLbrwEgn5Uo3nXddF/t4vV7hodQn5"
"qX3HUnFOZzpPQYGrWXK74JNRTKHblo0MXAAAAFQCvOI9tBplPs3sI0MLCF7lW+gvzx"
"wAAAIBeG4hWwnFRAnmdZBEt/ujdcQZD4RxWYc7MwHXEKweNiekSGFyj6v8cNlIPfWT"
"MN4BlTJzPfVaoYvzJev45lEuoSwYLt3AQDM+JcO6XTMdyXTKIo+tGsuA0kd4pxPol+"
"UGeAruNBEhVSDcXfXTh9tVravBqeIuXgZIFk9cylR2eDwAAAIB4roDQBfgf8AoSAJA"
"b7y8OVvxt5cT7iqaRMQX2XgtW09Nu9RbUIVS7n2mw3iqZG0xnG3iv1oL9gwNXMLlf+"
"gLmsqU3788jaEZ9IhZ8VdgHAoHm6UWM7b2uADmhirI6dRZUVO+/iMGUvDxa66OI4hD"
"V055pbwQhtxupUatThyDzIgAAAAAAAAAAAAAAAQAAAA5saWJzc2hfdG9ydHVyZQAAA"
"AAAAAAAAAAAAP//////////AAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5"
"nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvc"
"nQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXI"
"tcmMAAAAAAAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAKKMHL9hp/LTng8sP"
"5YHTKaAbC7R003VVTjqOR8DBb4/5RZG2ZW+idp/RiBOuBzTxOOb0pyHSWcM+FGH077"
"ZzSjR6dTIDK4ytWehI8mbBqg2fgYZr3CgOiHJJIQSZw1e1PXTK6LwFoWutWfRqQ6gd"
"Z2kX28KiUMEkRxdae9Qp39H2SsToQFcdKKYZmBs98d6quD3jmb92JdAB01XUZqpnhC"
"w1MXrlzdm4Esm/PNcxIHWihx+aFskspD+LsI5+k+xE7i9jLA3Rtx2Rw4Zy8y5n8zmf"
"3DWnTAq4GrjJbkCnOXWBdk0ng2lMcLp/zTzEAVWXRExywDAYJBpoUVJLn5VQyEAAAE"
"PAAAAB3NzaC1yc2EAAAEAAt4V9aGqeahOfUvhG7M8/Mn26aLB/HXbICYFJF7dY6urm"
"SIoS2KBqISCFGXTituiwGlZeAJ+pVgCMYo07Nxtd6oqIjsgKfJqDNx7e4pGw/YJnkm"
"BqMO/k/ygu2mLmQF0lnpmG2KyjKEljMibHaKlFkcVNbwfOb4p8N3OHm66g5mbCUTRZ"
"DHqMSJb3YtnObLexD13RydwxkG5AfCnOWxy5O4agXGEYwr/48AQBHYg9obGtpD1qyF"
"4mMXgzaLViFtcwah6wHGlW0UPQMvrq/RqigAkyUszSccfibkIXJ+wGAgsRYhVAMwME"
"JqPZ6GHOEIjLBKUegsclHb7Pk0YO8Auaw== "
"aris@aris-air\n";
static const char torture_rsa_testkey_pp[] =
"-----BEGIN RSA PRIVATE KEY-----\n"
"Proc-Type: 4,ENCRYPTED\n"
@ -622,6 +677,10 @@ static const char *torture_get_testkey_internal(enum ssh_keytypes_e type,
return torture_ed25519_testkey_pp;
}
return torture_ed25519_testkey;
case SSH_KEYTYPE_DSS_CERT01:
return torture_dsa_testkey_cert;
case SSH_KEYTYPE_RSA_CERT01:
return torture_rsa_testkey_cert;
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_UNKNOWN:
return NULL;

110
tests/unittests/torture_pki.c
Просмотреть файл

@ -18,11 +18,14 @@ static int setup_rsa_key(void **state)
unlink(LIBSSH_RSA_TESTKEY);
unlink(LIBSSH_RSA_TESTKEY ".pub");
unlink(LIBSSH_RSA_TESTKEY "-cert.pub");
torture_write_file(LIBSSH_RSA_TESTKEY,
torture_get_testkey(SSH_KEYTYPE_RSA, 0, 0));
torture_write_file(LIBSSH_RSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_RSA, 0));
torture_write_file(LIBSSH_RSA_TESTKEY "-cert.pub",
torture_get_testkey_pub(SSH_KEYTYPE_RSA_CERT01, 0));
return 0;
}
@ -32,11 +35,14 @@ static int setup_dsa_key(void **state) {
unlink(LIBSSH_DSA_TESTKEY);
unlink(LIBSSH_DSA_TESTKEY ".pub");
unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
torture_write_file(LIBSSH_DSA_TESTKEY,
torture_get_testkey(SSH_KEYTYPE_DSS, 0, 0));
torture_write_file(LIBSSH_DSA_TESTKEY ".pub",
torture_get_testkey_pub(SSH_KEYTYPE_DSS, 0));
torture_write_file(LIBSSH_DSA_TESTKEY "-cert.pub",
torture_get_testkey_pub(SSH_KEYTYPE_DSS_CERT01, 0));
return 0;
}
@ -105,9 +111,11 @@ static int teardown(void **state) {
unlink(LIBSSH_DSA_TESTKEY);
unlink(LIBSSH_DSA_TESTKEY ".pub");
unlink(LIBSSH_DSA_TESTKEY "-cert.pub");
unlink(LIBSSH_RSA_TESTKEY);
unlink(LIBSSH_RSA_TESTKEY ".pub");
unlink(LIBSSH_RSA_TESTKEY "-cert.pub");
unlink(LIBSSH_ECDSA_TESTKEY);
unlink(LIBSSH_ECDSA_TESTKEY ".pub");
@ -536,6 +544,97 @@ static void torture_pki_publickey_from_privatekey_ECDSA(void **state) {
}
#endif
static void torture_pki_copy_cert_to_privkey(void **state) {
/* Tests copying a cert loaded into a public key to a private key.
The function is encryption type agnostic, no need to run this
against all supported key types.
*/
int rc;
const char *passphrase = torture_get_testkey_passphrase();
ssh_key pubkey;
ssh_key privkey;
ssh_key cert;
(void) state; /* unused */
rc = ssh_pki_import_cert_file(LIBSSH_RSA_TESTKEY "-cert.pub", &cert);
assert_true(rc == SSH_OK);
rc = ssh_pki_import_pubkey_file(LIBSSH_RSA_TESTKEY ".pub", &pubkey);
assert_true(rc == SSH_OK);
rc = ssh_pki_import_privkey_base64(torture_get_testkey(SSH_KEYTYPE_RSA, 0, 0),
passphrase,
NULL,
NULL,
&privkey);
assert_true(rc == SSH_OK);
/* Basic sanity. */
rc = ssh_pki_copy_cert_to_privkey(NULL, privkey);
assert_true(rc == SSH_ERROR);
rc = ssh_pki_copy_cert_to_privkey(pubkey, NULL);
assert_true(rc == SSH_ERROR);
/* A public key doesn't have a cert, copy should fail. */
assert_true(pubkey->cert == NULL);
rc = ssh_pki_copy_cert_to_privkey(pubkey, privkey);
assert_true(rc == SSH_ERROR);
/* Copying the cert to non-cert keys should work fine. */
rc = ssh_pki_copy_cert_to_privkey(cert, pubkey);
assert_true(rc == SSH_OK);
rc = ssh_pki_copy_cert_to_privkey(cert, privkey);
assert_true(rc == SSH_OK);
/* The private key's cert is already set, another copy should fail. */
rc = ssh_pki_copy_cert_to_privkey(cert, privkey);
assert_true(rc == SSH_ERROR);
ssh_key_free(cert);
ssh_key_free(privkey);
ssh_key_free(pubkey);
}
static void torture_pki_import_cert_file_rsa(void **state) {
int rc;
ssh_key cert;
enum ssh_keytypes_e type;
(void) state; /* unused */
rc = ssh_pki_import_cert_file(LIBSSH_RSA_TESTKEY "-cert.pub", &cert);
assert_true(rc == 0);
type = ssh_key_type(cert);
assert_true(type == SSH_KEYTYPE_RSA_CERT01);
rc = ssh_key_is_public(cert);
assert_true(rc == 1);
ssh_key_free(cert);
}
static void torture_pki_import_cert_file_dsa(void **state) {
int rc;
ssh_key cert;
enum ssh_keytypes_e type;
(void) state; /* unused */
rc = ssh_pki_import_cert_file(LIBSSH_DSA_TESTKEY "-cert.pub", &cert);
assert_true(rc == 0);
type = ssh_key_type(cert);
assert_true(type == SSH_KEYTYPE_DSS_CERT01);
rc = ssh_key_is_public(cert);
assert_true(rc == 1);
ssh_key_free(cert);
}
static void torture_pki_publickey_dsa_base64(void **state)
{
enum ssh_keytypes_e type;
@ -1539,6 +1638,17 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_pki_pki_publickey_from_privatekey_ed25519,
setup_ed25519_key,
teardown),
/* cert */
cmocka_unit_test_setup_teardown(torture_pki_copy_cert_to_privkey,
setup_rsa_key,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_rsa,
setup_rsa_key,
teardown),
cmocka_unit_test_setup_teardown(torture_pki_import_cert_file_dsa,
setup_dsa_key,
teardown),
/* public key */
cmocka_unit_test_setup_teardown(torture_pki_publickey_dsa_base64,
setup_dsa_key,