as nothing really sets these keys up and they are probably preserverd
from some previous test, which is really not a good testing strategy.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The static sshd directory wasn't matching the detected sshd and prevented the testcases to be run against local OpenSSH builts
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
v3:
- add tests for malformed encrypted inputs
v2:
- use proper size key for chacha20poly1305
- make copy of cleartext for chacha20poly1305 test-case
- update chacha20_encrypted
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Test if the file name is correctly escaped to avoid protocol message
injection.
Fixes T189
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Given a string, the added function encodes existing newline characters
('\n') as the string "\\n" and puts into a given output buffer.
The output buffer must have at least 2 times the length of the input
string plus 1 for the terminating '\0'. In the worst case, each
character can be replaced by 2 characters.
Fixes T189
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Previously, there was non-consistent usage of constans SSH_KEX_METHODS,
KEX_METHODS_SIZE and of magic number 10 to reference the arrays used
for algorithm negotiation by peers. This commit settles down to the single
constant and its usage throughout the whole codebase.
Fixes T195
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This is only compiled for tests and fuzzers!
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Do not parse global config file in sessions created by
torture_ssh_session().
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This removes the tests which uses external configuration files. This
makes the tests no not change behaviour depending on the environment
they are being executed.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
In pkd tests, avoid processing the global server configuration file.
This is to allow testing with algorithms not allowed in the global
server configuration.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Do not process system-wide configuration when reinitializing a session
during testing. This could lead to different settings set from the
expected one (which was initialized during test setup).
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Previously, the tests were sharing the same file path to create the
known_hosts file, which can create a race condition if the tests run in
parallel. Such file was deleted between tests.
By using different different files for each test, the risk of race
conditions is eliminated. Moreover, it makes unnecessary to destroy the
file between tests.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
This adds support for Ed25519 keys from files in PEM format when using
OpenSSL with Ed25519 support. The default encoding for the PEM file is
expected to be PKCS#8. Encrypted files are supported.
For the lack of an API, it is not possible to export keys in PEM format,
only in OpenSSH format.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This removes unused function pki_signature_verify()
from pki_{crypto, mbedcrypto, gcrypt}. The function was also removed
from include/libssh/pki_priv.h. The function ssh_pki_signature_verify()
was changed to receive a const unsigned char *input.
All tests calling pki_signature_verify() were changed to call
ssh_pki_signature_verify() instead.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Use OpenSSL to generate and verify Ed25519 signatures, if supported.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
