diff options
| author |   djm <djm@openbsd.org> | 2017-04-30 23:33:48 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2017-04-30 23:33:48 +0000 |
| commit | cb2472150f94eb1933496a34948bc8dca2d77bba (patch) | |
| tree | afd227dc1955a85fbca344be61d090614bd318a2 /regress/usr.bin/ssh/unittests/sshkey | |
| parent | flense SSHv1 support from ssh-agent, considerably simplifying it (diff) | |
| download | wireguard-openbsd-cb2472150f94eb1933496a34948bc8dca2d77bba.tar.xz wireguard-openbsd-cb2472150f94eb1933496a34948bc8dca2d77bba.zip | |
remove SSHv1 support from unit tests
Diffstat (limited to 'regress/usr.bin/ssh/unittests/sshkey')
| -rwxr-xr-x | regress/usr.bin/ssh/unittests/sshkey/mktestdata.sh | 35 | ||||
| -rw-r--r-- | regress/usr.bin/ssh/unittests/sshkey/test_file.c | 51 | ||||
| -rw-r--r-- | regress/usr.bin/ssh/unittests/sshkey/test_fuzz.c | 45 | ||||
| -rw-r--r-- | regress/usr.bin/ssh/unittests/sshkey/test_sshkey.c | 12 |
4 files changed, 7 insertions, 136 deletions
diff --git a/regress/usr.bin/ssh/unittests/sshkey/mktestdata.sh b/regress/usr.bin/ssh/unittests/sshkey/mktestdata.sh index e11100145d4..8047bc62ffd 100755 --- a/regress/usr.bin/ssh/unittests/sshkey/mktestdata.sh +++ b/regress/usr.bin/ssh/unittests/sshkey/mktestdata.sh @@ -1,25 +1,8 @@ #!/bin/sh -# $OpenBSD: mktestdata.sh,v 1.5 2015/07/07 14:53:30 markus Exp $ +# $OpenBSD: mktestdata.sh,v 1.6 2017/04/30 23:33:48 djm Exp $ PW=mekmitasdigoat -rsa1_params() { - _in="$1" - _outbase="$2" - set -e - ssh-keygen -f $_in -e -m pkcs8 | \ - openssl rsa -noout -text -pubin | \ - awk '/^Modulus:$/,/^Exponent:/' | \ - grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n - # XXX need conversion support in ssh-keygen for the other params - for x in n ; do - echo "" >> ${_outbase}.$x - echo ============ ${_outbase}.$x - cat ${_outbase}.$x - echo ============ - done -} - rsa_params() { _in="$1" _outbase="$2" @@ -87,20 +70,18 @@ set -ex cd testdata -rm -f rsa1_1 rsa_1 dsa_1 ecdsa_1 ed25519_1 -rm -f rsa1_2 rsa_2 dsa_2 ecdsa_2 ed25519_2 +rm -f rsa_1 dsa_1 ecdsa_1 ed25519_1 +rm -f rsa_2 dsa_2 ecdsa_2 ed25519_2 rm -f rsa_n dsa_n ecdsa_n # new-format keys -rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw +rm -f rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb -ssh-keygen -t rsa1 -b 1024 -C "RSA1 test key #1" -N "" -f rsa1_1 ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1 ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1 ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1 ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1 -ssh-keygen -t rsa1 -b 2048 -C "RSA1 test key #2" -N "" -f rsa1_2 ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2 ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2 ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2 @@ -110,7 +91,6 @@ cp rsa_1 rsa_n cp dsa_1 dsa_n cp ecdsa_1 ecdsa_n -cp rsa1_1 rsa1_1_pw cp rsa_1 rsa_1_pw cp dsa_1 dsa_1_pw cp ecdsa_1 ecdsa_1_pw @@ -119,7 +99,6 @@ cp rsa_1 rsa_n_pw cp dsa_1 dsa_n_pw cp ecdsa_1 ecdsa_n_pw -ssh-keygen -pf rsa1_1_pw -N "$PW" ssh-keygen -pf rsa_1_pw -N "$PW" ssh-keygen -pf dsa_1_pw -N "$PW" ssh-keygen -pf ecdsa_1_pw -N "$PW" @@ -128,8 +107,6 @@ ssh-keygen -opf rsa_n_pw -N "$PW" ssh-keygen -opf dsa_n_pw -N "$PW" ssh-keygen -opf ecdsa_n_pw -N "$PW" -rsa1_params rsa1_1 rsa1_1.param -rsa1_params rsa1_2 rsa1_2.param rsa_params rsa_1 rsa_1.param rsa_params rsa_2 rsa_2.param dsa_params dsa_1 dsa_1.param @@ -160,12 +137,10 @@ ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \ ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ -V 19990101:20110101 -z 8 ed25519_1.pub -ssh-keygen -lf rsa1_1 | awk '{print $2}' > rsa1_1.fp ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp -ssh-keygen -lf rsa1_2 | awk '{print $2}' > rsa1_2.fp ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp @@ -176,12 +151,10 @@ ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp -ssh-keygen -Bf rsa1_1 | awk '{print $2}' > rsa1_1.fp.bb ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb -ssh-keygen -Bf rsa1_2 | awk '{print $2}' > rsa1_2.fp.bb ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb diff --git a/regress/usr.bin/ssh/unittests/sshkey/test_file.c b/regress/usr.bin/ssh/unittests/sshkey/test_file.c index 819746bf1d2..cea3a51e693 100644 --- a/regress/usr.bin/ssh/unittests/sshkey/test_file.c +++ b/regress/usr.bin/ssh/unittests/sshkey/test_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */ +/* $OpenBSD: test_file.c,v 1.6 2017/04/30 23:33:48 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -45,55 +45,6 @@ sshkey_file_tests(void) pw = load_text_file("pw"); TEST_DONE(); -#ifdef WITH_SSH1 - TEST_START("parse RSA1 from private"); - buf = load_file("rsa1_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshbuf_free(buf); - ASSERT_PTR_NE(k1, NULL); - a = load_bignum("rsa1_1.param.n"); - ASSERT_BIGNUM_EQ(k1->rsa->n, a); - BN_free(a); - TEST_DONE(); - - TEST_START("parse RSA1 from private w/ passphrase"); - buf = load_file("rsa1_1_pw"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), &k2, NULL), 0); - sshbuf_free(buf); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("load RSA1 from public"); - ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa1_1.pub"), &k2, - NULL), 0); - ASSERT_PTR_NE(k2, NULL); - ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); - sshkey_free(k2); - TEST_DONE(); - - TEST_START("RSA1 key hex fingerprint"); - buf = load_text_file("rsa1_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); - ASSERT_PTR_NE(cp, NULL); - ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); - sshbuf_free(buf); - free(cp); - TEST_DONE(); - - TEST_START("RSA1 key bubblebabble fingerprint"); - buf = load_text_file("rsa1_1.fp.bb"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); - ASSERT_PTR_NE(cp, NULL); - ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); - sshbuf_free(buf); - free(cp); - TEST_DONE(); - - sshkey_free(k1); -#endif TEST_START("parse RSA from private"); buf = load_file("rsa_1"); diff --git a/regress/usr.bin/ssh/unittests/sshkey/test_fuzz.c b/regress/usr.bin/ssh/unittests/sshkey/test_fuzz.c index c86b7cc9935..91418d8bab1 100644 --- a/regress/usr.bin/ssh/unittests/sshkey/test_fuzz.c +++ b/regress/usr.bin/ssh/unittests/sshkey/test_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_fuzz.c,v 1.6 2015/12/07 02:20:46 djm Exp $ */ +/* $OpenBSD: test_fuzz.c,v 1.7 2017/04/30 23:33:48 djm Exp $ */ /* * Fuzz tests for key parsing * @@ -98,49 +98,6 @@ sshkey_fuzz_tests(void) struct fuzz *fuzz; int r; -#ifdef WITH_SSH1 - TEST_START("fuzz RSA1 private"); - buf = load_file("rsa1_1"); - fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | - FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, - sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); - sshkey_free(k1); - sshbuf_free(buf); - ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); - TEST_ONERROR(onerror, fuzz); - for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { - r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); - ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) - sshkey_free(k1); - sshbuf_reset(fuzzed); - } - sshbuf_free(fuzzed); - fuzz_cleanup(fuzz); - TEST_DONE(); - - TEST_START("fuzz RSA1 public"); - buf = load_file("rsa1_1_pw"); - fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | - FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, - sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_public_rsa1_fileblob(buf, &k1, NULL), 0); - sshkey_free(k1); - sshbuf_free(buf); - ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); - TEST_ONERROR(onerror, fuzz); - for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { - r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); - ASSERT_INT_EQ(r, 0); - if (sshkey_parse_public_rsa1_fileblob(fuzzed, &k1, NULL) == 0) - sshkey_free(k1); - sshbuf_reset(fuzzed); - } - sshbuf_free(fuzzed); - fuzz_cleanup(fuzz); - TEST_DONE(); -#endif TEST_START("fuzz RSA private"); buf = load_file("rsa_1"); diff --git a/regress/usr.bin/ssh/unittests/sshkey/test_sshkey.c b/regress/usr.bin/ssh/unittests/sshkey/test_sshkey.c index 6f88f9811db..cceb44dba76 100644 --- a/regress/usr.bin/ssh/unittests/sshkey/test_sshkey.c +++ b/regress/usr.bin/ssh/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.10 2016/05/02 09:52:00 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.11 2017/04/30 23:33:48 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -184,16 +184,6 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); - TEST_START("new/free KEY_RSA1"); - k1 = sshkey_new(KEY_RSA1); - ASSERT_PTR_NE(k1, NULL); - ASSERT_PTR_NE(k1->rsa, NULL); - ASSERT_PTR_NE(k1->rsa->n, NULL); - ASSERT_PTR_NE(k1->rsa->e, NULL); - ASSERT_PTR_EQ(k1->rsa->p, NULL); - sshkey_free(k1); - TEST_DONE(); - TEST_START("new/free KEY_RSA"); k1 = sshkey_new(KEY_RSA); ASSERT_PTR_NE(k1, NULL); |