xref: /freebsd/crypto/openssh/regress/unittests/hostkeys/mktestdata.sh (revision 644b4646c7acab87dc20d4e5dd53d2d9da152989) 
1#!/bin/sh
2# $OpenBSD: mktestdata.sh,v 1.3 2025/05/06 06:05:48 djm Exp $
3
4set -ex
5
6cd testdata
7
8rm -f rsa* ecdsa* ed25519*
9rm -f known_hosts*
10
11gen_all() {
12	_n=$1
13	_ecdsa_bits=256
14	test "x$_n" = "x1" && _ecdsa_bits=384
15	test "x$_n" = "x2" && _ecdsa_bits=521
16	ssh-keygen -qt rsa -b 1024 -C "RSA #$_n" -N "" -f rsa_$_n
17	ssh-keygen -qt ecdsa -b $_ecdsa_bits -C "ECDSA #$_n" -N "" -f ecdsa_$_n
18	ssh-keygen -qt ed25519 -C "ED25519 #$_n" -N "" -f ed25519_$_n
19	# Don't need private keys
20	rm -f rsa_$_n ecdsa_$_n ed25519_$_n
21}
22
23hentries() {
24	_preamble=$1
25	_kspec=$2
26	for k in `ls -1 $_kspec | sort` ; do
27		printf "$_preamble "
28		cat $k
29	done
30	echo
31}
32
33gen_all 1
34gen_all 2
35gen_all 3
36gen_all 4
37gen_all 5
38gen_all 6
39
40# A section of known_hosts with hashed hostnames.
41(
42	hentries "sisyphus.example.com" "*_5.pub"
43	hentries "prometheus.example.com,192.0.2.1,2001:db8::1" "*_6.pub"
44) > known_hosts_hash_frag
45ssh-keygen -Hf known_hosts_hash_frag
46rm -f known_hosts_hash_frag.old
47
48# Populated known_hosts, including comments, hashed names and invalid lines
49(
50	echo "# Plain host keys, plain host names"
51	hentries "sisyphus.example.com" "*_1.pub"
52
53	echo "# Plain host keys, hostnames + addresses"
54	hentries "prometheus.example.com,192.0.2.1,2001:db8::1" "*_2.pub"
55
56	echo "# Some hosts with wildcard names / IPs"
57	hentries "*.example.com,192.0.2.*,2001:*" "*_3.pub"
58
59	echo "# Hashed hostname and address entries"
60	cat known_hosts_hash_frag
61	rm -f known_hosts_hash_frag
62	echo
63
64	echo "# Revoked and CA keys"
65	printf "@revoked sisyphus.example.com " ; cat ed25519_4.pub
66	printf "@cert-authority prometheus.example.com " ; cat ecdsa_4.pub
67	printf "@cert-authority *.example.com " ; cat rsa_4.pub
68
69	printf "\n"
70	echo "# Some invalid lines"
71	# Invalid marker
72	printf "@what sisyphus.example.com " ; cat rsa_1.pub
73	# Key missing
74	echo "sisyphus.example.com      "
75	# Key blob missing
76	echo "prometheus.example.com ssh-ed25519 "
77	# Key blob truncated
78	echo "sisyphus.example.com ssh-rsa AAAATgAAAAdz"
79	# Invalid type
80	echo "sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
81	# Type mismatch with blob
82	echo "prometheus.example.com ssh-rsa AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
83) > known_hosts
84
85echo OK
86