xref: /freebsd/crypto/openssh/regress/unittests/hostkeys/mktestdata.sh (revision 2008043f386721d58158e37e0d7e50df8095942d) 
1#!/bin/sh
2# $OpenBSD: mktestdata.sh,v 1.2 2017/04/30 23:33:48 djm Exp $
3
4set -ex
5
6cd testdata
7
8rm -f rsa* dsa* ecdsa* ed25519*
9rm -f known_hosts*
10
11gen_all() {
12	_n=$1
13	_ecdsa_bits=256
14	test "x$_n" = "x1" && _ecdsa_bits=384
15	test "x$_n" = "x2" && _ecdsa_bits=521
16	ssh-keygen -qt rsa -b 1024 -C "RSA #$_n" -N "" -f rsa_$_n
17	ssh-keygen -qt dsa -b 1024 -C "DSA #$_n" -N "" -f dsa_$_n
18	ssh-keygen -qt ecdsa -b $_ecdsa_bits -C "ECDSA #$_n" -N "" -f ecdsa_$_n
19	ssh-keygen -qt ed25519 -C "ED25519 #$_n" -N "" -f ed25519_$_n
20	# Don't need private keys
21	rm -f rsa_$_n dsa_$_n ecdsa_$_n ed25519_$_n
22}
23
24hentries() {
25	_preamble=$1
26	_kspec=$2
27	for k in `ls -1 $_kspec | sort` ; do
28		printf "$_preamble "
29		cat $k
30	done
31	echo
32}
33
34gen_all 1
35gen_all 2
36gen_all 3
37gen_all 4
38gen_all 5
39gen_all 6
40
41# A section of known_hosts with hashed hostnames.
42(
43	hentries "sisyphus.example.com" "*_5.pub"
44	hentries "prometheus.example.com,192.0.2.1,2001:db8::1" "*_6.pub"
45) > known_hosts_hash_frag
46ssh-keygen -Hf known_hosts_hash_frag
47rm -f known_hosts_hash_frag.old
48
49# Populated known_hosts, including comments, hashed names and invalid lines
50(
51	echo "# Plain host keys, plain host names"
52	hentries "sisyphus.example.com" "*_1.pub"
53
54	echo "# Plain host keys, hostnames + addresses"
55	hentries "prometheus.example.com,192.0.2.1,2001:db8::1" "*_2.pub"
56
57	echo "# Some hosts with wildcard names / IPs"
58	hentries "*.example.com,192.0.2.*,2001:*" "*_3.pub"
59
60	echo "# Hashed hostname and address entries"
61	cat known_hosts_hash_frag
62	rm -f known_hosts_hash_frag
63	echo
64
65	echo "# Revoked and CA keys"
66	printf "@revoked sisyphus.example.com " ; cat ed25519_4.pub
67	printf "@cert-authority prometheus.example.com " ; cat ecdsa_4.pub
68	printf "@cert-authority *.example.com " ; cat dsa_4.pub
69
70	printf "\n"
71	echo "# Some invalid lines"
72	# Invalid marker
73	printf "@what sisyphus.example.com " ; cat dsa_1.pub
74	# Key missing
75	echo "sisyphus.example.com      "
76	# Key blob missing
77	echo "prometheus.example.com ssh-ed25519 "
78	# Key blob truncated
79	echo "sisyphus.example.com ssh-dsa AAAATgAAAAdz"
80	# Invalid type
81	echo "sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
82	# Type mismatch with blob
83	echo "prometheus.example.com ssh-rsa AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
84) > known_hosts
85
86echo OK
87