1#!/bin/sh 2# $OpenBSD: mktestdata.sh,v 1.4 2015/01/18 19:54:46 djm Exp $ 3 4PW=mekmitasdigoat 5 6rsa1_params() { 7 _in="$1" 8 _outbase="$2" 9 set -e 10 ssh-keygen -f $_in -e -m pkcs8 | \ 11 openssl rsa -noout -text -pubin | \ 12 awk '/^Modulus:$/,/^Exponent:/' | \ 13 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n 14 # XXX need conversion support in ssh-keygen for the other params 15 for x in n ; do 16 echo "" >> ${_outbase}.$x 17 echo ============ ${_outbase}.$x 18 cat ${_outbase}.$x 19 echo ============ 20 done 21} 22 23rsa_params() { 24 _in="$1" 25 _outbase="$2" 26 set -e 27 openssl rsa -noout -text -in $_in | \ 28 awk '/^modulus:$/,/^publicExponent:/' | \ 29 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.n 30 openssl rsa -noout -text -in $_in | \ 31 awk '/^prime1:$/,/^prime2:/' | \ 32 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.p 33 openssl rsa -noout -text -in $_in | \ 34 awk '/^prime2:$/,/^exponent1:/' | \ 35 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.q 36 for x in n p q ; do 37 echo "" >> ${_outbase}.$x 38 echo ============ ${_outbase}.$x 39 cat ${_outbase}.$x 40 echo ============ 41 done 42} 43 44dsa_params() { 45 _in="$1" 46 _outbase="$2" 47 set -e 48 openssl dsa -noout -text -in $_in | \ 49 awk '/^priv:$/,/^pub:/' | \ 50 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.priv 51 openssl dsa -noout -text -in $_in | \ 52 awk '/^pub:/,/^P:/' | #\ 53 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.pub 54 openssl dsa -noout -text -in $_in | \ 55 awk '/^G:/,0' | \ 56 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.g 57 for x in priv pub g ; do 58 echo "" >> ${_outbase}.$x 59 echo ============ ${_outbase}.$x 60 cat ${_outbase}.$x 61 echo ============ 62 done 63} 64 65ecdsa_params() { 66 _in="$1" 67 _outbase="$2" 68 set -e 69 openssl ec -noout -text -in $_in | \ 70 awk '/^priv:$/,/^pub:/' | \ 71 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.priv 72 openssl ec -noout -text -in $_in | \ 73 awk '/^pub:/,/^ASN1 OID:/' | #\ 74 grep -v '^[a-zA-Z]' | tr -d ' \n:' > ${_outbase}.pub 75 openssl ec -noout -text -in $_in | \ 76 grep "ASN1 OID:" | tr -d '\n' | \ 77 sed 's/.*: //;s/ *$//' > ${_outbase}.curve 78 for x in priv pub curve ; do 79 echo "" >> ${_outbase}.$x 80 echo ============ ${_outbase}.$x 81 cat ${_outbase}.$x 82 echo ============ 83 done 84} 85 86set -ex 87 88cd testdata 89 90rm -f rsa1_1 rsa_1 dsa_1 ecdsa_1 ed25519_1 91rm -f rsa1_2 rsa_2 dsa_2 ecdsa_2 ed25519_2 92rm -f rsa_n dsa_n ecdsa_n # new-format keys 93rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw 94rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw 95rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb 96 97ssh-keygen -t rsa1 -b 768 -C "RSA1 test key #1" -N "" -f rsa1_1 98ssh-keygen -t rsa -b 768 -C "RSA test key #1" -N "" -f rsa_1 99ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1 100ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1 101ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1 102 103ssh-keygen -t rsa1 -b 2048 -C "RSA1 test key #2" -N "" -f rsa1_2 104ssh-keygen -t rsa -b 2048 -C "RSA test key #2" -N "" -f rsa_2 105ssh-keygen -t dsa -b 1024 -C "DSA test key #2" -N "" -f dsa_2 106ssh-keygen -t ecdsa -b 521 -C "ECDSA test key #2" -N "" -f ecdsa_2 107ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_2 108 109cp rsa_1 rsa_n 110cp dsa_1 dsa_n 111cp ecdsa_1 ecdsa_n 112 113cp rsa1_1 rsa1_1_pw 114cp rsa_1 rsa_1_pw 115cp dsa_1 dsa_1_pw 116cp ecdsa_1 ecdsa_1_pw 117cp ed25519_1 ed25519_1_pw 118cp rsa_1 rsa_n_pw 119cp dsa_1 dsa_n_pw 120cp ecdsa_1 ecdsa_n_pw 121 122ssh-keygen -pf rsa1_1_pw -N "$PW" 123ssh-keygen -pf rsa_1_pw -N "$PW" 124ssh-keygen -pf dsa_1_pw -N "$PW" 125ssh-keygen -pf ecdsa_1_pw -N "$PW" 126ssh-keygen -pf ed25519_1_pw -N "$PW" 127ssh-keygen -opf rsa_n_pw -N "$PW" 128ssh-keygen -opf dsa_n_pw -N "$PW" 129ssh-keygen -opf ecdsa_n_pw -N "$PW" 130 131rsa1_params rsa1_1 rsa1_1.param 132rsa1_params rsa1_2 rsa1_2.param 133rsa_params rsa_1 rsa_1.param 134rsa_params rsa_2 rsa_2.param 135dsa_params dsa_1 dsa_1.param 136dsa_params dsa_1 dsa_1.param 137ecdsa_params ecdsa_1 ecdsa_1.param 138ecdsa_params ecdsa_2 ecdsa_2.param 139# XXX ed25519 params 140 141ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ 142 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ 143 -V 19990101:20110101 -z 1 rsa_1.pub 144ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ 145 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ 146 -V 19990101:20110101 -z 2 dsa_1.pub 147ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ 148 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ 149 -V 19990101:20110101 -z 3 ecdsa_1.pub 150ssh-keygen -s rsa_2 -I hugo -n user1,user2 \ 151 -Oforce-command=/bin/ls -Ono-port-forwarding -Osource-address=10.0.0.0/8 \ 152 -V 19990101:20110101 -z 4 ed25519_1.pub 153 154ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ 155 -V 19990101:20110101 -z 5 rsa_1.pub 156ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ 157 -V 19990101:20110101 -z 6 dsa_1.pub 158ssh-keygen -s ecdsa_1 -I julius -n host1,host2 -h \ 159 -V 19990101:20110101 -z 7 ecdsa_1.pub 160ssh-keygen -s ed25519_1 -I julius -n host1,host2 -h \ 161 -V 19990101:20110101 -z 8 ed25519_1.pub 162 163ssh-keygen -lf rsa1_1 | awk '{print $2}' > rsa1_1.fp 164ssh-keygen -lf rsa_1 | awk '{print $2}' > rsa_1.fp 165ssh-keygen -lf dsa_1 | awk '{print $2}' > dsa_1.fp 166ssh-keygen -lf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp 167ssh-keygen -lf ed25519_1 | awk '{print $2}' > ed25519_1.fp 168ssh-keygen -lf rsa1_2 | awk '{print $2}' > rsa1_2.fp 169ssh-keygen -lf rsa_2 | awk '{print $2}' > rsa_2.fp 170ssh-keygen -lf dsa_2 | awk '{print $2}' > dsa_2.fp 171ssh-keygen -lf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp 172ssh-keygen -lf ed25519_2 | awk '{print $2}' > ed25519_2.fp 173 174ssh-keygen -lf dsa_1-cert.pub | awk '{print $2}' > dsa_1-cert.fp 175ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp 176ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp 177ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp 178 179ssh-keygen -Bf rsa1_1 | awk '{print $2}' > rsa1_1.fp.bb 180ssh-keygen -Bf rsa_1 | awk '{print $2}' > rsa_1.fp.bb 181ssh-keygen -Bf dsa_1 | awk '{print $2}' > dsa_1.fp.bb 182ssh-keygen -Bf ecdsa_1 | awk '{print $2}' > ecdsa_1.fp.bb 183ssh-keygen -Bf ed25519_1 | awk '{print $2}' > ed25519_1.fp.bb 184ssh-keygen -Bf rsa1_2 | awk '{print $2}' > rsa1_2.fp.bb 185ssh-keygen -Bf rsa_2 | awk '{print $2}' > rsa_2.fp.bb 186ssh-keygen -Bf dsa_2 | awk '{print $2}' > dsa_2.fp.bb 187ssh-keygen -Bf ecdsa_2 | awk '{print $2}' > ecdsa_2.fp.bb 188ssh-keygen -Bf ed25519_2 | awk '{print $2}' > ed25519_2.fp.bb 189 190# XXX Extend ssh-keygen to do detached signatures (better to test/fuzz against) 191 192echo "$PW" > pw 193