1 /* $OpenBSD: test_file.c,v 1.10 2021/12/14 21:25:27 deraadt Exp $ */ 2 /* 3 * Regress test for sshkey.h key management API 4 * 5 * Placed in the public domain 6 */ 7 8 #include "includes.h" 9 10 #include <sys/types.h> 11 #include <sys/stat.h> 12 #include <fcntl.h> 13 #include <stdio.h> 14 #ifdef HAVE_STDINT_H 15 #include <stdint.h> 16 #endif 17 #include <stdlib.h> 18 #include <string.h> 19 #include <unistd.h> 20 21 #ifdef WITH_OPENSSL 22 #include <openssl/bn.h> 23 #include <openssl/rsa.h> 24 #include <openssl/dsa.h> 25 #include <openssl/objects.h> 26 #ifdef OPENSSL_HAS_NISTP256 27 # include <openssl/ec.h> 28 #endif /* OPENSSL_HAS_NISTP256 */ 29 #endif /* WITH_OPENSSL */ 30 31 #include "../test_helper/test_helper.h" 32 33 #include "ssherr.h" 34 #include "authfile.h" 35 #include "sshkey.h" 36 #include "sshbuf.h" 37 #include "digest.h" 38 39 #include "common.h" 40 41 void sshkey_file_tests(void); 42 43 void 44 sshkey_file_tests(void) 45 { 46 struct sshkey *k1, *k2; 47 struct sshbuf *buf, *pw; 48 #ifdef WITH_OPENSSL 49 BIGNUM *a, *b, *c; 50 #endif 51 char *cp; 52 53 TEST_START("load passphrase"); 54 pw = load_text_file("pw"); 55 TEST_DONE(); 56 57 58 #ifdef WITH_OPENSSL 59 TEST_START("parse RSA from private"); 60 buf = load_file("rsa_1"); 61 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 62 sshbuf_free(buf); 63 ASSERT_PTR_NE(k1, NULL); 64 a = load_bignum("rsa_1.param.n"); 65 b = load_bignum("rsa_1.param.p"); 66 c = load_bignum("rsa_1.param.q"); 67 ASSERT_BIGNUM_EQ(rsa_n(k1), a); 68 ASSERT_BIGNUM_EQ(rsa_p(k1), b); 69 ASSERT_BIGNUM_EQ(rsa_q(k1), c); 70 BN_free(a); 71 BN_free(b); 72 BN_free(c); 73 TEST_DONE(); 74 75 TEST_START("parse RSA from private w/ passphrase"); 76 buf = load_file("rsa_1_pw"); 77 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 78 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 79 sshbuf_free(buf); 80 ASSERT_PTR_NE(k2, NULL); 81 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 82 sshkey_free(k2); 83 TEST_DONE(); 84 85 TEST_START("parse RSA from new-format"); 86 buf = load_file("rsa_n"); 87 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); 88 sshbuf_free(buf); 89 ASSERT_PTR_NE(k2, NULL); 90 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 91 sshkey_free(k2); 92 TEST_DONE(); 93 94 TEST_START("parse RSA from new-format w/ passphrase"); 95 buf = load_file("rsa_n_pw"); 96 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 97 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 98 sshbuf_free(buf); 99 ASSERT_PTR_NE(k2, NULL); 100 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 101 sshkey_free(k2); 102 TEST_DONE(); 103 104 TEST_START("load RSA from public"); 105 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, 106 NULL), 0); 107 ASSERT_PTR_NE(k2, NULL); 108 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 109 sshkey_free(k2); 110 TEST_DONE(); 111 112 TEST_START("load RSA cert with SHA1 signature"); 113 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha1"), &k2), 0); 114 ASSERT_PTR_NE(k2, NULL); 115 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 116 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 117 ASSERT_STRING_EQ(k2->cert->signature_type, "ssh-rsa"); 118 sshkey_free(k2); 119 TEST_DONE(); 120 121 TEST_START("load RSA cert with SHA512 signature"); 122 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha512"), &k2), 0); 123 ASSERT_PTR_NE(k2, NULL); 124 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 125 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 126 ASSERT_STRING_EQ(k2->cert->signature_type, "rsa-sha2-512"); 127 sshkey_free(k2); 128 TEST_DONE(); 129 130 TEST_START("load RSA cert"); 131 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0); 132 ASSERT_PTR_NE(k2, NULL); 133 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 134 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 135 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 136 TEST_DONE(); 137 138 TEST_START("RSA key hex fingerprint"); 139 buf = load_text_file("rsa_1.fp"); 140 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 141 ASSERT_PTR_NE(cp, NULL); 142 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 143 sshbuf_free(buf); 144 free(cp); 145 TEST_DONE(); 146 147 TEST_START("RSA cert hex fingerprint"); 148 buf = load_text_file("rsa_1-cert.fp"); 149 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 150 ASSERT_PTR_NE(cp, NULL); 151 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 152 sshbuf_free(buf); 153 free(cp); 154 sshkey_free(k2); 155 TEST_DONE(); 156 157 TEST_START("RSA key bubblebabble fingerprint"); 158 buf = load_text_file("rsa_1.fp.bb"); 159 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 160 ASSERT_PTR_NE(cp, NULL); 161 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 162 sshbuf_free(buf); 163 free(cp); 164 TEST_DONE(); 165 166 sshkey_free(k1); 167 168 TEST_START("parse DSA from private"); 169 buf = load_file("dsa_1"); 170 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 171 sshbuf_free(buf); 172 ASSERT_PTR_NE(k1, NULL); 173 a = load_bignum("dsa_1.param.g"); 174 b = load_bignum("dsa_1.param.priv"); 175 c = load_bignum("dsa_1.param.pub"); 176 ASSERT_BIGNUM_EQ(dsa_g(k1), a); 177 ASSERT_BIGNUM_EQ(dsa_priv_key(k1), b); 178 ASSERT_BIGNUM_EQ(dsa_pub_key(k1), c); 179 BN_free(a); 180 BN_free(b); 181 BN_free(c); 182 TEST_DONE(); 183 184 TEST_START("parse DSA from private w/ passphrase"); 185 buf = load_file("dsa_1_pw"); 186 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 187 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 188 sshbuf_free(buf); 189 ASSERT_PTR_NE(k2, NULL); 190 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 191 sshkey_free(k2); 192 TEST_DONE(); 193 194 TEST_START("parse DSA from new-format"); 195 buf = load_file("dsa_n"); 196 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); 197 sshbuf_free(buf); 198 ASSERT_PTR_NE(k2, NULL); 199 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 200 sshkey_free(k2); 201 TEST_DONE(); 202 203 TEST_START("parse DSA from new-format w/ passphrase"); 204 buf = load_file("dsa_n_pw"); 205 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 206 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 207 sshbuf_free(buf); 208 ASSERT_PTR_NE(k2, NULL); 209 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 210 sshkey_free(k2); 211 TEST_DONE(); 212 213 TEST_START("load DSA from public"); 214 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2, 215 NULL), 0); 216 ASSERT_PTR_NE(k2, NULL); 217 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 218 sshkey_free(k2); 219 TEST_DONE(); 220 221 TEST_START("load DSA cert"); 222 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0); 223 ASSERT_PTR_NE(k2, NULL); 224 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT); 225 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 226 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 227 TEST_DONE(); 228 229 TEST_START("DSA key hex fingerprint"); 230 buf = load_text_file("dsa_1.fp"); 231 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 232 ASSERT_PTR_NE(cp, NULL); 233 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 234 sshbuf_free(buf); 235 free(cp); 236 TEST_DONE(); 237 238 TEST_START("DSA cert hex fingerprint"); 239 buf = load_text_file("dsa_1-cert.fp"); 240 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 241 ASSERT_PTR_NE(cp, NULL); 242 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 243 sshbuf_free(buf); 244 free(cp); 245 sshkey_free(k2); 246 TEST_DONE(); 247 248 TEST_START("DSA key bubblebabble fingerprint"); 249 buf = load_text_file("dsa_1.fp.bb"); 250 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 251 ASSERT_PTR_NE(cp, NULL); 252 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 253 sshbuf_free(buf); 254 free(cp); 255 TEST_DONE(); 256 257 sshkey_free(k1); 258 259 #ifdef OPENSSL_HAS_ECC 260 TEST_START("parse ECDSA from private"); 261 buf = load_file("ecdsa_1"); 262 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 263 sshbuf_free(buf); 264 ASSERT_PTR_NE(k1, NULL); 265 buf = load_text_file("ecdsa_1.param.curve"); 266 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf), 267 OBJ_nid2sn(k1->ecdsa_nid)); 268 sshbuf_free(buf); 269 #ifndef OPENSSL_IS_BORINGSSL /* lacks EC_POINT_point2bn() */ 270 a = load_bignum("ecdsa_1.param.priv"); 271 b = load_bignum("ecdsa_1.param.pub"); 272 c = EC_POINT_point2bn(EC_KEY_get0_group(k1->ecdsa), 273 EC_KEY_get0_public_key(k1->ecdsa), POINT_CONVERSION_UNCOMPRESSED, 274 NULL, NULL); 275 ASSERT_PTR_NE(c, NULL); 276 ASSERT_BIGNUM_EQ(EC_KEY_get0_private_key(k1->ecdsa), a); 277 ASSERT_BIGNUM_EQ(b, c); 278 BN_free(a); 279 BN_free(b); 280 BN_free(c); 281 #endif /* OPENSSL_IS_BORINGSSL */ 282 TEST_DONE(); 283 284 TEST_START("parse ECDSA from private w/ passphrase"); 285 buf = load_file("ecdsa_1_pw"); 286 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 287 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 288 sshbuf_free(buf); 289 ASSERT_PTR_NE(k2, NULL); 290 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 291 sshkey_free(k2); 292 TEST_DONE(); 293 294 TEST_START("parse ECDSA from new-format"); 295 buf = load_file("ecdsa_n"); 296 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); 297 sshbuf_free(buf); 298 ASSERT_PTR_NE(k2, NULL); 299 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 300 sshkey_free(k2); 301 TEST_DONE(); 302 303 TEST_START("parse ECDSA from new-format w/ passphrase"); 304 buf = load_file("ecdsa_n_pw"); 305 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 306 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 307 sshbuf_free(buf); 308 ASSERT_PTR_NE(k2, NULL); 309 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 310 sshkey_free(k2); 311 TEST_DONE(); 312 313 TEST_START("load ECDSA from public"); 314 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2, 315 NULL), 0); 316 ASSERT_PTR_NE(k2, NULL); 317 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 318 sshkey_free(k2); 319 TEST_DONE(); 320 321 TEST_START("load ECDSA cert"); 322 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0); 323 ASSERT_PTR_NE(k2, NULL); 324 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT); 325 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 326 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 327 TEST_DONE(); 328 329 TEST_START("ECDSA key hex fingerprint"); 330 buf = load_text_file("ecdsa_1.fp"); 331 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 332 ASSERT_PTR_NE(cp, NULL); 333 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 334 sshbuf_free(buf); 335 free(cp); 336 TEST_DONE(); 337 338 TEST_START("ECDSA cert hex fingerprint"); 339 buf = load_text_file("ecdsa_1-cert.fp"); 340 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 341 ASSERT_PTR_NE(cp, NULL); 342 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 343 sshbuf_free(buf); 344 free(cp); 345 sshkey_free(k2); 346 TEST_DONE(); 347 348 TEST_START("ECDSA key bubblebabble fingerprint"); 349 buf = load_text_file("ecdsa_1.fp.bb"); 350 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 351 ASSERT_PTR_NE(cp, NULL); 352 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 353 sshbuf_free(buf); 354 free(cp); 355 TEST_DONE(); 356 357 sshkey_free(k1); 358 #endif /* OPENSSL_HAS_ECC */ 359 #endif /* WITH_OPENSSL */ 360 361 TEST_START("parse Ed25519 from private"); 362 buf = load_file("ed25519_1"); 363 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 364 sshbuf_free(buf); 365 ASSERT_PTR_NE(k1, NULL); 366 ASSERT_INT_EQ(k1->type, KEY_ED25519); 367 /* XXX check key contents */ 368 TEST_DONE(); 369 370 TEST_START("parse Ed25519 from private w/ passphrase"); 371 buf = load_file("ed25519_1_pw"); 372 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 373 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 374 sshbuf_free(buf); 375 ASSERT_PTR_NE(k2, NULL); 376 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 377 sshkey_free(k2); 378 TEST_DONE(); 379 380 TEST_START("load Ed25519 from public"); 381 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2, 382 NULL), 0); 383 ASSERT_PTR_NE(k2, NULL); 384 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 385 sshkey_free(k2); 386 TEST_DONE(); 387 388 TEST_START("load Ed25519 cert"); 389 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0); 390 ASSERT_PTR_NE(k2, NULL); 391 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT); 392 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 393 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 394 TEST_DONE(); 395 396 TEST_START("Ed25519 key hex fingerprint"); 397 buf = load_text_file("ed25519_1.fp"); 398 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 399 ASSERT_PTR_NE(cp, NULL); 400 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 401 sshbuf_free(buf); 402 free(cp); 403 TEST_DONE(); 404 405 TEST_START("Ed25519 cert hex fingerprint"); 406 buf = load_text_file("ed25519_1-cert.fp"); 407 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 408 ASSERT_PTR_NE(cp, NULL); 409 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 410 sshbuf_free(buf); 411 free(cp); 412 sshkey_free(k2); 413 TEST_DONE(); 414 415 TEST_START("Ed25519 key bubblebabble fingerprint"); 416 buf = load_text_file("ed25519_1.fp.bb"); 417 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 418 ASSERT_PTR_NE(cp, NULL); 419 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 420 sshbuf_free(buf); 421 free(cp); 422 TEST_DONE(); 423 424 sshkey_free(k1); 425 426 #ifdef ENABLE_SK 427 #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) 428 TEST_START("parse ECDSA-SK from private"); 429 buf = load_file("ecdsa_sk1"); 430 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 431 sshbuf_free(buf); 432 ASSERT_PTR_NE(k1, NULL); 433 ASSERT_INT_EQ(k1->type, KEY_ECDSA_SK); 434 TEST_DONE(); 435 436 TEST_START("parse ECDSA-SK from private w/ passphrase"); 437 buf = load_file("ecdsa_sk1_pw"); 438 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 439 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 440 sshbuf_free(buf); 441 ASSERT_PTR_NE(k2, NULL); 442 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 443 sshkey_free(k2); 444 TEST_DONE(); 445 446 TEST_START("load ECDSA-SK from public"); 447 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_sk1.pub"), &k2, 448 NULL), 0); 449 ASSERT_PTR_NE(k2, NULL); 450 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 451 sshkey_free(k2); 452 TEST_DONE(); 453 454 TEST_START("load ECDSA-SK cert"); 455 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_sk1"), &k2), 0); 456 ASSERT_PTR_NE(k2, NULL); 457 ASSERT_INT_EQ(k2->type, KEY_ECDSA_SK_CERT); 458 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 459 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 460 TEST_DONE(); 461 462 TEST_START("ECDSA-SK key hex fingerprint"); 463 buf = load_text_file("ecdsa_sk1.fp"); 464 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 465 ASSERT_PTR_NE(cp, NULL); 466 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 467 sshbuf_free(buf); 468 free(cp); 469 TEST_DONE(); 470 471 TEST_START("ECDSA-SK cert hex fingerprint"); 472 buf = load_text_file("ecdsa_sk1-cert.fp"); 473 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 474 ASSERT_PTR_NE(cp, NULL); 475 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 476 sshbuf_free(buf); 477 free(cp); 478 sshkey_free(k2); 479 TEST_DONE(); 480 481 TEST_START("ECDSA-SK key bubblebabble fingerprint"); 482 buf = load_text_file("ecdsa_sk1.fp.bb"); 483 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 484 ASSERT_PTR_NE(cp, NULL); 485 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 486 sshbuf_free(buf); 487 free(cp); 488 TEST_DONE(); 489 490 sshkey_free(k1); 491 #endif 492 493 TEST_START("parse Ed25519-SK from private"); 494 buf = load_file("ed25519_sk1"); 495 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 496 sshbuf_free(buf); 497 ASSERT_PTR_NE(k1, NULL); 498 ASSERT_INT_EQ(k1->type, KEY_ED25519_SK); 499 /* XXX check key contents */ 500 TEST_DONE(); 501 502 TEST_START("parse Ed25519-SK from private w/ passphrase"); 503 buf = load_file("ed25519_sk1_pw"); 504 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 505 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 506 sshbuf_free(buf); 507 ASSERT_PTR_NE(k2, NULL); 508 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 509 sshkey_free(k2); 510 TEST_DONE(); 511 512 TEST_START("load Ed25519-SK from public"); 513 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_sk1.pub"), 514 &k2, NULL), 0); 515 ASSERT_PTR_NE(k2, NULL); 516 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 517 sshkey_free(k2); 518 TEST_DONE(); 519 520 TEST_START("load Ed25519-SK cert"); 521 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_sk1"), &k2), 0); 522 ASSERT_PTR_NE(k2, NULL); 523 ASSERT_INT_EQ(k2->type, KEY_ED25519_SK_CERT); 524 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 525 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 526 TEST_DONE(); 527 528 TEST_START("Ed25519-SK key hex fingerprint"); 529 buf = load_text_file("ed25519_sk1.fp"); 530 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 531 ASSERT_PTR_NE(cp, NULL); 532 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 533 sshbuf_free(buf); 534 free(cp); 535 TEST_DONE(); 536 537 TEST_START("Ed25519-SK cert hex fingerprint"); 538 buf = load_text_file("ed25519_sk1-cert.fp"); 539 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 540 ASSERT_PTR_NE(cp, NULL); 541 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 542 sshbuf_free(buf); 543 free(cp); 544 sshkey_free(k2); 545 TEST_DONE(); 546 547 TEST_START("Ed25519-SK key bubblebabble fingerprint"); 548 buf = load_text_file("ed25519_sk1.fp.bb"); 549 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 550 ASSERT_PTR_NE(cp, NULL); 551 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 552 sshbuf_free(buf); 553 free(cp); 554 TEST_DONE(); 555 556 sshkey_free(k1); 557 #endif /* ENABLE_SK */ 558 559 sshbuf_free(pw); 560 561 } 562