1 /* $OpenBSD: test_file.c,v 1.12 2024/08/15 00:52:23 djm Exp $ */ 2 /* 3 * Regress test for sshkey.h key management API 4 * 5 * Placed in the public domain 6 */ 7 8 #include "includes.h" 9 10 #include <sys/types.h> 11 #include <sys/stat.h> 12 #include <fcntl.h> 13 #include <stdio.h> 14 #ifdef HAVE_STDINT_H 15 #include <stdint.h> 16 #endif 17 #include <stdlib.h> 18 #include <string.h> 19 #include <unistd.h> 20 21 #ifdef WITH_OPENSSL 22 #include <openssl/bn.h> 23 #include <openssl/rsa.h> 24 #include <openssl/dsa.h> 25 #include <openssl/objects.h> 26 #ifdef OPENSSL_HAS_NISTP256 27 # include <openssl/ec.h> 28 #endif /* OPENSSL_HAS_NISTP256 */ 29 #endif /* WITH_OPENSSL */ 30 31 #include "../test_helper/test_helper.h" 32 33 #include "ssherr.h" 34 #include "authfile.h" 35 #include "sshkey.h" 36 #include "sshbuf.h" 37 #include "digest.h" 38 39 #include "common.h" 40 41 void sshkey_file_tests(void); 42 43 void 44 sshkey_file_tests(void) 45 { 46 struct sshkey *k1, *k2; 47 struct sshbuf *buf, *pw; 48 #ifdef WITH_OPENSSL 49 BIGNUM *a, *b, *c; 50 #endif 51 char *cp; 52 53 TEST_START("load passphrase"); 54 pw = load_text_file("pw"); 55 TEST_DONE(); 56 57 58 #ifdef WITH_OPENSSL 59 TEST_START("parse RSA from private"); 60 buf = load_file("rsa_1"); 61 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 62 sshbuf_free(buf); 63 ASSERT_PTR_NE(k1, NULL); 64 a = load_bignum("rsa_1.param.n"); 65 b = load_bignum("rsa_1.param.p"); 66 c = load_bignum("rsa_1.param.q"); 67 ASSERT_BIGNUM_EQ(rsa_n(k1), a); 68 ASSERT_BIGNUM_EQ(rsa_p(k1), b); 69 ASSERT_BIGNUM_EQ(rsa_q(k1), c); 70 BN_free(a); 71 BN_free(b); 72 BN_free(c); 73 TEST_DONE(); 74 75 TEST_START("parse RSA from private w/ passphrase"); 76 buf = load_file("rsa_1_pw"); 77 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 78 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 79 sshbuf_free(buf); 80 ASSERT_PTR_NE(k2, NULL); 81 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 82 sshkey_free(k2); 83 TEST_DONE(); 84 85 TEST_START("parse RSA from new-format"); 86 buf = load_file("rsa_n"); 87 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); 88 sshbuf_free(buf); 89 ASSERT_PTR_NE(k2, NULL); 90 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 91 sshkey_free(k2); 92 TEST_DONE(); 93 94 TEST_START("parse RSA from new-format w/ passphrase"); 95 buf = load_file("rsa_n_pw"); 96 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 97 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 98 sshbuf_free(buf); 99 ASSERT_PTR_NE(k2, NULL); 100 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 101 sshkey_free(k2); 102 TEST_DONE(); 103 104 TEST_START("load RSA from public"); 105 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, 106 NULL), 0); 107 ASSERT_PTR_NE(k2, NULL); 108 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 109 sshkey_free(k2); 110 TEST_DONE(); 111 112 TEST_START("load RSA cert with SHA1 signature"); 113 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha1"), &k2), 0); 114 ASSERT_PTR_NE(k2, NULL); 115 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 116 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 117 ASSERT_STRING_EQ(k2->cert->signature_type, "ssh-rsa"); 118 sshkey_free(k2); 119 TEST_DONE(); 120 121 TEST_START("load RSA cert with SHA512 signature"); 122 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1_sha512"), &k2), 0); 123 ASSERT_PTR_NE(k2, NULL); 124 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 125 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 126 ASSERT_STRING_EQ(k2->cert->signature_type, "rsa-sha2-512"); 127 sshkey_free(k2); 128 TEST_DONE(); 129 130 TEST_START("load RSA cert"); 131 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k2), 0); 132 ASSERT_PTR_NE(k2, NULL); 133 ASSERT_INT_EQ(k2->type, KEY_RSA_CERT); 134 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 135 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 136 TEST_DONE(); 137 138 TEST_START("RSA key hex fingerprint"); 139 buf = load_text_file("rsa_1.fp"); 140 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 141 ASSERT_PTR_NE(cp, NULL); 142 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 143 sshbuf_free(buf); 144 free(cp); 145 TEST_DONE(); 146 147 TEST_START("RSA cert hex fingerprint"); 148 buf = load_text_file("rsa_1-cert.fp"); 149 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 150 ASSERT_PTR_NE(cp, NULL); 151 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 152 sshbuf_free(buf); 153 free(cp); 154 sshkey_free(k2); 155 TEST_DONE(); 156 157 TEST_START("RSA key bubblebabble fingerprint"); 158 buf = load_text_file("rsa_1.fp.bb"); 159 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 160 ASSERT_PTR_NE(cp, NULL); 161 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 162 sshbuf_free(buf); 163 free(cp); 164 TEST_DONE(); 165 166 sshkey_free(k1); 167 168 #ifdef WITH_DSA 169 TEST_START("parse DSA from private"); 170 buf = load_file("dsa_1"); 171 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 172 sshbuf_free(buf); 173 ASSERT_PTR_NE(k1, NULL); 174 a = load_bignum("dsa_1.param.g"); 175 b = load_bignum("dsa_1.param.priv"); 176 c = load_bignum("dsa_1.param.pub"); 177 ASSERT_BIGNUM_EQ(dsa_g(k1), a); 178 ASSERT_BIGNUM_EQ(dsa_priv_key(k1), b); 179 ASSERT_BIGNUM_EQ(dsa_pub_key(k1), c); 180 BN_free(a); 181 BN_free(b); 182 BN_free(c); 183 TEST_DONE(); 184 185 TEST_START("parse DSA from private w/ passphrase"); 186 buf = load_file("dsa_1_pw"); 187 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 188 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 189 sshbuf_free(buf); 190 ASSERT_PTR_NE(k2, NULL); 191 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 192 sshkey_free(k2); 193 TEST_DONE(); 194 195 TEST_START("parse DSA from new-format"); 196 buf = load_file("dsa_n"); 197 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); 198 sshbuf_free(buf); 199 ASSERT_PTR_NE(k2, NULL); 200 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 201 sshkey_free(k2); 202 TEST_DONE(); 203 204 TEST_START("parse DSA from new-format w/ passphrase"); 205 buf = load_file("dsa_n_pw"); 206 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 207 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 208 sshbuf_free(buf); 209 ASSERT_PTR_NE(k2, NULL); 210 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 211 sshkey_free(k2); 212 TEST_DONE(); 213 214 TEST_START("load DSA from public"); 215 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_1.pub"), &k2, 216 NULL), 0); 217 ASSERT_PTR_NE(k2, NULL); 218 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 219 sshkey_free(k2); 220 TEST_DONE(); 221 222 TEST_START("load DSA cert"); 223 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("dsa_1"), &k2), 0); 224 ASSERT_PTR_NE(k2, NULL); 225 ASSERT_INT_EQ(k2->type, KEY_DSA_CERT); 226 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 227 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 228 TEST_DONE(); 229 230 TEST_START("DSA key hex fingerprint"); 231 buf = load_text_file("dsa_1.fp"); 232 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 233 ASSERT_PTR_NE(cp, NULL); 234 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 235 sshbuf_free(buf); 236 free(cp); 237 TEST_DONE(); 238 239 TEST_START("DSA cert hex fingerprint"); 240 buf = load_text_file("dsa_1-cert.fp"); 241 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 242 ASSERT_PTR_NE(cp, NULL); 243 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 244 sshbuf_free(buf); 245 free(cp); 246 sshkey_free(k2); 247 TEST_DONE(); 248 249 TEST_START("DSA key bubblebabble fingerprint"); 250 buf = load_text_file("dsa_1.fp.bb"); 251 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 252 ASSERT_PTR_NE(cp, NULL); 253 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 254 sshbuf_free(buf); 255 free(cp); 256 TEST_DONE(); 257 258 sshkey_free(k1); 259 #endif 260 261 #ifdef OPENSSL_HAS_ECC 262 TEST_START("parse ECDSA from private"); 263 buf = load_file("ecdsa_1"); 264 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 265 sshbuf_free(buf); 266 ASSERT_PTR_NE(k1, NULL); 267 buf = load_text_file("ecdsa_1.param.curve"); 268 ASSERT_STRING_EQ((const char *)sshbuf_ptr(buf), 269 OBJ_nid2sn(k1->ecdsa_nid)); 270 sshbuf_free(buf); 271 #ifndef OPENSSL_IS_BORINGSSL /* lacks EC_POINT_point2bn() */ 272 a = load_bignum("ecdsa_1.param.priv"); 273 b = load_bignum("ecdsa_1.param.pub"); 274 c = EC_POINT_point2bn(EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(k1->pkey)), 275 EC_KEY_get0_public_key(EVP_PKEY_get0_EC_KEY(k1->pkey)), 276 POINT_CONVERSION_UNCOMPRESSED, NULL, NULL); 277 ASSERT_PTR_NE(c, NULL); 278 ASSERT_BIGNUM_EQ( 279 EC_KEY_get0_private_key(EVP_PKEY_get0_EC_KEY(k1->pkey)), a); 280 ASSERT_BIGNUM_EQ(b, c); 281 BN_free(a); 282 BN_free(b); 283 BN_free(c); 284 #endif /* OPENSSL_IS_BORINGSSL */ 285 TEST_DONE(); 286 287 TEST_START("parse ECDSA from private w/ passphrase"); 288 buf = load_file("ecdsa_1_pw"); 289 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 290 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 291 sshbuf_free(buf); 292 ASSERT_PTR_NE(k2, NULL); 293 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 294 sshkey_free(k2); 295 TEST_DONE(); 296 297 TEST_START("parse ECDSA from new-format"); 298 buf = load_file("ecdsa_n"); 299 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); 300 sshbuf_free(buf); 301 ASSERT_PTR_NE(k2, NULL); 302 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 303 sshkey_free(k2); 304 TEST_DONE(); 305 306 TEST_START("parse ECDSA from new-format w/ passphrase"); 307 buf = load_file("ecdsa_n_pw"); 308 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 309 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 310 sshbuf_free(buf); 311 ASSERT_PTR_NE(k2, NULL); 312 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 313 sshkey_free(k2); 314 TEST_DONE(); 315 316 TEST_START("load ECDSA from public"); 317 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_1.pub"), &k2, 318 NULL), 0); 319 ASSERT_PTR_NE(k2, NULL); 320 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 321 sshkey_free(k2); 322 TEST_DONE(); 323 324 TEST_START("load ECDSA cert"); 325 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_1"), &k2), 0); 326 ASSERT_PTR_NE(k2, NULL); 327 ASSERT_INT_EQ(k2->type, KEY_ECDSA_CERT); 328 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 329 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 330 TEST_DONE(); 331 332 TEST_START("ECDSA key hex fingerprint"); 333 buf = load_text_file("ecdsa_1.fp"); 334 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 335 ASSERT_PTR_NE(cp, NULL); 336 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 337 sshbuf_free(buf); 338 free(cp); 339 TEST_DONE(); 340 341 TEST_START("ECDSA cert hex fingerprint"); 342 buf = load_text_file("ecdsa_1-cert.fp"); 343 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 344 ASSERT_PTR_NE(cp, NULL); 345 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 346 sshbuf_free(buf); 347 free(cp); 348 sshkey_free(k2); 349 TEST_DONE(); 350 351 TEST_START("ECDSA key bubblebabble fingerprint"); 352 buf = load_text_file("ecdsa_1.fp.bb"); 353 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 354 ASSERT_PTR_NE(cp, NULL); 355 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 356 sshbuf_free(buf); 357 free(cp); 358 TEST_DONE(); 359 360 sshkey_free(k1); 361 #endif /* OPENSSL_HAS_ECC */ 362 #endif /* WITH_OPENSSL */ 363 364 TEST_START("parse Ed25519 from private"); 365 buf = load_file("ed25519_1"); 366 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 367 sshbuf_free(buf); 368 ASSERT_PTR_NE(k1, NULL); 369 ASSERT_INT_EQ(k1->type, KEY_ED25519); 370 /* XXX check key contents */ 371 TEST_DONE(); 372 373 TEST_START("parse Ed25519 from private w/ passphrase"); 374 buf = load_file("ed25519_1_pw"); 375 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 376 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 377 sshbuf_free(buf); 378 ASSERT_PTR_NE(k2, NULL); 379 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 380 sshkey_free(k2); 381 TEST_DONE(); 382 383 TEST_START("load Ed25519 from public"); 384 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k2, 385 NULL), 0); 386 ASSERT_PTR_NE(k2, NULL); 387 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 388 sshkey_free(k2); 389 TEST_DONE(); 390 391 TEST_START("load Ed25519 cert"); 392 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_1"), &k2), 0); 393 ASSERT_PTR_NE(k2, NULL); 394 ASSERT_INT_EQ(k2->type, KEY_ED25519_CERT); 395 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 396 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 397 TEST_DONE(); 398 399 TEST_START("Ed25519 key hex fingerprint"); 400 buf = load_text_file("ed25519_1.fp"); 401 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 402 ASSERT_PTR_NE(cp, NULL); 403 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 404 sshbuf_free(buf); 405 free(cp); 406 TEST_DONE(); 407 408 TEST_START("Ed25519 cert hex fingerprint"); 409 buf = load_text_file("ed25519_1-cert.fp"); 410 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 411 ASSERT_PTR_NE(cp, NULL); 412 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 413 sshbuf_free(buf); 414 free(cp); 415 sshkey_free(k2); 416 TEST_DONE(); 417 418 TEST_START("Ed25519 key bubblebabble fingerprint"); 419 buf = load_text_file("ed25519_1.fp.bb"); 420 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 421 ASSERT_PTR_NE(cp, NULL); 422 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 423 sshbuf_free(buf); 424 free(cp); 425 TEST_DONE(); 426 427 sshkey_free(k1); 428 429 #ifdef ENABLE_SK 430 #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) 431 TEST_START("parse ECDSA-SK from private"); 432 buf = load_file("ecdsa_sk1"); 433 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 434 sshbuf_free(buf); 435 ASSERT_PTR_NE(k1, NULL); 436 ASSERT_INT_EQ(k1->type, KEY_ECDSA_SK); 437 TEST_DONE(); 438 439 TEST_START("parse ECDSA-SK from private w/ passphrase"); 440 buf = load_file("ecdsa_sk1_pw"); 441 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 442 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 443 sshbuf_free(buf); 444 ASSERT_PTR_NE(k2, NULL); 445 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 446 sshkey_free(k2); 447 TEST_DONE(); 448 449 TEST_START("load ECDSA-SK from public"); 450 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_sk1.pub"), &k2, 451 NULL), 0); 452 ASSERT_PTR_NE(k2, NULL); 453 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 454 sshkey_free(k2); 455 TEST_DONE(); 456 457 TEST_START("load ECDSA-SK cert"); 458 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ecdsa_sk1"), &k2), 0); 459 ASSERT_PTR_NE(k2, NULL); 460 ASSERT_INT_EQ(k2->type, KEY_ECDSA_SK_CERT); 461 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 462 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 463 TEST_DONE(); 464 465 TEST_START("ECDSA-SK key hex fingerprint"); 466 buf = load_text_file("ecdsa_sk1.fp"); 467 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 468 ASSERT_PTR_NE(cp, NULL); 469 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 470 sshbuf_free(buf); 471 free(cp); 472 TEST_DONE(); 473 474 TEST_START("ECDSA-SK cert hex fingerprint"); 475 buf = load_text_file("ecdsa_sk1-cert.fp"); 476 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 477 ASSERT_PTR_NE(cp, NULL); 478 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 479 sshbuf_free(buf); 480 free(cp); 481 sshkey_free(k2); 482 TEST_DONE(); 483 484 TEST_START("ECDSA-SK key bubblebabble fingerprint"); 485 buf = load_text_file("ecdsa_sk1.fp.bb"); 486 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 487 ASSERT_PTR_NE(cp, NULL); 488 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 489 sshbuf_free(buf); 490 free(cp); 491 TEST_DONE(); 492 493 sshkey_free(k1); 494 #endif 495 496 TEST_START("parse Ed25519-SK from private"); 497 buf = load_file("ed25519_sk1"); 498 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); 499 sshbuf_free(buf); 500 ASSERT_PTR_NE(k1, NULL); 501 ASSERT_INT_EQ(k1->type, KEY_ED25519_SK); 502 /* XXX check key contents */ 503 TEST_DONE(); 504 505 TEST_START("parse Ed25519-SK from private w/ passphrase"); 506 buf = load_file("ed25519_sk1_pw"); 507 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 508 (const char *)sshbuf_ptr(pw), &k2, NULL), 0); 509 sshbuf_free(buf); 510 ASSERT_PTR_NE(k2, NULL); 511 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 512 sshkey_free(k2); 513 TEST_DONE(); 514 515 TEST_START("load Ed25519-SK from public"); 516 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_sk1.pub"), 517 &k2, NULL), 0); 518 ASSERT_PTR_NE(k2, NULL); 519 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 520 sshkey_free(k2); 521 TEST_DONE(); 522 523 TEST_START("load Ed25519-SK cert"); 524 ASSERT_INT_EQ(sshkey_load_cert(test_data_file("ed25519_sk1"), &k2), 0); 525 ASSERT_PTR_NE(k2, NULL); 526 ASSERT_INT_EQ(k2->type, KEY_ED25519_SK_CERT); 527 ASSERT_INT_EQ(sshkey_equal(k1, k2), 0); 528 ASSERT_INT_EQ(sshkey_equal_public(k1, k2), 1); 529 TEST_DONE(); 530 531 TEST_START("Ed25519-SK key hex fingerprint"); 532 buf = load_text_file("ed25519_sk1.fp"); 533 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); 534 ASSERT_PTR_NE(cp, NULL); 535 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 536 sshbuf_free(buf); 537 free(cp); 538 TEST_DONE(); 539 540 TEST_START("Ed25519-SK cert hex fingerprint"); 541 buf = load_text_file("ed25519_sk1-cert.fp"); 542 cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); 543 ASSERT_PTR_NE(cp, NULL); 544 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 545 sshbuf_free(buf); 546 free(cp); 547 sshkey_free(k2); 548 TEST_DONE(); 549 550 TEST_START("Ed25519-SK key bubblebabble fingerprint"); 551 buf = load_text_file("ed25519_sk1.fp.bb"); 552 cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA1, SSH_FP_BUBBLEBABBLE); 553 ASSERT_PTR_NE(cp, NULL); 554 ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); 555 sshbuf_free(buf); 556 free(cp); 557 TEST_DONE(); 558 559 sshkey_free(k1); 560 #endif /* ENABLE_SK */ 561 562 sshbuf_free(pw); 563 564 } 565