1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
/* $OpenBSD: tests.c,v 1.1 2020/06/19 04:32:09 djm Exp $ */
/*
* Regress test for sshbuf.h buffer API
*
* Placed in the public domain
*/
#include <sys/types.h>
#include <sys/param.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <openssl/evp.h>
#include <openssl/crypto.h>
#include "ssherr.h"
#include "authfile.h"
#include "sshkey.h"
#include "sshbuf.h"
#include "sshsig.h"
#include "log.h"
#include "test_helper.h"
static struct sshbuf *
load_file(const char *name)
{
struct sshbuf *ret = NULL;
ASSERT_INT_EQ(sshbuf_load_file(test_data_file(name), &ret), 0);
ASSERT_PTR_NE(ret, NULL);
return ret;
}
static struct sshkey *
load_key(const char *name)
{
struct sshkey *ret = NULL;
ASSERT_INT_EQ(sshkey_load_public(test_data_file(name), &ret, NULL), 0);
ASSERT_PTR_NE(ret, NULL);
return ret;
}
static void
check_sig(const char *keyname, const char *signame, const struct sshbuf *msg,
const char *namespace)
{
struct sshkey *k, *sign_key;
struct sshbuf *sig, *rawsig;
struct sshkey_sig_details *sig_details;
k = load_key(keyname);
sig = load_file(signame);
sign_key = NULL;
sig_details = NULL;
rawsig = NULL;
ASSERT_INT_EQ(sshsig_dearmor(sig, &rawsig), 0);
ASSERT_INT_EQ(sshsig_verifyb(rawsig, msg, namespace,
&sign_key, &sig_details), 0);
ASSERT_INT_EQ(sshkey_equal(k, sign_key), 1);
sshkey_free(k);
sshkey_free(sign_key);
sshkey_sig_details_free(sig_details);
sshbuf_free(sig);
sshbuf_free(rawsig);
}
void
tests(void)
{
struct sshbuf *msg;
char *namespace;
#if 0
log_init("test_sshsig", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 1);
#endif
OpenSSL_add_all_algorithms();
ERR_load_CRYPTO_strings();
TEST_START("load data");
msg = load_file("namespace");
namespace = sshbuf_dup_string(msg);
ASSERT_PTR_NE(namespace, NULL);
sshbuf_free(msg);
msg = load_file("signed-data");
TEST_DONE();
TEST_START("check RSA signature");
check_sig("rsa", "rsa.sig", msg, namespace);
TEST_DONE();
TEST_START("check DSA signature");
check_sig("dsa", "dsa.sig", msg, namespace);
TEST_DONE();
TEST_START("check ECDSA signature");
check_sig("ecdsa", "ecdsa.sig", msg, namespace);
TEST_DONE();
TEST_START("check ED25519 signature");
check_sig("ed25519", "ed25519.sig", msg, namespace);
TEST_DONE();
TEST_START("check ECDSA-SK signature");
check_sig("ecdsa_sk", "ecdsa_sk.sig", msg, namespace);
TEST_DONE();
TEST_START("check ED25519-SK signature");
check_sig("ed25519_sk", "ed25519_sk.sig", msg, namespace);
TEST_DONE();
sshbuf_free(msg);
free(namespace);
}
|