#include <stdlib.h>
#include <string.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
+#endif
#include "../test_helper/test_helper.h"
void
tests(void)
{
+#ifdef WITH_OPENSSL
struct bitmap *b;
BIGNUM *bn;
size_t len;
bitmap_free(b);
BN_free(bn);
TEST_DONE();
+#endif
}
int parse_key = (ctx->flags & HKF_WANT_PARSE_KEY) != 0;
const int matching = (ctx->flags & HKF_WANT_MATCH) != 0;
u_int expected_status, expected_match;
- int expected_keytype;
+ int expected_keytype, skip = 0;
test_subtest_info("entry %zu/%zu, file line %ld",
ctx->i + 1, ctx->nexpected, l->linenum);
#ifndef OPENSSL_HAS_ECC
if (expected->l.keytype == KEY_ECDSA ||
- expected->no_parse_keytype == KEY_ECDSA) {
+ expected->no_parse_keytype == KEY_ECDSA)
+ skip = 1;
+#endif /* OPENSSL_HAS_ECC */
+#ifndef WITH_OPENSSL
+ if (expected->l.keytype == KEY_DSA ||
+ expected->no_parse_keytype == KEY_DSA ||
+ expected->l.keytype == KEY_RSA ||
+ expected->no_parse_keytype == KEY_RSA ||
+ expected->l.keytype == KEY_ECDSA ||
+ expected->no_parse_keytype == KEY_ECDSA)
+ skip = 1;
+#endif /* WITH_OPENSSL */
+ if (skip) {
expected_status = HKF_STATUS_INVALID;
expected_keytype = KEY_UNSPEC;
parse_key = 0;
}
-#endif
-
UPDATE_MATCH_STATUS(match_host_p);
UPDATE_MATCH_STATUS(match_host_s);
UPDATE_MATCH_STATUS(match_ipv4);
#ifndef OPENSSL_HAS_ECC
if (expected[i].l.keytype == KEY_ECDSA)
continue;
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#ifndef WITH_OPENSSL
+ switch (expected[i].l.keytype) {
+ case KEY_RSA:
+ case KEY_DSA:
+ case KEY_ECDSA:
+ continue;
+ }
+#endif /* WITH_OPENSSL */
ASSERT_INT_EQ(sshkey_load_public(
test_data_file(expected[i].key_file), &expected[i].l.key,
NULL), 0);
sshbuf_free(state);
ASSERT_PTR_NE(server2->kex, NULL);
/* XXX we need to set the callbacks */
+#ifdef WITH_OPENSSL
server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
#ifdef OPENSSL_HAS_ECC
server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
server2->kex->load_host_public_key = server->kex->load_host_public_key;
server2->kex->load_host_private_key = server->kex->load_host_private_key;
static void
do_kex(char *kex)
{
+#ifdef WITH_OPENSSL
do_kex_with_key(kex, KEY_RSA, 2048);
do_kex_with_key(kex, KEY_DSA, 1024);
#ifdef OPENSSL_HAS_ECC
do_kex_with_key(kex, KEY_ECDSA, 256);
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
do_kex_with_key(kex, KEY_ED25519, 256);
}
kex_tests(void)
{
do_kex("curve25519-sha256@libssh.org");
+#ifdef WITH_OPENSSL
#ifdef OPENSSL_HAS_ECC
do_kex("ecdh-sha2-nistp256");
do_kex("ecdh-sha2-nistp384");
do_kex("ecdh-sha2-nistp521");
-#endif
+#endif /* OPENSSL_HAS_ECC */
do_kex("diffie-hellman-group-exchange-sha256");
do_kex("diffie-hellman-group-exchange-sha1");
do_kex("diffie-hellman-group14-sha1");
do_kex("diffie-hellman-group1-sha1");
+#endif /* WITH_OPENSSL */
}
#include "includes.h"
+#ifdef WITH_OPENSSL
+
#include <sys/types.h>
#include <sys/param.h>
#include <stdio.h>
#endif
}
+#endif /* WITH_OPENSSL */
attempt_parse_blob(u_char *blob, size_t len)
{
struct sshbuf *p1;
+#ifdef WITH_OPENSSL
BIGNUM *bn;
#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
EC_KEY *eck;
-#endif
+#endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */
+#endif /* WITH_OPENSSL */
u_char *s;
size_t l;
u_int8_t u8;
bzero(s, l);
free(s);
}
+#ifdef WITH_OPENSSL
bn = NULL;
sshbuf_get_bignum2(p1, &bn);
BN_clear_free(bn);
ASSERT_PTR_NE(eck, NULL);
sshbuf_get_eckey(p1, eck);
EC_KEY_free(eck);
-#endif
+#endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */
+#endif /* WITH_OPENSSL */
sshbuf_free(p1);
}
{
sshbuf_tests();
sshbuf_getput_basic_tests();
+#ifdef WITH_OPENSSL
sshbuf_getput_crypto_tests();
+#endif
sshbuf_misc_tests();
sshbuf_fuzz_tests();
sshbuf_getput_fuzz_tests();
#include <string.h>
#include <unistd.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/objects.h>
#ifdef OPENSSL_HAS_NISTP256
# include <openssl/ec.h>
-#endif
+#endif /* OPENSSL_HAS_NISTP256 */
+#endif /* WITH_OPENSSL */
#include "openbsd-compat/openssl-compat.h"
return ret;
}
+#ifdef WITH_OPENSSL
BIGNUM *
load_bignum(const char *name)
{
DSA_get0_key(k->dsa, NULL, &priv_key);
return priv_key;
}
+#endif /* WITH_OPENSSL */
#include <string.h>
#include <unistd.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/objects.h>
#ifdef OPENSSL_HAS_NISTP256
# include <openssl/ec.h>
-#endif
+#endif /* OPENSSL_HAS_NISTP256 */
+#endif /* WITH_OPENSSL */
#include "../test_helper/test_helper.h"
{
struct sshkey *k1, *k2;
struct sshbuf *buf, *pw;
+#ifdef WITH_OPENSSL
BIGNUM *a, *b, *c;
+#endif
char *cp;
TEST_START("load passphrase");
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("parse RSA from private");
buf = load_file("rsa_1");
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
sshkey_free(k1);
#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("parse Ed25519 from private");
buf = load_file("ed25519_1");
struct fuzz *fuzz;
int r, i;
-
+#ifdef WITH_OPENSSL
TEST_START("fuzz RSA private");
buf = load_file("rsa_1");
fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
sshbuf_free(fuzzed);
fuzz_cleanup(fuzz);
TEST_DONE();
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("fuzz Ed25519 private");
buf = load_file("ed25519_1");
fuzz_cleanup(fuzz);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("fuzz RSA public");
buf = load_file("rsa_1");
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
public_fuzz(k1);
sshkey_free(k1);
TEST_DONE();
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("fuzz Ed25519 public");
buf = load_file("ed25519_1");
sshkey_free(k1);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("fuzz RSA sig");
buf = load_file("rsa_1");
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
sig_fuzz(k1, NULL);
sshkey_free(k1);
TEST_DONE();
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("fuzz Ed25519 sig");
buf = load_file("ed25519_1");
TEST_DONE();
/* XXX fuzz decoded new-format blobs too */
+/* XXX fuzz XMSS too */
}
sshbuf_free(sect);
}
+#ifdef WITH_OPENSSL
static void
build_cert(struct sshbuf *b, struct sshkey *k, const char *type,
struct sshkey *sign_key, struct sshkey *ca_key,
sshbuf_free(principals);
sshbuf_free(pk);
}
+#endif /* WITH_OPENSSL */
static void
signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg,
void
sshkey_tests(void)
{
- struct sshkey *k1, *k2, *k3, *k4, *kr, *kd, *kf;
+ struct sshkey *k1, *k2, *k3, *kf;
+#ifdef WITH_OPENSSL
+ struct sshkey *k4, *kr, *kd;
#ifdef OPENSSL_HAS_ECC
struct sshkey *ke;
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
struct sshbuf *b;
TEST_START("new invalid");
sshkey_free(k1);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("new/free KEY_RSA");
k1 = sshkey_new(KEY_RSA);
ASSERT_PTR_NE(k1, NULL);
ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
ASSERT_PTR_NE(EC_KEY_get0_private_key(ke->ecdsa), NULL);
TEST_DONE();
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("generate KEY_ED25519");
ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &kf), 0);
ASSERT_PTR_NE(kf->ed25519_sk, NULL);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("demote KEY_RSA");
ASSERT_INT_EQ(sshkey_from_private(kr, &k1), 0);
ASSERT_PTR_NE(k1, NULL);
ASSERT_INT_EQ(sshkey_equal(ke, k1), 1);
sshkey_free(k1);
TEST_DONE();
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("demote KEY_ED25519");
ASSERT_INT_EQ(sshkey_from_private(kf, &k1), 0);
sshkey_free(k1);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("equal mismatched key types");
ASSERT_INT_EQ(sshkey_equal(kd, kr), 0);
#ifdef OPENSSL_HAS_ECC
ASSERT_INT_EQ(sshkey_equal(kd, ke), 0);
ASSERT_INT_EQ(sshkey_equal(kr, ke), 0);
ASSERT_INT_EQ(sshkey_equal(ke, kf), 0);
-#endif
+#endif /* OPENSSL_HAS_ECC */
ASSERT_INT_EQ(sshkey_equal(kd, kf), 0);
TEST_DONE();
+#endif /* WITH_OPENSSL */
TEST_START("equal different keys");
+#ifdef WITH_OPENSSL
ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0);
ASSERT_INT_EQ(sshkey_equal(kr, k1), 0);
sshkey_free(k1);
ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0);
ASSERT_INT_EQ(sshkey_equal(ke, k1), 0);
sshkey_free(k1);
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0);
ASSERT_INT_EQ(sshkey_equal(kf, k1), 0);
sshkey_free(k1);
TEST_DONE();
+#ifdef WITH_OPENSSL
sshkey_free(kr);
sshkey_free(kd);
#ifdef OPENSSL_HAS_ECC
sshkey_free(ke);
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
sshkey_free(kf);
TEST_START("certify key");
sshbuf_reset(b);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("sign and verify RSA");
k1 = get_private("rsa_1");
ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
sshkey_free(k1);
sshkey_free(k2);
TEST_DONE();
-#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
TEST_START("sign and verify ED25519");
k1 = get_private("ed25519_1");
sshkey_free(k2);
TEST_DONE();
+#ifdef WITH_OPENSSL
TEST_START("nested certificate");
ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
sshkey_free(k3);
sshbuf_free(b);
TEST_DONE();
-
+#endif /* WITH_OPENSSL */
}
-----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCus+kaow
-AUjHphacvRp98dAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFv
-PwKgo/BztXck2xC4a2WyA34XtIwZAAAAoJaqqgiYQuElraJAmYOm7Tb4nJ3eI4oj9mQ52M
-/Yd+ION2Ur1v8BDewpDX+LHEYgKHo3Mlmcn2UyF+QJ+7xUCW7QCtk/4szrJzw74DlEl6mH
-T8PT/f/av7PpECBD/YD3NoDlB9OWm/Q4sHcxfBEKfTGD7s2Onn71HgrdEOPqd4Sj/IQigR
-drfjtXEMlD32k9n3dd2eS9x7AHWYaGFEMkOcY=
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDKT56mBA
+tXIMsWqmuuA2gdAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFv
+PwKgo/BztXck2xC4a2WyA34XtIwZAAAAoC13U47yfUOSZJePNUAwWXuFOk3aOKwPM5PMvK
+0zwRnMZZjgn+tsMAYPwhsT3Mx3h5QzvVGFyFEqsiK7j4vAotD+LVQeBN5TwWbUBx4lnoGs
+3iAfYVDakO/gNvVBDDGOqv5kdCc4cgn5HacjHQLKOAx6KzHe7JFn7uCywMdVVQjlpI6LHb
+mHkaKiVX/C2oiRnsoe17HZ8Fxyt3vd1qNM8BE=
-----END OPENSSH PRIVATE KEY-----
#include <sys/param.h>
#include <sys/uio.h>
+#include <stdarg.h>
#include <fcntl.h>
#include <stdio.h>
#ifdef HAVE_STDINT_H
#include <unistd.h>
#include <signal.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/err.h>
+#endif
#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
# include <vis.h>
int ch;
seed_rng();
+#ifdef WITH_OPENSSL
ERR_load_CRYPTO_strings();
+#endif
/* Handle systems without __progname */
if (__progname == NULL) {
void
ssl_err_check(const char *file, int line)
{
+#ifdef WITH_OPENSSL
long openssl_error = ERR_get_error();
if (openssl_error == 0)
fprintf(stderr, "\n%s:%d: uncaught OpenSSL error: %s",
file, line, ERR_error_string(openssl_error, NULL));
+#else /* WITH_OPENSSL */
+ fprintf(stderr, "\n%s:%d: uncaught OpenSSL error ",
+ file, line);
+#endif /* WITH_OPENSSL */
abort();
}
a2 != NULL ? ", " : "", a2 != NULL ? a2 : "");
}
+#ifdef WITH_OPENSSL
void
assert_bignum(const char *file, int line, const char *a1, const char *a2,
const BIGNUM *aa1, const BIGNUM *aa2, enum test_predicate pred)
fprintf(stderr, "%12s = 0x%s\n", a2, BN_bn2hex(aa2));
test_die();
}
+#endif
void
assert_string(const char *file, int line, const char *a1, const char *a2,
# include <stdint.h>
#endif
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/err.h>
+#endif
enum test_predicate {
TEST_EQ, TEST_NE, TEST_LT, TEST_LE, TEST_GT, TEST_GE
void test_subtest_info(const char *fmt, ...)
__attribute__((format(printf, 1, 2)));
void ssl_err_check(const char *file, int line);
+#ifdef WITH_OPENSSL
void assert_bignum(const char *file, int line,
const char *a1, const char *a2,
const BIGNUM *aa1, const BIGNUM *aa2, enum test_predicate pred);
+#endif
void assert_string(const char *file, int line,
const char *a1, const char *a2,
const char *aa1, const char *aa2, enum test_predicate pred);
#include "includes.h"
#include <locale.h>
+#include <stdarg.h>
#include <string.h>
+#include <stdio.h>
#include "../test_helper/test_helper.h"
projects / thirdparty / openssh-portable.git / commitdiff
