diff options
Diffstat (limited to 'regress/unittests')
-rw-r--r-- | regress/unittests/Makefile.inc | 7 | ||||
-rw-r--r-- | regress/unittests/hostkeys/test_iterate.c | 11 | ||||
-rw-r--r-- | regress/unittests/kex/test_kex.c | 4 | ||||
-rw-r--r-- | regress/unittests/sshkey/test_file.c | 4 | ||||
-rw-r--r-- | regress/unittests/sshkey/test_fuzz.c | 8 | ||||
-rw-r--r-- | regress/unittests/sshkey/test_sshkey.c | 23 | ||||
-rw-r--r-- | regress/unittests/sshsig/tests.c | 4 |
7 files changed, 47 insertions, 14 deletions
diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index 623896f..98e2804 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.15 2023/09/24 08:14:13 claudio Exp $ +# $OpenBSD: Makefile.inc,v 1.16 2024/01/11 01:45:58 djm Exp $ .include <bsd.own.mk> .include <bsd.obj.mk> @@ -13,6 +13,11 @@ TEST_ENV?= MALLOC_OPTIONS=${MALLOC_OPTIONS} # XXX detect from ssh binary? OPENSSL?= yes +DSAKEY?= yes + +.if (${DSAKEY:L} == "yes") +CFLAGS+= -DWITH_DSA +.endif .if (${OPENSSL:L} == "yes") CFLAGS+= -DWITH_OPENSSL diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 84f26b5..7efb8e1 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_iterate.c,v 1.8 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_iterate.c,v 1.9 2024/01/11 01:45:58 djm Exp $ */ /* * Regress test for hostfile.h hostkeys_foreach() * @@ -94,6 +94,11 @@ check(struct hostkey_foreach_line *l, void *_ctx) expected->no_parse_keytype == KEY_ECDSA) skip = 1; #endif /* OPENSSL_HAS_ECC */ +#ifndef WITH_DSA + if (expected->l.keytype == KEY_DSA || + expected->no_parse_keytype == KEY_DSA) + skip = 1; +#endif #ifndef WITH_OPENSSL if (expected->l.keytype == KEY_DSA || expected->no_parse_keytype == KEY_DSA || @@ -155,6 +160,10 @@ prepare_expected(struct expected *expected, size_t n) if (expected[i].l.keytype == KEY_ECDSA) continue; #endif /* OPENSSL_HAS_ECC */ +#ifndef WITH_DSA + if (expected[i].l.keytype == KEY_DSA) + continue; +#endif #ifndef WITH_OPENSSL switch (expected[i].l.keytype) { case KEY_RSA: diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index c26761e..dc1014e 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_kex.c,v 1.6 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_kex.c,v 1.7 2024/01/11 01:45:58 djm Exp $ */ /* * Regress test KEX * @@ -179,7 +179,9 @@ do_kex(char *kex) { #ifdef WITH_OPENSSL do_kex_with_key(kex, KEY_RSA, 2048); +#ifdef WITH_DSA do_kex_with_key(kex, KEY_DSA, 1024); +#endif #ifdef OPENSSL_HAS_ECC do_kex_with_key(kex, KEY_ECDSA, 256); #endif /* OPENSSL_HAS_ECC */ diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c index 488944c..4528405 100644 --- a/regress/unittests/sshkey/test_file.c +++ b/regress/unittests/sshkey/test_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_file.c,v 1.10 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_file.c,v 1.11 2024/01/11 01:45:58 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -165,6 +165,7 @@ sshkey_file_tests(void) sshkey_free(k1); +#ifdef WITH_DSA TEST_START("parse DSA from private"); buf = load_file("dsa_1"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); @@ -255,6 +256,7 @@ sshkey_file_tests(void) TEST_DONE(); sshkey_free(k1); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("parse ECDSA from private"); diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c index 2fae19d..0aff7c9 100644 --- a/regress/unittests/sshkey/test_fuzz.c +++ b/regress/unittests/sshkey/test_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_fuzz.c,v 1.13 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: test_fuzz.c,v 1.14 2024/01/11 01:45:58 djm Exp $ */ /* * Fuzz tests for key parsing * @@ -160,6 +160,7 @@ sshkey_fuzz_tests(void) fuzz_cleanup(fuzz); TEST_DONE(); +#ifdef WITH_DSA TEST_START("fuzz DSA private"); buf = load_file("dsa_1"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), @@ -203,6 +204,7 @@ sshkey_fuzz_tests(void) sshbuf_free(fuzzed); fuzz_cleanup(fuzz); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA private"); @@ -288,6 +290,7 @@ sshkey_fuzz_tests(void) sshkey_free(k1); TEST_DONE(); +#ifdef WITH_DSA TEST_START("fuzz DSA public"); buf = load_file("dsa_1"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); @@ -301,6 +304,7 @@ sshkey_fuzz_tests(void) public_fuzz(k1); sshkey_free(k1); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA public"); @@ -358,6 +362,7 @@ sshkey_fuzz_tests(void) sshkey_free(k1); TEST_DONE(); +#ifdef WITH_DSA TEST_START("fuzz DSA sig"); buf = load_file("dsa_1"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); @@ -365,6 +370,7 @@ sshkey_fuzz_tests(void) sig_fuzz(k1, NULL); sshkey_free(k1); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA sig"); diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index cc359ae..c1cbb11 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.23 2023/01/04 22:48:57 tb Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.24 2024/01/11 01:45:58 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -180,14 +180,14 @@ get_private(const char *n) void sshkey_tests(void) { - struct sshkey *k1, *k2, *k3, *kf; + struct sshkey *k1 = NULL, *k2 = NULL, *k3 = NULL, *kf = NULL; #ifdef WITH_OPENSSL - struct sshkey *k4, *kr, *kd; + struct sshkey *k4 = NULL, *kr = NULL, *kd = NULL; #ifdef OPENSSL_HAS_ECC - struct sshkey *ke; + struct sshkey *ke = NULL; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ - struct sshbuf *b; + struct sshbuf *b = NULL; TEST_START("new invalid"); k1 = sshkey_new(-42); @@ -208,12 +208,14 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); +#ifdef WITH_DSA TEST_START("new/free KEY_DSA"); k1 = sshkey_new(KEY_DSA); ASSERT_PTR_NE(k1, NULL); ASSERT_PTR_NE(k1->dsa, NULL); sshkey_free(k1); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("new/free KEY_ECDSA"); @@ -245,12 +247,14 @@ sshkey_tests(void) ASSERT_PTR_EQ(k1, NULL); TEST_DONE(); +#ifdef WITH_DSA TEST_START("generate KEY_DSA wrong bits"); ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 2048, &k1), SSH_ERR_KEY_LENGTH); ASSERT_PTR_EQ(k1, NULL); sshkey_free(k1); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("generate KEY_ECDSA wrong bits"); @@ -273,6 +277,7 @@ sshkey_tests(void) ASSERT_INT_EQ(BN_num_bits(rsa_n(kr)), 1024); TEST_DONE(); +#ifdef WITH_DSA TEST_START("generate KEY_DSA"); ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0); ASSERT_PTR_NE(kd, NULL); @@ -280,6 +285,7 @@ sshkey_tests(void) ASSERT_PTR_NE(dsa_g(kd), NULL); ASSERT_PTR_NE(dsa_priv_key(kd), NULL); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("generate KEY_ECDSA"); @@ -317,6 +323,7 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); +#ifdef WITH_DSA TEST_START("demote KEY_DSA"); ASSERT_INT_EQ(sshkey_from_private(kd, &k1), 0); ASSERT_PTR_NE(k1, NULL); @@ -331,6 +338,7 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_equal(kd, k1), 1); sshkey_free(k1); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("demote KEY_ECDSA"); @@ -382,9 +390,6 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0); ASSERT_INT_EQ(sshkey_equal(kr, k1), 0); sshkey_free(k1); - ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k1), 0); - ASSERT_INT_EQ(sshkey_equal(kd, k1), 0); - sshkey_free(k1); #ifdef OPENSSL_HAS_ECC ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0); ASSERT_INT_EQ(sshkey_equal(ke, k1), 0); @@ -479,6 +484,7 @@ sshkey_tests(void) sshkey_free(k2); TEST_DONE(); +#ifdef WITH_DSA TEST_START("sign and verify DSA"); k1 = get_private("dsa_1"); ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2, @@ -487,6 +493,7 @@ sshkey_tests(void) sshkey_free(k1); sshkey_free(k2); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("sign and verify ECDSA"); diff --git a/regress/unittests/sshsig/tests.c b/regress/unittests/sshsig/tests.c index 13cfcfd..80966bd 100644 --- a/regress/unittests/sshsig/tests.c +++ b/regress/unittests/sshsig/tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tests.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */ +/* $OpenBSD: tests.c,v 1.4 2024/01/11 01:45:59 djm Exp $ */ /* * Regress test for sshbuf.h buffer API * @@ -103,9 +103,11 @@ tests(void) check_sig("rsa.pub", "rsa.sig", msg, namespace); TEST_DONE(); +#ifdef WITH_DSA TEST_START("check DSA signature"); check_sig("dsa.pub", "dsa.sig", msg, namespace); TEST_DONE(); +#endif #ifdef OPENSSL_HAS_ECC TEST_START("check ECDSA signature"); |