Skip to content

Commit

Permalink
PR Review
Browse files Browse the repository at this point in the history
1. Add test keys.
2. Add API test for wolfSSH_ReadKey_file().
3. Fix allocation issue found using the API test.
4. Add a header that configure updates with the location of the keys
   directory for the tests.
  • Loading branch information
ejohnstown committed Nov 6, 2023
1 parent ea3df23 commit 5b43981
Show file tree
Hide file tree
Showing 10 changed files with 204 additions and 2 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ stamp-h*
build-aux/
wolfssh-config
aminclude.am
tests/keys.h

# vim
*.swp
Expand Down
2 changes: 1 addition & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -324,7 +324,7 @@ AC_SUBST([AM_CFLAGS])
AC_SUBST([AM_LDFLAGS])

# FINAL
AC_CONFIG_FILES([Makefile wolfssh/version.h])
AC_CONFIG_FILES([Makefile wolfssh/version.h tests/keys.h])

AX_CREATE_GENERIC_CONFIG

Expand Down
9 changes: 9 additions & 0 deletions keys/id_ecdsa
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQTAqdBgCp8bYSq2kQQ48/Ud8Iy6Mjnb
/fpB3LfSE/1kx9VaaE4FL3i9Gg2vDV0eLGM3PWksFNPhULxtcYJyjaBjAAAAqJAeleSQHp
XkAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMCp0GAKnxthKraR
BDjz9R3wjLoyOdv9+kHct9IT/WTH1VpoTgUveL0aDa8NXR4sYzc9aSwU0+FQvG1xgnKNoG
MAAAAgPrOgktioNqad/wHNC/rt/zVrpNqDnOwg9tNDFMOTwo8AAAANYm9iQGxvY2FsaG9z
dAECAw==
-----END OPENSSH PRIVATE KEY-----
1 change: 1 addition & 0 deletions keys/id_ecdsa.pub
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMCp0GAKnxthKraRBDjz9R3wjLoyOdv9+kHct9IT/WTH1VpoTgUveL0aDa8NXR4sYzc9aSwU0+FQvG1xgnKNoGM= bob@localhost
27 changes: 27 additions & 0 deletions keys/id_rsa
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAQEAy2cigZDlpBT+X2MJHAoHnfeFf6+LHm6BDkAT8V9ejHA4dY0Aepb6
NbV6u/oYZlueKPeAZ3GNztR9szoL6FSlMvkd9oqvfoxjTGu71T0981ybJelqqGATGtevHU
6Jko/I0+lgSQFKWQJ7D3Dj2zlZpIXB2Q7xl/i9kFZgaIqFhUHdWO9JMOwCFwoDrhd8v5xk
y1v3OIIZDxiYxVIKbf2J07WbwiSFAxXfiX8TjUBDLFmtqt1AF6LjAyGyaRICXkaGJQ/QJ9
sX85h9bkiPlGNAtQGQtNUg3tC9GqOkZ9tCKY1Efh/r0zosOA7ufxg6ymLpq1C4LU/4ENGH
kuRPAKvu8wAAA8gztJfmM7SX5gAAAAdzc2gtcnNhAAABAQDLZyKBkOWkFP5fYwkcCged94
V/r4seboEOQBPxX16McDh1jQB6lvo1tXq7+hhmW54o94BncY3O1H2zOgvoVKUy+R32iq9+
jGNMa7vVPT3zXJsl6WqoYBMa168dTomSj8jT6WBJAUpZAnsPcOPbOVmkhcHZDvGX+L2QVm
BoioWFQd1Y70kw7AIXCgOuF3y/nGTLW/c4ghkPGJjFUgpt/YnTtZvCJIUDFd+JfxONQEMs
Wa2q3UAXouMDIbJpEgJeRoYlD9An2xfzmH1uSI+UY0C1AZC01SDe0L0ao6Rn20IpjUR+H+
vTOiw4Du5/GDrKYumrULgtT/gQ0YeS5E8Aq+7zAAAAAwEAAQAAAQEAvbdBiQXkGyn1pHST
/5IfTqia3OCX6td5ChicQUsJvgXBs2rDopQFZmkRxBjd/0K+/0jyfAl/EgZCBBRFHPsuZp
/S4ayzSV6aE6J8vMT1bnLWxwKyl7+csjGwRK6HRKtVzsnjI9TPSrw0mc9ax5PzV6/mgZUd
o/i+nszh+UASj5mYrBGqMiINspzX6YC+qoUHor3rEJOd9p1aO+N5+1fDKiDnlkM5IO0Qsz
GktuwL0fzv9zBnGfnWVJz3CorfP1OW5KCtrDn7BnkQf1eBeVLzq/uoglUjS4DNnVfLA67D
O4ZfwtnoW8Gr2R+KdvnypvHnDeY5X51r5PDgL4+7z47pWQAAAIBNFcAzHHE19ISGN8YRHk
23/r/3zfvzHU68GSKR1Xj/Y4LSdRTpSm3wBrdQ17f5B4V7RVl2CJvoPekTggnBDQlLJ7fU
NU93/nZrY9teYdrNh03buL54VVb5tUM+KN+27zERlTj0/LmYJupN97sZXmlgKsvLbcsnM2
i7HuQQaFnsIQAAAIEA5wqFVatT9yovt8pS7rAyYUL/cqc50TZ/5Nwfy5uasRyf1BphHwEW
LEimBemVc+VrNwAkt6MFWuloK5ssqb1ubvtRI8Mntd15rRfZtq/foS3J8FJxueXLDWlECy
PmVyfVN1Vv4ZeirBy9BTYLiSuxMes+HYks3HucQhxIN1j8SA0AAACBAOFgRjfWXv1/93Jp
6CCJ5c98MWP+zu1FbLIlklxPb85osZqlazXHNPPEtblC4z+OqRGMCsv2683anU4ZzcTFIk
JS3lzeJ3tdAH4osQ5etKkV4mcdCmeRpjudB9VbaziVhPX02qkPWpM0ckPrgB3hVNUDPz89
GtJd3mlhyY5IfFL/AAAADWJvYkBsb2NhbGhvc3QBAgMEBQ==
-----END OPENSSH PRIVATE KEY-----
1 change: 1 addition & 0 deletions keys/id_rsa.pub
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLZyKBkOWkFP5fYwkcCged94V/r4seboEOQBPxX16McDh1jQB6lvo1tXq7+hhmW54o94BncY3O1H2zOgvoVKUy+R32iq9+jGNMa7vVPT3zXJsl6WqoYBMa168dTomSj8jT6WBJAUpZAnsPcOPbOVmkhcHZDvGX+L2QVmBoioWFQd1Y70kw7AIXCgOuF3y/nGTLW/c4ghkPGJjFUgpt/YnTtZvCJIUDFd+JfxONQEMsWa2q3UAXouMDIbJpEgJeRoYlD9An2xfzmH1uSI+UY0C1AZC01SDe0L0ao6Rn20IpjUR+H+vTOiw4Du5/GDrKYumrULgtT/gQ0YeS5E8Aq+7z bob@localhost
1 change: 1 addition & 0 deletions keys/include.am
Original file line number Diff line number Diff line change
Expand Up @@ -22,5 +22,6 @@ EXTRA_DIST+= \
keys/server-cert.der keys/server-cert.pem \
keys/fred-cert.der keys/fred-cert.pem \
keys/server-key.pem keys/fred-key.der keys/fred-key.pem \
keys/id_ecdsa keys/id_ecdsa.pub keys/id_rsa keys/id_rsa.pub \
keys/renewcerts.sh keys/renewcerts.cnf

2 changes: 1 addition & 1 deletion src/ssh.c
Original file line number Diff line number Diff line change
Expand Up @@ -1523,7 +1523,7 @@ static int DoSshPubKey(const byte* in, word32 inSz, byte** out,
* function */
newKeySz = ((word32)WSTRLEN(key) * 3 + 3) / 4;
if (*out == NULL) {
newKey = (byte*)WMALLOC(*outSz, heap, DYNTYPE_PRIVKEY);
newKey = (byte*)WMALLOC(newKeySz, heap, DYNTYPE_PRIVKEY);
if (newKey == NULL) {
ret = WS_MEMORY_E;
}
Expand Down
131 changes: 131 additions & 0 deletions tests/api.c
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@

#ifdef HAVE_CONFIG_H
#include <config.h>
#include "tests/keys.h"
#endif

#ifdef WOLFSSL_USER_SETTINGS
Expand Down Expand Up @@ -586,6 +587,135 @@ static void test_wolfSSH_CertMan(void)
}


#ifndef WOLFSSH_KEYS_PATH
#define WOLFSSH_KEYS_PATH "./keys/"
#endif
#define KEY_BUF_SZ 2048

static void test_wolfSSH_ReadKey(void)
{
byte *key, *keyCheck;
const byte* keyType;
word32 keySz, keyTypeSz;
int ret;
byte isPrivate;

/* OpenSSH Format, ssh-rsa, private, need alloc */
key = NULL;
keySz = 0;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "id_rsa",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertNotNull(key);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ssh-rsa");
AssertIntEQ(keyTypeSz, WSTRLEN("ssh-rsa"));
AssertTrue(isPrivate);
WFREE(key, NULL, DYNTYPE_FILE);

/* SSL PEM Format, ssh-rsa, private, need alloc */
key = NULL;
keySz = 0;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "hansel-key-rsa.pem",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertNotNull(key);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ssh-rsa");
AssertIntEQ(keyTypeSz, WSTRLEN("ssh-rsa"));
AssertTrue(isPrivate);
WFREE(key, NULL, DYNTYPE_FILE);

/* OpenSSH Format, ssh-rsa, public, need alloc */
key = NULL;
keySz = 0;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "id_rsa.pub",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertNotNull(key);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ssh-rsa");
AssertIntEQ(keyTypeSz, WSTRLEN("ssh-rsa"));
AssertFalse(isPrivate);
WFREE(key, NULL, DYNTYPE_FILE);

/* OpenSSH Format, ecdsa-sha2-nistp256, private, need alloc */
key = NULL;
keySz = 0;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "id_ecdsa",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertNotNull(key);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ecdsa-sha2-nistp256");
AssertIntEQ(keyTypeSz, WSTRLEN("ecdsa-sha2-nistp256"));
AssertTrue(isPrivate);
WFREE(key, NULL, DYNTYPE_FILE);

/* SSL DER Format, ecdsa-sha2-nistp256, private, need alloc */
key = NULL;
keySz = 0;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "hansel-key-ecc.der",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertNotNull(key);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ecdsa-sha2-nistp256");
AssertIntEQ(keyTypeSz, WSTRLEN("ecdsa-sha2-nistp256"));
AssertTrue(isPrivate);
WFREE(key, NULL, DYNTYPE_FILE);

/* OpenSSH Format, ecdsa-sha2-nistp256, public, need alloc */
key = NULL;
keySz = 0;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "id_ecdsa.pub",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertNotNull(key);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ecdsa-sha2-nistp256");
AssertIntEQ(keyTypeSz, WSTRLEN("ecdsa-sha2-nistp256"));
AssertFalse(isPrivate);
WFREE(key, NULL, DYNTYPE_FILE);

/* OpenSSH Format, ssh-rsa, private, no alloc */
keyCheck = (byte*)WMALLOC(KEY_BUF_SZ, NULL, DYNTYPE_FILE);
AssertNotNull(keyCheck);
key = keyCheck;
keySz = KEY_BUF_SZ;
keyType = NULL;
keyTypeSz = 0;
isPrivate = 0;
ret = wolfSSH_ReadKey_file(WOLFSSH_KEYS_PATH "id_rsa",
&key, &keySz, &keyType, &keyTypeSz, &isPrivate, NULL);
AssertIntEQ(ret, WS_SUCCESS);
AssertPtrEq(key, keyCheck);
AssertIntGT(keySz, 0);
AssertStrEQ(keyType, "ssh-rsa");
AssertIntEQ(keyTypeSz, WSTRLEN("ssh-rsa"));
AssertTrue(isPrivate);
WFREE(keyCheck, NULL, DYNTYPE_FILE);
}


#ifdef WOLFSSH_SCP

static int my_ScpRecv(WOLFSSH* ssh, int state, const char* basePath,
Expand Down Expand Up @@ -1100,6 +1230,7 @@ int wolfSSH_ApiTest(int argc, char** argv)
test_wolfSSH_CTX_UsePrivateKey_buffer();
test_wolfSSH_CTX_UseCert_buffer();
test_wolfSSH_CertMan();
test_wolfSSH_ReadKey();

/* SCP tests */
test_wolfSSH_SCP_CB();
Expand Down
31 changes: 31 additions & 0 deletions tests/keys.h.in
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
/* keys.h.in
*
* Copyright (C) 2014-2023 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
* wolfSSH is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSH is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
*/

/*
* The keys header provides the path to the source's keys directory so
* that VPATH builds will work.
*/

#ifndef WOLFSSH_TESTS_KEYS_H
#define WOLFSSH_TESTS_KEYS_H

#define WOLFSSH_KEYS_PATH "@abs_top_srcdir@/keys/"

#endif /* WOLFSSH_TESTS_KEYS_H */

0 comments on commit 5b43981

Please sign in to comment.