sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-05-14 16:21:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ports/security/libssh2/files/patch-tests_test__hostkey__hash.c
Jung-uk Kim 0b987dd74d Add support for ECDSA key exchange and SHA256 MAC. 
Note these patches were cherry-piecked from the following upstream commits:

https://github.com/libssh2/libssh2/commit/bbc43cb
https://github.com/libssh2/libssh2/commit/aba34f5
https://github.com/libssh2/libssh2/commit/62b825c

Submitted by:	Andrew Heybey <ath@heybey.org>
Reviewed by:	sbz (maintainer)
2019-01-31 00:08:46 +00:00

173 lines
6.5 KiB
C
Raw Blame History

--- tests/test_hostkey_hash.c.orig 2016-08-20 15:37:25 UTC
+++ tests/test_hostkey_hash.c
@@ -5,7 +5,7 @@
#include <stdio.h>
-const char *EXPECTED_HOSTKEY =
+const char *EXPECTED_RSA_HOSTKEY =
"AAAAB3NzaC1yc2EAAAABIwAAAQEArrr/JuJmaZligyfS8vcNur+mWR2ddDQtVdhHzdKU"
"UoR6/Om6cvxpe61H1YZO1xCpLUBXmkki4HoNtYOpPB2W4V+8U4BDeVBD5crypEOE1+7B"
"Am99fnEDxYIOZq2/jTP0yQmzCpWYS3COyFmkOL7sfX1wQMeW5zQT2WKcxC6FSWbhDqrB"
@@ -13,13 +13,27 @@ const char *EXPECTED_HOSTKEY =
"i6ELfP3r+q6wdu0P4jWaoo3De1aYxnToV/ldXykpipON4NPamsb6Ph2qlJQKypq7J4iQ"
"gkIIbCU1A31+4ExvcIVoxLQw/aTSbw==";
-const char *EXPECTED_MD5_HASH_DIGEST = "0C0ED1A5BB10275F76924CE187CE5C5E";
+const char *EXPECTED_ECDSA_HOSTKEY =
+ "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC+/syyeKJD9dC2ZH"
+ "9Q7iJGReR4YM3rUCMsSynkyXojdfSClGCMY7JvWlt30ESjYvxoTfSRGx6WvaqYK/vPoYQ4=";
-const char *EXPECTED_SHA1_HASH_DIGEST =
+const char *EXPECTED_RSA_MD5_HASH_DIGEST = "0C0ED1A5BB10275F76924CE187CE5C5E";
+
+const char *EXPECTED_RSA_SHA1_HASH_DIGEST =
"F3CD59E2913F4422B80F7B0A82B2B89EAE449387";
+const char *EXPECTED_RSA_SHA256_HASH_DIGEST = "92E3DA49DF3C7F99A828F505ED8239397A5D1F62914459760F878F7510F563A3";
+
+const char *EXPECTED_ECDSA_MD5_HASH_DIGEST = "0402E4D897580BBC911379CBD88BCD3D";
+
+const char *EXPECTED_ECDSA_SHA1_HASH_DIGEST =
+ "12FDAD1E3B31B10BABB00F2A8D1B9A62C326BD2F";
+
+const char *EXPECTED_ECDSA_SHA256_HASH_DIGEST = "56FCD975B166C3F0342D0036E44C311A86C0EAE40713B53FC776369BAE7F5264";
+
const int MD5_HASH_SIZE = 16;
const int SHA1_HASH_SIZE = 20;
+const int SHA256_HASH_SIZE = 32;
static void calculate_digest(const char *hash, size_t hash_len, char *buffer,
size_t buffer_len)
@@ -39,34 +53,111 @@ int test(LIBSSH2_SESSION *session)
const char *md5_hash;
const char *sha1_hash;
+ const char *sha256_hash;
+ int type;
+ size_t len;
- md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
- if (md5_hash == NULL) {
- print_last_session_error(
- "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_MD5)");
+ const char *hostkey = libssh2_session_hostkey(session, &len, &type);
+ if (hostkey == NULL) {
+ print_last_session_error("libssh2_session_hostkey");
return 1;
}
- calculate_digest(md5_hash, MD5_HASH_SIZE, buf, BUFSIZ);
+ if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
- if (strcmp(buf, EXPECTED_MD5_HASH_DIGEST) != 0) {
- fprintf(stderr, "MD5 hash not as expected - digest %s != %s\n", buf,
- EXPECTED_MD5_HASH_DIGEST);
- return 1;
- }
+ md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+ if (md5_hash == NULL) {
+ print_last_session_error(
+ "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_MD5)");
+ return 1;
+ }
- sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
- if (sha1_hash == NULL) {
- print_last_session_error(
- "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA1)");
- return 1;
- }
+ calculate_digest(md5_hash, MD5_HASH_SIZE, buf, BUFSIZ);
- calculate_digest(sha1_hash, SHA1_HASH_SIZE, buf, BUFSIZ);
+ if (strcmp(buf, EXPECTED_ECDSA_MD5_HASH_DIGEST) != 0) {
+ fprintf(stderr, "ECDSA MD5 hash not as expected - digest %s != %s\n", buf,
+ EXPECTED_ECDSA_MD5_HASH_DIGEST);
+ return 1;
+ }
- if (strcmp(buf, EXPECTED_SHA1_HASH_DIGEST) != 0) {
- fprintf(stderr, "SHA1 hash not as expected - digest %s != %s\n", buf,
- EXPECTED_SHA1_HASH_DIGEST);
+ sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
+ if (sha1_hash == NULL) {
+ print_last_session_error(
+ "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA1)");
+ return 1;
+ }
+
+ calculate_digest(sha1_hash, SHA1_HASH_SIZE, buf, BUFSIZ);
+
+ if (strcmp(buf, EXPECTED_ECDSA_SHA1_HASH_DIGEST) != 0) {
+ fprintf(stderr, "ECDSA SHA1 hash not as expected - digest %s != %s\n", buf,
+ EXPECTED_ECDSA_SHA1_HASH_DIGEST);
+ return 1;
+ }
+
+ sha256_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA256);
+ if (sha256_hash == NULL) {
+ print_last_session_error(
+ "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA256)");
+ return 1;
+ }
+
+ calculate_digest(sha256_hash, SHA256_HASH_SIZE, buf, BUFSIZ);
+
+ if (strcmp(buf, EXPECTED_ECDSA_SHA256_HASH_DIGEST) != 0) {
+ fprintf(stderr, "ECDSA SHA256 hash not as expected - digest %s != %s\n", buf,
+ EXPECTED_ECDSA_SHA256_HASH_DIGEST);
+ return 1;
+ }
+
+ } else if ( type == LIBSSH2_HOSTKEY_TYPE_RSA ) {
+
+ md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+ if (md5_hash == NULL) {
+ print_last_session_error(
+ "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_MD5)");
+ return 1;
+ }
+
+ calculate_digest(md5_hash, MD5_HASH_SIZE, buf, BUFSIZ);
+
+ if (strcmp(buf, EXPECTED_RSA_MD5_HASH_DIGEST) != 0) {
+ fprintf(stderr, "MD5 hash not as expected - digest %s != %s\n", buf,
+ EXPECTED_RSA_MD5_HASH_DIGEST);
+ return 1;
+ }
+
+ sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
+ if (sha1_hash == NULL) {
+ print_last_session_error(
+ "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA1)");
+ return 1;
+ }
+
+ calculate_digest(sha1_hash, SHA1_HASH_SIZE, buf, BUFSIZ);
+
+ if (strcmp(buf, EXPECTED_RSA_SHA1_HASH_DIGEST) != 0) {
+ fprintf(stderr, "SHA1 hash not as expected - digest %s != %s\n", buf,
+ EXPECTED_RSA_SHA1_HASH_DIGEST);
+ return 1;
+ }
+
+ sha256_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA256);
+ if (sha256_hash == NULL) {
+ print_last_session_error(
+ "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA256)");
+ return 1;
+ }
+
+ calculate_digest(sha256_hash, SHA256_HASH_SIZE, buf, BUFSIZ);
+
+ if (strcmp(buf, EXPECTED_RSA_SHA256_HASH_DIGEST) != 0) {
+ fprintf(stderr, "SHA256 hash not as expected - digest %s != %s\n", buf,
+ EXPECTED_RSA_SHA256_HASH_DIGEST);
+ return 1;
+ }
+ } else {
+ fprintf(stderr, "Unexpected type of hostkey: %i\n", type);
return 1;
}
Reference in a new issue View git blame Copy permalink