static void torture_pki_import_privkey_base64_ECDSA(void **state) { int rc; char *key_str; ssh_key key; const char *passphrase = LIBSSH_PASSPHRASE; (void) state; /* unused */ key_str = read_file(LIBSSH_ECDSA_TESTKEY); assert_true(key_str != NULL); rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); free(key_str); ssh_key_free(key); }
static void torture_pki_import_privkey_base64_NULL_str(void **state) { int rc; char *key_str; ssh_key key = NULL; const char *passphrase = LIBSSH_PASSPHRASE; (void) state; /* unused */ key_str = read_file(LIBSSH_RSA_TESTKEY); assert_true(key_str != NULL); /* test if it returns -1 if key_str is NULL */ rc = ssh_pki_import_privkey_base64(NULL, passphrase, NULL, NULL, &key); assert_true(rc == -1); free(key_str); ssh_key_free(key); }
static void torture_pki_import_privkey_base64_passphrase(void **state) { int rc; char *key_str; ssh_key key = NULL; const char *passphrase = LIBSSH_PASSPHRASE; (void) state; /* unused */ key_str = read_file(LIBSSH_RSA_TESTKEY); assert_true(key_str != NULL); rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); ssh_key_free(key); /* test if it returns -1 if passphrase is wrong */ rc = ssh_pki_import_privkey_base64(key_str, "wrong passphrase !!", NULL, NULL, &key); assert_true(rc == -1); #ifndef HAVE_LIBCRYPTO /* test if it returns -1 if passphrase is NULL */ /* libcrypto asks for a passphrase, so skip this test */ rc = ssh_pki_import_privkey_base64(key_str, NULL, NULL, NULL, &key); assert_true(rc == -1); #endif free(key_str); /* same for DSA */ key_str = read_file(LIBSSH_DSA_TESTKEY); assert_true(key_str != NULL); rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); ssh_key_free(key); /* test if it returns -1 if passphrase is wrong */ rc = ssh_pki_import_privkey_base64(key_str, "wrong passphrase !!", NULL, NULL, &key); assert_true(rc == -1); #ifndef HAVE_LIBCRYPTO /* test if it returns -1 if passphrase is NULL */ /* libcrypto asks for a passphrase, so skip this test */ rc = ssh_pki_import_privkey_base64(key_str, NULL, NULL, NULL, &key); assert_true(rc == -1); #endif free(key_str); }
static void torture_pki_publickey_from_privatekey_ECDSA(void **state) { int rc; char *key_str; ssh_key key; ssh_key pubkey; const char *passphrase = NULL; (void) state; /* unused */ key_str = read_file(LIBSSH_ECDSA_TESTKEY); assert_true(key_str != NULL); rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey); assert_true(rc == SSH_OK); free(key_str); ssh_key_free(key); ssh_key_free(pubkey); }
static void torture_pki_import_privkey_base64_RSA(void **state) { int rc; char *key_str; ssh_key key; const char *passphrase = LIBSSH_PASSPHRASE; enum ssh_keytypes_e type; (void) state; /* unused */ key_str = read_file(LIBSSH_RSA_TESTKEY); assert_true(key_str != NULL); rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); type = ssh_key_type(key); assert_true(type == SSH_KEYTYPE_RSA); rc = ssh_key_is_public(key); assert_true(rc == 1); free(key_str); ssh_key_free(key); }
/** * @brief Import a key from a file. * * @param[in] filename The filename of the the private key. * * @param[in] passphrase The passphrase to decrypt the private key. Set to NULL * if none is needed or it is unknown. * * @param[in] auth_fn An auth function you may want to use or NULL. * * @param[in] auth_data Private data passed to the auth function. * * @param[out] pkey A pointer to store the allocated ssh_key. You need to * free the key. * * @returns SSH_OK on success, SSH_EOF if the file doesn't exist or permission * denied, SSH_ERROR otherwise. * * @see ssh_key_free() **/ int ssh_pki_import_privkey_file(const char *filename, const char *passphrase, ssh_auth_callback auth_fn, void *auth_data, ssh_key *pkey) { struct stat sb; char *key_buf; FILE *file; off_t size; int rc; if (pkey == NULL || filename == NULL || *filename == '\0') { return SSH_ERROR; } file = fopen(filename, "rb"); if (file == NULL) { SSH_LOG(SSH_LOG_WARN, "Error opening %s: %s", filename, strerror(errno)); return SSH_EOF; } rc = fstat(fileno(file), &sb); if (rc < 0) { fclose(file); SSH_LOG(SSH_LOG_WARN, "Error getting stat of %s: %s", filename, strerror(errno)); switch (errno) { case ENOENT: case EACCES: return SSH_EOF; } return SSH_ERROR; } if (sb.st_size > MAX_PRIVKEY_SIZE) { SSH_LOG(SSH_LOG_WARN, "Private key is bigger than 4M."); fclose(file); return SSH_ERROR; } key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { fclose(file); SSH_LOG(SSH_LOG_WARN, "Out of memory!"); return SSH_ERROR; } size = fread(key_buf, 1, sb.st_size, file); fclose(file); if (size != sb.st_size) { SAFE_FREE(key_buf); SSH_LOG(SSH_LOG_WARN, "Error reading %s: %s", filename, strerror(errno)); return SSH_ERROR; } key_buf[size] = 0; rc = ssh_pki_import_privkey_base64(key_buf, passphrase, auth_fn, auth_data, pkey); SAFE_FREE(key_buf); return rc; }