static void
sig_fuzz(struct sshkey *k, const char *sig_alg)
{
struct fuzz *fuzz;
u_char *sig, c[] = "some junk to be signed";
size_t l;
u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
if (test_is_fast())
fuzzers &= ~FUZZ_2_BYTE_FLIP;
if (test_is_slow())
fuzzers |= FUZZ_2_BIT_FLIP;
ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0);
ASSERT_SIZE_T_GT(l, 0);
fuzz = fuzz_begin(fuzzers, sig, l);
ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0), 0);
free(sig);
TEST_ONERROR(onerror, fuzz);
for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
/* Ensure 1-bit difference at least */
if (fuzz_matches_original(fuzz))
continue;
ASSERT_INT_NE(sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz),
c, sizeof(c), NULL, 0), 0);
}
fuzz_cleanup(fuzz);
}
static void
signature_test(struct sshkey *k, struct sshkey *bad, const u_char *d, size_t l)
{
size_t len;
u_char *sig;
ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, 0), 0);
ASSERT_SIZE_T_GT(len, 8);
ASSERT_PTR_NE(sig, NULL);
ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0);
ASSERT_INT_NE(sshkey_verify(bad, sig, len, d, l, 0), 0);
/* Fuzz test is more comprehensive, this is just a smoke test */
sig[len - 5] ^= 0x10;
ASSERT_INT_NE(sshkey_verify(k, sig, len, d, l, 0), 0);
free(sig);
}
static void
test_no_nul_byte(void)
{
struct sol_buffer buf;
int32_t backend;
int32_t value = 0xdeadbeef;
int err;
sol_buffer_init_flags(&buf, &backend, sizeof(backend),
SOL_BUFFER_FLAGS_MEMORY_NOT_OWNED | SOL_BUFFER_FLAGS_NO_NUL_BYTE);
err = sol_buffer_ensure(&buf, sizeof(int32_t));
ASSERT_INT_EQ(err, 0);
err = sol_buffer_append_slice(&buf, SOL_STR_SLICE_STR((const char *)&value, sizeof(value)));
ASSERT_INT_EQ(err, 0);
err = sol_buffer_append_slice(&buf, SOL_STR_SLICE_STR((const char *)&value, sizeof(value)));
ASSERT_INT_NE(err, 0);
sol_buffer_fini(&buf);
sol_buffer_init_flags(&buf, NULL, 0, SOL_BUFFER_FLAGS_NO_NUL_BYTE);
err = sol_buffer_append_printf(&buf, "123");
ASSERT_INT_EQ(err, 0);
err = sol_buffer_append_printf(&buf, "4");
ASSERT_INT_EQ(err, 0);
ASSERT(sol_str_slice_eq(sol_buffer_get_slice(&buf),
SOL_STR_SLICE_STR("1234", 4)));
sol_buffer_fini(&buf);
}
BIGNUM *
load_bignum(const char *name)
{
BIGNUM *ret = NULL;
struct sshbuf *buf;
buf = load_text_file(name);
ASSERT_INT_NE(BN_hex2bn(&ret, (const char *)sshbuf_ptr(buf)), 0);
sshbuf_free(buf);
return ret;
}
struct sshbuf *
load_file(const char *name)
{
int fd;
struct sshbuf *ret;
ASSERT_PTR_NE(ret = sshbuf_new(), NULL);
ASSERT_INT_NE(fd = open(test_data_file(name), O_RDONLY), -1);
ASSERT_INT_EQ(sshkey_load_file(fd, name, ret), 0);
close(fd);
return ret;
}
static void
test_insert_from_base16(void)
{
struct sol_buffer buf;
struct sol_str_slice slice;
const char to_decode[] = "546573742001090a0f2048656c6c6f";
int err;
#define B16_DECODED "Test \x01\x09\x0a\x0f Hello"
sol_buffer_init(&buf);
slice = sol_str_slice_from_str("World");
err = sol_buffer_insert_slice(&buf, 0, slice);
ASSERT_INT_EQ(err, 0);
ASSERT_INT_EQ(buf.used, strlen("World"));
ASSERT_STR_EQ(buf.data, "World");
slice = sol_str_slice_from_str("Hello");
err = sol_buffer_insert_slice(&buf, 0, slice);
ASSERT_INT_EQ(err, 0);
ASSERT_INT_EQ(buf.used, strlen("HelloWorld"));
ASSERT_STR_EQ(buf.data, "HelloWorld");
slice = sol_str_slice_from_str(to_decode);
err = sol_buffer_insert_from_base16(&buf, strlen("Hello"), slice,
SOL_DECODE_LOWERCASE);
ASSERT_INT_EQ(err, 0);
ASSERT_INT_EQ(buf.used, strlen("Hello" B16_DECODED "World"));
ASSERT_STR_EQ(buf.data, "Hello" B16_DECODED "World");
slice = sol_str_slice_from_str("12x"); /* broken base16 */
err = sol_buffer_insert_from_base16(&buf, strlen("Hello"), slice,
SOL_DECODE_LOWERCASE);
ASSERT_INT_NE(err, 0);
ASSERT_INT_EQ(buf.used, strlen("Hello" B16_DECODED "World"));
ASSERT_STR_EQ(buf.data, "Hello" B16_DECODED "World");
sol_buffer_fini(&buf);
#undef B16_DECODED
}
static void
test_insert_from_base64(void)
{
struct sol_buffer buf;
struct sol_str_slice slice;
const char to_decode[] = "VGhpcyBpcyBhIG1lc3NhZ2UgdGhhdCBpcyBtdWx0aXBsZSBvZiAzIGNoYXJz";
int err;
#define B64_DECODED "This is a message that is multiple of 3 chars"
sol_buffer_init(&buf);
slice = sol_str_slice_from_str("World");
err = sol_buffer_insert_slice(&buf, 0, slice);
ASSERT_INT_EQ(err, 0);
ASSERT_INT_EQ(buf.used, strlen("World"));
ASSERT_STR_EQ(buf.data, "World");
slice = sol_str_slice_from_str("Hello");
err = sol_buffer_insert_slice(&buf, 0, slice);
ASSERT_INT_EQ(err, 0);
ASSERT_INT_EQ(buf.used, strlen("HelloWorld"));
ASSERT_STR_EQ(buf.data, "HelloWorld");
slice = sol_str_slice_from_str(to_decode);
err = sol_buffer_insert_from_base64(&buf, strlen("Hello"), slice, SOL_BASE64_MAP);
ASSERT_INT_EQ(err, 0);
ASSERT_INT_EQ(buf.used, strlen("Hello" B64_DECODED "World"));
ASSERT_STR_EQ(buf.data, "Hello" B64_DECODED "World");
slice = sol_str_slice_from_str("VGhpcy--"); /* broken base64 */
err = sol_buffer_insert_from_base64(&buf, strlen("Hello"), slice, SOL_BASE64_MAP);
ASSERT_INT_NE(err, 0);
ASSERT_INT_EQ(buf.used, strlen("Hello" B64_DECODED "World"));
ASSERT_STR_EQ(buf.data, "Hello" B64_DECODED "World");
sol_buffer_fini(&buf);
#undef B64_DECODED
}
void
sshbuf_misc_tests(void)
{
struct sshbuf *p1;
char tmp[512], *p;
FILE *out;
size_t sz;
TEST_START("sshbuf_dump");
out = tmpfile();
ASSERT_PTR_NE(out, NULL);
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_put_u32(p1, 0x12345678), 0);
sshbuf_dump(p1, out);
fflush(out);
rewind(out);
sz = fread(tmp, 1, sizeof(tmp), out);
ASSERT_INT_EQ(ferror(out), 0);
ASSERT_INT_NE(feof(out), 0);
ASSERT_SIZE_T_GT(sz, 0);
tmp[sz] = '\0';
ASSERT_PTR_NE(strstr(tmp, "12 34 56 78"), NULL);
fclose(out);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_dtob16");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_put_u32(p1, 0x12345678), 0);
p = sshbuf_dtob16(p1);
ASSERT_PTR_NE(p, NULL);
ASSERT_STRING_EQ(p, "12345678");
free(p);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_dtob64 len 1");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x11), 0);
p = sshbuf_dtob64(p1);
ASSERT_PTR_NE(p, NULL);
ASSERT_STRING_EQ(p, "EQ==");
free(p);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_dtob64 len 2");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x11), 0);
ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x22), 0);
p = sshbuf_dtob64(p1);
ASSERT_PTR_NE(p, NULL);
ASSERT_STRING_EQ(p, "ESI=");
free(p);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_dtob64 len 3");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x11), 0);
ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x22), 0);
ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x33), 0);
p = sshbuf_dtob64(p1);
ASSERT_PTR_NE(p, NULL);
ASSERT_STRING_EQ(p, "ESIz");
free(p);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_dtob64 len 8191");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_reserve(p1, 8192, NULL), 0);
bzero(sshbuf_mutable_ptr(p1), 8192);
p = sshbuf_dtob64(p1);
ASSERT_PTR_NE(p, NULL);
ASSERT_SIZE_T_EQ(strlen(p), ((8191 + 2) / 3) * 4);
free(p);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_b64tod len 1");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_b64tod(p1, "0A=="), 0);
ASSERT_SIZE_T_EQ(sshbuf_len(p1), 1);
ASSERT_U8_EQ(*sshbuf_ptr(p1), 0xd0);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_b64tod len 2");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_b64tod(p1, "0A8="), 0);
ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), 0xd00f);
sshbuf_free(p1);
TEST_DONE();
TEST_START("sshbuf_b64tod len 4");
p1 = sshbuf_new();
ASSERT_PTR_NE(p1, NULL);
ASSERT_INT_EQ(sshbuf_b64tod(p1, "0A/QDw=="), 0);
ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4);
ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), 0xd00fd00f);
sshbuf_free(p1);
TEST_DONE();
}
