diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2015-02-25 15:32:49 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2015-02-25 15:32:49 +1100 |
| commit | 5d5ec165c5b614b03678afdad881f10e25832e46 (patch) | |
| tree | 35805270fc194b91f98a04ed2efb481f8a245516 | |
| parent | 1734e276d99b17e92d4233fac7aef3a3180aaca7 (diff) | |
Restrict ECDSA and ECDH tests.
ifdef out some more ECDSA and ECDH tests when built against an OpenSSL
that does not have eliptic curve functionality.
| -rw-r--r-- | regress/unittests/hostkeys/test_iterate.c | 12 | ||||
| -rw-r--r-- | regress/unittests/kex/test_kex.c | 6 | ||||
| -rw-r--r-- | regress/unittests/sshkey/test_sshkey.c | 6 |
3 files changed, 24 insertions, 0 deletions
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c index 526e1c06..68a70610 100644 --- a/regress/unittests/hostkeys/test_iterate.c +++ b/regress/unittests/hostkeys/test_iterate.c @@ -165,6 +165,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "DSA #1", } }, +#ifdef OPENSSL_HAS_ECC { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, 3, @@ -178,6 +179,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ECDSA #1", } }, +#endif { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, { NULL, 4, @@ -256,6 +258,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "DSA #2", } }, +#ifdef OPENSSL_HAS_ECC { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, 10, @@ -269,6 +272,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ECDSA #2", } }, +#endif { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, 11, @@ -347,6 +351,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "DSA #3", } }, +#ifdef OPENSSL_HAS_ECC { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, 17, @@ -360,6 +365,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ECDSA #3", } }, +#endif { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, { NULL, 18, @@ -438,6 +444,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "DSA #5", } }, +#ifdef OPENSSL_HAS_ECC { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { NULL, 24, @@ -451,6 +458,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ECDSA #5", } }, +#endif { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, { NULL, 25, @@ -547,6 +555,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "DSA #6", } }, +#ifdef OPENSSL_HAS_ECC { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { NULL, 32, @@ -586,6 +595,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ECDSA #6", } }, +#endif { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, { NULL, 35, @@ -768,6 +778,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ED25519 #4", } }, +#ifdef OPENSSL_HAS_ECC { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, { NULL, 49, @@ -781,6 +792,7 @@ struct expected expected_full[] = { NULL, /* filled at runtime */ "ECDSA #4", } }, +#endif { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, { NULL, 50, diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index d5edf7ed..c61e2bdb 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -145,7 +145,9 @@ do_kex_with_key(char *kex, int keytype, int bits) server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; +#ifdef OPENSSL_HAS_ECC server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; +#endif server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server; server2->kex->load_host_public_key = server->kex->load_host_public_key; server2->kex->load_host_private_key = server->kex->load_host_private_key; @@ -173,7 +175,9 @@ do_kex(char *kex) { do_kex_with_key(kex, KEY_RSA, 2048); do_kex_with_key(kex, KEY_DSA, 1024); +#ifdef OPENSSL_HAS_ECC do_kex_with_key(kex, KEY_ECDSA, 256); +#endif do_kex_with_key(kex, KEY_ED25519, 256); } @@ -181,9 +185,11 @@ void kex_tests(void) { do_kex("curve25519-sha256@libssh.org"); +#ifdef OPENSSL_HAS_ECC do_kex("ecdh-sha2-nistp256"); do_kex("ecdh-sha2-nistp384"); do_kex("ecdh-sha2-nistp521"); +#endif do_kex("diffie-hellman-group-exchange-sha256"); do_kex("diffie-hellman-group-exchange-sha1"); do_kex("diffie-hellman-group14-sha1"); diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 3e4e39b6..b233a254 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -217,12 +217,14 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); +#ifdef OPENSSL_HAS_ECC TEST_START("new/free KEY_ECDSA"); k1 = sshkey_new(KEY_ECDSA); ASSERT_PTR_NE(k1, NULL); ASSERT_PTR_EQ(k1->ecdsa, NULL); /* Can't allocate without NID */ sshkey_free(k1); TEST_DONE(); +#endif TEST_START("new/free KEY_ED25519"); k1 = sshkey_new(KEY_ED25519); @@ -273,12 +275,14 @@ sshkey_tests(void) sshkey_free(k1); TEST_DONE(); +#ifdef OPENSSL_HAS_ECC TEST_START("generate KEY_ECDSA wrong bits"); ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1), SSH_ERR_INVALID_ARGUMENT); ASSERT_PTR_EQ(k1, NULL); sshkey_free(k1); TEST_DONE(); +#endif TEST_START("generate KEY_RSA"); ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0); @@ -474,6 +478,7 @@ sshkey_tests(void) sshkey_free(k2); TEST_DONE(); +#ifdef OPENSSL_HAS_ECC TEST_START("sign and verify ECDSA"); k1 = get_private("ecdsa_1"); ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2, @@ -482,6 +487,7 @@ sshkey_tests(void) sshkey_free(k1); sshkey_free(k2); TEST_DONE(); +#endif TEST_START("sign and verify ED25519"); k1 = get_private("ed25519_1"); |