summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2015-02-25 15:32:49 +1100
committerDarren Tucker <dtucker@zip.com.au>2015-02-25 15:32:49 +1100
commit5d5ec165c5b614b03678afdad881f10e25832e46 (patch)
tree35805270fc194b91f98a04ed2efb481f8a245516
parent1734e276d99b17e92d4233fac7aef3a3180aaca7 (diff)
Restrict ECDSA and ECDH tests.
ifdef out some more ECDSA and ECDH tests when built against an OpenSSL that does not have eliptic curve functionality.
-rw-r--r--regress/unittests/hostkeys/test_iterate.c12
-rw-r--r--regress/unittests/kex/test_kex.c6
-rw-r--r--regress/unittests/sshkey/test_sshkey.c6
3 files changed, 24 insertions, 0 deletions
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c
index 526e1c06..68a70610 100644
--- a/regress/unittests/hostkeys/test_iterate.c
+++ b/regress/unittests/hostkeys/test_iterate.c
@@ -165,6 +165,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"DSA #1",
} },
+#ifdef OPENSSL_HAS_ECC
{ "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
NULL,
3,
@@ -178,6 +179,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ECDSA #1",
} },
+#endif
{ "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
NULL,
4,
@@ -256,6 +258,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"DSA #2",
} },
+#ifdef OPENSSL_HAS_ECC
{ "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
NULL,
10,
@@ -269,6 +272,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ECDSA #2",
} },
+#endif
{ "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
NULL,
11,
@@ -347,6 +351,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"DSA #3",
} },
+#ifdef OPENSSL_HAS_ECC
{ "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
NULL,
17,
@@ -360,6 +365,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ECDSA #3",
} },
+#endif
{ "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
NULL,
18,
@@ -438,6 +444,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"DSA #5",
} },
+#ifdef OPENSSL_HAS_ECC
{ "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
NULL,
24,
@@ -451,6 +458,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ECDSA #5",
} },
+#endif
{ "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
NULL,
25,
@@ -547,6 +555,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"DSA #6",
} },
+#ifdef OPENSSL_HAS_ECC
{ "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
NULL,
32,
@@ -586,6 +595,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ECDSA #6",
} },
+#endif
{ "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
NULL,
35,
@@ -768,6 +778,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ED25519 #4",
} },
+#ifdef OPENSSL_HAS_ECC
{ "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
NULL,
49,
@@ -781,6 +792,7 @@ struct expected expected_full[] = {
NULL, /* filled at runtime */
"ECDSA #4",
} },
+#endif
{ "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, {
NULL,
50,
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c
index d5edf7ed..c61e2bdb 100644
--- a/regress/unittests/kex/test_kex.c
+++ b/regress/unittests/kex/test_kex.c
@@ -145,7 +145,9 @@ do_kex_with_key(char *kex, int keytype, int bits)
server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+#ifdef OPENSSL_HAS_ECC
server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif
server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
server2->kex->load_host_public_key = server->kex->load_host_public_key;
server2->kex->load_host_private_key = server->kex->load_host_private_key;
@@ -173,7 +175,9 @@ do_kex(char *kex)
{
do_kex_with_key(kex, KEY_RSA, 2048);
do_kex_with_key(kex, KEY_DSA, 1024);
+#ifdef OPENSSL_HAS_ECC
do_kex_with_key(kex, KEY_ECDSA, 256);
+#endif
do_kex_with_key(kex, KEY_ED25519, 256);
}
@@ -181,9 +185,11 @@ void
kex_tests(void)
{
do_kex("curve25519-sha256@libssh.org");
+#ifdef OPENSSL_HAS_ECC
do_kex("ecdh-sha2-nistp256");
do_kex("ecdh-sha2-nistp384");
do_kex("ecdh-sha2-nistp521");
+#endif
do_kex("diffie-hellman-group-exchange-sha256");
do_kex("diffie-hellman-group-exchange-sha1");
do_kex("diffie-hellman-group14-sha1");
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 3e4e39b6..b233a254 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -217,12 +217,14 @@ sshkey_tests(void)
sshkey_free(k1);
TEST_DONE();
+#ifdef OPENSSL_HAS_ECC
TEST_START("new/free KEY_ECDSA");
k1 = sshkey_new(KEY_ECDSA);
ASSERT_PTR_NE(k1, NULL);
ASSERT_PTR_EQ(k1->ecdsa, NULL); /* Can't allocate without NID */
sshkey_free(k1);
TEST_DONE();
+#endif
TEST_START("new/free KEY_ED25519");
k1 = sshkey_new(KEY_ED25519);
@@ -273,12 +275,14 @@ sshkey_tests(void)
sshkey_free(k1);
TEST_DONE();
+#ifdef OPENSSL_HAS_ECC
TEST_START("generate KEY_ECDSA wrong bits");
ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 42, &k1),
SSH_ERR_INVALID_ARGUMENT);
ASSERT_PTR_EQ(k1, NULL);
sshkey_free(k1);
TEST_DONE();
+#endif
TEST_START("generate KEY_RSA");
ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0);
@@ -474,6 +478,7 @@ sshkey_tests(void)
sshkey_free(k2);
TEST_DONE();
+#ifdef OPENSSL_HAS_ECC
TEST_START("sign and verify ECDSA");
k1 = get_private("ecdsa_1");
ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2,
@@ -482,6 +487,7 @@ sshkey_tests(void)
sshkey_free(k1);
sshkey_free(k2);
TEST_DONE();
+#endif
TEST_START("sign and verify ED25519");
k1 = get_private("ed25519_1");