tests(fido2): add sk key files to the testing infrastructure

Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
2025-12-06 13:20:57 +03:00 · 2025-08-17 02:14:38 +05:30
parent d91630308d
commit 21d338737a
6 changed files with 43 additions and 0 deletions
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -164,6 +164,8 @@ if (SSH_EXECUTABLE)
        ssh-rsa-cert-v01@openssh.com
        ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp384-cert-v01@openssh.com
        ecdsa-sha2-nistp521-cert-v01@openssh.com
        sk-ssh-ed25519@openssh.com sk-ecdsa-sha2-nistp256@openssh.com
        sk-ssh-ed25519-cert-v01@openssh.com sk-ecdsa-sha2-nistp256-cert-v01@openssh.com
        )
    foreach(ALGORITHM ${SSH_ALGORITHMS})
        string(TOUPPER ${ALGORITHM} VARNAME)
@@ -327,6 +329,11 @@ if (CLIENT_TESTING OR SERVER_TESTING)
    file(COPY keys/id_ecdsa.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ed25519 DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ed25519.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    # Security key support
    file(COPY keys/id_ecdsa_sk DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ecdsa_sk.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ed25519_sk DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    file(COPY keys/id_ed25519_sk.pub DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/home/bob/.ssh/ FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
    # Allow to auth with bob's public keys on alice and doe account
    configure_file(keys/id_rsa.pub ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys @ONLY)
@@ -340,6 +347,14 @@ if (CLIENT_TESTING OR SERVER_TESTING)
    file(READ keys/id_ed25519.pub CONTENTS)
    file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")
    # append sk-ecdsa public key
    file(READ keys/id_ecdsa_sk.pub CONTENTS)
    file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")
    # append sk-ed25519 public key
    file(READ keys/id_ed25519_sk.pub CONTENTS)
    file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/home/alice/.ssh/authorized_keys "${CONTENTS}")
    # Allow to auth with bob his public keys on charlie account
    configure_file(keys/pkcs11/id_pkcs11_rsa_openssh.pub ${CMAKE_CURRENT_BINARY_DIR}/home/charlie/.ssh/authorized_keys @ONLY)
--- a/tests/keys/id_ecdsa_sk
+++ b/tests/keys/id_ecdsa_sk
@@ -0,0 +1,14 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAjwAAACJzay1lY2
 RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAACG5pc3RwMjU2AAAAQQRv1/dD0qNb
 Bbm4JmHwa9AQdHwzYOBDkptAAUJcyLX3kc8koKLoQF6rhUKGeZP6pv+AanVRTyOd/ITGUm
 Zbgt7hAAAAFHNzaDp0ZXN0QGV4YW1wbGUuY29tAAABkH7S+n5+0vp+AAAAInNrLWVjZHNh
 LXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBG/X90PSo1sFub
 gmYfBr0BB0fDNg4EOSm0ABQlzItfeRzySgouhAXquFQoZ5k/qm/4BqdVFPI538hMZSZluC
 3uEAAAAUc3NoOnRlc3RAZXhhbXBsZS5jb20BAAAA4y0tLS0tQkVHSU4gRUMgUFJJVkFURS
 BLRVktLS0tLQpNSGNDQVFFRUlIRGZSL1NqWkRlczZrUmtTM0dLQTZoTUtSYmxRQjFWQlp3
 KzdqR2pIWU5xb0FvR0NDcUdTTTQ5CkF3RUhvVVFEUWdBRWI5ZjNROUtqV3dXNXVDWmg4R3
 ZRRUhSOE0yRGdRNUtiUUFGQ1hNaTE5NUhQSktDaTZFQmUKcTRWQ2hubVQrcWIvZ0dwMVVV
 OGpuZnlFeGxKbVc0TGU0UT09Ci0tLS0tRU5EIEVDIFBSSVZBVEUgS0VZLS0tLS0KAAAAAA
 AAAAABAgMEBQYHCAk=
 -----END OPENSSH PRIVATE KEY-----
--- a/tests/keys/id_ecdsa_sk.pub
+++ b/tests/keys/id_ecdsa_sk.pub
@@ -0,0 +1 @@
 sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBG/X90PSo1sFubgmYfBr0BB0fDNg4EOSm0ABQlzItfeRzySgouhAXquFQoZ5k/qm/4BqdVFPI538hMZSZluC3uEAAAAUc3NoOnRlc3RAZXhhbXBsZS5jb20= phoenix@phoenix-pc
--- a/tests/keys/id_ed25519_sk
+++ b/tests/keys/id_ed25519_sk
@@ -0,0 +1,8 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAWgAAABpzay1zc2
 gtZWQyNTUxOUBvcGVuc3NoLmNvbQAAACDa9bna/CE9hXZDMX6I37Re6AlzNVZh0yB8D/U3
 8SS2vgAAABRzc2g6dGVzdEBleGFtcGxlLmNvbQAAALC75D22u+Q9tgAAABpzay1zc2gtZW
 QyNTUxOUBvcGVuc3NoLmNvbQAAACDa9bna/CE9hXZDMX6I37Re6AlzNVZh0yB8D/U38SS2
 vgAAABRzc2g6dGVzdEBleGFtcGxlLmNvbQEAAABA7QoCSXA/S9yF96YpCLNTVap+mYg0vH
 yhKlMAUNnPqeXa9bna/CE9hXZDMX6I37Re6AlzNVZh0yB8D/U38SS2vgAAAAAAAAAAAQ==
 -----END OPENSSH PRIVATE KEY-----
--- a/tests/keys/id_ed25519_sk.pub
+++ b/tests/keys/id_ed25519_sk.pub
@@ -0,0 +1 @@
 sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINr1udr8IT2FdkMxfojftF7oCXM1VmHTIHwP9TfxJLa+AAAAFHNzaDp0ZXN0QGV4YW1wbGUuY29t phoenix@phoenix-pc
--- a/tests/tests_config.h.cmake
+++ b/tests/tests_config.h.cmake
@@ -63,6 +63,10 @@
 #cmakedefine OPENSSH_ECDSA_SHA2_NISTP256_CERT_V01_OPENSSH_COM 1
 #cmakedefine OPENSSH_ECDSA_SHA2_NISTP384_CERT_V01_OPENSSH_COM 1
 #cmakedefine OPENSSH_ECDSA_SHA2_NISTP521_CERT_V01_OPENSSH_COM 1
 #cmakedefine OPENSSH_SK_SSH_ED25519_OPENSSH_COM 1
 #cmakedefine OPENSSH_SK_SSH_ED25519_CERT_V01_OPENSSH_COM 1
 #cmakedefine OPENSSH_SK_ECDSA_SHA2_NISTP256_OPENSSH_COM 1
 #cmakedefine OPENSSH_SK_ECDSA_SHA2_NISTP256_CERT_V01_OPENSSH_COM 1
 /* Available programs */
		`@@ -0,0 +1 @@`
							`sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBG/X90PSo1sFubgmYfBr0BB0fDNg4EOSm0ABQlzItfeRzySgouhAXquFQoZ5k/qm/4BqdVFPI538hMZSZluC3uEAAAAUc3NoOnRlc3RAZXhhbXBsZS5jb20= phoenix@phoenix-pc`
		`@@ -0,0 +1 @@`
							`sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINr1udr8IT2FdkMxfojftF7oCXM1VmHTIHwP9TfxJLa+AAAAFHNzaDp0ZXN0QGV4YW1wbGUuY29t phoenix@phoenix-pc`