tests: Use public key to verify signatures

Previously in the tests the private key structure would be used for signature verification. Use the corresponding public key instead. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-07-28 01:41:48 +03:00 · 2019-05-02 16:07:09 +02:00
parent 88a8b1f57c
commit d923dc39c1
5 changed files with 117 additions and 38 deletions
--- a/tests/unittests/torture_threads_pki_rsa.c
+++ b/tests/unittests/torture_threads_pki_rsa.c
@ -562,7 +562,7 @@ static void torture_pki_rsa_duplicate_key(void **state)
 static void *thread_pki_rsa_generate_key(void *threadid)
 {
    int rc;
-    ssh_key key = NULL;
+    ssh_key key = NULL, pubkey = NULL;
    ssh_signature sign = NULL;
    ssh_session session = NULL;

@ -575,42 +575,55 @@ static void *thread_pki_rsa_generate_key(void *threadid)
    assert_ssh_return_code(session, rc);
    assert_non_null(key);

+    rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
+    assert_int_equal(rc, SSH_OK);
+    assert_non_null(pubkey);
+
    sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
    assert_non_null(sign);

-    rc = pki_signature_verify(session,sign,key,RSA_HASH,20);
+    rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
    assert_ssh_return_code(session, rc);

    ssh_signature_free(sign);
    SSH_KEY_FREE(key);
+    SSH_KEY_FREE(pubkey);

    rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 2048, &key);
    assert_ssh_return_code(session, rc);
    assert_non_null(key);

+    rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
+    assert_int_equal(rc, SSH_OK);
+    assert_non_null(pubkey);
+
    sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
    assert_non_null(sign);

-    rc = pki_signature_verify(session,sign,key,RSA_HASH,20);
+    rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
    assert_ssh_return_code(session, rc);

    ssh_signature_free(sign);
    SSH_KEY_FREE(key);
-
+    SSH_KEY_FREE(pubkey);

    rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 4096, &key);
    assert_true(rc == SSH_OK);
    assert_non_null(key);

+    rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
+    assert_int_equal(rc, SSH_OK);
+    assert_non_null(pubkey);
+
    sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
    assert_non_null(sign);

-    rc = pki_signature_verify(session,sign,key,RSA_HASH,20);
+    rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
    assert_true(rc == SSH_OK);

    ssh_signature_free(sign);
    SSH_KEY_FREE(key);
-    key = NULL;
+    SSH_KEY_FREE(pubkey);

    ssh_free(session);
    pthread_exit(NULL);