lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-06 13:20:57 +03:00
Code Activity

tests(torture_sk): validate sk_flags against allowed security key flags

Browse Source 
Signed-off-by: Praneeth Sarode <praneethsarode@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
This commit is contained in:
Praneeth Sarode
2025-08-19 19:19:43 +05:30
parent 302d868875
commit eda5c6576b
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tests/torture_sk.c
View File

@@ -23,7 +23,7 @@
#include "torture_sk.h" #include "torture_sk.h"
#include "libssh/pki.h" #include "libssh/pki.h"
#include "torture.h" #include "libssh/sk_api.h" /* For SSH_SK_* flag definitions */
/* Helper function to validate ssh_key structure for security keys */ /* Helper function to validate ssh_key structure for security keys */
void assert_sk_key_valid(ssh_key key, void assert_sk_key_valid(ssh_key key,
@@ -66,7 +66,13 @@ void assert_sk_key_valid(ssh_key key,
assert_true(ssh_string_len(key->sk_key_handle) > 0); assert_true(ssh_string_len(key->sk_key_handle) > 0);
} }
/* TODO: Check for sk_flags */ const uint8_t allowed_flags = SSH_SK_USER_PRESENCE_REQD |
SSH_SK_USER_VERIFICATION_REQD |
SSH_SK_RESIDENT_KEY | SSH_SK_FORCE_OPERATION;
/* Validate sk_flags contain only allowed bits */
uint8_t flags = key->sk_flags;
assert_int_equal(flags & ~allowed_flags, 0);
/* Validate underlying cryptographic key exists based on type */ /* Validate underlying cryptographic key exists based on type */
switch (expected_type) { switch (expected_type) {