tests: Refactor test so that all RSA + hash combinations are tested

Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-08-10 06:23:01 +03:00 · 2018-12-21 13:43:16 +01:00
parent 481d749559
commit f118ea010b
1 changed files with 59 additions and 65 deletions
--- a/tests/unittests/torture_pki.c
+++ b/tests/unittests/torture_pki.c
@@ -185,18 +185,6 @@ static void torture_pki_verify_mismatch(void **state)
                                      hash_length);
            assert_true(rc == SSH_OK);

-            /* XXX Test all the hash versions only with RSA.
-             * This also skips the cleanup for the last hash so we can use the
-             * created signatures later on
-             */
-            if (sig_type != SSH_KEYTYPE_RSA || hash == SSH_DIGEST_SHA512) {
-                break;
-            }
-            ssh_string_free(blob);
-            ssh_signature_free(sign);
-            ssh_signature_free(import_sig);
-        }
-
            for (key_type = first_key;
                 key_type <= SSH_KEYTYPE_ED25519;
                 key_type++) {
@@ -237,14 +225,12 @@ static void torture_pki_verify_mismatch(void **state)
                    /* Importing with the same key type should work */
                    assert_true(new_sig != NULL);
                    assert_int_equal(new_sig->type, key->type);
-                if (key_type == SSH_KEYTYPE_RSA) {
-                   assert_string_equal(key->type_c, "ssh-rsa");
+                    if (key_type == SSH_KEYTYPE_RSA && new_sig->hash_type != SSH_DIGEST_AUTO) {
                        assert_string_equal(new_sig->type_c, hash_signatures[new_sig->hash_type]);
                    } else {
                        assert_string_equal(new_sig->type_c, key->type_c);
                        assert_string_equal(new_sig->type_c, signature_types[sig_type]);
                    }
-
                    /* The verification should not work */
                    rc = pki_signature_verify(session,
                                              new_sig,
@@ -257,9 +243,17 @@ static void torture_pki_verify_mismatch(void **state)
                }
                SSH_KEY_FREE(verify_key);
            }
+
            ssh_string_free(blob);
            ssh_signature_free(sign);
            ssh_signature_free(import_sig);
+
+            /* XXX Test all the hash versions only with RSA. */
+            if (sig_type != SSH_KEYTYPE_RSA || hash == SSH_DIGEST_SHA512) {
+                break;
+            }
+        }
+
        SSH_KEY_FREE(key);
        key = NULL;
    }