libssh2

1
/* Copyright (C) The libssh2 project and its contributors.
2
 *
3
 * SPDX-License-Identifier: BSD-3-Clause
4
 */
5

6
#include "runner.h"
7

8
static const char *EXPECTED_RSA_HOSTKEY =
9
    "AAAAB3NzaC1yc2EAAAABIwAAAQEArrr/JuJmaZligyfS8vcNur+mWR2ddDQtVdhHzdKU"
10
    "UoR6/Om6cvxpe61H1YZO1xCpLUBXmkki4HoNtYOpPB2W4V+8U4BDeVBD5crypEOE1+7B"
11
    "Am99fnEDxYIOZq2/jTP0yQmzCpWYS3COyFmkOL7sfX1wQMeW5zQT2WKcxC6FSWbhDqrB"
12
    "eNEGi687hJJoJ7YXgY/IdiYW5NcOuqRSWljjGS3dAJsHHWk4nJbhjEDXbPaeduMAwQU9"
13
    "i6ELfP3r+q6wdu0P4jWaoo3De1aYxnToV/ldXykpipON4NPamsb6Ph2qlJQKypq7J4iQ"
14
    "gkIIbCU1A31+4ExvcIVoxLQw/aTSbw==";
15

16
static const char *EXPECTED_ECDSA_HOSTKEY =
17
    "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC+/syyeKJD9dC2ZH"
18
    "9Q7iJGReR4YM3rUCMsSynkyXojdfSClGCMY7JvWlt30ESjYvxoTfSRGx6WvaqYK/vPoYQ4=";
19

20
static const char *EXPECTED_ED25519_HOSTKEY =
21
    "AAAAC3NzaC1lZDI1NTE5AAAAIIxtdyg2ZRXE70UwyPVUH3UyfDBV8GX5cPF636P6hjom";
22

23
#if LIBSSH2_MD5
24
static const char *EXPECTED_RSA_MD5_HASH_DIGEST =
25
    "0C0ED1A5BB10275F76924CE187CE5C5E";
26
#endif
27

28
static const char *EXPECTED_RSA_SHA1_HASH_DIGEST =
29
    "F3CD59E2913F4422B80F7B0A82B2B89EAE449387";
30

31
static const char *EXPECTED_RSA_SHA256_HASH_DIGEST =
32
    "92E3DA49DF3C7F99A828F505ED8239397A5D1F62914459760F878F7510F563A3";
33

34
#if LIBSSH2_MD5
35
static const char *EXPECTED_ECDSA_MD5_HASH_DIGEST =
36
    "0402E4D897580BBC911379CBD88BCD3D";
37
#endif
38

39
static const char *EXPECTED_ECDSA_SHA1_HASH_DIGEST =
40
    "12FDAD1E3B31B10BABB00F2A8D1B9A62C326BD2F";
41

42
static const char *EXPECTED_ECDSA_SHA256_HASH_DIGEST =
43
    "56FCD975B166C3F0342D0036E44C311A86C0EAE40713B53FC776369BAE7F5264";
44

45
static const char *EXPECTED_ED25519_SHA256_HASH_DIGEST =
46
    "2638B020F6121FA750A7F4754B718419F621814C6E779D68ADF26AA68814ADDF";
47

48
#if LIBSSH2_MD5
49
static const size_t MD5_HASH_SIZE = 16;
50
#endif
51
static const size_t SHA1_HASH_SIZE = 20;
52
static const size_t SHA256_HASH_SIZE = 32;
53

54
static void calculate_digest(const char *hash, size_t hash_len, char *buffer,
55
                             size_t buffer_len)
56
{
57
    size_t i;
58
    char *p = buffer;
59
    char *end = buffer + buffer_len;
60

61
    for(i = 0; i < hash_len && p < end; ++i) {
62
        p += snprintf(p, (size_t)(end - p), "%02X", (unsigned char)hash[i]);
63
    }
64
}
65

66
int test(LIBSSH2_SESSION *session)
67
{
68
    char buf[BUFSIZ];
69

70
    const char *hostkey;
71
#if LIBSSH2_MD5
72
    const char *md5_hash;
73
#endif
74
    const char *sha1_hash;
75
    const char *sha256_hash;
76
    int type;
77
    size_t len;
78

79
    /* these are the host keys under test, they are currently unused */
80
    (void)EXPECTED_RSA_HOSTKEY;
81
    (void)EXPECTED_ECDSA_HOSTKEY;
82
    (void)EXPECTED_ED25519_HOSTKEY;
83

84
    hostkey = libssh2_session_hostkey(session, &len, &type);
85
    if(!hostkey) {
86
        print_last_session_error("libssh2_session_hostkey");
87
        return 1;
88
    }
89

90
    if(type == LIBSSH2_HOSTKEY_TYPE_ED25519) {
91

92
        sha256_hash = libssh2_hostkey_hash(session,
93
                                           LIBSSH2_HOSTKEY_HASH_SHA256);
94
        if(!sha256_hash) {
95
            print_last_session_error(
96
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA256)");
97
            return 1;
98
        }
99

100
        calculate_digest(sha256_hash, SHA256_HASH_SIZE, buf, BUFSIZ);
101

102
        if(strcmp(buf, EXPECTED_ED25519_SHA256_HASH_DIGEST) != 0) {
103
            fprintf(stderr,
104
                    "ED25519 SHA256 hash not as expected - digest %s != %s\n",
105
                    buf, EXPECTED_ED25519_SHA256_HASH_DIGEST);
106
            return 1;
107
        }
108
    }
109
    else if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
110

111
#if LIBSSH2_MD5
112
        md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
113
        if(!md5_hash) {
114
            print_last_session_error(
115
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_MD5)");
116
            return 1;
117
        }
118

119
        calculate_digest(md5_hash, MD5_HASH_SIZE, buf, BUFSIZ);
120

121
        if(strcmp(buf, EXPECTED_ECDSA_MD5_HASH_DIGEST) != 0) {
122
            fprintf(stderr,
123
                    "ECDSA MD5 hash not as expected - digest %s != %s\n",
124
                    buf, EXPECTED_ECDSA_MD5_HASH_DIGEST);
125
            return 1;
126
        }
127
#endif
128

129
        sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
130
        if(!sha1_hash) {
131
            print_last_session_error(
132
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA1)");
133
            return 1;
134
        }
135

136
        calculate_digest(sha1_hash, SHA1_HASH_SIZE, buf, BUFSIZ);
137

138
        if(strcmp(buf, EXPECTED_ECDSA_SHA1_HASH_DIGEST) != 0) {
139
            fprintf(stderr,
140
                    "ECDSA SHA1 hash not as expected - digest %s != %s\n",
141
                    buf, EXPECTED_ECDSA_SHA1_HASH_DIGEST);
142
            return 1;
143
        }
144

145
        sha256_hash = libssh2_hostkey_hash(session,
146
                                           LIBSSH2_HOSTKEY_HASH_SHA256);
147
        if(!sha256_hash) {
148
            print_last_session_error(
149
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA256)");
150
            return 1;
151
        }
152

153
        calculate_digest(sha256_hash, SHA256_HASH_SIZE, buf, BUFSIZ);
154

155
        if(strcmp(buf, EXPECTED_ECDSA_SHA256_HASH_DIGEST) != 0) {
156
            fprintf(stderr,
157
                    "ECDSA SHA256 hash not as expected - digest %s != %s\n",
158
                    buf, EXPECTED_ECDSA_SHA256_HASH_DIGEST);
159
            return 1;
160
        }
161
    }
162
    else if(type == LIBSSH2_HOSTKEY_TYPE_RSA) {
163

164
#if LIBSSH2_MD5
165
        md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
166
        if(!md5_hash) {
167
            print_last_session_error(
168
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_MD5)");
169
            return 1;
170
        }
171

172
        calculate_digest(md5_hash, MD5_HASH_SIZE, buf, BUFSIZ);
173

174
        if(strcmp(buf, EXPECTED_RSA_MD5_HASH_DIGEST) != 0) {
175
            fprintf(stderr,
176
                    "MD5 hash not as expected - digest %s != %s\n",
177
                    buf, EXPECTED_RSA_MD5_HASH_DIGEST);
178
            return 1;
179
        }
180
#endif
181

182
        sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
183
        if(!sha1_hash) {
184
            print_last_session_error(
185
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA1)");
186
            return 1;
187
        }
188

189
        calculate_digest(sha1_hash, SHA1_HASH_SIZE, buf, BUFSIZ);
190

191
        if(strcmp(buf, EXPECTED_RSA_SHA1_HASH_DIGEST) != 0) {
192
            fprintf(stderr,
193
                    "SHA1 hash not as expected - digest %s != %s\n",
194
                    buf, EXPECTED_RSA_SHA1_HASH_DIGEST);
195
            return 1;
196
        }
197

198
        sha256_hash = libssh2_hostkey_hash(session,
199
                                           LIBSSH2_HOSTKEY_HASH_SHA256);
200
        if(!sha256_hash) {
201
            print_last_session_error(
202
                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA256)");
203
            return 1;
204
        }
205

206
        calculate_digest(sha256_hash, SHA256_HASH_SIZE, buf, BUFSIZ);
207

208
        if(strcmp(buf, EXPECTED_RSA_SHA256_HASH_DIGEST) != 0) {
209
            fprintf(stderr,
210
                    "SHA256 hash not as expected - digest %s != %s\n",
211
                    buf, EXPECTED_RSA_SHA256_HASH_DIGEST);
212
            return 1;
213
        }
214
    }
215
    else {
216
        fprintf(stderr, "Unexpected type of hostkey: %i\n", type);
217
        return 1;
218
    }
219

220
    return 0;
221
}
222