mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2025-04-03 20:47:37 +03:00
SSH Agent: Add support for generating SSH keys
Supported key types are RSA, ECDSA and Ed25519. Includes tests to compare writing out keys produce the exact same private key if read from OpenSSH format and tests against ssh-agent to ensure all no generated key is rejected.
This commit is contained in:
Toni Spets
Jonathan White
parent
714c0a5be2
commit
3243243be8
15 changed files with 1048 additions and 377 deletions
|
|
@ -254,6 +254,7 @@ void TestOpenSSHKey::testParseRSACompare()
|
|||
QCOMPARE(oldKey.type(), newKey.type());
|
||||
QCOMPARE(oldKey.fingerprint(), newKey.fingerprint());
|
||||
QCOMPARE(oldPrivateKey, newPrivateKey);
|
||||
QCOMPARE(newKeyString, newKey.privateKey());
|
||||
}
|
||||
|
||||
void TestOpenSSHKey::testParseECDSA256()
|
||||
|
|
@ -277,6 +278,7 @@ void TestOpenSSHKey::testParseECDSA256()
|
|||
QCOMPARE(key.type(), QString("ecdsa-sha2-nistp256"));
|
||||
QCOMPARE(key.comment(), QString("opensshkey-test-ecdsa256@keepassxc"));
|
||||
QCOMPARE(key.fingerprint(), QString("SHA256:nwwovZmQbBeiR3GZRpK4OWHgCUE7E0wFtCN7Ng7eX5g"));
|
||||
QCOMPARE(keyString, key.privateKey());
|
||||
}
|
||||
|
||||
void TestOpenSSHKey::testParseECDSA384()
|
||||
|
|
@ -302,6 +304,7 @@ void TestOpenSSHKey::testParseECDSA384()
|
|||
QCOMPARE(key.type(), QString("ecdsa-sha2-nistp384"));
|
||||
QCOMPARE(key.comment(), QString("opensshkey-test-ecdsa384@keepassxc"));
|
||||
QCOMPARE(key.fingerprint(), QString("SHA256:B5tLMG976BZ6nyi/oRUmKaTJcaEaFagEjBfOAgru0OY"));
|
||||
QCOMPARE(keyString, key.privateKey());
|
||||
}
|
||||
|
||||
void TestOpenSSHKey::testParseECDSA521()
|
||||
|
|
@ -328,6 +331,7 @@ void TestOpenSSHKey::testParseECDSA521()
|
|||
QCOMPARE(key.type(), QString("ecdsa-sha2-nistp521"));
|
||||
QCOMPARE(key.comment(), QString("opensshkey-test-ecdsa521@keepassxc"));
|
||||
QCOMPARE(key.fingerprint(), QString("SHA256:m3LtA9MtZW8FN0R3vwA0AAI+YtegbggGCy3EGKWya+s"));
|
||||
QCOMPARE(keyString, key.privateKey());
|
||||
}
|
||||
|
||||
void TestOpenSSHKey::testDecryptOpenSSHAES256CBC()
|
||||
|
|
@ -533,6 +537,7 @@ void TestOpenSSHKey::testParseECDSASecurityKey()
|
|||
QCOMPARE(key.type(), QString("sk-ecdsa-sha2-nistp256@openssh.com"));
|
||||
QCOMPARE(key.comment(), QString("opensshkey-test-ecdsa-sk@keepassxc"));
|
||||
QCOMPARE(key.fingerprint(), QString("SHA256:ctOtAsPMqbtumGI41o2oeWfGDah4m1ACILRj+x0gx0E"));
|
||||
QCOMPARE(keyString, key.privateKey());
|
||||
}
|
||||
|
||||
void TestOpenSSHKey::testParseED25519SecurityKey()
|
||||
|
|
@ -557,4 +562,5 @@ void TestOpenSSHKey::testParseED25519SecurityKey()
|
|||
QCOMPARE(key.type(), QString("sk-ssh-ed25519@openssh.com"));
|
||||
QCOMPARE(key.comment(), QString("opensshkey-test-ed25519-sk@keepassxc"));
|
||||
QCOMPARE(key.fingerprint(), QString("SHA256:PGtS5WvbnYmNqFIeRbzO6cVP9GLh8eEzENgkHp02XIA"));
|
||||
QCOMPARE(keyString, key.privateKey());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@
|
|||
#include "core/Config.h"
|
||||
#include "crypto/Crypto.h"
|
||||
#include "sshagent/KeeAgentSettings.h"
|
||||
#include "sshagent/OpenSSHKeyGen.h"
|
||||
#include "sshagent/SSHAgent.h"
|
||||
|
||||
#include <QTest>
|
||||
|
|
@ -224,6 +225,66 @@ void TestSSHAgent::testToOpenSSHKey()
|
|||
QVERIFY(!key.publicKey().isEmpty());
|
||||
}
|
||||
|
||||
void TestSSHAgent::testKeyGenRSA()
|
||||
{
|
||||
SSHAgent agent;
|
||||
agent.setEnabled(true);
|
||||
agent.setAuthSockOverride(m_agentSocketFileName);
|
||||
|
||||
QVERIFY(agent.isAgentRunning());
|
||||
|
||||
OpenSSHKey key;
|
||||
KeeAgentSettings settings;
|
||||
bool keyInAgent;
|
||||
|
||||
QVERIFY(OpenSSHKeyGen::generateRSA(key, 2048));
|
||||
|
||||
QVERIFY(agent.addIdentity(key, settings, m_uuid));
|
||||
QVERIFY(agent.checkIdentity(key, keyInAgent) && keyInAgent);
|
||||
QVERIFY(agent.removeIdentity(key));
|
||||
QVERIFY(agent.checkIdentity(key, keyInAgent) && !keyInAgent);
|
||||
}
|
||||
|
||||
void TestSSHAgent::testKeyGenECDSA()
|
||||
{
|
||||
SSHAgent agent;
|
||||
agent.setEnabled(true);
|
||||
agent.setAuthSockOverride(m_agentSocketFileName);
|
||||
|
||||
QVERIFY(agent.isAgentRunning());
|
||||
|
||||
OpenSSHKey key;
|
||||
KeeAgentSettings settings;
|
||||
bool keyInAgent;
|
||||
|
||||
QVERIFY(OpenSSHKeyGen::generateECDSA(key, 256));
|
||||
|
||||
QVERIFY(agent.addIdentity(key, settings, m_uuid));
|
||||
QVERIFY(agent.checkIdentity(key, keyInAgent) && keyInAgent);
|
||||
QVERIFY(agent.removeIdentity(key));
|
||||
QVERIFY(agent.checkIdentity(key, keyInAgent) && !keyInAgent);
|
||||
}
|
||||
|
||||
void TestSSHAgent::testKeyGenEd25519()
|
||||
{
|
||||
SSHAgent agent;
|
||||
agent.setEnabled(true);
|
||||
agent.setAuthSockOverride(m_agentSocketFileName);
|
||||
|
||||
QVERIFY(agent.isAgentRunning());
|
||||
|
||||
OpenSSHKey key;
|
||||
KeeAgentSettings settings;
|
||||
bool keyInAgent;
|
||||
|
||||
QVERIFY(OpenSSHKeyGen::generateEd25519(key));
|
||||
|
||||
QVERIFY(agent.addIdentity(key, settings, m_uuid));
|
||||
QVERIFY(agent.checkIdentity(key, keyInAgent) && keyInAgent);
|
||||
QVERIFY(agent.removeIdentity(key));
|
||||
QVERIFY(agent.checkIdentity(key, keyInAgent) && !keyInAgent);
|
||||
}
|
||||
|
||||
void TestSSHAgent::cleanupTestCase()
|
||||
{
|
||||
if (m_agentProcess.state() != QProcess::NotRunning) {
|
||||
|
|
|
|||
|
|
@ -35,6 +35,9 @@ private slots:
|
|||
void testLifetimeConstraint();
|
||||
void testConfirmConstraint();
|
||||
void testToOpenSSHKey();
|
||||
void testKeyGenRSA();
|
||||
void testKeyGenECDSA();
|
||||
void testKeyGenEd25519();
|
||||
void cleanupTestCase();
|
||||
|
||||
private:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue