diff options
| author | Nicola Murino <nicola.murino@gmail.com> | 2024-07-21 11:43:44 +0200 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2024-07-22 17:35:33 +0000 |
| commit | bb80217080b0e04c6e73e5dcd9f3a9bb11fe23f6 (patch) | |
| tree | db15b9d7666af8f7f7dd08001c424f8f93558050 | |
| parent | 68797222744d17ebda05804c6a5912bd129b8112 (diff) | |
| download | go-x-crypto-bb80217080b0e04c6e73e5dcd9f3a9bb11fe23f6.tar.xz | |
ssh: don't use dsa keys in integration tests
DSA has been disabled by default since OpenSSH 9.8, so tests
fail with newer versions of OpenSSH
Change-Id: I57b9abde8845cd05116a637a21cbbb8af740b2e0
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/599955
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Nicola Murino <nicola.murino@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
| -rw-r--r-- | ssh/agent/client_test.go | 10 | ||||
| -rw-r--r-- | ssh/test/agent_unix_test.go | 6 |
2 files changed, 8 insertions, 8 deletions
diff --git a/ssh/agent/client_test.go b/ssh/agent/client_test.go index ae03df1..f0ffd59 100644 --- a/ssh/agent/client_test.go +++ b/ssh/agent/client_test.go @@ -165,9 +165,9 @@ func testAgentInterface(t *testing.T, agent ExtendedAgent, key interface{}, cert sig, err := agent.Sign(pubKey, data) if err != nil { t.Logf("sign failed with key type %q", pubKey.Type()) - // In integration tests ssh-dss and ssh-rsa (SHA1 signatures) may be - // disabled for security reasons, we check SHA-2 variants later. - if pubKey.Type() != ssh.KeyAlgoDSA && pubKey.Type() != ssh.KeyAlgoRSA && pubKey.Type() != ssh.CertAlgoRSAv01 { + // In integration tests ssh-rsa (SHA1 signatures) may be disabled for + // security reasons, we check SHA-2 variants later. + if pubKey.Type() != ssh.KeyAlgoRSA && pubKey.Type() != ssh.CertAlgoRSAv01 { t.Fatalf("Sign(%s): %v", pubKey.Type(), err) } } else { @@ -251,7 +251,7 @@ func TestMalformedRequests(t *testing.T) { } func TestAgent(t *testing.T) { - for _, keyType := range []string{"rsa", "dsa", "ecdsa", "ed25519"} { + for _, keyType := range []string{"rsa", "ecdsa", "ed25519"} { testOpenSSHAgent(t, testPrivateKeys[keyType], nil, 0) testKeyringAgent(t, testPrivateKeys[keyType], nil, 0) } @@ -409,7 +409,7 @@ func testLockAgent(agent Agent, t *testing.T) { if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["rsa"], Comment: "comment 1"}); err != nil { t.Errorf("Add: %v", err) } - if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["dsa"], Comment: "comment dsa"}); err != nil { + if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["ecdsa"], Comment: "comment ecdsa"}); err != nil { t.Errorf("Add: %v", err) } if keys, err := agent.List(); err != nil { diff --git a/ssh/test/agent_unix_test.go b/ssh/test/agent_unix_test.go index a9c4893..9257bfe 100644 --- a/ssh/test/agent_unix_test.go +++ b/ssh/test/agent_unix_test.go @@ -20,17 +20,17 @@ func TestAgentForward(t *testing.T) { defer conn.Close() keyring := agent.NewKeyring() - if err := keyring.Add(agent.AddedKey{PrivateKey: testPrivateKeys["dsa"]}); err != nil { + if err := keyring.Add(agent.AddedKey{PrivateKey: testPrivateKeys["ecdsa"]}); err != nil { t.Fatalf("Error adding key: %s", err) } if err := keyring.Add(agent.AddedKey{ - PrivateKey: testPrivateKeys["dsa"], + PrivateKey: testPrivateKeys["ecdsa"], ConfirmBeforeUse: true, LifetimeSecs: 3600, }); err != nil { t.Fatalf("Error adding key with constraints: %s", err) } - pub := testPublicKeys["dsa"] + pub := testPublicKeys["ecdsa"] sess, err := conn.NewSession() if err != nil { |