1285031Sdes#!/bin/sh
2285031Sdes# $OpenBSD: mktestdata.sh,v 1.1 2015/02/16 22:18:34 djm Exp $
3285031Sdes
4285031Sdesset -ex
5285031Sdes
6285031Sdescd testdata
7285031Sdes
8285031Sdesrm -f rsa1* rsa* dsa* ecdsa* ed25519*
9285031Sdesrm -f known_hosts*
10285031Sdes
11285031Sdesgen_all() {
12285031Sdes	_n=$1
13285031Sdes	_ecdsa_bits=256
14285031Sdes	test "x$_n" = "x1" && _ecdsa_bits=384
15285031Sdes	test "x$_n" = "x2" && _ecdsa_bits=521
16285031Sdes	ssh-keygen -qt rsa1 -b 1024 -C "RSA1 #$_n" -N "" -f rsa1_$_n
17285031Sdes	ssh-keygen -qt rsa -b 1024 -C "RSA #$_n" -N "" -f rsa_$_n
18285031Sdes	ssh-keygen -qt dsa -b 1024 -C "DSA #$_n" -N "" -f dsa_$_n
19285031Sdes	ssh-keygen -qt ecdsa -b $_ecdsa_bits -C "ECDSA #$_n" -N "" -f ecdsa_$_n
20285031Sdes	ssh-keygen -qt ed25519 -C "ED25519 #$_n" -N "" -f ed25519_$_n
21285031Sdes	# Don't need private keys
22285031Sdes	rm -f rsa1_$_n  rsa_$_n dsa_$_n ecdsa_$_n ed25519_$_n
23285031Sdes}
24285031Sdes
25285031Sdeshentries() {
26285031Sdes	_preamble=$1
27285031Sdes	_kspec=$2
28285031Sdes	for k in `ls -1 $_kspec | sort` ; do
29285031Sdes		printf "$_preamble "
30285031Sdes		cat $k
31285031Sdes	done
32285031Sdes	echo
33285031Sdes}
34285031Sdes
35285031Sdesgen_all 1
36285031Sdesgen_all 2
37285031Sdesgen_all 3
38285031Sdesgen_all 4
39285031Sdesgen_all 5
40285031Sdesgen_all 6
41285031Sdes
42285031Sdes# A section of known_hosts with hashed hostnames.
43285031Sdes(
44285031Sdes	hentries "sisyphus.example.com" "*_5.pub"
45285031Sdes	hentries "prometheus.example.com,192.0.2.1,2001:db8::1" "*_6.pub"
46285031Sdes) > known_hosts_hash_frag
47285031Sdesssh-keygen -Hf known_hosts_hash_frag
48285031Sdesrm -f known_hosts_hash_frag.old
49285031Sdes
50285031Sdes# Populated known_hosts, including comments, hashed names and invalid lines
51285031Sdes(
52285031Sdes	echo "# Plain host keys, plain host names"
53285031Sdes	hentries "sisyphus.example.com" "*_1.pub"
54285031Sdes
55285031Sdes	echo "# Plain host keys, hostnames + addresses"
56285031Sdes	hentries "prometheus.example.com,192.0.2.1,2001:db8::1" "*_2.pub"
57285031Sdes
58285031Sdes	echo "# Some hosts with wildcard names / IPs"
59285031Sdes	hentries "*.example.com,192.0.2.*,2001:*" "*_3.pub"
60285031Sdes
61285031Sdes	echo "# Hashed hostname and address entries"
62285031Sdes	cat known_hosts_hash_frag
63285031Sdes	rm -f known_hosts_hash_frag
64285031Sdes	echo
65285031Sdes
66285031Sdes	echo "# Revoked and CA keys"
67285031Sdes	printf "@revoked sisyphus.example.com " ; cat rsa1_4.pub
68285031Sdes	printf "@revoked sisyphus.example.com " ; cat ed25519_4.pub
69285031Sdes	printf "@cert-authority prometheus.example.com " ; cat ecdsa_4.pub
70285031Sdes	printf "@cert-authority *.example.com " ; cat dsa_4.pub
71285031Sdes
72285031Sdes	printf "\n"
73285031Sdes	echo "# Some invalid lines"
74285031Sdes	# Invalid marker
75285031Sdes	printf "@what sisyphus.example.com " ; cat rsa1_1.pub
76285031Sdes	# Key missing
77285031Sdes	echo "sisyphus.example.com      "
78285031Sdes	# Key blob missing
79285031Sdes	echo "prometheus.example.com ssh-ed25519 "
80285031Sdes	# Key blob truncated
81285031Sdes	echo "sisyphus.example.com ssh-dsa AAAATgAAAAdz"
82285031Sdes	# RSA1 key truncated after key bits
83285031Sdes	echo "prometheus.example.com 1024   "
84285031Sdes	# RSA1 key truncated after exponent
85285031Sdes	echo "sisyphus.example.com 1024 65535   "
86285031Sdes	# RSA1 key incorrect key bits
87285031Sdes	printf "prometheus.example.com 1025 " ; cut -d' ' -f2- < rsa1_1.pub
88285031Sdes	# Invalid type
89285031Sdes	echo "sisyphus.example.com ssh-XXX AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
90285031Sdes	# Type mismatch with blob
91285031Sdes	echo "prometheus.example.com ssh-rsa AAAATgAAAAdzc2gtWFhYAAAAP0ZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRkZVQ0tPRkZGVUNLT0ZGRlVDS09GRg=="
92285031Sdes) > known_hosts
93285031Sdes
94285031Sdesecho OK
95