ssh: don't use dsa keys in integration tests
DSA has been disabled by default since OpenSSH 9.8, so tests
fail with newer versions of OpenSSH
Change-Id: I57b9abde8845cd05116a637a21cbbb8af740b2e0
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/599955
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Nicola Murino <nicola.murino@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
diff --git a/ssh/agent/client_test.go b/ssh/agent/client_test.go
index ae03df1..f0ffd59 100644
--- a/ssh/agent/client_test.go
+++ b/ssh/agent/client_test.go
@@ -165,9 +165,9 @@
sig, err := agent.Sign(pubKey, data)
if err != nil {
t.Logf("sign failed with key type %q", pubKey.Type())
- // In integration tests ssh-dss and ssh-rsa (SHA1 signatures) may be
- // disabled for security reasons, we check SHA-2 variants later.
- if pubKey.Type() != ssh.KeyAlgoDSA && pubKey.Type() != ssh.KeyAlgoRSA && pubKey.Type() != ssh.CertAlgoRSAv01 {
+ // In integration tests ssh-rsa (SHA1 signatures) may be disabled for
+ // security reasons, we check SHA-2 variants later.
+ if pubKey.Type() != ssh.KeyAlgoRSA && pubKey.Type() != ssh.CertAlgoRSAv01 {
t.Fatalf("Sign(%s): %v", pubKey.Type(), err)
}
} else {
@@ -251,7 +251,7 @@
}
func TestAgent(t *testing.T) {
- for _, keyType := range []string{"rsa", "dsa", "ecdsa", "ed25519"} {
+ for _, keyType := range []string{"rsa", "ecdsa", "ed25519"} {
testOpenSSHAgent(t, testPrivateKeys[keyType], nil, 0)
testKeyringAgent(t, testPrivateKeys[keyType], nil, 0)
}
@@ -409,7 +409,7 @@
if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["rsa"], Comment: "comment 1"}); err != nil {
t.Errorf("Add: %v", err)
}
- if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["dsa"], Comment: "comment dsa"}); err != nil {
+ if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["ecdsa"], Comment: "comment ecdsa"}); err != nil {
t.Errorf("Add: %v", err)
}
if keys, err := agent.List(); err != nil {
diff --git a/ssh/test/agent_unix_test.go b/ssh/test/agent_unix_test.go
index a9c4893..9257bfe 100644
--- a/ssh/test/agent_unix_test.go
+++ b/ssh/test/agent_unix_test.go
@@ -20,17 +20,17 @@
defer conn.Close()
keyring := agent.NewKeyring()
- if err := keyring.Add(agent.AddedKey{PrivateKey: testPrivateKeys["dsa"]}); err != nil {
+ if err := keyring.Add(agent.AddedKey{PrivateKey: testPrivateKeys["ecdsa"]}); err != nil {
t.Fatalf("Error adding key: %s", err)
}
if err := keyring.Add(agent.AddedKey{
- PrivateKey: testPrivateKeys["dsa"],
+ PrivateKey: testPrivateKeys["ecdsa"],
ConfirmBeforeUse: true,
LifetimeSecs: 3600,
}); err != nil {
t.Fatalf("Error adding key with constraints: %s", err)
}
- pub := testPublicKeys["dsa"]
+ pub := testPublicKeys["ecdsa"]
sess, err := conn.NewSession()
if err != nil {
