15-test_ecparam.t@ 97403

最後變更在這個檔案從97403是 97372,由 vboxsync 提交於 2 年前
libs: Switch to openssl-3.0.7, bugref:10317
檔案大小: 5.7 KB

行
1	#! /usr/bin/env perl
2	# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
3	#
4	# Licensed under the Apache License 2.0 (the "License"). You may not use
5	# this file except in compliance with the License. You can obtain a copy
6	# in the file LICENSE in the source distribution or at
7	# https://www.openssl.org/source/license.html
8
9
10	use strict;
11	use warnings;
12
13	use File::Spec;
14	use File::Compare qw/compare_text/;
15	use OpenSSL::Glob;
16	use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/;
17	use OpenSSL::Test::Utils;
18
19	setup("test_ecparam");
20
21	plan skip_all => "EC or EC2M isn't supported in this build"
22	if disabled("ec") \|\| disabled("ec2m");
23
24	my @valid = glob(data_file("valid", "*.pem"));
25	my @noncanon = glob(data_file("noncanon", "*.pem"));
26	my @invalid = glob(data_file("invalid", "*.pem"));
27
28	plan tests => 12;
29
30	sub checkload {
31	my $files = shift; # List of files
32	my $valid = shift; # Check should pass or fail?
33	my $app = shift; # Which application
34	my $opt = shift; # Additional option
35
36	foreach (@$files) {
37	if ($valid) {
38	ok(run(app(['openssl', $app, '-noout', $opt, '-in', $_])));
39	} else {
40	ok(!run(app(['openssl', $app, '-noout', $opt, '-in', $_])));
41	}
42	}
43	}
44
45	sub checkcompare {
46	my $files = shift; # List of files
47	my $app = shift; # Which application
48
49	foreach (@$files) {
50	my $testout = "$app.tst";
51
52	ok(run(app(['openssl', $app, '-out', $testout, '-in', $_])));
53	ok(!compare_text($_, $testout, sub {
54	my $in1 = $_[0];
55	my $in2 = $_[1];
56	$in1 =~ s/\r\n/\n/g;
57	$in2 =~ s/\r\n/\n/g;
58	$in1 ne $in2}), "Original file $_ is the same as new one");
59	}
60	}
61
62	my $no_fips = disabled('fips') \|\| ($ENV{NO_FIPS} // 0);
63
64	subtest "Check loading valid parameters by ecparam with -check" => sub {
65	plan tests => scalar(@valid);
66	checkload(\@valid, 1, "ecparam", "-check");
67	};
68
69	subtest "Check loading valid parameters by ecparam with -check_named" => sub {
70	plan tests => scalar(@valid);
71	checkload(\@valid, 1, "ecparam", "-check_named");
72	};
73
74	subtest "Check loading valid parameters by pkeyparam with -check" => sub {
75	plan tests => scalar(@valid);
76	checkload(\@valid, 1, "pkeyparam", "-check");
77	};
78
79	subtest "Check loading non-canonically encoded parameters by ecparam with -check" => sub {
80	plan tests => scalar(@noncanon);
81	checkload(\@noncanon, 1, "ecparam", "-check");
82	};
83
84	subtest "Check loading non-canonically encoded parameters by ecparam with -check_named" => sub {
85	plan tests => scalar(@noncanon);
86	checkload(\@noncanon, 1, "ecparam", "-check_named");
87	};
88
89	subtest "Check loading non-canonically encoded parameters by pkeyparam with -check" => sub {
90	plan tests => scalar(@noncanon);
91	checkload(\@noncanon, 1, "pkeyparam", "-check");
92	};
93
94	subtest "Check loading invalid parameters by ecparam with -check" => sub {
95	plan tests => scalar(@invalid);
96	checkload(\@invalid, 0, "ecparam", "-check");
97	};
98
99	subtest "Check loading invalid parameters by ecparam with -check_named" => sub {
100	plan tests => scalar(@invalid);
101	checkload(\@invalid, 0, "ecparam", "-check_named");
102	};
103
104	subtest "Check loading invalid parameters by pkeyparam with -check" => sub {
105	plan tests => scalar(@invalid);
106	checkload(\@invalid, 0, "pkeyparam", "-check");
107	};
108
109	subtest "Check ecparam does not change the parameter file on output" => sub {
110	plan tests => 2 * scalar(@valid);
111	checkcompare(\@valid, "ecparam");
112	};
113
114	subtest "Check pkeyparam does not change the parameter file on output" => sub {
115	plan tests => 2 * scalar(@valid);
116	checkcompare(\@valid, "pkeyparam");
117	};
118
119	subtest "Check loading of fips and non-fips params" => sub {
120	plan skip_all => "FIPS is disabled"
121	if $no_fips;
122	plan tests => 8;
123
124	my $fipsconf = srctop_file("test", "fips-and-base.cnf");
125	my $defaultconf = srctop_file("test", "default.cnf");
126
127	$ENV{OPENSSL_CONF} = $fipsconf;
128
129	ok(run(app(['openssl', 'ecparam',
130	'-in', data_file('valid', 'secp384r1-explicit.pem'),
131	'-check'])),
132	"Loading explicitly encoded valid curve");
133
134	ok(run(app(['openssl', 'ecparam',
135	'-in', data_file('valid', 'secp384r1-named.pem'),
136	'-check'])),
137	"Loading named valid curve");
138
139	ok(!run(app(['openssl', 'ecparam',
140	'-in', data_file('valid', 'secp112r1-named.pem'),
141	'-check'])),
142	"Fail loading named non-fips curve");
143
144	ok(!run(app(['openssl', 'pkeyparam',
145	'-in', data_file('valid', 'secp112r1-named.pem'),
146	'-check'])),
147	"Fail loading named non-fips curve using pkeyparam");
148
149	ok(run(app(['openssl', 'ecparam',
150	'-provider', 'default',
151	'-propquery', '?fips!=yes',
152	'-in', data_file('valid', 'secp112r1-named.pem'),
153	'-check'])),
154	"Loading named non-fips curve in FIPS mode with non-FIPS property".
155	" query");
156
157	ok(run(app(['openssl', 'pkeyparam',
158	'-provider', 'default',
159	'-propquery', '?fips!=yes',
160	'-in', data_file('valid', 'secp112r1-named.pem'),
161	'-check'])),
162	"Loading named non-fips curve in FIPS mode with non-FIPS property".
163	" query using pkeyparam");
164
165	ok(!run(app(['openssl', 'ecparam',
166	'-genkey', '-name', 'secp112r1'])),
167	"Fail generating key for named non-fips curve");
168
169	ok(run(app(['openssl', 'ecparam',
170	'-provider', 'default',
171	'-propquery', '?fips!=yes',
172	'-genkey', '-name', 'secp112r1'])),
173	"Generating key for named non-fips curve with non-FIPS property query");
174
175	$ENV{OPENSSL_CONF} = $defaultconf;
176	};

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.0.7/test/recipes/15-test_ecparam.t@ 97403

以其他格式下載: