15-test_gendhparam.t@ 99371

最後變更在這個檔案從99371是 94404,由 vboxsync 提交於 3 年前
libs/openssl: Update to 3.0.2 and switch to it, bugref:10128
檔案大小: 6.0 KB

行
1	#! /usr/bin/env perl
2	# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
3	#
4	# Licensed under the Apache License 2.0 (the "License"). You may not use
5	# this file except in compliance with the License. You can obtain a copy
6	# in the file LICENSE in the source distribution or at
7	# https://www.openssl.org/source/license.html
8
9	use strict;
10	use warnings;
11
12	use OpenSSL::Test;
13	use OpenSSL::Test::Utils;
14
15	setup("test_gendhparam");
16
17	my @testdata = (
18	{
19	algorithm => 'DHX',
20	pkeyopts => [ "type:fips186_4", 'digest:SHA256', 'gindex:1' ],
21	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'gindex:', 'pcounter:', 'SEED:' ],
22	message => 'DH fips186_4 param gen with verifiable g',
23	},
24	{
25	algorithm => 'DH',
26	pkeyopts => [ "type:fips186_4", 'digest:SHA256', 'gindex:1' ],
27	expect => [ 'ERROR' ],
28	message => 'fips186_4 param gen should fail if DHX is not used',
29	},
30	{
31	algorithm => 'DHX',
32	pkeyopts => [ "type:fips186_4", 'digest:SHA512-224', 'gindex:1' ],
33	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'gindex:', 'pcounter:', 'SEED:' ],
34	message => 'DH fips186_4 param gen with verifiable g and truncated digest',
35	},
36	{
37	algorithm => 'DHX',
38	pkeyopts => [ 'type:fips186_2', 'pbits:1024', 'qbits:160' ],
39	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'h:', 'pcounter:', 'SEED:' ],
40	message => 'DHX fips186_2 param gen with a selected p and q size with unverifyable g',
41	},
42	{
43	algorithm => 'DHX',
44	pkeyopts => [ 'type:fips186_2', 'dh_paramgen_prime_len:1024', 'dh_paramgen_subprime_len:160' ],
45	message => 'DHX fips186_2 param gen with a selected p and q size using aliased',
46	expect => [ "BEGIN X9.42 DH PARAMETERS" ],
47	},
48	{
49	algorithm => 'DH',
50	pkeyopts => [ 'type:fips186_2', 'dh_paramgen_prime_len:1024', 'dh_paramgen_subprime_len:160' ],
51	message => 'DH fips186_2 param gen with a selected p and q size using aliases should fail',
52	expect => [ "ERROR" ],
53	},
54	{
55	algorithm => 'DH',
56	pkeyopts => [ 'group:ffdhe2048'],
57	expect => [ 'BEGIN DH PARAMETERS', 'GROUP:' ],
58	message => 'DH named group ffdhe selection',
59	},
60	{
61	algorithm => 'DH',
62	pkeyopts => [ 'dh_param:ffdhe8192'],
63	expect => [ 'BEGIN DH PARAMETERS', 'GROUP:' ],
64	message => 'DH named group ffdhe selection using alias',
65	},
66	{
67	algorithm => 'DH',
68	pkeyopts => [ 'group:modp_3072'],
69	expect => [ 'BEGIN DH PARAMETERS', 'GROUP:' ],
70	message => 'DH named group modp selection',
71	},
72	{
73	algorithm => 'DH',
74	pkeyopts => [ 'dh_param:modp_4096'],
75	message => 'DH named group modp selection using alias',
76	expect => [ 'BEGIN DH PARAMETERS', 'GROUP:'],
77	},
78	{
79	algorithm => 'DHX',
80	pkeyopts => [ 'group:dh_2048_256' ],
81	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'GROUP:' ],
82	message => 'DHX RFC5114 named group selection',
83	},
84	{
85	algorithm => 'DHX',
86	pkeyopts => [ 'dh_param:dh_2048_224' ],
87	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'GROUP:' ],
88	message => 'DHX RFC5114 named group selection using alias',
89	},
90	{
91	algorithm => 'DHX',
92	pkeyopts => [ 'dh_rfc5114:2'],
93	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'GROUP:' ],
94	message => 'DHX RFC5114 named group selection using an id',
95	},
96	{
97	algorithm => 'DHX',
98	pkeyopts => [ 'dh_rfc5114:1', 'dh_paramgen_type:1' ],
99	expect => [ 'BEGIN X9.42 DH PARAMETERS', 'GROUP:' ],
100	message => 'DHX paramgen_type is ignored if the group is set',
101	},
102	{
103	algorithm => 'DH',
104	pkeyopts => [ 'dh_rfc5114:1', 'dh_paramgen_type:1' ],
105	expect => [ 'ERROR' ],
106	message => "Setting dh_paramgen_type to fips186 should fail for DH keys",
107	},
108	# These tests using the safeprime generator were removed as they are slow..
109	# {
110	# algorithm => 'DH',
111	# pkeyopts => [ 'type:generator', 'safeprime-generator:5'],
112	# expect => [ 'BEGIN DH PARAMETERS', 'G: 5' ],
113	# message => 'DH safe prime generator',
114	# },
115	# {
116	# algorithm => 'DH',
117	# pkeyopts => [ 'dh_paramgen_type:0', 'dh_paramgen_generator:5'],
118	# expect => [ 'BEGIN DH PARAMETERS', 'G: 5' ],
119	# message => 'DH safe prime generator using an alias',
120	# },
121	{
122	algorithm => 'DHX',
123	pkeyopts => [ 'type:generator', 'safeprime-generator:5'],
124	expect => [ 'ERROR' ],
125	message => 'safe prime generator should fail for DHX',
126	}
127	);
128
129	plan skip_all => "DH isn't supported in this build" if disabled("dh");
130
131	plan tests => scalar @testdata;
132
133	foreach my $test (@testdata) {
134	my $alg = $test->{algorithm};
135	my $msg = $test->{message};
136	my @testargs = @{ $test->{pkeyopts} };
137	my @expected = @{ $test->{expect} };
138	my @pkeyopts= ();
139	foreach (@testargs) {
140	push(@pkeyopts, '-pkeyopt');
141	push(@pkeyopts, $_);
142	}
143	my @lines;
144	if ($expected[0] eq 'ERROR') {
145	@lines = run(app(['openssl', 'genpkey', '-genparam',
146	'-algorithm', $alg, '-text', @pkeyopts],
147	stderr => undef),
148	capture => 1);
149	} else {
150	@lines = run(app(['openssl', 'genpkey', '-genparam',
151	'-algorithm', $alg, '-text', @pkeyopts]),
152	capture => 1);
153	}
154	ok(compareline(\@lines, \@expected), $msg);
155	}
156
157	# Check that the stdout output matches the expected value.
158	sub compareline {
159	my ($ref_lines, $ref_expected) = @_;
160	my @lines = @$ref_lines;
161	my @expected = @$ref_expected;
162
163	if (@lines == 0 and $expected[0] eq 'ERROR') {
164	return 1;
165	}
166	print "-----------------\n";
167	foreach (@lines) {
168	print "# ".$_;
169	}
170	print "-----------------\n";
171	foreach my $ex (@expected) {
172	if ( !grep { index($_, $ex) >= 0 } @lines) {
173	print "ERROR: Cannot find: $ex\n";
174	return 0;
175	}
176	}
177	return 1;
178	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.0.7/test/recipes/15-test_gendhparam.t@ 99371

以其他格式下載: