| 1 | #! /usr/bin/env perl
|
|---|
| 2 | # Copyright 2017-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 3 | #
|
|---|
| 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 5 | # this file except in compliance with the License. You can obtain a copy
|
|---|
| 6 | # in the file LICENSE in the source distribution or at
|
|---|
| 7 | # https://www.openssl.org/source/license.html
|
|---|
| 8 |
|
|---|
| 9 |
|
|---|
| 10 | use strict;
|
|---|
| 11 | use warnings;
|
|---|
| 12 |
|
|---|
| 13 | use File::Spec;
|
|---|
| 14 | use OpenSSL::Test qw/:DEFAULT with srctop_file data_file/;
|
|---|
| 15 | use OpenSSL::Test::Utils;
|
|---|
| 16 |
|
|---|
| 17 | setup("test_rsapss");
|
|---|
| 18 |
|
|---|
| 19 | plan tests => 18;
|
|---|
| 20 |
|
|---|
| 21 | #using test/testrsa.pem which happens to be a 512 bit RSA
|
|---|
| 22 | ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
|
|---|
| 23 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 24 | '-sigopt', 'rsa_pss_saltlen:max',
|
|---|
| 25 | '-sigopt', 'rsa_mgf1_md:sha512',
|
|---|
| 26 | '-out', 'testrsapss-restricted.sig',
|
|---|
| 27 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 28 | "openssl dgst -sign [plain RSA key, PSS padding mode, PSS restrictions]");
|
|---|
| 29 |
|
|---|
| 30 | ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
|
|---|
| 31 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 32 | '-out', 'testrsapss-unrestricted.sig',
|
|---|
| 33 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 34 | "openssl dgst -sign [plain RSA key, PSS padding mode, no PSS restrictions]");
|
|---|
| 35 |
|
|---|
| 36 | ok(!run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512',
|
|---|
| 37 | '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
|
|---|
| 38 | '-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])),
|
|---|
| 39 | "openssl dgst -sign, expect to fail gracefully");
|
|---|
| 40 |
|
|---|
| 41 | ok(!run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512',
|
|---|
| 42 | '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:2147483647',
|
|---|
| 43 | '-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])),
|
|---|
| 44 | "openssl dgst -sign, expect to fail gracefully");
|
|---|
| 45 |
|
|---|
| 46 | ok(!run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512',
|
|---|
| 47 | '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
|
|---|
| 48 | '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig',
|
|---|
| 49 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 50 | "openssl dgst -prverify, expect to fail gracefully");
|
|---|
| 51 |
|
|---|
| 52 | ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
|
|---|
| 53 | '-sha1',
|
|---|
| 54 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 55 | '-sigopt', 'rsa_pss_saltlen:max',
|
|---|
| 56 | '-sigopt', 'rsa_mgf1_md:sha512',
|
|---|
| 57 | '-signature', 'testrsapss-restricted.sig',
|
|---|
| 58 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 59 | "openssl dgst -prverify [plain RSA key, PSS padding mode, PSS restrictions]");
|
|---|
| 60 |
|
|---|
| 61 | ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
|
|---|
| 62 | '-sha1',
|
|---|
| 63 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 64 | '-sigopt', 'rsa_pss_saltlen:42',
|
|---|
| 65 | '-sigopt', 'rsa_mgf1_md:sha512',
|
|---|
| 66 | '-signature', 'testrsapss-restricted.sig',
|
|---|
| 67 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 68 | "openssl dgst -sign rsa512bit.pem -sha1 -sigopt rsa_pss_saltlen:max produces 42 bits of PSS salt");
|
|---|
| 69 |
|
|---|
| 70 | ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
|
|---|
| 71 | '-sha1',
|
|---|
| 72 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 73 | '-sigopt', 'rsa_pss_saltlen:auto-digestmax',
|
|---|
| 74 | '-sigopt', 'rsa_mgf1_md:sha512',
|
|---|
| 75 | '-signature', 'testrsapss-restricted.sig',
|
|---|
| 76 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 77 | "openssl dgst -prverify rsa512bit.pem -sha1 -sigopt rsa_pss_saltlen:auto-digestmax verifies signatures with saltlen > digestlen");
|
|---|
| 78 |
|
|---|
| 79 | ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
|
|---|
| 80 | '-sha1',
|
|---|
| 81 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 82 | '-signature', 'testrsapss-unrestricted.sig',
|
|---|
| 83 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 84 | "openssl dgst -prverify [plain RSA key, PSS padding mode, no PSS restrictions]");
|
|---|
| 85 |
|
|---|
| 86 | ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
|
|---|
| 87 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 88 | '-sigopt', 'rsa_pss_saltlen:auto-digestmax',
|
|---|
| 89 | '-out', 'testrsapss-sha1-autodigestmax.sig',
|
|---|
| 90 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 91 | "openssl dgst -sign -sha1 -rsa_pss_saltlen:auto-digestmax");
|
|---|
| 92 | ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1',
|
|---|
| 93 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 94 | '-sigopt', 'rsa_pss_saltlen:20',
|
|---|
| 95 | '-signature', 'testrsapss-sha1-autodigestmax.sig',
|
|---|
| 96 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 97 | "openssl dgst -sign -sha1 -rsa_padding_mode:auto-digestmax produces 20 (i.e., digestlen) bits of PSS salt");
|
|---|
| 98 |
|
|---|
| 99 | ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha256',
|
|---|
| 100 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 101 | '-sigopt', 'rsa_pss_saltlen:auto-digestmax',
|
|---|
| 102 | '-out', 'testrsapss-sha256-autodigestmax.sig',
|
|---|
| 103 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 104 | "openssl dgst -sign -sha256 -rsa_pss_saltlen:auto-digestmax");
|
|---|
| 105 | ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha256',
|
|---|
| 106 | '-sigopt', 'rsa_padding_mode:pss',
|
|---|
| 107 | '-sigopt', 'rsa_pss_saltlen:30',
|
|---|
| 108 | '-signature', 'testrsapss-sha256-autodigestmax.sig',
|
|---|
| 109 | srctop_file('test', 'testrsa.pem')])),
|
|---|
| 110 | "openssl dgst -sign rsa512bit.pem -sha256 -rsa_padding_mode:auto-digestmax produces 30 bits of PSS salt (due to 512bit key)");
|
|---|
| 111 |
|
|---|
| 112 | # Test that RSA-PSS keys are supported by genpkey and rsa commands.
|
|---|
| 113 | {
|
|---|
| 114 | my $rsapss = "rsapss.key";
|
|---|
| 115 | ok(run(app(['openssl', 'genpkey', '-algorithm', 'RSA-PSS',
|
|---|
| 116 | '-pkeyopt', 'rsa_keygen_bits:1024',
|
|---|
| 117 | '-pkeyopt', 'rsa_keygen_pubexp:65537',
|
|---|
| 118 | '-pkeyopt', 'rsa_keygen_primes:2',
|
|---|
| 119 | '--out', $rsapss])));
|
|---|
| 120 | ok(run(app(['openssl', 'rsa', '-check',
|
|---|
| 121 | '-in', $rsapss])));
|
|---|
| 122 | }
|
|---|
| 123 |
|
|---|
| 124 | ok(!run(app([ 'openssl', 'rsa',
|
|---|
| 125 | '-in' => data_file('negativesaltlen.pem')],
|
|---|
| 126 | '-out' => 'badout')));
|
|---|
| 127 |
|
|---|
| 128 | ok(run(app(['openssl', 'genpkey', '-algorithm', 'RSA-PSS', '-pkeyopt', 'rsa_keygen_bits:1024',
|
|---|
| 129 | '-pkeyopt', 'rsa_pss_keygen_md:SHA256', '-pkeyopt', 'rsa_pss_keygen_saltlen:10',
|
|---|
| 130 | '-out', 'testrsapss.pem'])),
|
|---|
| 131 | "openssl genpkey RSA-PSS with pss parameters");
|
|---|
| 132 | ok(run(app(['openssl', 'pkey', '-in', 'testrsapss.pem', '-pubout', '-text'])),
|
|---|
| 133 | "openssl pkey, execute rsa_pub_encode with pss parameters");
|
|---|
| 134 | unlink 'testrsapss.pem';
|
|---|
