diff options
author | Viktor Söderqvist <viktor.soderqvist@est.tech> | 2021-04-28 10:54:57 +0200 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2022-04-02 10:42:16 -0400 |
commit | 07342bad1bf850657e1a1f21188ee9a8a75e3a19 (patch) | |
tree | f9b918931dd10d5a1e58a3a7c039eb29b1e39a7c /test/recipes/80-test_cms.t | |
parent | e4cdcb8bc44250aa4e0893dc4a7d64668f0fb949 (diff) |
CMS sign digest
CLI changes: New parameter -digest to CLI command openssl cms, to
provide pre-computed digest for use with -sign.
API changes: New function CMS_final_digest(), like CMS_final() but
uses a pre-computed digest instead of computing it from the data.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/15348)
Diffstat (limited to 'test/recipes/80-test_cms.t')
-rw-r--r-- | test/recipes/80-test_cms.t | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 48a92f735d..61d46a0e80 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -50,7 +50,7 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) $no_rc2 = 1 if disabled("legacy"); -plan tests => 12; +plan tests => 14; ok(run(test(["pkcs7_test"])), "test pkcs7"); @@ -847,6 +847,48 @@ subtest "CMS binary input tests\n" => sub { "verify binary input with -binary missing -crlfeol"); }; +subtest "CMS signed digest, DER format" => sub { + plan tests => 2; + + # Pre-computed SHA256 digest of $smcont in hexadecimal form + my $digest = "ff236ef61b396355f75a4cc6e1c306d4c309084ae271a9e2ad6888f10a101b32"; + + my $sig_file = "signature.der"; + ok(run(app(["openssl", "cms", @prov, "-sign", "-digest", $digest, + "-outform", "DER", + "-certfile", catfile($smdir, "smroot.pem"), + "-signer", catfile($smdir, "smrsa1.pem"), + "-out", $sig_file])), + "CMS sign pre-computed digest, DER format"); + + ok(run(app(["openssl", "cms", @prov, "-verify", "-in", $sig_file, + "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), + "-content", $smcont])), + "Verify CMS signed digest, DER format"); +}; + +subtest "CMS signed digest, S/MIME format" => sub { + plan tests => 2; + + # Pre-computed SHA256 digest of $smcont in hexadecimal form + my $digest = "ff236ef61b396355f75a4cc6e1c306d4c309084ae271a9e2ad6888f10a101b32"; + + my $sig_file = "signature.smime"; + ok(run(app(["openssl", "cms", @prov, "-sign", "-digest", $digest, + "-outform", "SMIME", + "-certfile", catfile($smdir, "smroot.pem"), + "-signer", catfile($smdir, "smrsa1.pem"), + "-out", $sig_file])), + "CMS sign pre-computed digest, S/MIME format"); + + ok(run(app(["openssl", "cms", @prov, "-verify", "-in", $sig_file, + "-inform", "SMIME", + "-CAfile", catfile($smdir, "smroot.pem"), + "-content", $smcont])), + "Verify CMS signed digest, S/MIME format"); +}; + sub check_availability { my $tnam = shift; |