diff options
| author | Nicola Tuveri <nic.tuv@gmail.com> | 2019-11-11 15:52:52 +0200 |
|---|---|---|
| committer | Nicola Tuveri <nic.tuv@gmail.com> | 2020-05-26 02:11:22 +0300 |
| commit | e7bab429fb2f043165838496fb58aa257235dbe1 (patch) | |
| tree | 95de0ab8aabc33cc1e9bedb5fe142e1c66034a5b /test | |
| parent | b7bc412eafb4c252e640719f048d3ca293b64b0f (diff) | |
More testing for sign/verify through `dgst`
Add tests for signature generation and verification with `dgst` CLI for
common key types:
- RSA
- DSA
- ECDSA
(cherry picked from commit ef1e59ed833e8ed1d5f4de5b0c734da8561890e3)
This is a backport from https://github.com/openssl/openssl/pull/10410.
Support for testing EdDSA through `pkeyutl` was dropped as the required
`-rawin` option is not supported in 1.1.1.
Fixes #10687
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11939)
Diffstat (limited to 'test')
| -rw-r--r-- | test/recipes/20-test_dgst.t | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t new file mode 100644 index 0000000000..1080770f53 --- /dev/null +++ b/test/recipes/20-test_dgst.t @@ -0,0 +1,104 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT with srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_dgst"); + +plan tests => 5; + +sub tsignverify { + my $testtext = shift; + my $privkey = shift; + my $pubkey = shift; + + my $data_to_sign = srctop_file('test', 'README'); + my $other_data = srctop_file('test', 'README.external'); + + plan tests => 4; + + ok(run(app(['openssl', 'dgst', '-sign', $privkey, + '-out', 'testdgst.sig', + $data_to_sign])), + $testtext.": Generating signature"); + + ok(run(app(['openssl', 'dgst', '-prverify', $privkey, + '-signature', 'testdgst.sig', + $data_to_sign])), + $testtext.": Verify signature with private key"); + + ok(run(app(['openssl', 'dgst', '-verify', $pubkey, + '-signature', 'testdgst.sig', + $data_to_sign])), + $testtext.": Verify signature with public key"); + + ok(!run(app(['openssl', 'dgst', '-verify', $pubkey, + '-signature', 'testdgst.sig', + $other_data])), + $testtext.": Expect failure verifying mismatching data"); + + unlink 'testdgst.sig'; +} + +SKIP: { + skip "RSA is not supported by this OpenSSL build", 1 + if disabled("rsa"); + + subtest "RSA signature generation and verification with `dgst` CLI" => sub { + tsignverify("RSA", + srctop_file("test","testrsa.pem"), + srctop_file("test","testrsapub.pem")); + }; +} + +SKIP: { + skip "DSA is not supported by this OpenSSL build", 1 + if disabled("dsa"); + + subtest "DSA signature generation and verification with `dgst` CLI" => sub { + tsignverify("DSA", + srctop_file("test","testdsa.pem"), + srctop_file("test","testdsapub.pem")); + }; +} + +SKIP: { + skip "ECDSA is not supported by this OpenSSL build", 1 + if disabled("ec"); + + subtest "ECDSA signature generation and verification with `dgst` CLI" => sub { + tsignverify("ECDSA", + srctop_file("test","testec-p256.pem"), + srctop_file("test","testecpub-p256.pem")); + }; +} + +SKIP: { + skip "EdDSA is not supported by this OpenSSL build", 2 + if disabled("ec"); + + skip "EdDSA is not supported with `dgst` CLI", 2; + + subtest "Ed25519 signature generation and verification with `dgst` CLI" => sub { + tsignverify("Ed25519", + srctop_file("test","tested25519.pem"), + srctop_file("test","tested25519pub.pem")); + }; + + subtest "Ed448 signature generation and verification with `dgst` CLI" => sub { + tsignverify("Ed448", + srctop_file("test","tested448.pem"), + srctop_file("test","tested448pub.pem")); + }; +} |