diff options
Diffstat (limited to 'test/recipes')
-rw-r--r-- | test/recipes/15-test_genrsa.t | 62 | ||||
-rw-r--r-- | test/recipes/15-test_mp_rsa.t | 34 | ||||
-rw-r--r-- | test/recipes/15-test_rsa.t | 56 |
3 files changed, 101 insertions, 51 deletions
diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t index d7d146a1d9..0ec0e65f18 100644 --- a/test/recipes/15-test_genrsa.t +++ b/test/recipes/15-test_genrsa.t @@ -16,10 +16,18 @@ use OpenSSL::Test::Utils; setup("test_genrsa"); -plan tests => 5; +plan tests => 9; # We want to know that an absurdly small number of bits isn't support -is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "genrsa -3 8"); +if (disabled("deprecated-3.0")) { + is(run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem', + '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_bits:8', + '-pkeyopt', 'rsa_keygen_pubexp:3'])), + 0, "genrsa -3 8"); +} else { + is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), + 0, "genrsa -3 8"); +} # Depending on the shared library, we might have different lower limits. # Let's find it! This is a simple binary search @@ -29,10 +37,21 @@ is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "ge note "Looking for lowest amount of bits"; my $bad = 3; # Log2 of number of bits (2 << 3 == 8) my $good = 11; # Log2 of number of bits (2 << 11 == 2048) +my $fin; while ($good > $bad + 1) { my $checked = int(($good + $bad + 1) / 2); - if (run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', - 2 ** $checked ], stderr => undef))) { + my $bits = 2 ** $checked; + if (disabled("deprecated-3.0")) { + $fin = run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem', + '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_pubexp:3', + '-pkeyopt', "rsa_keygen_bits:$bits", + ], stderr => undef)); + } else { + $fin = run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', + $bits + ], stderr => undef)); + } + if ($fin) { note 2 ** $checked, " bits is good"; $good = $checked; } else { @@ -44,11 +63,30 @@ $good++ if $good == $bad; $good = 2 ** $good; note "Found lowest allowed amount of bits to be $good"; -ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])), - "genrsa -3 $good"); -ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), - "rsa -check"); -ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])), - "genrsa -f4 $good"); -ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), - "rsa -check"); +ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA', + '-pkeyopt', 'rsa_keygen_pubexp:3', + '-pkeyopt', "rsa_keygen_bits:$good", + '-out', 'genrsatest.pem' ])), + "genpkey -3 $good"); +ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])), + "pkey -check"); +ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA', + '-pkeyopt', 'rsa_keygen_pubexp:65537', + '-pkeyopt', "rsa_keygen_bits:$good", + '-out', 'genrsatest.pem' ])), + "genpkey -f4 $good"); +ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])), + "pkey -check"); + + SKIP: { + skip "Skipping rsa command line test", 4 if disabled("deprecated-3.0"); + + ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])), + "genrsa -3 $good"); + ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), + "rsa -check"); + ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])), + "genrsa -f4 $good"); + ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), + "rsa -check"); +} diff --git a/test/recipes/15-test_mp_rsa.t b/test/recipes/15-test_mp_rsa.t index 4a4ac3569d..6ecf80c4e2 100644 --- a/test/recipes/15-test_mp_rsa.t +++ b/test/recipes/15-test_mp_rsa.t @@ -17,12 +17,6 @@ use OpenSSL::Test::Utils; setup("test_mp_rsa"); -plan tests => 31; - -ok(run(test(["rsa_mp_test"])), "running rsa multi prime test"); - -my $cleartext = data_file("plain_text"); - my @test_param = ( # 3 primes, 2048-bit { @@ -41,8 +35,14 @@ my @test_param = ( }, ); +plan tests => 1 + scalar(@test_param) * 5 * (disabled('deprecated-3.0') ? 1 : 2); + +ok(run(test(["rsa_mp_test"])), "running rsa multi prime test"); + +my $cleartext = data_file("plain_text"); + # genrsa -run_mp_tests(0); +run_mp_tests(0) if !disabled('deprecated-3.0'); # evp run_mp_tests(1); @@ -60,17 +60,9 @@ sub run_mp_tests { '-pkeyopt', "rsa_keygen_primes:$primes", '-pkeyopt', "rsa_keygen_bits:$bits"])), "genrsa $name"); - } else { - ok(run(app([ 'openssl', 'genrsa', '-out', "rsamptest-$name.pem", - '-primes', $primes, $bits])), - "genrsa $name"); - } - - ok(run(app([ 'openssl', 'rsa', '-check', '-in', "rsamptest-$name.pem", - '-noout'])), - "rsa -check $name"); - - if ($evp) { + ok(run(app([ 'openssl', 'pkey', '-check', + '-in', "rsamptest-$name.pem", '-noout'])), + "rsa -check $name"); ok(run(app([ 'openssl', 'pkeyutl', '-inkey', "rsamptest-$name.pem", '-encrypt', '-in', $cleartext, '-out', "rsamptest-$name.enc" ])), @@ -80,6 +72,11 @@ sub run_mp_tests { '-out', "rsamptest-$name.dec" ])), "rsa $name decrypt"); } else { + ok(run(app([ 'openssl', 'genrsa', '-out', "rsamptest-$name.pem", + '-primes', $primes, $bits])), "genrsa $name"); + ok(run(app([ 'openssl', 'rsa', '-check', + '-in', "rsamptest-$name.pem", '-noout'])), + "rsa -check $name"); ok(run(app([ 'openssl', 'rsautl', '-inkey', "rsamptest-$name.pem", '-encrypt', '-in', $cleartext, '-out', "rsamptest-$name.enc" ])), @@ -89,7 +86,6 @@ sub run_mp_tests { '-out', "rsamptest-$name.dec" ])), "rsa $name decrypt"); } - ok(check_msg("rsamptest-$name.dec"), "rsa $name check result"); } } diff --git a/test/recipes/15-test_rsa.t b/test/recipes/15-test_rsa.t index 3b1a0fcd5d..2e8afa8213 100644 --- a/test/recipes/15-test_rsa.t +++ b/test/recipes/15-test_rsa.t @@ -16,32 +16,48 @@ use OpenSSL::Test::Utils; setup("test_rsa"); -plan tests => 6; +#plan skip_all => "RSA command line tool not built" +# if disabled("deprecated-3.0"); -require_ok(srctop_file('test','recipes','tconversion.pl')); +plan tests => 10; + +require_ok(srctop_file('test', 'recipes', 'tconversion.pl')); ok(run(test(["rsa_test"])), "running rsatest"); -ok(run(app([ 'openssl', 'rsa', '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])), "rsa -check"); +run_rsa_tests("pkey"); SKIP: { - skip "Skipping rsa conversion test", 3 - if disabled("rsa"); - - subtest 'rsa conversions -- private key' => sub { - tconversion("rsa", srctop_file("test","testrsa.pem")); - }; - subtest 'rsa conversions -- private key PKCS#8' => sub { - tconversion("rsa", srctop_file("test","testrsa.pem"), "pkey"); - }; -} + skip "Skipping rsa command line tests", 4 if disabled('deprecated-3.0'); - SKIP: { - skip "Skipping msblob conversion test", 1 - if disabled("rsa") || disabled("dsa"); + run_rsa_tests("rsa"); +} - subtest 'rsa conversions -- public key' => sub { - tconversion("msb", srctop_file("test","testrsapub.pem"), "rsa", - "-pubin", "-pubout"); - }; +sub run_rsa_tests { + my $cmd = shift; + + ok(run(app([ 'openssl', $cmd, '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])), + "$cmd -check" ); + + SKIP: { + skip "Skipping $cmd conversion test", 3 + if disabled("rsa"); + + subtest "$cmd conversions -- private key" => sub { + tconversion($cmd, srctop_file("test", "testrsa.pem")); + }; + subtest "$cmd conversions -- private key PKCS#8" => sub { + tconversion($cmd, srctop_file("test", "testrsa.pem"), "pkey"); + }; + } + + SKIP: { + skip "Skipping msblob conversion test", 1 + if disabled($cmd) || disabled("dsa") || $cmd == 'pkey'; + + subtest "$cmd conversions -- public key" => sub { + tconversion("msb", srctop_file("test", "testrsapub.pem"), "rsa", + "-pubin", "-pubout"); + }; + } } |