summaryrefslogtreecommitdiffstats
path: root/test/recipes
diff options
context:
space:
mode:
Diffstat (limited to 'test/recipes')
-rw-r--r--test/recipes/15-test_genrsa.t62
-rw-r--r--test/recipes/15-test_mp_rsa.t34
-rw-r--r--test/recipes/15-test_rsa.t56
3 files changed, 101 insertions, 51 deletions
diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t
index d7d146a1d9..0ec0e65f18 100644
--- a/test/recipes/15-test_genrsa.t
+++ b/test/recipes/15-test_genrsa.t
@@ -16,10 +16,18 @@ use OpenSSL::Test::Utils;
setup("test_genrsa");
-plan tests => 5;
+plan tests => 9;
# We want to know that an absurdly small number of bits isn't support
-is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "genrsa -3 8");
+if (disabled("deprecated-3.0")) {
+ is(run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',
+ '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_bits:8',
+ '-pkeyopt', 'rsa_keygen_pubexp:3'])),
+ 0, "genrsa -3 8");
+} else {
+ is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])),
+ 0, "genrsa -3 8");
+}
# Depending on the shared library, we might have different lower limits.
# Let's find it! This is a simple binary search
@@ -29,10 +37,21 @@ is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "ge
note "Looking for lowest amount of bits";
my $bad = 3; # Log2 of number of bits (2 << 3 == 8)
my $good = 11; # Log2 of number of bits (2 << 11 == 2048)
+my $fin;
while ($good > $bad + 1) {
my $checked = int(($good + $bad + 1) / 2);
- if (run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem',
- 2 ** $checked ], stderr => undef))) {
+ my $bits = 2 ** $checked;
+ if (disabled("deprecated-3.0")) {
+ $fin = run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',
+ '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_pubexp:3',
+ '-pkeyopt', "rsa_keygen_bits:$bits",
+ ], stderr => undef));
+ } else {
+ $fin = run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem',
+ $bits
+ ], stderr => undef));
+ }
+ if ($fin) {
note 2 ** $checked, " bits is good";
$good = $checked;
} else {
@@ -44,11 +63,30 @@ $good++ if $good == $bad;
$good = 2 ** $good;
note "Found lowest allowed amount of bits to be $good";
-ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])),
- "genrsa -3 $good");
-ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
- "rsa -check");
-ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])),
- "genrsa -f4 $good");
-ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
- "rsa -check");
+ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
+ '-pkeyopt', 'rsa_keygen_pubexp:3',
+ '-pkeyopt', "rsa_keygen_bits:$good",
+ '-out', 'genrsatest.pem' ])),
+ "genpkey -3 $good");
+ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+ "pkey -check");
+ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
+ '-pkeyopt', 'rsa_keygen_pubexp:65537',
+ '-pkeyopt', "rsa_keygen_bits:$good",
+ '-out', 'genrsatest.pem' ])),
+ "genpkey -f4 $good");
+ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+ "pkey -check");
+
+ SKIP: {
+ skip "Skipping rsa command line test", 4 if disabled("deprecated-3.0");
+
+ ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])),
+ "genrsa -3 $good");
+ ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+ "rsa -check");
+ ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])),
+ "genrsa -f4 $good");
+ ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+ "rsa -check");
+}
diff --git a/test/recipes/15-test_mp_rsa.t b/test/recipes/15-test_mp_rsa.t
index 4a4ac3569d..6ecf80c4e2 100644
--- a/test/recipes/15-test_mp_rsa.t
+++ b/test/recipes/15-test_mp_rsa.t
@@ -17,12 +17,6 @@ use OpenSSL::Test::Utils;
setup("test_mp_rsa");
-plan tests => 31;
-
-ok(run(test(["rsa_mp_test"])), "running rsa multi prime test");
-
-my $cleartext = data_file("plain_text");
-
my @test_param = (
# 3 primes, 2048-bit
{
@@ -41,8 +35,14 @@ my @test_param = (
},
);
+plan tests => 1 + scalar(@test_param) * 5 * (disabled('deprecated-3.0') ? 1 : 2);
+
+ok(run(test(["rsa_mp_test"])), "running rsa multi prime test");
+
+my $cleartext = data_file("plain_text");
+
# genrsa
-run_mp_tests(0);
+run_mp_tests(0) if !disabled('deprecated-3.0');
# evp
run_mp_tests(1);
@@ -60,17 +60,9 @@ sub run_mp_tests {
'-pkeyopt', "rsa_keygen_primes:$primes",
'-pkeyopt', "rsa_keygen_bits:$bits"])),
"genrsa $name");
- } else {
- ok(run(app([ 'openssl', 'genrsa', '-out', "rsamptest-$name.pem",
- '-primes', $primes, $bits])),
- "genrsa $name");
- }
-
- ok(run(app([ 'openssl', 'rsa', '-check', '-in', "rsamptest-$name.pem",
- '-noout'])),
- "rsa -check $name");
-
- if ($evp) {
+ ok(run(app([ 'openssl', 'pkey', '-check',
+ '-in', "rsamptest-$name.pem", '-noout'])),
+ "rsa -check $name");
ok(run(app([ 'openssl', 'pkeyutl', '-inkey', "rsamptest-$name.pem",
'-encrypt', '-in', $cleartext,
'-out', "rsamptest-$name.enc" ])),
@@ -80,6 +72,11 @@ sub run_mp_tests {
'-out', "rsamptest-$name.dec" ])),
"rsa $name decrypt");
} else {
+ ok(run(app([ 'openssl', 'genrsa', '-out', "rsamptest-$name.pem",
+ '-primes', $primes, $bits])), "genrsa $name");
+ ok(run(app([ 'openssl', 'rsa', '-check',
+ '-in', "rsamptest-$name.pem", '-noout'])),
+ "rsa -check $name");
ok(run(app([ 'openssl', 'rsautl', '-inkey', "rsamptest-$name.pem",
'-encrypt', '-in', $cleartext,
'-out', "rsamptest-$name.enc" ])),
@@ -89,7 +86,6 @@ sub run_mp_tests {
'-out', "rsamptest-$name.dec" ])),
"rsa $name decrypt");
}
-
ok(check_msg("rsamptest-$name.dec"), "rsa $name check result");
}
}
diff --git a/test/recipes/15-test_rsa.t b/test/recipes/15-test_rsa.t
index 3b1a0fcd5d..2e8afa8213 100644
--- a/test/recipes/15-test_rsa.t
+++ b/test/recipes/15-test_rsa.t
@@ -16,32 +16,48 @@ use OpenSSL::Test::Utils;
setup("test_rsa");
-plan tests => 6;
+#plan skip_all => "RSA command line tool not built"
+# if disabled("deprecated-3.0");
-require_ok(srctop_file('test','recipes','tconversion.pl'));
+plan tests => 10;
+
+require_ok(srctop_file('test', 'recipes', 'tconversion.pl'));
ok(run(test(["rsa_test"])), "running rsatest");
-ok(run(app([ 'openssl', 'rsa', '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])), "rsa -check");
+run_rsa_tests("pkey");
SKIP: {
- skip "Skipping rsa conversion test", 3
- if disabled("rsa");
-
- subtest 'rsa conversions -- private key' => sub {
- tconversion("rsa", srctop_file("test","testrsa.pem"));
- };
- subtest 'rsa conversions -- private key PKCS#8' => sub {
- tconversion("rsa", srctop_file("test","testrsa.pem"), "pkey");
- };
-}
+ skip "Skipping rsa command line tests", 4 if disabled('deprecated-3.0');
- SKIP: {
- skip "Skipping msblob conversion test", 1
- if disabled("rsa") || disabled("dsa");
+ run_rsa_tests("rsa");
+}
- subtest 'rsa conversions -- public key' => sub {
- tconversion("msb", srctop_file("test","testrsapub.pem"), "rsa",
- "-pubin", "-pubout");
- };
+sub run_rsa_tests {
+ my $cmd = shift;
+
+ ok(run(app([ 'openssl', $cmd, '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])),
+ "$cmd -check" );
+
+ SKIP: {
+ skip "Skipping $cmd conversion test", 3
+ if disabled("rsa");
+
+ subtest "$cmd conversions -- private key" => sub {
+ tconversion($cmd, srctop_file("test", "testrsa.pem"));
+ };
+ subtest "$cmd conversions -- private key PKCS#8" => sub {
+ tconversion($cmd, srctop_file("test", "testrsa.pem"), "pkey");
+ };
+ }
+
+ SKIP: {
+ skip "Skipping msblob conversion test", 1
+ if disabled($cmd) || disabled("dsa") || $cmd == 'pkey';
+
+ subtest "$cmd conversions -- public key" => sub {
+ tconversion("msb", srctop_file("test", "testrsapub.pem"), "rsa",
+ "-pubin", "-pubout");
+ };
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-16 15:06:20 +0000