#! /usr/bin/env perl
# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use POSIX;
use File::Spec::Functions qw/catfile/;
use File::Compare qw/compare_text compare/;
use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file bldtop_dir bldtop_file/;
use OpenSSL::Test::Utils;
BEGIN {
setup("test_cms");
}
use lib srctop_dir('Configurations');
use lib bldtop_dir('.');
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
plan skip_all => "CMS is not supported by this OpenSSL build"
if disabled("cms");
my $provpath = bldtop_dir("providers");
# Some tests require legacy algorithms to be included.
my @legacyprov = ("-provider-path", $provpath,
"-provider", "default",
"-provider", "legacy" );
my @defaultprov = ("-provider-path", $provpath,
"-provider", "default");
my @config = ( );
my $provname = 'default';
my $datadir = srctop_dir("test", "recipes", "80-test_cms_data");
my $smdir = srctop_dir("test", "smime-certs");
my $smcont = srctop_file("test", "smcont.txt");
my $smcont_zero = srctop_file("test", "smcont_zero.txt");
my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
= disabled qw/des dh dsa ec ec2m rc2 zlib/;
$no_rc2 = 1 if disabled("legacy");
plan tests => 15;
ok(run(test(["pkcs7_test"])), "test pkcs7");
unless ($no_fips) {
@config = ( "-config", srctop_file("test", "fips-and-base.cnf") );
$provname = 'fips';
}
$ENV{OPENSSL_TEST_LIBCTX} = "1";
my @prov = ("-provider-path", $provpath,
@config,
"-provider", $provname);
my $smrsa1 = catfile($smdir, "smrsa1.pem");
my $smroot = catfile($smdir, "smroot.pem");
my @smime_pkcs7_tests = (
[ "signed content DER format, RSA key",
[ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
"-certfile", $smroot, "-signer", $smrsa1, "-out", "{output}.cms" ],
[ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
"-CAfile", $smroot, "-out", "{output}.txt" ],
\&final_compare
],
[ "signed detached content DER format, RSA key",
[ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
"-signer", $smrsa1, "-out", "{output}.cms" ],
[ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
"-CAfile", $smroot, "-out", "{output}.txt",
"-content", $smcont ],
\&final_compare
],
[ "signed content test streaming BER format, RSA",
[ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
"-stream",
"-signer", $smrsa1, "-out", "{output}.cms" ],
[ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
"-CAfile", $smroot, "-out", "{output}.txt" ],
\&final_compare
],
[ "signed content DER format, DSA key",
[ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
"-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],
[ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
"-CAfile", $smroot, "-out", "{output}.txt" ],
\&final_compare
],
[ "signed detached content DER format, DSA key",
[ "{cmd1}", @prov, "-sign", "-in", $smcont, &qu