20-test_dhparam_check.t@ 107935

Last change on this file since 107935 was 104078, checked in by vboxsync, 11 months ago
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
File size: 4.2 KB

Line
1	#! /usr/bin/env perl
2	# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3	#
4	# Licensed under the Apache License 2.0 (the "License"). You may not use
5	# this file except in compliance with the License. You can obtain a copy
6	# in the file LICENSE in the source distribution or at
7	# https://www.openssl.org/source/license.html
8
9
10	use strict;
11	use warnings;
12
13	use File::Spec;
14	use OpenSSL::Glob;
15	use OpenSSL::Test qw/:DEFAULT data_file/;
16	use OpenSSL::Test::Utils;
17
18	setup("test_dhparam_check");
19
20	plan skip_all => "DH isn't supported in this build"
21	if disabled("dh");
22
23	=pod Generation script
24
25	#!/bin/sh
26
27	TESTDIR=test/recipes/20-test_dhparam_check_data/valid
28	rm -rf $TESTDIR
29	mkdir -p $TESTDIR
30
31	./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:1 -out $TESTDIR/dh_5114_1.pem
32	./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:2 -out $TESTDIR/dh_5114_2.pem
33	./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:3 -out $TESTDIR/dh_5114_3.pem
34	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt dh_rfc5114:2 -out $TESTDIR/dhx_5114_2.pem
35
36	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:160 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p1024_q160_t1862.pem
37	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:224 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p1024_q224_t1862.pem
38	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:256 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p1024_q256_t1862.pem
39
40	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:160 -pkeyopt type:fips186_4 -out $TESTDIR/dhx_p1024_q160_t1864.pem
41
42	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:160 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p2048_q160_t1862.pem
43	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:224 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p2048_q224_t1862.pem
44	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:256 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p2048_q256_t1862.pem
45
46	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:224 -pkeyopt type:fips186_4 -out $TESTDIR/dhx_p2048_q224_t1864.pem
47	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:256 -pkeyopt type:fips186_4 -out $TESTDIR/dhx_p2048_q256_t1864.pem
48
49	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:3072 -pkeyopt qbits:160 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p3072_q160_t1862.pem
50	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:3072 -pkeyopt qbits:224 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p3072_q224_t1862.pem
51	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:3072 -pkeyopt qbits:256 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p3072_q256_t1862.pem
52
53	./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt group:ffdhe2048 -out $TESTDIR/dh_ffdhe2048.pem
54	./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt group:ffdhe2048 -out $TESTDIR/dhx_ffdhe2048.pem
55
56
57	=cut
58
59	my @valid = glob(data_file("valid", "*.pem"));
60	my @invalid = glob(data_file("invalid", "*.pem"));
61
62	my $num_tests = scalar @valid + scalar @invalid;
63	plan tests => 2 + 2 * $num_tests;
64
65	foreach (@valid) {
66	ok(run(app([qw{openssl dhparam -noout -check -in}, $_])));
67	ok(run(app([qw{openssl pkeyparam -noout -check -in}, $_])));
68	}
69
70	foreach (@invalid) {
71	ok(!run(app([qw{openssl dhparam -noout -check -in}, $_])));
72	ok(!run(app([qw{openssl pkeyparam -noout -check -in}, $_])));
73	}
74
75	my $tmpfile = 'out.txt';
76
77	sub contains {
78	my $expected = shift;
79	my $found = 0;
80	open(my $in, '<', $tmpfile) or die "Could not open file $tmpfile";
81	while(<$in>) {
82	$found = 1 if m/$expected/; # output must include $expected
83	}
84	close $in;
85	return $found;
86	}
87
88	# Check that if we load dh params with only a 'p' and 'g' that it detects
89	# that this is actually a valid named group.
90	ok(run(app([qw{openssl pkeyparam -text -in}, data_file("valid/dh_ffdhe2048.pem")], stdout => $tmpfile)));
91	ok(contains("ffdhe2048"))

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.1.7/test/recipes/20-test_dhparam_check.t@ 107935

Download in other formats: