Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: 6594baf645
Branches Tags
openssl
/
test
/
recipes
/
20-test_dhparam_check.t

20-test_dhparam_check.t 4.2 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. #! /usr/bin/env perl
    2. 

  2. # Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3. #
    4. 

  4. # Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5. # this file except in compliance with the License.  You can obtain a copy
    6. 

  6. # in the file LICENSE in the source distribution or at
    7. 

  7. # https://www.openssl.org/source/license.html
    8. 

  8. 

  9. 

  10. use strict;
    11. 

  11. use warnings;
    12. 

  12. 

  13. use File::Spec;
    14. 

  14. use OpenSSL::Glob;
    15. 

  15. use OpenSSL::Test qw/:DEFAULT data_file/;
    16. 

  16. use OpenSSL::Test::Utils;
    17. 

  17. 

  18. setup("test_dhparam_check");
    19. 

  19. 

  20. plan skip_all => "DH isn't supported in this build"
    21. 

  21.     if disabled("dh");
    22. 

  22. 

  23. =pod Generation script
    24. 

  24. 

  25. #!/bin/sh
    26. 

  26. 

  27. TESTDIR=test/recipes/20-test_dhparam_check_data/valid
    28. 

  28. rm -rf $TESTDIR
    29. 

  29. mkdir -p $TESTDIR
    30. 

  30. 

  31. ./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:1 -out $TESTDIR/dh_5114_1.pem
    32. 

  32. ./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:2 -out $TESTDIR/dh_5114_2.pem
    33. 

  33. ./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:3 -out $TESTDIR/dh_5114_3.pem
    34. 

  34. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt dh_rfc5114:2 -out $TESTDIR/dhx_5114_2.pem
    35. 

  35. 

  36. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:160 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p1024_q160_t1862.pem
    37. 

  37. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:224 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p1024_q224_t1862.pem
    38. 

  38. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:256 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p1024_q256_t1862.pem
    39. 

  39. 

  40. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:1024 -pkeyopt qbits:160 -pkeyopt type:fips186_4 -out $TESTDIR/dhx_p1024_q160_t1864.pem
    41. 

  41. 

  42. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:160 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p2048_q160_t1862.pem
    43. 

  43. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:224 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p2048_q224_t1862.pem
    44. 

  44. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:256 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p2048_q256_t1862.pem
    45. 

  45. 

  46. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:224 -pkeyopt type:fips186_4 -out $TESTDIR/dhx_p2048_q224_t1864.pem
    47. 

  47. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:2048 -pkeyopt qbits:256 -pkeyopt type:fips186_4 -out $TESTDIR/dhx_p2048_q256_t1864.pem
    48. 

  48. 

  49. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:3072 -pkeyopt qbits:160 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p3072_q160_t1862.pem
    50. 

  50. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:3072 -pkeyopt qbits:224 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p3072_q224_t1862.pem
    51. 

  51. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt pbits:3072 -pkeyopt qbits:256 -pkeyopt type:fips186_2 -out $TESTDIR/dhx_p3072_q256_t1862.pem
    52. 

  52. 

  53. ./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt group:ffdhe2048 -out $TESTDIR/dh_ffdhe2048.pem
    54. 

  54. ./util/opensslwrap.sh genpkey -genparam -algorithm DHX -pkeyopt group:ffdhe2048 -out $TESTDIR/dhx_ffdhe2048.pem
    55. 

  55. 

  56. 

  57. =cut
    58. 

  58. 

  59. my @valid = glob(data_file("valid", "*.pem"));
    60. 

  60. my @invalid = glob(data_file("invalid", "*.pem"));
    61. 

  61. 

  62. my $num_tests = scalar @valid + scalar @invalid;
    63. 

  63. plan tests => 2 + 2 * $num_tests;
    64. 

  64. 

  65. foreach (@valid) {
    66. 

  66.     ok(run(app([qw{openssl dhparam -noout -check -in}, $_])));
    67. 

  67.     ok(run(app([qw{openssl pkeyparam -noout -check -in}, $_])));
    68. 

  68. }
    69. 

  69. 

  70. foreach (@invalid) {
    71. 

  71.     ok(!run(app([qw{openssl dhparam -noout -check -in}, $_])));
    72. 

  72.     ok(!run(app([qw{openssl pkeyparam -noout -check -in}, $_])));
    73. 

  73. }
    74. 

  74. 

  75. my $tmpfile = 'out.txt';
    76. 

  76. 

  77. sub contains {
    78. 

  78.     my $expected = shift;
    79. 

  79.     my $found = 0;
    80. 

  80.     open(my $in, '<', $tmpfile) or die "Could not open file $tmpfile";
    81. 

  81.     while(<$in>) {
    82. 

  82.         $found = 1 if m/$expected/; # output must include $expected
    83. 

  83.     }
    84. 

  84.     close $in;
    85. 

  85.     return $found;
    86. 

  86. }
    87. 

  87. 

  88. # Check that if we load dh params with only a 'p' and 'g' that it detects
    89. 

  89. # that this is actually a valid named group.
    90. 

  90. ok(run(app([qw{openssl pkeyparam -text -in}, data_file("valid/dh_ffdhe2048.pem")], stdout => $tmpfile)));
    91. 

  91. ok(contains("ffdhe2048"))
    92.