20-test_enc.t 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. #! /usr/bin/env perl
  2. # Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. #
  4. # Licensed under the Apache License 2.0 (the "License"). You may not use
  5. # this file except in compliance with the License. You can obtain a copy
  6. # in the file LICENSE in the source distribution or at
  7. # https://www.openssl.org/source/license.html
  8. use strict;
  9. use warnings;
  10. use File::Spec::Functions qw/catfile/;
  11. use File::Copy;
  12. use File::Compare qw/compare_text/;
  13. use File::Basename;
  14. use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/;
  15. use OpenSSL::Test::Utils;
  16. setup("test_enc");
  17. plan skip_all => "Deprecated functions are disabled in this OpenSSL build"
  18. if disabled("deprecated");
  19. # We do it this way, because setup() may have moved us around,
  20. # so the directory portion of $0 might not be correct any more.
  21. # However, the name hasn't changed.
  22. my $testsrc = srctop_file("test","recipes",basename($0));
  23. my $test = catfile(".", "p");
  24. my $cmd = "openssl";
  25. my $provpath = bldtop_dir("providers");
  26. my @prov = ("-provider-path", $provpath, "-provider", "default");
  27. push @prov, ("-provider", "legacy") unless disabled("legacy");
  28. my $ciphersstatus = undef;
  29. my @ciphers =
  30. map { s/^\s+//; s/\s+$//; split /\s+/ }
  31. run(app([$cmd, "list", "-cipher-commands"]),
  32. capture => 1, statusvar => \$ciphersstatus);
  33. @ciphers = grep {!/^(bf|cast|des$|des-cbc|des-cfb|des-ecb|des-ofb|desx|idea
  34. |rc2|rc4|seed)/x} @ciphers
  35. if disabled("legacy");
  36. plan tests => 5 + (scalar @ciphers)*2;
  37. SKIP: {
  38. skip "Problems getting ciphers...", 1 + scalar(@ciphers)
  39. unless ok($ciphersstatus, "Running 'openssl list -cipher-commands'");
  40. unless (ok(copy($testsrc, $test), "Copying $testsrc to $test")) {
  41. diag($!);
  42. skip "Not initialized, skipping...", scalar(@ciphers);
  43. }
  44. foreach my $c (@ciphers) {
  45. my %variant = ("$c" => [],
  46. "$c base64" => [ "-a" ]);
  47. foreach my $t (sort keys %variant) {
  48. my $cipherfile = "$test.$c.cipher";
  49. my $clearfile = "$test.$c.clear";
  50. my @e = ( "$c", "-bufsize", "113", @{$variant{$t}}, "-e", "-k", "test" );
  51. my @d = ( "$c", "-bufsize", "157", @{$variant{$t}}, "-d", "-k", "test" );
  52. if ($c eq "cat") {
  53. $cipherfile = "$test.cipher";
  54. $clearfile = "$test.clear";
  55. @e = ( "enc", @{$variant{$t}}, "-e" );
  56. @d = ( "enc", @{$variant{$t}}, "-d" );
  57. }
  58. ok(run(app([$cmd, @e, @prov, "-in", $test, "-out", $cipherfile]))
  59. && run(app([$cmd, @d, @prov, "-in", $cipherfile, "-out", $clearfile]))
  60. && compare_text($test,$clearfile) == 0, $t);
  61. }
  62. }
  63. ok(run(app([$cmd, "enc", "-in", $test, "-aes256", "-pbkdf2", "-out",
  64. "salted_default.cipher", "-pass", "pass:password"]))
  65. && run(app([$cmd, "enc", "-d", "-in", "salted_default.cipher", "-aes256", "-pbkdf2",
  66. "-saltlen", "8", "-out", "salted_default.clear", "-pass", "pass:password"]))
  67. && compare_text($test,"salted_default.clear") == 0,
  68. "Check that the default salt length of 8 bytes is used for PKDF2");
  69. ok(!run(app([$cmd, "enc", "-d", "-in", "salted_default.cipher", "-aes256", "-pbkdf2",
  70. "-saltlen", "16", "-out", "salted_fail.clear", "-pass", "pass:password"])),
  71. "Check the decrypt fails if the saltlen is incorrect");
  72. ok(run(app([$cmd, "enc", "-in", $test, "-aes256", "-pbkdf2", "-saltlen", "16",
  73. "-out", "salted.cipher", "-pass", "pass:password"]))
  74. && run(app([$cmd, "enc", "-d", "-in", "salted.cipher", "-aes256", "-pbkdf2",
  75. "-saltlen", "16", "-out", "salted.clear", "-pass", "pass:password"]))
  76. && compare_text($test,"salted.clear") == 0,
  77. "Check that we can still use a salt length of 16 bytes for PKDF2");
  78. }