15-test_genec.t 9.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314
  1. #! /usr/bin/env perl
  2. # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. #
  4. # Licensed under the Apache License 2.0 (the "License"). You may not use
  5. # this file except in compliance with the License. You can obtain a copy
  6. # in the file LICENSE in the source distribution or at
  7. # https://www.openssl.org/source/license.html
  8. use strict;
  9. use warnings;
  10. use File::Spec;
  11. use OpenSSL::Test qw/:DEFAULT srctop_file/;
  12. use OpenSSL::Test::Utils;
  13. # 'supported' and 'unsupported' reflect the current state of things. In
  14. # Test::More terms, 'supported' works exactly like ok(run(whatever)), while
  15. # 'unsupported' wraps that in a TODO: { } block.
  16. #
  17. # The first argument is the test name (this becomes the last argument to
  18. # 'ok')
  19. # The remaining argument are passed unchecked to 'run'.
  20. # 1: the result of app() or similar, i.e. something you can pass to
  21. sub supported_pass {
  22. my $str = shift;
  23. ok(run(@_), $str);
  24. }
  25. sub unsupported_pass {
  26. my $str = shift;
  27. TODO: {
  28. local $TODO = "Currently not supported";
  29. ok(run(@_), $str);
  30. }
  31. }
  32. sub supported_fail {
  33. my $str = shift;
  34. ok(!run(@_), $str);
  35. }
  36. sub unsupported_fail {
  37. my $str = shift;
  38. TODO: {
  39. local $TODO = "Currently not supported";
  40. ok(!run(@_), $str);
  41. }
  42. }
  43. setup("test_genec");
  44. plan skip_all => "This test is unsupported in a no-ec build"
  45. if disabled("ec");
  46. my @prime_curves = qw(
  47. secp112r1
  48. secp112r2
  49. secp128r1
  50. secp128r2
  51. secp160k1
  52. secp160r1
  53. secp160r2
  54. secp192k1
  55. secp224k1
  56. secp224r1
  57. secp256k1
  58. secp384r1
  59. secp521r1
  60. prime192v1
  61. prime192v2
  62. prime192v3
  63. prime239v1
  64. prime239v2
  65. prime239v3
  66. prime256v1
  67. wap-wsg-idm-ecid-wtls6
  68. wap-wsg-idm-ecid-wtls7
  69. wap-wsg-idm-ecid-wtls8
  70. wap-wsg-idm-ecid-wtls9
  71. wap-wsg-idm-ecid-wtls12
  72. brainpoolP160r1
  73. brainpoolP160t1
  74. brainpoolP192r1
  75. brainpoolP192t1
  76. brainpoolP224r1
  77. brainpoolP224t1
  78. brainpoolP256r1
  79. brainpoolP256t1
  80. brainpoolP320r1
  81. brainpoolP320t1
  82. brainpoolP384r1
  83. brainpoolP384t1
  84. brainpoolP512r1
  85. brainpoolP512t1
  86. );
  87. my @binary_curves = qw(
  88. sect113r1
  89. sect113r2
  90. sect131r1
  91. sect131r2
  92. sect163k1
  93. sect163r1
  94. sect163r2
  95. sect193r1
  96. sect193r2
  97. sect233k1
  98. sect233r1
  99. sect239k1
  100. sect283k1
  101. sect283r1
  102. sect409k1
  103. sect409r1
  104. sect571k1
  105. sect571r1
  106. c2pnb163v1
  107. c2pnb163v2
  108. c2pnb163v3
  109. c2pnb176v1
  110. c2tnb191v1
  111. c2tnb191v2
  112. c2tnb191v3
  113. c2pnb208w1
  114. c2tnb239v1
  115. c2tnb239v2
  116. c2tnb239v3
  117. c2pnb272w1
  118. c2pnb304w1
  119. c2tnb359v1
  120. c2pnb368w1
  121. c2tnb431r1
  122. wap-wsg-idm-ecid-wtls1
  123. wap-wsg-idm-ecid-wtls3
  124. wap-wsg-idm-ecid-wtls4
  125. wap-wsg-idm-ecid-wtls5
  126. wap-wsg-idm-ecid-wtls10
  127. wap-wsg-idm-ecid-wtls11
  128. );
  129. my @explicit_only_curves = ();
  130. push(@explicit_only_curves, qw(
  131. Oakley-EC2N-3
  132. Oakley-EC2N-4
  133. )) if !disabled("ec2m");
  134. my @other_curves = ();
  135. push(@other_curves, 'SM2')
  136. if !disabled("sm2");
  137. my @curve_aliases = qw(
  138. P-192
  139. P-224
  140. P-256
  141. P-384
  142. P-521
  143. );
  144. push(@curve_aliases, qw(
  145. B-163
  146. B-233
  147. B-283
  148. B-409
  149. B-571
  150. K-163
  151. K-233
  152. K-283
  153. K-409
  154. K-571
  155. )) if !disabled("ec2m");
  156. my @curve_list = ();
  157. push(@curve_list, @prime_curves);
  158. push(@curve_list, @binary_curves)
  159. if !disabled("ec2m");
  160. push(@curve_list, @other_curves);
  161. push(@curve_list, @curve_aliases);
  162. my %params_encodings =
  163. (
  164. 'named_curve' => \&supported_pass,
  165. 'explicit' => \&unsupported_pass
  166. );
  167. my @output_formats = ('PEM', 'DER');
  168. plan tests => scalar(@curve_list) * scalar(keys %params_encodings)
  169. * (1 + scalar(@output_formats)) # Try listed @output_formats and text output
  170. * 2 # Test generating parameters and keys
  171. + 1 # Checking that with no curve it fails
  172. + 1 # Checking that with unknown curve it fails
  173. + 1 # Subtest for explicit only curves
  174. ;
  175. ok(!run(app([ 'openssl', 'genpkey',
  176. '-algorithm', 'EC'])),
  177. "genpkey EC with no params should fail");
  178. ok(!run(app([ 'openssl', 'genpkey',
  179. '-algorithm', 'EC',
  180. '-pkeyopt', 'ec_paramgen_curve:bogus_foobar_curve'])),
  181. "genpkey EC with unknown curve name should fail");
  182. foreach my $curvename (@curve_list) {
  183. foreach my $paramenc (sort keys %params_encodings) {
  184. my $fn = $params_encodings{$paramenc};
  185. # --- Test generating parameters ---
  186. $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (text)",
  187. app([ 'openssl', 'genpkey', '-genparam',
  188. '-algorithm', 'EC',
  189. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  190. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  191. '-text']));
  192. foreach my $outform (@output_formats) {
  193. my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
  194. $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
  195. app([ 'openssl', 'genpkey', '-genparam',
  196. '-algorithm', 'EC',
  197. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  198. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  199. '-outform', $outform,
  200. '-out', $outfile]));
  201. }
  202. # --- Test generating actual keys ---
  203. $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (text)",
  204. app([ 'openssl', 'genpkey',
  205. '-algorithm', 'EC',
  206. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  207. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  208. '-text']));
  209. foreach my $outform (@output_formats) {
  210. my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
  211. $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
  212. app([ 'openssl', 'genpkey',
  213. '-algorithm', 'EC',
  214. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  215. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  216. '-outform', $outform,
  217. '-out', $outfile]));
  218. }
  219. }
  220. }
  221. subtest "test curves that only support explicit parameters encoding" => sub {
  222. plan skip_all => "This test is unsupported under current configuration"
  223. if scalar(@explicit_only_curves) <= 0;
  224. plan tests => scalar(@explicit_only_curves) * scalar(keys %params_encodings)
  225. * (1 + scalar(@output_formats)) # Try listed @output_formats and text output
  226. * 2 # Test generating parameters and keys
  227. ;
  228. my %params_encodings =
  229. (
  230. 'named_curve' => \&supported_fail,
  231. 'explicit' => \&unsupported_pass
  232. );
  233. foreach my $curvename (@explicit_only_curves) {
  234. foreach my $paramenc (sort keys %params_encodings) {
  235. my $fn = $params_encodings{$paramenc};
  236. # --- Test generating parameters ---
  237. $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (text)",
  238. app([ 'openssl', 'genpkey', '-genparam',
  239. '-algorithm', 'EC',
  240. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  241. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  242. '-text']));
  243. foreach my $outform (@output_formats) {
  244. my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
  245. $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
  246. app([ 'openssl', 'genpkey', '-genparam',
  247. '-algorithm', 'EC',
  248. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  249. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  250. '-outform', $outform,
  251. '-out', $outfile]));
  252. }
  253. # --- Test generating actual keys ---
  254. $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (text)",
  255. app([ 'openssl', 'genpkey',
  256. '-algorithm', 'EC',
  257. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  258. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  259. '-text']));
  260. foreach my $outform (@output_formats) {
  261. my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
  262. $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
  263. app([ 'openssl', 'genpkey',
  264. '-algorithm', 'EC',
  265. '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
  266. '-pkeyopt', 'ec_param_enc:'.$paramenc,
  267. '-outform', $outform,
  268. '-out', $outfile]));
  269. }
  270. }
  271. }
  272. };