ホーム エクスプローラ ヘルプ
サインイン
OWEALs
/
openssl
同期ミラー git://git.openssl.org/openssl.git
2
0
フォーク 0
ファイル 課題 1 Wiki
ツリー: 8dab4de538
ブランチ タグ
openssl
/
test
/
recipes
/
15-test_genrsa.t

15-test_genrsa.t 3.9 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. #! /usr/bin/env perl
    2. 

  2. # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3. #
    4. 

  4. # Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5. # this file except in compliance with the License.  You can obtain a copy
    6. 

  6. # in the file LICENSE in the source distribution or at
    7. 

  7. # https://www.openssl.org/source/license.html
    8. 

  8. 

  9. 

  10. use strict;
    11. 

  11. use warnings;
    12. 

  12. 

  13. use File::Spec;
    14. 

  14. use OpenSSL::Test qw/:DEFAULT srctop_file/;
    15. 

  15. use OpenSSL::Test::Utils;
    16. 

  16. 

  17. setup("test_genrsa");
    18. 

  18. 

  19. plan tests => 12;
    20. 

  20. 

  21. # We want to know that an absurdly small number of bits isn't support
    22. 

  22. if (disabled("deprecated-3.0")) {
    23. 

  23.     is(run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',
    24. 

  24.                  '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_bits:8',
    25. 

  25.                  '-pkeyopt', 'rsa_keygen_pubexp:3'])),
    26. 

  26.                0, "genrsa -3 8");
    27. 

  27. } else {
    28. 

  28.     is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])),
    29. 

  29.                0, "genrsa -3 8");
    30. 

  30. }
    31. 

  31. 

  32. # Depending on the shared library, we might have different lower limits.
    33. 

  33. # Let's find it!  This is a simple binary search
    34. 

  34. # ------------------------------------------------------------
    35. 

  35. # NOTE: $good may need an update in the future
    36. 

  36. # ------------------------------------------------------------
    37. 

  37. note "Looking for lowest amount of bits";
    38. 

  38. my $bad = 3;                    # Log2 of number of bits (2 << 3  == 8)
    39. 

  39. my $good = 11;                  # Log2 of number of bits (2 << 11 == 2048)
    40. 

  40. my $fin;
    41. 

  41. while ($good > $bad + 1) {
    42. 

  42.     my $checked = int(($good + $bad + 1) / 2);
    43. 

  43.     my $bits = 2 ** $checked;
    44. 

  44.     if (disabled("deprecated-3.0")) {
    45. 

  45.         $fin = run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',
    46. 

  46.                          '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_pubexp:65537',
    47. 

  47.                          '-pkeyopt', "rsa_keygen_bits:$bits",
    48. 

  48.                        ], stderr => undef));
    49. 

  49.     } else {
    50. 

  50.         $fin = run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem',
    51. 

  51.                          $bits
    52. 

  52.                        ], stderr => undef));
    53. 

  53.     }
    54. 

  54.     if ($fin) {
    55. 

  55.         note 2 ** $checked, " bits is good";
    56. 

  56.         $good = $checked;
    57. 

  57.     } else {
    58. 

  58.         note 2 ** $checked, " bits is bad";
    59. 

  59.         $bad = $checked;
    60. 

  60.     }
    61. 

  61. }
    62. 

  62. $good++ if $good == $bad;
    63. 

  63. $good = 2 ** $good;
    64. 

  64. note "Found lowest allowed amount of bits to be $good";
    65. 

  65. 

  66. ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
    67. 

  67.              '-pkeyopt', 'rsa_keygen_pubexp:65537',
    68. 

  68.              '-pkeyopt', "rsa_keygen_bits:$good",
    69. 

  69.              '-out', 'genrsatest.pem' ])),
    70. 

  70.    "genpkey -3 $good");
    71. 

  71. ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])),
    72. 

  72.    "pkey -check");
    73. 

  73. ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
    74. 

  74.              '-pkeyopt', 'rsa_keygen_pubexp:65537',
    75. 

  75.              '-pkeyopt', "rsa_keygen_bits:$good",
    76. 

  76.              '-out', 'genrsatest.pem' ])),
    77. 

  77.    "genpkey -f4 $good");
    78. 

  78. 

  79. ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
    80. 

  80.              '-pkeyopt', 'rsa_keygen_bits:2048',
    81. 

  81.              '-out', 'genrsatest2048.pem' ])),
    82. 

  82.    "genpkey 2048 bits");
    83. 

  83. ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest2048.pem', '-noout' ])),
    84. 

  84.    "pkey -check");
    85. 

  85. 

  86. ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
    87. 

  87.              '-pkeyopt', 'hexe:02',
    88. 

  88.              '-out', 'genrsatest.pem' ])),
    89. 

  89.    "genpkey with a bad public exponent should fail");
    90. 

  90. ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
    91. 

  91.              '-pkeyopt', 'e:65538',
    92. 

  92.              '-out', 'genrsatest.pem' ])),
    93. 

  93.    "genpkey with a even public exponent should fail");
    94. 

  94. 

  95. 

  96.  SKIP: {
    97. 

  97.     skip "Skipping rsa command line test", 4 if disabled("deprecated-3.0");
    98. 

  98. 

  99.     ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])),
    100. 

  100.        "genrsa -3 $good");
    101. 

  101.     ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
    102. 

  102.        "rsa -check");
    103. 

  103.     ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])),
    104. 

  104.        "genrsa -f4 $good");
    105. 

  105.     ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
    106. 

  106.        "rsa -check");
    107. 

  107. }
    108.