15-test_rsapss.t 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. #! /usr/bin/env perl
  2. # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. #
  4. # Licensed under the Apache License 2.0 (the "License"). You may not use
  5. # this file except in compliance with the License. You can obtain a copy
  6. # in the file LICENSE in the source distribution or at
  7. # https://www.openssl.org/source/license.html
  8. use strict;
  9. use warnings;
  10. use File::Spec;
  11. use OpenSSL::Test qw/:DEFAULT with srctop_file/;
  12. use OpenSSL::Test::Utils;
  13. setup("test_rsapss");
  14. plan tests => 7;
  15. #using test/testrsa.pem which happens to be a 512 bit RSA
  16. ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
  17. '-sigopt', 'rsa_padding_mode:pss',
  18. '-sigopt', 'rsa_pss_saltlen:max',
  19. '-sigopt', 'rsa_mgf1_md:sha512',
  20. '-out', 'testrsapss-restricted.sig',
  21. srctop_file('test', 'testrsa.pem')])),
  22. "openssl dgst -sign [plain RSA key, PSS padding mode, PSS restrictions]");
  23. ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
  24. '-sigopt', 'rsa_padding_mode:pss',
  25. '-out', 'testrsapss-unrestricted.sig',
  26. srctop_file('test', 'testrsa.pem')])),
  27. "openssl dgst -sign [plain RSA key, PSS padding mode, no PSS restrictions]");
  28. with({ exit_checker => sub { return shift == 1; } },
  29. sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512',
  30. '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
  31. '-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])),
  32. "openssl dgst -sign, expect to fail gracefully");
  33. ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512',
  34. '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:2147483647',
  35. '-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])),
  36. "openssl dgst -sign, expect to fail gracefully");
  37. ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512',
  38. '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
  39. '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig',
  40. srctop_file('test', 'testrsa.pem')])),
  41. "openssl dgst -prverify, expect to fail gracefully");
  42. });
  43. ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
  44. '-sha1',
  45. '-sigopt', 'rsa_padding_mode:pss',
  46. '-sigopt', 'rsa_pss_saltlen:max',
  47. '-sigopt', 'rsa_mgf1_md:sha512',
  48. '-signature', 'testrsapss-restricted.sig',
  49. srctop_file('test', 'testrsa.pem')])),
  50. "openssl dgst -prverify [plain RSA key, PSS padding mode, PSS restrictions]");
  51. ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
  52. '-sha1',
  53. '-sigopt', 'rsa_padding_mode:pss',
  54. '-signature', 'testrsapss-unrestricted.sig',
  55. srctop_file('test', 'testrsa.pem')])),
  56. "openssl dgst -prverify [plain RSA key, PSS padding mode, no PSS restrictions]");