2
0

91-test_pkey_check.t 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. #! /usr/bin/env perl
  2. # Copyright 2017-2024 The OpenSSL Project Authors. All Rights Reserved.
  3. #
  4. # Licensed under the Apache License 2.0 (the "License"). You may not use
  5. # this file except in compliance with the License. You can obtain a copy
  6. # in the file LICENSE in the source distribution or at
  7. # https://www.openssl.org/source/license.html
  8. use strict;
  9. use warnings;
  10. use File::Spec;
  11. use OpenSSL::Test qw/:DEFAULT data_file with/;
  12. use OpenSSL::Test::Utils;
  13. sub pkey_check {
  14. my $f = shift;
  15. my $pubcheck = shift;
  16. my @checkopt = ('-check');
  17. @checkopt = ('-pubcheck', '-pubin') if $pubcheck;
  18. return run(app(['openssl', 'pkey', @checkopt, '-text',
  19. '-in', $f]));
  20. }
  21. sub check_key {
  22. my $f = shift;
  23. my $should_fail = shift;
  24. my $pubcheck = shift;
  25. my $str;
  26. $str = "$f should fail validation" if $should_fail;
  27. $str = "$f should pass validation" unless $should_fail;
  28. $f = data_file($f);
  29. if ( -s $f ) {
  30. with({ exit_checker => sub { return shift == $should_fail; } },
  31. sub {
  32. ok(pkey_check($f, $pubcheck), $str);
  33. });
  34. } else {
  35. fail("Missing file $f");
  36. }
  37. }
  38. setup("test_pkey_check");
  39. my @negative_tests = ();
  40. push(@negative_tests, (
  41. # For EC keys the range for the secret scalar `k` is `1 <= k <= n-1`
  42. "ec_p256_bad_0.pem", # `k` set to `n` (equivalent to `0 mod n`, invalid)
  43. "ec_p256_bad_1.pem", # `k` set to `n+1` (equivalent to `1 mod n`, invalid)
  44. )) unless disabled("ec");
  45. push(@negative_tests, (
  46. # For SM2 keys the range for the secret scalar `k` is `1 <= k < n-1`
  47. "sm2_bad_neg1.pem", # `k` set to `n-1` (invalid, because SM2 range)
  48. "sm2_bad_0.pem", # `k` set to `n` (equivalent to `0 mod n`, invalid)
  49. "sm2_bad_1.pem", # `k` set to `n+1` (equivalent to `1 mod n`, invalid)
  50. )) unless disabled("sm2");
  51. my @positive_tests = ();
  52. push(@positive_tests, (
  53. "dhpkey.pem"
  54. )) unless disabled("dh");
  55. my @negative_pubtests = ("rsapub_17k.pem"); # Too big RSA public key
  56. push(@negative_pubtests, (
  57. "dsapub_noparam.der"
  58. )) unless disabled("dsa");
  59. my @positive_pubtests = ();
  60. push(@positive_pubtests, (
  61. "dsapub.pem"
  62. )) unless disabled("dsa");
  63. plan skip_all => "No tests within the current enabled feature set"
  64. unless @negative_tests && @positive_tests
  65. && @negative_pubtests && @positive_pubtests;
  66. plan tests => scalar(@negative_tests) + scalar(@positive_tests)
  67. + scalar(@negative_pubtests) + scalar(@positive_pubtests);
  68. foreach my $t (@negative_tests) {
  69. check_key($t, 1, 0);
  70. }
  71. foreach my $t (@positive_tests) {
  72. check_key($t, 0, 0);
  73. }
  74. foreach my $t (@negative_pubtests) {
  75. check_key($t, 1, 1);
  76. }
  77. foreach my $t (@positive_pubtests) {
  78. check_key($t, 0, 1);
  79. }