]>
git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/15-test_ec.t
2 # Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
14 use OpenSSL
::Test qw
/:DEFAULT srctop_file/;
15 use OpenSSL
::Test
::Utils
;
19 plan skip_all
=> 'EC is not supported in this build' if disabled
('ec');
23 my $no_fips = disabled
('fips') || ($ENV{NO_FIPS
} // 0);
25 require_ok
(srctop_file
('test','recipes','tconversion.pl'));
27 ok
(run
(test
(["ectest"])), "running ectest");
29 # TODO: remove these when the 'ec' app is removed.
30 # Also consider moving this to the 20-25 test section because it is testing
31 # the command line tool in addition to the algorithm.
32 subtest
'EC conversions -- private key' => sub {
33 tconversion
( -type
=> 'ec', -prefix
=> 'ec-priv',
34 -in => srctop_file
("test","testec-p256.pem") );
36 subtest
'EC conversions -- private key PKCS#8' => sub {
37 tconversion
( -type
=> 'ec', -prefix
=> 'ec-pkcs8',
38 -in => srctop_file
("test","testec-p256.pem"),
41 subtest
'EC conversions -- public key' => sub {
42 tconversion
( -type
=> 'ec', -prefix
=> 'ec-pub',
43 -in => srctop_file
("test","testecpub-p256.pem"),
44 -args
=> [ "ec", "-pubin", "-pubout" ] );
47 subtest
'PKEY conversions -- private key' => sub {
48 tconversion
( -type
=> 'pkey', -prefix
=> 'ec-pkey-priv',
49 -in => srctop_file
("test","testec-p256.pem") );
51 subtest
'PKEY conversions -- private key PKCS#8' => sub {
52 tconversion
( -type
=> 'pkey', -prefix
=> 'ec-pkey-pkcs8',
53 -in => srctop_file
("test","testec-p256.pem"),
56 subtest
'PKEY conversions -- public key' => sub {
57 tconversion
( -type
=> 'pkey', -prefix
=> 'ec-pkey-pub',
58 -in => srctop_file
("test","testecpub-p256.pem"),
59 -args
=> [ "pkey", "-pubin", "-pubout" ] );
63 skip
"ECX is not supported by this OpenSSL build", 6
65 subtest
'Ed25519 conversions -- private key' => sub {
66 tconversion
( -type
=> "pkey", -prefix
=> "ed25519-pkey-priv",
67 -in => srctop_file
("test", "tested25519.pem") );
69 subtest
'Ed25519 conversions -- private key PKCS#8' => sub {
70 tconversion
( -type
=> "pkey", -prefix
=> "ed25519-pkey-pkcs8",
71 -in => srctop_file
("test", "tested25519.pem"),
74 subtest
'Ed25519 conversions -- public key' => sub {
75 tconversion
( -type
=> "pkey", -prefix
=> "ed25519-pkey-pub",
76 -in => srctop_file
("test", "tested25519pub.pem"),
77 -args
=> ["pkey", "-pubin", "-pubout"] );
79 subtest
'Ed448 conversions -- private key' => sub {
80 tconversion
( -type
=> "pkey", -prefix
=> "ed448-pkey-priv",
81 -in => srctop_file
("test", "tested448.pem") );
83 subtest
'Ed448 conversions -- private key PKCS#8' => sub {
84 tconversion
( -type
=> "pkey", -prefix
=> "ed448-pkey-pkcs8",
85 -in => srctop_file
("test", "tested448.pem"),
88 subtest
'Ed448 conversions -- public key' => sub {
89 tconversion
( -type
=> "pkey", -prefix
=> "ed448-pkey-pub",
90 -in => srctop_file
("test", "tested448pub.pem"),
91 -args
=> ["pkey", "-pubin", "-pubout"] );
95 subtest
'Check loading of fips and non-fips keys' => sub {
96 plan skip_all
=> "FIPS is disabled"
101 my $fipsconf = srctop_file
("test", "fips-and-base.cnf");
102 $ENV{OPENSSL_CONF
} = $fipsconf;
104 ok
(!run
(app
(['openssl', 'pkey',
105 '-check', '-in', srctop_file
("test", "testec-p112r1.pem")])),
106 "Checking non-fips curve key fails in FIPS provider");
108 ok
(run
(app
(['openssl', 'pkey',
109 '-provider', 'default',
110 '-propquery', '?fips!=yes',
111 '-check', '-in', srctop_file
("test", "testec-p112r1.pem")])),
112 "Checking non-fips curve key succeeds with non-fips property query");
114 delete $ENV{OPENSSL_CONF
};