]>
git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/20-test_dgst.t
2 # Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
15 use OpenSSL
::Test qw
/:DEFAULT with srctop_file bldtop_dir/;
16 use OpenSSL
::Test
::Utils
;
27 my $data_to_sign = srctop_file
('test', 'data.bin');
28 my $other_data = srctop_file
('test', 'data2.bin');
30 my $sigfile = basename
($privkey, '.pem') . '.sig';
33 ok
(run
(app
(['openssl', 'dgst', '-sign', $privkey,
36 $testtext.": Generating signature");
38 ok
(run
(app
(['openssl', 'dgst', '-prverify', $privkey,
39 '-signature', $sigfile,
41 $testtext.": Verify signature with private key");
43 ok
(run
(app
(['openssl', 'dgst', '-verify', $pubkey,
44 '-signature', $sigfile,
46 $testtext.": Verify signature with public key");
48 ok
(!run
(app
(['openssl', 'dgst', '-verify', $pubkey,
49 '-signature', $sigfile,
51 $testtext.": Expect failure verifying mismatching data");
55 skip
"RSA is not supported by this OpenSSL build", 1
58 subtest
"RSA signature generation and verification with `dgst` CLI" => sub {
60 srctop_file
("test","testrsa.pem"),
61 srctop_file
("test","testrsapub.pem"));
66 skip
"DSA is not supported by this OpenSSL build", 1
69 subtest
"DSA signature generation and verification with `dgst` CLI" => sub {
71 srctop_file
("test","testdsa.pem"),
72 srctop_file
("test","testdsapub.pem"));
77 skip
"ECDSA is not supported by this OpenSSL build", 1
80 subtest
"ECDSA signature generation and verification with `dgst` CLI" => sub {
82 srctop_file
("test","testec-p256.pem"),
83 srctop_file
("test","testecpub-p256.pem"));
88 skip
"EdDSA is not supported by this OpenSSL build", 2
91 skip
"EdDSA is not supported with `dgst` CLI", 2;
93 subtest
"Ed25519 signature generation and verification with `dgst` CLI" => sub {
94 tsignverify
("Ed25519",
95 srctop_file
("test","tested25519.pem"),
96 srctop_file
("test","tested25519pub.pem"));
99 subtest
"Ed448 signature generation and verification with `dgst` CLI" => sub {
101 srctop_file
("test","tested448.pem"),
102 srctop_file
("test","tested448pub.pem"));
107 skip
"dgst with engine is not supported by this OpenSSL build", 1
108 if disabled
("engine") || disabled
("dynamic-engine");
110 subtest
"SHA1 generation by engine with `dgst` CLI" => sub {
113 my $testdata = srctop_file
('test', 'data.bin');
114 # intentionally using -engine twice, please do not remove the duplicate line
115 my @macdata = run
(app
(['openssl', 'dgst', '-sha1',
116 '-engine', "ossltest",
117 '-engine', "ossltest",
118 $testdata]), capture
=> 1);
120 my $expected = qr/SHA1\(\Q$testdata\E\)= 000102030405060708090a0b0c0d0e0f10111213/;
121 ok
($macdata[0] =~ $expected, "SHA1: Check HASH value is as expected ($macdata[0]) vs ($expected)");
125 subtest
"HMAC generation with `dgst` CLI" => sub {
128 my $testdata = srctop_file
('test', 'data.bin');
129 #HMAC the data twice to check consistency
130 my @hmacdata = run
(app
(['openssl', 'dgst', '-sha256', '-hmac', '123456',
131 $testdata, $testdata]), capture
=> 1);
133 my $expected = qr/HMAC-SHA2-256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/;
134 ok
($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)");
135 ok
($hmacdata[1] =~ $expected,
136 "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
139 subtest
"HMAC generation with `dgst` CLI, default digest" => sub {
142 my $testdata = srctop_file
('test', 'data.bin');
143 #HMAC the data twice to check consistency
144 my @hmacdata = run
(app
(['openssl', 'dgst', '-hmac', '123456',
145 $testdata, $testdata]), capture
=> 1);
147 my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/;
148 ok
($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)");
149 ok
($hmacdata[1] =~ $expected,
150 "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
153 subtest
"HMAC generation with `dgst` CLI, key via option" => sub {
156 my $testdata = srctop_file
('test', 'data.bin');
157 #HMAC the data twice to check consistency
158 my @hmacdata = run
(app
(['openssl', 'dgst', '-sha256', '-hmac',
159 '-macopt', 'hexkey:FFFF',
160 $testdata, $testdata]), capture
=> 1);
162 my $expected = qr/HMAC-SHA2-256\(\Q$testdata\E\)= b6727b7bb251dfa65846e0a8223bdd57d244aa6d7e312cb906d8e21f2dee3a57/;
163 ok
($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)");
164 ok
($hmacdata[1] =~ $expected,
165 "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)");
168 subtest
"Custom length XOF digest generation with `dgst` CLI" => sub {
171 my $testdata = srctop_file
('test', 'data.bin');
172 #Digest the data twice to check consistency
173 my @xofdata = run
(app
(['openssl', 'dgst', '-shake128', '-xoflen', '64',
174 $testdata, $testdata]), capture
=> 1);
176 my $expected = qr/SHAKE-128\(\Q$testdata\E\)= bb565dac72640109e1c926ef441d3fa64ffd0b3e2bf8cd73d5182dfba19b6a8a2eab96d2df854b647b3795ef090582abe41ba4e0717dc4df40bc4e17d88e4677/;
177 ok
($xofdata[0] =~ $expected, "XOF: Check digest value is as expected ($xofdata[0]) vs ($expected)");
178 ok
($xofdata[1] =~ $expected,
179 "XOF: Check second digest value is consistent with the first ($xofdata[1]) vs ($expected)");