]>
Commit | Line | Data |
---|---|---|
7165593c | 1 | #! /usr/bin/env perl |
33388b44 | 2 | # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. |
7165593c SL |
3 | # |
4 | # Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | # this file except in compliance with the License. You can obtain a copy | |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
9 | ||
10 | use strict; | |
11 | use warnings; | |
12 | ||
13 | use File::Spec; | |
14 | use OpenSSL::Test qw/:DEFAULT srctop_file/; | |
15 | use OpenSSL::Test::Utils; | |
16 | ||
17 | setup("test_gendh"); | |
18 | ||
19 | plan skip_all => "This test is unsupported in a no-dh build" if disabled("dh"); | |
20 | ||
f7928938 | 21 | plan tests => 12; |
7165593c SL |
22 | |
23 | ok(run(app([ 'openssl', 'genpkey', '-genparam', | |
24 | '-algorithm', 'DH', | |
25 | '-pkeyopt', 'gindex:1', | |
26 | '-pkeyopt', 'type:fips186_4', | |
27 | '-text'])), | |
28 | "genpkey DH params fips186_4 with verifiable g"); | |
29 | ||
30 | ok(run(app([ 'openssl', 'genpkey', '-genparam', | |
31 | '-algorithm', 'DH', | |
32 | '-pkeyopt', 'type:fips186_4', | |
33 | '-text'])), | |
34 | "genpkey DH params fips186_4 with unverifiable g"); | |
35 | ||
36 | ok(run(app([ 'openssl', 'genpkey', '-genparam', | |
37 | '-algorithm', 'DH', | |
38 | '-pkeyopt', 'type:fips186_2', | |
39 | '-text'])), | |
40 | "genpkey DH params fips186_2"); | |
41 | ||
42 | ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', | |
43 | '-pkeyopt', 'type:group', | |
44 | '-text'])), | |
45 | "genpkey DH default group"); | |
46 | ||
47 | ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', | |
48 | '-pkeyopt', 'type:group', | |
49 | '-pkeyopt', 'group:ffdhe2048', | |
50 | '-text'])), | |
51 | "genpkey DH group ffdhe2048"); | |
52 | ||
53 | ok(run(app([ 'openssl', 'genpkey', '-genparam', | |
54 | '-algorithm', 'DH', | |
55 | '-pkeyopt', 'gindex:1', | |
56 | '-pkeyopt', 'type:fips186_4', | |
f7928938 | 57 | '-out', 'dhgen.pem' ])), |
7165593c SL |
58 | "genpkey DH params fips186_4 PEM"); |
59 | ||
7165593c SL |
60 | # The seed and counter should be the ones generated from the param generation |
61 | # Just put some dummy ones in to show it works. | |
62 | ok(run(app([ 'openssl', 'genpkey', | |
f7928938 | 63 | '-paramfile', 'dhgen.pem', |
7165593c SL |
64 | '-pkeyopt', 'gindex:1', |
65 | '-pkeyopt', 'hexseed:0102030405060708090A0B0C0D0E0F1011121314', | |
66 | '-pkeyopt', 'pcounter:25', | |
f7928938 RL |
67 | '-text' ])), |
68 | "genpkey DH fips186_4 with PEM params"); | |
7165593c SL |
69 | |
70 | ok(!run(app([ 'openssl', 'genpkey', | |
71 | '-algorithm', 'DH'])), | |
72 | "genpkey DH with no params should fail"); | |
738ee181 SL |
73 | |
74 | ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', | |
75 | 'group:ffdhe3072', '-pkeyopt', 'priv_len:255', '-text'])), | |
76 | 'genpkey DH with a small private len should fail'); | |
77 | ||
78 | ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', | |
79 | 'group:ffdhe3072', '-pkeyopt', 'priv_len:3072', '-text'])), | |
80 | 'genpkey DH with a large private len should fail'); | |
81 | ||
82 | ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', | |
83 | 'group:ffdhe3072', '-pkeyopt', 'priv_len:256', '-text'])), | |
84 | 'genpkey DH with a minimum strength private len'); | |
85 | ||
86 | ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', | |
87 | 'group:ffdhe2048', '-pkeyopt', 'priv_len:224', '-text'])), | |
88 | 'genpkey 2048 DH with a minimum strength private len'); |