]>
Commit | Line | Data |
---|---|---|
596d6b7e | 1 | #! /usr/bin/env perl |
da1c088f | 2 | # Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved. |
596d6b7e | 3 | # |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
596d6b7e RS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
13350a0c RL |
9 | |
10 | use strict; | |
11 | use warnings; | |
12 | ||
13 | use File::Spec::Functions qw/catfile/; | |
14 | use File::Copy; | |
15 | use File::Compare qw/compare_text/; | |
16 | use File::Basename; | |
f5056577 | 17 | use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/; |
81959b26 | 18 | use OpenSSL::Test::Utils; |
13350a0c RL |
19 | |
20 | setup("test_enc"); | |
249d5595 DB |
21 | plan skip_all => "Deprecated functions are disabled in this OpenSSL build" |
22 | if disabled("deprecated"); | |
13350a0c RL |
23 | |
24 | # We do it this way, because setup() may have moved us around, | |
25 | # so the directory portion of $0 might not be correct any more. | |
26 | # However, the name hasn't changed. | |
42e0ccdf | 27 | my $testsrc = srctop_file("test","recipes",basename($0)); |
13350a0c RL |
28 | |
29 | my $test = catfile(".", "p"); | |
30 | ||
31 | my $cmd = "openssl"; | |
f5056577 | 32 | my $provpath = bldtop_dir("providers"); |
81959b26 MC |
33 | my @prov = ("-provider-path", $provpath, "-provider", "default"); |
34 | push @prov, ("-provider", "legacy") unless disabled("legacy"); | |
30f1c9c4 | 35 | my $ciphersstatus = undef; |
13350a0c | 36 | my @ciphers = |
85833408 | 37 | map { s/^\s+//; s/\s+$//; split /\s+/ } |
30f1c9c4 RL |
38 | run(app([$cmd, "list", "-cipher-commands"]), |
39 | capture => 1, statusvar => \$ciphersstatus); | |
81959b26 MC |
40 | @ciphers = grep {!/^(bf|cast|des$|des-cbc|des-cfb|des-ecb|des-ofb|desx|idea |
41 | |rc2|rc4|seed)/x} @ciphers | |
42 | if disabled("legacy"); | |
13350a0c | 43 | |
e3994583 | 44 | plan tests => 5 + (scalar @ciphers)*2; |
13350a0c RL |
45 | |
46 | SKIP: { | |
30f1c9c4 RL |
47 | skip "Problems getting ciphers...", 1 + scalar(@ciphers) |
48 | unless ok($ciphersstatus, "Running 'openssl list -cipher-commands'"); | |
49 | unless (ok(copy($testsrc, $test), "Copying $testsrc to $test")) { | |
50 | diag($!); | |
51 | skip "Not initialized, skipping...", scalar(@ciphers); | |
52 | } | |
13350a0c RL |
53 | |
54 | foreach my $c (@ciphers) { | |
a0430488 P |
55 | my %variant = ("$c" => [], |
56 | "$c base64" => [ "-a" ]); | |
13350a0c | 57 | |
a0430488 P |
58 | foreach my $t (sort keys %variant) { |
59 | my $cipherfile = "$test.$c.cipher"; | |
60 | my $clearfile = "$test.$c.clear"; | |
61 | my @e = ( "$c", "-bufsize", "113", @{$variant{$t}}, "-e", "-k", "test" ); | |
62 | my @d = ( "$c", "-bufsize", "157", @{$variant{$t}}, "-d", "-k", "test" ); | |
63 | if ($c eq "cat") { | |
64 | $cipherfile = "$test.cipher"; | |
65 | $clearfile = "$test.clear"; | |
66 | @e = ( "enc", @{$variant{$t}}, "-e" ); | |
67 | @d = ( "enc", @{$variant{$t}}, "-d" ); | |
68 | } | |
13350a0c | 69 | |
a0430488 P |
70 | ok(run(app([$cmd, @e, @prov, "-in", $test, "-out", $cipherfile])) |
71 | && run(app([$cmd, @d, @prov, "-in", $cipherfile, "-out", $clearfile])) | |
72 | && compare_text($test,$clearfile) == 0, $t); | |
73 | } | |
13350a0c | 74 | } |
e3994583 | 75 | ok(run(app([$cmd, "enc", "-in", $test, "-aes256", "-pbkdf2", "-out", |
76 | "salted_default.cipher", "-pass", "pass:password"])) | |
77 | && run(app([$cmd, "enc", "-d", "-in", "salted_default.cipher", "-aes256", "-pbkdf2", | |
78 | "-saltlen", "8", "-out", "salted_default.clear", "-pass", "pass:password"])) | |
79 | && compare_text($test,"salted_default.clear") == 0, | |
80 | "Check that the default salt length of 8 bytes is used for PKDF2"); | |
81 | ||
82 | ok(!run(app([$cmd, "enc", "-d", "-in", "salted_default.cipher", "-aes256", "-pbkdf2", | |
83 | "-saltlen", "16", "-out", "salted_fail.clear", "-pass", "pass:password"])), | |
84 | "Check the decrypt fails if the saltlen is incorrect"); | |
85 | ||
86 | ok(run(app([$cmd, "enc", "-in", $test, "-aes256", "-pbkdf2", "-saltlen", "16", | |
87 | "-out", "salted.cipher", "-pass", "pass:password"])) | |
88 | && run(app([$cmd, "enc", "-d", "-in", "salted.cipher", "-aes256", "-pbkdf2", | |
89 | "-saltlen", "16", "-out", "salted.clear", "-pass", "pass:password"])) | |
90 | && compare_text($test,"salted.clear") == 0, | |
91 | "Check that we can still use a salt length of 16 bytes for PKDF2"); | |
92 | ||
13350a0c | 93 | } |