Encap/decap in pkeyutl - tests

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25127)

diff --git a/test/decap_out.bin b/test/decap_out.bin
new file mode 100644 (file)
index 0000000..b94441e
--- /dev/null
+++ b/test/decap_out.bin
@@ -0,0 +1,3 @@
+6\9eW«\ 6¡\8aòÌn\91©ú;\92ù\e\9d¡ÃÄmç Ä¥ÉB\18[H\eãÕË#äÓ\87(\99\87h\8e]\f:\³\14P\9f\9b\13xñe¡\83\8ebòé)G¿fõÈ"¨ýË­fË   \bÊýJÝ\ 3)ïþÜ\ 2\8fì\v{ªH\ 3m\82\P\fú\90+¸PÞ¸%èÄ/j\15Ï\99\ 6%çØ\86È<_æ~\e\96
+K\97JEhßù\87©lEa¼:¢(\9f\10å\a/\Ñ®Íb\9d\80î©\10Ê\v\ e\18×\19\11È-g,A\14Y\9c\8b4\81
+l\81\14ÚtÚN­)~\\81HU4\ 1y\1c\16á\9f  \13}qJ\9f\b\80\f\94t#\f\8f¦}.\99üTÅý\94?ÚØÏ\8aÐÿcD=ü\aLõ\13¨n\16mv\90{\97\16éÅ¿Ô\8bÈ£®
\ No newline at end of file

diff --git a/test/encap_out.bin b/test/encap_out.bin
new file mode 100644 (file)
index 0000000..024fc40
--- /dev/null
+++ b/test/encap_out.bin
@@ -0,0 +1,4 @@
+¼\a:÷Ùy\82Ä\90\89\ 55°\11ã ÿÙ[Û2ê<¾ê?«î±qÕª1·µ\8c¸ºæÝ>YÎM寬3PÝ
+ìÛO\922rÈÙ\8aíùAd"\vGç\84m\872mÏÄ7x\95Ñhú7-\7fÿ\a@:\ e?Nµ\1cÇrSê\8b\9cKÁ¡\ 5\13\9eè`«t¥É\9fªÓxié头' M\12h\1eøñ\91\983\ 2\ 2r\9d\1f\8fÞÚ\83\96\eSd¦ðO±£ãHT\84F\ e§þ
+®\8bkZ\12'x\9aFÛKùx\94q"\1cÐÒúl@04E\89\86Ìû\8e;c¾iA}U÷Æ\7f\8c\fP6ýk\7f\ 20\96\89\ fó%DôòL\19\16Ä.U\96 aO¨(L\90Iý®QÇç¢ÏA
+\8c[´uÔ\9eØ4s$¨\86Ò%tÕB
\ No newline at end of file

diff --git a/test/encap_secret.bin b/test/encap_secret.bin
new file mode 100644 (file)
index 0000000..b94441e
--- /dev/null
+++ b/test/encap_secret.bin
@@ -0,0 +1,3 @@
+6\9eW«\ 6¡\8aòÌn\91©ú;\92ù\e\9d¡ÃÄmç Ä¥ÉB\18[H\eãÕË#äÓ\87(\99\87h\8e]\f:\³\14P\9f\9b\13xñe¡\83\8ebòé)G¿fõÈ"¨ýË­fË   \bÊýJÝ\ 3)ïþÜ\ 2\8fì\v{ªH\ 3m\82\P\fú\90+¸PÞ¸%èÄ/j\15Ï\99\ 6%çØ\86È<_æ~\e\96
+K\97JEhßù\87©lEa¼:¢(\9f\10å\a/\Ñ®Íb\9d\80î©\10Ê\v\ e\18×\19\11È-g,A\14Y\9c\8b4\81
+l\81\14ÚtÚN­)~\\81HU4\ 1y\1c\16á\9f  \13}qJ\9f\b\80\f\94t#\f\8f¦}.\99üTÅý\94?ÚØÏ\8aÐÿcD=ü\aLõ\13¨n\16mv\90{\97\16éÅ¿Ô\8bÈ£®
\ No newline at end of file

diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t
index 76e4f0a869459db121728698c872895fe92b0bc2..e9472a21352e2ae8ea87ae12dc60a3855c0225c2 100644 (file)
--- a/test/recipes/20-test_pkeyutl.t
+++ b/test/recipes/20-test_pkeyutl.t
@@ -13,11 +13,11 @@ use File::Spec;
 use File::Basename;
 use OpenSSL::Test qw/:DEFAULT srctop_file ok_nofips/;
 use OpenSSL::Test::Utils;
-use File::Compare qw/compare_text/;
+use File::Compare qw/compare_text compare/;
 
 setup("test_pkeyutl");
 
-plan tests => 14;
+plan tests => 19;
 
 # For the tests below we use the cert itself as the TBS file
 
@@ -200,3 +200,33 @@ SKIP: {
                     "-rawin");
     };
 }
+
+#Encap/decap tests
+# openssl pkeyutl -encap -pubin -inkey rsa_pub.pem -secret secret.bin -out encap_out.bin
+# openssl pkeyutl -decap -inkey rsa_priv.pem -in encap_out.bin -out decap_out.bin
+# decap_out is equal to secret
+SKIP: {
+    skip "RSA is not supported by this OpenSSL build", 3
+        if disabled("rsa");
+
+    # Self-compat
+    ok(run(app(([ 'openssl', 'pkeyutl', '-encap', '-pubin', '-kemop', 'RSASVE',
+                  '-inkey', srctop_file('test', 'testrsa2048pub.pem'),
+                  '-out', 'encap_out.bin', '-secret', 'secret.bin']))),
+                  "RSA pubkey encapsulation");
+    ok(run(app(([ 'openssl', 'pkeyutl', '-decap', '-kemop', 'RSASVE',
+                  '-inkey', srctop_file('test', 'testrsa2048.pem'),
+                  '-in', 'encap_out.bin', '-out', 'decap_out.bin']))),
+                  "RSA pubkey decapsulation");
+    is(compare("secret.bin", "decap_out.bin"), 0, "Secret is correctly decapsulated");
+
+    # Pregenerated
+    ok(run(app(([ 'openssl', 'pkeyutl', '-decap', '-kemop', 'RSASVE',
+                  '-inkey', srctop_file('test', 'testrsa2048.pem'),
+                  '-in', srctop_file('test', 'encap_out.bin'), '-out', 'decap_out_etl.bin']))),
+                  "RSA pubkey decapsulation - pregenerated");
+
+    is(compare(srctop_file('test', 'encap_secret.bin'), "decap_out_etl.bin"), 0,
+               "Secret is correctly decapsulated - pregenerated");
+}
+