From: Dmitry Belyavskiy Date: Thu, 8 Aug 2024 11:45:19 +0000 (+0200) Subject: Encap/decap in pkeyutl - tests X-Git-Tag: openssl-3.4.0-alpha1~148 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bd3b24c3af6cc19efd14c9cff2a91bb58ef34559;p=thirdparty%2Fopenssl.git Encap/decap in pkeyutl - tests Reviewed-by: Neil Horman Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/25127) --- diff --git a/test/decap_out.bin b/test/decap_out.bin new file mode 100644 index 00000000000..b94441ed1c0 --- /dev/null +++ b/test/decap_out.bin @@ -0,0 +1,3 @@ +6žW«¡ŠòÌn‘©ú;’ù¡ÃÄmç Ä¥ÉB[HãÕË#äӇ(™‡hŽ] :\³PŸ›xñe¡ƒŽbòé)G¿fõÈ"¨ýË­fË ÊýJÝ)ïþ܏ì {ªHm‚\P ú+¸PÞ¸%èÄ/jϙ%ç؆È<_æ~– +K—JEhßù‡©lEa¼:¢(Ÿå/\Ñ®Íb€Ã®©Ê ×È-g,AYœ‹4 +lÚtÚN­)~\HU4y០}qJŸ€ ”t# ¦}.™üTÅý”?ÚØϊÐÿcD=üLõ¨nmv{—éſԋȣ® \ No newline at end of file diff --git a/test/encap_out.bin b/test/encap_out.bin new file mode 100644 index 00000000000..024fc40550f --- /dev/null +++ b/test/encap_out.bin @@ -0,0 +1,4 @@ +¼:÷Ùy‚Љ5°ã ÿÙ[Û2ê<¾ê?«î±qÕª1·µŒ¸ºæÝ>YÎM寬3PÝ +ìÛO’2rÈيíùAd" Gç„m‡2mÏÄ7x•Ñhú7-ÿ@:?NµÇrSꋜKÁ¡žè`«t¥ÉŸªÓxié头' Mhøñ‘˜3rÞڃ–Sd¦ðO±£ãHT„F§þ +®‹kZ'xšFÛKùx”q"ÐÒúl@04E‰†ÌûŽ;c¾iA}U÷ÆŒ P6ýk0–‰ó%DôòLÄ.U– aO¨(LIý®QÇç¢ÏA +Œ[´uԞØ4s$¨†Ò%tÕB \ No newline at end of file diff --git a/test/encap_secret.bin b/test/encap_secret.bin new file mode 100644 index 00000000000..b94441ed1c0 --- /dev/null +++ b/test/encap_secret.bin @@ -0,0 +1,3 @@ +6žW«¡ŠòÌn‘©ú;’ù¡ÃÄmç Ä¥ÉB[HãÕË#äӇ(™‡hŽ] :\³PŸ›xñe¡ƒŽbòé)G¿fõÈ"¨ýË­fË ÊýJÝ)ïþ܏ì {ªHm‚\P ú+¸PÞ¸%èÄ/jϙ%ç؆È<_æ~– +K—JEhßù‡©lEa¼:¢(Ÿå/\Ñ®Íb€Ã®©Ê ×È-g,AYœ‹4 +lÚtÚN­)~\HU4y០}qJŸ€ ”t# ¦}.™üTÅý”?ÚØϊÐÿcD=üLõ¨nmv{—éſԋȣ® \ No newline at end of file diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t index 76e4f0a8694..e9472a21352 100644 --- a/test/recipes/20-test_pkeyutl.t +++ b/test/recipes/20-test_pkeyutl.t @@ -13,11 +13,11 @@ use File::Spec; use File::Basename; use OpenSSL::Test qw/:DEFAULT srctop_file ok_nofips/; use OpenSSL::Test::Utils; -use File::Compare qw/compare_text/; +use File::Compare qw/compare_text compare/; setup("test_pkeyutl"); -plan tests => 14; +plan tests => 19; # For the tests below we use the cert itself as the TBS file @@ -200,3 +200,33 @@ SKIP: { "-rawin"); }; } + +#Encap/decap tests +# openssl pkeyutl -encap -pubin -inkey rsa_pub.pem -secret secret.bin -out encap_out.bin +# openssl pkeyutl -decap -inkey rsa_priv.pem -in encap_out.bin -out decap_out.bin +# decap_out is equal to secret +SKIP: { + skip "RSA is not supported by this OpenSSL build", 3 + if disabled("rsa"); + + # Self-compat + ok(run(app(([ 'openssl', 'pkeyutl', '-encap', '-pubin', '-kemop', 'RSASVE', + '-inkey', srctop_file('test', 'testrsa2048pub.pem'), + '-out', 'encap_out.bin', '-secret', 'secret.bin']))), + "RSA pubkey encapsulation"); + ok(run(app(([ 'openssl', 'pkeyutl', '-decap', '-kemop', 'RSASVE', + '-inkey', srctop_file('test', 'testrsa2048.pem'), + '-in', 'encap_out.bin', '-out', 'decap_out.bin']))), + "RSA pubkey decapsulation"); + is(compare("secret.bin", "decap_out.bin"), 0, "Secret is correctly decapsulated"); + + # Pregenerated + ok(run(app(([ 'openssl', 'pkeyutl', '-decap', '-kemop', 'RSASVE', + '-inkey', srctop_file('test', 'testrsa2048.pem'), + '-in', srctop_file('test', 'encap_out.bin'), '-out', 'decap_out_etl.bin']))), + "RSA pubkey decapsulation - pregenerated"); + + is(compare(srctop_file('test', 'encap_secret.bin'), "decap_out_etl.bin"), 0, + "Secret is correctly decapsulated - pregenerated"); +} +