]>
Commit | Line | Data |
---|---|---|
596d6b7e RS |
1 | #! /usr/bin/env perl |
2 | # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. | |
3 | # | |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
596d6b7e RS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
88b8a527 RL |
9 | |
10 | use strict; | |
11 | use warnings; | |
12 | ||
13 | use POSIX; | |
14 | use File::Spec::Functions qw/catfile/; | |
15 | use File::Compare qw/compare_text/; | |
42e0ccdf | 16 | use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/; |
340166a9 | 17 | use OpenSSL::Test::Utils; |
88b8a527 RL |
18 | |
19 | setup("test_cms"); | |
20 | ||
18cb0221 MC |
21 | plan skip_all => "CMS is not supported by this OpenSSL build" |
22 | if disabled("cms"); | |
23 | ||
42e0ccdf RL |
24 | my $smdir = srctop_dir("test", "smime-certs"); |
25 | my $smcont = srctop_file("test", "smcont.txt"); | |
83ae8124 MC |
26 | my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) |
27 | = disabled qw/des dh dsa ec ec2m rc2 zlib/; | |
88b8a527 RL |
28 | |
29 | plan tests => 4; | |
30 | ||
31 | my @smime_pkcs7_tests = ( | |
32 | ||
33 | [ "signed content DER format, RSA key", | |
34 | [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", | |
35 | "-certfile", catfile($smdir, "smroot.pem"), | |
36 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], | |
37 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
38 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
39 | ], | |
40 | ||
41 | [ "signed detached content DER format, RSA key", | |
42 | [ "-sign", "-in", $smcont, "-outform", "DER", | |
43 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], | |
44 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
45 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt", | |
46 | "-content", $smcont ] | |
47 | ], | |
48 | ||
49 | [ "signed content test streaming BER format, RSA", | |
50 | [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", | |
51 | "-stream", | |
52 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], | |
53 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
54 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
55 | ], | |
56 | ||
57 | [ "signed content DER format, DSA key", | |
58 | [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", | |
59 | "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ], | |
60 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
61 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
62 | ], | |
63 | ||
64 | [ "signed detached content DER format, DSA key", | |
65 | [ "-sign", "-in", $smcont, "-outform", "DER", | |
66 | "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ], | |
67 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
68 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt", | |
69 | "-content", $smcont ] | |
70 | ], | |
71 | ||
83ae8124 | 72 | [ "signed detached content DER format, add RSA signer (with DSA existing)", |
88b8a527 RL |
73 | [ "-resign", "-inform", "DER", "-in", "test.cms", "-outform", "DER", |
74 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test2.cms" ], | |
75 | [ "-verify", "-in", "test2.cms", "-inform", "DER", | |
76 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt", | |
77 | "-content", $smcont ] | |
78 | ], | |
79 | ||
80 | [ "signed content test streaming BER format, DSA key", | |
81 | [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", | |
82 | "-stream", | |
83 | "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ], | |
84 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
85 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
86 | ], | |
87 | ||
88 | [ "signed content test streaming BER format, 2 DSA and 2 RSA keys", | |
89 | [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", | |
90 | "-signer", catfile($smdir, "smrsa1.pem"), | |
91 | "-signer", catfile($smdir, "smrsa2.pem"), | |
92 | "-signer", catfile($smdir, "smdsa1.pem"), | |
93 | "-signer", catfile($smdir, "smdsa2.pem"), | |
94 | "-stream", "-out", "test.cms" ], | |
95 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
96 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
97 | ], | |
98 | ||
99 | [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes", | |
100 | [ "-sign", "-in", $smcont, "-outform", "DER", "-noattr", "-nodetach", | |
101 | "-signer", catfile($smdir, "smrsa1.pem"), | |
102 | "-signer", catfile($smdir, "smrsa2.pem"), | |
103 | "-signer", catfile($smdir, "smdsa1.pem"), | |
104 | "-signer", catfile($smdir, "smdsa2.pem"), | |
105 | "-stream", "-out", "test.cms" ], | |
106 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
107 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
108 | ], | |
109 | ||
c6d67f09 DSH |
110 | [ "signed content S/MIME format, RSA key SHA1", |
111 | [ "-sign", "-in", $smcont, "-md", "sha1", | |
112 | "-certfile", catfile($smdir, "smroot.pem"), | |
113 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], | |
114 | [ "-verify", "-in", "test.cms", | |
115 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
116 | ], | |
117 | ||
88b8a527 RL |
118 | [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys", |
119 | [ "-sign", "-in", $smcont, "-nodetach", | |
120 | "-signer", catfile($smdir, "smrsa1.pem"), | |
121 | "-signer", catfile($smdir, "smrsa2.pem"), | |
122 | "-signer", catfile($smdir, "smdsa1.pem"), | |
123 | "-signer", catfile($smdir, "smdsa2.pem"), | |
124 | "-stream", "-out", "test.cms" ], | |
125 | [ "-verify", "-in", "test.cms", | |
126 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
127 | ], | |
128 | ||
129 | [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys", | |
130 | [ "-sign", "-in", $smcont, | |
131 | "-signer", catfile($smdir, "smrsa1.pem"), | |
132 | "-signer", catfile($smdir, "smrsa2.pem"), | |
133 | "-signer", catfile($smdir, "smdsa1.pem"), | |
134 | "-signer", catfile($smdir, "smdsa2.pem"), | |
135 | "-stream", "-out", "test.cms" ], | |
136 | [ "-verify", "-in", "test.cms", | |
137 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
138 | ], | |
139 | ||
96bea000 | 140 | [ "enveloped content test streaming S/MIME format, DES, 3 recipients", |
88b8a527 RL |
141 | [ "-encrypt", "-in", $smcont, |
142 | "-stream", "-out", "test.cms", | |
143 | catfile($smdir, "smrsa1.pem"), | |
144 | catfile($smdir, "smrsa2.pem"), | |
145 | catfile($smdir, "smrsa3.pem") ], | |
146 | [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), | |
147 | "-in", "test.cms", "-out", "smtst.txt" ] | |
148 | ], | |
149 | ||
96bea000 | 150 | [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used", |
88b8a527 RL |
151 | [ "-encrypt", "-in", $smcont, |
152 | "-stream", "-out", "test.cms", | |
153 | catfile($smdir, "smrsa1.pem"), | |
154 | catfile($smdir, "smrsa2.pem"), | |
155 | catfile($smdir, "smrsa3.pem") ], | |
156 | [ "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"), | |
157 | "-in", "test.cms", "-out", "smtst.txt" ] | |
158 | ], | |
159 | ||
96bea000 | 160 | [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used", |
88b8a527 RL |
161 | [ "-encrypt", "-in", $smcont, |
162 | "-stream", "-out", "test.cms", | |
163 | catfile($smdir, "smrsa1.pem"), | |
164 | catfile($smdir, "smrsa2.pem"), | |
165 | catfile($smdir, "smrsa3.pem") ], | |
166 | [ "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"), | |
167 | "-in", "test.cms", "-out", "smtst.txt" ] | |
168 | ], | |
169 | ||
170 | [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients", | |
171 | [ "-encrypt", "-in", $smcont, | |
172 | "-aes256", "-stream", "-out", "test.cms", | |
173 | catfile($smdir, "smrsa1.pem"), | |
174 | catfile($smdir, "smrsa2.pem"), | |
175 | catfile($smdir, "smrsa3.pem") ], | |
176 | [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), | |
177 | "-in", "test.cms", "-out", "smtst.txt" ] | |
178 | ], | |
179 | ||
180 | ); | |
181 | ||
182 | my @smime_cms_tests = ( | |
183 | ||
184 | [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid", | |
185 | [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", "-keyid", | |
186 | "-signer", catfile($smdir, "smrsa1.pem"), | |
187 | "-signer", catfile($smdir, "smrsa2.pem"), | |
188 | "-signer", catfile($smdir, "smdsa1.pem"), | |
189 | "-signer", catfile($smdir, "smdsa2.pem"), | |
190 | "-stream", "-out", "test.cms" ], | |
191 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
192 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
193 | ], | |
194 | ||
195 | [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys", | |
196 | [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", | |
197 | "-signer", catfile($smdir, "smrsa1.pem"), | |
198 | "-signer", catfile($smdir, "smrsa2.pem"), | |
199 | "-signer", catfile($smdir, "smdsa1.pem"), | |
200 | "-signer", catfile($smdir, "smdsa2.pem"), | |
201 | "-stream", "-out", "test.cms" ], | |
202 | [ "-verify", "-in", "test.cms", "-inform", "PEM", | |
203 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
204 | ], | |
205 | ||
206 | [ "signed content MIME format, RSA key, signed receipt request", | |
207 | [ "-sign", "-in", $smcont, "-signer", catfile($smdir, "smrsa1.pem"), "-nodetach", | |
208 | "-receipt_request_to", "test\@openssl.org", "-receipt_request_all", | |
209 | "-out", "test.cms" ], | |
210 | [ "-verify", "-in", "test.cms", | |
211 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
212 | ], | |
213 | ||
214 | [ "signed receipt MIME format, RSA key", | |
215 | [ "-sign_receipt", "-in", "test.cms", | |
216 | "-signer", catfile($smdir, "smrsa2.pem"), | |
217 | "-out", "test2.cms" ], | |
218 | [ "-verify_receipt", "test2.cms", "-in", "test.cms", | |
219 | "-CAfile", catfile($smdir, "smroot.pem") ] | |
220 | ], | |
221 | ||
e85d19c6 AI |
222 | [ "signed content DER format, RSA key, CAdES-BES compatible", |
223 | [ "-sign", "-cades", "-in", $smcont, "-outform", "DER", "-nodetach", | |
224 | "-certfile", catfile($smdir, "smroot.pem"), | |
225 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], | |
226 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
227 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
228 | ], | |
229 | ||
230 | [ "signed content DER format, RSA key, SHA256 md, CAdES-BES compatible", | |
231 | [ "-sign", "-cades", "-md", "sha256", "-in", $smcont, "-outform", | |
232 | "DER", "-nodetach", "-certfile", catfile($smdir, "smroot.pem"), | |
233 | "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], | |
234 | [ "-verify", "-in", "test.cms", "-inform", "DER", | |
235 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
236 | ], | |
237 | ||
96bea000 | 238 | [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid", |
88b8a527 RL |
239 | [ "-encrypt", "-in", $smcont, |
240 | "-stream", "-out", "test.cms", "-keyid", | |
241 | catfile($smdir, "smrsa1.pem"), | |
242 | catfile($smdir, "smrsa2.pem"), | |
243 | catfile($smdir, "smrsa3.pem") ], | |
244 | [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), | |
245 | "-in", "test.cms", "-out", "smtst.txt" ] | |
246 | ], | |
247 | ||
248 | [ "enveloped content test streaming PEM format, KEK", | |
249 | [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128", | |
250 | "-stream", "-out", "test.cms", | |
251 | "-secretkey", "000102030405060708090A0B0C0D0E0F", | |
252 | "-secretkeyid", "C0FEE0" ], | |
253 | [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM", | |
254 | "-secretkey", "000102030405060708090A0B0C0D0E0F", | |
255 | "-secretkeyid", "C0FEE0" ] | |
256 | ], | |
257 | ||
258 | [ "enveloped content test streaming PEM format, KEK, key only", | |
259 | [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128", | |
260 | "-stream", "-out", "test.cms", | |
261 | "-secretkey", "000102030405060708090A0B0C0D0E0F", | |
262 | "-secretkeyid", "C0FEE0" ], | |
263 | [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM", | |
264 | "-secretkey", "000102030405060708090A0B0C0D0E0F" ] | |
265 | ], | |
266 | ||
267 | [ "data content test streaming PEM format", | |
268 | [ "-data_create", "-in", $smcont, "-outform", "PEM", "-nodetach", | |
269 | "-stream", "-out", "test.cms" ], | |
270 | [ "-data_out", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ] | |
271 | ], | |
272 | ||
273 | [ "encrypted content test streaming PEM format, 128 bit RC2 key", | |
274 | [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", | |
275 | "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F", | |
276 | "-stream", "-out", "test.cms" ], | |
277 | [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", | |
278 | "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ] | |
279 | ], | |
280 | ||
281 | [ "encrypted content test streaming PEM format, 40 bit RC2 key", | |
282 | [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", | |
283 | "-rc2", "-secretkey", "0001020304", | |
284 | "-stream", "-out", "test.cms" ], | |
285 | [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", | |
286 | "-secretkey", "0001020304", "-out", "smtst.txt" ] | |
287 | ], | |
288 | ||
289 | [ "encrypted content test streaming PEM format, triple DES key", | |
290 | [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", | |
291 | "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617", | |
292 | "-stream", "-out", "test.cms" ], | |
293 | [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", | |
294 | "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617", | |
295 | "-out", "smtst.txt" ] | |
296 | ], | |
297 | ||
298 | [ "encrypted content test streaming PEM format, 128 bit AES key", | |
299 | [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", | |
300 | "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F", | |
301 | "-stream", "-out", "test.cms" ], | |
302 | [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", | |
303 | "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ] | |
304 | ], | |
305 | ||
306 | ); | |
307 | ||
308 | my @smime_cms_comp_tests = ( | |
309 | ||
310 | [ "compressed content test streaming PEM format", | |
311 | [ "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach", | |
312 | "-stream", "-out", "test.cms" ], | |
313 | [ "-uncompress", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ] | |
314 | ] | |
315 | ||
316 | ); | |
317 | ||
318 | my @smime_cms_param_tests = ( | |
319 | [ "signed content test streaming PEM format, RSA keys, PSS signature", | |
320 | [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", | |
321 | "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", | |
322 | "-out", "test.cms" ], | |
323 | [ "-verify", "-in", "test.cms", "-inform", "PEM", | |
324 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
325 | ], | |
326 | ||
491360e7 BE |
327 | [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=-3", |
328 | [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", | |
329 | "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", | |
330 | "-keyopt", "rsa_pss_saltlen:-3", "-out", "test.cms" ], | |
331 | [ "-verify", "-in", "test.cms", "-inform", "PEM", | |
332 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
333 | ], | |
334 | ||
88b8a527 RL |
335 | [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes", |
336 | [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-noattr", | |
337 | "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", | |
338 | "-out", "test.cms" ], | |
339 | [ "-verify", "-in", "test.cms", "-inform", "PEM", | |
340 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
341 | ], | |
342 | ||
343 | [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1", | |
344 | [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", | |
345 | "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", | |
346 | "-keyopt", "rsa_mgf1_md:sha384", "-out", "test.cms" ], | |
347 | [ "-verify", "-in", "test.cms", "-inform", "PEM", | |
348 | "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] | |
349 | ], | |
350 | ||
96bea000 | 351 | [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters", |
88b8a527 RL |
352 | [ "-encrypt", "-in", $smcont, |
353 | "-stream", "-out", "test.cms", | |
354 | "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ], | |
355 | [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), | |
356 | "-in", "test.cms", "-out", "smtst.txt" ] | |
357 | ], | |
358 | ||
96bea000 | 359 | [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256", |
88b8a527 RL |
360 | [ "-encrypt", "-in", $smcont, |
361 | "-stream", "-out", "test.cms", | |
362 | "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep", | |
363 | "-keyopt", "rsa_oaep_md:sha256" ], | |
364 | [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), | |
365 | "-in", "test.cms", "-out", "smtst.txt" ] | |
366 | ], | |
367 | ||
96bea000 | 368 | [ "enveloped content test streaming S/MIME format, DES, ECDH", |
88b8a527 RL |
369 | [ "-encrypt", "-in", $smcont, |
370 | "-stream", "-out", "test.cms", | |
371 | "-recip", catfile($smdir, "smec1.pem") ], | |
372 | [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"), | |
373 | "-in", "test.cms", "-out", "smtst.txt" ] | |
374 | ], | |
375 | ||
5d09b003 DSH |
376 | [ "enveloped content test streaming S/MIME format, DES, ECDH, 2 recipients, key only used", |
377 | [ "-encrypt", "-in", $smcont, | |
378 | "-stream", "-out", "test.cms", | |
379 | catfile($smdir, "smec1.pem"), | |
ed5c7ea2 DSH |
380 | catfile($smdir, "smec3.pem") ], |
381 | [ "-decrypt", "-inkey", catfile($smdir, "smec3.pem"), | |
5d09b003 DSH |
382 | "-in", "test.cms", "-out", "smtst.txt" ] |
383 | ], | |
384 | ||
96bea000 | 385 | [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier", |
88b8a527 RL |
386 | [ "-encrypt", "-keyid", "-in", $smcont, |
387 | "-stream", "-out", "test.cms", | |
388 | "-recip", catfile($smdir, "smec1.pem") ], | |
389 | [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"), | |
390 | "-in", "test.cms", "-out", "smtst.txt" ] | |
391 | ], | |
392 | ||
393 | [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF", | |
394 | [ "-encrypt", "-in", $smcont, | |
395 | "-stream", "-out", "test.cms", | |
396 | "-recip", catfile($smdir, "smec1.pem"), "-aes128", "-keyopt", "ecdh_kdf_md:sha256" ], | |
397 | [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"), | |
398 | "-in", "test.cms", "-out", "smtst.txt" ] | |
399 | ], | |
400 | ||
401 | [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH", | |
402 | [ "-encrypt", "-in", $smcont, | |
403 | "-stream", "-out", "test.cms", | |
404 | "-recip", catfile($smdir, "smec2.pem"), "-aes128", | |
405 | "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ], | |
406 | [ "-decrypt", "-recip", catfile($smdir, "smec2.pem"), | |
407 | "-in", "test.cms", "-out", "smtst.txt" ] | |
408 | ], | |
409 | ||
410 | [ "enveloped content test streaming S/MIME format, X9.42 DH", | |
411 | [ "-encrypt", "-in", $smcont, | |
412 | "-stream", "-out", "test.cms", | |
413 | "-recip", catfile($smdir, "smdh.pem"), "-aes128" ], | |
414 | [ "-decrypt", "-recip", catfile($smdir, "smdh.pem"), | |
415 | "-in", "test.cms", "-out", "smtst.txt" ] | |
416 | ] | |
417 | ); | |
418 | ||
419 | subtest "CMS => PKCS#7 compatibility tests\n" => sub { | |
420 | plan tests => scalar @smime_pkcs7_tests; | |
421 | ||
422 | foreach (@smime_pkcs7_tests) { | |
423 | SKIP: { | |
424 | my $skip_reason = check_availability($$_[0]); | |
425 | skip $skip_reason, 1 if $skip_reason; | |
426 | ||
427 | ok(run(app(["openssl", "cms", @{$$_[1]}])) | |
428 | && run(app(["openssl", "smime", @{$$_[2]}])) | |
429 | && compare_text($smcont, "smtst.txt") == 0, | |
430 | $$_[0]); | |
431 | } | |
432 | } | |
433 | }; | |
434 | subtest "CMS <= PKCS#7 compatibility tests\n" => sub { | |
435 | plan tests => scalar @smime_pkcs7_tests; | |
436 | ||
437 | foreach (@smime_pkcs7_tests) { | |
438 | SKIP: { | |
439 | my $skip_reason = check_availability($$_[0]); | |
440 | skip $skip_reason, 1 if $skip_reason; | |
441 | ||
442 | ok(run(app(["openssl", "smime", @{$$_[1]}])) | |
443 | && run(app(["openssl", "cms", @{$$_[2]}])) | |
444 | && compare_text($smcont, "smtst.txt") == 0, | |
445 | $$_[0]); | |
446 | } | |
447 | } | |
448 | }; | |
449 | ||
450 | subtest "CMS <=> CMS consistency tests\n" => sub { | |
451 | plan tests => (scalar @smime_pkcs7_tests) + (scalar @smime_cms_tests); | |
452 | ||
453 | foreach (@smime_pkcs7_tests) { | |
454 | SKIP: { | |
455 | my $skip_reason = check_availability($$_[0]); | |
456 | skip $skip_reason, 1 if $skip_reason; | |
457 | ||
458 | ok(run(app(["openssl", "cms", @{$$_[1]}])) | |
459 | && run(app(["openssl", "cms", @{$$_[2]}])) | |
460 | && compare_text($smcont, "smtst.txt") == 0, | |
461 | $$_[0]); | |
462 | } | |
463 | } | |
464 | foreach (@smime_cms_tests) { | |
465 | SKIP: { | |
466 | my $skip_reason = check_availability($$_[0]); | |
467 | skip $skip_reason, 1 if $skip_reason; | |
468 | ||
469 | ok(run(app(["openssl", "cms", @{$$_[1]}])) | |
470 | && run(app(["openssl", "cms", @{$$_[2]}])) | |
471 | && compare_text($smcont, "smtst.txt") == 0, | |
472 | $$_[0]); | |
473 | } | |
474 | } | |
475 | }; | |
476 | ||
477 | subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub { | |
478 | plan tests => | |
479 | (scalar @smime_cms_param_tests) + (scalar @smime_cms_comp_tests); | |
480 | ||
481 | foreach (@smime_cms_param_tests) { | |
482 | SKIP: { | |
483 | my $skip_reason = check_availability($$_[0]); | |
484 | skip $skip_reason, 1 if $skip_reason; | |
485 | ||
486 | ok(run(app(["openssl", "cms", @{$$_[1]}])) | |
487 | && run(app(["openssl", "cms", @{$$_[2]}])) | |
488 | && compare_text($smcont, "smtst.txt") == 0, | |
489 | $$_[0]); | |
490 | } | |
491 | } | |
492 | ||
493 | SKIP: { | |
494 | skip("Zlib not supported: compression tests skipped", | |
495 | scalar @smime_cms_comp_tests) | |
340166a9 | 496 | if $no_zlib; |
88b8a527 | 497 | |
cc0b19a7 | 498 | foreach (@smime_cms_comp_tests) { |
88b8a527 RL |
499 | SKIP: { |
500 | my $skip_reason = check_availability($$_[0]); | |
501 | skip $skip_reason, 1 if $skip_reason; | |
502 | ||
503 | ok(run(app(["openssl", "cms", @{$$_[1]}])) | |
504 | && run(app(["openssl", "cms", @{$$_[2]}])) | |
505 | && compare_text($smcont, "smtst.txt") == 0, | |
506 | $$_[0]); | |
507 | } | |
508 | } | |
509 | } | |
510 | }; | |
511 | ||
512 | unlink "test.cms"; | |
513 | unlink "test2.cms"; | |
514 | unlink "smtst.txt"; | |
515 | ||
516 | sub check_availability { | |
517 | my $tnam = shift; | |
518 | ||
519 | return "$tnam: skipped, EC disabled\n" | |
bb4cc75b | 520 | if ($no_ec && $tnam =~ /ECDH/); |
88b8a527 | 521 | return "$tnam: skipped, ECDH disabled\n" |
bb4cc75b | 522 | if ($no_ec && $tnam =~ /ECDH/); |
88b8a527 | 523 | return "$tnam: skipped, EC2M disabled\n" |
bb4cc75b | 524 | if ($no_ec2m && $tnam =~ /K-283/); |
37f3a3b3 | 525 | return "$tnam: skipped, DH disabled\n" |
bb4cc75b MC |
526 | if ($no_dh && $tnam =~ /X9\.42/); |
527 | return "$tnam: skipped, RC2 disabled\n" | |
528 | if ($no_rc2 && $tnam =~ /RC2/); | |
96bea000 MC |
529 | return "$tnam: skipped, DES disabled\n" |
530 | if ($no_des && $tnam =~ /DES/); | |
83ae8124 MC |
531 | return "$tnam: skipped, DSA disabled\n" |
532 | if ($no_dsa && $tnam =~ / DSA/); | |
bb4cc75b | 533 | |
88b8a527 RL |
534 | return ""; |
535 | } |