skip "Skipping tests that require EC, SM2 or SM3", 2
if disabled("ec") || disabled("sm2") || disabled("sm3");
- # TODO(3.0) Remove this when we have a SM2 keymgmt and decoder
- my @tmp_sm2_hack = qw(-engine loader_attic)
- unless disabled('dynamic-engine') || disabled('deprecated-3.0');
- skip "Skipping tests that require dynamic enginess (temporary meaasure)", 2
- unless @tmp_sm2_hack;
-
# SM2
- ok_nofips(run(app(([ 'openssl', 'pkeyutl', @tmp_sm2_hack, '-sign',
+ ok_nofips(run(app(([ 'openssl', 'pkeyutl', '-sign',
'-in', srctop_file('test', 'certs', 'sm2.pem'),
'-inkey', srctop_file('test', 'certs', 'sm2.key'),
'-out', 'sm2.sig', '-rawin',
'-digest', 'sm3', '-pkeyopt', 'distid:someid']))),
"Sign a piece of data using SM2");
- ok_nofips(run(app(([ 'openssl', 'pkeyutl', @tmp_sm2_hack,
+ ok_nofips(run(app(([ 'openssl', 'pkeyutl',
'-verify', '-certin',
'-in', srctop_file('test', 'certs', 'sm2.pem'),
'-inkey', srctop_file('test', 'certs', 'sm2.pem'),
note("There should not be more that at most 80 per line");
}
-# TODO(3.0) This should be removed as soon as missing support is added
-# Identified problems:
-# - SM2 lacks provider-native keymgmt and decoder
-# - ED25519, ED448, X25519 and X448 signature implementations do not
-# respond to the "algorithm-id" parameter request.
-my @tmp_loader_hack = qw(-engine loader_attic)
- unless disabled('dynamic-engine') || disabled('deprecated-3.0');
-
# Check for duplicate -addext parameters, and one "working" case.
my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem",
"-config", srctop_file("test", "test.cnf"), @req_new );
SKIP: {
skip "SM2 is not supported by this OpenSSL build", 4
- if disabled("sm2") || !@tmp_loader_hack;
- ok(run(app(["openssl", "req", @tmp_loader_hack,
+ if disabled("sm2");
+ ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"),
"-new", "-key", srctop_file("test", "certs", "sm2.key"),
"-sigopt", "distid:1234567812345678",
"-out", "testreq-sm2.pem", "-sm3"])),
"Generating SM2 certificate request");
- ok(run(app(["openssl", "req", @tmp_loader_hack,
+ ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"),
"-verify", "-in", "testreq-sm2.pem", "-noout",
"-vfyopt", "distid:1234567812345678", "-sm3"])),
"Verifying signature on SM2 certificate request");
- ok(run(app(["openssl", "req", @tmp_loader_hack,
+ ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"),
"-new", "-key", srctop_file("test", "certs", "sm2.key"),
"-sigopt", "hexdistid:DEADBEEF",
"-out", "testreq-sm2.pem", "-sm3"])),
"Generating SM2 certificate request with hex id");
- ok(run(app(["openssl", "req", @tmp_loader_hack,
+ ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"),
"-verify", "-in", "testreq-sm2.pem", "-noout",
"-vfyopt", "hexdistid:DEADBEEF", "-sm3"])),