2 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
14 use File::Spec::Functions qw/catfile/;
15 use File::Compare qw/compare_text/;
16 use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
17 use OpenSSL::Test::Utils;
21 plan skip_all => "CMS is not supported by this OpenSSL build"
24 my $smdir = srctop_dir("test", "smime-certs");
25 my $smcont = srctop_file("test", "smcont.txt");
26 my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
27 = disabled qw/des dh dsa ec ec2m rc2 zlib/;
31 my @smime_pkcs7_tests = (
33 [ "signed content DER format, RSA key",
34 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
35 "-certfile", catfile($smdir, "smroot.pem"),
36 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
37 [ "-verify", "-in", "test.cms", "-inform", "DER",
38 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
41 [ "signed detached content DER format, RSA key",
42 [ "-sign", "-in", $smcont, "-outform", "DER",
43 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
44 [ "-verify", "-in", "test.cms", "-inform", "DER",
45 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
49 [ "signed content test streaming BER format, RSA",
50 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
52 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
53 [ "-verify", "-in", "test.cms", "-inform", "DER",
54 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
57 [ "signed content DER format, DSA key",
58 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
59 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
60 [ "-verify", "-in", "test.cms", "-inform", "DER",
61 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
64 [ "signed detached content DER format, DSA key",
65 [ "-sign", "-in", $smcont, "-outform", "DER",
66 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
67 [ "-verify", "-in", "test.cms", "-inform", "DER",
68 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
72 [ "signed detached content DER format, add RSA signer (with DSA existing)",
73 [ "-resign", "-inform", "DER", "-in", "test.cms", "-outform", "DER",
74 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test2.cms" ],
75 [ "-verify", "-in", "test2.cms", "-inform", "DER",
76 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
80 [ "signed content test streaming BER format, DSA key",
81 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
83 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
84 [ "-verify", "-in", "test.cms", "-inform", "DER",
85 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
88 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",
89 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
90 "-signer", catfile($smdir, "smrsa1.pem"),
91 "-signer", catfile($smdir, "smrsa2.pem"),
92 "-signer", catfile($smdir, "smdsa1.pem"),
93 "-signer", catfile($smdir, "smdsa2.pem"),
94 "-stream", "-out", "test.cms" ],
95 [ "-verify", "-in", "test.cms", "-inform", "DER",
96 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
99 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
100 [ "-sign", "-in", $smcont, "-outform", "DER", "-noattr", "-nodetach",
101 "-signer", catfile($smdir, "smrsa1.pem"),
102 "-signer", catfile($smdir, "smrsa2.pem"),
103 "-signer", catfile($smdir, "smdsa1.pem"),
104 "-signer", catfile($smdir, "smdsa2.pem"),
105 "-stream", "-out", "test.cms" ],
106 [ "-verify", "-in", "test.cms", "-inform", "DER",
107 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
110 [ "signed content S/MIME format, RSA key SHA1",
111 [ "-sign", "-in", $smcont, "-md", "sha1",
112 "-certfile", catfile($smdir, "smroot.pem"),
113 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
114 [ "-verify", "-in", "test.cms",
115 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
118 [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
119 [ "-sign", "-in", $smcont, "-nodetach",
120 "-signer", catfile($smdir, "smrsa1.pem"),
121 "-signer", catfile($smdir, "smrsa2.pem"),
122 "-signer", catfile($smdir, "smdsa1.pem"),
123 "-signer", catfile($smdir, "smdsa2.pem"),
124 "-stream", "-out", "test.cms" ],
125 [ "-verify", "-in", "test.cms",
126 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
129 [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
130 [ "-sign", "-in", $smcont,
131 "-signer", catfile($smdir, "smrsa1.pem"),
132 "-signer", catfile($smdir, "smrsa2.pem"),
133 "-signer", catfile($smdir, "smdsa1.pem"),
134 "-signer", catfile($smdir, "smdsa2.pem"),
135 "-stream", "-out", "test.cms" ],
136 [ "-verify", "-in", "test.cms",
137 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
140 [ "enveloped content test streaming S/MIME format, DES, 3 recipients",
141 [ "-encrypt", "-in", $smcont,
142 "-stream", "-out", "test.cms",
143 catfile($smdir, "smrsa1.pem"),
144 catfile($smdir, "smrsa2.pem"),
145 catfile($smdir, "smrsa3.pem") ],
146 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
147 "-in", "test.cms", "-out", "smtst.txt" ]
150 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used",
151 [ "-encrypt", "-in", $smcont,
152 "-stream", "-out", "test.cms",
153 catfile($smdir, "smrsa1.pem"),
154 catfile($smdir, "smrsa2.pem"),
155 catfile($smdir, "smrsa3.pem") ],
156 [ "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"),
157 "-in", "test.cms", "-out", "smtst.txt" ]
160 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used",
161 [ "-encrypt", "-in", $smcont,
162 "-stream", "-out", "test.cms",
163 catfile($smdir, "smrsa1.pem"),
164 catfile($smdir, "smrsa2.pem"),
165 catfile($smdir, "smrsa3.pem") ],
166 [ "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"),
167 "-in", "test.cms", "-out", "smtst.txt" ]
170 [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
171 [ "-encrypt", "-in", $smcont,
172 "-aes256", "-stream", "-out", "test.cms",
173 catfile($smdir, "smrsa1.pem"),
174 catfile($smdir, "smrsa2.pem"),
175 catfile($smdir, "smrsa3.pem") ],
176 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
177 "-in", "test.cms", "-out", "smtst.txt" ]
182 my @smime_cms_tests = (
184 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
185 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", "-keyid",
186 "-signer", catfile($smdir, "smrsa1.pem"),
187 "-signer", catfile($smdir, "smrsa2.pem"),
188 "-signer", catfile($smdir, "smdsa1.pem"),
189 "-signer", catfile($smdir, "smdsa2.pem"),
190 "-stream", "-out", "test.cms" ],
191 [ "-verify", "-in", "test.cms", "-inform", "DER",
192 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
195 [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
196 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
197 "-signer", catfile($smdir, "smrsa1.pem"),
198 "-signer", catfile($smdir, "smrsa2.pem"),
199 "-signer", catfile($smdir, "smdsa1.pem"),
200 "-signer", catfile($smdir, "smdsa2.pem"),
201 "-stream", "-out", "test.cms" ],
202 [ "-verify", "-in", "test.cms", "-inform", "PEM",
203 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
206 [ "signed content MIME format, RSA key, signed receipt request",
207 [ "-sign", "-in", $smcont, "-signer", catfile($smdir, "smrsa1.pem"), "-nodetach",
208 "-receipt_request_to", "test\@openssl.org", "-receipt_request_all",
209 "-out", "test.cms" ],
210 [ "-verify", "-in", "test.cms",
211 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
214 [ "signed receipt MIME format, RSA key",
215 [ "-sign_receipt", "-in", "test.cms",
216 "-signer", catfile($smdir, "smrsa2.pem"),
217 "-out", "test2.cms" ],
218 [ "-verify_receipt", "test2.cms", "-in", "test.cms",
219 "-CAfile", catfile($smdir, "smroot.pem") ]
222 [ "signed content DER format, RSA key, CAdES-BES compatible",
223 [ "-sign", "-cades", "-in", $smcont, "-outform", "DER", "-nodetach",
224 "-certfile", catfile($smdir, "smroot.pem"),
225 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
226 [ "-verify", "-in", "test.cms", "-inform", "DER",
227 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
230 [ "signed content DER format, RSA key, SHA256 md, CAdES-BES compatible",
231 [ "-sign", "-cades", "-md", "sha256", "-in", $smcont, "-outform",
232 "DER", "-nodetach", "-certfile", catfile($smdir, "smroot.pem"),
233 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
234 [ "-verify", "-in", "test.cms", "-inform", "DER",
235 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
238 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid",
239 [ "-encrypt", "-in", $smcont,
240 "-stream", "-out", "test.cms", "-keyid",
241 catfile($smdir, "smrsa1.pem"),
242 catfile($smdir, "smrsa2.pem"),
243 catfile($smdir, "smrsa3.pem") ],
244 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
245 "-in", "test.cms", "-out", "smtst.txt" ]
248 [ "enveloped content test streaming PEM format, KEK",
249 [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
250 "-stream", "-out", "test.cms",
251 "-secretkey", "000102030405060708090A0B0C0D0E0F",
252 "-secretkeyid", "C0FEE0" ],
253 [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
254 "-secretkey", "000102030405060708090A0B0C0D0E0F",
255 "-secretkeyid", "C0FEE0" ]
258 [ "enveloped content test streaming PEM format, KEK, key only",
259 [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
260 "-stream", "-out", "test.cms",
261 "-secretkey", "000102030405060708090A0B0C0D0E0F",
262 "-secretkeyid", "C0FEE0" ],
263 [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
264 "-secretkey", "000102030405060708090A0B0C0D0E0F" ]
267 [ "data content test streaming PEM format",
268 [ "-data_create", "-in", $smcont, "-outform", "PEM", "-nodetach",
269 "-stream", "-out", "test.cms" ],
270 [ "-data_out", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
273 [ "encrypted content test streaming PEM format, 128 bit RC2 key",
274 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
275 "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F",
276 "-stream", "-out", "test.cms" ],
277 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
278 "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
281 [ "encrypted content test streaming PEM format, 40 bit RC2 key",
282 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
283 "-rc2", "-secretkey", "0001020304",
284 "-stream", "-out", "test.cms" ],
285 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
286 "-secretkey", "0001020304", "-out", "smtst.txt" ]
289 [ "encrypted content test streaming PEM format, triple DES key",
290 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
291 "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
292 "-stream", "-out", "test.cms" ],
293 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
294 "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
295 "-out", "smtst.txt" ]
298 [ "encrypted content test streaming PEM format, 128 bit AES key",
299 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
300 "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
301 "-stream", "-out", "test.cms" ],
302 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
303 "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
308 my @smime_cms_comp_tests = (
310 [ "compressed content test streaming PEM format",
311 [ "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach",
312 "-stream", "-out", "test.cms" ],
313 [ "-uncompress", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
318 my @smime_cms_param_tests = (
319 [ "signed content test streaming PEM format, RSA keys, PSS signature",
320 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
321 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
322 "-out", "test.cms" ],
323 [ "-verify", "-in", "test.cms", "-inform", "PEM",
324 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
327 [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max",
328 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
329 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
330 "-keyopt", "rsa_pss_saltlen:max", "-out", "test.cms" ],
331 [ "-verify", "-in", "test.cms", "-inform", "PEM",
332 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
335 [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes",
336 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-noattr",
337 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
338 "-out", "test.cms" ],
339 [ "-verify", "-in", "test.cms", "-inform", "PEM",
340 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
343 [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1",
344 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
345 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
346 "-keyopt", "rsa_mgf1_md:sha384", "-out", "test.cms" ],
347 [ "-verify", "-in", "test.cms", "-inform", "PEM",
348 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
351 [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters",
352 [ "-encrypt", "-in", $smcont,
353 "-stream", "-out", "test.cms",
354 "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ],
355 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
356 "-in", "test.cms", "-out", "smtst.txt" ]
359 [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256",
360 [ "-encrypt", "-in", $smcont,
361 "-stream", "-out", "test.cms",
362 "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep",
363 "-keyopt", "rsa_oaep_md:sha256" ],
364 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
365 "-in", "test.cms", "-out", "smtst.txt" ]
368 [ "enveloped content test streaming S/MIME format, DES, ECDH",
369 [ "-encrypt", "-in", $smcont,
370 "-stream", "-out", "test.cms",
371 "-recip", catfile($smdir, "smec1.pem") ],
372 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
373 "-in", "test.cms", "-out", "smtst.txt" ]
376 [ "enveloped content test streaming S/MIME format, DES, ECDH, 2 recipients, key only used",
377 [ "-encrypt", "-in", $smcont,
378 "-stream", "-out", "test.cms",
379 catfile($smdir, "smec1.pem"),
380 catfile($smdir, "smec3.pem") ],
381 [ "-decrypt", "-inkey", catfile($smdir, "smec3.pem"),
382 "-in", "test.cms", "-out", "smtst.txt" ]
385 [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier",
386 [ "-encrypt", "-keyid", "-in", $smcont,
387 "-stream", "-out", "test.cms",
388 "-recip", catfile($smdir, "smec1.pem") ],
389 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
390 "-in", "test.cms", "-out", "smtst.txt" ]
393 [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
394 [ "-encrypt", "-in", $smcont,
395 "-stream", "-out", "test.cms",
396 "-recip", catfile($smdir, "smec1.pem"), "-aes128", "-keyopt", "ecdh_kdf_md:sha256" ],
397 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
398 "-in", "test.cms", "-out", "smtst.txt" ]
401 [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH",
402 [ "-encrypt", "-in", $smcont,
403 "-stream", "-out", "test.cms",
404 "-recip", catfile($smdir, "smec2.pem"), "-aes128",
405 "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ],
406 [ "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
407 "-in", "test.cms", "-out", "smtst.txt" ]
410 [ "enveloped content test streaming S/MIME format, X9.42 DH",
411 [ "-encrypt", "-in", $smcont,
412 "-stream", "-out", "test.cms",
413 "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
414 [ "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
415 "-in", "test.cms", "-out", "smtst.txt" ]
419 subtest "CMS => PKCS#7 compatibility tests\n" => sub {
420 plan tests => scalar @smime_pkcs7_tests;
422 foreach (@smime_pkcs7_tests) {
424 my $skip_reason = check_availability($$_[0]);
425 skip $skip_reason, 1 if $skip_reason;
427 ok(run(app(["openssl", "cms", @{$$_[1]}]))
428 && run(app(["openssl", "smime", @{$$_[2]}]))
429 && compare_text($smcont, "smtst.txt") == 0,
434 subtest "CMS <= PKCS#7 compatibility tests\n" => sub {
435 plan tests => scalar @smime_pkcs7_tests;
437 foreach (@smime_pkcs7_tests) {
439 my $skip_reason = check_availability($$_[0]);
440 skip $skip_reason, 1 if $skip_reason;
442 ok(run(app(["openssl", "smime", @{$$_[1]}]))
443 && run(app(["openssl", "cms", @{$$_[2]}]))
444 && compare_text($smcont, "smtst.txt") == 0,
450 subtest "CMS <=> CMS consistency tests\n" => sub {
451 plan tests => (scalar @smime_pkcs7_tests) + (scalar @smime_cms_tests);
453 foreach (@smime_pkcs7_tests) {
455 my $skip_reason = check_availability($$_[0]);
456 skip $skip_reason, 1 if $skip_reason;
458 ok(run(app(["openssl", "cms", @{$$_[1]}]))
459 && run(app(["openssl", "cms", @{$$_[2]}]))
460 && compare_text($smcont, "smtst.txt") == 0,
464 foreach (@smime_cms_tests) {
466 my $skip_reason = check_availability($$_[0]);
467 skip $skip_reason, 1 if $skip_reason;
469 ok(run(app(["openssl", "cms", @{$$_[1]}]))
470 && run(app(["openssl", "cms", @{$$_[2]}]))
471 && compare_text($smcont, "smtst.txt") == 0,
477 subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub {
479 (scalar @smime_cms_param_tests) + (scalar @smime_cms_comp_tests);
481 foreach (@smime_cms_param_tests) {
483 my $skip_reason = check_availability($$_[0]);
484 skip $skip_reason, 1 if $skip_reason;
486 ok(run(app(["openssl", "cms", @{$$_[1]}]))
487 && run(app(["openssl", "cms", @{$$_[2]}]))
488 && compare_text($smcont, "smtst.txt") == 0,
494 skip("Zlib not supported: compression tests skipped",
495 scalar @smime_cms_comp_tests)
498 foreach (@smime_cms_comp_tests) {
500 my $skip_reason = check_availability($$_[0]);
501 skip $skip_reason, 1 if $skip_reason;
503 ok(run(app(["openssl", "cms", @{$$_[1]}]))
504 && run(app(["openssl", "cms", @{$$_[2]}]))
505 && compare_text($smcont, "smtst.txt") == 0,
516 sub check_availability {
519 return "$tnam: skipped, EC disabled\n"
520 if ($no_ec && $tnam =~ /ECDH/);
521 return "$tnam: skipped, ECDH disabled\n"
522 if ($no_ec && $tnam =~ /ECDH/);
523 return "$tnam: skipped, EC2M disabled\n"
524 if ($no_ec2m && $tnam =~ /K-283/);
525 return "$tnam: skipped, DH disabled\n"
526 if ($no_dh && $tnam =~ /X9\.42/);
527 return "$tnam: skipped, RC2 disabled\n"
528 if ($no_rc2 && $tnam =~ /RC2/);
529 return "$tnam: skipped, DES disabled\n"
530 if ($no_des && $tnam =~ /DES/);
531 return "$tnam: skipped, DSA disabled\n"
532 if ($no_dsa && $tnam =~ / DSA/);