2 # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
14 use OpenSSL::Test qw/:DEFAULT srctop_file/;
15 use OpenSSL::Test::Utils;
17 # 'supported' and 'unsupported' reflect the current state of things. In
18 # Test::More terms, 'supported' works exactly like ok(run(whatever)), while
19 # 'unsupported' wraps that in a TODO: { } block.
21 # The first argument is the test name (this becomes the last argument to
23 # The remaining argument are passed unchecked to 'run'.
25 # 1: the result of app() or similar, i.e. something you can pass to
40 plan skip_all => "This test is unsupported in a no-ec build"
43 my @prime_curves = qw(
64 wap-wsg-idm-ecid-wtls6
65 wap-wsg-idm-ecid-wtls7
66 wap-wsg-idm-ecid-wtls8
67 wap-wsg-idm-ecid-wtls9
68 wap-wsg-idm-ecid-wtls12
85 my @binary_curves = qw(
120 wap-wsg-idm-ecid-wtls1
121 wap-wsg-idm-ecid-wtls3
122 wap-wsg-idm-ecid-wtls4
123 wap-wsg-idm-ecid-wtls5
124 wap-wsg-idm-ecid-wtls10
125 wap-wsg-idm-ecid-wtls11
128 my @explicit_only_curves = ();
129 push(@explicit_only_curves, qw(
132 )) if !disabled("ec2m");
134 my @other_curves = ();
135 push(@other_curves, 'SM2')
138 my @curve_aliases = qw(
145 push(@curve_aliases, qw(
156 )) if !disabled("ec2m");
159 push(@curve_list, @prime_curves);
160 push(@curve_list, @binary_curves)
161 if !disabled("ec2m");
162 push(@curve_list, @other_curves);
163 push(@curve_list, @curve_aliases);
165 my %params_encodings =
167 'named_curve' => \&supported_pass,
168 'explicit' => \&supported_pass
171 my @output_formats = ('PEM', 'DER');
173 plan tests => scalar(@curve_list) * scalar(keys %params_encodings)
174 * (1 + scalar(@output_formats)) # Try listed @output_formats and text output
175 * 2 # Test generating parameters and keys
176 + 1 # Checking that with no curve it fails
177 + 1 # Checking that with unknown curve it fails
178 + 1 # Subtest for explicit only curves
179 + 1 # base serializer test
182 ok(!run(app([ 'openssl', 'genpkey',
183 '-algorithm', 'EC'])),
184 "genpkey EC with no params should fail");
186 ok(!run(app([ 'openssl', 'genpkey',
188 '-pkeyopt', 'ec_paramgen_curve:bogus_foobar_curve'])),
189 "genpkey EC with unknown curve name should fail");
191 ok(run(app([ 'openssl', 'genpkey',
192 '-provider-path', 'providers',
194 '-config', srctop_file("test", "default.cnf"),
196 '-pkeyopt', 'ec_paramgen_curve:prime256v1',
198 "generate a private key and serialize it using the base provider");
200 foreach my $curvename (@curve_list) {
201 foreach my $paramenc (sort keys %params_encodings) {
202 my $fn = $params_encodings{$paramenc};
204 # --- Test generating parameters ---
206 $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (text)",
207 app([ 'openssl', 'genpkey', '-genparam',
209 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
210 '-pkeyopt', 'ec_param_enc:'.$paramenc,
213 foreach my $outform (@output_formats) {
214 my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
215 $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
216 app([ 'openssl', 'genpkey', '-genparam',
218 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
219 '-pkeyopt', 'ec_param_enc:'.$paramenc,
220 '-outform', $outform,
224 # --- Test generating actual keys ---
226 $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (text)",
227 app([ 'openssl', 'genpkey',
229 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
230 '-pkeyopt', 'ec_param_enc:'.$paramenc,
233 foreach my $outform (@output_formats) {
234 my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
235 $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
236 app([ 'openssl', 'genpkey',
238 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
239 '-pkeyopt', 'ec_param_enc:'.$paramenc,
240 '-outform', $outform,
246 subtest "test curves that only support explicit parameters encoding" => sub {
247 plan skip_all => "This test is unsupported under current configuration"
248 if scalar(@explicit_only_curves) <= 0;
250 plan tests => scalar(@explicit_only_curves) * scalar(keys %params_encodings)
251 * (1 + scalar(@output_formats)) # Try listed @output_formats and text output
252 * 2 # Test generating parameters and keys
255 my %params_encodings =
257 'named_curve' => \&supported_fail,
258 'explicit' => \&supported_pass
261 foreach my $curvename (@explicit_only_curves) {
262 foreach my $paramenc (sort keys %params_encodings) {
263 my $fn = $params_encodings{$paramenc};
265 # --- Test generating parameters ---
267 $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (text)",
268 app([ 'openssl', 'genpkey', '-genparam',
270 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
271 '-pkeyopt', 'ec_param_enc:'.$paramenc,
274 foreach my $outform (@output_formats) {
275 my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
276 $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
277 app([ 'openssl', 'genpkey', '-genparam',
279 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
280 '-pkeyopt', 'ec_param_enc:'.$paramenc,
281 '-outform', $outform,
285 # --- Test generating actual keys ---
287 $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (text)",
288 app([ 'openssl', 'genpkey',
290 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
291 '-pkeyopt', 'ec_param_enc:'.$paramenc,
294 foreach my $outform (@output_formats) {
295 my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform;
296 $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (${outform})",
297 app([ 'openssl', 'genpkey',
299 '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
300 '-pkeyopt', 'ec_param_enc:'.$paramenc,
301 '-outform', $outform,