test/recipes/80-test_cms.t

   1 #! /usr/bin/perl
   2
   3 use strict;
   4 use warnings;
   5
   6 use POSIX;
   7 use File::Spec::Functions qw/catfile/;
   8 use File::Compare qw/compare_text/;
   9 use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
  10 use OpenSSL::Test::Utils;
  11
  12 setup("test_cms");
  13
  14 plan skip_all => "CMS is not supported by this OpenSSL build"
  15     if disabled("cms");
  16
  17 my $smdir    = srctop_dir("test", "smime-certs");
  18 my $smcont   = srctop_file("test", "smcont.txt");
  19 my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
  20     = disabled qw/des dh dsa ec ec2m rc2 zlib/;
  21
  22 plan tests => 4;
  23
  24 my @smime_pkcs7_tests = (
  25
  26     [ "signed content DER format, RSA key",
  27       [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
  28         "-certfile", catfile($smdir, "smroot.pem"),
  29         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
  30       [ "-verify", "-in", "test.cms", "-inform", "DER",
  31         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
  32     ],
  33
  34     [ "signed detached content DER format, RSA key",
  35       [ "-sign", "-in", $smcont, "-outform", "DER",
  36         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
  37       [ "-verify", "-in", "test.cms", "-inform", "DER",
  38         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
  39         "-content", $smcont ]
  40     ],
  41
  42     [ "signed content test streaming BER format, RSA",
  43       [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
  44         "-stream",
  45         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
  46       [ "-verify", "-in", "test.cms", "-inform", "DER",
  47         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
  48     ],
  49
  50     [ "signed content DER format, DSA key",
  51       [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
  52         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
  53       [ "-verify", "-in", "test.cms", "-inform", "DER",
  54         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
  55     ],
  56
  57     [ "signed detached content DER format, DSA key",
  58       [ "-sign", "-in", $smcont, "-outform", "DER",
  59         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
  60       [ "-verify", "-in", "test.cms", "-inform", "DER",
  61         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
  62         "-content", $smcont ]
  63     ],
  64
  65     [ "signed detached content DER format, add RSA signer (with DSA existing)",
  66       [ "-resign", "-inform", "DER", "-in", "test.cms", "-outform", "DER",
  67         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test2.cms" ],
  68       [ "-verify", "-in", "test2.cms", "-inform", "DER",
  69         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
  70         "-content", $smcont ]
  71     ],
  72
  73     [ "signed content test streaming BER format, DSA key",
  74       [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
  75         "-stream",
  76         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
  77       [ "-verify", "-in", "test.cms", "-inform", "DER",
  78         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
  79     ],
  80
  81     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",
  82       [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
  83         "-signer", catfile($smdir, "smrsa1.pem"),
  84         "-signer", catfile($smdir, "smrsa2.pem"),
  85         "-signer", catfile($smdir, "smdsa1.pem"),
  86         "-signer", catfile($smdir, "smdsa2.pem"),
  87         "-stream", "-out", "test.cms" ],
  88       [ "-verify", "-in", "test.cms", "-inform", "DER",
  89         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
  90     ],
  91
  92     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
  93       [ "-sign", "-in", $smcont, "-outform", "DER", "-noattr", "-nodetach",
  94         "-signer", catfile($smdir, "smrsa1.pem"),
  95         "-signer", catfile($smdir, "smrsa2.pem"),
  96         "-signer", catfile($smdir, "smdsa1.pem"),
  97         "-signer", catfile($smdir, "smdsa2.pem"),
  98         "-stream", "-out", "test.cms" ],
  99       [ "-verify", "-in", "test.cms", "-inform", "DER",
 100         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 101     ],
 102
 103     [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
 104       [ "-sign", "-in", $smcont, "-nodetach",
 105         "-signer", catfile($smdir, "smrsa1.pem"),
 106         "-signer", catfile($smdir, "smrsa2.pem"),
 107         "-signer", catfile($smdir, "smdsa1.pem"),
 108         "-signer", catfile($smdir, "smdsa2.pem"),
 109         "-stream", "-out", "test.cms" ],
 110       [ "-verify", "-in", "test.cms",
 111         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 112     ],
 113
 114     [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
 115       [ "-sign", "-in", $smcont,
 116         "-signer", catfile($smdir, "smrsa1.pem"),
 117         "-signer", catfile($smdir, "smrsa2.pem"),
 118         "-signer", catfile($smdir, "smdsa1.pem"),
 119         "-signer", catfile($smdir, "smdsa2.pem"),
 120         "-stream", "-out", "test.cms" ],
 121       [ "-verify", "-in", "test.cms",
 122         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 123     ],
 124
 125     [ "enveloped content test streaming S/MIME format, DES, 3 recipients",
 126       [ "-encrypt", "-in", $smcont,
 127         "-stream", "-out", "test.cms",
 128         catfile($smdir, "smrsa1.pem"),
 129         catfile($smdir, "smrsa2.pem"),
 130         catfile($smdir, "smrsa3.pem") ],
 131       [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
 132         "-in", "test.cms", "-out", "smtst.txt" ]
 133     ],
 134
 135     [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used",
 136       [ "-encrypt", "-in", $smcont,
 137         "-stream", "-out", "test.cms",
 138         catfile($smdir, "smrsa1.pem"),
 139         catfile($smdir, "smrsa2.pem"),
 140         catfile($smdir, "smrsa3.pem") ],
 141       [ "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"),
 142         "-in", "test.cms", "-out", "smtst.txt" ]
 143     ],
 144
 145     [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used",
 146       [ "-encrypt", "-in", $smcont,
 147         "-stream", "-out", "test.cms",
 148         catfile($smdir, "smrsa1.pem"),
 149         catfile($smdir, "smrsa2.pem"),
 150         catfile($smdir, "smrsa3.pem") ],
 151       [ "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"),
 152         "-in", "test.cms", "-out", "smtst.txt" ]
 153     ],
 154
 155     [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
 156       [ "-encrypt", "-in", $smcont,
 157         "-aes256", "-stream", "-out", "test.cms",
 158         catfile($smdir, "smrsa1.pem"),
 159         catfile($smdir, "smrsa2.pem"),
 160         catfile($smdir, "smrsa3.pem") ],
 161       [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
 162         "-in", "test.cms", "-out", "smtst.txt" ]
 163     ],
 164
 165 );
 166
 167 my @smime_cms_tests = (
 168
 169     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
 170       [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", "-keyid",
 171         "-signer", catfile($smdir, "smrsa1.pem"),
 172         "-signer", catfile($smdir, "smrsa2.pem"),
 173         "-signer", catfile($smdir, "smdsa1.pem"),
 174         "-signer", catfile($smdir, "smdsa2.pem"),
 175         "-stream", "-out", "test.cms" ],
 176       [ "-verify", "-in", "test.cms", "-inform", "DER",
 177         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 178     ],
 179
 180     [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
 181       [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
 182         "-signer", catfile($smdir, "smrsa1.pem"),
 183         "-signer", catfile($smdir, "smrsa2.pem"),
 184         "-signer", catfile($smdir, "smdsa1.pem"),
 185         "-signer", catfile($smdir, "smdsa2.pem"),
 186         "-stream", "-out", "test.cms" ],
 187       [ "-verify", "-in", "test.cms", "-inform", "PEM",
 188         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 189     ],
 190
 191     [ "signed content MIME format, RSA key, signed receipt request",
 192       [ "-sign", "-in", $smcont, "-signer", catfile($smdir, "smrsa1.pem"), "-nodetach",
 193         "-receipt_request_to", "test\@openssl.org", "-receipt_request_all",
 194         "-out", "test.cms" ],
 195       [ "-verify", "-in", "test.cms",
 196         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 197     ],
 198
 199     [ "signed receipt MIME format, RSA key",
 200       [ "-sign_receipt", "-in", "test.cms",
 201         "-signer", catfile($smdir, "smrsa2.pem"),
 202         "-out", "test2.cms" ],
 203       [ "-verify_receipt", "test2.cms", "-in", "test.cms",
 204         "-CAfile", catfile($smdir, "smroot.pem") ]
 205     ],
 206
 207     [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid",
 208       [ "-encrypt", "-in", $smcont,
 209         "-stream", "-out", "test.cms", "-keyid",
 210         catfile($smdir, "smrsa1.pem"),
 211         catfile($smdir, "smrsa2.pem"),
 212         catfile($smdir, "smrsa3.pem") ],
 213       [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
 214         "-in", "test.cms", "-out", "smtst.txt" ]
 215     ],
 216
 217     [ "enveloped content test streaming PEM format, KEK",
 218       [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
 219         "-stream", "-out", "test.cms",
 220         "-secretkey", "000102030405060708090A0B0C0D0E0F",
 221         "-secretkeyid", "C0FEE0" ],
 222       [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
 223         "-secretkey", "000102030405060708090A0B0C0D0E0F",
 224         "-secretkeyid", "C0FEE0" ]
 225     ],
 226
 227     [ "enveloped content test streaming PEM format, KEK, key only",
 228       [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
 229         "-stream", "-out", "test.cms",
 230         "-secretkey", "000102030405060708090A0B0C0D0E0F",
 231         "-secretkeyid", "C0FEE0" ],
 232       [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
 233         "-secretkey", "000102030405060708090A0B0C0D0E0F" ]
 234     ],
 235
 236     [ "data content test streaming PEM format",
 237       [ "-data_create", "-in", $smcont, "-outform", "PEM", "-nodetach",
 238         "-stream", "-out", "test.cms" ],
 239       [ "-data_out", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
 240     ],
 241
 242     [ "encrypted content test streaming PEM format, 128 bit RC2 key",
 243       [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
 244         "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F",
 245         "-stream", "-out", "test.cms" ],
 246       [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
 247         "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
 248     ],
 249
 250     [ "encrypted content test streaming PEM format, 40 bit RC2 key",
 251       [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
 252         "-rc2", "-secretkey", "0001020304",
 253         "-stream", "-out", "test.cms" ],
 254       [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
 255         "-secretkey", "0001020304", "-out", "smtst.txt" ]
 256     ],
 257
 258     [ "encrypted content test streaming PEM format, triple DES key",
 259       [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
 260         "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
 261         "-stream", "-out", "test.cms" ],
 262       [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
 263         "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
 264         "-out", "smtst.txt" ]
 265     ],
 266
 267     [ "encrypted content test streaming PEM format, 128 bit AES key",
 268       [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
 269         "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
 270         "-stream", "-out", "test.cms" ],
 271       [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
 272         "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
 273     ],
 274
 275 );
 276
 277 my @smime_cms_comp_tests = (
 278
 279     [ "compressed content test streaming PEM format",
 280       [ "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach",
 281         "-stream", "-out", "test.cms" ],
 282       [ "-uncompress", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
 283     ]
 284
 285 );
 286
 287 my @smime_cms_param_tests = (
 288     [ "signed content test streaming PEM format, RSA keys, PSS signature",
 289       [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
 290         "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
 291         "-out", "test.cms" ],
 292       [ "-verify", "-in", "test.cms", "-inform", "PEM",
 293         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 294     ],
 295
 296     [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes",
 297       [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-noattr",
 298         "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
 299         "-out", "test.cms" ],
 300       [ "-verify", "-in", "test.cms", "-inform", "PEM",
 301         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 302     ],
 303
 304     [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1",
 305       [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
 306         "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
 307         "-keyopt", "rsa_mgf1_md:sha384", "-out", "test.cms" ],
 308       [ "-verify", "-in", "test.cms", "-inform", "PEM",
 309         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
 310     ],
 311
 312     [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters",
 313       [ "-encrypt", "-in", $smcont,
 314         "-stream", "-out", "test.cms",
 315         "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ],
 316       [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
 317         "-in", "test.cms", "-out", "smtst.txt" ]
 318     ],
 319
 320     [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256",
 321       [ "-encrypt", "-in", $smcont,
 322         "-stream", "-out", "test.cms",
 323         "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep",
 324         "-keyopt", "rsa_oaep_md:sha256" ],
 325       [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
 326         "-in", "test.cms", "-out", "smtst.txt" ]
 327     ],
 328
 329     [ "enveloped content test streaming S/MIME format, DES, ECDH",
 330       [ "-encrypt", "-in", $smcont,
 331         "-stream", "-out", "test.cms",
 332         "-recip", catfile($smdir, "smec1.pem") ],
 333       [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
 334         "-in", "test.cms", "-out", "smtst.txt" ]
 335     ],
 336
 337     [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier",
 338       [ "-encrypt", "-keyid", "-in", $smcont,
 339         "-stream", "-out", "test.cms",
 340         "-recip", catfile($smdir, "smec1.pem") ],
 341       [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
 342         "-in", "test.cms", "-out", "smtst.txt" ]
 343     ],
 344
 345     [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
 346       [ "-encrypt", "-in", $smcont,
 347         "-stream", "-out", "test.cms",
 348         "-recip", catfile($smdir, "smec1.pem"), "-aes128", "-keyopt", "ecdh_kdf_md:sha256" ],
 349       [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
 350         "-in", "test.cms", "-out", "smtst.txt" ]
 351     ],
 352
 353     [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH",
 354       [ "-encrypt", "-in", $smcont,
 355         "-stream", "-out", "test.cms",
 356         "-recip", catfile($smdir, "smec2.pem"), "-aes128",
 357         "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ],
 358       [ "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
 359         "-in", "test.cms", "-out", "smtst.txt" ]
 360     ],
 361
 362     [ "enveloped content test streaming S/MIME format, X9.42 DH",
 363       [ "-encrypt", "-in", $smcont,
 364         "-stream", "-out", "test.cms",
 365         "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
 366       [ "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
 367         "-in", "test.cms", "-out", "smtst.txt" ]
 368     ]
 369     );
 370
 371 subtest "CMS => PKCS#7 compatibility tests\n" => sub {
 372     plan tests => scalar @smime_pkcs7_tests;
 373
 374     foreach (@smime_pkcs7_tests) {
 375       SKIP: {
 376           my $skip_reason = check_availability($$_[0]);
 377           skip $skip_reason, 1 if $skip_reason;
 378
 379           ok(run(app(["openssl", "cms", @{$$_[1]}]))
 380              && run(app(["openssl", "smime", @{$$_[2]}]))
 381              && compare_text($smcont, "smtst.txt") == 0,
 382              $$_[0]);
 383         }
 384     }
 385 };
 386 subtest "CMS <= PKCS#7 compatibility tests\n" => sub {
 387     plan tests => scalar @smime_pkcs7_tests;
 388
 389     foreach (@smime_pkcs7_tests) {
 390       SKIP: {
 391           my $skip_reason = check_availability($$_[0]);
 392           skip $skip_reason, 1 if $skip_reason;
 393
 394           ok(run(app(["openssl", "smime", @{$$_[1]}]))
 395              && run(app(["openssl", "cms", @{$$_[2]}]))
 396              && compare_text($smcont, "smtst.txt") == 0,
 397              $$_[0]);
 398         }
 399     }
 400 };
 401
 402 subtest "CMS <=> CMS consistency tests\n" => sub {
 403     plan tests => (scalar @smime_pkcs7_tests) + (scalar @smime_cms_tests);
 404
 405     foreach (@smime_pkcs7_tests) {
 406       SKIP: {
 407           my $skip_reason = check_availability($$_[0]);
 408           skip $skip_reason, 1 if $skip_reason;
 409
 410           ok(run(app(["openssl", "cms", @{$$_[1]}]))
 411              && run(app(["openssl", "cms", @{$$_[2]}]))
 412              && compare_text($smcont, "smtst.txt") == 0,
 413              $$_[0]);
 414         }
 415     }
 416     foreach (@smime_cms_tests) {
 417       SKIP: {
 418           my $skip_reason = check_availability($$_[0]);
 419           skip $skip_reason, 1 if $skip_reason;
 420
 421           ok(run(app(["openssl", "cms", @{$$_[1]}]))
 422              && run(app(["openssl", "cms", @{$$_[2]}]))
 423              && compare_text($smcont, "smtst.txt") == 0,
 424              $$_[0]);
 425         }
 426     }
 427 };
 428
 429 subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub {
 430     plan tests =>
 431         (scalar @smime_cms_param_tests) + (scalar @smime_cms_comp_tests);
 432
 433     foreach (@smime_cms_param_tests) {
 434       SKIP: {
 435           my $skip_reason = check_availability($$_[0]);
 436           skip $skip_reason, 1 if $skip_reason;
 437
 438           ok(run(app(["openssl", "cms", @{$$_[1]}]))
 439              && run(app(["openssl", "cms", @{$$_[2]}]))
 440              && compare_text($smcont, "smtst.txt") == 0,
 441              $$_[0]);
 442         }
 443     }
 444
 445   SKIP: {
 446       skip("Zlib not supported: compression tests skipped",
 447            scalar @smime_cms_comp_tests)
 448           if $no_zlib;
 449
 450       foreach (@smime_cms_comp_tests) {
 451         SKIP: {
 452             my $skip_reason = check_availability($$_[0]);
 453             skip $skip_reason, 1 if $skip_reason;
 454
 455             ok(run(app(["openssl", "cms", @{$$_[1]}]))
 456                && run(app(["openssl", "cms", @{$$_[2]}]))
 457                && compare_text($smcont, "smtst.txt") == 0,
 458                $$_[0]);
 459           }
 460       }
 461     }
 462 };
 463
 464 unlink "test.cms";
 465 unlink "test2.cms";
 466 unlink "smtst.txt";
 467
 468 sub check_availability {
 469     my $tnam = shift;
 470
 471     return "$tnam: skipped, EC disabled\n"
 472         if ($no_ec && $tnam =~ /ECDH/);
 473     return "$tnam: skipped, ECDH disabled\n"
 474         if ($no_ec && $tnam =~ /ECDH/);
 475     return "$tnam: skipped, EC2M disabled\n"
 476         if ($no_ec2m && $tnam =~ /K-283/);
 477     return "$tnam: skipped, DH disabled\n"
 478         if ($no_dh && $tnam =~ /X9\.42/);
 479     return "$tnam: skipped, RC2 disabled\n"
 480         if ($no_rc2 && $tnam =~ /RC2/);
 481     return "$tnam: skipped, DES disabled\n"
 482         if ($no_des && $tnam =~ /DES/);
 483     return "$tnam: skipped, DSA disabled\n"
 484         if ($no_dsa && $tnam =~ / DSA/);
 485
 486     return "";
 487 }