( "file:blahdiblah.pem",
"file:test/blahdibleh.der" );
-my $n = (3 * scalar @noexist_files)
- + (6 * scalar @src_files)
- + (4 * scalar @generated_files)
- + (scalar keys %generated_file_files)
- + (scalar @noexist_file_files)
- + 3
- + 11;
+# There is more than one method to get a 'file:' loader.
+# The default is a built-in provider implementation.
+# However, there is also an engine, specially for testing purposes.
+#
+# @methods is a collection of extra 'openssl storeutl' arguments used to
+# try the different methods.
+my @methods;
+push @methods, [qw(-provider default -provider legacy)];
+push @methods, [qw(-engine loader_attic)]
+ unless disabled('dynamic-engine') || disabled('deprecated-3.0');
+
+my $n = scalar @methods
+ * ( (3 * scalar @noexist_files)
+ + (6 * scalar @src_files)
+ + (4 * scalar @generated_files)
+ + (scalar keys %generated_file_files)
+ + (scalar @noexist_file_files)
+ + 3
+ + 11 );
+
+plan skip_all => "No plan" if $n == 0;
plan tests => $n;
my $rehash = init_rehash();
- foreach (@noexist_files) {
- my $file = srctop_file($_);
+ foreach my $method (@methods) {
+ my @storeutl = ( qw(openssl storeutl), @$method );
- ok(!run(app(["openssl", "storeutl", "-noout", $file])));
- ok(!run(app(["openssl", "storeutl", "-noout",
- to_abs_file($file)])));
- {
- local $ENV{MSYS2_ARG_CONV_EXCL} = "file:";
+ foreach (@noexist_files) {
+ my $file = srctop_file($_);
- ok(!run(app(["openssl", "storeutl", "-noout",
- to_abs_file_uri($file)])));
- }
- }
- foreach (@src_files) {
- my $file = srctop_file($_);
+ ok(!run(app([@storeutl, "-noout", $file])));
+ ok(!run(app([@storeutl, "-noout", to_abs_file($file)])));
+ {
+ local $ENV{MSYS2_ARG_CONV_EXCL} = "file:";
- ok(run(app(["openssl", "storeutl", "-noout", $file])));
- ok(run(app(["openssl", "storeutl", "-noout", to_abs_file($file)])));
- SKIP:
- {
- skip "file: tests disabled on MingW", 4 if $mingw;
-
- ok(run(app(["openssl", "storeutl", "-noout",
- to_abs_file_uri($file)])));
- ok(run(app(["openssl", "storeutl", "-noout",
- to_abs_file_uri($file, 0, "")])));
- ok(run(app(["openssl", "storeutl", "-noout",
- to_abs_file_uri($file, 0, "localhost")])));
- ok(!run(app(["openssl", "storeutl", "-noout",
- to_abs_file_uri($file, 0, "dummy")])));
+ ok(!run(app([@storeutl, "-noout",
+ to_abs_file_uri($file)])));
+ }
}
- }
- foreach (@generated_files) {
- ok(run(app(["openssl", "storeutl", "-noout", "-passin",
- "pass:password", $_])));
- ok(run(app(["openssl", "storeutl", "-noout", "-passin",
- "pass:password", to_abs_file($_)])));
-
- SKIP:
- {
- skip "file: tests disabled on MingW", 2 if $mingw;
-
- ok(run(app(["openssl", "storeutl", "-noout", "-passin",
- "pass:password", to_abs_file_uri($_)])));
- ok(!run(app(["openssl", "storeutl", "-noout", "-passin",
- "pass:password", to_file_uri($_)])));
+ foreach (@src_files) {
+ my $file = srctop_file($_);
+
+ ok(run(app([@storeutl, "-noout", $file])));
+ ok(run(app([@storeutl, "-noout", to_abs_file($file)])));
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 4 if $mingw;
+
+ ok(run(app([@storeutl, "-noout",
+ to_abs_file_uri($file)])));
+ ok(run(app([@storeutl, "-noout",
+ to_abs_file_uri($file, 0, "")])));
+ ok(run(app([@storeutl, "-noout",
+ to_abs_file_uri($file, 0, "localhost")])));
+ ok(!run(app([@storeutl, "-noout",
+ to_abs_file_uri($file, 0, "dummy")])));
+ }
}
- }
- foreach (values %generated_file_files) {
- SKIP:
- {
- skip "file: tests disabled on MingW", 1 if $mingw;
-
- ok(run(app(["openssl", "storeutl", "-noout", $_])));
+ foreach (@generated_files) {
+ ok(run(app([@storeutl, "-noout", "-passin",
+ "pass:password", $_])));
+ ok(run(app([@storeutl, "-noout", "-passin",
+ "pass:password", to_abs_file($_)])));
+
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 2 if $mingw;
+
+ ok(run(app([@storeutl, "-noout", "-passin",
+ "pass:password", to_abs_file_uri($_)])));
+ ok(!run(app([@storeutl, "-noout", "-passin",
+ "pass:password", to_file_uri($_)])));
+ }
}
- }
- foreach (@noexist_file_files) {
- SKIP:
- {
- skip "file: tests disabled on MingW", 1 if $mingw;
+ foreach (values %generated_file_files) {
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 1 if $mingw;
- ok(!run(app(["openssl", "storeutl", "-noout", $_])));
+ ok(run(app([@storeutl, "-noout", $_])));
+ }
}
- }
- {
- my $dir = srctop_dir("test", "certs");
+ foreach (@noexist_file_files) {
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 1 if $mingw;
- ok(run(app(["openssl", "storeutl", "-noout", $dir])));
- ok(run(app(["openssl", "storeutl", "-noout",
- to_abs_file($dir, 1)])));
- SKIP:
+ ok(!run(app([@storeutl, "-noout", $_])));
+ }
+ }
{
- skip "file: tests disabled on MingW", 1 if $mingw;
+ my $dir = srctop_dir("test", "certs");
+
+ ok(run(app([@storeutl, "-noout", $dir])));
+ ok(run(app([@storeutl, "-noout", to_abs_file($dir, 1)])));
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 1 if $mingw;
- ok(run(app(["openssl", "storeutl", "-noout",
- to_abs_file_uri($dir, 1)])));
+ ok(run(app([@storeutl, "-noout",
+ to_abs_file_uri($dir, 1)])));
+ }
}
- }
- ok(!run(app(['openssl', 'storeutl', '-noout',
- '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
- srctop_file('test', 'testx509.pem')])),
- "Checking that -subject can't be used with a single file");
-
- ok(run(app(['openssl', 'storeutl', '-certs', '-noout',
- srctop_file('test', 'testx509.pem')])),
- "Checking that -certs returns 1 object on a certificate file");
- ok(run(app(['openssl', 'storeutl', '-certs', '-noout',
- srctop_file('test', 'testcrl.pem')])),
- "Checking that -certs returns 0 objects on a CRL file");
-
- ok(run(app(['openssl', 'storeutl', '-crls', '-noout',
- srctop_file('test', 'testx509.pem')])),
- "Checking that -crls returns 0 objects on a certificate file");
- ok(run(app(['openssl', 'storeutl', '-crls', '-noout',
- srctop_file('test', 'testcrl.pem')])),
- "Checking that -crls returns 1 object on a CRL file");
-
- SKIP: {
- skip "failed rehash initialisation", 6 unless $rehash;
-
- # subject from testx509.pem:
- # '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert'
- # issuer from testcrl.pem:
- # '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority'
- ok(run(app(['openssl', 'storeutl', '-noout',
- '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
- catdir(curdir(), 'rehash')])));
- ok(run(app(['openssl', 'storeutl', '-noout',
- '-subject',
- '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
- catdir(curdir(), 'rehash')])));
- ok(run(app(['openssl', 'storeutl', '-noout', '-certs',
- '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
- catdir(curdir(), 'rehash')])));
- ok(run(app(['openssl', 'storeutl', '-noout', '-crls',
- '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
- catdir(curdir(), 'rehash')])));
- ok(run(app(['openssl', 'storeutl', '-noout', '-certs',
- '-subject',
- '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
- catdir(curdir(), 'rehash')])));
- ok(run(app(['openssl', 'storeutl', '-noout', '-crls',
- '-subject',
- '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
- catdir(curdir(), 'rehash')])));
+ ok(!run(app([@storeutl, '-noout',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ srctop_file('test', 'testx509.pem')])),
+ "Checking that -subject can't be used with a single file");
+
+ ok(run(app([@storeutl, '-certs', '-noout',
+ srctop_file('test', 'testx509.pem')])),
+ "Checking that -certs returns 1 object on a certificate file");
+ ok(run(app([@storeutl, '-certs', '-noout',
+ srctop_file('test', 'testcrl.pem')])),
+ "Checking that -certs returns 0 objects on a CRL file");
+
+ ok(run(app([@storeutl, '-crls', '-noout',
+ srctop_file('test', 'testx509.pem')])),
+ "Checking that -crls returns 0 objects on a certificate file");
+ ok(run(app([@storeutl, '-crls', '-noout',
+ srctop_file('test', 'testcrl.pem')])),
+ "Checking that -crls returns 1 object on a CRL file");
+
+ SKIP: {
+ skip "failed rehash initialisation", 6 unless $rehash;
+
+ # subject from testx509.pem:
+ # '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert'
+ # issuer from testcrl.pem:
+ # '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority'
+ ok(run(app([@storeutl, '-noout',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app([@storeutl, '-noout',
+ '-subject',
+ '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app([@storeutl, '-noout', '-certs',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app([@storeutl, '-noout', '-crls',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app([@storeutl, '-noout', '-certs',
+ '-subject',
+ '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app([@storeutl, '-noout', '-crls',
+ '-subject',
+ '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
+ catdir(curdir(), 'rehash')])));
+ }
}
}
}, create => 1, cleanup => 1;
sub init {
my $cnf = srctop_file('test', 'ca-and-certs.cnf');
my $cakey = srctop_file('test', 'certs', 'ca-key.pem');
+ my @std_args = qw(-provider default -provider legacy);
return (
# rsa-key-pkcs1.pem
- run(app(["openssl", "pkey",
+ run(app(["openssl", "pkey", @std_args,
"-in", data_file("rsa-key-2432.pem"),
"-out", "rsa-key-pkcs1.pem"]))
# rsa-key-pkcs1-aes128.pem
- && run(app(["openssl", "rsa", "-passout", "pass:password", "-aes128",
+ && run(app(["openssl", "rsa", @std_args,
+ "-passout", "pass:password", "-aes128",
"-in", "rsa-key-pkcs1.pem",
"-out", "rsa-key-pkcs1-aes128.pem"]))
# dsa-key-pkcs1.pem
- && (!$use_dsa || run(app(["openssl", "gendsa",
- "-out", "dsa-key-pkcs1.pem",
- data_file("dsaparam.pem")])))
+ && (!$use_dsa
+ || run(app(["openssl", "gendsa", @std_args,
+ "-out", "dsa-key-pkcs1.pem",
+ data_file("dsaparam.pem")])))
# dsa-key-pkcs1-aes128.pem
- && (!$use_dsa || run(app(["openssl", "dsa",
- "-passout", "pass:password", "-aes128",
- "-in", "dsa-key-pkcs1.pem",
- "-out", "dsa-key-pkcs1-aes128.pem"])))
+ && (!$use_dsa
+ || run(app(["openssl", "dsa", @std_args,
+ "-passout", "pass:password", "-aes128",
+ "-in", "dsa-key-pkcs1.pem",
+ "-out", "dsa-key-pkcs1-aes128.pem"])))
# ec-key-pkcs1.pem (one might think that 'genec' would be practical)
- && (!$use_ecc || run(app(["openssl", "ecparam", "-genkey",
- "-name", "prime256v1",
- "-out", "ec-key-pkcs1.pem"])))
+ && (!$use_ecc
+ || run(app(["openssl", "ecparam", @std_args,
+ "-genkey",
+ "-name", "prime256v1",
+ "-out", "ec-key-pkcs1.pem"])))
# ec-key-pkcs1-aes128.pem
- && (!$use_ecc || run(app(["openssl", "ec",
- "-passout", "pass:password", "-aes128",
- "-in", "ec-key-pkcs1.pem",
- "-out", "ec-key-pkcs1-aes128.pem"])))
+ && (!$use_ecc
+ || run(app(["openssl", "ec", @std_args,
+ "-passout", "pass:password", "-aes128",
+ "-in", "ec-key-pkcs1.pem",
+ "-out", "ec-key-pkcs1-aes128.pem"])))
# *-key-pkcs8.pem
&& runall(sub {
my $dstfile = shift;
(my $srcfile = $dstfile)
=~ s/-key-pkcs8\.pem$/-key-pkcs1.pem/i;
- run(app(["openssl", "pkcs8", "-topk8", "-nocrypt",
+ run(app(["openssl", "pkcs8", @std_args,
+ "-topk8", "-nocrypt",
"-in", $srcfile, "-out", $dstfile]));
}, grep(/-key-pkcs8\.pem$/, @generated_files))
# *-key-pkcs8-pbes1-sha1-3des.pem
(my $srcfile = $dstfile)
=~ s/-key-pkcs8-pbes1-sha1-3des\.pem$
/-key-pkcs8.pem/ix;
- run(app(["openssl", "pkcs8", "-topk8",
+ run(app(["openssl", "pkcs8", @std_args,
+ "-topk8",
"-passout", "pass:password",
"-v1", "pbeWithSHA1And3-KeyTripleDES-CBC",
"-in", $srcfile, "-out", $dstfile]));
(my $srcfile = $dstfile)
=~ s/-key-pkcs8-pbes1-md5-des\.pem$
/-key-pkcs8.pem/ix;
- run(app(["openssl", "pkcs8", "-topk8",
+ run(app(["openssl", "pkcs8", @std_args,
+ "-topk8",
"-passout", "pass:password",
"-v1", "pbeWithSHA1And3-KeyTripleDES-CBC",
"-in", $srcfile, "-out", $dstfile]));
(my $srcfile = $dstfile)
=~ s/-key-pkcs8-pbes2-sha1\.pem$
/-key-pkcs8.pem/ix;
- run(app(["openssl", "pkcs8", "-topk8",
+ run(app(["openssl", "pkcs8", @std_args,
+ "-topk8",
"-passout", "pass:password",
"-v2", "aes256", "-v2prf", "hmacWithSHA1",
"-in", $srcfile, "-out", $dstfile]));
(my $srcfile = $dstfile)
=~ s/-key-pkcs8-pbes2-sha256\.pem$
/-key-pkcs8.pem/ix;
- run(app(["openssl", "pkcs8", "-topk8",
+ run(app(["openssl", "pkcs8", @std_args,
+ "-topk8",
"-passout", "pass:password",
"-v2", "aes256", "-v2prf", "hmacWithSHA256",
"-in", $srcfile, "-out", $dstfile]));
}, grep(/-key-pkcs8-pbes2-sha256\.pem$/, @generated_files))
# *-cert.pem (intermediary for the .p12 inits)
- && run(app(["openssl", "req", "-x509",
+ && run(app(["openssl", "req", "-x509", @std_args,
"-config", $cnf, "-noenc",
"-key", $cakey, "-out", "cacert.pem"]))
&& runall(sub {
(my $dstfile = $srckey) =~ s|-key-pkcs8\.|-cert.|;
(my $csr = $dstfile) =~ s|\.pem|.csr|;
- (run(app(["openssl", "req", "-new",
+ (run(app(["openssl", "req", "-new", @std_args,
"-config", $cnf, "-section", "userreq",
"-key", $srckey, "-out", $csr]))
&&
- run(app(["openssl", "x509", "-days", "3650",
+ run(app(["openssl", "x509", @std_args,
+ "-days", "3650",
"-CA", "cacert.pem",
"-CAkey", $cakey,
"-set_serial", time(), "-req",
print STDERR "(destination file was $dstfile)\n";
return 0;
}
- run(app(["openssl", "pkcs12",
- "-provider", "default",
- "-provider", "legacy",
+ run(app(["openssl", "pkcs12", @std_args,
"-inkey", $srckey,
"-in", $srccert, "-passout", "pass:password",
"-chain", "-CAfile", "cacert.pem",
projects / openssl.git / commitdiff