1#! /usr/bin/env perl 2# Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved. 3# 4# Licensed under the Apache License 2.0 (the "License"). You may not use 5# this file except in compliance with the License. You can obtain a copy 6# in the file LICENSE in the source distribution or at 7# https://www.openssl.org/source/license.html 8 9 10use strict; 11use warnings; 12 13use File::Spec; 14use OpenSSL::Test qw/:DEFAULT srctop_file/; 15use OpenSSL::Test::Utils; 16 17setup("test_ec"); 18 19plan skip_all => 'EC is not supported in this build' if disabled('ec'); 20 21plan tests => 15; 22 23my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); 24 25require_ok(srctop_file('test','recipes','tconversion.pl')); 26 27ok(run(test(["ectest"])), "running ectest"); 28 29# TODO: remove these when the 'ec' app is removed. 30# Also consider moving this to the 20-25 test section because it is testing 31# the command line tool in addition to the algorithm. 32subtest 'EC conversions -- private key' => sub { 33 tconversion( -type => 'ec', -prefix => 'ec-priv', 34 -in => srctop_file("test","testec-p256.pem") ); 35}; 36subtest 'EC conversions -- private key PKCS#8' => sub { 37 tconversion( -type => 'ec', -prefix => 'ec-pkcs8', 38 -in => srctop_file("test","testec-p256.pem"), 39 -args => "pkey" ); 40}; 41subtest 'EC conversions -- public key' => sub { 42 tconversion( -type => 'ec', -prefix => 'ec-pub', 43 -in => srctop_file("test","testecpub-p256.pem"), 44 -args => [ "ec", "-pubin", "-pubout" ] ); 45}; 46 47subtest 'PKEY conversions -- private key' => sub { 48 tconversion( -type => 'pkey', -prefix => 'ec-pkey-priv', 49 -in => srctop_file("test","testec-p256.pem") ); 50}; 51subtest 'PKEY conversions -- private key PKCS#8' => sub { 52 tconversion( -type => 'pkey', -prefix => 'ec-pkey-pkcs8', 53 -in => srctop_file("test","testec-p256.pem"), 54 -args => "pkey" ); 55}; 56subtest 'PKEY conversions -- public key' => sub { 57 tconversion( -type => 'pkey', -prefix => 'ec-pkey-pub', 58 -in => srctop_file("test","testecpub-p256.pem"), 59 -args => [ "pkey", "-pubin", "-pubout" ] ); 60}; 61 62SKIP: { 63 skip "ECX is not supported by this OpenSSL build", 6 64 if disabled("ecx"); 65 subtest 'Ed25519 conversions -- private key' => sub { 66 tconversion( -type => "pkey", -prefix => "ed25519-pkey-priv", 67 -in => srctop_file("test", "tested25519.pem") ); 68 }; 69 subtest 'Ed25519 conversions -- private key PKCS#8' => sub { 70 tconversion( -type => "pkey", -prefix => "ed25519-pkey-pkcs8", 71 -in => srctop_file("test", "tested25519.pem"), 72 -args => ["pkey"] ); 73 }; 74 subtest 'Ed25519 conversions -- public key' => sub { 75 tconversion( -type => "pkey", -prefix => "ed25519-pkey-pub", 76 -in => srctop_file("test", "tested25519pub.pem"), 77 -args => ["pkey", "-pubin", "-pubout"] ); 78 }; 79 subtest 'Ed448 conversions -- private key' => sub { 80 tconversion( -type => "pkey", -prefix => "ed448-pkey-priv", 81 -in => srctop_file("test", "tested448.pem") ); 82 }; 83 subtest 'Ed448 conversions -- private key PKCS#8' => sub { 84 tconversion( -type => "pkey", -prefix => "ed448-pkey-pkcs8", 85 -in => srctop_file("test", "tested448.pem"), 86 -args => ["pkey"] ); 87 }; 88 subtest 'Ed448 conversions -- public key' => sub { 89 tconversion( -type => "pkey", -prefix => "ed448-pkey-pub", 90 -in => srctop_file("test", "tested448pub.pem"), 91 -args => ["pkey", "-pubin", "-pubout"] ); 92 }; 93} 94 95subtest 'Check loading of fips and non-fips keys' => sub { 96 plan skip_all => "FIPS is disabled" 97 if $no_fips; 98 99 plan tests => 2; 100 101 my $fipsconf = srctop_file("test", "fips-and-base.cnf"); 102 $ENV{OPENSSL_CONF} = $fipsconf; 103 104 ok(!run(app(['openssl', 'pkey', 105 '-check', '-in', srctop_file("test", "testec-p112r1.pem")])), 106 "Checking non-fips curve key fails in FIPS provider"); 107 108 ok(run(app(['openssl', 'pkey', 109 '-provider', 'default', 110 '-propquery', '?fips!=yes', 111 '-check', '-in', srctop_file("test", "testec-p112r1.pem")])), 112 "Checking non-fips curve key succeeds with non-fips property query"); 113 114 delete $ENV{OPENSSL_CONF}; 115} 116
