1#! /usr/bin/env perl
2# Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use warnings;
11
12use OpenSSL::Test qw(:DEFAULT bldtop_dir srctop_file srctop_dir data_file);
13use OpenSSL::Test::Utils;
14
15BEGIN {
16setup("test_pairwise_fail");
17}
18
19use lib srctop_dir('Configurations');
20use lib bldtop_dir('.');
21
22plan skip_all => "These tests are unsupported in a non fips build"
23    if disabled("fips");
24
25plan tests => 6;
26my $provconf = srctop_file("test", "fips-and-base.cnf");
27
28run(test(["fips_version_test", "-config", $provconf, ">=3.1.0"]),
29    capture => 1, statusvar => \my $fips_exit);
30
31SKIP: {
32    skip "Skip RSA test because of no rsa in this build", 1
33        if disabled("rsa");
34    ok(run(test(["pairwise_fail_test", "-config", $provconf,
35                 "-pairwise", "rsa"])),
36       "fips provider rsa keygen pairwise failure test");
37}
38
39SKIP: {
40    skip "Skip EC test because of no ec in this build", 2
41        if disabled("ec");
42    ok(run(test(["pairwise_fail_test", "-config", $provconf,
43                 "-pairwise", "ec"])),
44       "fips provider ec keygen pairwise failure test");
45
46    skip "FIPS provider version is too old", 1
47        if !$fips_exit;
48    ok(run(test(["pairwise_fail_test", "-config", $provconf,
49                 "-pairwise", "eckat"])),
50       "fips provider ec keygen kat failure test");
51}
52
53SKIP: {
54    skip "Skip DSA tests because of no dsa in this build", 2
55        if disabled("dsa");
56    ok(run(test(["pairwise_fail_test", "-config", $provconf,
57                 "-pairwise", "dsa", "-dsaparam", data_file("dsaparam.pem")])),
58       "fips provider dsa keygen pairwise failure test");
59
60    skip "FIPS provider version is too old", 1
61        if !$fips_exit;
62    ok(run(test(["pairwise_fail_test", "-config", $provconf,
63                 "-pairwise", "dsakat", "-dsaparam", data_file("dsaparam.pem")])),
64       "fips provider dsa keygen kat failure test");
65}
66
67SKIP: {
68    skip "Skip EDDSA test because of no ecx in this build", 1
69        if disabled("ecx");
70
71    run(test(["fips_version_test", "-config", $provconf, ">=3.3.0"]),
72             capture => 1, statusvar => \my $exit);
73    skip "FIPS provider version is too old", 1
74        if !$exit;
75
76    ok(run(test(["pairwise_fail_test", "-config", $provconf,
77                 "-pairwise", "eddsa"])),
78       "fips provider eddsa keygen pairwise failure test");
79}
80