1#! /usr/bin/env perl
2# Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use warnings;
11
12use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file bldtop_dir bldtop_file/;
13use OpenSSL::Test::Utils;
14
15BEGIN {
16    setup("test_encoder_decoder");
17}
18
19use lib srctop_dir('Configurations');
20use lib bldtop_dir('.');
21use platform;
22
23my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
24
25my $rsa_key = srctop_file("test", "certs", "ee-key.pem");
26my $pss_key = srctop_file("test", "certs", "ca-pss-key.pem");
27
28plan tests => ($no_fips ? 0 : 5) + 2;     # FIPS install test + test
29
30my $conf = srctop_file("test", "default.cnf");
31
32# Check if the specified pattern occurs in the given file
33# Returns 1 if the pattern is found and 0 if not
34sub find_line_file {
35    my ($key, $file) = @_;
36
37    open(my $in, $file) or return -1;
38    while (my $line = <$in>) {
39        if ($line =~ /$key/) {
40            close($in);
41            return 1;
42        }
43    }
44    close($in);
45    return 0;
46}
47
48ok(run(test(["endecode_test", "-rsa", $rsa_key,
49                              "-pss", $pss_key,
50                              "-config", $conf,
51                              "-provider", "default"])));
52
53# Run with non-default library context
54ok(run(test(["endecode_test", "-rsa", $rsa_key,
55                              "-pss", $pss_key,
56                              "-context",
57                              "-config", $conf,
58                              "-provider", "default"])));
59
60unless ($no_fips) {
61    # Run with fips library context
62    my $conf = srctop_file("test", "fips-and-base.cnf");
63    ok(run(test(["endecode_test", "-rsa", $rsa_key,
64                                  "-pss", $pss_key,
65                                  "-config", $conf,
66                                  "-provider", "fips"])));
67SKIP: {
68    skip "EC disabled", 2 if disabled("ec");
69    ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'EC',
70                 '-pkeyopt', 'group:P-256', '-text',
71                 '-config', $conf, '-provider', 'fips', '-out', 'ec.txt' ])),
72       'Print a FIPS provider EC private key');
73    ok(find_line_file('NIST CURVE: P-256', 'ec.txt') == 1,
74       'Printing an FIPS provider EC private key');
75}
76    my $no_des = disabled("des");
77SKIP: {
78    skip "MD5 disabled", 2 if disabled("md5");
79    ok(run(app([ 'openssl', 'genrsa', '-aes128', '-out', 'epki.pem',
80                 '-traditional', '-passout', 'pass:pass' ])),
81       "rsa encrypted using a non fips algorithm MD5 in pbe");
82
83    my $conf2 = srctop_file("test", "default-and-fips.cnf");
84    ok(run(test(['decoder_propq_test', '-config', $conf2,
85                 '-provider', 'fips', 'epki.pem'])));
86}
87}
88