xref: /openssl/test/recipes/15-test_gendh.t (revision aff636a4) 
1#! /usr/bin/env perl
2# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10use strict;
11use warnings;
12
13use File::Spec;
14use OpenSSL::Test qw/:DEFAULT srctop_file/;
15use OpenSSL::Test::Utils;
16
17setup("test_gendh");
18
19plan skip_all => "This test is unsupported in a no-dh build" if disabled("dh");
20
21plan tests => 9;
22
23ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH',
24             '-pkeyopt', 'type:group',
25             '-text'])),
26   "genpkey DH default group");
27
28ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH',
29             '-pkeyopt', 'type:group',
30             '-pkeyopt', 'group:ffdhe2048',
31             '-text'])),
32   "genpkey DH group ffdhe2048");
33
34ok(run(app([ 'openssl', 'genpkey', '-genparam',
35             '-algorithm', 'DHX',
36             '-pkeyopt', 'gindex:1',
37             '-pkeyopt', 'type:fips186_4',
38             '-out', 'dhgen.pem' ])),
39   "genpkey DH params fips186_4 PEM");
40
41# The seed and counter should be the ones generated from the param generation
42# Just put some dummy ones in to show it works.
43ok(run(app([ 'openssl', 'genpkey',
44             '-paramfile', 'dhgen.pem',
45             '-pkeyopt', 'gindex:1',
46             '-pkeyopt', 'hexseed:ed2927f2139eb61495d6641efda1243f93ebe482b5bfc2c755a53825',
47             '-pkeyopt', 'pcounter:25',
48             '-text' ])),
49   "genpkey DH fips186_4 with PEM params");
50
51 ok(!run(app([ 'openssl', 'genpkey',
52              '-algorithm', 'DH'])),
53   "genpkey DH with no params should fail");
54
55 ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
56               'group:ffdhe3072', '-pkeyopt', 'priv_len:255', '-text'])),
57    'genpkey DH with a small private len should fail');
58
59 ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
60               'group:ffdhe3072', '-pkeyopt', 'priv_len:3072', '-text'])),
61    'genpkey DH with a large private len should fail');
62
63 ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
64              'group:ffdhe3072', '-pkeyopt', 'priv_len:256', '-text'])),
65    'genpkey DH with a minimum strength private len');
66
67 ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
68              'group:ffdhe2048', '-pkeyopt', 'priv_len:224', '-text'])),
69    'genpkey 2048 DH with a minimum strength private len');
70