1#! /usr/bin/env perl 2# Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved. 3# 4# Licensed under the Apache License 2.0 (the "License"). You may not use 5# this file except in compliance with the License. You can obtain a copy 6# in the file LICENSE in the source distribution or at 7# https://www.openssl.org/source/license.html 8 9 10use strict; 11use warnings; 12 13use File::Spec::Functions qw/catfile/; 14use File::Copy; 15use File::Compare qw/compare_text/; 16use File::Basename; 17use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/; 18use OpenSSL::Test::Utils; 19 20setup("test_enc"); 21plan skip_all => "Deprecated functions are disabled in this OpenSSL build" 22 if disabled("deprecated"); 23 24# We do it this way, because setup() may have moved us around, 25# so the directory portion of $0 might not be correct any more. 26# However, the name hasn't changed. 27my $testsrc = srctop_file("test","recipes",basename($0)); 28 29my $test = catfile(".", "p"); 30 31my $cmd = "openssl"; 32my $provpath = bldtop_dir("providers"); 33my @prov = ("-provider-path", $provpath, "-provider", "default"); 34push @prov, ("-provider", "legacy") unless disabled("legacy"); 35my $ciphersstatus = undef; 36my @ciphers = 37 map { s/^\s+//; s/\s+$//; split /\s+/ } 38 run(app([$cmd, "list", "-cipher-commands"]), 39 capture => 1, statusvar => \$ciphersstatus); 40@ciphers = grep {!/^(bf|cast|des$|des-cbc|des-cfb|des-ecb|des-ofb|desx|idea 41 |rc2|rc4|seed)/x} @ciphers 42 if disabled("legacy"); 43 44plan tests => 5 + (scalar @ciphers)*2; 45 46 SKIP: { 47 skip "Problems getting ciphers...", 1 + scalar(@ciphers) 48 unless ok($ciphersstatus, "Running 'openssl list -cipher-commands'"); 49 unless (ok(copy($testsrc, $test), "Copying $testsrc to $test")) { 50 diag($!); 51 skip "Not initialized, skipping...", scalar(@ciphers); 52 } 53 54 foreach my $c (@ciphers) { 55 my %variant = ("$c" => [], 56 "$c base64" => [ "-a" ]); 57 58 foreach my $t (sort keys %variant) { 59 my $cipherfile = "$test.$c.cipher"; 60 my $clearfile = "$test.$c.clear"; 61 my @e = ( "$c", "-bufsize", "113", @{$variant{$t}}, "-e", "-k", "test" ); 62 my @d = ( "$c", "-bufsize", "157", @{$variant{$t}}, "-d", "-k", "test" ); 63 if ($c eq "cat") { 64 $cipherfile = "$test.cipher"; 65 $clearfile = "$test.clear"; 66 @e = ( "enc", @{$variant{$t}}, "-e" ); 67 @d = ( "enc", @{$variant{$t}}, "-d" ); 68 } 69 70 ok(run(app([$cmd, @e, @prov, "-in", $test, "-out", $cipherfile])) 71 && run(app([$cmd, @d, @prov, "-in", $cipherfile, "-out", $clearfile])) 72 && compare_text($test,$clearfile) == 0, $t); 73 } 74 } 75 ok(run(app([$cmd, "enc", "-in", $test, "-aes256", "-pbkdf2", "-out", 76 "salted_default.cipher", "-pass", "pass:password"])) 77 && run(app([$cmd, "enc", "-d", "-in", "salted_default.cipher", "-aes256", "-pbkdf2", 78 "-saltlen", "8", "-out", "salted_default.clear", "-pass", "pass:password"])) 79 && compare_text($test,"salted_default.clear") == 0, 80 "Check that the default salt length of 8 bytes is used for PKDF2"); 81 82 ok(!run(app([$cmd, "enc", "-d", "-in", "salted_default.cipher", "-aes256", "-pbkdf2", 83 "-saltlen", "16", "-out", "salted_fail.clear", "-pass", "pass:password"])), 84 "Check the decrypt fails if the saltlen is incorrect"); 85 86 ok(run(app([$cmd, "enc", "-in", $test, "-aes256", "-pbkdf2", "-saltlen", "16", 87 "-out", "salted.cipher", "-pass", "pass:password"])) 88 && run(app([$cmd, "enc", "-d", "-in", "salted.cipher", "-aes256", "-pbkdf2", 89 "-saltlen", "16", "-out", "salted.clear", "-pass", "pass:password"])) 90 && compare_text($test,"salted.clear") == 0, 91 "Check that we can still use a salt length of 16 bytes for PKDF2"); 92 93} 94
