diff options
| author | Richard Levitte <levitte@openssl.org> | 2020-05-11 18:27:04 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-05-14 12:17:13 +0200 |
| commit | d49be019d257149d61b9061be83602ec51fa9812 (patch) | |
| tree | c81c14bcc52412b3f6c77ed283e1bb1a26113426 /test | |
| parent | test/ssl-tests/20-cert-select.cnf.in: Re-enable RSA-PSS related tests (diff) | |
| download | openssl-d49be019d257149d61b9061be83602ec51fa9812.tar.xz openssl-d49be019d257149d61b9061be83602ec51fa9812.zip | |
test/recipes/15-test_rsapss.t: Add test with unrestricted signature
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Diffstat (limited to 'test')
| -rw-r--r-- | test/recipes/15-test_rsapss.t | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/test/recipes/15-test_rsapss.t b/test/recipes/15-test_rsapss.t index 0d7e7bf2e3..5c8340259f 100644 --- a/test/recipes/15-test_rsapss.t +++ b/test/recipes/15-test_rsapss.t @@ -16,14 +16,22 @@ use OpenSSL::Test::Utils; setup("test_rsapss"); -plan tests => 5; +plan tests => 7; #using test/testrsa.pem which happens to be a 512 bit RSA ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', - '-sigopt', 'rsa_mgf1_md:sha512', '-out', 'testrsapss.sig', + '-sigopt', 'rsa_padding_mode:pss', + '-sigopt', 'rsa_pss_saltlen:max', + '-sigopt', 'rsa_mgf1_md:sha512', + '-out', 'testrsapss-restricted.sig', srctop_file('test', 'testrsa.pem')])), - "openssl dgst -sign"); + "openssl dgst -sign [plain RSA key, PSS padding mode, PSS restrictions]"); + +ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', + '-sigopt', 'rsa_padding_mode:pss', + '-out', 'testrsapss-unrestricted.sig', + srctop_file('test', 'testrsa.pem')])), + "openssl dgst -sign [plain RSA key, PSS padding mode, no PSS restrictions]"); with({ exit_checker => sub { return shift == 1; } }, sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', @@ -41,8 +49,18 @@ with({ exit_checker => sub { return shift == 1; } }, "openssl dgst -prverify, expect to fail gracefully"); }); -ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max', - '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', +ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), + '-sha1', + '-sigopt', 'rsa_padding_mode:pss', + '-sigopt', 'rsa_pss_saltlen:max', + '-sigopt', 'rsa_mgf1_md:sha512', + '-signature', 'testrsapss-restricted.sig', + srctop_file('test', 'testrsa.pem')])), + "openssl dgst -prverify [plain RSA key, PSS padding mode, PSS restrictions]"); + +ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), + '-sha1', + '-sigopt', 'rsa_padding_mode:pss', + '-signature', 'testrsapss-unrestricted.sig', srctop_file('test', 'testrsa.pem')])), - "openssl dgst -prverify"); + "openssl dgst -prverify [plain RSA key, PSS padding mode, no PSS restrictions]"); |