summaryrefslogtreecommitdiffstats
path: root/test/recipes/80-test_cms.t (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright yearMatt Caswell2020-04-231-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
* Fix no-desMatt Caswell2020-04-211-2/+2
| | | | | | | Disable a recently added CMS test in the case of no-des. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/11578)
* Move legacy ciphers into the legacy providerShane Lontis2020-04-091-5/+10
| | | | | | | | | | | DES, idea, seed, rc2, rc4, rc5, cast and blowfish have been moved out of the default provider. Code shared between desx and tdes has been moved into a seperate file (cipher_tdes_common.c). 3 test recipes failed due to using app/openssl calls that used legacy ciphers. These calls have been updated to supply both the default and legacy providers. Fixed openssl app '-provider' memory leak Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11419)
* [CMS] Test decryption of a ciphertext encrypted from 1.1.1Nicola Tuveri2020-02-181-1/+19
| | | | | | | | | | | | | | Current CMS en/decryption tests only validate that our current decyption and encryption algorithms are compatible, but they say nothing about correctness of the output for the given set of parameters. As a partial fix in absence of proper KAT tests, we decrypt ciphertexts generated with OpenSSL 1.1.1. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10631)
* TEST: Modify test/recipes/80-test_cms.t to leave artifacts behindRichard Levitte2020-02-181-340/+391
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11080)
* Add the content type attribute to additional CMS signerinfo.Shane Lontis2019-06-031-1/+68
| | | | | | | | | | | | | | | | | Fixes #8923 Found using the openssl cms -resign option. This uses an alternate path to do the signing which was not adding the required signed attribute content type. The content type attribute should always exist since it is required is there are any signed attributes. As the signing time attribute is always added in code, the content type attribute is also required. The CMS_si_check_attributes() method adds validity checks for signed and unsigned attributes e.g. The message digest attribute is a signed attribute that must exist if any signed attributes exist, it cannot be an unsigned attribute and there must only be one instance containing a single value. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8944)
* Test: use keywords instead of magic numbers for 'rsa_pss_saltlen'Dr. Matthias St. Pierre2019-05-021-2/+2
| | | | | | | | | | Since commit 137096a7ead it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8860)
* Avoid creating invalid rsa pss paramsBernd Edlinger2019-04-101-0/+8
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8621)
* crypto/cms: Add support for CAdES Basic Electronic Signatures (CAdES-BES)Antonio Iacono2019-01-271-0/+16
| | | | | | | | | | | | | | | | | A CAdES Basic Electronic Signature (CAdES-BES) contains, among other specifications, a collection of Signing Certificate reference attributes, stored in the signedData ether as ESS signing-certificate or as ESS signing-certificate-v2. These are described in detail in Section 5.7.2 of RFC 5126 - CMS Advanced Electronic Signatures (CAdES). This patch adds support for adding ESS signing-certificate[-v2] attributes to CMS signedData. Although it implements only a small part of the RFC, it is sufficient many cases to enable the `openssl cms` app to create signatures which comply with legal requirements of some European States (e.g Italy). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7893)
* Following the license change, modify the boilerplates in test/Richard Levitte2018-12-061-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
* no-ec2m fixesDr. Stephen Henson2017-08-101-2/+2
| | | | | | | | Fix warning and don't use binary field certificate for ECDH CMS key only test. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4134)
* Add test for ECDH CMS key onlyDr. Stephen Henson2017-08-081-0/+9
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4115)
* add CMS SHA1 signing testDr. Stephen Henson2016-11-251-0/+8
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Unified copyright for test recipesRich Salz2016-04-221-1/+8
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Skip the CMS tests if CMS is disabledMatt Caswell2016-03-211-0/+3
| | | | | | This fixes the no-cms compile time option. Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Fix no-dsaMatt Caswell2016-03-211-3/+5
| | | | | | Misc fixes for no-dsa. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix no-desMatt Caswell2016-03-181-10/+12
| | | | | | Numerous fixes for no-des. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix no-rc2 in the CMS testMatt Caswell2016-03-181-5/+9
| | | | | | | The CMS test uses some RC2 keys which should be skipped if the RC2 is disabled. Reviewed-by: Richard Levitte <levitte@openssl.org>
* unified build scheme: adjust test framework for out of source build treeRichard Levitte2016-02-091-3/+3
| | | | | | | | | | | | | | | | To be able to run tests when we've built in a directory other than the source tree, the testing framework needs a few adjustments. test/testlib/OpenSSL/Test.pm needs to know where it can find shlib_wrap.sh, and a number of other tests need to be told a different place to find engines than what they may be able to figure out on their own. Relying to $TOP is not enough, $SRCTOP and $BLDTOP can be used as an alternative. As part of this change, top_file and top_dir are removed and srctop_file, bldtop_file, srctop_dir and bldtop_dir take their place. Reviewed-by: Ben Laurie <ben@openssl.org>
* make no-dh workDr. Stephen Henson2015-09-201-1/+3
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Change test recipes to use disabled()Dr. Stephen Henson2015-09-201-6/+4
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Make sure to actually use @smime_cms_comp_test when testing it...Richard Levitte2015-09-191-1/+1
| | | | | | | | Obvious typo, and it took configuring with 'zlib' to discover it, otherwise there was a previous skip that bypassed this section entirely. Reviewed-by: Tim Hudson <tjh@openssl.org>
* Change OpenSSL::Test to be an extension of Test::MoreRichard Levitte2015-09-071-1/+0
| | | | | | | | | | | It became tedious as well as error prone to have all recipes use Test::More as well as OpenSSL::Test. The easier way is to make OpenSSL::Test an extension of Test::More, thereby having all version checks as well as future checks firmly there. Additionally, that allows us to extend existing Test::More functions if the need would arise. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add version numbers on some modules we use.Richard Levitte2015-09-071-1/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add recipes for the larger protocolsRichard Levitte2015-09-071-0/+477
This covers the certificate authority commands, the cms and smime commands, OCSP, SSL and TSA. Reviewed-by: Rich Salz <rsalz@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-11 15:31:18 +0100