1*e0c4386eSCy Schubert#! /usr/bin/env perl 2*e0c4386eSCy Schubert# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. 3*e0c4386eSCy Schubert# 4*e0c4386eSCy Schubert# Licensed under the Apache License 2.0 (the "License"). You may not use 5*e0c4386eSCy Schubert# this file except in compliance with the License. You can obtain a copy 6*e0c4386eSCy Schubert# in the file LICENSE in the source distribution or at 7*e0c4386eSCy Schubert# https://www.openssl.org/source/license.html 8*e0c4386eSCy Schubert 9*e0c4386eSCy Schubert 10*e0c4386eSCy Schubertuse strict; 11*e0c4386eSCy Schubertuse warnings; 12*e0c4386eSCy Schubert 13*e0c4386eSCy Schubertuse File::Spec; 14*e0c4386eSCy Schubertuse OpenSSL::Test qw/:DEFAULT srctop_file/; 15*e0c4386eSCy Schubertuse OpenSSL::Test::Utils; 16*e0c4386eSCy Schubert 17*e0c4386eSCy Schubertsetup("test_gendh"); 18*e0c4386eSCy Schubert 19*e0c4386eSCy Schubertplan skip_all => "This test is unsupported in a no-dh build" if disabled("dh"); 20*e0c4386eSCy Schubert 21*e0c4386eSCy Schubertplan tests => 9; 22*e0c4386eSCy Schubert 23*e0c4386eSCy Schubertok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', 24*e0c4386eSCy Schubert '-pkeyopt', 'type:group', 25*e0c4386eSCy Schubert '-text'])), 26*e0c4386eSCy Schubert "genpkey DH default group"); 27*e0c4386eSCy Schubert 28*e0c4386eSCy Schubertok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', 29*e0c4386eSCy Schubert '-pkeyopt', 'type:group', 30*e0c4386eSCy Schubert '-pkeyopt', 'group:ffdhe2048', 31*e0c4386eSCy Schubert '-text'])), 32*e0c4386eSCy Schubert "genpkey DH group ffdhe2048"); 33*e0c4386eSCy Schubert 34*e0c4386eSCy Schubertok(run(app([ 'openssl', 'genpkey', '-genparam', 35*e0c4386eSCy Schubert '-algorithm', 'DHX', 36*e0c4386eSCy Schubert '-pkeyopt', 'gindex:1', 37*e0c4386eSCy Schubert '-pkeyopt', 'type:fips186_4', 38*e0c4386eSCy Schubert '-out', 'dhgen.pem' ])), 39*e0c4386eSCy Schubert "genpkey DH params fips186_4 PEM"); 40*e0c4386eSCy Schubert 41*e0c4386eSCy Schubert# The seed and counter should be the ones generated from the param generation 42*e0c4386eSCy Schubert# Just put some dummy ones in to show it works. 43*e0c4386eSCy Schubertok(run(app([ 'openssl', 'genpkey', 44*e0c4386eSCy Schubert '-paramfile', 'dhgen.pem', 45*e0c4386eSCy Schubert '-pkeyopt', 'gindex:1', 46*e0c4386eSCy Schubert '-pkeyopt', 'hexseed:ed2927f2139eb61495d6641efda1243f93ebe482b5bfc2c755a53825', 47*e0c4386eSCy Schubert '-pkeyopt', 'pcounter:25', 48*e0c4386eSCy Schubert '-text' ])), 49*e0c4386eSCy Schubert "genpkey DH fips186_4 with PEM params"); 50*e0c4386eSCy Schubert 51*e0c4386eSCy Schubert ok(!run(app([ 'openssl', 'genpkey', 52*e0c4386eSCy Schubert '-algorithm', 'DH'])), 53*e0c4386eSCy Schubert "genpkey DH with no params should fail"); 54*e0c4386eSCy Schubert 55*e0c4386eSCy Schubert ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 56*e0c4386eSCy Schubert 'group:ffdhe3072', '-pkeyopt', 'priv_len:255', '-text'])), 57*e0c4386eSCy Schubert 'genpkey DH with a small private len should fail'); 58*e0c4386eSCy Schubert 59*e0c4386eSCy Schubert ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 60*e0c4386eSCy Schubert 'group:ffdhe3072', '-pkeyopt', 'priv_len:3072', '-text'])), 61*e0c4386eSCy Schubert 'genpkey DH with a large private len should fail'); 62*e0c4386eSCy Schubert 63*e0c4386eSCy Schubert ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 64*e0c4386eSCy Schubert 'group:ffdhe3072', '-pkeyopt', 'priv_len:256', '-text'])), 65*e0c4386eSCy Schubert 'genpkey DH with a minimum strength private len'); 66*e0c4386eSCy Schubert 67*e0c4386eSCy Schubert ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 68*e0c4386eSCy Schubert 'group:ffdhe2048', '-pkeyopt', 'priv_len:224', '-text'])), 69*e0c4386eSCy Schubert 'genpkey 2048 DH with a minimum strength private len'); 70