1*e0c4386eSCy Schubert#! /usr/bin/env perl 2*e0c4386eSCy Schubert# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. 3*e0c4386eSCy Schubert# 4*e0c4386eSCy Schubert# Licensed under the Apache License 2.0 (the "License"). You may not use 5*e0c4386eSCy Schubert# this file except in compliance with the License. You can obtain a copy 6*e0c4386eSCy Schubert# in the file LICENSE in the source distribution or at 7*e0c4386eSCy Schubert# https://www.openssl.org/source/license.html 8*e0c4386eSCy Schubert 9*e0c4386eSCy Schubert 10*e0c4386eSCy Schubertuse strict; 11*e0c4386eSCy Schubertuse warnings; 12*e0c4386eSCy Schubert 13*e0c4386eSCy Schubertuse File::Spec; 14*e0c4386eSCy Schubertuse OpenSSL::Test qw/:DEFAULT srctop_file/; 15*e0c4386eSCy Schubertuse OpenSSL::Test::Utils; 16*e0c4386eSCy Schubert 17*e0c4386eSCy Schubert# 'supported' and 'unsupported' reflect the current state of things. In 18*e0c4386eSCy Schubert# Test::More terms, 'supported' works exactly like ok(run(whatever)), while 19*e0c4386eSCy Schubert# 'unsupported' wraps that in a TODO: { } block. 20*e0c4386eSCy Schubert# 21*e0c4386eSCy Schubert# The first argument is the test name (this becomes the last argument to 22*e0c4386eSCy Schubert# 'ok') 23*e0c4386eSCy Schubert# The remaining argument are passed unchecked to 'run'. 24*e0c4386eSCy Schubert 25*e0c4386eSCy Schubert# 1: the result of app() or similar, i.e. something you can pass to 26*e0c4386eSCy Schubertsub supported_pass { 27*e0c4386eSCy Schubert my $str = shift; 28*e0c4386eSCy Schubert 29*e0c4386eSCy Schubert ok(run(@_), $str); 30*e0c4386eSCy Schubert} 31*e0c4386eSCy Schubert 32*e0c4386eSCy Schubertsub supported_fail { 33*e0c4386eSCy Schubert my $str = shift; 34*e0c4386eSCy Schubert 35*e0c4386eSCy Schubert ok(!run(@_), $str); 36*e0c4386eSCy Schubert} 37*e0c4386eSCy Schubert 38*e0c4386eSCy Schubertsetup("test_genec"); 39*e0c4386eSCy Schubert 40*e0c4386eSCy Schubertplan skip_all => "This test is unsupported in a no-ec build" 41*e0c4386eSCy Schubert if disabled("ec"); 42*e0c4386eSCy Schubert 43*e0c4386eSCy Schubertmy @prime_curves = qw( 44*e0c4386eSCy Schubert secp112r1 45*e0c4386eSCy Schubert secp112r2 46*e0c4386eSCy Schubert secp128r1 47*e0c4386eSCy Schubert secp128r2 48*e0c4386eSCy Schubert secp160k1 49*e0c4386eSCy Schubert secp160r1 50*e0c4386eSCy Schubert secp160r2 51*e0c4386eSCy Schubert secp192k1 52*e0c4386eSCy Schubert secp224k1 53*e0c4386eSCy Schubert secp224r1 54*e0c4386eSCy Schubert secp256k1 55*e0c4386eSCy Schubert secp384r1 56*e0c4386eSCy Schubert secp521r1 57*e0c4386eSCy Schubert prime192v1 58*e0c4386eSCy Schubert prime192v2 59*e0c4386eSCy Schubert prime192v3 60*e0c4386eSCy Schubert prime239v1 61*e0c4386eSCy Schubert prime239v2 62*e0c4386eSCy Schubert prime239v3 63*e0c4386eSCy Schubert prime256v1 64*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls6 65*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls7 66*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls8 67*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls9 68*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls12 69*e0c4386eSCy Schubert brainpoolP160r1 70*e0c4386eSCy Schubert brainpoolP160t1 71*e0c4386eSCy Schubert brainpoolP192r1 72*e0c4386eSCy Schubert brainpoolP192t1 73*e0c4386eSCy Schubert brainpoolP224r1 74*e0c4386eSCy Schubert brainpoolP224t1 75*e0c4386eSCy Schubert brainpoolP256r1 76*e0c4386eSCy Schubert brainpoolP256t1 77*e0c4386eSCy Schubert brainpoolP320r1 78*e0c4386eSCy Schubert brainpoolP320t1 79*e0c4386eSCy Schubert brainpoolP384r1 80*e0c4386eSCy Schubert brainpoolP384t1 81*e0c4386eSCy Schubert brainpoolP512r1 82*e0c4386eSCy Schubert brainpoolP512t1 83*e0c4386eSCy Schubert); 84*e0c4386eSCy Schubert 85*e0c4386eSCy Schubertmy @binary_curves = qw( 86*e0c4386eSCy Schubert sect113r1 87*e0c4386eSCy Schubert sect113r2 88*e0c4386eSCy Schubert sect131r1 89*e0c4386eSCy Schubert sect131r2 90*e0c4386eSCy Schubert sect163k1 91*e0c4386eSCy Schubert sect163r1 92*e0c4386eSCy Schubert sect163r2 93*e0c4386eSCy Schubert sect193r1 94*e0c4386eSCy Schubert sect193r2 95*e0c4386eSCy Schubert sect233k1 96*e0c4386eSCy Schubert sect233r1 97*e0c4386eSCy Schubert sect239k1 98*e0c4386eSCy Schubert sect283k1 99*e0c4386eSCy Schubert sect283r1 100*e0c4386eSCy Schubert sect409k1 101*e0c4386eSCy Schubert sect409r1 102*e0c4386eSCy Schubert sect571k1 103*e0c4386eSCy Schubert sect571r1 104*e0c4386eSCy Schubert c2pnb163v1 105*e0c4386eSCy Schubert c2pnb163v2 106*e0c4386eSCy Schubert c2pnb163v3 107*e0c4386eSCy Schubert c2pnb176v1 108*e0c4386eSCy Schubert c2tnb191v1 109*e0c4386eSCy Schubert c2tnb191v2 110*e0c4386eSCy Schubert c2tnb191v3 111*e0c4386eSCy Schubert c2pnb208w1 112*e0c4386eSCy Schubert c2tnb239v1 113*e0c4386eSCy Schubert c2tnb239v2 114*e0c4386eSCy Schubert c2tnb239v3 115*e0c4386eSCy Schubert c2pnb272w1 116*e0c4386eSCy Schubert c2pnb304w1 117*e0c4386eSCy Schubert c2tnb359v1 118*e0c4386eSCy Schubert c2pnb368w1 119*e0c4386eSCy Schubert c2tnb431r1 120*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls1 121*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls3 122*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls4 123*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls5 124*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls10 125*e0c4386eSCy Schubert wap-wsg-idm-ecid-wtls11 126*e0c4386eSCy Schubert); 127*e0c4386eSCy Schubert 128*e0c4386eSCy Schubertmy @explicit_only_curves = (); 129*e0c4386eSCy Schubertpush(@explicit_only_curves, qw( 130*e0c4386eSCy Schubert Oakley-EC2N-3 131*e0c4386eSCy Schubert Oakley-EC2N-4 132*e0c4386eSCy Schubert )) if !disabled("ec2m"); 133*e0c4386eSCy Schubert 134*e0c4386eSCy Schubertmy @other_curves = (); 135*e0c4386eSCy Schubertpush(@other_curves, 'SM2') 136*e0c4386eSCy Schubert if !disabled("sm2"); 137*e0c4386eSCy Schubert 138*e0c4386eSCy Schubertmy @curve_aliases = qw( 139*e0c4386eSCy Schubert P-192 140*e0c4386eSCy Schubert P-224 141*e0c4386eSCy Schubert P-256 142*e0c4386eSCy Schubert P-384 143*e0c4386eSCy Schubert P-521 144*e0c4386eSCy Schubert); 145*e0c4386eSCy Schubertpush(@curve_aliases, qw( 146*e0c4386eSCy Schubert B-163 147*e0c4386eSCy Schubert B-233 148*e0c4386eSCy Schubert B-283 149*e0c4386eSCy Schubert B-409 150*e0c4386eSCy Schubert B-571 151*e0c4386eSCy Schubert K-163 152*e0c4386eSCy Schubert K-233 153*e0c4386eSCy Schubert K-283 154*e0c4386eSCy Schubert K-409 155*e0c4386eSCy Schubert K-571 156*e0c4386eSCy Schubert)) if !disabled("ec2m"); 157*e0c4386eSCy Schubert 158*e0c4386eSCy Schubertmy @curve_list = (); 159*e0c4386eSCy Schubertpush(@curve_list, @prime_curves); 160*e0c4386eSCy Schubertpush(@curve_list, @binary_curves) 161*e0c4386eSCy Schubert if !disabled("ec2m"); 162*e0c4386eSCy Schubertpush(@curve_list, @other_curves); 163*e0c4386eSCy Schubertpush(@curve_list, @curve_aliases); 164*e0c4386eSCy Schubert 165*e0c4386eSCy Schubertmy %params_encodings = 166*e0c4386eSCy Schubert ( 167*e0c4386eSCy Schubert 'named_curve' => \&supported_pass, 168*e0c4386eSCy Schubert 'explicit' => \&supported_pass 169*e0c4386eSCy Schubert ); 170*e0c4386eSCy Schubert 171*e0c4386eSCy Schubertmy @output_formats = ('PEM', 'DER'); 172*e0c4386eSCy Schubert 173*e0c4386eSCy Schubertplan tests => scalar(@curve_list) * scalar(keys %params_encodings) 174*e0c4386eSCy Schubert * (1 + scalar(@output_formats)) # Try listed @output_formats and text output 175*e0c4386eSCy Schubert * 2 # Test generating parameters and keys 176*e0c4386eSCy Schubert + 1 # Checking that with no curve it fails 177*e0c4386eSCy Schubert + 1 # Checking that with unknown curve it fails 178*e0c4386eSCy Schubert + 1 # Subtest for explicit only curves 179*e0c4386eSCy Schubert + 1 # base serializer test 180*e0c4386eSCy Schubert ; 181*e0c4386eSCy Schubert 182*e0c4386eSCy Schubertok(!run(app([ 'openssl', 'genpkey', 183*e0c4386eSCy Schubert '-algorithm', 'EC'])), 184*e0c4386eSCy Schubert "genpkey EC with no params should fail"); 185*e0c4386eSCy Schubert 186*e0c4386eSCy Schubertok(!run(app([ 'openssl', 'genpkey', 187*e0c4386eSCy Schubert '-algorithm', 'EC', 188*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:bogus_foobar_curve'])), 189*e0c4386eSCy Schubert "genpkey EC with unknown curve name should fail"); 190*e0c4386eSCy Schubert 191*e0c4386eSCy Schubertok(run(app([ 'openssl', 'genpkey', 192*e0c4386eSCy Schubert '-provider-path', 'providers', 193*e0c4386eSCy Schubert '-provider', 'base', 194*e0c4386eSCy Schubert '-config', srctop_file("test", "default.cnf"), 195*e0c4386eSCy Schubert '-algorithm', 'EC', 196*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:prime256v1', 197*e0c4386eSCy Schubert '-text'])), 198*e0c4386eSCy Schubert "generate a private key and serialize it using the base provider"); 199*e0c4386eSCy Schubert 200*e0c4386eSCy Schubertforeach my $curvename (@curve_list) { 201*e0c4386eSCy Schubert foreach my $paramenc (sort keys %params_encodings) { 202*e0c4386eSCy Schubert my $fn = $params_encodings{$paramenc}; 203*e0c4386eSCy Schubert 204*e0c4386eSCy Schubert # --- Test generating parameters --- 205*e0c4386eSCy Schubert 206*e0c4386eSCy Schubert $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (text)", 207*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', '-genparam', 208*e0c4386eSCy Schubert '-algorithm', 'EC', 209*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 210*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 211*e0c4386eSCy Schubert '-text'])); 212*e0c4386eSCy Schubert 213*e0c4386eSCy Schubert foreach my $outform (@output_formats) { 214*e0c4386eSCy Schubert my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform; 215*e0c4386eSCy Schubert $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (${outform})", 216*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', '-genparam', 217*e0c4386eSCy Schubert '-algorithm', 'EC', 218*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 219*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 220*e0c4386eSCy Schubert '-outform', $outform, 221*e0c4386eSCy Schubert '-out', $outfile])); 222*e0c4386eSCy Schubert } 223*e0c4386eSCy Schubert 224*e0c4386eSCy Schubert # --- Test generating actual keys --- 225*e0c4386eSCy Schubert 226*e0c4386eSCy Schubert $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (text)", 227*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', 228*e0c4386eSCy Schubert '-algorithm', 'EC', 229*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 230*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 231*e0c4386eSCy Schubert '-text'])); 232*e0c4386eSCy Schubert 233*e0c4386eSCy Schubert foreach my $outform (@output_formats) { 234*e0c4386eSCy Schubert my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform; 235*e0c4386eSCy Schubert $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (${outform})", 236*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', 237*e0c4386eSCy Schubert '-algorithm', 'EC', 238*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 239*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 240*e0c4386eSCy Schubert '-outform', $outform, 241*e0c4386eSCy Schubert '-out', $outfile])); 242*e0c4386eSCy Schubert } 243*e0c4386eSCy Schubert } 244*e0c4386eSCy Schubert} 245*e0c4386eSCy Schubert 246*e0c4386eSCy Schubertsubtest "test curves that only support explicit parameters encoding" => sub { 247*e0c4386eSCy Schubert plan skip_all => "This test is unsupported under current configuration" 248*e0c4386eSCy Schubert if scalar(@explicit_only_curves) <= 0; 249*e0c4386eSCy Schubert 250*e0c4386eSCy Schubert plan tests => scalar(@explicit_only_curves) * scalar(keys %params_encodings) 251*e0c4386eSCy Schubert * (1 + scalar(@output_formats)) # Try listed @output_formats and text output 252*e0c4386eSCy Schubert * 2 # Test generating parameters and keys 253*e0c4386eSCy Schubert ; 254*e0c4386eSCy Schubert 255*e0c4386eSCy Schubert my %params_encodings = 256*e0c4386eSCy Schubert ( 257*e0c4386eSCy Schubert 'named_curve' => \&supported_fail, 258*e0c4386eSCy Schubert 'explicit' => \&supported_pass 259*e0c4386eSCy Schubert ); 260*e0c4386eSCy Schubert 261*e0c4386eSCy Schubert foreach my $curvename (@explicit_only_curves) { 262*e0c4386eSCy Schubert foreach my $paramenc (sort keys %params_encodings) { 263*e0c4386eSCy Schubert my $fn = $params_encodings{$paramenc}; 264*e0c4386eSCy Schubert 265*e0c4386eSCy Schubert # --- Test generating parameters --- 266*e0c4386eSCy Schubert 267*e0c4386eSCy Schubert $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (text)", 268*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', '-genparam', 269*e0c4386eSCy Schubert '-algorithm', 'EC', 270*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 271*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 272*e0c4386eSCy Schubert '-text'])); 273*e0c4386eSCy Schubert 274*e0c4386eSCy Schubert foreach my $outform (@output_formats) { 275*e0c4386eSCy Schubert my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform; 276*e0c4386eSCy Schubert $fn->("genpkey EC params ${curvename} with ec_param_enc:'${paramenc}' (${outform})", 277*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', '-genparam', 278*e0c4386eSCy Schubert '-algorithm', 'EC', 279*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 280*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 281*e0c4386eSCy Schubert '-outform', $outform, 282*e0c4386eSCy Schubert '-out', $outfile])); 283*e0c4386eSCy Schubert } 284*e0c4386eSCy Schubert 285*e0c4386eSCy Schubert # --- Test generating actual keys --- 286*e0c4386eSCy Schubert 287*e0c4386eSCy Schubert $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (text)", 288*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', 289*e0c4386eSCy Schubert '-algorithm', 'EC', 290*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 291*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 292*e0c4386eSCy Schubert '-text'])); 293*e0c4386eSCy Schubert 294*e0c4386eSCy Schubert foreach my $outform (@output_formats) { 295*e0c4386eSCy Schubert my $outfile = "ecgen.${curvename}.${paramenc}." . lc $outform; 296*e0c4386eSCy Schubert $fn->("genpkey EC key on ${curvename} with ec_param_enc:'${paramenc}' (${outform})", 297*e0c4386eSCy Schubert app([ 'openssl', 'genpkey', 298*e0c4386eSCy Schubert '-algorithm', 'EC', 299*e0c4386eSCy Schubert '-pkeyopt', 'ec_paramgen_curve:'.$curvename, 300*e0c4386eSCy Schubert '-pkeyopt', 'ec_param_enc:'.$paramenc, 301*e0c4386eSCy Schubert '-outform', $outform, 302*e0c4386eSCy Schubert '-out', $outfile])); 303*e0c4386eSCy Schubert } 304*e0c4386eSCy Schubert } 305*e0c4386eSCy Schubert } 306*e0c4386eSCy Schubert}; 307