1 1.1 christos #! /usr/bin/env perl 2 1.1 christos # Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos # 4 1.1 christos # Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.1 christos # this file except in compliance with the License. You can obtain a copy 6 1.1 christos # in the file LICENSE in the source distribution or at 7 1.1 christos # https://www.openssl.org/source/license.html 8 1.1 christos 9 1.1 christos 10 1.1 christos use strict; 11 1.1 christos use warnings; 12 1.1 christos 13 1.1 christos use File::Spec; 14 1.1 christos use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir bldtop_dir bldtop_file/; 15 1.1 christos use OpenSSL::Test::Utils; 16 1.1 christos 17 1.1 christos BEGIN { 18 1.1 christos setup("test_gendsa"); 19 1.1 christos } 20 1.1 christos 21 1.1 christos use lib srctop_dir('Configurations'); 22 1.1 christos use lib bldtop_dir('.'); 23 1.1 christos 24 1.1 christos plan skip_all => "This test is unsupported in a no-dsa build" 25 1.1 christos if disabled("dsa"); 26 1.1 christos 27 1.1 christos my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); 28 1.1 christos 29 1.1 christos plan tests => 30 1.1 christos ($no_fips ? 0 : 2) # FIPS related tests 31 1.1 christos + 11; 32 1.1 christos 33 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 34 1.1 christos '-algorithm', 'DSA', 35 1.1 christos '-pkeyopt', 'gindex:1', 36 1.1 christos '-pkeyopt', 'type:fips186_4', 37 1.1 christos '-text'])), 38 1.1 christos "genpkey DSA params fips186_4 with verifiable g"); 39 1.1 christos 40 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 41 1.1 christos '-algorithm', 'DSA', 42 1.1 christos '-pkeyopt', 'type:fips186_4', 43 1.1 christos '-text'])), 44 1.1 christos "genpkey DSA params fips186_4 with unverifiable g"); 45 1.1 christos 46 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 47 1.1 christos '-algorithm', 'DSA', 48 1.1 christos '-pkeyopt', 'pbits:2048', 49 1.1 christos '-pkeyopt', 'qbits:224', 50 1.1 christos '-pkeyopt', 'digest:SHA512-256', 51 1.1 christos '-pkeyopt', 'type:fips186_4'])), 52 1.1 christos "genpkey DSA params fips186_4 with truncated SHA"); 53 1.1 christos 54 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 55 1.1 christos '-algorithm', 'DSA', 56 1.1 christos '-pkeyopt', 'type:fips186_2', 57 1.1 christos '-text'])), 58 1.1 christos "genpkey DSA params fips186_2"); 59 1.1 christos 60 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 61 1.1 christos '-algorithm', 'DSA', 62 1.1 christos '-pkeyopt', 'type:fips186_2', 63 1.1 christos '-pkeyopt', 'dsa_paramgen_bits:1024', 64 1.1 christos '-out', 'dsagen.legacy.pem'])), 65 1.1 christos "genpkey DSA params fips186_2 PEM"); 66 1.1 christos 67 1.1 christos ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DSA', 68 1.1 christos '-pkeyopt', 'type:group', 69 1.1 christos '-text'])), 70 1.1 christos "genpkey DSA does not support groups"); 71 1.1 christos 72 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 73 1.1 christos '-algorithm', 'DSA', 74 1.1 christos '-pkeyopt', 'gindex:1', 75 1.1 christos '-pkeyopt', 'type:fips186_4', 76 1.1 christos '-out', 'dsagen.pem'])), 77 1.1 christos "genpkey DSA params fips186_4 PEM"); 78 1.1 christos 79 1.1 christos ok(run(app([ 'openssl', 'genpkey', '-genparam', 80 1.1 christos '-algorithm', 'DSA', 81 1.1 christos '-pkeyopt', 'gindex:1', 82 1.1 christos '-pkeyopt', 'pbits:2048', 83 1.1 christos '-pkeyopt', 'qbits:256', 84 1.1 christos '-pkeyopt', 'type:fips186_4', 85 1.1 christos '-outform', 'DER', 86 1.1 christos '-out', 'dsagen.der'])), 87 1.1 christos "genpkey DSA params fips186_4 DER"); 88 1.1 christos 89 1.1 christos ok(run(app([ 'openssl', 'genpkey', 90 1.1 christos '-paramfile', 'dsagen.legacy.pem', 91 1.1 christos '-pkeyopt', 'type:fips186_2', 92 1.1 christos '-text'])), 93 1.1 christos "genpkey DSA fips186_2 with PEM params"); 94 1.1 christos 95 1.1 christos # The seed and counter should be the ones generated from the param generation 96 1.1 christos # Just put some dummy ones in to show it works. 97 1.1 christos ok(run(app([ 'openssl', 'genpkey', 98 1.1 christos '-paramfile', 'dsagen.der', 99 1.1 christos '-pkeyopt', 'type:fips186_4', 100 1.1 christos '-pkeyopt', 'gindex:1', 101 1.1 christos '-pkeyopt', 'hexseed:0102030405060708090A0B0C0D0E0F1011121314', 102 1.1 christos '-pkeyopt', 'pcounter:25', 103 1.1 christos '-text'])), 104 1.1 christos "genpkey DSA fips186_4 with DER params"); 105 1.1 christos 106 1.1 christos ok(!run(app([ 'openssl', 'genpkey', 107 1.1 christos '-algorithm', 'DSA'])), 108 1.1 christos "genpkey DSA with no params should fail"); 109 1.1 christos 110 1.1 christos unless ($no_fips) { 111 1.1 christos my $provconf = srctop_file("test", "fips-and-base.cnf"); 112 1.1 christos my $provpath = bldtop_dir("providers"); 113 1.1 christos my @prov = ( "-provider-path", $provpath, 114 1.1 christos "-config", $provconf); 115 1.1 christos 116 1.1 christos $ENV{OPENSSL_TEST_LIBCTX} = "1"; 117 1.1 christos 118 1.1 christos # Generate params 119 1.1 christos ok(run(app(['openssl', 'genpkey', 120 1.1 christos @prov, 121 1.1 christos '-genparam', 122 1.1 christos '-algorithm', 'DSA', 123 1.1 christos '-pkeyopt', 'pbits:3072', 124 1.1 christos '-pkeyopt', 'qbits:256', 125 1.1 christos '-out', 'gendsatest3072params.pem'])), 126 1.1 christos "Generating 3072-bit DSA params"); 127 1.1 christos 128 1.1 christos # Generate keypair 129 1.1 christos ok(run(app(['openssl', 'genpkey', 130 1.1 christos @prov, 131 1.1 christos '-paramfile', 'gendsatest3072params.pem', 132 1.1 christos '-text', 133 1.1 christos '-out', 'gendsatest3072.pem'])), 134 1.1 christos "Generating 3072-bit DSA keypair"); 135 1.1 christos 136 1.1 christos } 137
Indexes created Sun Mar 01 05:31:48 UTC 2026