Gitiles
Code Review Sign In
192.168.1.100 / R306 / 824eb0c6ade808c4501e62fbcf0025f4e694cd11 / . / ap / lib / libssl / openssl-1.1.1o / test / recipes / 80-test_cms.t
blob: 5dc6a3aebe014232de7a44e2d5b0b76cd7c98a06 [file] [log] [blame]
yuezonghe824eb0c2024-06-27 02:32:26 -0700[diff] [blame^]1#! /usr/bin/env perl
2# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the OpenSSL license (the "License"). You may not use
5# this file except in compliance with the License. You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10use strict;
11use warnings;
12
13use POSIX;
14use File::Spec::Functions qw/catfile/;
15use File::Compare qw/compare_text/;
16use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
17use OpenSSL::Test::Utils;
18
19setup("test_cms");
20
21plan skip_all => "CMS is not supported by this OpenSSL build"
22 if disabled("cms");
23
24my $datadir = srctop_dir("test", "recipes", "80-test_cms_data");
25my $smdir = srctop_dir("test", "smime-certs");
26my $smcont = srctop_file("test", "smcont.txt");
27my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
28 = disabled qw/des dh dsa ec ec2m rc2 zlib/;
29
30plan tests => 6;
31
32my @smime_pkcs7_tests = (
33
34 [ "signed content DER format, RSA key",
35 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
36 "-certfile", catfile($smdir, "smroot.pem"),
37 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
38 [ "-verify", "-in", "test.cms", "-inform", "DER",
39 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
40 ],
41
42 [ "signed detached content DER format, RSA key",
43 [ "-sign", "-in", $smcont, "-outform", "DER",
44 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
45 [ "-verify", "-in", "test.cms", "-inform", "DER",
46 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
47 "-content", $smcont ]
48 ],
49
50 [ "signed content test streaming BER format, RSA",
51 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
52 "-stream",
53 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
54 [ "-verify", "-in", "test.cms", "-inform", "DER",
55 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
56 ],
57
58 [ "signed content DER format, DSA key",
59 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
60 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
61 [ "-verify", "-in", "test.cms", "-inform", "DER",
62 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
63 ],
64
65 [ "signed detached content DER format, DSA key",
66 [ "-sign", "-in", $smcont, "-outform", "DER",
67 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
68 [ "-verify", "-in", "test.cms", "-inform", "DER",
69 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
70 "-content", $smcont ]
71 ],
72
73 [ "signed detached content DER format, add RSA signer (with DSA existing)",
74 [ "-resign", "-inform", "DER", "-in", "test.cms", "-outform", "DER",
75 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test2.cms" ],
76 [ "-verify", "-in", "test2.cms", "-inform", "DER",
77 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
78 "-content", $smcont ]
79 ],
80
81 [ "signed content test streaming BER format, DSA key",
82 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
83 "-stream",
84 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
85 [ "-verify", "-in", "test.cms", "-inform", "DER",
86 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
87 ],
88
89 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",
90 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
91 "-signer", catfile($smdir, "smrsa1.pem"),
92 "-signer", catfile($smdir, "smrsa2.pem"),
93 "-signer", catfile($smdir, "smdsa1.pem"),
94 "-signer", catfile($smdir, "smdsa2.pem"),
95 "-stream", "-out", "test.cms" ],
96 [ "-verify", "-in", "test.cms", "-inform", "DER",
97 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
98 ],
99
100 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
101 [ "-sign", "-in", $smcont, "-outform", "DER", "-noattr", "-nodetach",
102 "-signer", catfile($smdir, "smrsa1.pem"),
103 "-signer", catfile($smdir, "smrsa2.pem"),
104 "-signer", catfile($smdir, "smdsa1.pem"),
105 "-signer", catfile($smdir, "smdsa2.pem"),
106 "-stream", "-out", "test.cms" ],
107 [ "-verify", "-in", "test.cms", "-inform", "DER",
108 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
109 ],
110
111 [ "signed content S/MIME format, RSA key SHA1",
112 [ "-sign", "-in", $smcont, "-md", "sha1",
113 "-certfile", catfile($smdir, "smroot.pem"),
114 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
115 [ "-verify", "-in", "test.cms",
116 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
117 ],
118
119 [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
120 [ "-sign", "-in", $smcont, "-nodetach",
121 "-signer", catfile($smdir, "smrsa1.pem"),
122 "-signer", catfile($smdir, "smrsa2.pem"),
123 "-signer", catfile($smdir, "smdsa1.pem"),
124 "-signer", catfile($smdir, "smdsa2.pem"),
125 "-stream", "-out", "test.cms" ],
126 [ "-verify", "-in", "test.cms",
127 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
128 ],
129
130 [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
131 [ "-sign", "-in", $smcont,
132 "-signer", catfile($smdir, "smrsa1.pem"),
133 "-signer", catfile($smdir, "smrsa2.pem"),
134 "-signer", catfile($smdir, "smdsa1.pem"),
135 "-signer", catfile($smdir, "smdsa2.pem"),
136 "-stream", "-out", "test.cms" ],
137 [ "-verify", "-in", "test.cms",
138 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
139 ],
140
141 [ "enveloped content test streaming S/MIME format, DES, 3 recipients",
142 [ "-encrypt", "-in", $smcont,
143 "-stream", "-out", "test.cms",
144 catfile($smdir, "smrsa1.pem"),
145 catfile($smdir, "smrsa2.pem"),
146 catfile($smdir, "smrsa3.pem") ],
147 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
148 "-in", "test.cms", "-out", "smtst.txt" ]
149 ],
150
151 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used",
152 [ "-encrypt", "-in", $smcont,
153 "-stream", "-out", "test.cms",
154 catfile($smdir, "smrsa1.pem"),
155 catfile($smdir, "smrsa2.pem"),
156 catfile($smdir, "smrsa3.pem") ],
157 [ "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"),
158 "-in", "test.cms", "-out", "smtst.txt" ]
159 ],
160
161 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used",
162 [ "-encrypt", "-in", $smcont,
163 "-stream", "-out", "test.cms",
164 catfile($smdir, "smrsa1.pem"),
165 catfile($smdir, "smrsa2.pem"),
166 catfile($smdir, "smrsa3.pem") ],
167 [ "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"),
168 "-in", "test.cms", "-out", "smtst.txt" ]
169 ],
170
171 [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
172 [ "-encrypt", "-in", $smcont,
173 "-aes256", "-stream", "-out", "test.cms",
174 catfile($smdir, "smrsa1.pem"),
175 catfile($smdir, "smrsa2.pem"),
176 catfile($smdir, "smrsa3.pem") ],
177 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
178 "-in", "test.cms", "-out", "smtst.txt" ]
179 ],
180
181);
182
183my @smime_cms_tests = (
184
185 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
186 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", "-keyid",
187 "-signer", catfile($smdir, "smrsa1.pem"),
188 "-signer", catfile($smdir, "smrsa2.pem"),
189 "-signer", catfile($smdir, "smdsa1.pem"),
190 "-signer", catfile($smdir, "smdsa2.pem"),
191 "-stream", "-out", "test.cms" ],
192 [ "-verify", "-in", "test.cms", "-inform", "DER",
193 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
194 ],
195
196 [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
197 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
198 "-signer", catfile($smdir, "smrsa1.pem"),
199 "-signer", catfile($smdir, "smrsa2.pem"),
200 "-signer", catfile($smdir, "smdsa1.pem"),
201 "-signer", catfile($smdir, "smdsa2.pem"),
202 "-stream", "-out", "test.cms" ],
203 [ "-verify", "-in", "test.cms", "-inform", "PEM",
204 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
205 ],
206
207 [ "signed content MIME format, RSA key, signed receipt request",
208 [ "-sign", "-in", $smcont, "-signer", catfile($smdir, "smrsa1.pem"), "-nodetach",
209 "-receipt_request_to", "test\@openssl.org", "-receipt_request_all",
210 "-out", "test.cms" ],
211 [ "-verify", "-in", "test.cms",
212 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
213 ],
214
215 [ "signed receipt MIME format, RSA key",
216 [ "-sign_receipt", "-in", "test.cms",
217 "-signer", catfile($smdir, "smrsa2.pem"),
218 "-out", "test2.cms" ],
219 [ "-verify_receipt", "test2.cms", "-in", "test.cms",
220 "-CAfile", catfile($smdir, "smroot.pem") ]
221 ],
222
223 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid",
224 [ "-encrypt", "-in", $smcont,
225 "-stream", "-out", "test.cms", "-keyid",
226 catfile($smdir, "smrsa1.pem"),
227 catfile($smdir, "smrsa2.pem"),
228 catfile($smdir, "smrsa3.pem") ],
229 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
230 "-in", "test.cms", "-out", "smtst.txt" ]
231 ],
232
233 [ "enveloped content test streaming PEM format, KEK",
234 [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
235 "-stream", "-out", "test.cms",
236 "-secretkey", "000102030405060708090A0B0C0D0E0F",
237 "-secretkeyid", "C0FEE0" ],
238 [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
239 "-secretkey", "000102030405060708090A0B0C0D0E0F",
240 "-secretkeyid", "C0FEE0" ]
241 ],
242
243 [ "enveloped content test streaming PEM format, KEK, key only",
244 [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
245 "-stream", "-out", "test.cms",
246 "-secretkey", "000102030405060708090A0B0C0D0E0F",
247 "-secretkeyid", "C0FEE0" ],
248 [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
249 "-secretkey", "000102030405060708090A0B0C0D0E0F" ]
250 ],
251
252 [ "data content test streaming PEM format",
253 [ "-data_create", "-in", $smcont, "-outform", "PEM", "-nodetach",
254 "-stream", "-out", "test.cms" ],
255 [ "-data_out", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
256 ],
257
258 [ "encrypted content test streaming PEM format, 128 bit RC2 key",
259 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
260 "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F",
261 "-stream", "-out", "test.cms" ],
262 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
263 "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
264 ],
265
266 [ "encrypted content test streaming PEM format, 40 bit RC2 key",
267 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
268 "-rc2", "-secretkey", "0001020304",
269 "-stream", "-out", "test.cms" ],
270 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
271 "-secretkey", "0001020304", "-out", "smtst.txt" ]
272 ],
273
274 [ "encrypted content test streaming PEM format, triple DES key",
275 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
276 "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
277 "-stream", "-out", "test.cms" ],
278 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
279 "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
280 "-out", "smtst.txt" ]
281 ],
282
283 [ "encrypted content test streaming PEM format, 128 bit AES key",
284 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
285 "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
286 "-stream", "-out", "test.cms" ],
287 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
288 "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
289 ],
290
291);
292
293my @smime_cms_comp_tests = (
294
295 [ "compressed content test streaming PEM format",
296 [ "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach",
297 "-stream", "-out", "test.cms" ],
298 [ "-uncompress", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
299 ]
300
301);
302
303my @smime_cms_param_tests = (
304 [ "signed content test streaming PEM format, RSA keys, PSS signature",
305 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
306 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
307 "-out", "test.cms" ],
308 [ "-verify", "-in", "test.cms", "-inform", "PEM",
309 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
310 ],
311
312 [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max",
313 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
314 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
315 "-keyopt", "rsa_pss_saltlen:max", "-out", "test.cms" ],
316 [ "-verify", "-in", "test.cms", "-inform", "PEM",
317 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
318 ],
319
320 [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes",
321 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-noattr",
322 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
323 "-out", "test.cms" ],
324 [ "-verify", "-in", "test.cms", "-inform", "PEM",
325 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
326 ],
327
328 [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1",
329 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
330 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
331 "-keyopt", "rsa_mgf1_md:sha384", "-out", "test.cms" ],
332 [ "-verify", "-in", "test.cms", "-inform", "PEM",
333 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
334 ],
335
336 [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters",
337 [ "-encrypt", "-in", $smcont,
338 "-stream", "-out", "test.cms",
339 "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ],
340 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
341 "-in", "test.cms", "-out", "smtst.txt" ]
342 ],
343
344 [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256",
345 [ "-encrypt", "-in", $smcont,
346 "-stream", "-out", "test.cms",
347 "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep",
348 "-keyopt", "rsa_oaep_md:sha256" ],
349 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
350 "-in", "test.cms", "-out", "smtst.txt" ]
351 ],
352
353 [ "enveloped content test streaming S/MIME format, DES, ECDH",
354 [ "-encrypt", "-in", $smcont,
355 "-stream", "-out", "test.cms",
356 "-recip", catfile($smdir, "smec1.pem") ],
357 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
358 "-in", "test.cms", "-out", "smtst.txt" ]
359 ],
360
361 [ "enveloped content test streaming S/MIME format, DES, ECDH, 2 recipients, key only used",
362 [ "-encrypt", "-in", $smcont,
363 "-stream", "-out", "test.cms",
364 catfile($smdir, "smec1.pem"),
365 catfile($smdir, "smec3.pem") ],
366 [ "-decrypt", "-inkey", catfile($smdir, "smec3.pem"),
367 "-in", "test.cms", "-out", "smtst.txt" ]
368 ],
369
370 [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier",
371 [ "-encrypt", "-keyid", "-in", $smcont,
372 "-stream", "-out", "test.cms",
373 "-recip", catfile($smdir, "smec1.pem") ],
374 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
375 "-in", "test.cms", "-out", "smtst.txt" ]
376 ],
377
378 [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
379 [ "-encrypt", "-in", $smcont,
380 "-stream", "-out", "test.cms",
381 "-recip", catfile($smdir, "smec1.pem"), "-aes128", "-keyopt", "ecdh_kdf_md:sha256" ],
382 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
383 "-in", "test.cms", "-out", "smtst.txt" ]
384 ],
385
386 [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH",
387 [ "-encrypt", "-in", $smcont,
388 "-stream", "-out", "test.cms",
389 "-recip", catfile($smdir, "smec2.pem"), "-aes128",
390 "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ],
391 [ "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
392 "-in", "test.cms", "-out", "smtst.txt" ]
393 ],
394
395 [ "enveloped content test streaming S/MIME format, X9.42 DH",
396 [ "-encrypt", "-in", $smcont,
397 "-stream", "-out", "test.cms",
398 "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
399 [ "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
400 "-in", "test.cms", "-out", "smtst.txt" ]
401 ]
402 );
403
404my @contenttype_cms_test = (
405 [ "signed content test - check that content type is added to additional signerinfo, RSA keys",
406 [ "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont, "-outform", "DER",
407 "-signer", catfile($smdir, "smrsa1.pem"), "-md", "SHA256",
408 "-out", "test.cms" ],
409 [ "-resign", "-binary", "-nodetach", "-in", "test.cms", "-inform", "DER", "-outform", "DER",
410 "-signer", catfile($smdir, "smrsa2.pem"), "-md", "SHA256",
411 "-out", "test2.cms" ],
412 [ "-verify", "-in", "test2.cms", "-inform", "DER",
413 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
414 ],
415);
416
417my @incorrect_attribute_cms_test = (
418 "bad_signtime_attr.cms",
419 "no_ct_attr.cms",
420 "no_md_attr.cms",
421 "ct_multiple_attr.cms"
422);
423
424subtest "CMS => PKCS#7 compatibility tests\n" => sub {
425 plan tests => scalar @smime_pkcs7_tests;
426
427 foreach (@smime_pkcs7_tests) {
428 SKIP: {
429 my $skip_reason = check_availability($$_[0]);
430 skip $skip_reason, 1 if $skip_reason;
431
432 ok(run(app(["openssl", "cms", @{$$_[1]}]))
433 && run(app(["openssl", "smime", @{$$_[2]}]))
434 && compare_text($smcont, "smtst.txt") == 0,
435 $$_[0]);
436 }
437 }
438};
439subtest "CMS <= PKCS#7 compatibility tests\n" => sub {
440 plan tests => scalar @smime_pkcs7_tests;
441
442 foreach (@smime_pkcs7_tests) {
443 SKIP: {
444 my $skip_reason = check_availability($$_[0]);
445 skip $skip_reason, 1 if $skip_reason;
446
447 ok(run(app(["openssl", "smime", @{$$_[1]}]))
448 && run(app(["openssl", "cms", @{$$_[2]}]))
449 && compare_text($smcont, "smtst.txt") == 0,
450 $$_[0]);
451 }
452 }
453};
454
455subtest "CMS <=> CMS consistency tests\n" => sub {
456 plan tests => (scalar @smime_pkcs7_tests) + (scalar @smime_cms_tests);
457
458 foreach (@smime_pkcs7_tests) {
459 SKIP: {
460 my $skip_reason = check_availability($$_[0]);
461 skip $skip_reason, 1 if $skip_reason;
462
463 ok(run(app(["openssl", "cms", @{$$_[1]}]))
464 && run(app(["openssl", "cms", @{$$_[2]}]))
465 && compare_text($smcont, "smtst.txt") == 0,
466 $$_[0]);
467 }
468 }
469 foreach (@smime_cms_tests) {
470 SKIP: {
471 my $skip_reason = check_availability($$_[0]);
472 skip $skip_reason, 1 if $skip_reason;
473
474 ok(run(app(["openssl", "cms", @{$$_[1]}]))
475 && run(app(["openssl", "cms", @{$$_[2]}]))
476 && compare_text($smcont, "smtst.txt") == 0,
477 $$_[0]);
478 }
479 }
480};
481
482subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub {
483 plan tests =>
484 (scalar @smime_cms_param_tests) + (scalar @smime_cms_comp_tests);
485
486 foreach (@smime_cms_param_tests) {
487 SKIP: {
488 my $skip_reason = check_availability($$_[0]);
489 skip $skip_reason, 1 if $skip_reason;
490
491 ok(run(app(["openssl", "cms", @{$$_[1]}]))
492 && run(app(["openssl", "cms", @{$$_[2]}]))
493 && compare_text($smcont, "smtst.txt") == 0,
494 $$_[0]);
495 }
496 }
497
498 SKIP: {
499 skip("Zlib not supported: compression tests skipped",
500 scalar @smime_cms_comp_tests)
501 if $no_zlib;
502
503 foreach (@smime_cms_comp_tests) {
504 SKIP: {
505 my $skip_reason = check_availability($$_[0]);
506 skip $skip_reason, 1 if $skip_reason;
507
508 ok(run(app(["openssl", "cms", @{$$_[1]}]))
509 && run(app(["openssl", "cms", @{$$_[2]}]))
510 && compare_text($smcont, "smtst.txt") == 0,
511 $$_[0]);
512 }
513 }
514 }
515};
516
517# Returns the number of matches of a Content Type Attribute in a binary file.
518sub contentType_matches {
519 # Read in a binary file
520 my ($in) = @_;
521 open (HEX_IN, "$in") or die("open failed for $in : $!");
522 binmode(HEX_IN);
523 local $/;
524 my $str = <HEX_IN>;
525
526 # Find ASN1 data for a Content Type Attribute (with a OID of PKCS7 data)
527 my @c = $str =~ /\x30\x18\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x03\x31\x0B\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x01/gs;
528
529 close(HEX_IN);
530 return scalar(@c);
531}
532
533subtest "CMS Check the content type attribute is added for additional signers\n" => sub {
534 plan tests =>
535 (scalar @contenttype_cms_test);
536
537 foreach (@contenttype_cms_test) {
538 SKIP: {
539 my $skip_reason = check_availability($$_[0]);
540 skip $skip_reason, 1 if $skip_reason;
541
542 ok(run(app(["openssl", "cms", @{$$_[1]}]))
543 && run(app(["openssl", "cms", @{$$_[2]}]))
544 && contentType_matches("test2.cms") == 2
545 && run(app(["openssl", "cms", @{$$_[3]}])),
546 $$_[0]);
547 }
548 }
549};
550
551subtest "CMS Check that bad attributes fail when verifying signers\n" => sub {
552 plan tests =>
553 (scalar @incorrect_attribute_cms_test);
554
555 foreach my $name (@incorrect_attribute_cms_test) {
556 ok(!run(app(["openssl", "cms", "-verify", "-in",
557 catfile($datadir, $name), "-inform", "DER", "-CAfile",
558 catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ])),
559 $name);
560 }
561};
562
563unlink "test.cms";
564unlink "test2.cms";
565unlink "smtst.txt";
566
567sub check_availability {
568 my $tnam = shift;
569
570 return "$tnam: skipped, EC disabled\n"
571 if ($no_ec && $tnam =~ /ECDH/);
572 return "$tnam: skipped, ECDH disabled\n"
573 if ($no_ec && $tnam =~ /ECDH/);
574 return "$tnam: skipped, EC2M disabled\n"
575 if ($no_ec2m && $tnam =~ /K-283/);
576 return "$tnam: skipped, DH disabled\n"
577 if ($no_dh && $tnam =~ /X9\.42/);
578 return "$tnam: skipped, RC2 disabled\n"
579 if ($no_rc2 && $tnam =~ /RC2/);
580 return "$tnam: skipped, DES disabled\n"
581 if ($no_des && $tnam =~ /DES/);
582 return "$tnam: skipped, DSA disabled\n"
583 if ($no_dsa && $tnam =~ / DSA/);
584
585 return "";
586}