1e1051a39Sopenharmony_ci#! /usr/bin/env perl 2e1051a39Sopenharmony_ci# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci# 4e1051a39Sopenharmony_ci# Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci# this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci# in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci# https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ciuse strict; 11e1051a39Sopenharmony_ciuse warnings; 12e1051a39Sopenharmony_ci 13e1051a39Sopenharmony_ciuse File::Spec; 14e1051a39Sopenharmony_ciuse OpenSSL::Test qw/:DEFAULT srctop_file/; 15e1051a39Sopenharmony_ciuse OpenSSL::Test::Utils; 16e1051a39Sopenharmony_ci 17e1051a39Sopenharmony_cisetup("test_gendh"); 18e1051a39Sopenharmony_ci 19e1051a39Sopenharmony_ciplan skip_all => "This test is unsupported in a no-dh build" if disabled("dh"); 20e1051a39Sopenharmony_ci 21e1051a39Sopenharmony_ciplan tests => 9; 22e1051a39Sopenharmony_ci 23e1051a39Sopenharmony_ciok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', 24e1051a39Sopenharmony_ci '-pkeyopt', 'type:group', 25e1051a39Sopenharmony_ci '-text'])), 26e1051a39Sopenharmony_ci "genpkey DH default group"); 27e1051a39Sopenharmony_ci 28e1051a39Sopenharmony_ciok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', 29e1051a39Sopenharmony_ci '-pkeyopt', 'type:group', 30e1051a39Sopenharmony_ci '-pkeyopt', 'group:ffdhe2048', 31e1051a39Sopenharmony_ci '-text'])), 32e1051a39Sopenharmony_ci "genpkey DH group ffdhe2048"); 33e1051a39Sopenharmony_ci 34e1051a39Sopenharmony_ciok(run(app([ 'openssl', 'genpkey', '-genparam', 35e1051a39Sopenharmony_ci '-algorithm', 'DHX', 36e1051a39Sopenharmony_ci '-pkeyopt', 'gindex:1', 37e1051a39Sopenharmony_ci '-pkeyopt', 'type:fips186_4', 38e1051a39Sopenharmony_ci '-out', 'dhgen.pem' ])), 39e1051a39Sopenharmony_ci "genpkey DH params fips186_4 PEM"); 40e1051a39Sopenharmony_ci 41e1051a39Sopenharmony_ci# The seed and counter should be the ones generated from the param generation 42e1051a39Sopenharmony_ci# Just put some dummy ones in to show it works. 43e1051a39Sopenharmony_ciok(run(app([ 'openssl', 'genpkey', 44e1051a39Sopenharmony_ci '-paramfile', 'dhgen.pem', 45e1051a39Sopenharmony_ci '-pkeyopt', 'gindex:1', 46e1051a39Sopenharmony_ci '-pkeyopt', 'hexseed:ed2927f2139eb61495d6641efda1243f93ebe482b5bfc2c755a53825', 47e1051a39Sopenharmony_ci '-pkeyopt', 'pcounter:25', 48e1051a39Sopenharmony_ci '-text' ])), 49e1051a39Sopenharmony_ci "genpkey DH fips186_4 with PEM params"); 50e1051a39Sopenharmony_ci 51e1051a39Sopenharmony_ci ok(!run(app([ 'openssl', 'genpkey', 52e1051a39Sopenharmony_ci '-algorithm', 'DH'])), 53e1051a39Sopenharmony_ci "genpkey DH with no params should fail"); 54e1051a39Sopenharmony_ci 55e1051a39Sopenharmony_ci ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 56e1051a39Sopenharmony_ci 'group:ffdhe3072', '-pkeyopt', 'priv_len:255', '-text'])), 57e1051a39Sopenharmony_ci 'genpkey DH with a small private len should fail'); 58e1051a39Sopenharmony_ci 59e1051a39Sopenharmony_ci ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 60e1051a39Sopenharmony_ci 'group:ffdhe3072', '-pkeyopt', 'priv_len:3072', '-text'])), 61e1051a39Sopenharmony_ci 'genpkey DH with a large private len should fail'); 62e1051a39Sopenharmony_ci 63e1051a39Sopenharmony_ci ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 64e1051a39Sopenharmony_ci 'group:ffdhe3072', '-pkeyopt', 'priv_len:256', '-text'])), 65e1051a39Sopenharmony_ci 'genpkey DH with a minimum strength private len'); 66e1051a39Sopenharmony_ci 67e1051a39Sopenharmony_ci ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt', 68e1051a39Sopenharmony_ci 'group:ffdhe2048', '-pkeyopt', 'priv_len:224', '-text'])), 69e1051a39Sopenharmony_ci 'genpkey 2048 DH with a minimum strength private len'); 70