Test that signatures using hash name commands work properly

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #19606) (cherry picked from commit e9e6827)
openssl · Nov 7, 2022 · 42e1a64 · 42e1a64
1 parent 0391198
commit 42e1a64
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 1 deletion.
diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t
@@ -17,7 +17,7 @@ use OpenSSL::Test::Utils;
 
 setup("test_dgst");
 
-plan tests => 12;
+plan tests => 13;
 
 sub tsignverify {
     my $testtext = shift;
@@ -51,6 +51,43 @@ sub tsignverify {
        $testtext.": Expect failure verifying mismatching data");
 }
 
+sub tsignverify_sha512 {
+    my $testtext = shift;
+    my $privkey = shift;
+    my $pubkey = shift;
+
+    my $data_to_sign = srctop_file('test', 'data.bin');
+    my $other_data = srctop_file('test', 'data2.bin');
+
+    my $sigfile = basename($privkey, '.pem') . '.sig';
+    plan tests => 5;
+
+    ok(run(app(['openssl', 'sha512', '-sign', $privkey,
+                '-out', $sigfile,
+                $data_to_sign])),
+       $testtext.": Generating signature using sha512 command");
+
+    ok(run(app(['openssl', 'sha512', '-verify', $pubkey,
+                '-signature', $sigfile,
+                $data_to_sign])),
+       $testtext.": Verify signature with public key using sha512 command");
+
+    ok(run(app(['openssl', 'dgst', '-sha512', '-prverify', $privkey,
+                '-signature', $sigfile,
+                $data_to_sign])),
+       $testtext.": Verify signature with private key");
+
+    ok(run(app(['openssl', 'dgst', '-sha512', '-verify', $pubkey,
+                '-signature', $sigfile,
+                $data_to_sign])),
+       $testtext.": Verify signature with public key");
+
+    ok(!run(app(['openssl', 'dgst', '-sha512', '-verify', $pubkey,
+                 '-signature', $sigfile,
+                 $other_data])),
+       $testtext.": Expect failure verifying mismatching data");
+}
+
 SKIP: {
     skip "RSA is not supported by this OpenSSL build", 1
         if disabled("rsa");
@@ -60,6 +97,12 @@ SKIP: {
                     srctop_file("test","testrsa.pem"),
                     srctop_file("test","testrsapub.pem"));
     };
+
+    subtest "RSA signature generation and verification with `sha512` CLI" => sub {
+        tsignverify_sha512("RSA",
+                           srctop_file("test","testrsa2048.pem"),
+                           srctop_file("test","testrsa2048pub.pem"));
+    };
 }
 
 SKIP: {

diff --git a/test/testrsa2048pub.pem b/test/testrsa2048pub.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG1Z98c9n/
+uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo092p
+y9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qbBeQt
+WtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0eoKS0
+gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz5AZJ
+uYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPeR+HE
+TwIDAQAB
+-----END PUBLIC KEY-----