2 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
14 use File::Spec::Functions qw/catfile/;
15 use File::Compare qw/compare_text/;
16 use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
17 use OpenSSL::Test::Utils;
21 plan skip_all => "CMS is not supported by this OpenSSL build"
24 my $datadir = srctop_dir("test", "recipes", "80-test_cms_data");
25 my $smdir = srctop_dir("test", "smime-certs");
26 my $smcont = srctop_file("test", "smcont.txt");
27 my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
28 = disabled qw/des dh dsa ec ec2m rc2 zlib/;
32 my @smime_pkcs7_tests = (
34 [ "signed content DER format, RSA key",
35 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
36 "-certfile", catfile($smdir, "smroot.pem"),
37 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
38 [ "-verify", "-in", "test.cms", "-inform", "DER",
39 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
42 [ "signed detached content DER format, RSA key",
43 [ "-sign", "-in", $smcont, "-outform", "DER",
44 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
45 [ "-verify", "-in", "test.cms", "-inform", "DER",
46 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
50 [ "signed content test streaming BER format, RSA",
51 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
53 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
54 [ "-verify", "-in", "test.cms", "-inform", "DER",
55 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
58 [ "signed content DER format, DSA key",
59 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
60 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
61 [ "-verify", "-in", "test.cms", "-inform", "DER",
62 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
65 [ "signed detached content DER format, DSA key",
66 [ "-sign", "-in", $smcont, "-outform", "DER",
67 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
68 [ "-verify", "-in", "test.cms", "-inform", "DER",
69 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
73 [ "signed detached content DER format, add RSA signer (with DSA existing)",
74 [ "-resign", "-inform", "DER", "-in", "test.cms", "-outform", "DER",
75 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test2.cms" ],
76 [ "-verify", "-in", "test2.cms", "-inform", "DER",
77 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt",
81 [ "signed content test streaming BER format, DSA key",
82 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
84 "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ],
85 [ "-verify", "-in", "test.cms", "-inform", "DER",
86 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
89 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",
90 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
91 "-signer", catfile($smdir, "smrsa1.pem"),
92 "-signer", catfile($smdir, "smrsa2.pem"),
93 "-signer", catfile($smdir, "smdsa1.pem"),
94 "-signer", catfile($smdir, "smdsa2.pem"),
95 "-stream", "-out", "test.cms" ],
96 [ "-verify", "-in", "test.cms", "-inform", "DER",
97 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
100 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
101 [ "-sign", "-in", $smcont, "-outform", "DER", "-noattr", "-nodetach",
102 "-signer", catfile($smdir, "smrsa1.pem"),
103 "-signer", catfile($smdir, "smrsa2.pem"),
104 "-signer", catfile($smdir, "smdsa1.pem"),
105 "-signer", catfile($smdir, "smdsa2.pem"),
106 "-stream", "-out", "test.cms" ],
107 [ "-verify", "-in", "test.cms", "-inform", "DER",
108 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
111 [ "signed content S/MIME format, RSA key SHA1",
112 [ "-sign", "-in", $smcont, "-md", "sha1",
113 "-certfile", catfile($smdir, "smroot.pem"),
114 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
115 [ "-verify", "-in", "test.cms",
116 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
119 [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
120 [ "-sign", "-in", $smcont, "-nodetach",
121 "-signer", catfile($smdir, "smrsa1.pem"),
122 "-signer", catfile($smdir, "smrsa2.pem"),
123 "-signer", catfile($smdir, "smdsa1.pem"),
124 "-signer", catfile($smdir, "smdsa2.pem"),
125 "-stream", "-out", "test.cms" ],
126 [ "-verify", "-in", "test.cms",
127 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
130 [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
131 [ "-sign", "-in", $smcont,
132 "-signer", catfile($smdir, "smrsa1.pem"),
133 "-signer", catfile($smdir, "smrsa2.pem"),
134 "-signer", catfile($smdir, "smdsa1.pem"),
135 "-signer", catfile($smdir, "smdsa2.pem"),
136 "-stream", "-out", "test.cms" ],
137 [ "-verify", "-in", "test.cms",
138 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
141 [ "enveloped content test streaming S/MIME format, DES, 3 recipients",
142 [ "-encrypt", "-in", $smcont,
143 "-stream", "-out", "test.cms",
144 catfile($smdir, "smrsa1.pem"),
145 catfile($smdir, "smrsa2.pem"),
146 catfile($smdir, "smrsa3.pem") ],
147 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
148 "-in", "test.cms", "-out", "smtst.txt" ]
151 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used",
152 [ "-encrypt", "-in", $smcont,
153 "-stream", "-out", "test.cms",
154 catfile($smdir, "smrsa1.pem"),
155 catfile($smdir, "smrsa2.pem"),
156 catfile($smdir, "smrsa3.pem") ],
157 [ "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"),
158 "-in", "test.cms", "-out", "smtst.txt" ]
161 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used",
162 [ "-encrypt", "-in", $smcont,
163 "-stream", "-out", "test.cms",
164 catfile($smdir, "smrsa1.pem"),
165 catfile($smdir, "smrsa2.pem"),
166 catfile($smdir, "smrsa3.pem") ],
167 [ "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"),
168 "-in", "test.cms", "-out", "smtst.txt" ]
171 [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
172 [ "-encrypt", "-in", $smcont,
173 "-aes256", "-stream", "-out", "test.cms",
174 catfile($smdir, "smrsa1.pem"),
175 catfile($smdir, "smrsa2.pem"),
176 catfile($smdir, "smrsa3.pem") ],
177 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
178 "-in", "test.cms", "-out", "smtst.txt" ]
183 my @smime_cms_tests = (
185 [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
186 [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", "-keyid",
187 "-signer", catfile($smdir, "smrsa1.pem"),
188 "-signer", catfile($smdir, "smrsa2.pem"),
189 "-signer", catfile($smdir, "smdsa1.pem"),
190 "-signer", catfile($smdir, "smdsa2.pem"),
191 "-stream", "-out", "test.cms" ],
192 [ "-verify", "-in", "test.cms", "-inform", "DER",
193 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
196 [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
197 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
198 "-signer", catfile($smdir, "smrsa1.pem"),
199 "-signer", catfile($smdir, "smrsa2.pem"),
200 "-signer", catfile($smdir, "smdsa1.pem"),
201 "-signer", catfile($smdir, "smdsa2.pem"),
202 "-stream", "-out", "test.cms" ],
203 [ "-verify", "-in", "test.cms", "-inform", "PEM",
204 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
207 [ "signed content MIME format, RSA key, signed receipt request",
208 [ "-sign", "-in", $smcont, "-signer", catfile($smdir, "smrsa1.pem"), "-nodetach",
209 "-receipt_request_to", "test\@openssl.org", "-receipt_request_all",
210 "-out", "test.cms" ],
211 [ "-verify", "-in", "test.cms",
212 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
215 [ "signed receipt MIME format, RSA key",
216 [ "-sign_receipt", "-in", "test.cms",
217 "-signer", catfile($smdir, "smrsa2.pem"),
218 "-out", "test2.cms" ],
219 [ "-verify_receipt", "test2.cms", "-in", "test.cms",
220 "-CAfile", catfile($smdir, "smroot.pem") ]
223 [ "signed content DER format, RSA key, CAdES-BES compatible",
224 [ "-sign", "-cades", "-in", $smcont, "-outform", "DER", "-nodetach",
225 "-certfile", catfile($smdir, "smroot.pem"),
226 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
227 [ "-verify", "-in", "test.cms", "-inform", "DER",
228 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
231 [ "signed content DER format, RSA key, SHA256 md, CAdES-BES compatible",
232 [ "-sign", "-cades", "-md", "sha256", "-in", $smcont, "-outform",
233 "DER", "-nodetach", "-certfile", catfile($smdir, "smroot.pem"),
234 "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
235 [ "-verify", "-in", "test.cms", "-inform", "DER",
236 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
239 [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid",
240 [ "-encrypt", "-in", $smcont,
241 "-stream", "-out", "test.cms", "-keyid",
242 catfile($smdir, "smrsa1.pem"),
243 catfile($smdir, "smrsa2.pem"),
244 catfile($smdir, "smrsa3.pem") ],
245 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
246 "-in", "test.cms", "-out", "smtst.txt" ]
249 [ "enveloped content test streaming PEM format, KEK",
250 [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
251 "-stream", "-out", "test.cms",
252 "-secretkey", "000102030405060708090A0B0C0D0E0F",
253 "-secretkeyid", "C0FEE0" ],
254 [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
255 "-secretkey", "000102030405060708090A0B0C0D0E0F",
256 "-secretkeyid", "C0FEE0" ]
259 [ "enveloped content test streaming PEM format, KEK, key only",
260 [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
261 "-stream", "-out", "test.cms",
262 "-secretkey", "000102030405060708090A0B0C0D0E0F",
263 "-secretkeyid", "C0FEE0" ],
264 [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM",
265 "-secretkey", "000102030405060708090A0B0C0D0E0F" ]
268 [ "data content test streaming PEM format",
269 [ "-data_create", "-in", $smcont, "-outform", "PEM", "-nodetach",
270 "-stream", "-out", "test.cms" ],
271 [ "-data_out", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
274 [ "encrypted content test streaming PEM format, 128 bit RC2 key",
275 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
276 "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F",
277 "-stream", "-out", "test.cms" ],
278 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
279 "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
282 [ "encrypted content test streaming PEM format, 40 bit RC2 key",
283 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
284 "-rc2", "-secretkey", "0001020304",
285 "-stream", "-out", "test.cms" ],
286 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
287 "-secretkey", "0001020304", "-out", "smtst.txt" ]
290 [ "encrypted content test streaming PEM format, triple DES key",
291 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
292 "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
293 "-stream", "-out", "test.cms" ],
294 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
295 "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
296 "-out", "smtst.txt" ]
299 [ "encrypted content test streaming PEM format, 128 bit AES key",
300 [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
301 "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
302 "-stream", "-out", "test.cms" ],
303 [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM",
304 "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ]
309 my @smime_cms_comp_tests = (
311 [ "compressed content test streaming PEM format",
312 [ "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach",
313 "-stream", "-out", "test.cms" ],
314 [ "-uncompress", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ]
319 my @smime_cms_param_tests = (
320 [ "signed content test streaming PEM format, RSA keys, PSS signature",
321 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
322 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
323 "-out", "test.cms" ],
324 [ "-verify", "-in", "test.cms", "-inform", "PEM",
325 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
328 [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max",
329 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
330 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
331 "-keyopt", "rsa_pss_saltlen:max", "-out", "test.cms" ],
332 [ "-verify", "-in", "test.cms", "-inform", "PEM",
333 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
336 [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes",
337 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-noattr",
338 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
339 "-out", "test.cms" ],
340 [ "-verify", "-in", "test.cms", "-inform", "PEM",
341 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
344 [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1",
345 [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
346 "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
347 "-keyopt", "rsa_mgf1_md:sha384", "-out", "test.cms" ],
348 [ "-verify", "-in", "test.cms", "-inform", "PEM",
349 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
352 [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters",
353 [ "-encrypt", "-in", $smcont,
354 "-stream", "-out", "test.cms",
355 "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ],
356 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
357 "-in", "test.cms", "-out", "smtst.txt" ]
360 [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256",
361 [ "-encrypt", "-in", $smcont,
362 "-stream", "-out", "test.cms",
363 "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep",
364 "-keyopt", "rsa_oaep_md:sha256" ],
365 [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
366 "-in", "test.cms", "-out", "smtst.txt" ]
369 [ "enveloped content test streaming S/MIME format, DES, ECDH",
370 [ "-encrypt", "-in", $smcont,
371 "-stream", "-out", "test.cms",
372 "-recip", catfile($smdir, "smec1.pem") ],
373 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
374 "-in", "test.cms", "-out", "smtst.txt" ]
377 [ "enveloped content test streaming S/MIME format, DES, ECDH, 2 recipients, key only used",
378 [ "-encrypt", "-in", $smcont,
379 "-stream", "-out", "test.cms",
380 catfile($smdir, "smec1.pem"),
381 catfile($smdir, "smec3.pem") ],
382 [ "-decrypt", "-inkey", catfile($smdir, "smec3.pem"),
383 "-in", "test.cms", "-out", "smtst.txt" ]
386 [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier",
387 [ "-encrypt", "-keyid", "-in", $smcont,
388 "-stream", "-out", "test.cms",
389 "-recip", catfile($smdir, "smec1.pem") ],
390 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
391 "-in", "test.cms", "-out", "smtst.txt" ]
394 [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
395 [ "-encrypt", "-in", $smcont,
396 "-stream", "-out", "test.cms",
397 "-recip", catfile($smdir, "smec1.pem"), "-aes128", "-keyopt", "ecdh_kdf_md:sha256" ],
398 [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
399 "-in", "test.cms", "-out", "smtst.txt" ]
402 [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH",
403 [ "-encrypt", "-in", $smcont,
404 "-stream", "-out", "test.cms",
405 "-recip", catfile($smdir, "smec2.pem"), "-aes128",
406 "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ],
407 [ "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
408 "-in", "test.cms", "-out", "smtst.txt" ]
411 [ "enveloped content test streaming S/MIME format, X9.42 DH",
412 [ "-encrypt", "-in", $smcont,
413 "-stream", "-out", "test.cms",
414 "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
415 [ "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
416 "-in", "test.cms", "-out", "smtst.txt" ]
420 my @contenttype_cms_test = (
421 [ "signed content test - check that content type is added to additional signerinfo, RSA keys",
422 [ "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont, "-outform", "DER",
423 "-signer", catfile($smdir, "smrsa1.pem"), "-md", "SHA256",
424 "-out", "test.cms" ],
425 [ "-resign", "-binary", "-nodetach", "-in", "test.cms", "-inform", "DER", "-outform", "DER",
426 "-signer", catfile($smdir, "smrsa2.pem"), "-md", "SHA256",
427 "-out", "test2.cms" ],
428 [ "-verify", "-in", "test2.cms", "-inform", "DER",
429 "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
433 my @incorrect_attribute_cms_test = (
434 "bad_signtime_attr.cms",
437 "ct_multiple_attr.cms"
440 subtest "CMS => PKCS#7 compatibility tests\n" => sub {
441 plan tests => scalar @smime_pkcs7_tests;
443 foreach (@smime_pkcs7_tests) {
445 my $skip_reason = check_availability($$_[0]);
446 skip $skip_reason, 1 if $skip_reason;
448 ok(run(app(["openssl", "cms", @{$$_[1]}]))
449 && run(app(["openssl", "smime", @{$$_[2]}]))
450 && compare_text($smcont, "smtst.txt") == 0,
455 subtest "CMS <= PKCS#7 compatibility tests\n" => sub {
456 plan tests => scalar @smime_pkcs7_tests;
458 foreach (@smime_pkcs7_tests) {
460 my $skip_reason = check_availability($$_[0]);
461 skip $skip_reason, 1 if $skip_reason;
463 ok(run(app(["openssl", "smime", @{$$_[1]}]))
464 && run(app(["openssl", "cms", @{$$_[2]}]))
465 && compare_text($smcont, "smtst.txt") == 0,
471 subtest "CMS <=> CMS consistency tests\n" => sub {
472 plan tests => (scalar @smime_pkcs7_tests) + (scalar @smime_cms_tests);
474 foreach (@smime_pkcs7_tests) {
476 my $skip_reason = check_availability($$_[0]);
477 skip $skip_reason, 1 if $skip_reason;
479 ok(run(app(["openssl", "cms", @{$$_[1]}]))
480 && run(app(["openssl", "cms", @{$$_[2]}]))
481 && compare_text($smcont, "smtst.txt") == 0,
485 foreach (@smime_cms_tests) {
487 my $skip_reason = check_availability($$_[0]);
488 skip $skip_reason, 1 if $skip_reason;
490 ok(run(app(["openssl", "cms", @{$$_[1]}]))
491 && run(app(["openssl", "cms", @{$$_[2]}]))
492 && compare_text($smcont, "smtst.txt") == 0,
498 subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub {
500 (scalar @smime_cms_param_tests) + (scalar @smime_cms_comp_tests);
502 foreach (@smime_cms_param_tests) {
504 my $skip_reason = check_availability($$_[0]);
505 skip $skip_reason, 1 if $skip_reason;
507 ok(run(app(["openssl", "cms", @{$$_[1]}]))
508 && run(app(["openssl", "cms", @{$$_[2]}]))
509 && compare_text($smcont, "smtst.txt") == 0,
515 skip("Zlib not supported: compression tests skipped",
516 scalar @smime_cms_comp_tests)
519 foreach (@smime_cms_comp_tests) {
521 my $skip_reason = check_availability($$_[0]);
522 skip $skip_reason, 1 if $skip_reason;
524 ok(run(app(["openssl", "cms", @{$$_[1]}]))
525 && run(app(["openssl", "cms", @{$$_[2]}]))
526 && compare_text($smcont, "smtst.txt") == 0,
533 # Returns the number of matches of a Content Type Attribute in a binary file.
534 sub contentType_matches {
535 # Read in a binary file
537 open (HEX_IN, "$in") or die("open failed for $in : $!");
542 # Find ASN1 data for a Content Type Attribute (with a OID of PKCS7 data)
543 my @c = $str =~ /\x30\x18\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x03\x31\x0B\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x01/gs;
549 subtest "CMS Check the content type attribute is added for additional signers\n" => sub {
551 (scalar @contenttype_cms_test);
553 foreach (@contenttype_cms_test) {
555 my $skip_reason = check_availability($$_[0]);
556 skip $skip_reason, 1 if $skip_reason;
558 ok(run(app(["openssl", "cms", @{$$_[1]}]))
559 && run(app(["openssl", "cms", @{$$_[2]}]))
560 && contentType_matches("test2.cms") == 2
561 && run(app(["openssl", "cms", @{$$_[3]}])),
567 subtest "CMS Check that bad attributes fail when verifying signers\n" => sub {
569 (scalar @incorrect_attribute_cms_test);
571 foreach my $name (@incorrect_attribute_cms_test) {
572 ok(!run(app(["openssl", "cms", "-verify", "-in",
573 catfile($datadir, $name), "-inform", "DER", "-CAfile",
574 catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ])),
583 sub check_availability {
586 return "$tnam: skipped, EC disabled\n"
587 if ($no_ec && $tnam =~ /ECDH/);
588 return "$tnam: skipped, ECDH disabled\n"
589 if ($no_ec && $tnam =~ /ECDH/);
590 return "$tnam: skipped, EC2M disabled\n"
591 if ($no_ec2m && $tnam =~ /K-283/);
592 return "$tnam: skipped, DH disabled\n"
593 if ($no_dh && $tnam =~ /X9\.42/);
594 return "$tnam: skipped, RC2 disabled\n"
595 if ($no_rc2 && $tnam =~ /RC2/);
596 return "$tnam: skipped, DES disabled\n"
597 if ($no_des && $tnam =~ /DES/);
598 return "$tnam: skipped, DSA disabled\n"
599 if ($no_dsa && $tnam =~ / DSA/);