#! /usr/bin/env perl
-# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
plan skip_all => "This test is unsupported in a no-dh build" if disabled("dh");
-plan tests => 9;
+plan tests => 13;
ok(run(app([ 'openssl', 'genpkey', '-genparam',
'-algorithm', 'DH',
ok(!run(app([ 'openssl', 'genpkey',
'-algorithm', 'DH'])),
"genpkey DH with no params should fail");
-
\ No newline at end of file
+
+ ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
+ 'group:ffdhe3072', '-pkeyopt', 'priv_len:255', '-text'])),
+ 'genpkey DH with a small private len should fail');
+
+ ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
+ 'group:ffdhe3072', '-pkeyopt', 'priv_len:3072', '-text'])),
+ 'genpkey DH with a large private len should fail');
+
+ ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
+ 'group:ffdhe3072', '-pkeyopt', 'priv_len:256', '-text'])),
+ 'genpkey DH with a minimum strength private len');
+
+ ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'DH', '-pkeyopt',
+ 'group:ffdhe2048', '-pkeyopt', 'priv_len:224', '-text'])),
+ 'genpkey 2048 DH with a minimum strength private len');