2 # -*- coding: cp1251 -*-
3 lappend auto_path [file dirname [info script]]
4 package require ossltest
6 set testname [file rootname [file tail $::argv0]]
8 start_tests "Тесты на совместимость cms и smime -encrypt"
10 return [string map {":" "_"} $alg]
16 lappend result [subst $str]
21 if {![info exist env(NO_RSA)]} {
23 test -createsfiles io_cms_decrypt.rsa "RSA User 2 (with cert) can decrypt message for RSA user 2" {
24 set expected [getFile encrypt.dat]
25 openssl "smime -decrypt -in cms_enc_rsa.msg -recip U_cms_enc_rsa_2/cert.pem -inkey U_cms_enc_rsa_2/seckey.pem -out io_cms_decrypt.rsa"
26 set result [getFile io_cms_decrypt.rsa]
27 string eq $expected $result
30 test -createsfiles io_cms_decrypt_nocert.rsa "RSA User 2 (without cert) can decrypt message for RSA user 2" {
31 set expected [getFile encrypt.dat]
32 openssl "smime -decrypt -in cms_enc_rsa.msg -inkey U_cms_enc_rsa_2/seckey.pem -out io_cms_decrypt_nocert.rsa"
33 set result [getFile io_cms_decrypt_nocert.rsa]
34 string eq $expected $result
39 if {[info exist env(ENC_LIST)]} {
40 set enc_list $env(ENC_LIST)
42 switch -exact [engine_name] {
43 "ccore" {set enc_list {gost2001:XA:1.2.643.2.2.31.3 gost2001:XB:1.2.643.2.2.31.4 gost2001:XA: gost2012_256:XA:1.2.643.2.2.31.1 gost2012_256:XB:1.2.643.7.1.2.5.1.1 gost2012_256:XA: gost2012_512:A:1.2.643.2.2.31.3 gost2012_512:B:1.2.643.7.1.2.5.1.1 gost2012_512:A:}}
44 "open" {set enc_list {gost2001:XA:1.2.643.2.2.31.3 gost2001:XB:1.2.643.2.2.31.4 gost2001:XA: gost2012_256:XA:1.2.643.2.2.31.1 gost2012_256:XB:1.2.643.7.1.2.5.1.1 gost2012_256:XA: gost2012_512:A:1.2.643.2.2.31.3 gost2012_512:B:1.2.643.7.1.2.5.1.1 gost2012_512:A:}}
48 foreach enc_tuple $enc_list {
49 if {![regexp {^([^:]*:[^:]*):(.*)$} $enc_tuple -> alg crypt_param]} {
53 set alg_fn [make_fn $enc_tuple]
54 set username U_cms_enc_$alg_fn
56 gost2012* {set ::test::ca ${testname}CA-2012}
57 * {set ::test::ca ${testname}CA}
60 test -createsfiles io_cms_decrypt.$alg_fn "Decrypting file encrypted for $username" {
61 set expected [getFile encrypt.dat]
62 openssl "smime -decrypt -in cms_enc_$alg_fn.msg -recip U_cms_enc_$alg_fn/cert.pem -inkey U_cms_enc_$alg_fn/seckey.pem -out io_cms_decrypt.$alg_fn"
63 set result [getFile io_cms_decrypt.$alg_fn]
64 string eq $expected $result
67 test -createsfiles io_cms_decrypt_t.$alg_fn "Decrypting file text-encrypted for $username" {
68 set expected [getFile encrypt.dat]
69 openssl "smime -decrypt -text -in cms_enc_t_$alg_fn.msg -recip U_cms_enc_$alg_fn/cert.pem -inkey U_cms_enc_$alg_fn/seckey.pem -out io_cms_decrypt_t.$alg_fn"
70 set result [getFile io_cms_decrypt_t.$alg_fn]
71 string eq $expected $result
74 test -createsfiles io_cms_decrypt_t_nocert.$alg_fn "Decrypting file text-encrypted for $username without cert" {
75 set expected [getFile encrypt.dat]
76 openssl "smime -decrypt -text -in cms_enc_t_$alg_fn.msg -inkey U_cms_enc_$alg_fn/seckey.pem -out io_cms_decrypt_t_nocert.$alg_fn"
77 set result [getFile io_cms_decrypt_t_nocert.$alg_fn]
78 string eq $expected $result
84 foreach enc_tuple $enc_list {
85 if {![regexp {^([^:]*:[^:]*):(.*)$} $enc_tuple -> alg crypt_param]} {
89 set alg_fn [make_fn $enc_tuple]
90 set username U_cms_enc_$alg_fn
92 test -skip {![file exists cms_enc_4all.msg]} -createsfiles io_cms_decrypt_4all.$alg_fn "Decrypting gost-encrypted file, recipient $alg_fn" {
93 set expected [getFile encrypt.dat]
94 openssl "smime -decrypt -in cms_enc_4all.msg -recip $username/cert.pem -inkey $username/seckey.pem -out io_cms_decrypt_4all.$alg_fn"
95 set result [getFile io_cms_decrypt_4all.$alg_fn]
96 string eq $expected $result
99 test -skip {![file exists cms_enc_4all.msg]} -createsfiles io_cms_decrypt_4all_nocert.$alg_fn "Decrypting gost-encrypted file without cert, recipient $alg_fn" {
100 set expected [getFile encrypt.dat]
101 openssl "smime -decrypt -in cms_enc_4all.msg -inkey $username/seckey.pem -out io_cms_decrypt_4all_nocert.$alg_fn"
102 set result [getFile io_cms_decrypt_4all_nocert.$alg_fn]
103 string eq $expected $result