2 # -*- coding: cp1251 -*-
3 lappend auto_path [file dirname [info script]]
4 package require ossltest
6 set testname [file rootname [file tail $::argv0]]
8 start_tests "Тесты на совместимость smime и cms -encrypt"
10 return [string map {":" "_"} $alg]
16 lappend result [subst $str]
21 if {![info exist env(NO_RSA)]} {
23 test -createsfiles io_decrypt.rsa "RSA User 2 (with cert) can decrypt message for RSA user 2" {
24 set expected [getFile encrypt.dat]
25 openssl "cms -decrypt -in enc_rsa.msg -recip U_enc_rsa_2/cert.pem -inkey U_enc_rsa_2/seckey.pem -out io_decrypt.rsa"
26 set result [getFile io_decrypt.rsa]
27 string eq $expected $result
30 test -createsfiles io_decrypt_nocert.rsa "RSA User 2 (without cert) can decrypt message for RSA user 2" {
31 set expected [getFile encrypt.dat]
32 openssl "cms -decrypt -in enc_rsa.msg -inkey U_enc_rsa_2/seckey.pem -out io_decrypt_nocert.rsa"
33 set result [getFile io_decrypt_nocert.rsa]
34 string eq $expected $result
38 if {[info exist env(ENC_LIST)]} {
39 set enc_list $env(ENC_LIST)
41 switch -exact [engine_name] {
42 "ccore" {set enc_list {gost2001:XA:1.2.643.2.2.31.3 gost2001:XB:1.2.643.2.2.31.4 gost2001:XA: gost2012_256:XA:1.2.643.2.2.31.1 gost2012_256:XB:1.2.643.7.1.2.5.1.1 gost2012_256:XA: gost2012_512:A:1.2.643.2.2.31.3 gost2012_512:B:1.2.643.7.1.2.5.1.1 gost2012_512:A:}}
43 "open" {set enc_list {gost2001:XA:1.2.643.2.2.31.3 gost2001:XB:1.2.643.2.2.31.4 gost2001:XA: gost2012_256:XA:1.2.643.2.2.31.1 gost2012_256:XB:1.2.643.7.1.2.5.1.1 gost2012_256:XA: gost2012_512:A:1.2.643.2.2.31.3 gost2012_512:B:1.2.643.7.1.2.5.1.1 gost2012_512:A:}}
47 foreach enc_tuple $enc_list {
48 if {![regexp {^([^:]*:[^:]*):(.*)$} $enc_tuple -> alg crypt_param]} {
52 set alg_fn [make_fn $enc_tuple]
53 set username U_enc_$alg_fn
55 gost2012* {set ::test::ca ${testname}CA-2012}
56 * {set ::test::ca ${testname}CA}
59 test -createsfiles io_decrypt.$alg_fn "Decrypting file encrypted for $username" {
60 set expected [getFile encrypt.dat]
61 openssl "cms -decrypt -in enc_$alg_fn.msg -recip U_enc_$alg_fn/cert.pem -inkey U_enc_$alg_fn/seckey.pem -out io_decrypt.$alg_fn"
62 set result [getFile io_decrypt.$alg_fn]
63 string eq $expected $result
66 test -createsfiles io_decrypt_t.$alg_fn "Decrypting file text-encrypted for $username" {
67 set expected [getFile encrypt.dat]
68 openssl "cms -decrypt -text -in enc_t_$alg_fn.msg -recip U_enc_$alg_fn/cert.pem -inkey U_enc_$alg_fn/seckey.pem -out io_decrypt_t.$alg_fn"
69 set result [getFile io_decrypt_t.$alg_fn]
70 string eq $expected $result
73 test -createsfiles io_decrypt_t_nocert.$alg_fn "Decrypting file text-encrypted for $username without cert" {
74 set expected [getFile encrypt.dat]
75 openssl "cms -decrypt -text -in enc_t_$alg_fn.msg -inkey U_enc_$alg_fn/seckey.pem -out io_decrypt_t_nocert.$alg_fn"
76 set result [getFile io_decrypt_t_nocert.$alg_fn]
77 string eq $expected $result
81 foreach enc_tuple $enc_list {
82 if {![regexp {^([^:]*:[^:]*):(.*)$} $enc_tuple -> alg crypt_param]} {
86 set alg_fn [make_fn $enc_tuple]
87 set username U_enc_$alg_fn
89 test -skip {![file exists enc_4all.msg]} -createsfiles io_decrypt_4all.$alg_fn "Decrypting gost-encrypted file, recipient $alg_fn" {
90 set expected [getFile encrypt.dat]
91 openssl "cms -decrypt -in enc_4all.msg -recip $username/cert.pem -inkey $username/seckey.pem -out io_decrypt_4all.$alg_fn"
92 set result [getFile io_decrypt_4all.$alg_fn]
93 string eq $expected $result
96 test -skip {![file exists enc_4all.msg]} -createsfiles io_decrypt_4all_nocert.$alg_fn "Decrypting gost-encrypted file without cert, recipient $alg_fn" {
97 set expected [getFile encrypt.dat]
98 openssl "cms -decrypt -in enc_4all.msg -inkey $username/seckey.pem -out io_decrypt_4all_nocert.$alg_fn"
99 set result [getFile io_decrypt_4all_nocert.$alg_fn]
100 string eq $expected $result