X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=tcl_tests%2Freq-genpkey.try;fp=tcl_tests%2Freq-genpkey.try;h=e333dc0d2432ecae76c50e6831d59d580e861931;hb=3b8ddfe2f303b8931842e52bdb5c07c97042f651;hp=0000000000000000000000000000000000000000;hpb=e09d5a86fe1cb876b3c7cf5eb0d890f557b466d0;p=openssl-gost%2Fengine.git

diff --git a/tcl_tests/req-genpkey.try b/tcl_tests/req-genpkey.try
new file mode 100644
index 0000000..e333dc0
--- /dev/null
+++ b/tcl_tests/req-genpkey.try
@@ -0,0 +1,83 @@
+#!/usr/bin/tclsh
+# -*- coding: cp1251 -*-
+# ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ðµ ÑÐµÐºÑÐµÑÐ½Ð¾Ð³Ð¾ ÐºÐ»ÑÑÐ°
+# ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ðµ Ð·Ð°ÑÐ²ÐºÐ¸ Ð¸ ÑÐ°Ð¼Ð¾Ð¿Ð¾Ð´Ð¿Ð¸ÑÐ°Ð½Ð½Ð¾Ð³Ð¾ ÑÐµÑÑÐ¸ÑÐ¸ÐºÐ°ÑÐ° ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ req
+# Ð¿ÑÐ¾Ð²ÐµÑÐºÐ° OIDÐ¾Ð² Ð°Ð»Ð³Ð¾ÑÐ¸ÑÐ¼Ð° Ð²Ð¾ Ð²ÑÐµÑ ÑÑÑÑÐºÑÑÑÐ°Ñ
+lappend auto_path [file dirname [info script]]
+package require ossltest
+cd $::test::dir
+start_tests "Ð¡Ð¾Ð·Ð´Ð°Ð½Ð¸Ðµ ÐºÐ»ÑÑÐµÐ¹ Ð¸ Ð·Ð°ÑÐ²Ð¾Ðº, ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° genpkey"
+
+if {[info exists env(ALG_LIST)]} {
+	set alg_list $env(ALG_LIST)
+} else {
+	switch -exact [engine_name] {
+		"ccore" {set alg_list {gost2001:A gost2001:B gost2001:C gost2001:XA gost2001:XB gost2012_256:A gost2012_256:B gost2012_256:C gost2012_256:XA gost2012_256:XB gost2012_512:A gost2012_512:B}}
+		"open" {set alg_list {gost2001:A gost2001:B gost2001:C gost2001:XA gost2001:XB gost2012_256:0 gost2012_256:A gost2012_256:B gost2012_256:C gost2012_256:XA gost2012_256:XB gost2012_512:A gost2012_512:B}}
+	}
+}
+
+foreach alg $alg_list {
+	set alg_fn [string map {":" "_"} $alg]
+	set username pkey_$alg_fn
+	foreach {alg_only params} [split $alg :] break
+
+test -createsfiles $username/seckey.pem "Ð¡ÐµÐºÑÐµÑÐ½ÑÐ¹ ÐºÐ»ÑÑ, Ð°Ð»Ð³Ð¾ÑÐ¸ÑÐ¼ $alg" {
+	file delete -force $username
+	file mkdir $username
+	openssl "genpkey -algorithm $alg_only -pkeyopt paramset:$params -out $username/seckey.pem"
+	expr {[file size $username/seckey.pem] > 0}
+} 0 1
+
+test -skip {![file exists $username/seckey.pem]} "OID Ð² ÑÐµÐºÑÐµÑÐ½Ð¾Ð¼ ÐºÐ»ÑÑÐµ" {
+	extract_oids $username/seckey.pem
+} 0 [mkObjList [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg]]]
+
+test -skip {![file exists $username/seckey.pem]} "ÐÐ»Ð³Ð¾ÑÐ¸ÑÐ¼ $alg, Ð·Ð°ÑÐ²ÐºÐ° Ð¿Ð¾ ÑÐµÐºÑÐµÑÐ½Ð¾Ð¼Ñ ÐºÐ»ÑÑÑ" {
+	makeFile $username/req.conf [makeConf]
+	openssl "req -new -config $username/req.conf -key $username/seckey.pem -out $username/req.pem"	
+	expr {[file size $username/req.pem] > 0}
+} 0 1
+
+test -skip {![file exists $username/req.pem]} "ÐÐ¾Ð´Ð¿Ð¸ÑÑ Ð¿Ð¾Ð´ Ð·Ð°ÑÐ²ÐºÐ¾Ð¹ ÐºÐ¾ÑÑÐµÐºÑÐ½Ð°" {
+	grep "verif" [openssl "req -verify -in $username/req.pem"]
+} 0 {verify OK
+}
+
+test -skip {![file exists $username/req.pem]} "OID Ð² Ð·Ð°ÑÐ²ÐºÐµ, Ð°Ð»Ð³Ð¾ÑÐ¸ÑÐ¼ $alg" {
+	extract_oids $username/req.pem
+} 0 [mkObjList [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg]] [hash_with_sign_long_name $alg]]
+
+test -skip {![file exists $username/seckey.pem]} "ÐÐ»Ð³Ð¾ÑÐ¸ÑÐ¼ $alg, ÑÐµÑÑÐ¸ÑÐ¸ÐºÐ°Ñ Ð¿Ð¾ ÑÐµÐºÑÐµÑÐ½Ð¾Ð¼Ñ ÐºÐ»ÑÑÑ" {
+	openssl "req -new -x509 -config $username/req.conf -key $username/seckey.pem -out $username/cert.pem"	
+	expr {[file size $username/cert.pem] > 0}
+} 0 1
+
+test -skip {![file exists $username/cert.pem]} "OID Ð² ÑÐµÑÑÐ¸ÑÐ¸ÐºÐ°ÑÐµ" {
+	extract_oids $username/cert.pem
+} 0 [mkObjList  [hash_with_sign_long_name $alg] [alg_long_name $alg] [pubkey_long_name $alg]\
+ [param_hash_long_name [param_hash $alg]] [hash_with_sign_long_name $alg]]
+
+test -createsfiles "$username/seckey.der"  "ÐÐ»Ð³Ð¾ÑÐ¸ÑÐ¼ $alg ÑÐ¾ÑÑÐ°Ð½ÑÐµÐ¼ ÐºÐ»ÑÑ Ð² DER-ÑÐ¾ÑÐ¼Ð°ÑÐµ" {
+	openssl "genpkey -algorithm $alg_only -pkeyopt paramset:$params -out $username/seckey.der -outform DER"
+	file exists $username/seckey.der
+} 0 1
+
+test -skip {![file exists $username/seckey.der]} "OID Ð² ÑÐµÐºÑÐµÑÐ½Ð¾Ð¼ ÐºÐ»ÑÑÐµ $alg DER" {
+	extract_oids $username/seckey.der DER
+} 0 [mkObjList [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg]]]
+
+test -skip {![file exists $username/seckey.der]} -createsfiles $username/req2.pem "Ð¡Ð¾Ð·Ð´Ð°ÐµÐ¼ Ð·Ð°ÑÐ²ÐºÑ Ð¸Ð· ÐºÐ»ÑÑÐ° Ð² ÑÐ¾ÑÐ¼Ð°ÑÐµ DER" {
+	openssl "req -new  -config $username/req.conf -key $username/seckey.der -keyform der  -out $username/req2.pem"	
+	expr {[file size $username/req2.pem] > 0}
+} 0 1
+
+test -skip {![file exists $username/req2.pem]} "ÐÐ¾Ð´Ð¿Ð¸ÑÑ Ð¿Ð¾Ð´ Ð·Ð°ÑÐ²ÐºÐ¾Ð¹ ÐºÐ¾ÑÑÐµÐºÑÐ½Ð°" {
+	grep "verif" [openssl "req -verify -in $username/req2.pem"]
+} 0 {verify OK
+}
+
+}
+
+
+end_tests