use strict;
use Test;
use Crypt::OpenSSL::RSA;
my $bignum_missing;
BEGIN
{
# FIXME - add version requirement
eval { require Crypt::OpenSSL::Bignum; };
$bignum_missing = $@;
plan(tests => $bignum_missing ? 0 : 64);
}
sub check_datum
{
my ($p_expected, $p_actual) = @_;
ok(defined($p_expected)
? $p_actual && $p_expected->equals($p_actual)
: ! defined($p_actual));
}
sub check_key_parameters # runs 8 tests
{
my ($p_rsa, $n, $e, $d, $p, $q, $dmp1, $dmq1, $iqmp) = @_;
my ($rn, $re, $rd, $rp, $rq, $rdmp1, $rdmq1, $riqmp) =
$p_rsa->get_key_parameters();
check_datum($n, $rn);
check_datum($e, $re);
check_datum($d, $rd);
check_datum($p, $rp);
check_datum($q, $rq);
check_datum($dmp1, $rdmp1);
check_datum($dmq1, $rdmq1);
check_datum($iqmp, $riqmp);
}
unless ($bignum_missing)
{
my $ctx = Crypt::OpenSSL::Bignum::CTX->new();
my $one = Crypt::OpenSSL::Bignum->one();
my $p = Crypt::OpenSSL::Bignum->new_from_word(65521);
my $q = Crypt::OpenSSL::Bignum->new_from_word(65537);
my $e = Crypt::OpenSSL::Bignum->new_from_word(11);
my $d = $e->mod_inverse($p->sub($one)->mul($q->sub($one), $ctx), $ctx);
my $n = $p->mul($q, $ctx);
my $dmp1 = $d->mod($p->sub($one), $ctx);
my $dmq1 = $d->mod($q->sub($one), $ctx);
my $iqmp = $q->mod_inverse($p, $ctx);
my $rsa = Crypt::OpenSSL::RSA->new_key_from_parameters($n, $e, $d, $p, $q);
ok($rsa);
$rsa->use_no_padding();
my $plaintext = pack('C*', 100, 100, 100, 12);
my $ciphertext = Crypt::OpenSSL::Bignum->new_from_bin($plaintext)->
mod_exp($e, $n, $ctx)->to_bin();
check_key_parameters($rsa, $n, $e, $d, $p, $q, $dmp1, $dmq1, $iqmp);
ok($rsa->encrypt($plaintext) eq $ciphertext);
ok($rsa->decrypt($ciphertext) eq $plaintext);
my $rsa_pub = Crypt::OpenSSL::RSA->
new_public_key($rsa->get_public_key_string());
$rsa_pub->use_no_padding();
ok($rsa->private_encrypt($ciphertext) eq $plaintext);
ok($rsa_pub->public_decrypt($plaintext) eq $ciphertext);
my @pub_parameters = $rsa_pub->get_key_parameters();
ok(scalar(@pub_parameters) == 8);
check_key_parameters($rsa_pub, $n, $e);
$rsa = Crypt::OpenSSL::RSA->new_key_from_parameters($n, $e, $d, $p);
check_key_parameters($rsa, $n, $e, $d, $p, $q, $dmp1, $dmq1, $iqmp);
$rsa = Crypt::OpenSSL::RSA->new_key_from_parameters
($n, $e, $d, undef, $q);
check_key_parameters($rsa, $n, $e, $d, $p, $q, $dmp1, $dmq1, $iqmp);
$rsa = Crypt::OpenSSL::RSA->new_key_from_parameters($n, $e);
check_key_parameters($rsa, $n, $e);
$rsa = Crypt::OpenSSL::RSA->new_key_from_parameters($n, $e, $d);
check_key_parameters($rsa, $n, $e, $d);
$rsa = Crypt::OpenSSL::RSA->new_key_from_parameters($n, $e, undef, $p);
check_key_parameters($rsa, $n, $e, $d, $p, $q, $dmp1, $dmq1, $iqmp);
eval
{
Crypt::OpenSSL::RSA->new_key_from_parameters
($n->sub(Crypt::OpenSSL::Bignum->one()),
$e, $d, undef, $q);
};
ok($@ =~ /OpenSSL error: p not prime/);
#try again, to make sure the error queue was properly flushed
eval
{
Crypt::OpenSSL::RSA->new_key_from_parameters
($n->sub(Crypt::OpenSSL::Bignum->one()),
$e, $d, undef, $q);
};
ok($@ =~ /OpenSSL error: p not prime/);
}