fixup! fixup! APPS/pkeyutl: improve -rawin usability (implied by Ed25…

…519 and Ed448) and doc
siemens · Apr 12, 2024 · 3a14f5f · 3a14f5f
1 parent b8ece73
commit 3a14f5f
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 6 deletions.
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
@@ -46,8 +46,8 @@ static int only_rawin(const EVP_PKEY *pkey)
 {
     if (pkey == NULL)
         return 0;
-    return EVP_PKEY_get_id(pkey) == EVP_PKEY_ED25519
-        || EVP_PKEY_get_id(pkey) == EVP_PKEY_ED448;
+    return EVP_PKEY_is_a(pkey, "ED25519")
+        || EVP_PKEY_is_a(pkey, "ED448");
 }
 
 typedef enum OPTION_choice {

diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t
@@ -17,7 +17,7 @@ use File::Compare qw/compare_text/;
 
 setup("test_pkeyutl");
 
-plan tests => 14;
+plan tests => 18;
 
 # For the tests below we use the cert itself as the TBS file
 
@@ -73,13 +73,23 @@ SKIP: {
     ok(run(app(([ 'openssl', 'pkeyutl', '-sign', '-in',
                   srctop_file('test', 'certs', 'server-ed448-cert.pem'),
                   '-inkey', srctop_file('test', 'certs', 'server-ed448-key.pem'),
-                  '-out', 'Ed448.sig']))),
+                  '-out', 'Ed448.sig', '-rawin']))),
                   "Sign a piece of data using Ed448");
     ok(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin', '-in',
                   srctop_file('test', 'certs', 'server-ed448-cert.pem'),
                   '-inkey', srctop_file('test', 'certs', 'server-ed448-cert.pem'),
-                  '-sigfile', 'Ed448.sig']))),
+                  '-sigfile', 'Ed448.sig', '-rawin']))),
                   "Verify an Ed448 signature against a piece of data");
+    ok(run(app(([ 'openssl', 'pkeyutl', '-sign', '-in',
+                  srctop_file('test', 'certs', 'server-ed448-cert.pem'),
+                  '-inkey', srctop_file('test', 'certs', 'server-ed448-key.pem'),
+                  '-out', 'Ed448.sig']))),
+                  "Sign a piece of data using Ed448 -rawin no more needed");
+    ok(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin', '-in',
+                  srctop_file('test', 'certs', 'server-ed448-cert.pem'),
+                  '-inkey', srctop_file('test', 'certs', 'server-ed448-cert.pem'),
+                  '-sigfile', 'Ed448.sig']))),
+                  "Verify an Ed448 signature against a piece of data, no -rawin");
 }
 
 sub tsignverify {
@@ -189,10 +199,24 @@ SKIP: {
     subtest "Ed2559 CLI signature generation and verification" => sub {
         tsignverify("Ed25519",
                     srctop_file("test","tested25519.pem"),
-                    srctop_file("test","tested25519pub.pem"));
+                    srctop_file("test","tested25519pub.pem"),
+                    "-rawin");
     };
 
     subtest "Ed448 CLI signature generation and verification" => sub {
+        tsignverify("Ed448",
+                    srctop_file("test","tested448.pem"),
+                    srctop_file("test","tested448pub.pem"),
+                    "-rawin");
+    };
+
+    subtest "Ed2559 CLI signature generation and verification, no -rawin" => sub {
+        tsignverify("Ed25519",
+                    srctop_file("test","tested25519.pem"),
+                    srctop_file("test","tested25519pub.pem"));
+    };
+
+    subtest "Ed448 CLI signature generation and verification, no -rawin" => sub {
         tsignverify("Ed448",
                     srctop_file("test","tested448.pem"),
                     srctop_file("test","tested448pub.pem"));