From 42c82e4a169915a952c82428ff4bf9c1e42fd69c Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <dev@ddvo.net>
Date: Fri, 27 Sep 2024 22:23:41 +0200
Subject: [PATCH] fixup! add test/recipes/15-test_pkey.t

---
 test/recipes/15-test_pkey.t | 56 ++++++++++++++++++++-----------------
 1 file changed, 31 insertions(+), 25 deletions(-)

diff --git a/test/recipes/15-test_pkey.t b/test/recipes/15-test_pkey.t
index 4ba79ff16514a0..583608cf0b2ec0 100644
--- a/test/recipes/15-test_pkey.t
+++ b/test/recipes/15-test_pkey.t
@@ -18,8 +18,7 @@ setup("test_pkey");
 
 plan tests => 5;
 
-my $in_key    = srctop_file('test', 'certs', 'root-ed25519.privkey.pem');
-my $in_pubkey = srctop_file('test', 'certs', 'root-ed25519.pubkey.pem');
+my $in_key = srctop_file('test', 'certs', 'root-key.pem');
 
 subtest "=== pkey en-/decryption using AES256-CBC ===" => sub {
     plan tests => 4;
@@ -36,17 +35,16 @@ subtest "=== pkey en-/decryption using AES256-CBC ===" => sub {
        "Same file contents after encrypting and decrypting in separate files");
 
     ok(run(app(['openssl', 'asn1parse', '-in', $encrypted_key1,
-                '-offset', '33', '-length', '18'])), # 2 byte header, 16 byte salt
+                '-offset', '34', '-length', '18'])), # 2 byte header, 16 byte salt
        "Check the default size of the PBKDF2 PARAM 'salt length' is 16");
 };
 
 subtest "=== pkey handling of identical input and output files, using 3DES and -traditional ===" => sub {
     plan tests => 4;
 
-    my $in_old_key = srctop_file('test', 'certs', 'root-key.pem');
     my $encrypted_key2 = 'encrypted_key2.pem';
     my $inout = 'inout.pem';
-    copy($in_old_key, $inout);
+    copy($in_key, $inout);
     ok(run(app(['openssl', 'pkey', '-des3', '-traditional', '-in', $inout,
                 '-out', $inout, '-passout', 'pass:password'])),
        "identical infile and outfile, encrypt");
@@ -54,7 +52,7 @@ subtest "=== pkey handling of identical input and output files, using 3DES and -
     ok(run(app(['openssl', 'pkey', '-in', $inout,
                 '-out', $inout, '-passin', 'pass:password'])),
        "identical infile and outfile, decrypt");
-    is(compare($in_old_key, $inout), 0,
+    is(compare($in_key, $inout), 0,
        "Same file contents after encrypting and decrypting in same file");
 
     sub file_line_contains { grep /$_[0]/, ((open F, $_[1]), <F>, close F) }
@@ -65,23 +63,31 @@ subtest "=== pkey handling of identical input and output files, using 3DES and -
 subtest "=== pkey handling of public keys ===" => sub {
     plan tests => 6;
 
-    my $pub_out1 = 'pub1.pem';
-    ok(run(app(['openssl', 'pkey', '-in', $in_key, '-pubout', '-out', $pub_out1])),
-       "extract public key");
-    is(compare($in_pubkey, $pub_out1), 0,
-       "Extracted public key is same as original public key");
-
-    my $pub_out2 = 'pub2.pem';
-    ok(run(app(['openssl', 'pkey', '-in', $in_pubkey, '-pubin', '-pubout', '-out', $pub_out2])),
-       "read public key");
-    is(compare($in_pubkey, $pub_out2), 0,
-       "Read and written public key is same as original public key");
-
-    my $pub_out3 = 'pub3.pem';
-    ok(run(app(['openssl', 'pkey', '-in', $in_key, '-pubin', '-pubout', '-out', $pub_out3])),
-       "extract public key with -pubin");
-    is(compare($in_pubkey, $pub_out3), 0,
-       "Read and written public key is same as original public key");
+  SKIP: {
+      skip "ECX is not supported by this OpenSSL build", 6
+          if disabled("ecx");
+
+      my $in_ed_key = srctop_file('test', 'certs', 'root-ed25519.privkey.pem');
+      my $in_pubkey = srctop_file('test', 'certs', 'root-ed25519.pubkey.pem');
+
+      my $pub_out1 = 'pub1.pem';
+      ok(run(app(['openssl', 'pkey', '-in', $in_ed_key, '-pubout', '-out', $pub_out1])),
+         "extract public key");
+      is(compare($in_pubkey, $pub_out1), 0,
+         "Extracted public key is same as original public key");
+
+      my $pub_out2 = 'pub2.pem';
+      ok(run(app(['openssl', 'pkey', '-in', $in_pubkey, '-pubin', '-pubout', '-out', $pub_out2])),
+         "read public key");
+      is(compare($in_pubkey, $pub_out2), 0,
+         "Read and written public key is same as original public key");
+
+      my $pub_out3 = 'pub3.pem';
+      ok(run(app(['openssl', 'pkey', '-in', $in_ed_key, '-pubin', '-pubout', '-out', $pub_out3])),
+         "extract public key with -pubin");
+      is(compare($in_pubkey, $pub_out3), 0,
+         "Read and written public key is same as original public key");
+    }
 };
 
 
@@ -94,8 +100,8 @@ subtest "=== pkey handling of DER encoding ===" => sub {
                  '-out', $der_out])),
        "write DER encoded pkey");
     ok(run(app(['openssl', 'asn1parse', '-in', $der_out, '-inform', 'DER',
-                 '-offset', '7', '-length', '5'])), # 2 byte header, 3 byte OID
-       "Check the OID size of the key type is 3");
+                 '-offset', '268', '-length', '5'])), # 2 byte header, 3 byte len
+       "Check the length of the modulus encoding is 3");
     ok(run(app(['openssl', 'pkey', '-in', $der_out, '-inform', 'DER',
                  '-out', $pem_out])),
        "read DER encoded key");