diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t index 1e5f4101d30b8a..8795f87b45ed0f 100644 --- a/test/recipes/20-test_pkeyutl.t +++ b/test/recipes/20-test_pkeyutl.t @@ -17,7 +17,7 @@ use File::Compare qw/compare_text compare/; setup("test_pkeyutl"); -plan tests => 24; +plan tests => 25; # For the tests below we use the cert itself as the TBS file @@ -95,6 +95,7 @@ SKIP: { "Verify an Ed448 signature against a piece of data, no -rawin"); } +my $sigfile; sub tsignverify { my $testtext = shift; my $privkey = shift; @@ -103,7 +104,7 @@ sub tsignverify { my $data_to_sign = srctop_file('test', 'data.bin'); my $other_data = srctop_file('test', 'data2.bin'); - my $sigfile = basename($privkey, '.pem') . '.sig'; + $sigfile = basename($privkey, '.pem') . '.sig'; my @args = (); plan tests => 5; @@ -152,7 +153,7 @@ sub tsignverify { } SKIP: { - skip "RSA is not supported by this OpenSSL build", 1 + skip "RSA is not supported by this OpenSSL build", 3 if disabled("rsa"); subtest "RSA CLI signature generation and verification" => sub { @@ -162,6 +163,10 @@ SKIP: { "-rawin", "-digest", "sha256"); }; + ok(run(app((['openssl', 'pkeyutl', '-verifyrecover', '-in', $sigfile, + '-pubin', '-inkey', srctop_file('test', 'testrsapub.pem')]))), + "RSA: Verify signature with -verifyrecover"); + subtest "RSA CLI signature and verification with pkeyopt" => sub { tsignverify("RSA", srctop_file("test","testrsa.pem"), @@ -169,6 +174,7 @@ SKIP: { "-rawin", "-digest", "sha256", "-pkeyopt", "rsa_padding_mode:pss"); }; + } SKIP: { @@ -231,7 +237,7 @@ SKIP: { # openssl pkeyutl -decap -inkey rsa_priv.pem -in encap_out.bin -out decap_out.bin # decap_out is equal to secret SKIP: { - skip "RSA is not supported by this OpenSSL build", 3 + skip "RSA is not supported by this OpenSSL build", 5 if disabled("rsa"); # Self-compat