Crypt-OpenSSL-RSA
view release on metacpan or search on metacpan
t/openssl_der.t view on Meta::CPAN
my $priv_e = get_parameter($priv_output, 'publicExponent', 'privateExponent');
my $priv_d = get_parameter($priv_output, 'privateExponent', 'prime1');
my $priv_p = get_parameter($priv_output, 'prime1', 'prime2');
my $priv_q = get_parameter($priv_output, 'prime2', 'exponent1');
my $priv_dmp1 = get_parameter($priv_output, 'exponent1', 'exponent2');
my $priv_dmq1 = get_parameter($priv_output, 'exponent2', 'coefficient');
my $priv_iqmp = get_parameter($priv_output, 'coefficient', '-----BEGIN .*PRIVATE KEY-----');
my $priv_pem = extract_pem_body($priv_output,
'-----BEGIN .*PRIVATE KEY-----', '-----END .*PRIVATE KEY-----');
# Load the private key from the DER (base64 decoded PEM)
my $rsa = Crypt::OpenSSL::RSA->new_private_key(decode_base64($priv_pem));
# Get the private key parameters
my ($n, $e, $d, $p, $q, $dmp1, $dmq1, $iqmp) = $rsa->get_key_parameters();
# Check each private key parameter to the expected values
ok(compare_bignum_to_hex($n, $priv_n) == 0, "Imported DER n parameter matches expected");
ok(compare_bignum_to_hex($e, $priv_e) == 0, "Imported DER e parameter matches expected");
ok(compare_bignum_to_hex($d, $priv_d) == 0, "Imported DER d parameter matches expected");
ok(compare_bignum_to_hex($p, $priv_p) == 0, "Imported DER p parameter matches expected");
t/openssl_der.t view on Meta::CPAN
ok(compare_bignum_to_hex($iqmp, $priv_iqmp) == 0, "Imported DER iqmp parameter matches expected");
###################################
# Check X.509 SubjectPublicKeyInfo
###################################
diag("Check X.509 public key (from -pubout)");
# Extract PEM body â -pubout produces X.509 SubjectPublicKeyInfo (BEGIN PUBLIC KEY)
my $pub_x509_pem = extract_pem_body($pub_x509_output,
'-----BEGIN PUBLIC KEY-----', '-----END PUBLIC KEY-----');
# Load the public key from the DER (base64 decoded PEM)
my $pub_x509_rsa = Crypt::OpenSSL::RSA->new_public_key(decode_base64($pub_x509_pem));
# Get the key parameters
my ($px_n, $px_e, $px_d, $px_p, $px_q, $px_dmp1, $px_dmq1, $px_iqmp) = $pub_x509_rsa->get_key_parameters();
# n and e should match the private key's values (same key)
ok(compare_bignum_to_hex($px_n, $priv_n) == 0, "X.509 public DER n matches private key n");
ok(compare_bignum_to_hex($px_e, $priv_e) == 0, "X.509 public DER e matches private key e");
ok(!$px_d, "X.509 public DER d parameter undef as expected");
ok(!$px_p, "X.509 public DER p parameter undef as expected");
t/openssl_der.t view on Meta::CPAN
#############################
diag("Check PKCS#1 public key (from -RSAPublicKey_out)");
# Extract PEM body â -RSAPublicKey_out produces PKCS#1 (BEGIN RSA PUBLIC KEY)
my $pub_pkcs1_pem = extract_pem_body($pub_pkcs1_output,
'-----BEGIN RSA PUBLIC KEY-----', '-----END RSA PUBLIC KEY-----');
SKIP: {
skip "openssl does not support -RSAPublicKey_out", 8
unless defined $pub_pkcs1_pem && length($pub_pkcs1_pem) > 0;
# Load the public key from the DER (base64 decoded PEM)
my $pub_pkcs1_rsa = Crypt::OpenSSL::RSA->new_public_key(decode_base64($pub_pkcs1_pem));
# Get the key parameters
my ($pn, $pe, $pd, $pp, $pq, $pdmp1, $pdmq1, $piqmp) = $pub_pkcs1_rsa->get_key_parameters();
# n and e should match the private key's values (same key)
ok(compare_bignum_to_hex($pn, $priv_n) == 0, "PKCS#1 public DER n matches private key n");
ok(compare_bignum_to_hex($pe, $priv_e) == 0, "PKCS#1 public DER e matches private key e");
ok(!$pd, "PKCS#1 public DER d parameter undef as expected");
ok(!$pp, "PKCS#1 public DER p parameter undef as expected");
t/padding.t view on Meta::CPAN
my ($major, $minor, $patch) = openssl_version;
my $is_libressl = (`"@{[find_openssl_exec(find_openssl_prefix())]}" version` =~ /LibreSSL/);
BEGIN {
plan tests => 124 + ( UNIVERSAL::can( "Crypt::OpenSSL::RSA", "use_sha512_hash" ) ? 4 * 5 : 0 );
}
sub _Test_Encrypt_And_Decrypt {
my ( $p_plaintext_length, $p_rsa, $p_check_private_encrypt, $padding, $hash ) = @_;
my ( $ciphertext, $decoded_text );
my $plaintext = pack(
"C${p_plaintext_length}",
(
1, 255, 0, 128, 4, # Make sure these characters work
map { int( rand 256 ) } ( 1 .. $p_plaintext_length - 5 )
)
);
ok( $ciphertext = $p_rsa->encrypt($plaintext), "Padding method $padding is valid for encrypting with $hash" );
ok( $decoded_text = $p_rsa->decrypt($ciphertext), "Padding method $padding is valid for decrypting with $hash" );
is( $decoded_text, $plaintext, "decrypted text matches plaintext with $padding/$hash" );
if ($p_check_private_encrypt) {
ok( $ciphertext = $p_rsa->private_encrypt($plaintext), "Padding method $padding is valid for private_encrypt with $hash" );
ok( $decoded_text = $p_rsa->public_decrypt($ciphertext), "Padding method $padding is valid for private_decrypt with $hash" );
is( $decoded_text, $plaintext, "public_decrypt(private_encrypt(plaintext)) round-trips with $padding/$hash" );
}
}
sub _Test_Sign_And_Verify {
my ( $p_plaintext_length, $rsa, $rsa_pub, $padding, $hash ) = @_;
my $plaintext = pack(
"C${p_plaintext_length}",
(
1, 255, 0, 128, 4, # Make sure these characters work
use Crypt::OpenSSL::RSA;
use Crypt::OpenSSL::Guess qw(openssl_version);
BEGIN {
plan tests => 78 + ( UNIVERSAL::can( "Crypt::OpenSSL::RSA", "use_sha512_hash" ) ? 8 * 5 : 0 ) + ( UNIVERSAL::can( "Crypt::OpenSSL::RSA", "use_whirlpool_hash" ) ? 1 * 5 : 0 );
}
sub _Test_Encrypt_And_Decrypt {
my ( $p_plaintext_length, $p_rsa, $p_check_private_encrypt ) = @_;
my ( $ciphertext, $decoded_text );
my $plaintext = pack(
"C${p_plaintext_length}",
(
1, 255, 0, 128, 4, # Make sure these characters work
map { int( rand 256 ) } ( 1 .. $p_plaintext_length - 5 )
)
);
ok( $ciphertext = $p_rsa->encrypt($plaintext), "encrypt succeeds" );
ok( $decoded_text = $p_rsa->decrypt($ciphertext), "decrypt succeeds" );
is( $decoded_text, $plaintext, "decrypted text matches plaintext" );
if ($p_check_private_encrypt) {
ok( $ciphertext = $p_rsa->private_encrypt($plaintext), "private_encrypt succeeds" );
ok( $decoded_text = $p_rsa->public_decrypt($ciphertext), "public_decrypt succeeds" );
is( $decoded_text, $plaintext, "public_decrypt(private_encrypt(plaintext)) round-trips" );
}
}
sub _Test_Sign_And_Verify {
my ( $plaintext, $rsa, $rsa_pub, $hash ) = @_;
my $sig = eval { $rsa->sign($plaintext) };
SKIP: {
skip "OpenSSL error: illegal or unsupported padding mode - $hash", 5 if $@ =~ /illegal or unsupported padding mode/i;
skip "OpenSSL error: invalid digest - $hash", 5 if $@ =~ /invalid digest|no digest set/i;
( run in 0.412 second using v1.01-cache-2.11-cpan-9581c071862 )