[openssl] OpenSSL_1_1_1-stable update
matthias.st.pierre at ncp-e.com
matthias.st.pierre at ncp-e.com
Thu May 2 21:03:01 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 49142bcb187d4d9fe8b41a813ff63ddf322600a3 (commit)
from 68b8769e4e16e69954729d27a0d40b93f1098a8a (commit)
- Log -----------------------------------------------------------------
commit 49142bcb187d4d9fe8b41a813ff63ddf322600a3
Author: Dr. Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
Date: Thu May 2 13:57:35 2019 +0200
Test: use keywords instead of magic numbers for 'rsa_pss_saltlen'
Since commit 137096a7ead it is possible to specify keywords instead
of negative magic numbers for the salt length. This commit replaces
the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes
by `rsa_pss_saltlen:max`.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8860)
(cherry picked from commit 31fc48ddc30c627416edaa62ec1448e66ef92908)
-----------------------------------------------------------------------
Summary of changes:
test/recipes/15-test_rsapss.t | 8 ++++----
test/recipes/80-test_cms.t | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/test/recipes/15-test_rsapss.t b/test/recipes/15-test_rsapss.t
index f10625d..f0fd1b7 100644
--- a/test/recipes/15-test_rsapss.t
+++ b/test/recipes/15-test_rsapss.t
@@ -20,14 +20,14 @@ plan tests => 5;
#using test/testrsa.pem which happens to be a 512 bit RSA
ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
- '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3',
+ '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
'-sigopt', 'rsa_mgf1_md:sha512', '-out', 'testrsapss.sig',
srctop_file('test', 'testrsa.pem')])),
"openssl dgst -sign");
with({ exit_checker => sub { return shift == 1; } },
sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512',
- '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3',
+ '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
'-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])),
"openssl dgst -sign, expect to fail gracefully");
ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512',
@@ -35,14 +35,14 @@ with({ exit_checker => sub { return shift == 1; } },
'-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])),
"openssl dgst -sign, expect to fail gracefully");
ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512',
- '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3',
+ '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
'-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig',
srctop_file('test', 'testrsa.pem')])),
"openssl dgst -prverify, expect to fail gracefully");
});
ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1',
- '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3',
+ '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:max',
'-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig',
srctop_file('test', 'testrsa.pem')])),
"openssl dgst -prverify");
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index 52b822e..567ef9e 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -308,10 +308,10 @@ my @smime_cms_param_tests = (
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
],
- [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=-3",
+ [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max",
[ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
"-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss",
- "-keyopt", "rsa_pss_saltlen:-3", "-out", "test.cms" ],
+ "-keyopt", "rsa_pss_saltlen:max", "-out", "test.cms" ],
[ "-verify", "-in", "test.cms", "-inform", "PEM",
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
],
More information about the openssl-commits
mailing list