Add missing tests for Ed448

Signed-off-by: Jakub Jelen <[email protected]>
latchset · Jan 20, 2025 · e2ada91 · e2ada91
1 parent 5dec656
commit e2ada91
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 2 deletions.
diff --git a/tests/tbasic b/tests/tbasic
@@ -129,12 +129,14 @@ ossl 'pkey -in $BASEURIWITHPINVALUE -pubin -pubout -out ${TMPPDIR}/rsa.pub.uripi
 ossl 'pkey -in $ECBASEURIWITHPINVALUE -pubin -pubout -out ${TMPPDIR}/ec.pub.uripin.pem'
 [[ -n $ECXBASEURIWITHPINVALUE ]] && ossl 'pkey -in $ECXBASEURIWITHPINVALUE -pubin -pubout -out ${TMPPDIR}/ecx.pub.uripin.pem'
 [[ -n $EDBASEURIWITHPINVALUE ]] && ossl 'pkey -in $EDBASEURIWITHPINVALUE -pubin -pubout -out ${TMPPDIR}/ed.pub.uripin.pem'
+[[ -n $ED2BASEURIWITHPINVALUE ]] && ossl 'pkey -in $ED2BASEURIWITHPINVALUE -pubin -pubout -out ${TMPPDIR}/ed2.pub.uripin.pem'
 
 title PARA "Test fetching public keys with a PIN source in URI"
 ossl 'pkey -in $BASEURIWITHPINSOURCE -pubin -pubout -out ${TMPPDIR}/rsa.pub.uripinsource.pem'
 ossl 'pkey -in $ECBASEURIWITHPINSOURCE -pubin -pubout -out ${TMPPDIR}/ec.pub.uripinsource.pem'
 [[ -n $ECXBASEURIWITHPINSOURCE ]] && ossl 'pkey -in $ECXBASEURIWITHPINSOURCE -pubin -pubout -out ${TMPPDIR}/ecx.pub.uripinsource.pem'
 [[ -n $EDBASEURIWITHPINSOURCE ]] && ossl 'pkey -in $EDBASEURIWITHPINSOURCE -pubin -pubout -out ${TMPPDIR}/ed.pub.uripinsource.pem'
+[[ -n $ED2BASEURIWITHPINSOURCE ]] && ossl 'pkey -in $ED2BASEURIWITHPINSOURCE -pubin -pubout -out ${TMPPDIR}/ed2.pub.uripinsource.pem'
 
 title PARA "Test prompting without PIN in config files"
 output=$(expect -c "spawn -noecho $CHECKER openssl pkey -in \"${PRIURI}\" -text -noout;

diff --git a/tests/tdemoca b/tests/tdemoca
@@ -61,6 +61,18 @@ if [[ -n $EDPRIURI ]]; then
     ca -batch -in ${DEMOCA}/cert-ed.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem'
 fi
 
+if [[ -n $ED2PRIURI ]]; then
+    title PARA "Generating a new CSR with existing ED448 key in token"
+    ossl '
+    req -batch -noenc -new -key ${ED2PRIURI}
+        -subj "/CN=testing-ed2-signing/O=PKCS11 Provider/C=US"
+        -out ${DEMOCA}/cert-ed2.csr'
+
+    title PARA "Signing the new ED448 key certificate"
+    ossl '
+    ca -batch -in ${DEMOCA}/cert-ed2.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem'
+fi
+
 title PARA "Set up OCSP"
 ossl '
 req -batch -noenc -new -subj "/CN=OCSP/O=PKCS11 Provider/C=US"

diff --git a/tests/ttls b/tests/ttls
@@ -110,10 +110,15 @@ run_tests() {
     run_test "$ECPRIURI" "$ECCRTURI"
 
     if [[ -n "$EDBASEURI" ]]; then
-        title PARA "Run sanity test with default values (EdDSA)"
+        title PARA "Run sanity test with default values (Ed25519)"
         run_test "$EDPRIURI" "$EDCRTURI"
     fi
 
+    if [[ -n "$ED2BASEURI" ]]; then
+        title PARA "Run sanity test with default values (Ed448)"
+        run_test "$ED2PRIURI" "$ED2CRTURI"
+    fi
+
     title PARA "Run test with TLS 1.2"
     run_test "$PRIURI" "$CRTURI" "" "-tls1_2"
 

diff --git a/tests/ttlsfuzzer b/tests/ttlsfuzzer
@@ -69,10 +69,15 @@ run_tests() {
     prepare_test cert.json.ecdsa.in "$ECPEERPRIURI" "$ECPEERCRTURI"
 
     if [[ -n "$EDBASEURI" ]]; then
-        title PARA "Prepare test for EdDSA"
+        title PARA "Prepare test for Ed25519"
         prepare_test cert.json.eddsa.in "$EDPRIURI" "$EDCRTURI"
     fi
 
+    if [[ -n "$ED2BASEURI" ]]; then
+        title PARA "Prepare test for Ed448"
+        prepare_test cert.json.eddsa.in "$ED2PRIURI" "$ED2CRTURI"
+    fi
+
     # the missing closing brace
     echo "]" >> "${TMPFILE}"