blob: 2f682a77fb3cb6fd092a027459f8d2a9aa57f9a2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
|
#!/usr/bin/tclsh/
# -*- coding: cp1251 -*-
lappend auto_path [file dirname [info script]]
package require ossltest
set plain0 [getFile plain.enc]
file copy -force cfb0.enc $::test::dir
file copy -force cnt0.enc $::test::dir
file copy -force cbc0.enc $::test::dir
file copy -force aes0.enc $::test::dir
file copy -force plain.enc $::test::dir
file copy -force magma_plain.enc $::test::dir
file copy -force magma_acpkm_plain.enc $::test::dir
set cfb1 [getFile cfb1.enc]
set cbc1 [getFile cbc1.enc]
set cnt1 [getFile cnt1.enc]
set aes1 [getFile aes1.enc]
set magma1 [getFile magma1.enc]
set macpkm1 [getFile macpkm1.enc]
cd $::test::dir
file delete cfb1.enc cbc1.enc cnt1.enc aes1.enc magma1.enc magma1.enc macpkm1.enc
start_tests "Тесты на команду enc"
save_env2 {CRYPT_PARAMS}
if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)}
test -createsfiles cfb0.dec "Decrypting etalon file in CFB mode" {
openssl "enc -gost89 -d -md md5 -in cfb0.enc -out cfb0.dec -k 1234567890 -p"
getFile cfb0.dec
} 0 $plain0
test -createsfiles cnt0.dec "Decrypting etalon file CNT mode" {
openssl "enc -gost89-cnt -d -md md5 -in cnt0.enc -out cnt0.dec -k 1234567890 -p"
getFile cnt0.dec
} 0 $plain0
test -createsfiles cbc0.dec "Decrypting etalon file in CBC mode" {
openssl "enc -gost89-cbc -d -md md5 -in cbc0.enc -out cbc0.dec -k 1234567890 -p"
getFile cbc0.dec
} 0 $plain0
test -createsfiles aes0.dec "Decrypting etalon file encrypted with AES" {
openssl "enc -aes-128-cbc -d -md md5 -in aes0.enc -out aes0.dec -k 1234567890"
getFile aes0.dec
} 0 $plain0
test -createsfiles cfb1.enc "Encrypting etalon file in CFB mode" {
openssl "enc -gost89 -in plain.enc -out cfb1.enc -K 0D6F24152DB4B18CC4B0EE62F55FAD0BEADC26E7992C5EDF039114EC3F44EB08 -iv 8EE68900818CD1F9 -p"
getFile cfb1.enc
} 0 $cfb1
test -createsfiles cnt1.enc "Encrypting etalon file in CNT mode" {
openssl "enc -gost89-cnt -in plain.enc -out cnt1.enc -K EF164FDF5B1128DE44AFCC00A0323DC1090EC99DE9C6B085B0D2550AB9F1AF47 -iv 9AF32B4E2FB1DF3D -p"
getFile cnt1.enc
} 0 $cnt1
test -createsfiles cbc1.enc "Encrypting etalon file in CBC mode" {
openssl "enc -gost89-cbc -in plain.enc -out cbc1.enc -K F6AF8D0EDF555D164E3DDFA20615D7DF602B99A5ED4BD4103C4CA622D4544636 -iv 8264BBB5A072CDB5 -p"
getFile cbc1.enc
} 0 $cbc1
test -createsfiles aes1.enc "Encrypting etalon file with AES" {
openssl "enc -aes-128-cbc -in plain.enc -out aes1.enc -K D45358C3C6E711392E9F2AFF46C444B1 -iv 78E88EFC8F44B9C27C45C5FCC61DCD94 -p"
getFile aes1.enc
} 0 $aes1
set plain "Test data to encrypt "
makeFile enc.dat $plain binary
set plain2 [string repeat "Test data for encrypt of big string\n" 64]
makeFile enc2.dat $plain2 binary
test -createsfiles {cfb.enc} "Encrypting file in CFB mode" {
openssl "enc -gost89 -out cfb.enc -in enc.dat -k 1234567890 -p"
file isfile cfb.enc
} 0 1
test -createsfiles {cnt.enc} "Encrypting file in CNT mode" {
openssl "enc -gost89-cnt -out cnt.enc -in enc.dat -k 1234567890 -p"
file isfile cnt.enc
} 0 1
test -createsfiles {cbc.enc} "Encrypting file in CBC mode" {
openssl "enc -gost89-cbc -out cbc.enc -in enc.dat -k 1234567890 -p"
file isfile cbc.enc
} 0 1
test -createsfiles aes.enc "Encrypting file using aes" {
openssl "enc -aes-128-cbc -out aes.enc -in enc.dat -k 1234567890"
file isfile aes.enc
} 0 1
test "Ciphered text in CFB mode differs from plain text" {
set ciphered [getFile cfb.enc binary]
string first $ciphered $plain
} 0 -1
test "Ciphered text in CNT mode differs from plain text" {
set ciphered [getFile cnt.enc binary]
string first $ciphered $plain
} 0 -1
test "Ciphered text in CBC mode differs from plain text" {
set ciphered [getFile cbc.enc binary]
string first $ciphered $plain
} 0 -1
test "Ciphered with aes text differs from plain text" {
set ciphered [getFile aes.enc binary]
string first $ciphered $plain
} 0 -1
test -createsfiles cfb.dec "Decrypting file, encrypted in CFB mode" {
openssl "enc -gost89 -d -in cfb.enc -out enc.dec -k 1234567890 -p"
getFile enc.dec
} 0 $plain
test -createsfiles cnt.dec "Decrypting file, encrypted in CNT mode" {
openssl "enc -gost89-cnt -d -in cnt.enc -out cnt.dec -k 1234567890 -p"
getFile cnt.dec
} 0 $plain
test -createsfiles cbc.dec "Decrypting file, encrypted in CBC mode" {
openssl "enc -gost89-cbc -d -in cbc.enc -out cbc.dec -k 1234567890 -p"
getFile cbc.dec
} 0 $plain
test -createsfiles aes.dec "Decrypting file encrypted with aes" {
openssl "enc -aes-128-cbc -d -in aes.enc -out aes.dec -k 1234567890"
getFile aes.dec
} 0 $plain
test -createsfiles {cfb2.enc} "Encrypting more than 1KB" {
if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)}
openssl "enc -gost89 -out cfb2.enc -in enc2.dat -k 1234567890 -p"
file isfile cfb2.enc
} 0 1
test -createsfiles {cfb2.dec} "Decrypting more than 1Kb" {
openssl "enc -d -gost89 -out cfb2.dec -in cfb2.enc -k 1234567890 -p"
getFile cfb2.dec
} 0 $plain2
test -createsfiles {cnt2.enc} "Encrypting more than 1KB in CNT mode" {
if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)}
openssl "enc -gost89-cnt -out cnt2.enc -in enc2.dat -k 1234567890 -p"
file isfile cnt2.enc
} 0 1
test -createsfiles {cnt2.dec} "Decrypting more than 1Kb in CNT mode" {
openssl "enc -d -gost89-cnt -out cnt2.dec -in cnt2.enc -k 1234567890 -p"
getFile cnt2.dec
} 0 $plain2
test -createsfiles {cnc2.enc} "Encrypting more than 1KB in CBC mode" {
if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)}
openssl "enc -gost89-cbc -out cbc2.enc -in enc2.dat -k 1234567890 -p"
file isfile cbc2.enc
} 0 1
test -createsfiles {cbc2.dec} "Decrypting more than 1Kb in CBC mode" {
openssl "enc -d -gost89-cbc -out cbc2.dec -in cbc2.enc -k 1234567890 -p"
getFile cbc2.dec
} 0 $plain2
test -skip {![file exists enc2.dat]} -createsfiles {cfb3.enc} "Encrypting with paramset TC26 (symbolic)" {
set env(CRYPT_PARAMS) "id-tc26-gost-28147-param-Z"
openssl "enc -gost89 -out cfb3.enc -in enc2.dat -k 1234567890 -p"
file isfile cfb3.enc
} 0 1
test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec1} "Decrypting with paramset TC26 (OID)" {
set env(CRYPT_PARAMS) "1.2.643.7.1.2.5.1.1"
openssl "enc -gost89 -d -in cfb3.enc -out cfb3.dec1 -k 1234567890 -p"
getFile cfb3.dec1
} 0 $plain2
test -skip {![file exists enc2.dat]} -createsfiles {cbc3.enc} "Encrypting in CBC mode with paramset RIC 1 (symbolic)" {
set env(CRYPT_PARAMS) "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
openssl "enc -gost89-cbc -out cbc3.enc -in enc2.dat -k 1234567890 -p"
file isfile cbc3.enc
} 0 1
test -skip {![file exists cbc3.enc]} -createsfiles {cbc3.dec1} "Decrypting in CBC mode with paramset RIC 1 (OID)" {
set env(CRYPT_PARAMS) "1.2.643.2.2.31.7"
openssl "enc -gost89-cbc -d -in cbc3.enc -out cbc3.dec1 -k 1234567890 -p"
getFile cbc3.dec1
} 0 $plain2
restore_env2 {CRYPT_PARAMS}
save_env2 {CRYPT_PARAMS OPENSSL_CONF}
test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec2} "Decrypting with default params" {
if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)}
makeFile enc1.cnf [regsub -all "\n\\s*CRYPT_PARAMS\\s*=\[\^\n]*" [getConfig] ""]
set ::env(OPENSSL_CONF) [file join [pwd] enc1.cnf]
openssl "enc -gost89 -d -in cfb3.enc -out cfb3.dec2 -k 1234567890 -p"
getFile cfb3.dec2
} 0 $plain2
restore_env2 {CRYPT_PARAMS OPENSSL_CONF}
save_env2 {CRYPT_PARAMS}
test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec3} "Decrypting with wrong explicitely set" {
set env(CRYPT_PARAMS) "id-Gost28147-89-CryptoPro-B-ParamSet"
openssl "enc -gost89 -d -in cfb3.enc -out cfb3.dec3 -k 1234567890 -p"
string equal [getFile cfb3.dec3] $plain2
} 0 0
restore_env2 {CRYPT_PARAMS}
test -createsfiles magma1.enc "Encrypting etalon file (Magma-CTR)" {
openssl "enc -magma-ctr -K ffeeddccbbaa99887766554433221100f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -iv 1234567800000000 -in magma_plain.enc -out magma1.enc"
getFile magma1.enc
} 0 $magma1
test -createsfiles macpkm1.enc "Encrypting etalon file (Magma-ACPKM)" {
openssl "enc -id-tc26-cipher-gostr3412-2015-magma-ctracpkm -K F797256845F36CF075603445CD322BACC3834032BC425E4D3C8495236F7B6CAF -iv 00000FFF00000000 -in magma_acpkm_plain.enc -out macpkm1.enc"
getFile macpkm1.enc
} 0 $macpkm1
end_tests
|
