coelner/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2024-09-20 03:10:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add EC derive tests.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2023-10-09 16:35:51 +02:00
parent 4493afa84d
commit ba036f4c0f
No known key found for this signature in database
GPG Key ID: C0095B7870A4CCD3
1 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
tests/scripts/asym_cipher.sh
View File

@ -7,9 +7,12 @@ test $? -eq 0 || exit $?
rsa_encrypt_decrypt() {
openssl pkeyutl -encrypt -pubin -inkey 1.pub $2 -in $1 -out data.crypt
test $? -eq 0 && echo -n "." || exit $?
e=$(pkcs11-tool --id 1 --pin 648219 --decrypt $3 -i data.crypt 2>/dev/null)
TDATA=$(tr -d '\0' < <(pkcs11-tool --id 1 --pin 648219 --decrypt $3 -i data.crypt 2>/dev/null))
test $? -eq 0 && echo -n "." || exit $?
if [[ ${TEST_STRING} != "$TDATA" ]]; then
exit 1
fi
test $? -eq 0 && echo -n "." || exit $?
grep -q "${TEST_STRING}" <<< $e || exit $?
}
TEST_STRING="This is a test string. Be safe, be secure."
@ -37,3 +40,24 @@ rsa_encrypt_decrypt data "-pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sh
openssl pkeyutl -encrypt -pubin -inkey 1.pub -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 -pkeyopt rsa_mgf1_md:sha256 -in data -out data.crypt
test $? -eq 0 && echo -e ".\t${OK}" || exit $?
rm -rf data* 1.*
pkcs11-tool -l --pin 648219 --delete-object --type privkey --id 1 > /dev/null 2>&1
algs=("secp192r1" "secp256r1" "secp384r1" "secp521r1" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "secp192k1" "secp256k1")
for alg in ${algs[*]}; do
echo -n " Test EC derive with ${alg}..."
keygen_and_export ec:${alg}
test $? -eq 0 && echo -n "." || exit $?
openssl ecparam -genkey -name ${alg} > bob.pem 2>/dev/null
test $? -eq 0 && echo -n "." || exit $?
openssl ec -in bob.pem -pubout -outform DER > bob.der 2>/dev/null
test $? -eq 0 && echo -n "." || exit $?
pkcs11-tool --pin 648219 --id 1 --derive -i bob.der -o mine-bob.der > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
openssl pkeyutl -derive -out bob-mine.der -inkey bob.pem -peerkey 1.pub 2>/dev/null
test $? -eq 0 && echo -n "." || exit $?
cmp bob-mine.der mine-bob.der
test $? -eq 0 && echo -e ".\t${OK}" || exit $?
rm -rf data* 1.*
pkcs11-tool -l --pin 648219 --delete-object --type privkey --id 1 > /dev/null 2>&1
done