Codebase list libcryptx-perl / aae09a0 t / openssl / ecc-test.pl
aae09a0

Tree @aae09a0 (Download .tar.gz)

ecc-test.pl @aae09a0raw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
use strict;
use warnings;
use File::Glob 'bsd_glob';

sub runcmds {
  my ($curve, $cmds) = @_;
  for (split /\n/, $cmds) {
    s/^\s*(.*?)\s*$/$1/;
    warn "##$curve## >$_<\n";
    my $rv = system($_);
    die "ERROR (curve = $curve, rv = $rv)\n" if $rv;
  }
}

sub doit {
  my $curve = shift;
  ### sign openssl > cryptx
  runcmds $curve, <<'MARKER';
    openssl dgst -sha1 -sign test_eckey.priv.pem -out test_input.sha1-ec.sig test_input.data
MARKER

  {
   use Crypt::PK::ECC;
   use Crypt::Digest 'digest_file';
   use Crypt::Misc 'read_rawfile';

   my $pkec = Crypt::PK::ECC->new("test_eckey.pub.pem");
   my $signature = read_rawfile("test_input.sha1-ec.sig");
   my $valid = $pkec->verify_hash($signature, digest_file("SHA1", "test_input.data"), "SHA1");
   print $valid ? "SUCCESS" : "FAILURE";
  }

  ### sign cryptx > openssl
  {
   use Crypt::PK::ECC;
   use Crypt::Digest 'digest_file';
   use Crypt::Misc 'write_rawfile';

   my $pkec = Crypt::PK::ECC->new("test_eckey.priv.pem");
   my $signature = $pkec->sign_hash(digest_file("SHA1", "test_input.data"), "SHA1");
   write_rawfile("test_input.sha1-ec.sig", $signature);
  }

  runcmds $curve, <<'MARKER';
   openssl dgst -sha1 -verify test_eckey.pub.pem -signature test_input.sha1-ec.sig test_input.data
MARKER
}

### MAIN ###

my $curve;
write_rawfile("test_input.data", "test-file-content");

# list supported curves: openssl ecparam -list_curves | grep "prime field"

for $curve (qw/brainpoolp160r1 brainpoolp192r1 brainpoolp224r1 brainpoolp256r1 brainpoolp320r1 brainpoolp384r1 brainpoolp512r1
               brainpoolp160t1 brainpoolp192t1 brainpoolp224t1 brainpoolp256t1 brainpoolp320t1 brainpoolp384t1 brainpoolp512t1
               wap-wsg-idm-ecid-wtls8 wap-wsg-idm-ecid-wtls9
               wap-wsg-idm-ecid-wtls6 wap-wsg-idm-ecid-wtls7 wap-wsg-idm-ecid-wtls12
               secp112r1 secp112r2 secp128r1 secp128r2 secp160k1 secp160r1 secp160r2 secp192k1
               secp192r1 secp224k1 secp224r1 secp256k1 secp256r1 secp384r1 secp521r1
               prime192v1 prime192v2 prime192v3 prime239v1 prime239v2 prime239v3 prime256v1
               nistp192 nistp224 nistp256 nistp384 nistp521/) {
  ### keys generated by cryptx
  {
   use Crypt::PK::ECC;
   use Crypt::Misc 'write_rawfile';

   my $pkec = Crypt::PK::ECC->new;
   $pkec->generate_key($curve);
   write_rawfile("test_eckey.pub.der",  $pkec->export_key_der('public'));
   write_rawfile("test_eckey.priv.der", $pkec->export_key_der('private'));
   write_rawfile("test_eckey.pub.pem",  $pkec->export_key_pem('public'));
   write_rawfile("test_eckey.priv.pem", $pkec->export_key_pem('private'));
   write_rawfile("test_eckey-passwd.priv.pem", $pkec->export_key_pem('private', 'secret'));
   #short
   write_rawfile("test_eckey.pubs.der",  $pkec->export_key_der('public_short'));
   write_rawfile("test_eckey.privs.der", $pkec->export_key_der('private_short'));
   write_rawfile("test_eckey.pubs.pem",  $pkec->export_key_pem('public_short'));
   write_rawfile("test_eckey.privs.pem", $pkec->export_key_pem('private_short'));
   write_rawfile("test_eckey-passwd.privs.pem", $pkec->export_key_pem('private_short', 'secret'));
  }

  runcmds "$curve/A", <<'MARKER';
   openssl ec -in test_eckey.priv.der -text -inform der
   openssl ec -in test_eckey.priv.pem -text
   openssl ec -in test_eckey-passwd.priv.pem -text -inform pem -passin pass:secret
   openssl ec -in test_eckey.pub.der -pubin -text -inform der
   openssl ec -in test_eckey.pub.pem -pubin -text
   openssl ec -in test_eckey.privs.der -text -inform der
   openssl ec -in test_eckey.privs.pem -text
   openssl ec -in test_eckey-passwd.privs.pem -text -inform pem -passin pass:secret
   openssl ec -in test_eckey.pubs.der -pubin -text -inform der
   openssl ec -in test_eckey.pubs.pem -pubin -text
MARKER

  doit("$curve/A");
}

# openssl ecparam -list_curves
for my $curve (qw/secp112r1 secp112r2 secp128r1 secp128r2 secp160k1 secp160r1 secp160r2 secp192k1
                  secp224k1 secp224r1 secp256k1 secp384r1 secp521r1
                  prime192v1 prime192v2 prime192v3 prime239v1 prime239v2 prime239v3 prime256v1
                  brainpoolP160r1 brainpoolP160t1 brainpoolP192r1 brainpoolP192t1 brainpoolP224r1
                  brainpoolP224t1 brainpoolP256r1 brainpoolP256t1 brainpoolP320r1 brainpoolP320t1
                  brainpoolP384r1 brainpoolP384t1 brainpoolP512r1 brainpoolP512t1/) {
  ### keys generated by openssl
  runcmds "$curve/B", <<"MARKER";
   openssl ecparam -param_enc explicit -name $curve -genkey -out test_eckey.priv.pem
   openssl ec -param_enc explicit -in test_eckey.priv.pem -out test_eckey.pub.pem -pubout
   openssl ec -param_enc explicit -in test_eckey.priv.pem -out test_eckey.priv.der -outform der
   openssl ec -param_enc explicit -in test_eckey.priv.pem -out test_eckey.pub.der -outform der -pubout
   openssl ec -param_enc explicit -in test_eckey.priv.pem -out test_eckey.privc.der -outform der -conv_form compressed
   openssl ec -param_enc explicit -in test_eckey.priv.pem -out test_eckey.pubc.der -outform der -pubout -conv_form compressed
   openssl ec -param_enc explicit -in test_eckey.priv.pem -passout pass:secret -des3 -out test_eckey-passwd.priv.pem
MARKER

  {
   use Crypt::PK::ECC;

   my $pkec = Crypt::PK::ECC->new;
   warn("> gonna import: test_eckey.pub.der\n");                  $pkec->import_key("test_eckey.pub.der");
   warn("> gonna import: test_eckey.pubc.der\n");                 $pkec->import_key("test_eckey.pubc.der");
   warn("> gonna import: test_eckey.priv.der\n");                 $pkec->import_key("test_eckey.priv.der");
   warn("> gonna import: test_eckey.privc.der\n");                $pkec->import_key("test_eckey.privc.der");
   warn("> gonna import: test_eckey.pub.pem\n");                  $pkec->import_key("test_eckey.pub.pem");
   warn("> gonna import: test_eckey.priv.pem\n");                 $pkec->import_key("test_eckey.priv.pem");
   warn("> gonna import: test_eckey-passwd.priv.pem + secret\n"); $pkec->import_key("test_eckey-passwd.priv.pem", "secret");
  }

  doit("$curve/B");
}

warn "\nSUCCESS\n";
unlink $_ for (bsd_glob("test_*.der"), bsd_glob("test_*.pem"), bsd_glob("test_*.sig"), bsd_glob("test_*.data"));