use strict;
use warnings;
sub runcmds {
my $cmds = shift;
for (split /\n/, $cmds) {
s/^\s*(.*?)\s*$/$1/;
warn "#### >$_<\n";
my $rv = system($_);
die "ERROR (rv = $rv)\n" if $rv;
}
}
sub doit {
### sign openssl > cryptx
runcmds <<'MARKER';
openssl dgst -sha1 -sign eckey.priv.pem -out input.sha1-ec.sig input.data
MARKER
{
use Crypt::PK::ECC;
use Crypt::Digest 'digest_file';
use File::Slurp 'read_file';
my $pkec = Crypt::PK::ECC->new("eckey.pub.pem");
my $signature = read_file("input.sha1-ec.sig", binmode=>':raw');
my $valid = $pkec->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5");
print $valid ? "SUCCESS" : "FAILURE";
}
### sign cryptx > openssl
{
use Crypt::PK::ECC;
use Crypt::Digest 'digest_file';
use File::Slurp 'write_file';
my $pkec = Crypt::PK::ECC->new("eckey.priv.pem");
my $signature = $pkec->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5");
write_file("input.sha1-ec.sig", {binmode=>':raw'}, $signature);
}
runcmds <<'MARKER';
openssl dgst -sha1 -verify eckey.pub.pem -signature input.sha1-ec.sig input.data
MARKER
}
### MAIN ###
write_file("input.data", "test-file-content");
### keys generated by cryptx
{
use Crypt::PK::ECC;
use File::Slurp 'write_file';
my $pkec = Crypt::PK::ECC->new;
$pkec->generate_key('secp160k1');
write_file("eckey.pub.der", {binmode=>':raw'}, $pkec->export_key_der('public'));
write_file("eckey.priv.der", {binmode=>':raw'}, $pkec->export_key_der('private'));
write_file("eckey.pub.pem", $pkec->export_key_pem('public'));
write_file("eckey.priv.pem", $pkec->export_key_pem('private'));
write_file("eckey-passwd.priv.pem", $pkec->export_key_pem('private', 'secret'));
}
runcmds <<'MARKER';
openssl ec -in eckey.priv.der -text -inform der
openssl ec -in eckey.priv.pem -text
openssl ec -in eckey-passwd.priv.pem -text -inform pem -passin pass:secret
openssl ec -in eckey.pub.der -pubin -text -inform der
openssl ec -in eckey.pub.pem -pubin -text
MARKER
doit();
### keys generated by openssl
runcmds <<'MARKER';
openssl ecparam -param_enc explicit -name prime192v3 -genkey -out eckey.priv.pem
openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pub.pem -pubout
openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.priv.der -outform der
openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pub.der -outform der -pubout
openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.privc.der -outform der -conv_form compressed
openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pubc.der -outform der -pubout -conv_form compressed
openssl ec -param_enc explicit -in eckey.priv.pem -passout pass:secret -des3 -out eckey-passwd.priv.pem
MARKER
{
use Crypt::PK::ECC;
use File::Slurp 'write_file';
my $pkec = Crypt::PK::ECC->new;
$pkec->import_key("eckey.pub.der");
$pkec->import_key("eckey.pubc.der");
$pkec->import_key("eckey.priv.der");
$pkec->import_key("eckey.privc.der");
$pkec->import_key("eckey.pub.pem");
$pkec->import_key("eckey.priv.pem");
$pkec->import_key("eckey-passwd.priv.pem", "secret");
}
doit();
warn "\nSUCCESS\n";