scripts for generating test vectors
Karel Miko
10 years ago
28 | 28 | ^poznamky* |
29 | 29 | \.stackdump$ |
30 | 30 | ^.travis* |
31 | t/openssl/.*\.der$ | |
32 | t/openssl/.*\.pem$ | |
33 | t/openssl/.*\.data$ | |
34 | t/openssl/.*\.sig$ | |
35 | t/openssl/.*\.rsa$⏎ | |
31 | t/openssl/.*$⏎ |
0 | for I in 1 2 3 | |
1 | do | |
2 | for C in 512 1024 1536 2048 3072 4096 | |
3 | # for C in 512 | |
4 | do | |
5 | ||
6 | echo "processing $C" | |
7 | PREF="key_$C-$I" | |
8 | openssl dsaparam -genkey -out "$PREF.key.pem" $C | |
9 | openssl dsa -in "$PREF.key.pem" -out "$PREF.pri.pem" | |
10 | openssl dsa -in "$PREF.key.pem" -pubout -out "$PREF.pub.pem" | |
11 | openssl dsa -in "$PREF.key.pem" -out "$PREF.pri.der" -outform der | |
12 | openssl dsa -in "$PREF.key.pem" -pubout -out "$PREF.pub.der" -outform der | |
13 | echo -n 'test-data' | openssl dgst -sha1 -sign "$PREF.pri.pem" -out "$PREF.dsa-sha1.sig" | |
14 | echo -n 'test-data' | openssl dgst -sha256 -sign "$PREF.pri.pem" -out "$PREF.dsa-sha256.sig" | |
15 | HEX_DSA_SHA1=`perl -00 -pe '$_ = unpack("H*", $_)' < "$PREF.dsa-sha1.sig"` | |
16 | HEX_DSA_SHA256=`perl -00 -pe '$_ = unpack("H*", $_)' < "$PREF.dsa-sha256.sig"` | |
17 | HEX_PRI=`openssl dsa -in "$PREF.pri.pem" -inform PEM -text | perl -00 -pe 's/[\n\r] +//sg' | grep "^priv:" | perl -00 -pe 's/[\n\r\s:priv]//sg'` | |
18 | HEX_PUB=`openssl dsa -in "$PREF.pri.pem" -inform PEM -text | perl -00 -pe 's/[\n\r] +//sg' | grep "^pub:" | perl -pe 's/^pub://'| perl -00 -pe 's/[\n\r\s:]//sg'` | |
19 | HEX_PRI_DER=`perl -00 -pe '$_ = unpack("H*", $_)' < "$PREF.pri.der"` | |
20 | HEX_PUB_DER=`perl -00 -pe '$_ = unpack("H*", $_)' < "$PREF.pub.der"` | |
21 | echo " {SIZE=>$C,PRI_FILE=>'$PREF.pri.pem',PUB_FILE=>'$PREF.pub.pem',PRI=>'$HEX_PRI',PUB=>'$HEX_PUB',DSA_SHA1=>'$HEX_DSA_SHA1',DSA_SHA256=>'$HEX_DSA_SHA256',PRI_DER=>'$HEX_PRI_DER',PUB_DER=>'$HEX_PUB_DER'}," >> tmp.txt | |
22 | rm "$PREF.key.pem" | |
23 | ||
24 | done | |
25 | done | |
26 | ||
27 |
0 | for I in 1 2 3 | |
1 | do | |
2 | for C in secp112r1 secp112r2 secp128r1 secp128r2 secp160k1 secp160r1 secp160r2 secp192k1 secp224k1 secp224r1 secp256k1 secp384r1 secp521r1 prime192v1 prime192v2 prime192v3 prime239v1 prime239v2 prime239v3 prime256v1 | |
3 | do | |
4 | ||
5 | echo "processing $C" | |
6 | PREF="key_$C-$I" | |
7 | openssl ecparam -param_enc explicit -name "$C" -genkey -out "$PREF.key.pem" | |
8 | openssl ec -in "$PREF.key.pem" -param_enc explicit -out "$PREF.pri.pem" | |
9 | openssl ec -in "$PREF.key.pem" -param_enc explicit -conv_form compressed -out "$PREF.pric.pem" | |
10 | openssl ec -in "$PREF.key.pem" -pubout -param_enc explicit -out "$PREF.pub.pem" | |
11 | openssl ec -in "$PREF.key.pem" -pubout -param_enc explicit -conv_form compressed -out "$PREF.pubc.pem" | |
12 | echo -n 'test-data' | openssl dgst -sha1 -sign "$PREF.pri.pem" -out "$PREF.ecdsa-sha1.sig" | |
13 | echo -n 'test-data' | openssl dgst -sha256 -sign "$PREF.pri.pem" -out "$PREF.ecdsa-sha256.sig" | |
14 | HEX_ECDSA_SHA1=`cat "$PREF.ecdsa-sha1.sig" | perl -00pe '$_ = unpack("H*", $_)'` | |
15 | HEX_ECDSA_SHA256=`cat "$PREF.ecdsa-sha256.sig" | perl -00pe '$_ = unpack("H*", $_)'` | |
16 | HEX_PRI=`openssl ec -in "$PREF.pri.pem" -inform PEM -text | perl -00pe 's/[\n\r] +//sg' | grep "^priv:" | perl -00pe 's/[\n\r\s:priv]//sg'` | |
17 | HEX_PUB=`openssl ec -in "$PREF.pri.pem" -inform PEM -text | perl -00pe 's/[\n\r] +//sg' | grep "^pub:" | perl -pe 's/^pub://'| perl -00pe 's/[\n\r\s:]//sg'` | |
18 | HEX_PUBC=`openssl ec -in "$PREF.pric.pem" -inform PEM -text | perl -00pe 's/[\n\r] +//sg' | grep "^pub:" | perl -pe 's/^pub://'| perl -00pe 's/[\n\r\s:]//sg'` | |
19 | echo " {CURVE=>'$C',PRI_FILE=>'$PREF.pri.pem',PUB_FILE=>'$PREF.pub.pem',PRI=>'$HEX_PRI',PUB=>'$HEX_PUB',PUBC=>'$HEX_PUBC',ECDSA_SHA1=>'$HEX_ECDSA_SHA1',ECDSA_SHA256=>'$HEX_ECDSA_SHA256'}," >> tmp.txt | |
20 | rm "$PREF.key.pem" "$PREF.pric.pem" "$PREF.pubc.pem" | |
21 | ||
22 | done | |
23 | done |
0 | use strict; | |
1 | use warnings; | |
2 | ||
3 | use File::Slurp qw(append_file read_file write_file); | |
4 | use MIME::Base64 qw(encode_base64 decode_base64); | |
5 | use Crypt::PK::RSA; | |
6 | use Test::More; | |
7 | ||
8 | sub test_rsa { # copy from pk_rsa_test_vectors_openssl.t | |
9 | my $h = shift; | |
10 | my $rsa_pri = Crypt::PK::RSA->new->import_key(\decode_base64($h->{PRIDER})); | |
11 | my $rsa_pub = Crypt::PK::RSA->new->import_key(\decode_base64($h->{PUBDER})); | |
12 | my $rsa_pri_h = $rsa_pri->key2hash; | |
13 | my $rsa_pub_h = $rsa_pub->key2hash; | |
14 | is($rsa_pri_h->{d}, $h->{PRI}, "$h->{ID}/PRI"); | |
15 | is($rsa_pri_h->{N}, $h->{PUB}, "$h->{ID}/PUB"); | |
16 | is($rsa_pub_h->{N}, $h->{PUB}, "$h->{ID}/PUB"); | |
17 | is( $rsa_pri->decrypt(decode_base64($h->{ENC}), 'v1.5'), 'test-data', "$h->{ID}/ENC") || return 0; | |
18 | ok( $rsa_pub->verify_message(decode_base64($h->{SIGSHA1}), 'test-data', 'SHA1', 'v1.5'), "$h->{ID}/SIGSHA1") || return 0; | |
19 | ok( $rsa_pub->verify_message(decode_base64($h->{SIGSHA256}), 'test-data', 'SHA256', 'v1.5'), "$h->{ID}/SIGSHA256") || return 0; | |
20 | return 1 if !$h->{SIGSHA512}; #SHA512 might be too big for short RSA keys | |
21 | ok( $rsa_pub->verify_message(decode_base64($h->{SIGSHA512}), 'test-data', 'SHA512', 'v1.5'), "$h->{ID}/SIGSHA512") || return 0; | |
22 | return 1; | |
23 | } | |
24 | ||
25 | write_file("input.data", {binmode=>':raw'}, "test-data"); | |
26 | my $outfile = "rsa_tmp.$$.txt"; | |
27 | my $ver = `openssl version` =~ s/[\r\n]*$//r; | |
28 | append_file($outfile, "my \$data = [ #test vectors generated by: $ver\n"); | |
29 | for my $I (1..10000) { | |
30 | for my $C (qw(512 1024 1536 2048 3072 4096)) { | |
31 | my $ID="key-$C-$I"; | |
32 | my $PREF="$ID-$$"; | |
33 | warn "######## processing $PREF\n"; | |
34 | system("openssl genrsa -out $PREF.key.pem $C"); | |
35 | system("openssl rsa -in $PREF.key.pem -out $PREF.priv.pem"); | |
36 | system("openssl rsa -in $PREF.key.pem -pubout -out $PREF.pub.pem"); | |
37 | system("openssl rsa -in $PREF.key.pem -out $PREF.priv.der -outform der"); | |
38 | system("openssl rsa -in $PREF.key.pem -pubout -out $PREF.pub.der -outform der"); | |
39 | system("openssl dgst -sha1 -sign $PREF.priv.pem -out $PREF.sha1.sig input.data"); | |
40 | system("openssl dgst -sha256 -sign $PREF.priv.pem -out $PREF.sha256.sig input.data"); | |
41 | system("openssl dgst -sha512 -sign $PREF.priv.pem -out $PREF.sha512.sig input.data"); | |
42 | system("openssl rsautl -encrypt -inkey $PREF.pub.pem -pubin -out $PREF.enc -in input.data"); | |
43 | my $PRI_DER = encode_base64(read_file("$PREF.priv.der", binmode=>':raw'), ""); | |
44 | my $PUB_DER = encode_base64(read_file("$PREF.pub.der", binmode=>':raw'), ""); | |
45 | my $SIG_SHA1 = encode_base64(read_file("$PREF.sha1.sig", binmode=>':raw'), ""); | |
46 | my $SIG_SHA256 = encode_base64(read_file("$PREF.sha256.sig", binmode=>':raw'), ""); | |
47 | my $SIG_SHA512 = encode_base64(read_file("$PREF.sha512.sig", binmode=>':raw'), ""); | |
48 | my $ENCRYPTED = encode_base64(read_file("$PREF.enc", binmode=>':raw'), ""); | |
49 | my @key_dump = split /[\r\n]+/, `openssl rsa -in "$PREF.priv.pem" -inform PEM -text` =~ s/:[\r\n]+ +/:/sgr; | |
50 | my %h = map { my ($k, $v) = /^([a-zA-Z0-9]+):(.*)/; ($k||0)=>($v||0) =~ s/[: ]//sgr } @key_dump; # ugly, I know | |
51 | my $PRI = uc $h{privateExponent} =~ s/^0+//r; | |
52 | my $PUB = uc $h{modulus} =~ s/^0+//r; | |
53 | append_file($outfile, " {ID=>'$ID',SIZE=>$C,PRI=>'$PRI',PUB=>'$PUB',SIGSHA1=>'$SIG_SHA1',SIGSHA256=>'$SIG_SHA256',SIGSHA512=>'$SIG_SHA512',ENC=>'$ENCRYPTED',PRIDER=>'$PRI_DER',PUBDER=>'$PUB_DER'},\n"); | |
54 | test_rsa({ID=>$ID,SIZE=>$C,PRI=>$PRI,PUB=>$PUB,SIGSHA1=>$SIG_SHA1,SIGSHA256=>$SIG_SHA256,SIGSHA512=>$SIG_SHA512,ENC=>$ENCRYPTED,PRIDER=>$PRI_DER,PUBDER=>$PUB_DER}) || die; | |
55 | unlink "$PREF.key.pem"; | |
56 | unlink "$PREF.priv.pem"; | |
57 | unlink "$PREF.pub.pem"; | |
58 | unlink "$PREF.priv.der"; | |
59 | unlink "$PREF.pub.der"; | |
60 | unlink "$PREF.sha1.sig"; | |
61 | unlink "$PREF.sha256.sig"; | |
62 | unlink "$PREF.sha512.sig"; | |
63 | } | |
64 | } | |
65 | append_file($outfile, "];\n"); |