Codebase list libcryptx-perl / c848e1f
tuning ECC tests+doc Karel Miko 10 years ago
3 changed file(s) with 197 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all
+1
-1
lib/Crypt/PK/DSA.pm less more
416416 ### let's have:
417417 # DSA private key in PEM format - dsakey.priv.pem
418418 # DSA public key in PEM format - dsakey.pub.pem
419 # data file to be signed or encrypted - input.data
419 # data file to be signed - input.data
420420
421421 =head2 Sign by OpenSSL, verify by Crypt::PK::DSA
422422
+91
-0
lib/Crypt/PK/ECC.pm less more
815815 #on Bob side
816816 my $shared_secret = ecc_shared_secret('Bob_priv_ecc1.der', 'Alice_pub_ecc1.der');
817817
818 =head1 OpenSSL interoperability
819
820 ### let's have:
821 # ECC private key in PEM format - eckey.priv.pem
822 # ECC public key in PEM format - eckey.pub.pem
823 # data file to be signed - input.data
824
825 =head2 Sign by OpenSSL, verify by Crypt::PK::ECC
826
827 Create signature (from commandline):
828
829 openssl dgst -sha1 -sign eckey.priv.pem -out input.sha1-ec.sig input.data
830
831 Verify signature (Perl code):
832
833 use Crypt::PK::ECC;
834 use Crypt::Digest 'digest_file';
835 use File::Slurp 'read_file';
836
837 my $pkec = Crypt::PK::ECC->new("eckey.pub.pem");
838 my $signature = read_file("input.sha1-ec.sig", binmode=>':raw');
839 my $valid = $pkec->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5");
840 print $valid ? "SUCCESS" : "FAILURE";
841
842 =head2 Sign by Crypt::PK::ECC, verify by OpenSSL
843
844 Create signature (Perl code):
845
846 use Crypt::PK::ECC;
847 use Crypt::Digest 'digest_file';
848 use File::Slurp 'write_file';
849
850 my $pkec = Crypt::PK::ECC->new("eckey.priv.pem");
851 my $signature = $pkec->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5");
852 write_file("input.sha1-ec.sig", {binmode=>':raw'}, $signature);
853
854 Verify signature (from commandline):
855
856 openssl dgst -sha1 -verify eckey.pub.pem -signature input.sha1-ec.sig input.data
857
858 =head2 Keys generated by Crypt::PK::ECC
859
860 Generate keys (Perl code):
861
862 use Crypt::PK::ECC;
863 use File::Slurp 'write_file';
864
865 my $pkec = Crypt::PK::ECC->new;
866 $pkec->generate_key('secp160k1');
867 write_file("eckey.pub.der", {binmode=>':raw'}, $pkec->export_key_der('public'));
868 write_file("eckey.priv.der", {binmode=>':raw'}, $pkec->export_key_der('private'));
869 write_file("eckey.pub.pem", $pkec->export_key_pem('public'));
870 write_file("eckey.priv.pem", $pkec->export_key_pem('private'));
871 write_file("eckey-passwd.priv.pem", $pkec->export_key_pem('private', 'secret'));
872
873 Use keys by OpenSSL:
874
875 openssl ec -in eckey.priv.der -text -inform der
876 openssl ec -in eckey.priv.pem -text
877 openssl ec -in eckey-passwd.priv.pem -text -inform pem -passin pass:secret
878 openssl ec -in eckey.pub.der -pubin -text -inform der
879 openssl ec -in eckey.pub.pem -pubin -text
880
881 =head2 Keys generated by OpenSSL
882
883 Generate keys:
884
885 openssl ecparam -param_enc explicit -name prime192v3 -genkey -out eckey.priv.pem
886 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pub.pem -pubout
887 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.priv.der -outform der
888 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pub.der -outform der -pubout
889 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.privc.der -outform der -conv_form compressed
890 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pubc.der -outform der -pubout -conv_form compressed
891 openssl ec -param_enc explicit -in eckey.priv.pem -passout pass:secret -des3 -out eckey-passwd.priv.pem
892
893 B<IMPORTANT:> it is necessary to use C<-param_enc explicit> option
894
895 Load keys (Perl code):
896
897 use Crypt::PK::ECC;
898 use File::Slurp 'write_file';
899
900 my $pkec = Crypt::PK::ECC->new;
901 $pkec->import_key("eckey.pub.der");
902 $pkec->import_key("eckey.pubc.der");
903 $pkec->import_key("eckey.priv.der");
904 $pkec->import_key("eckey.privc.der");
905 $pkec->import_key("eckey.pub.pem");
906 $pkec->import_key("eckey.priv.pem");
907 $pkec->import_key("eckey-passwd.priv.pem", "secret");
908
818909 =head1 SEE ALSO
819910
820911 =over
+105
-0
t/openssl/ecc-test.pl less more
0 use strict;
1 use warnings;
2
3 sub runcmds {
4 my $cmds = shift;
5 for (split /\n/, $cmds) {
6 s/^\s*(.*?)\s*$/$1/;
7 warn "#### >$_<\n";
8 my $rv = system($_);
9 die "ERROR (rv = $rv)\n" if $rv;
10 }
11 }
12
13 sub doit {
14
15 ### sign openssl > cryptx
16 runcmds <<'MARKER';
17 openssl dgst -sha1 -sign eckey.priv.pem -out input.sha1-ec.sig input.data
18 MARKER
19
20 {
21 use Crypt::PK::ECC;
22 use Crypt::Digest 'digest_file';
23 use File::Slurp 'read_file';
24
25 my $pkec = Crypt::PK::ECC->new("eckey.pub.pem");
26 my $signature = read_file("input.sha1-ec.sig", binmode=>':raw');
27 my $valid = $pkec->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5");
28 print $valid ? "SUCCESS" : "FAILURE";
29 }
30
31 ### sign cryptx > openssl
32 {
33 use Crypt::PK::ECC;
34 use Crypt::Digest 'digest_file';
35 use File::Slurp 'write_file';
36
37 my $pkec = Crypt::PK::ECC->new("eckey.priv.pem");
38 my $signature = $pkec->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5");
39 write_file("input.sha1-ec.sig", {binmode=>':raw'}, $signature);
40 }
41
42 runcmds <<'MARKER';
43 openssl dgst -sha1 -verify eckey.pub.pem -signature input.sha1-ec.sig input.data
44 MARKER
45
46 }
47
48 ### MAIN ###
49
50 write_file("input.data", "test-file-content");
51
52 ### keys generated by cryptx
53 {
54 use Crypt::PK::ECC;
55 use File::Slurp 'write_file';
56
57 my $pkec = Crypt::PK::ECC->new;
58 $pkec->generate_key('secp160k1');
59 write_file("eckey.pub.der", {binmode=>':raw'}, $pkec->export_key_der('public'));
60 write_file("eckey.priv.der", {binmode=>':raw'}, $pkec->export_key_der('private'));
61 write_file("eckey.pub.pem", $pkec->export_key_pem('public'));
62 write_file("eckey.priv.pem", $pkec->export_key_pem('private'));
63 write_file("eckey-passwd.priv.pem", $pkec->export_key_pem('private', 'secret'));
64 }
65
66 runcmds <<'MARKER';
67 openssl ec -in eckey.priv.der -text -inform der
68 openssl ec -in eckey.priv.pem -text
69 openssl ec -in eckey-passwd.priv.pem -text -inform pem -passin pass:secret
70 openssl ec -in eckey.pub.der -pubin -text -inform der
71 openssl ec -in eckey.pub.pem -pubin -text
72 MARKER
73
74 doit();
75
76 ### keys generated by openssl
77
78 runcmds <<'MARKER';
79 openssl ecparam -param_enc explicit -name prime192v3 -genkey -out eckey.priv.pem
80 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pub.pem -pubout
81 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.priv.der -outform der
82 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pub.der -outform der -pubout
83 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.privc.der -outform der -conv_form compressed
84 openssl ec -param_enc explicit -in eckey.priv.pem -out eckey.pubc.der -outform der -pubout -conv_form compressed
85 openssl ec -param_enc explicit -in eckey.priv.pem -passout pass:secret -des3 -out eckey-passwd.priv.pem
86 MARKER
87
88 {
89 use Crypt::PK::ECC;
90 use File::Slurp 'write_file';
91
92 my $pkec = Crypt::PK::ECC->new;
93 $pkec->import_key("eckey.pub.der");
94 $pkec->import_key("eckey.pubc.der");
95 $pkec->import_key("eckey.priv.der");
96 $pkec->import_key("eckey.privc.der");
97 $pkec->import_key("eckey.pub.pem");
98 $pkec->import_key("eckey.priv.pem");
99 $pkec->import_key("eckey-passwd.priv.pem", "secret");
100 }
101
102 doit();
103
104 warn "\nSUCCESS\n";