]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/importExport/importExportPkcs8Tool
Security-57031.30.12.tar.gz
[apple/security.git] / SecurityTests / clxutils / importExport / importExportPkcs8Tool
1 #! /bin/csh -f
2 #
3 # Run one iteration of PKCS8 portion of import/export tests.
4 # Only used as a subroutine call from importExportPkcs8.
5 #
6 # Usage
7 # importExportPkcs8Tool rawKey p8key keychain pbe_vers pbe_alg keyAlg keySize quiet(YES|NO) noACL(YES|NO) p8Format(PEM|DER) securePhrase(YES|NO)
8 #
9 if ( $#argv != 11 ) then
10 exit(1)
11 endif
12 set RAWKEY=$argv[1]
13 set P8KEY=$argv[2]
14 set KEYCHAIN=$argv[3]
15 set PBE_VERS=$argv[4]
16 set PBE_ALG=$argv[5]
17 set KEY_ALG=$argv[6]
18 set KEY_SIZE=$argv[7]
19 set QUIET=$argv[8]
20 set QUIET_ARG=
21 if ($QUIET == YES) then
22 set QUIET_ARG=-q
23 endif
24 set NOACL_ARG=
25 if ($argv[9] == YES) then
26 set NOACL_ARG=-n
27 endif
28 set FORMAT=$argv[10]
29 set SECURE_PHRASE_ARG=
30 if ($argv[11] == YES) then
31 set SECURE_PHRASE_ARG=-Z
32 endif
33
34 source setupCommon
35
36 set PASSWORD=foobar
37 set OS_PWD_ARG="-passout pass:$PASSWORD"
38
39 #
40 # convert raw private key to specified P8 form using openssl
41 #
42 set cmd="$RM -f $P8KEY"
43 if ($QUIET == NO) then
44 echo $cmd
45 endif
46 $cmd || exit(1)
47 set cmd="$OPENSSL pkcs8 -topk8 -inform PEM -outform $FORMAT -in $RAWKEY -out $P8KEY $OS_PWD_ARG $PBE_VERS $PBE_ALG"
48 if ($QUIET == NO) then
49 echo $cmd
50 endif
51 $cmd || exit(1)
52
53 # empty the keychain
54 if ($QUIET == NO) then
55 echo $CLEANKC
56 endif
57 $CLEANKC || exit(1)
58
59 # import the p8
60 set cmd="$KCIMPORT $P8KEY -k $KEYCHAIN -z $PASSWORD -f pkcs8 -K 1 $QUIET_ARG $NOACL_ARG $SECURE_PHRASE_ARG"
61 if ($QUIET == NO) then
62 echo $cmd
63 endif
64 $cmd || exit(1)
65
66 # verify by examining the keychain
67 set cmd="$DBVERIFY $KEYCHAIN_PATH $KEY_ALG priv $KEY_SIZE $QUIET_ARG"
68 if ($QUIET == NO) then
69 echo $cmd
70 endif
71 $cmd || exit(1)