SecurityTests/clxutils/importExport/importExportPkcs8Tool

   1 #! /bin/csh -f
   2 #
   3 # Run one iteration of PKCS8 portion of import/export tests.
   4 # Only used as a subroutine call from importExportPkcs8.
   5 #
   6 # Usage
   7 #   importExportPkcs8Tool rawKey p8key keychain pbe_vers pbe_alg keyAlg keySize quiet(YES|NO) noACL(YES|NO) p8Format(PEM|DER) securePhrase(YES|NO)
   8 #
   9 if ( $#argv != 11 ) then
  10         exit(1)
  11 endif
  12 set RAWKEY=$argv[1]
  13 set P8KEY=$argv[2]
  14 set KEYCHAIN=$argv[3]
  15 set PBE_VERS=$argv[4]
  16 set PBE_ALG=$argv[5]
  17 set KEY_ALG=$argv[6]
  18 set KEY_SIZE=$argv[7]
  19 set QUIET=$argv[8]
  20 set QUIET_ARG=
  21 if ($QUIET == YES) then
  22         set QUIET_ARG=-q
  23 endif
  24 set NOACL_ARG=
  25 if ($argv[9] == YES) then
  26         set NOACL_ARG=-n
  27 endif
  28 set FORMAT=$argv[10]
  29 set SECURE_PHRASE_ARG=
  30 if ($argv[11] == YES) then
  31         set SECURE_PHRASE_ARG=-Z
  32 endif
  33
  34 source setupCommon
  35
  36 set PASSWORD=foobar
  37 set OS_PWD_ARG="-passout pass:$PASSWORD"
  38
  39 #
  40 # convert raw private key to specified P8 form using openssl
  41 #
  42 set cmd="$RM -f $P8KEY"
  43 if ($QUIET == NO) then
  44         echo $cmd
  45 endif
  46 $cmd || exit(1)
  47 set cmd="$OPENSSL pkcs8 -topk8 -inform PEM -outform $FORMAT -in $RAWKEY -out $P8KEY $OS_PWD_ARG $PBE_VERS $PBE_ALG"
  48 if ($QUIET == NO) then
  49         echo $cmd
  50 endif
  51 $cmd || exit(1)
  52
  53 # empty the keychain
  54 if ($QUIET == NO) then
  55         echo $CLEANKC
  56 endif
  57 $CLEANKC || exit(1)
  58
  59 # import the p8
  60 set cmd="$KCIMPORT $P8KEY -k $KEYCHAIN -z $PASSWORD -f pkcs8 -K 1 $QUIET_ARG $NOACL_ARG $SECURE_PHRASE_ARG"
  61 if ($QUIET == NO) then
  62         echo $cmd
  63 endif
  64 $cmd || exit(1)
  65
  66 # verify by examining the keychain
  67 set cmd="$DBVERIFY $KEYCHAIN_PATH $KEY_ALG priv $KEY_SIZE $QUIET_ARG"
  68 if ($QUIET == NO) then
  69         echo $cmd
  70 endif
  71 $cmd || exit(1)