]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/importExport/importExportRawKey
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / SecurityTests / clxutils / importExport / importExportRawKey
1 #! /bin/csh -f
2 #
3 # Run import/export tests for raw key pairs.
4 #
5 # Run this from SecurityTests/clxutils/importExport. The
6 # kcImport and kcExport programs must exist in the location
7 # specified by the LOCAL_BUILD_DIR env var.
8 #
9
10 source setupCommon
11
12 set KEYSUBTOOL=./importExportKeyTool
13
14 # RSA key pair, BSAFE format, generated by rsatool
15 set RSA_KEY_BSAFE=${BUILD_DIR}/rsaBsafe
16 set RSA_PUB_KEY_BSAFE=${RSA_KEY_BSAFE}_pub.der
17 set RSA_PRIV_KEY_BSAFE=${RSA_KEY_BSAFE}_priv.der
18
19 # RSA key pair, openssl format, generated by rsatool
20 set RSA_KEY_OPENSSL=${BUILD_DIR}/rsaOpenssl
21 set RSA_PUB_KEY_OPENSSL=${RSA_KEY_OPENSSL}_pub.der
22 set RSA_PRIV_KEY_OPENSSL=${RSA_KEY_OPENSSL}_priv.der
23
24 # DSA key pair, BSAFE format, generated by rsatool
25 set DSA_KEY_BSAFE=${BUILD_DIR}/dsaBsafe
26 set DSA_PUB_KEY_BSAFE=${DSA_KEY_BSAFE}_pub.der
27 set DSA_PRIV_KEY_BSAFE=${DSA_KEY_BSAFE}_priv.der
28
29 # DSA key pair, openssl format, generated by rsatool
30 set DSA_KEY_OPENSSL=${BUILD_DIR}/dsaOpenssl
31 set DSA_PUB_KEY_OPENSSL=${DSA_KEY_OPENSSL}_pub.der
32 set DSA_PRIV_KEY_OPENSSL=${DSA_KEY_OPENSSL}_priv.der
33
34 # RSA private key, generated by openssl, PEM format
35 set RSA_PRIV_KEY_PEM=${RSA_PRIV_KEY_OPENSSL}.pem
36
37 # DSA parameters
38 set DSA_PARAMS_512_DER=dsaParams_512.der
39 set DSA_PARAMS_512_PEM=dsaParamOpenssl.pem
40
41 # ECDSA key pair, pub=X509, priv=pkcs8, generated by rsatool
42 set ECDSA_KEY_BASE=${BUILD_DIR}/ecdsaBase
43 set ECDSA_PUB_KEY=${ECDSA_KEY_BASE}_pub.der
44 set ECDSA_PRIV_KEY=${ECDSA_KEY_BASE}_priv.der
45 set ECDSA_KEY_SIZE=256
46
47 # user specified variables
48 set QUIET=NO
49 set KEYSIZE=512
50 set NOACL=NO
51 set NOACL_ARG=
52 set NOCLEAN=NO
53 set NOCLEAN_ARG=
54 #
55 # Verify existence of a few crucial things before we start.
56 #
57 if( ( ! -e $KCIMPORT ) || \
58 ( ! -e $KCEXPORT ) || \
59 ( ! -e $RSATOOL) ) then
60 echo === You do not seem to have all of the required executables.
61 echo === Please build all of cspxutils and clxutils.
62 echo === See the README files in those directories for info.
63 exit(1)
64 endif
65
66 # user options
67
68 while ( $#argv > 0 )
69 switch ( "$argv[1]" )
70 case q:
71 set QUIET=YES
72 shift
73 breaksw
74 case n:
75 set NOACL=YES
76 set NOACL_ARG=-n
77 shift
78 breaksw
79 case N:
80 set NOCLEAN=YES
81 set NOCLEAN_ARG=N
82 shift
83 breaksw
84 default:
85 echo Usage: importExportRawKey \[q\(uiet\)\] \[n\(oACL\)\] \[N\(oClean\)\]
86 exit(1)
87 endsw
88 end
89
90 echo === Begin Raw Key Pair test ===
91 if ($QUIET == NO) then
92 echo $CLEANKC
93 endif
94 $CLEANKC || exit(1)
95
96 ###
97 ### Basic RSA key pair testing, openssl generated
98 ###
99
100 # Create RSA key pair using openssl
101 # private keys are only generated in PEM format
102 if ($QUIET == NO) then
103 echo === RSA key pair testing, openssl generated ===
104 echo Creating RSA key pair using openssl...
105 endif
106 set cmd="$RM -f $RSA_PRIV_KEY_PEM $RSA_PRIV_KEY_OPENSSL"
107 if ($QUIET == NO) then
108 echo $cmd
109 endif
110 $cmd || exit(1)
111 set cmd="$OPENSSL genrsa -out $RSA_PRIV_KEY_PEM $KEYSIZE"
112 if ($QUIET == NO) then
113 echo $cmd
114 endif
115 $cmd >& /dev/null || exit(1)
116 set cmd="$BUILD_DIR/pemtool d $RSA_PRIV_KEY_PEM $RSA_PRIV_KEY_OPENSSL q"
117 if ($QUIET == NO) then
118 echo $cmd
119 endif
120 $cmd || exit(1)
121 set cmd="$OPENSSL rsa -inform PEM -outform DER -in $RSA_PRIV_KEY_PEM -out $RSA_PUB_KEY_OPENSSL -pubout"
122 if ($QUIET == NO) then
123 echo $cmd
124 endif
125 $cmd >& /dev/null || exit(1)
126
127 $KEYSUBTOOL $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
128
129
130 ###
131 ### Basic RSA key pair testing, BSAFE format
132 ###
133
134 # Create RSA key pair in BSAFE format
135 if ($QUIET == NO) then
136 echo === RSA key pair testing, BSAFE format ===
137 echo Creating RSA key pair in BSAFE format...
138 endif
139 set cmd="$RM -f $RSA_PUB_KEY_BSAFE $RSA_PRIV_KEY_BSAFE"
140 if ($QUIET == NO) then
141 echo $cmd
142 endif
143 $cmd || exit(1)
144 set cmd="$RSATOOL g k=$RSA_KEY_BSAFE z=$KEYSIZE b=1 v=8 q"
145 if ($QUIET == NO) then
146 echo $cmd
147 endif
148 $cmd || exit(1)
149
150 $KEYSUBTOOL $RSA_PUB_KEY_BSAFE $RSA_PRIV_KEY_BSAFE $KEYCHAIN bsafe $QUIET $NOACL $NOCLEAN || exit(1)
151
152 ###
153 ### Basic RSA key pair testing, openssl format
154 ###
155
156 # Create RSA key pair in openssl format
157 if ($QUIET == NO) then
158 echo === RSA key pair testing, OpenSSL format ===
159 echo Creating RSA key pair in OpenSSL format...
160 endif
161 set cmd="$RM -f $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL"
162 if ($QUIET == NO) then
163 echo $cmd
164 endif
165 $cmd || exit(1)
166 set cmd="$RSATOOL g k=$RSA_KEY_OPENSSL z=$KEYSIZE b=x v=1 q"
167 if ($QUIET == NO) then
168 echo $cmd
169 endif
170 $cmd || exit(1)
171
172 $KEYSUBTOOL $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
173
174 ###
175 ### Basic DSA key pair testing, BSAFE format
176 ###
177
178 if ($QUIET == NO) then
179 echo === DSA key pair testing, BSAFE format ===
180 echo Creating DSA key pair in BSAFE format...
181 endif
182 set cmd="$RM -f $DSA_PUB_KEY_BSAFE $DSA_PRIV_KEY_BSAFE"
183 if ($QUIET == NO) then
184 echo $cmd
185 endif
186 $cmd || exit(1)
187 set cmd="$RSATOOL g a=d k=$DSA_KEY_BSAFE z=$KEYSIZE b=b v=b m=$DSA_PARAMS_512_DER q"
188 if ($QUIET == NO) then
189 echo $cmd
190 endif
191 $cmd || exit(1)
192
193 $KEYSUBTOOL $DSA_PUB_KEY_BSAFE $DSA_PRIV_KEY_BSAFE $KEYCHAIN bsafe $QUIET $NOACL $NOCLEAN || exit(1)
194
195 ###
196 ### Basic DSA key pair testing, openssl format
197 ###
198
199 # Create DSA key pair in openssl format
200 if ($QUIET == NO) then
201 echo === DSA key pair testing, OpenSSL format ===
202 echo Creating DSA key pair in OpenSSL format...
203 endif
204 set cmd="$RM -f $DSA_PUB_KEY_OPENSSL $DSA_PRIV_KEY_OPENSSL"
205 if ($QUIET == NO) then
206 echo $cmd
207 endif
208 $cmd || exit(1)
209 set cmd="$RSATOOL g a=d k=$DSA_KEY_OPENSSL z=$KEYSIZE b=x v=o m=$DSA_PARAMS_512_DER q"
210 if ($QUIET == NO) then
211 echo $cmd
212 endif
213 $cmd || exit(1)
214
215 $KEYSUBTOOL $DSA_PUB_KEY_OPENSSL $DSA_PRIV_KEY_OPENSSL $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
216
217 ###
218 ### Basic ECDSA key pair testing, default format
219 ###
220
221 # Create ECDSA key pair
222 if ($QUIET == NO) then
223 echo === ECDSA key pair testing, default format ===
224 echo Creating ECDSA key pair in default format...
225 endif
226 set cmd="$RM -f $ECDSA_PUB_KEY $ECDSA_PRIV_KEY"
227 if ($QUIET == NO) then
228 echo $cmd
229 endif
230 $cmd || exit(1)
231 set cmd="$RSATOOL g a=e k=$ECDSA_KEY_BASE z=$ECDSA_KEY_SIZE q"
232 if ($QUIET == NO) then
233 echo $cmd
234 endif
235 $cmd || exit(1)
236
237 $KEYSUBTOOL $ECDSA_PUB_KEY $ECDSA_PRIV_KEY $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
238
239
240 # clean up
241 if ($NOCLEAN == NO) then
242 set cmd1="rm -f $RSA_KEY_BSAFE $RSA_PUB_KEY_BSAFE $RSA_PRIV_KEY_BSAFE $RSA_KEY_OPENSSL $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL"
243 set cmd2="rm -f $DSA_KEY_BSAFE $DSA_PUB_KEY_BSAFE $DSA_PRIV_KEY_BSAFE $DSA_KEY_OPENSSL $DSA_PUB_KEY_OPENSSL $DSA_PRIV_KEY_OPENSSL $RSA_PRIV_KEY_PEM"
244 set cmd3="rm -f $ECDSA_PUB_KEY $ECDSA_PRIV_KEY"
245 if ($QUIET == NO) then
246 echo $cmd1
247 echo $cmd2
248 echo $cmd3
249 endif
250 $cmd1 || exit(1)
251 $cmd2 || exit(1)
252 $cmd3 || exit(1)
253 endif
254
255 if ($QUIET == NO) then
256 echo === Raw Key Pair test complete ===
257 endif
258
mirror of Security