--- /dev/null
+#! /bin/csh -f
+#
+# Run import/export tests for raw key pairs.
+#
+# Run this from SecurityTests/clxutils/importExport. The
+# kcImport and kcExport programs must exist in the location
+# specified by the LOCAL_BUILD_DIR env var.
+#
+
+source setupCommon
+
+set KEYSUBTOOL=./importExportKeyTool
+
+# RSA key pair, BSAFE format, generated by rsatool
+set RSA_KEY_BSAFE=${BUILD_DIR}/rsaBsafe
+set RSA_PUB_KEY_BSAFE=${RSA_KEY_BSAFE}_pub.der
+set RSA_PRIV_KEY_BSAFE=${RSA_KEY_BSAFE}_priv.der
+
+# RSA key pair, openssl format, generated by rsatool
+set RSA_KEY_OPENSSL=${BUILD_DIR}/rsaOpenssl
+set RSA_PUB_KEY_OPENSSL=${RSA_KEY_OPENSSL}_pub.der
+set RSA_PRIV_KEY_OPENSSL=${RSA_KEY_OPENSSL}_priv.der
+
+# DSA key pair, BSAFE format, generated by rsatool
+set DSA_KEY_BSAFE=${BUILD_DIR}/dsaBsafe
+set DSA_PUB_KEY_BSAFE=${DSA_KEY_BSAFE}_pub.der
+set DSA_PRIV_KEY_BSAFE=${DSA_KEY_BSAFE}_priv.der
+
+# DSA key pair, openssl format, generated by rsatool
+set DSA_KEY_OPENSSL=${BUILD_DIR}/dsaOpenssl
+set DSA_PUB_KEY_OPENSSL=${DSA_KEY_OPENSSL}_pub.der
+set DSA_PRIV_KEY_OPENSSL=${DSA_KEY_OPENSSL}_priv.der
+
+# RSA private key, generated by openssl, PEM format
+set RSA_PRIV_KEY_PEM=${RSA_PRIV_KEY_OPENSSL}.pem
+
+# DSA parameters
+set DSA_PARAMS_512_DER=dsaParams_512.der
+set DSA_PARAMS_512_PEM=dsaParamOpenssl.pem
+
+# ECDSA key pair, pub=X509, priv=pkcs8, generated by rsatool
+set ECDSA_KEY_BASE=${BUILD_DIR}/ecdsaBase
+set ECDSA_PUB_KEY=${ECDSA_KEY_BASE}_pub.der
+set ECDSA_PRIV_KEY=${ECDSA_KEY_BASE}_priv.der
+set ECDSA_KEY_SIZE=256
+
+# user specified variables
+set QUIET=NO
+set KEYSIZE=512
+set NOACL=NO
+set NOACL_ARG=
+set NOCLEAN=NO
+set NOCLEAN_ARG=
+#
+# Verify existence of a few crucial things before we start.
+#
+if( ( ! -e $KCIMPORT ) || \
+ ( ! -e $KCEXPORT ) || \
+ ( ! -e $RSATOOL) ) then
+ echo === You do not seem to have all of the required executables.
+ echo === Please build all of cspxutils and clxutils.
+ echo === See the README files in those directories for info.
+ exit(1)
+endif
+
+# user options
+
+while ( $#argv > 0 )
+ switch ( "$argv[1]" )
+ case q:
+ set QUIET=YES
+ shift
+ breaksw
+ case n:
+ set NOACL=YES
+ set NOACL_ARG=-n
+ shift
+ breaksw
+ case N:
+ set NOCLEAN=YES
+ set NOCLEAN_ARG=N
+ shift
+ breaksw
+ default:
+ echo Usage: importExportRawKey \[q\(uiet\)\] \[n\(oACL\)\] \[N\(oClean\)\]
+ exit(1)
+ endsw
+end
+
+echo === Begin Raw Key Pair test ===
+if ($QUIET == NO) then
+ echo $CLEANKC
+endif
+$CLEANKC || exit(1)
+
+###
+### Basic RSA key pair testing, openssl generated
+###
+
+# Create RSA key pair using openssl
+# private keys are only generated in PEM format
+if ($QUIET == NO) then
+ echo === RSA key pair testing, openssl generated ===
+ echo Creating RSA key pair using openssl...
+endif
+set cmd="$RM -f $RSA_PRIV_KEY_PEM $RSA_PRIV_KEY_OPENSSL"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$OPENSSL genrsa -out $RSA_PRIV_KEY_PEM $KEYSIZE"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd >& /dev/null || exit(1)
+set cmd="$BUILD_DIR/pemtool d $RSA_PRIV_KEY_PEM $RSA_PRIV_KEY_OPENSSL q"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$OPENSSL rsa -inform PEM -outform DER -in $RSA_PRIV_KEY_PEM -out $RSA_PUB_KEY_OPENSSL -pubout"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd >& /dev/null || exit(1)
+
+$KEYSUBTOOL $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
+
+
+###
+### Basic RSA key pair testing, BSAFE format
+###
+
+# Create RSA key pair in BSAFE format
+if ($QUIET == NO) then
+ echo === RSA key pair testing, BSAFE format ===
+ echo Creating RSA key pair in BSAFE format...
+endif
+set cmd="$RM -f $RSA_PUB_KEY_BSAFE $RSA_PRIV_KEY_BSAFE"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$RSATOOL g k=$RSA_KEY_BSAFE z=$KEYSIZE b=1 v=8 q"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+
+$KEYSUBTOOL $RSA_PUB_KEY_BSAFE $RSA_PRIV_KEY_BSAFE $KEYCHAIN bsafe $QUIET $NOACL $NOCLEAN || exit(1)
+
+###
+### Basic RSA key pair testing, openssl format
+###
+
+# Create RSA key pair in openssl format
+if ($QUIET == NO) then
+ echo === RSA key pair testing, OpenSSL format ===
+ echo Creating RSA key pair in OpenSSL format...
+endif
+set cmd="$RM -f $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$RSATOOL g k=$RSA_KEY_OPENSSL z=$KEYSIZE b=x v=1 q"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+
+$KEYSUBTOOL $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
+
+###
+### Basic DSA key pair testing, BSAFE format
+###
+
+if ($QUIET == NO) then
+ echo === DSA key pair testing, BSAFE format ===
+ echo Creating DSA key pair in BSAFE format...
+endif
+set cmd="$RM -f $DSA_PUB_KEY_BSAFE $DSA_PRIV_KEY_BSAFE"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$RSATOOL g a=d k=$DSA_KEY_BSAFE z=$KEYSIZE b=b v=b m=$DSA_PARAMS_512_DER q"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+
+$KEYSUBTOOL $DSA_PUB_KEY_BSAFE $DSA_PRIV_KEY_BSAFE $KEYCHAIN bsafe $QUIET $NOACL $NOCLEAN || exit(1)
+
+###
+### Basic DSA key pair testing, openssl format
+###
+
+# Create DSA key pair in openssl format
+if ($QUIET == NO) then
+ echo === DSA key pair testing, OpenSSL format ===
+ echo Creating DSA key pair in OpenSSL format...
+endif
+set cmd="$RM -f $DSA_PUB_KEY_OPENSSL $DSA_PRIV_KEY_OPENSSL"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$RSATOOL g a=d k=$DSA_KEY_OPENSSL z=$KEYSIZE b=x v=o m=$DSA_PARAMS_512_DER q"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+
+$KEYSUBTOOL $DSA_PUB_KEY_OPENSSL $DSA_PRIV_KEY_OPENSSL $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
+
+###
+### Basic ECDSA key pair testing, default format
+###
+
+# Create ECDSA key pair
+if ($QUIET == NO) then
+ echo === ECDSA key pair testing, default format ===
+ echo Creating ECDSA key pair in default format...
+endif
+set cmd="$RM -f $ECDSA_PUB_KEY $ECDSA_PRIV_KEY"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+set cmd="$RSATOOL g a=e k=$ECDSA_KEY_BASE z=$ECDSA_KEY_SIZE q"
+if ($QUIET == NO) then
+ echo $cmd
+endif
+$cmd || exit(1)
+
+$KEYSUBTOOL $ECDSA_PUB_KEY $ECDSA_PRIV_KEY $KEYCHAIN openssl $QUIET $NOACL $NOCLEAN || exit(1)
+
+
+# clean up
+if ($NOCLEAN == NO) then
+ set cmd1="rm -f $RSA_KEY_BSAFE $RSA_PUB_KEY_BSAFE $RSA_PRIV_KEY_BSAFE $RSA_KEY_OPENSSL $RSA_PUB_KEY_OPENSSL $RSA_PRIV_KEY_OPENSSL"
+ set cmd2="rm -f $DSA_KEY_BSAFE $DSA_PUB_KEY_BSAFE $DSA_PRIV_KEY_BSAFE $DSA_KEY_OPENSSL $DSA_PUB_KEY_OPENSSL $DSA_PRIV_KEY_OPENSSL $RSA_PRIV_KEY_PEM"
+ set cmd3="rm -f $ECDSA_PUB_KEY $ECDSA_PRIV_KEY"
+ if ($QUIET == NO) then
+ echo $cmd1
+ echo $cmd2
+ echo $cmd3
+ endif
+ $cmd1 || exit(1)
+ $cmd2 || exit(1)
+ $cmd3 || exit(1)
+endif
+
+if ($QUIET == NO) then
+ echo === Raw Key Pair test complete ===
+endif
+
projects / apple / security.git / blobdiff