Skip to content

Commit

Permalink
Add test to force ECDH on the token
Browse files Browse the repository at this point in the history
Among other things this tests that a public key sourced by a PEM file
gets correctly imported in the token for the on-token ECDH operation.

Signed-off-by: Simo Sorce <[email protected]>
  • Loading branch information
simo5 committed Aug 1, 2024
1 parent 53f9c03 commit 30fd200
Show file tree
Hide file tree
Showing 4 changed files with 37 additions and 0 deletions.
1 change: 1 addition & 0 deletions .reuse/dep5
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ Files: .github/*
docs/*
tests/lsan.supp
tools/openssl*.cnf
tests/*.pem
Copyright: (C) 2022 Simo Sorce <[email protected]>
License: Apache-2.0

Expand Down
27 changes: 27 additions & 0 deletions tests/tecdh
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,31 @@ pkeyutl -derive -inkey ${ECBASEURI}
-peerkey ${ECPEERPUBURI}
-out ${TMPPDIR}/secret.ecdh.bin'


# Now test by forcing all operations on the token
title PARA "ECDH Exchange forcing PKCS11 Provider"
ORIG_OPENSSL_CONF=${OPENSSL_CONF}
sed -e "s/#MORECONF/alg_section = algorithm_sec\n\n[algorithm_sec]\ndefault_properties = ?provider=pkcs11/" \
"${OPENSSL_CONF}" > "${OPENSSL_CONF}.forcetoken"
OPENSSL_CONF=${OPENSSL_CONF}.forcetoken
title PARA "ECDH Exchange forced: public key in file"
ossl '
pkeyutl -derive -inkey ${ECBASEURI}
-peerkey ${TESTSSRCDIR}/testp256.pub.pem
-out ${TMPPDIR}/forced.pub.ecdh.bin'

### Private EC Key import not supported yet
#title PARA "ECDH Exchange forced: private key in file"
#ossl '
#pkeyutl -derive -inkey ${TESTSSRCDIR}/testp256.pri.pem
# -peerkey ${ECPEERPUBURI}
# -out ${TMPPDIR}/forced.pri.ecdh.bin'

#title PARA "ECDH Exchange forced: both key in file"
#ossl '
#pkeyutl -derive -inkey ${TESTSSRCDIR}/testp256.pri.pem
# -peerkey ${TESTSSRCDIR}/testp256.pub.pem
# -out ${TMPPDIR}/forced.both.ecdh.bin'
OPENSSL_CONF=${ORIG_OPENSSL_CONF}

exit 0
5 changes: 5 additions & 0 deletions tests/testp256.pri.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQj80pwUNIHHjzQaJ
yP+vAPE8KPBmrVwafor5xar9sq+hRANCAATXOFIB00W2LsAwzDxBpg/uFzFu4uIK
5otxalZiroOusrSBYA/vS2MC/6vaR+zrdnxRlYoHIbhe7H+PlEHPuq/a
-----END PRIVATE KEY-----
4 changes: 4 additions & 0 deletions tests/testp256.pub.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1zhSAdNFti7AMMw8QaYP7hcxbuLi
CuaLcWpWYq6DrrK0gWAP70tjAv+r2kfs63Z8UZWKByG4Xux/j5RBz7qv2g==
-----END PUBLIC KEY-----

0 comments on commit 30fd200

Please sign in to comment.