diff --git a/tests/tecdh b/tests/tecdh index 7969567e..7acf403f 100755 --- a/tests/tecdh +++ b/tests/tecdh @@ -10,4 +10,31 @@ pkeyutl -derive -inkey ${ECBASEURI} -peerkey ${ECPEERPUBURI} -out ${TMPPDIR}/secret.ecdh.bin' + +# Now test by forcing all operations on the token +title PARA "ECDH Exchange forcing PKCS11 Provider" +ORIG_OPENSSL_CONF=${OPENSSL_CONF} +sed -e "s/#MORECONF/alg_section = algorithm_sec\n\n[algorithm_sec]\ndefault_properties = ?provider=pkcs11/" \ + "${OPENSSL_CONF}" > "${OPENSSL_CONF}.forcetoken" +OPENSSL_CONF=${OPENSSL_CONF}.forcetoken +title PARA "ECDH Exchange forced: public key in file" +ossl ' +pkeyutl -derive -inkey ${ECBASEURI} + -peerkey ${TESTSSRCDIR}/testp256.pub.pem + -out ${TMPPDIR}/forced.pub.ecdh.bin' + +### Private EC Key import not supported yet +#title PARA "ECDH Exchange forced: private key in file" +#ossl ' +#pkeyutl -derive -inkey ${TESTSSRCDIR}/testp256.pri.pem +# -peerkey ${ECPEERPUBURI} +# -out ${TMPPDIR}/forced.pri.ecdh.bin' + +#title PARA "ECDH Exchange forced: both key in file" +#ossl ' +#pkeyutl -derive -inkey ${TESTSSRCDIR}/testp256.pri.pem +# -peerkey ${TESTSSRCDIR}/testp256.pub.pem +# -out ${TMPPDIR}/forced.both.ecdh.bin' +#OPENSSL_CONF=${ORIG_OPENSSL_CONF} + exit 0 diff --git a/tests/testp256.pri.pem b/tests/testp256.pri.pem new file mode 100644 index 00000000..35c65dd3 --- /dev/null +++ b/tests/testp256.pri.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQj80pwUNIHHjzQaJ +yP+vAPE8KPBmrVwafor5xar9sq+hRANCAATXOFIB00W2LsAwzDxBpg/uFzFu4uIK +5otxalZiroOusrSBYA/vS2MC/6vaR+zrdnxRlYoHIbhe7H+PlEHPuq/a +-----END PRIVATE KEY----- diff --git a/tests/testp256.pub.pem b/tests/testp256.pub.pem new file mode 100644 index 00000000..2a8c1f5d --- /dev/null +++ b/tests/testp256.pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1zhSAdNFti7AMMw8QaYP7hcxbuLi +CuaLcWpWYq6DrrK0gWAP70tjAv+r2kfs63Z8UZWKByG4Xux/j5RBz7qv2g== +-----END PUBLIC KEY-----