add test for decrypting binary data of key size.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3214 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
0d4ee51976
commit
e9b29d1019
|
@ -3,11 +3,11 @@
|
|||
MAINTAINERCLEANFILES = Makefile.in
|
||||
|
||||
EXTRA_DIST = \
|
||||
crypt0001 crypt0002 crypt0003 crypt0004 crypt0005 crypt0006 \
|
||||
crypt0001 crypt0002 crypt0003 crypt0004 crypt0005 crypt0006 crypt0007 \
|
||||
init0001 init0002 init0003 init0004 init0005 init0006 \
|
||||
init0007 init0008 init0009 init0010 init0011 init0012 \
|
||||
pin0001 pin0002 \
|
||||
erase functions README run-all test.p12
|
||||
erase functions README run-all test.p12 bintest
|
||||
|
||||
# remove log files from regression tests
|
||||
maintainer-clean-local:
|
||||
|
|
Binary file not shown.
|
@ -0,0 +1,80 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# This test checks various aspects of RSA decryption
|
||||
#
|
||||
# It needs a card with a private key+certificate pair at ID 45
|
||||
#
|
||||
# Run this from the regression test directory.
|
||||
|
||||
. functions
|
||||
|
||||
msg <<EOF
|
||||
:::
|
||||
::: Testing on-card decryption facilities (1048 bit)
|
||||
:::
|
||||
EOF
|
||||
|
||||
o=$p15temp/plaintext
|
||||
e=$p15temp/encrypted
|
||||
d=$p15temp/decrypted
|
||||
p=$p15temp/key.pem
|
||||
|
||||
p15_init --no-so-pin
|
||||
p15_set_pin -a 01
|
||||
|
||||
suppress_error_msg="Key length/algorithm not supported by card"
|
||||
if p15_gen_key rsa/1048 --id 45 --key-usage decrypt -a 01; then
|
||||
msg "Extracting public key"
|
||||
run_check_status $p15tool --read-public-key 45 -o $p
|
||||
|
||||
msg "Encrypting message (128 byte)"
|
||||
dd if=bintest of=$o bs=128 count=1
|
||||
run_check_status openssl rsautl -pubin -inkey $p -encrypt -in $o -out $e
|
||||
p15_crypt -c -i $e -o $d
|
||||
cmp $o $d || fail "Decrypted file does not match plain text file"
|
||||
success
|
||||
else
|
||||
msg ""
|
||||
msg "The card doesn't seem to support 1024 bit RSA key generation."
|
||||
msg "Skipping test !"
|
||||
msg ""
|
||||
fi
|
||||
|
||||
p15_erase --secret @01=0000
|
||||
|
||||
msg <<EOF
|
||||
:::
|
||||
::: Store a 1024 bit RSA on the card and test it.
|
||||
:::
|
||||
EOF
|
||||
|
||||
k=$p15temp/private.pem
|
||||
p=$p15temp/public.pem
|
||||
|
||||
msg "Generating key pair off the card"
|
||||
run_check_status openssl genrsa -out $k -f4 1024
|
||||
run_check_status openssl rsa -in $k -out $p -pubout
|
||||
|
||||
p15_init --no-so-pin
|
||||
p15_set_pin -a 01
|
||||
|
||||
suppress_error_msg="Key length/algorithm not supported by card"
|
||||
if p15_store_key $k -a 01 -u decrypt; then
|
||||
msg "Extracting public key"
|
||||
run_check_status $p15tool --read-public-key 45 -o $p
|
||||
|
||||
msg "Encrypting message (128 bytes)"
|
||||
dd if=bintest of=$o bs=128 count=1
|
||||
run_check_status openssl rsautl -pubin -inkey $p -encrypt -in $o -out $e
|
||||
p15_crypt -c -i $e -o $d
|
||||
cmp $o $d || fail "Decrypted file does not match plain text file"
|
||||
success
|
||||
else
|
||||
msg ""
|
||||
msg "The card doesn't seem to support 1024 bit RSA keys."
|
||||
msg "Skipping test !"
|
||||
msg ""
|
||||
fi
|
||||
|
||||
p15_erase --secret @01=0000
|
||||
|
Loading…
Reference in New Issue