Skip to content

Commit

Permalink
Test signing with imported vs wrapped key
Browse files Browse the repository at this point in the history
  • Loading branch information
@qpernil
qpernil committed Jun 12, 2023
1 parent f7b2bf9 commit cc27bfe
Showing 1 changed file with 26 additions and 0 deletions.
26 changes: 26 additions & 0 deletions src/tests/wrapped_tests.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -282,11 +282,14 @@ put_yhwrapped_asymmetric_eddsa() {
return
fi

local -r edkeyid="0xeded"
local -r wrapid="0xdead"
local -r wrapkey="$TMPDIR/${FUNCNAME[0]}_wrapkey"
local -r keyid="0xfefe"
local -r keyfile="$TMPDIR/${FUNCNAME[0]}_keyfile.pem"
local -r keyfilew="$TMPDIR/${FUNCNAME[0]}_keyfile.wrapped"
local -r sigfile1="$TMPDIR/${FUNCNAME[0]}_sig_1"
local -r sigfile2="$TMPDIR/${FUNCNAME[0]}_sig_2"

$YHSHELL --action="get-object-info" --password="password" --authkey="1" \
--object-id="$wrapid" --object-type="wrap-key" && {
Expand All @@ -310,6 +313,23 @@ put_yhwrapped_asymmetric_eddsa() {
}
echo "${FUNCNAME[0]}: creating ed key"
openssl genpkey -algorithm Ed25519 -out "$keyfile"

$YHSHELL --action="get-object-info" --password="password" --authkey="1" \
--object-id="$edkeyid" --object-type="asymmetric-key" && {
echo "${FUNCNAME[0]}: delete imported ed key"
$YHSHELL --action="delete-object" --password="password" --authkey="1" \
--object-id="$edkeyid" --object-type="asymmetric-key"
}
echo "${FUNCNAME[0]}: importing ed key"
$YHSHELL --action="put-asymmetric-key" --password="password" --authkey="1" \
--object-id="$edkeyid" --label="${FUNCNAME[0]}" --domains="all" \
--capabilities="all" \
--in="$keyfile" --informat="binary"

echo "${FUNCNAME[0]}: signing with ed key"
rm -f $sigfile1
$YHSHELL --action="sign-eddsa" --object-id="$edkeyid" --algorithm="ed25519" --in="$wrapkey" --out="$sigfile1" --password="password"

$YHWRAP --algorithm="ed25519" \
--capabilities="all" --delegated="all" \
--domains="all" --id="$keyid" --in="$keyfile" \
Expand All @@ -325,6 +345,12 @@ put_yhwrapped_asymmetric_eddsa() {
--object-id="$keyid" --out="$keyfile.pub.shell"

diff -u "$keyfile.pub" "$keyfile.pub.shell"

echo "${FUNCNAME[0]}: signing with wrapped ed key"
rm -f "$sigfile2"
$YHSHELL --action="sign-eddsa" --object-id="$keyid" --algorithm="ed25519" --in="$wrapkey" --out="$sigfile2" --password="password"

diff -u "$sigfile1" "$sigfile2"
}

main() {
Expand Down

0 comments on commit cc27bfe

Please sign in to comment.