summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2011-11-10 21:51:25 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2011-11-10 22:13:41 +0100
commited4a698e12478e1c70f48de7ecf7f1e0e135e600 (patch)
tree2d4375c5c7fd9dd56d56a961f92dc6a60acbe5ca
parent9348de433ee9fe249d88c446303c074c26a51f23 (diff)
downloadgnutls-ed4a698e12478e1c70f48de7ecf7f1e0e135e600.tar.gz
Added ECDSA key generation, signing and verification tests.
-rw-r--r--tests/Makefile.am2
-rw-r--r--tests/ecdsa/Makefile.am28
-rwxr-xr-xtests/ecdsa/ecdsa85
3 files changed, 114 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index c1e332cf2b..13b8f7c87e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -20,7 +20,7 @@
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \
- userid pathlen key-id sha2 safe-renegotiation dsa scripts
+ userid pathlen key-id sha2 safe-renegotiation dsa scripts ecdsa
if ENABLE_OPENPGP
SUBDIRS += openpgp-certs
diff --git a/tests/ecdsa/Makefile.am b/tests/ecdsa/Makefile.am
new file mode 100644
index 0000000000..9be864e02e
--- /dev/null
+++ b/tests/ecdsa/Makefile.am
@@ -0,0 +1,28 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2007, 2008, 2010 Free Software Foundation, Inc.
+#
+# Author: Simon Josefsson
+#
+# This file is part of GnuTLS.
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+EXTRA_DIST =
+
+dist_check_SCRIPTS = ecdsa
+
+TESTS = ecdsa
+
+TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT)
diff --git a/tests/ecdsa/ecdsa b/tests/ecdsa/ecdsa
new file mode 100755
index 0000000000..20ea747558
--- /dev/null
+++ b/tests/ecdsa/ecdsa
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+# Copyright (C) 2011 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+#set -e
+
+srcdir=${srcdir:-.}
+CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
+
+echo ca > template
+echo cn = "ECDSA SHA 256 CA" >> template
+
+$CERTTOOL --generate-privkey --ecc > key-ca-ecdsa.pem
+
+$CERTTOOL -d 2 --generate-self-signed --template template \
+ --load-privkey key-ca-ecdsa.pem \
+ --outfile new-ca-ecdsa.pem \
+ --hash sha256 >out 2>&1
+
+if [ $? != 0 ];then
+ cat out
+ exit 1
+fi
+
+echo ca > template
+$CERTTOOL --generate-privkey --ecc > key-subca-ecdsa.pem
+echo cn = "ECDSA SHA 224 Mid CA" >> template
+
+$CERTTOOL -d 2 --generate-certificate --template template \
+ --load-ca-privkey key-ca-ecdsa.pem \
+ --load-ca-certificate new-ca-ecdsa.pem \
+ --load-privkey key-subca-ecdsa.pem \
+ --outfile new-subca-ecdsa.pem \
+ --hash sha224 >out 2>&1
+
+if [ $? != 0 ];then
+ cat out
+ exit 1
+fi
+
+echo cn = "End-user" > template
+
+$CERTTOOL --generate-privkey --ecc > key-ecdsa.pem
+
+$CERTTOOL -d 2 --generate-certificate --template template \
+ --load-ca-privkey key-subca-ecdsa.pem \
+ --load-ca-certificate new-subca-ecdsa.pem \
+ --load-privkey key-ecdsa.pem \
+ --outfile new-user.pem >out 2>&1
+
+if [ $? != 0 ];then
+ cat out
+ exit 1
+fi
+
+cat new-user.pem new-subca-ecdsa.pem new-ca-ecdsa.pem > out
+$CERTTOOL --verify-chain <out > verify
+
+if [ $? != 0 ];then
+ cat verify
+ exit 1
+fi
+
+rm -f verify new-user.pem new-ca-ecdsa.pem new-subca-ecdsa.pem template out
+rm -f key-subca-ecdsa.pem key-ca-ecdsa.pem key-ecdsa.pem
+
+exit 0