Added ECDSA key generation, signing and verification tests.

3 files changed, 114 insertions, 1 deletions

diff --git a/tests/Makefile.am b/tests/Makefile.am
index c1e332cf2b..13b8f7c87e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -20,7 +20,7 @@
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
 SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode	\
-	userid pathlen key-id sha2 safe-renegotiation dsa scripts
+	userid pathlen key-id sha2 safe-renegotiation dsa scripts ecdsa
 
 if ENABLE_OPENPGP
 SUBDIRS += openpgp-certs
diff --git a/tests/ecdsa/Makefile.am b/tests/ecdsa/Makefile.am
new file mode 100644
index 0000000000..9be864e02e
--- /dev/null
+++ b/tests/ecdsa/Makefile.am
@@ -0,0 +1,28 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2007, 2008, 2010 Free Software Foundation, Inc.
+#
+# Author: Simon Josefsson
+#
+# This file is part of GnuTLS.
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+EXTRA_DIST = 
+
+dist_check_SCRIPTS = ecdsa
+
+TESTS = ecdsa
+
+TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT)
diff --git a/tests/ecdsa/ecdsa b/tests/ecdsa/ecdsa
new file mode 100755
index 0000000000..20ea747558
--- /dev/null
+++ b/tests/ecdsa/ecdsa
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+# Copyright (C) 2011 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+#set -e
+
+srcdir=${srcdir:-.}
+CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
+
+echo ca > template
+echo cn = "ECDSA SHA 256 CA" >> template
+
+$CERTTOOL --generate-privkey --ecc > key-ca-ecdsa.pem
+
+$CERTTOOL -d 2 --generate-self-signed --template template \
+    --load-privkey key-ca-ecdsa.pem \
+    --outfile new-ca-ecdsa.pem \
+    --hash sha256 >out 2>&1
+
+if [ $? != 0 ];then
+	cat out
+	exit 1
+fi
+
+echo ca > template
+$CERTTOOL --generate-privkey --ecc > key-subca-ecdsa.pem
+echo cn = "ECDSA SHA 224 Mid CA" >> template
+
+$CERTTOOL -d 2 --generate-certificate --template template \
+    --load-ca-privkey key-ca-ecdsa.pem \
+    --load-ca-certificate new-ca-ecdsa.pem \
+    --load-privkey key-subca-ecdsa.pem \
+    --outfile new-subca-ecdsa.pem \
+    --hash sha224 >out 2>&1
+
+if [ $? != 0 ];then
+	cat out
+	exit 1
+fi
+
+echo cn = "End-user" > template
+
+$CERTTOOL --generate-privkey --ecc > key-ecdsa.pem
+
+$CERTTOOL -d 2 --generate-certificate --template template \
+    --load-ca-privkey key-subca-ecdsa.pem \
+    --load-ca-certificate new-subca-ecdsa.pem \
+    --load-privkey key-ecdsa.pem \
+    --outfile new-user.pem >out 2>&1
+
+if [ $? != 0 ];then
+	cat out
+	exit 1
+fi
+
+cat new-user.pem new-subca-ecdsa.pem new-ca-ecdsa.pem > out
+$CERTTOOL --verify-chain <out > verify
+
+if [ $? != 0 ];then
+	cat verify
+	exit 1
+fi
+
+rm -f verify new-user.pem new-ca-ecdsa.pem new-subca-ecdsa.pem template out
+rm -f key-subca-ecdsa.pem key-ca-ecdsa.pem key-ecdsa.pem
+
+exit 0