github.com/cactusblossom/fabric-ca@v0.0.0-20200611062428-0082fc643826/scripts/fvt/keys_test.sh (about) 1 #!/bin/bash 2 # 3 # Copyright IBM Corp. All Rights Reserved. 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 : ${TESTCASE="keys"} 9 CA_CFG_PATH="/tmp/keys" 10 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca" 11 TESTDATA="$FABRIC_CA/testdata" 12 SCRIPTDIR="$FABRIC_CA/scripts/fvt" 13 EE_KEY="/tmp/keys/admin/msp/keystore/*_sk" 14 EE_CERT="$HOME/abric-ca/cert.pem" 15 RC=0 16 . $SCRIPTDIR/fabric-ca_utils 17 RC=0 18 export CA_CFG_PATH 19 20 CA_KEY="$CA_CFG_PATH/msp/keystore/*_sk" 21 ecl=(256 384) 22 ecOid[256]="prime256v1" 23 ecOid[384]="secp384r1" 24 25 function VerifyKey() { 26 local key=$1 27 local ktype=$2 28 local klen=$3 29 local koid=$4 30 local sslcmd="ec" 31 32 openssl $sslcmd -in $key -text 2>/dev/null| 33 awk -v kt=$koid -v kl=$klen -v rc=0 ' 34 $1~/Private-Key/ {gsub(/\(/,"");l=$2} 35 $0~/ASN1 OID/ {k=$3} 36 END { 37 if (kt!=k) { print "Wrong keytype...FAILED"; rc+=1 } 38 if (kl!=l) { print "Wrong keylength...FAILED"; rc+=1 } 39 exit rc 40 }' 41 return $? 42 } 43 44 45 echo "------> Testing EC varitions" 46 ktype=ecdsa 47 for len in ${ecl[*]}; do 48 echo "------> Testing keylenth $len" 49 $SCRIPTDIR/fabric-ca_setup.sh -R 50 $SCRIPTDIR/fabric-ca_setup.sh -I -X -S -n 1 -t $ktype -l $len 51 # verify CA key type and length 52 VerifyKey $CA_KEY $ktype $len ${ecOid[$len]} || ErrorMsg "VerifyKey CA $ktype $len failed" 53 $SCRIPTDIR/enroll.sh -t $ktype -l $len -d 54 # verify EE key type and length 55 VerifyKey $EE_KEY $ktype $len ${ecOid[$len]} || ErrorMsg "VerifyKey EE $ktype $len failed" 56 57 done 58 59 echo "" 60 echo "**********************************************" 61 echo "" 62 63 CleanUp $RC 64 exit $RC