github.com/extrame/fabric-ca@v2.0.0-alpha+incompatible/scripts/fvt/keys_test.sh

github.com/extrame/fabric-ca@v2.0.0-alpha+incompatible/scripts/fvt/keys_test.sh (about)

     1  #!/bin/bash
     2  #
     3  # Copyright IBM Corp. All Rights Reserved.
     4  #
     5  # SPDX-License-Identifier: Apache-2.0
     6  #
     7  
     8  : ${TESTCASE="keys"}
     9  CA_CFG_PATH="/tmp/keys"
    10  FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca"
    11  TESTDATA="$FABRIC_CA/testdata"
    12  SCRIPTDIR="$FABRIC_CA/scripts/fvt"
    13  EE_KEY="/tmp/keys/admin/msp/keystore/*_sk"
    14  EE_CERT="$HOME/abric-ca/cert.pem"
    15  RC=0
    16  . $SCRIPTDIR/fabric-ca_utils
    17  RC=0
    18  export CA_CFG_PATH
    19  
    20  CA_KEY="$CA_CFG_PATH/msp/keystore/*_sk"
    21  #ecl=(256 384 521)
    22  ecl=(256 384)
    23  ecl=256
    24  ecOid[256]="prime256v1"
    25  ecOid[384]="secp384r1"
    26  #ecOid[521]="secp521r1"
    27  rsal=(2048 3072 4096)
    28  
    29  function VerifyKey() {
    30     local key=$1
    31     local ktype=$2
    32     local klen=$3
    33     local koid=$4
    34     local sslcmd=rsa
    35  
    36     test $ktype = "rsa" || sslcmd="ec"
    37     openssl $sslcmd -in $key -text 2>/dev/null|
    38        awk -v kt=$koid -v kl=$klen -v rc=0 '
    39           $1~/Private-Key/ {gsub(/\(/,"");l=$2}
    40           $0~/ASN1 OID/ {k=$3}
    41           END {
    42                  if (kt!=k) { print "Wrong keytype...FAILED"; rc+=1 }
    43                  if (kl!=l) { print "Wrong keylength...FAILED"; rc+=1 }
    44                  exit rc
    45           }'
    46     return $?
    47  }
    48  
    49  
    50  echo "------> Testing EC varitions"
    51  ktype=ecdsa
    52  for len in ${ecl[*]}; do
    53     echo "------> Testing keylenth $len"
    54     $SCRIPTDIR/fabric-ca_setup.sh -R
    55     $SCRIPTDIR/fabric-ca_setup.sh -I -X -S -n 1 -t $ktype -l $len
    56     # verify CA key type and length
    57     VerifyKey $CA_KEY $ktype $len ${ecOid[$len]} || ErrorMsg "VerifyKey CA $ktype $len failed"
    58     $SCRIPTDIR/enroll.sh -t $ktype -l $len -d
    59     # verify EE key type and length
    60     VerifyKey $EE_KEY $ktype $len ${ecOid[$len]} || ErrorMsg "VerifyKey EE $ktype $len failed"
    61  
    62  done
    63  
    64  ktype=rsa
    65  echo ""
    66  echo "**********************************************"
    67  echo ""
    68  echo "------> Testing RSA varitions"
    69  for len in ${rsal[*]}; do
    70     echo "------> Testing keylenth $len"
    71     $SCRIPTDIR/fabric-ca_setup.sh -R
    72     $SCRIPTDIR/fabric-ca_setup.sh -I -X -S -n 1 -t $ktype -l $len
    73     # verify CA key type and length
    74     VerifyKey $CA_KEY $ktype $len "" || ErrorMsg "VerifyKey CA $ktype $len failed"
    75     $SCRIPTDIR/enroll.sh -t $ktype -l $len -d
    76     # verify EE key type and length
    77     VerifyKey $EE_KEY $ktype $len "" || ErrorMsg "VerifyKey CA $ktype $len failed"
    78     echo ""
    79     echo ""
    80  done
    81  
    82  echo ""
    83  echo "**********************************************"
    84  echo ""
    85  
    86  CleanUp $RC
    87  exit $RC