mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Add ECC sign, verify, encrypt and decrypt tests
This commit is contained in:
parent
cfbb5760d9
commit
7d5ba080be
@ -28,6 +28,9 @@ else
|
||||
fi
|
||||
|
||||
|
||||
#
|
||||
# Setup for ECC testing
|
||||
#
|
||||
info "Preparing for ECC test."
|
||||
for i in $keygrips ; do
|
||||
rm private-keys-v1.d/$i.key 2>/dev/null || true
|
||||
@ -35,6 +38,9 @@ for i in $keygrips ; do
|
||||
done
|
||||
|
||||
|
||||
#
|
||||
# Import the sample keys
|
||||
#
|
||||
info "Importing ECC public keys."
|
||||
for k in $mainkeyids ; do
|
||||
$GPG --delete-key --batch --yes $k 2>/dev/null || true
|
||||
@ -49,9 +55,69 @@ for i in 1 2 3; do
|
||||
done
|
||||
|
||||
|
||||
info "Importing ECC secret keys."
|
||||
#
|
||||
# Check a few sample signature
|
||||
#
|
||||
info "Checking ECC signatures."
|
||||
tests=""
|
||||
|
||||
# The following is an opaque ECDSA signature on a message "This is one
|
||||
# line\n" (17 byte long) by the primary 256 bit key:
|
||||
tests="$tests msg_opaque_signed_256"
|
||||
msg_opaque_signed_256='-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2.1.0-ecc (GNU/Linux)
|
||||
|
||||
owGbwMvMwCHMvVT3w66lc+cwrlFK4k5N1k3KT6nUK6ko8Zl8MSEkI7NYAYjy81IV
|
||||
cjLzUrk64lgYhDkY2FiZQNIMXJwCMO31rxgZ+tW/zesUPxWzdKWrtLGW/LkP5rXL
|
||||
V/Yvnr/EKjBbQuvZSYa/klsum6XFmTze+maVgclT6Rc6hzqqxNy6o6qdTTmLJuvp
|
||||
AQA=
|
||||
=GDv4
|
||||
-----END PGP MESSAGE----'
|
||||
|
||||
# The following is an opaque ECDSA signature on a message "This is one
|
||||
# line\n" (17 byte long) by the primary 384 bit key:
|
||||
tests="$tests msg_opaque_signed_384"
|
||||
msg_opaque_signed_384='-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DIqwE7wsvMwCnM2WDcwR9SOJ/xtFISd25qcXFieqpeSUUJAxCEZGQWKwBR
|
||||
fl6qQk5mXirXoXJmVgbfYC5xmC5hzsDPjHXqbDLzpXpTBXSZV3L6bAgP3Kq7Ykmo
|
||||
7Ds1v4UfBS+3CSSon7Pzq79WLjzXXEH54MkjPxnrw+8cfMVnY7Bi18J702Nnsa7a
|
||||
9lMv/PM0/ao9CZ3KX7Q+Tv1rllTZ5Hj4V1frw431QnHfAA==
|
||||
=elKT
|
||||
-----END PGP MESSAGE-----'
|
||||
|
||||
# The following is an opaque ECDSA signature on a message "This is one
|
||||
# line\n" (17 byte long) by the primary 521 bit key:
|
||||
tests="$tests msg_opaque_signed_521"
|
||||
msg_opaque_signed_521='-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DIwA8BO8LLzMAlnO3Y8tB1vf4/xtNKSdy5qcXFiempeiUVJQxAEJKRWawA
|
||||
RPl5qQo5mXmpXIdmMLMy+AaLnoLpEubatpeJY2Lystd7Qt32q2UcvRS5kNPWtDB7
|
||||
ryufvcrWtFM7Jx8qXKDxZuqr7b9PGv1Ssk+I8TzB2O9dZC+n/jv+PAdbuu7mLe33
|
||||
Gf9pLd3weV3Qno6FOqxGa5ZszQx+uer2xH3/El9x/2pVeO4l15ScsL7qWMTmffmG
|
||||
Ic1RdzgeCfosMF+l/zVRchcLKzenEQA=
|
||||
=ATtX
|
||||
-----END PGP MESSAGE-----'
|
||||
|
||||
echo 'This is one line' >z
|
||||
for msg in $tests; do
|
||||
info "checking: $msg"
|
||||
eval "(IFS=; echo \"\$$msg\")" >x
|
||||
$GPG --verify x || error "verify(1) of $msg failed"
|
||||
$GPG -o y --yes x || error "verify(2) of $msg failed"
|
||||
cmp y z || error "$msg: mismatch"
|
||||
done
|
||||
|
||||
|
||||
#
|
||||
# Import the secret keys so that we now can sign and decrypt.
|
||||
#
|
||||
# Note that the PGP generated secret keys are not self-signed, thus we
|
||||
# need to pass an appropriate option.
|
||||
#
|
||||
info "Importing ECC secret keys."
|
||||
for i in 1 2 3; do
|
||||
k="ecc-sample-$i-sec.asc"
|
||||
if [ "$i" -gt "1" ]; then
|
||||
@ -67,6 +133,104 @@ for i in 1 2 3; do
|
||||
done
|
||||
|
||||
|
||||
#
|
||||
# Check a few sample encrtpted messages.
|
||||
#
|
||||
info "Checking ECC encryption."
|
||||
tests=""
|
||||
|
||||
# The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
# with the subkey 4089AB73.
|
||||
tests="$tests msg_encrypted_256"
|
||||
msg_encrypted_256='-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2.1.0-ecc (GNU/Linux)
|
||||
|
||||
hH4Dd863o0CJq3MSAgMEHdIYZQx+rV1cjy7qitIOEICFFzp4cjsRX4r+rDdMcQUs
|
||||
h7VZmbP1c9C0s9sgCKwubWfkcYUl2ZOju4gy+s4MYTBb4/j8JjnJ9Bqn6LWutTXJ
|
||||
zwsdP13VIJLnhiNqISdR3/6xWQ0ICRYzwb95nUZ1c1DSVgFpjPgUvi4pgYbTpcDB
|
||||
jzILKWBfBDT/jck169XE8vgtbcqVQYZ7lZpaY9CzEbC+4dXZmV1gm5MafpTyFWgH
|
||||
VnyrZB4gad9Lp9e0RKHHcOOE7s/NeLuu
|
||||
=odUZ
|
||||
-----END PGP MESSAGE-----'
|
||||
|
||||
# The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
# with the subkey 9A201946:
|
||||
tests="$tests msg_encrypted_384"
|
||||
msg_encrypted_384='-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DBngOqi5OPmiAZRhIDAwQqIr/00cJyf+QP+VA4QKVkk77KMHdz9OVaR2XK
|
||||
0VYu0F/HPm89vL2orfm2hrAZxY9G2R0PG4Wk5Lg04UjKca/O72uWtjdPYulFidmo
|
||||
uB0QpzXFz22ZZinxeVPLPEr19Pow0EwCc95cg4HAgrD0nV9vRcTJ/+juVfvsJhAO
|
||||
isMKqrFNMvwnK5A1ECeyVXe7oLZl0lUBRhLr59QTtvf85QJjg/m5kaGy8XCJvLv3
|
||||
61pZa6KUmw89PjtPak7ebcjnINL01vwmyeg1PAyW/xjeGGvcO+R4P1b4ewyFnJyR
|
||||
svzIJcP7d4DqYOw7
|
||||
=oiTJ
|
||||
-----END PGP MESSAGE-----'
|
||||
|
||||
# The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
# with the subkey A81C4838:
|
||||
tests="$tests msg_encrypted_521"
|
||||
msg_encrypted_521='-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DBwAIDB+qqSKgcSDgSBCMEAKpzTUxB4c56C7g09ekD9I+ttC5ER/xzDmXU
|
||||
OJmFqU5w3FllhFj4TgGxxdH+8fv4W2Ag0IKoJvIY9V1V7oUCClfqAR01QbN7jGH/
|
||||
I9GFFnH19AYEgMKgFmh14ZwN1BS6/VHh+H4apaYqapbx8/09EL+DV9zWLX4GRLXQ
|
||||
VqCR1N2rXE29MJFzGmDOCueQNkUjcbuenoCSKcNT+6xhO27U9IYVCg4BhRUDGfD6
|
||||
dhfRzBLxL+bKR9JVAe46+K8NLjRVu/bd4Iounx4UF5dBk8ERy+/8k9XantDoQgo6
|
||||
RPqCad4Dg/QqkpbK3y574ds3VFNJmc4dVpsXm7lGV5w0FBxhVNPoWNhhECMlTroX
|
||||
Rg==
|
||||
=5GqW
|
||||
-----END PGP MESSAGE-----'
|
||||
|
||||
echo 'This is one line' >z
|
||||
for msg in $tests; do
|
||||
info "checking: $msg"
|
||||
eval "(IFS=; echo \"\$$msg\")" >x
|
||||
$GPG -o y --yes x || error "decryption of $msg failed"
|
||||
cmp y z || error "$msg: mismatch"
|
||||
done
|
||||
|
||||
|
||||
#
|
||||
# Now check that we can encrypt and decrypt our own messages.
|
||||
#
|
||||
# Note that we don't need to provide a passppharse because we already
|
||||
# preset the passphrase into the gpg-agent.
|
||||
#
|
||||
info "Checking ECC encryption and decryption."
|
||||
for i in $plain_files $data_files ; do
|
||||
for k in $mainkeyids ; do
|
||||
info "file: $i key: $k"
|
||||
$GPG --always-trust -e -o x --yes -r $k $i
|
||||
$GPG -o y --yes x
|
||||
cmp $i y || error "$i,$k: mismatch"
|
||||
done
|
||||
done
|
||||
|
||||
|
||||
#
|
||||
# Now check that we can sign and verify our own messages.
|
||||
#
|
||||
info "Checking ECC signing and verifiction."
|
||||
for i in $plain_files $data_files ; do
|
||||
for k in $mainkeyids ; do
|
||||
info "file: $i key: $k"
|
||||
$GPG -s -o x --yes -u $k $i
|
||||
$GPG -o y --yes x || error "verify of $i,$k failed"
|
||||
cmp $i y || error "$i,$k: mismatch"
|
||||
done
|
||||
done
|
||||
|
||||
|
||||
#
|
||||
# Let us also try to import the keys only from a secret keyblock.
|
||||
#
|
||||
# Because PGP does not sign the UID, it is not very useful to work
|
||||
# with this key unless we go into the trouble of adding the
|
||||
# self-signature.
|
||||
#
|
||||
info "Importing ECC secret keys directly."
|
||||
for i in $keygrips ; do
|
||||
rm private-keys-v1.d/$i.key 2>/dev/null || true
|
||||
|
@ -6,107 +6,3 @@ ecc-sample-2-pub.asc A NIST P-384 ECC sample key.
|
||||
ecc-sample-2-sec.asc Ditto, but the secret keyblock.
|
||||
ecc-sample-3-pub.asc A NIST P-521 ECC sample key.
|
||||
ecc-sample-3-sec.asc Ditto, but the secret keyblock.
|
||||
|
||||
|
||||
|
||||
Signed message
|
||||
|
||||
The following is an opaque ECDSA signature on a message "This is one
|
||||
line\n" (17 byte long) by the master key:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2.1.0-ecc (GNU/Linux)
|
||||
|
||||
owGbwMvMwCHMvVT3w66lc+cwrlFK4k5N1k3KT6nUK6ko8Zl8MSEkI7NYAYjy81IV
|
||||
cjLzUrk64lgYhDkY2FiZQNIMXJwCMO31rxgZ+tW/zesUPxWzdKWrtLGW/LkP5rXL
|
||||
V/Yvnr/EKjBbQuvZSYa/klsum6XFmTze+maVgclT6Rc6hzqqxNy6o6qdTTmLJuvp
|
||||
AQA=
|
||||
=GDv4
|
||||
-----END PGP MESSAGE----
|
||||
|
||||
Encrypted message
|
||||
|
||||
The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
with the subkey 0x4089AB73.
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2.1.0-ecc (GNU/Linux)
|
||||
|
||||
hH4Dd863o0CJq3MSAgMEHdIYZQx+rV1cjy7qitIOEICFFzp4cjsRX4r+rDdMcQUs
|
||||
h7VZmbP1c9C0s9sgCKwubWfkcYUl2ZOju4gy+s4MYTBb4/j8JjnJ9Bqn6LWutTXJ
|
||||
zwsdP13VIJLnhiNqISdR3/6xWQ0ICRYzwb95nUZ1c1DSVgFpjPgUvi4pgYbTpcDB
|
||||
jzILKWBfBDT/jck169XE8vgtbcqVQYZ7lZpaY9CzEbC+4dXZmV1gm5MafpTyFWgH
|
||||
VnyrZB4gad9Lp9e0RKHHcOOE7s/NeLuu
|
||||
=odUZ
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
|
||||
|
||||
|
||||
Signed message
|
||||
|
||||
The following is an opaque ECDSA signature on a message "This is one
|
||||
line\n" (17 byte long) by the master key:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DIqwE7wsvMwCnM2WDcwR9SOJ/xtFISd25qcXFieqpeSUUJAxCEZGQWKwBR
|
||||
fl6qQk5mXirXoXJmVgbfYC5xmC5hzsDPjHXqbDLzpXpTBXSZV3L6bAgP3Kq7Ykmo
|
||||
7Ds1v4UfBS+3CSSon7Pzq79WLjzXXEH54MkjPxnrw+8cfMVnY7Bi18J702Nnsa7a
|
||||
9lMv/PM0/ao9CZ3KX7Q+Tv1rllTZ5Hj4V1frw431QnHfAA==
|
||||
=elKT
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
Encrypted message
|
||||
|
||||
The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
with the subkey:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DBngOqi5OPmiAZRhIDAwQqIr/00cJyf+QP+VA4QKVkk77KMHdz9OVaR2XK
|
||||
0VYu0F/HPm89vL2orfm2hrAZxY9G2R0PG4Wk5Lg04UjKca/O72uWtjdPYulFidmo
|
||||
uB0QpzXFz22ZZinxeVPLPEr19Pow0EwCc95cg4HAgrD0nV9vRcTJ/+juVfvsJhAO
|
||||
isMKqrFNMvwnK5A1ECeyVXe7oLZl0lUBRhLr59QTtvf85QJjg/m5kaGy8XCJvLv3
|
||||
61pZa6KUmw89PjtPak7ebcjnINL01vwmyeg1PAyW/xjeGGvcO+R4P1b4ewyFnJyR
|
||||
svzIJcP7d4DqYOw7
|
||||
=oiTJ
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
|
||||
|
||||
Signed message
|
||||
|
||||
The following is an opaque ECDSA signature on a message "This is one
|
||||
line\n" (17 byte long) by the master key:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DIwA8BO8LLzMAlnO3Y8tB1vf4/xtNKSdy5qcXFiempeiUVJQxAEJKRWawA
|
||||
RPl5qQo5mXmpXIdmMLMy+AaLnoLpEubatpeJY2Lystd7Qt32q2UcvRS5kNPWtDB7
|
||||
ryufvcrWtFM7Jx8qXKDxZuqr7b9PGv1Ssk+I8TzB2O9dZC+n/jv+PAdbuu7mLe33
|
||||
Gf9pLd3weV3Qno6FOqxGa5ZszQx+uer2xH3/El9x/2pVeO4l15ScsL7qWMTmffmG
|
||||
Ic1RdzgeCfosMF+l/zVRchcLKzenEQA=
|
||||
=ATtX
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
Encrypted message
|
||||
|
||||
The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
with the subkey:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DBwAIDB+qqSKgcSDgSBCMEAKpzTUxB4c56C7g09ekD9I+ttC5ER/xzDmXU
|
||||
OJmFqU5w3FllhFj4TgGxxdH+8fv4W2Ag0IKoJvIY9V1V7oUCClfqAR01QbN7jGH/
|
||||
I9GFFnH19AYEgMKgFmh14ZwN1BS6/VHh+H4apaYqapbx8/09EL+DV9zWLX4GRLXQ
|
||||
VqCR1N2rXE29MJFzGmDOCueQNkUjcbuenoCSKcNT+6xhO27U9IYVCg4BhRUDGfD6
|
||||
dhfRzBLxL+bKR9JVAe46+K8NLjRVu/bd4Iounx4UF5dBk8ERy+/8k9XantDoQgo6
|
||||
RPqCad4Dg/QqkpbK3y574ds3VFNJmc4dVpsXm7lGV5w0FBxhVNPoWNhhECMlTroX
|
||||
Rg==
|
||||
=5GqW
|
||||
-----END PGP MESSAGE-----
|
||||
|
Loading…
x
Reference in New Issue
Block a user