1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
|
#!/bin/bash -e
cd "$tmpdir"
source "$srcdir"/functions
initnssdb "$tmpdir"
for size in nistp256 nistp384 nistp521 ; do
# Generate a self-signed cert.
run_certutil -d "$tmpdir" -S -n keyi$size \
-s "cn=T$size" -c "cn=T$size" \
-x -t u -k ec -q $size
# Check the size of the key.
cat > entry.nss.$size <<- EOF
key_storage_type=NSSDB
key_storage_location=$tmpdir
key_nickname=keyi$size
EOF
$toolsdir/keyiread entry.nss.$size
# Export the key.
if ! pk12util -d "$tmpdir" -o $size.p12 -W "" -n "keyi$size" > /dev/null 2>&1 ; then
echo Error exporting key for $size, continuing.
continue
fi
if ! openssl pkcs12 -in $size.p12 -out key.$size -passin pass: -nodes -nocerts > /dev/null 2>&1 ; then
echo Error parsing exported key for $size, continuing.
continue
fi
cat > entry.openssl.$size <<- EOF
key_storage_type=FILE
key_storage_location=$tmpdir/key.$size
key_nickname=keyi$size
EOF
$toolsdir/keyiread entry.openssl.$size
done
echo Test complete.
|