blob: de158f60be916bd90abe0a6f4227bf9f79e26349 [file] [log] [blame]
#
# Copyright 2019,2020 NXP
# SPDX-License-Identifier: Apache-2.0
#
import os
import sys
import logging
from legacy_openssl_util import *
def main():
key_type = "prime256v1"
if len(sys.argv) >= 2:
if sys.argv[1] != "none":
port_data = sys.argv[1].split(':')
JRCP_HOSTNAME = port_data[0]
JRCP_PORT = port_data[1]
os.environ['JRCP_HOSTNAME'] = JRCP_HOSTNAME
os.environ['JRCP_PORT'] = JRCP_PORT
os.environ['RJCT_SERVER_ADDR'] = sys.argv[1]
log.info("JRCP_HOSTNAME: %s" % JRCP_HOSTNAME)
log.info("JRCP_PORT: %s" % JRCP_PORT)
log.info("RJCT_SERVER_ADDR: %s" % sys.argv[1])
keys_dir = os.path.join(cur_dir, '..', 'keys', key_type)
output_dir = cur_dir + os.sep + "output"
if not os.path.exists(output_dir):
os.mkdir(output_dir)
KEYPAIR_REF_0 = keys_dir + os.sep + "ecc_key_kp_0_ref.pem"
KEYPAIR_0 = keys_dir + os.sep + "ecc_key_kp_0.pem"
PUBKEY_0 = keys_dir + os.sep + "ecc_key_pub_pubonly_0.pem"
ECC_KEY_KP_A = keys_dir + os.sep + "ecc_key_kp_A.pem"
ECC_KEY_PUB_PUBONLY_A = keys_dir + os.sep + "ecc_key_pub_pubonly_A.pem"
SHARED_SECRET_HOST_0 = output_dir + os.sep + "ecdh_host_0.bin"
SHARED_SECRET_ENGINE_0 = output_dir + os.sep + "ecdh_engine_0.bin"
SHARED_SECRET_HANDOVER_A = output_dir + os.sep + "ecdh_handover_A.bin"
SHARED_SECRET_HOST_A = output_dir + os.sep + "ecdh_host_A.bin"
log.info("## Clean up %s, %s etc." % (SHARED_SECRET_HOST_0, SHARED_SECRET_ENGINE_0))
log.info("######################################################")
if sys.platform.startswith("win"):
run("del -f %s" % (SHARED_SECRET_HOST_0,))
run("del -f %s" % (SHARED_SECRET_ENGINE_0,))
run("del -f %s" % (SHARED_SECRET_HANDOVER_A,))
run("del -f %s" % (SHARED_SECRET_HOST_A,))
else:
run("rm -f %s %s" % (SHARED_SECRET_HOST_0, SHARED_SECRET_ENGINE_0))
run("rm -f %s %s" % (SHARED_SECRET_HANDOVER_A, SHARED_SECRET_HOST_A))
log.info("## Do ECDH on Host (%s)" % (KEYPAIR_0,))
run("%s pkeyutl -inkey %s -peerkey %s -derive -hexdump -out %s" % (openssl, KEYPAIR_0, PUBKEY_0,
SHARED_SECRET_HOST_0))
log.info("## Do ECDH with Engine (%s)" % (KEYPAIR_0,))
run("%s pkeyutl -engine %s -inkey %s -peerkey %s -derive -hexdump -out %s" %
(openssl, openssl_engine, KEYPAIR_REF_0, PUBKEY_0, SHARED_SECRET_ENGINE_0))
log.info("## Confirm the two calculations are the same")
log.info("############################################")
log.info("# Validate Key Handover")
log.info("## #################################################################")
log.info("## Validate Key Handover from Engine to OpenSSL SW implementation")
log.info("## Do ECDH (%s) with Handover" % (ECC_KEY_KP_A))
log.info("## #################################")
run("%s pkeyutl -engine %s -inkey %s -peerkey %s -derive -hexdump -out %s" %
(openssl, openssl_engine, ECC_KEY_KP_A, ECC_KEY_PUB_PUBONLY_A, SHARED_SECRET_HANDOVER_A))
log.info("## Do ECDH (%s) on Host" % (ECC_KEY_KP_A,))
log.info("## #################################")
run("%s pkeyutl -inkey %s -peerkey %s -derive -hexdump -out %s" %
(openssl, ECC_KEY_KP_A, ECC_KEY_PUB_PUBONLY_A, SHARED_SECRET_HOST_A))
log.info("## Program completed successfully")
def usage():
log.info("Please provide as first argument: ip_address:port of JRCP server, \"none\" for sci2c")
log.info("Example invocation")
log.info(" 127.0.0.1:8050")
log.info("Implicitly supported key types:")
log.info(" prime256v1 only")
if __name__ == '__main__':
logging.basicConfig(level=logging.DEBUG)
if len(sys.argv) >= 2:
main()
else:
usage()