-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #75 from IETF-Hackathon/ps-r3-scripts
oqs-provider: update scripts, artifacts and interop CSVs
- Loading branch information
Showing
21 changed files
with
244 additions
and
99 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,88 @@ | ||
| #!/bin/bash | ||
|
|
||
| #set -x | ||
|
|
||
| function check_cert() { | ||
|
|
||
| # We want to check that the needed structures | ||
| # are all in place | ||
| CERT=$1 | ||
|
|
||
| # Checks if we have the PEM version of the RootCA | ||
| if ! [ -f "$CERT.pem" ]; then | ||
|
|
||
| # Checks for the RootCA in DER format | ||
| if [ -f "$CERT.der" ] ; then | ||
|
|
||
| # Providing the PEM version of the RootCA | ||
| # echo "Converting $CERT.der to $CERT.pem ... " | ||
| openssl x509 -inform DER -in "$CERT.der" -out "$CERT.pem" | ||
| if [ $? -gt 0 ] ; then | ||
| echo | ||
| echo "ERROR: Cannot convert $CERT.der into PEM format" | ||
| echo | ||
| exit 1 | ||
| fi | ||
| fi | ||
| fi | ||
| } | ||
|
|
||
| check() { | ||
|
|
||
| # Extracts the argument | ||
| PEM=$1 | ||
|
|
||
| # Baseline test whether TA cert is well formed | ||
| openssl x509 -in $PEM -text -noout 2>/dev/null > /dev/null | ||
| if [ $? -ne 0 ]; then | ||
| # echo "${PEM} not suitable." | ||
| echo "N" | ||
| return | ||
| fi | ||
| # Baseline test whether TA cert is self-signed | ||
| openssl verify -CAfile $PEM $PEM 2>/dev/null >/dev/null | ||
| if [ $? -ne 0 ]; then | ||
| echo "N" | ||
| # echo "${PEM} not self-signed." | ||
| return | ||
| fi | ||
| # Checking for some parsing errors | ||
| openssl x509 -in $PEM -text -noout | grep error 2>/dev/null > /dev/null | ||
| if [ $? -ne 0 ]; then | ||
| #echo "No error parsing TA certificate in $1"; | ||
| # Extracting algorithm name | ||
| openssl x509 -in $PEM -text -noout | grep "Public Key Algorithm" 2>&1 > /dev/null | ||
| if [ $? -ne 0 ]; then | ||
| echo "N" | ||
| return | ||
| fi | ||
| else | ||
| echo "N" | ||
| # echo "Error parsing ${PEM}" | ||
| return | ||
| fi | ||
|
|
||
| echo "Y" | ||
| cd .. | ||
| } | ||
|
|
||
| if [ $# -ne 1 ]; then | ||
| echo "No target directory to check provided. Exiting." | ||
| exit -1 | ||
| else | ||
| pushd $1 >/dev/null 2>/dev/null | ||
| fi | ||
| #echo "Checking in $(pwd)" | ||
| if [ ! -d "artifacts" ]; then | ||
| echo "No artifacts found. Exiting." | ||
| exit -1 | ||
| fi | ||
| cd artifacts | ||
| echo "key_algorithm_oid,ta" | ||
| for oid_folder in 1*_ta.*; do | ||
| target=$(echo $oid_folder | sed -r "s/(.*)_ta.*/\1/g") | ||
| check_cert "${target}_ta" | ||
| result=$(check "${target}_ta.pem") | ||
| echo "${target},${result}" | ||
| done | ||
| popd 2>/dev/null >/dev/null |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.12.4.4,N | ||
| 1.3.6.1.4.1.2.267.12.6.5,N | ||
| 1.3.6.1.4.1.2.267.12.8.7,N | ||
| 1.3.9999.6.4.13,N | ||
| 1.3.9999.6.4.16,N | ||
| 1.3.9999.6.5.10,N | ||
| 1.3.9999.6.5.12,N | ||
| 1.3.9999.6.6.10,N | ||
| 1.3.9999.6.6.12,N | ||
| 1.3.9999.6.7.13,N | ||
| 1.3.9999.6.7.16,N | ||
| 1.3.9999.6.8.10,N | ||
| 1.3.9999.6.8.12,N | ||
| 1.3.9999.6.9.10,N | ||
| 1.3.9999.6.9.12,N | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.12.4.4,N | ||
| 1.3.6.1.4.1.2.267.12.6.5,N | ||
| 1.3.6.1.4.1.2.267.12.8.7,N | ||
| 1.3.9999.6.4.13,N | ||
| 1.3.9999.6.4.16,N | ||
| 1.3.9999.6.5.10,N | ||
| 1.3.9999.6.5.12,N | ||
| 1.3.9999.6.6.10,N | ||
| 1.3.9999.6.6.12,N | ||
| 1.3.9999.6.7.13,N | ||
| 1.3.9999.6.7.16,N | ||
| 1.3.9999.6.8.10,N | ||
| 1.3.9999.6.8.12,N | ||
| 1.3.9999.6.9.10,N | ||
| 1.3.9999.6.9.12,N |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,Y | ||
| 1.3.6.1.4.1.2.267.7.8.7,Y |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,Y | ||
| 1.3.6.1.4.1.2.267.7.6.5,Y | ||
| 1.3.6.1.4.1.2.267.7.8.7,Y | ||
| 1.3.9999.3.1,N | ||
| 1.3.9999.3.4,N |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,Y | ||
| 1.3.6.1.4.1.2.267.7.6.5,Y | ||
| 1.3.6.1.4.1.2.267.7.8.7,Y | ||
| 1.3.9999.3.6,Y | ||
| 1.3.9999.3.9,Y |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,N | ||
| 1.3.6.1.4.1.2.267.7.6.5,N | ||
| 1.3.6.1.4.1.2.267.7.8.7,N | ||
| 1.3.9999.3.1,N | ||
| 1.3.9999.3.4,N | ||
| 1.3.9999.6.7.4,N | ||
| 1.3.9999.6.8.3,N | ||
| 1.3.9999.6.9.3,N |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,Y | ||
| 1.3.6.1.4.1.2.267.7.6.5,Y | ||
| 1.3.6.1.4.1.2.267.7.8.7,Y | ||
| 1.3.9999.3.6,Y | ||
| 1.3.9999.3.9,Y | ||
| 1.3.9999.6.4.10,Y | ||
| 1.3.9999.6.4.4,Y | ||
| 1.3.9999.6.5.3,Y | ||
| 1.3.9999.6.5.7,Y | ||
| 1.3.9999.6.6.3,Y | ||
| 1.3.9999.6.6.7,Y |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,N | ||
| 1.3.6.1.4.1.2.267.7.6.5,N | ||
| 1.3.6.1.4.1.2.267.7.8.7,N | ||
| 1.3.9999.3.1,N | ||
| 1.3.9999.3.4,N |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.4.4,Y | ||
| 1.3.6.1.4.1.2.267.7.6.5,Y | ||
| 1.3.6.1.4.1.2.267.7.8.7,Y | ||
| 1.3.9999.3.1,N | ||
| 1.3.9999.3.4,N |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.7.6.5,Y |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.6.1.4.1.2.267.11.4.4,N | ||
| 1.3.6.1.4.1.2.267.7.4.4,N | ||
| 1.3.6.1.4.1.2.267.7.6.5,N | ||
| 1.3.6.1.4.1.2.267.7.8.7,N | ||
| 1.3.9999.3.1,N | ||
| 1.3.9999.3.4,N | ||
| 1.3.9999.6.4.1,N |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| key_algorithm_oid,ta | ||
| 1.3.101.113,Y | ||
| 1.3.6.1.4.1.2.267.7.4.4,Y | ||
| 1.3.6.1.4.1.2.267.7.6.5,Y | ||
| 1.3.6.1.4.1.2.267.7.8.7,Y | ||
| 1.3.9999.3.6,Y | ||
| 1.3.9999.3.9,Y | ||
| 1.3.9999.6.4.13,Y | ||
| 1.3.9999.6.4.16,Y | ||
| 1.3.9999.6.5.10,Y | ||
| 1.3.9999.6.5.12,Y | ||
| 1.3.9999.6.6.10,Y | ||
| 1.3.9999.6.6.12,Y | ||
| 1.3.9999.6.7.13,Y | ||
| 1.3.9999.6.7.16,Y | ||
| 1.3.9999.6.8.10,Y | ||
| 1.3.9999.6.8.12,Y | ||
| 1.3.9999.6.9.10,Y | ||
| 1.3.9999.6.9.12,Y |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| #!/bin/bash | ||
|
|
||
| set -e | ||
|
|
||
| # be sure to not add wrapped pubkeys: | ||
| unset DRAFT_MASSIMO_LAMPS_PQ_SIG_CERTIFICATES_00 | ||
|
|
||
| runandlog() { | ||
| ALG=$1 | ||
| OID=$2 | ||
| DIR="./oqsprovider/artifacts" | ||
| openssl req -x509 -config ta.cnf -new -newkey ${ALG} -extensions v3_ca -out ${DIR}/${OID}_ta.pem -nodes -subj "/CN=OQS TA" >> log 2>&1 | ||
| # openssl req -x509 -config ta.cnf -new -newkey ${ALG} -extensions v3_ca -keyout ${DIR}/${OID}_key.pem -out ${DIR}/${OID}_ta.pem -nodes -subj "/CN=OQS TA" >> log 2>&1 | ||
| echo "${ALG} done..." | ||
| } | ||
|
|
||
| rm -rf log | ||
|
|
||
| mkdir -p oqsprovider/artifacts | ||
|
|
||
| # Classic/baseline test: | ||
| runandlog ed448 1.3.101.113 | ||
|
|
||
| # Dilithium | ||
| runandlog dilithium2 1.3.6.1.4.1.2.267.7.4.4 | ||
| runandlog dilithium3 1.3.6.1.4.1.2.267.7.6.5 | ||
| runandlog dilithium5 1.3.6.1.4.1.2.267.7.8.7 | ||
|
|
||
| # Falcon | ||
| runandlog falcon512 1.3.9999.3.6 | ||
| runandlog falcon1024 1.3.9999.3.9 | ||
|
|
||
| # Sphincs+ | ||
| runandlog sphincssha2128fsimple 1.3.9999.6.4.13 | ||
| runandlog sphincssha2128ssimple 1.3.9999.6.4.16 | ||
| runandlog sphincssha2192fsimple 1.3.9999.6.5.10 | ||
| runandlog sphincssha2192ssimple 1.3.9999.6.5.12 | ||
| runandlog sphincssha2256fsimple 1.3.9999.6.6.10 | ||
| runandlog sphincssha2256ssimple 1.3.9999.6.6.12 | ||
| runandlog sphincsshake128fsimple 1.3.9999.6.7.13 | ||
| runandlog sphincsshake128ssimple 1.3.9999.6.7.16 | ||
| runandlog sphincsshake192fsimple 1.3.9999.6.8.10 | ||
| runandlog sphincsshake192ssimple 1.3.9999.6.8.12 | ||
| runandlog sphincsshake256fsimple 1.3.9999.6.9.10 | ||
| runandlog sphincsshake256ssimple 1.3.9999.6.9.12 | ||
|
|
||
| echo "All data successfully generated." |
Binary file not shown.
Binary file not shown.