@@ -193,12 +193,143 @@ ecKey2Epc = fromString $
193
193
" Uck8U4LTKtiWK6dd2zTRWU6ze/4UJUuZTnJb7Q==\n " ++
194
194
" -----END EC PRIVATE KEY-----\n "
195
195
196
+ {-
197
+ openssl req -new -x509 -subj /CN=CA -newkey rsa:1024 -nodes -reqexts v3_ca \
198
+ -keyout cakey.pem -out cacert.pem
199
+ openssl req -new -subj /CN=Test -key cakey.pem -nodes -reqexts v3_req \
200
+ -out req.pem
201
+ openssl genpkey -algorithm x25519 -out privkey.pem
202
+ openssl pkey -in privkey.pem -pubout -out pubkey.pem
203
+ openssl x509 -req -in req.pem -CA cacert.pem -CAkey cakey.pem \
204
+ -set_serial 2 -force_pubkey pubkey.pem \
205
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
206
+ sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/' privkey.pem
207
+ openssl pkey -in privkey.pem -traditional \
208
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
209
+ -}
210
+ x25519Certificate , x25519Key1 , x25519Key2 :: B. ByteString
211
+ x25519Certificate = fromString $
212
+ " -----BEGIN CERTIFICATE-----\n " ++
213
+ " MIIBEzB+AgECMA0GCSqGSIb3DQEBCwUAMA0xCzAJBgNVBAMMAkNBMB4XDTE4MDgy\n " ++
214
+ " NjE0MTIzOFoXDTE4MDkyNTE0MTIzOFowDzENMAsGA1UEAwwEVGVzdDAqMAUGAytl\n " ++
215
+ " bgMhAMzDmaCSEjQR6yWKSdWBxw4YNOb6YMETiWt7AVOUaxw9MA0GCSqGSIb3DQEB\n " ++
216
+ " CwUAA4GBAEJrXXtt9XaL3oARVv8hm/abqhUds9ytT4CQtaQgSV7HQIp96LN87pc9\n " ++
217
+ " pwrISZrWuIlVpyQpGOK1i+uI3LgdKn1zO5CJdjRtW6lCCXg9R/wEcEKAiVKIzg2G\n " ++
218
+ " FanQ4TG8YzfBToUbsSMfptxhbKPk/lVa8ffmXLZBILjPbI63iu4d\n " ++
219
+ " -----END CERTIFICATE-----\n "
220
+ x25519Key1 = fromString $
221
+ " -----BEGIN PRIVATE KEY-----\n " ++
222
+ " MC4CAQAwBQYDK2VuBCIEIEhpc79EOwSU0JgHC6/32OUYul2yRiha3aftJiHybq1F\n " ++
223
+ " -----END PRIVATE KEY-----\n "
224
+ x25519Key2 = fromString $
225
+ " -----BEGIN X25519 PRIVATE KEY-----\n " ++
226
+ " MC4CAQAwBQYDK2VuBCIEIEhpc79EOwSU0JgHC6/32OUYul2yRiha3aftJiHybq1F\n " ++
227
+ " -----END X25519 PRIVATE KEY-----\n "
228
+
229
+ {-
230
+ openssl req -new -x509 -subj /CN=CA -newkey rsa:1024 -nodes -reqexts v3_ca \
231
+ -keyout cakey.pem -out cacert.pem
232
+ openssl req -new -subj /CN=Test -key cakey.pem -nodes -reqexts v3_req \
233
+ -out req.pem
234
+ openssl genpkey -algorithm x448 -out privkey.pem
235
+ openssl pkey -in privkey.pem -pubout -out pubkey.pem
236
+ openssl x509 -req -in req.pem -CA cacert.pem -CAkey cakey.pem \
237
+ -set_serial 2 -force_pubkey pubkey.pem \
238
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
239
+ sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/' privkey.pem
240
+ openssl pkey -in privkey.pem -traditional \
241
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
242
+ -}
243
+ x448Certificate , x448Key1 , x448Key2 :: B. ByteString
244
+ x448Certificate = fromString $
245
+ " -----BEGIN CERTIFICATE-----\n " ++
246
+ " MIIBLDCBlgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAeFw0xODA4\n " ++
247
+ " MjYxNDEzMTlaFw0xODA5MjUxNDEzMTlaMA8xDTALBgNVBAMMBFRlc3QwQjAFBgMr\n " ++
248
+ " ZW8DOQCh0ta92rVURtIK29lN9F1QbBpSV0jAr7jAXLdz4SHPPO1OO+2gXvjuDpt3\n " ++
249
+ " lTzR6oZQkAc5nK43PjANBgkqhkiG9w0BAQsFAAOBgQCk2dVKQpLS4/EEe2fuRMvs\n " ++
250
+ " 2qvERTT41P9cjkz3obrizjg68Aaj1m/0SeQFWYh4QeGf7lVSA6evPQG8XdscHHMd\n " ++
251
+ " /7/U/gfY+aTiaKTf/E7pXMdtiMEOkcrA1J5fnI5M96R6UMRIRbqxhpGC/Jb7EdVM\n " ++
252
+ " LAlOqcCwRBVCEJnexQK1TA==\n " ++
253
+ " -----END CERTIFICATE-----\n "
254
+ x448Key1 = fromString $
255
+ " -----BEGIN PRIVATE KEY-----\n " ++
256
+ " MEYCAQAwBQYDK2VvBDoEOKxpGvu6rhYy78qgxgtT+uZt4Ctxd3AB/S59i1Cx03hR\n " ++
257
+ " kVB9q7Mz02YjHbwAaM/hAHajYdwHa7aV\n " ++
258
+ " -----END PRIVATE KEY-----\n "
259
+ x448Key2 = fromString $
260
+ " -----BEGIN X448 PRIVATE KEY-----\n " ++
261
+ " MEYCAQAwBQYDK2VvBDoEOKxpGvu6rhYy78qgxgtT+uZt4Ctxd3AB/S59i1Cx03hR\n " ++
262
+ " kVB9q7Mz02YjHbwAaM/hAHajYdwHa7aV\n " ++
263
+ " -----END X448 PRIVATE KEY-----\n "
264
+
265
+ {-
266
+ openssl req -new -x509 -subj /CN=Test -newkey ed25519 -nodes -reqexts v3_req \
267
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
268
+ sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/' privkey.pem
269
+ openssl pkey -in privkey.pem -traditional \
270
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
271
+ -}
272
+ ed25519Certificate , ed25519Key1 , ed25519Key2 :: B. ByteString
273
+ ed25519Certificate = fromString $
274
+ " -----BEGIN CERTIFICATE-----\n " ++
275
+ " MIIBMjCB5aADAgECAhR6ecRAmI54Nv+XftTZ/GSiPICx0TAFBgMrZXAwDzENMAsG\n " ++
276
+ " A1UEAwwEVGVzdDAeFw0xODA4MTUxMTQ3MDNaFw0xODA5MTQxMTQ3MDNaMA8xDTAL\n " ++
277
+ " BgNVBAMMBFRlc3QwKjAFBgMrZXADIQAI0GFxXxlCuJD082Grn0p0AZ/staBylKsS\n " ++
278
+ " OwPu6iPHb6NTMFEwHQYDVR0OBBYEFGTOlalKBchEtrbeG5jRF5fbzhDJMB8GA1Ud\n " ++
279
+ " IwQYMBaAFGTOlalKBchEtrbeG5jRF5fbzhDJMA8GA1UdEwEB/wQFMAMBAf8wBQYD\n " ++
280
+ " K2VwA0EARON+KCuJoY1u8Yrn/MrCBpeu49AIMbqoyB8YN6msQpLPjWzLYaC70Cc2\n " ++
281
+ " DY6BFI5hKr+mLCN/+VlzRzqW8dqSDg==\n " ++
282
+ " -----END CERTIFICATE-----\n "
283
+ ed25519Key1 = fromString $
284
+ " -----BEGIN PRIVATE KEY-----\n " ++
285
+ " MC4CAQAwBQYDK2VwBCIEILEtRbG7T++/S58HPwVUJSR12Iu8FVputSfQBkotgeZ0\n " ++
286
+ " -----END PRIVATE KEY-----\n "
287
+ ed25519Key2 = fromString $
288
+ " -----BEGIN ED25519 PRIVATE KEY-----\n " ++
289
+ " MC4CAQAwBQYDK2VwBCIEILEtRbG7T++/S58HPwVUJSR12Iu8FVputSfQBkotgeZ0\n " ++
290
+ " -----END ED25519 PRIVATE KEY-----\n "
291
+
292
+ {-
293
+ openssl req -new -x509 -subj /CN=Test -newkey ed448 -nodes -reqexts v3_req \
294
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
295
+ sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/' privkey.pem
296
+ openssl pkey -in privkey.pem -traditional \
297
+ | sed -e 's/^\(.*\)$/ "\1\\n"/' -e '$!s/$/ ++/'
298
+ -}
299
+ ed448Certificate , ed448Key1 , ed448Key2 :: B. ByteString
300
+ ed448Certificate = fromString $
301
+ " -----BEGIN CERTIFICATE-----\n " ++
302
+ " MIIBfTCB/qADAgECAhQ4hHMRAtg46drqmq6GQxeDN1WScDAFBgMrZXEwDzENMAsG\n " ++
303
+ " A1UEAwwEVGVzdDAeFw0xODA4MTUxMTQ1MzRaFw0xODA5MTQxMTQ1MzRaMA8xDTAL\n " ++
304
+ " BgNVBAMMBFRlc3QwQzAFBgMrZXEDOgBMbAytTVwKE9JHijqIy1q+wgs/G235N2w9\n " ++
305
+ " Hfai1DjPd5nyVDeSD+BHiuJZDWfxRe6y34seoIsszQCjUzBRMB0GA1UdDgQWBBQo\n " ++
306
+ " Nz/cV3FL07M93xsySVPHD0nOojAfBgNVHSMEGDAWgBQoNz/cV3FL07M93xsySVPH\n " ++
307
+ " D0nOojAPBgNVHRMBAf8EBTADAQH/MAUGAytlcQNzABqXoKLJjmHK+smSGeh5M0vU\n " ++
308
+ " PbHM3oSuiS25Q5UqHnrrxgyVBvq83/jCpEHc03BOSrMU5fRhbc84AK1kAPeEdGns\n " ++
309
+ " dsG2uVxz0be795jKStt0a0o/w9cN5bd761Oeqoqs8CxWtjALhLu27IiY5uRkG5Uq\n " ++
310
+ " AA==\n " ++
311
+ " -----END CERTIFICATE-----\n "
312
+ ed448Key1 = fromString $
313
+ " -----BEGIN PRIVATE KEY-----\n " ++
314
+ " MEcCAQAwBQYDK2VxBDsEOcYO2tQ1U1vNoCUT0bNXVeausDEkUMmN0RI4ZUWU+9jA\n " ++
315
+ " ZxaQP40ONQ5yQM/V6Nuw3NlDnp8OU9R18Q==\n " ++
316
+ " -----END PRIVATE KEY-----\n "
317
+ ed448Key2 = fromString $
318
+ " -----BEGIN ED448 PRIVATE KEY-----\n " ++
319
+ " MEcCAQAwBQYDK2VxBDsEOcYO2tQ1U1vNoCUT0bNXVeausDEkUMmN0RI4ZUWU+9jA\n " ++
320
+ " ZxaQP40ONQ5yQM/V6Nuw3NlDnp8OU9R18Q==\n " ++
321
+ " -----END ED448 PRIVATE KEY-----\n "
322
+
196
323
memoryKeyTests :: TestTree
197
324
memoryKeyTests = testGroup " Key"
198
325
[ keyTest " RSA" rsaKey1 rsaKey2
199
326
, keyTest " DSA" dsaKey1 dsaKey2
200
327
, keyTest " EC (named curve)" ecKey1Nc ecKey2Nc
201
328
, keyTest " EC (explicit prime curve)" ecKey1Epc ecKey2Epc
329
+ , keyTest " X25519" x25519Key1 x25519Key2
330
+ , keyTest " X448" x448Key1 x448Key2
331
+ , keyTest " Ed25519" ed25519Key1 ed25519Key2
332
+ , keyTest " Ed448" ed448Key1 ed448Key2
202
333
]
203
334
where
204
335
keyTest name outer inner =
@@ -217,6 +348,10 @@ memoryCertificateTests = testGroup "Certificate"
217
348
, certTest " DSA" dsaCertificate
218
349
, certTest " EC (named curve)" ecCertificateNc
219
350
, certTest " EC (explicit prime curve)" ecCertificateEpc
351
+ , certTest " X25519" x25519Certificate
352
+ , certTest " X448" x448Certificate
353
+ , certTest " Ed25519" ed25519Certificate
354
+ , certTest " Ed448" ed448Certificate
220
355
]
221
356
where
222
357
certTest name bytes = testCase name $
0 commit comments