Allow rsa2k and nistp local key generation (#80)

* Allow rsa2k and nistp keys generation * Added test case
fortanix · Jul 19, 2024 · 1c98159 · 1c98159
1 parent 9cd2d71
commit 1c98159
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 0 deletions.
diff --git a/sq/Makefile b/sq/Makefile
@@ -62,3 +62,10 @@ test-dsm:
 	./tests/dsm/sq_roundtrips.sh -c nistp384
 	./tests/dsm/sq_roundtrips.sh -c nistp521
 	./tests/dsm/sq_roundtrips.sh -c cv25519
+	./tests/local/generate_keys.sh -c rsa2k
+	./tests/local/generate_keys.sh -c rsa3k
+	./tests/local/generate_keys.sh -c rsa4k
+	./tests/local/generate_keys.sh -c nistp256
+	./tests/local/generate_keys.sh -c nistp384
+	./tests/local/generate_keys.sh -c nistp521
+	./tests/local/generate_keys.sh -c cv25519
diff --git a/sq/src/commands/key.rs b/sq/src/commands/key.rs
@@ -131,12 +131,24 @@ fn generate(config: Config, m: &ArgMatches) -> Result<()> {
 
     // Cipher Suite
     match m.value_of("cipher-suite") {
+        Some("rsa2k") => {
+            builder = builder.set_cipher_suite(CipherSuite::RSA2k);
+        }
         Some("rsa3k") => {
             builder = builder.set_cipher_suite(CipherSuite::RSA3k);
         }
         Some("rsa4k") => {
             builder = builder.set_cipher_suite(CipherSuite::RSA4k);
         }
+        Some("nistp256") => {
+            builder = builder.set_cipher_suite(CipherSuite::P256);
+        }
+        Some("nistp384") => {
+            builder = builder.set_cipher_suite(CipherSuite::P384);
+        }
+        Some("nistp521") => {
+            builder = builder.set_cipher_suite(CipherSuite::P521);
+        }
         Some("cv25519") => {
             builder = builder.set_cipher_suite(CipherSuite::Cv25519);
         }

diff --git a/sq/tests/local/generate_keys.sh b/sq/tests/local/generate_keys.sh
@@ -0,0 +1,17 @@
+#!/bin/bash -e
+
+sq=""
+cipher_suite=""
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+source $SCRIPT_DIR/../dsm/common.sh
+
+# Create a temporary directory to store generated keys
+data=""
+create_tmp_dir data
+
+# Set up a trap to delete the temporary directory upon exit
+trap 'erase_tmp_dir $data' EXIT
+
+# Generate key locally with given cipher-suite
+$sq key generate --userid="Bob Сергeeвич Прокoфьев <[email protected]>" --cipher-suite="$cipher_suite" --export="$data/${cipher_suite}key"