TMPDIR=${TMPDIR:-/tmp}
-cmkeytool -algo sntrup4591761-x25519 -ku kem -subj A=KEY 5>$TMPDIR/enc.pub 9>$TMPDIR/enc.prv
+cmkeytool -algo sntrup4591761-x25519 -ku kem -sub A=KEY 5>$TMPDIR/enc.pub 9>$TMPDIR/enc.prv
dd if=/dev/urandom of=$TMPDIR/enc.data bs=12K count=1 2>/dev/null
export CMENCTOOL_PASSPHRASE=$(dd if=/dev/urandom bs=32 count=1 2>/dev/null | xxd -p)
balloonparams="-balloon-s 123 -balloon-t 2"
algo=mceliece6960119-x25519
algo0=$algo
test_expect_success "$algo: pub generation" "cmkeytool \
- -algo $algo -ku kem -subj A=$algo \
+ -algo $algo -ku kem -sub A=$algo \
5>$TMPDIR/enc.$algo.pub 9>$TMPDIR/enc.$algo.prv"
algo=sntrup4591761-x25519
algo1=$algo
test_expect_success "$algo: pub generation" "cmkeytool \
- -algo $algo -ku kem -subj A=$algo \
+ -algo $algo -ku kem -sub A=$algo \
5>$TMPDIR/enc.$algo.pub 9>$TMPDIR/enc.$algo.prv"
test_expect_success "encrypting" "
echo "gost3410-512C gost3410-256A
ed25519-blake2b ed25519-blake2b" | while read caAlgo eeAlgo ; do
-subj="-subj CN=CA -subj C=RU"
+sub="-sub CN=CA -sub C=RU"
test_expect_success "$caAlgo: CA load generation" "cmkeytool \
- -algo $caAlgo -ku sig $subj \
+ -algo $caAlgo -ku sig $sub \
5>$TMPDIR/ca.$caAlgo.pub 9>$TMPDIR/ca.$caAlgo.prv"
test_expect_success "$caAlgo: CA generation" "cmkeytool \
4<$TMPDIR/ca.$caAlgo.pub \
test_expect_success "$caAlgo: CA self-signature" "cmkeytool -verify \
4<$TMPDIR/ca.$caAlgo.pub <$TMPDIR/ca.$caAlgo.pub"
-subj="-subj CN=SubCA -subj C=RU"
+sub="-sub CN=SubCA -sub C=RU"
test_expect_success "$eeAlgo: SubCA load generation" "cmkeytool \
- -algo $eeAlgo -ku sig $subj \
+ -algo $eeAlgo -ku sig $sub \
5>$TMPDIR/subca.$eeAlgo.pub 9>$TMPDIR/subca.$eeAlgo.prv"
test_expect_success "$eeAlgo: SubCA generation" "cmkeytool \
4<$TMPDIR/ca.$caAlgo.pub \
test_expect_success "$eeAlgo: SubCA signature" "cmkeytool -verify \
4<$TMPDIR/ca.$caAlgo.pub <$TMPDIR/subca.$eeAlgo.pub"
-subj="-subj CN=EE -subj C=RU"
+sub="-sub CN=EE -sub C=RU"
test_expect_success "$eeAlgo: EE load generation" "cmkeytool \
- -algo $eeAlgo $subj \
+ -algo $eeAlgo $sub \
5>$TMPDIR/ee.$eeAlgo.pub 9>$TMPDIR/ee.$eeAlgo.prv"
test_expect_success "$eeAlgo: EE generation" "cmkeytool \
4<$TMPDIR/subca.$eeAlgo.pub \
test_expect_success "$algo: generation" "cmkeytool \
-algo $algo \
- -ku kem -subj CN=DH 5>$TMPDIR/kem.$algo.pub 9>$TMPDIR/kem.$algo.prv"
+ -ku kem -sub CN=DH 5>$TMPDIR/kem.$algo.pub 9>$TMPDIR/kem.$algo.prv"
done
func main() {
flag.Usage = usage
ku := make(map[string]*struct{})
- subj := make(map[string]string)
+ sub := make(map[string]string)
flag.Func(
"ku",
"Optional key usage, can be specified multiple times",
},
)
flag.Func(
- "subj",
+ "sub",
"Part of subject, key=value, can be specified multiple times",
func(v string) error {
s := strings.SplitN(v, "=", 2)
if len(s) != 2 {
return errors.New("invalid key=value")
}
- subj[s[0]] = s[1]
+ sub[s[0]] = s[1]
return nil
},
)
fdPrvW := os.NewFile(FdPrvW, "prv-out")
var doCertify bool
- if len(subj) == 0 && !*verify {
+ if len(sub) == 0 && !*verify {
doCertify = true
}
}
}
{
- pubLoad = &sign.PubLoad{Subj: subj, Pub: []cm.AV{{A: *algo, V: pub}}}
+ pubLoad = &sign.PubLoad{Sub: sub, Pub: []cm.AV{{A: *algo, V: pub}}}
var hasher hash.Hash
switch *algo {
case ed25519blake2b.Ed25519BLAKE2b, sntrup4591761x25519.SNTRUP4591761X25519:
func usage() {
fmt.Fprintf(os.Stderr, `Usage:
Generate public key load:
- cmkeytool -subj K=V [-subj K=V ...] [-algo ALGO] [-ku KU ...] 5>PUB 9>PRV
+ cmkeytool -sub K=V [-sub K=V ...] [-algo ALGO] [-ku KU ...] 5>PUB 9>PRV
Certify public key:
cmkeytool [-lifetime DAYS] [-since DATE] 4<CA-PUB 8<CA-PRV <PUB
Verify certification:
gost3410-256A
ed25519-blake2b" | while read keyalgo ; do
-subj="-subj what=ever"
+sub="-sub what=ever"
typ="some-different-type"
test_expect_success "$keyalgo: pub generation" "cmkeytool \
- -algo $keyalgo -ku sig $subj \
+ -algo $keyalgo -ku sig $sub \
5>$TMPDIR/sign.$keyalgo.pub 9>$TMPDIR/sign.$keyalgo.prv"
dd if=/dev/urandom of=$TMPDIR/sign.$keyalgo.data bs=300K count=1 2>/dev/null
encTo="-encrypted-to $(uuidgen)"
// Public key load.
type PubLoad struct {
KU *map[string]*struct{} `keks:"ku,omitempty"`
- Subj map[string]string `keks:"sub"`
+ Sub map[string]string `keks:"sub"`
Crit *[]map[string]any `keks:"crit,omitempty"`
Pub []cm.AV `keks:"pub"`
Id uuid.UUID `keks:"id"`
}
}
}
- if len(load.Subj) == 0 {
+ if len(load.Sub) == 0 {
return errors.New("PubParse: empty sub")
}
if load.Crit != nil {