1#!/bin/sh 2# 3# Copyright The Mbed TLS Contributors 4# SPDX-License-Identifier: Apache-2.0 5# 6# Licensed under the Apache License, Version 2.0 (the "License"); you may 7# not use this file except in compliance with the License. 8# You may obtain a copy of the License at 9# 10# http://www.apache.org/licenses/LICENSE-2.0 11# 12# Unless required by applicable law or agreed to in writing, software 13# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 14# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15# See the License for the specific language governing permissions and 16# limitations under the License. 17 18set -e -u 19 20program="${0%/*}"/key_ladder_demo 21files_to_clean= 22 23run () { 24 echo 25 echo "# $1" 26 shift 27 echo "+ $*" 28 "$@" 29} 30 31if [ -e master.key ]; then 32 echo "# Reusing the existing master.key file." 33else 34 files_to_clean="$files_to_clean master.key" 35 run "Generate a master key." \ 36 "$program" generate master=master.key 37fi 38 39files_to_clean="$files_to_clean input.txt hello_world.wrap" 40echo "Here is some input. See it wrapped." >input.txt 41run "Derive a key and wrap some data with it." \ 42 "$program" wrap master=master.key label=hello label=world \ 43 input=input.txt output=hello_world.wrap 44 45files_to_clean="$files_to_clean hello_world.txt" 46run "Derive the same key again and unwrap the data." \ 47 "$program" unwrap master=master.key label=hello label=world \ 48 input=hello_world.wrap output=hello_world.txt 49run "Compare the unwrapped data with the original input." \ 50 cmp input.txt hello_world.txt 51 52files_to_clean="$files_to_clean hellow_orld.txt" 53! run "Derive a different key and attempt to unwrap the data. This must fail." \ 54 "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld 55 56files_to_clean="$files_to_clean hello.key" 57run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \ 58 "$program" save master=master.key label=hello \ 59 input=hello_world.wrap output=hello.key 60run "Check that we get the same key by unwrapping data made by the other key." \ 61 "$program" unwrap master=hello.key label=world \ 62 input=hello_world.wrap output=hello_world.txt 63 64# Cleanup 65rm -f $files_to_clean 66