From d477528e67548b864650b43f9df2ff29a41d7c2d Mon Sep 17 00:00:00 2001
From: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Tue, 29 Oct 2024 09:15:50 -0500
Subject: util.crypto: Add more ECC methods

pkey_meth_derive: to derive a shared symmetric key from two ECC keys
pkey_meth_public_raw: to get the raw form of the public key
import_public_ec_raw: to import the raw form of the public key
generate_p256_keypair: key generation for the P-256 curve
---
 spec/util_crypto_spec.lua | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'spec')

diff --git a/spec/util_crypto_spec.lua b/spec/util_crypto_spec.lua
index 77d046ac..4a62e0bc 100644
--- a/spec/util_crypto_spec.lua
+++ b/spec/util_crypto_spec.lua
@@ -3,6 +3,7 @@ local test_keys = require "spec.inputs.test_keys";
 describe("util.crypto", function ()
 	local crypto = require "util.crypto";
 	local random = require "util.random";
+	local encodings = require "util.encodings";
 
 	describe("generate_ed25519_keypair", function ()
 		local keypair = crypto.generate_ed25519_keypair();
@@ -10,6 +11,26 @@ describe("util.crypto", function ()
 		assert.equal("ED25519", keypair:get_type());
 	end)
 
+	describe("generate_p256_keypair", function ()
+		local keypair = crypto.generate_p256_keypair();
+		assert.is_not_nil(keypair);
+		assert.equal("id-ecPublicKey", keypair:get_type());
+	end)
+
+	describe("export/import raw", function ()
+		local keypair = crypto.generate_p256_keypair();
+		assert.is_not_nil(keypair);
+		local raw = keypair:public_raw()
+		local imported = crypto.import_public_ec_raw(raw, "P-256")
+		assert.equal(keypair:public_pem(), imported:public_pem());
+	end)
+
+	describe("derive", function ()
+		local key = crypto.import_private_pem(test_keys.ecdsa_private_pem);
+		local peer_key = crypto.import_public_pem(test_keys.ecdsa_public_pem);
+		assert.equal("n1v4KeKmOVwjC67fiKtjJnqcEaasbpZa2fLPNHW51co=", encodings.base64.encode(key:derive(peer_key)))
+	end)
+
 	describe("import_private_pem", function ()
 		it("can import ECDSA keys", function ()
 			local ecdsa_key = crypto.import_private_pem(test_keys.ecdsa_private_pem);
-- 
cgit v1.2.3