vendor/pkcs5/tests/examples/re-gen.sh

#!/usr/bin/env bash

# http://redsymbol.net/articles/unofficial-bash-strict-mode/
set -euo pipefail
IFS=$'\n\t'

password="hunter2"
passout="pass:${password}"

openssl genrsa -out rsa_sk.pkcs1.pem 1024

openssl pkcs8 -topk8 -in rsa_sk.pkcs1.pem -outform DER -out rsa_sk.pkcs8.der -nocrypt

gen_pkcs8 () {
    local aes_mode="${1:?}"
    local prf="${2:?}"

    openssl pkcs8 \
        -topk8 \
        -in rsa_sk.pkcs1.pem \
        -v2 "$aes_mode" \
        -v2prf "$prf" \
        -iter 10 \
        -passout "$passout" \
        -outform DER -out "rsa_sk_${aes_mode}_${prf}.pkcs8.der"
}

for aes_mode in "aes-128-cbc" "aes-192-cbc" "aes-256-cbc"
do
    for prf in "hmacWithSHA1" "hmacWithSHA224" "hmacWithSHA256" "hmacWithSHA384" "hmacWithSHA512"
    do
        gen_pkcs8 "$aes_mode" "$prf"
    done
done

extract () {
    local aes_mode="${1:?}"
    local prf="${2:?}"
    local algid_len="${3:?}"

    dd bs=1 skip=4 count="$algid_len" if="rsa_sk_${aes_mode}_${prf}.pkcs8.der" of="pbes2_${aes_mode}_${prf}_algid.der"
    dd bs=1 skip="$(expr $algid_len + 8)" if="rsa_sk_${aes_mode}_${prf}.pkcs8.der" of="pbes2_${aes_mode}_${prf}_ciphertext.bin"
}

for aes_mode in "aes-128-cbc" "aes-192-cbc" "aes-256-cbc"
do
    extract "$aes_mode" "hmacWithSHA1" 74

    for prf in "hmacWithSHA224" "hmacWithSHA256" "hmacWithSHA384" "hmacWithSHA512"
    do
        extract "$aes_mode" "$prf" 88
    done
done
chore: checkpoint before Python removal 2026-03-26 22:33:59 +00:00			`#!/usr/bin/env bash`

			`# http://redsymbol.net/articles/unofficial-bash-strict-mode/`
			`set -euo pipefail`
			`IFS=$'\n\t'`

			`password="hunter2"`
			`passout="pass:${password}"`

			`openssl genrsa -out rsa_sk.pkcs1.pem 1024`

			`openssl pkcs8 -topk8 -in rsa_sk.pkcs1.pem -outform DER -out rsa_sk.pkcs8.der -nocrypt`

			`gen_pkcs8 () {`
			`local aes_mode="${1:?}"`
			`local prf="${2:?}"`

			`openssl pkcs8 \`
			`-topk8 \`
			`-in rsa_sk.pkcs1.pem \`
			`-v2 "$aes_mode" \`
			`-v2prf "$prf" \`
			`-iter 10 \`
			`-passout "$passout" \`
			`-outform DER -out "rsa_sk_${aes_mode}_${prf}.pkcs8.der"`
			`}`

			`for aes_mode in "aes-128-cbc" "aes-192-cbc" "aes-256-cbc"`
			`do`
			`for prf in "hmacWithSHA1" "hmacWithSHA224" "hmacWithSHA256" "hmacWithSHA384" "hmacWithSHA512"`
			`do`
			`gen_pkcs8 "$aes_mode" "$prf"`
			`done`
			`done`

			`extract () {`
			`local aes_mode="${1:?}"`
			`local prf="${2:?}"`
			`local algid_len="${3:?}"`

			`dd bs=1 skip=4 count="$algid_len" if="rsa_sk_${aes_mode}_${prf}.pkcs8.der" of="pbes2_${aes_mode}_${prf}_algid.der"`
			`dd bs=1 skip="$(expr $algid_len + 8)" if="rsa_sk_${aes_mode}_${prf}.pkcs8.der" of="pbes2_${aes_mode}_${prf}_ciphertext.bin"`
			`}`

			`for aes_mode in "aes-128-cbc" "aes-192-cbc" "aes-256-cbc"`
			`do`
			`extract "$aes_mode" "hmacWithSHA1" 74`

			`for prf in "hmacWithSHA224" "hmacWithSHA256" "hmacWithSHA384" "hmacWithSHA512"`
			`do`
			`extract "$aes_mode" "$prf" 88`
			`done`
			`done`