Merge CAFILE and Certificate
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
parent
b4ac8f3c04
commit
882c30da17
1 changed files with 24 additions and 26 deletions
|
@ -27,32 +27,27 @@ import os
|
||||||
import abc
|
import abc
|
||||||
import argparse
|
import argparse
|
||||||
import itertools
|
import itertools
|
||||||
|
from collections import namedtuple
|
||||||
# pylint: disable=useless-super-delegation
|
# pylint: disable=useless-super-delegation
|
||||||
|
|
||||||
|
# define certificates configuration entry
|
||||||
|
Certificate = namedtuple("Certificate", ['cafile', 'certfile', 'keyfile'])
|
||||||
|
# define the certificate parameters for signature algorithms
|
||||||
CERTIFICATES = {
|
CERTIFICATES = {
|
||||||
'ecdsa_secp256r1_sha256': (
|
'ecdsa_secp256r1_sha256': Certificate('data_files/test-ca2.crt',
|
||||||
'data_files/ecdsa_secp256r1.crt',
|
'data_files/ecdsa_secp256r1.crt',
|
||||||
'data_files/ecdsa_secp256r1.key'),
|
'data_files/ecdsa_secp256r1.key'),
|
||||||
'ecdsa_secp384r1_sha384': (
|
'ecdsa_secp384r1_sha384': Certificate('data_files/test-ca2.crt',
|
||||||
'data_files/ecdsa_secp384r1.crt',
|
'data_files/ecdsa_secp384r1.crt',
|
||||||
'data_files/ecdsa_secp384r1.key'),
|
'data_files/ecdsa_secp384r1.key'),
|
||||||
'ecdsa_secp521r1_sha512': (
|
'ecdsa_secp521r1_sha512': Certificate('data_files/test-ca2.crt',
|
||||||
'data_files/ecdsa_secp521r1.crt',
|
'data_files/ecdsa_secp521r1.crt',
|
||||||
'data_files/ecdsa_secp521r1.key'),
|
'data_files/ecdsa_secp521r1.key'),
|
||||||
'rsa_pss_rsae_sha256': (
|
'rsa_pss_rsae_sha256': Certificate('data_files/test-ca_cat12.crt',
|
||||||
'data_files/server2-sha256.crt', 'data_files/server2.key'
|
'data_files/server2-sha256.crt', 'data_files/server2.key'
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CAFILE = {
|
|
||||||
'ecdsa_secp256r1_sha256': 'data_files/test-ca2.crt',
|
|
||||||
'ecdsa_secp384r1_sha384': 'data_files/test-ca2.crt',
|
|
||||||
'ecdsa_secp521r1_sha512': 'data_files/test-ca2.crt',
|
|
||||||
'rsa_pss_rsae_sha256': 'data_files/test-ca_cat12.crt'
|
|
||||||
}
|
|
||||||
|
|
||||||
CIPHER_SUITE_IANA_VALUE = {
|
CIPHER_SUITE_IANA_VALUE = {
|
||||||
"TLS_AES_128_GCM_SHA256": 0x1301,
|
"TLS_AES_128_GCM_SHA256": 0x1301,
|
||||||
"TLS_AES_256_GCM_SHA384": 0x1302,
|
"TLS_AES_256_GCM_SHA384": 0x1302,
|
||||||
|
@ -160,7 +155,9 @@ class OpenSSLServ(TLSProgram):
|
||||||
|
|
||||||
def cmd(self):
|
def cmd(self):
|
||||||
ret = ['$O_NEXT_SRV_NO_CERT']
|
ret = ['$O_NEXT_SRV_NO_CERT']
|
||||||
for cert, key in self.certificates:
|
for i in self.certificates:
|
||||||
|
print(i)
|
||||||
|
for _, cert, key in self.certificates:
|
||||||
ret += ['-cert {cert} -key {key}'.format(cert=cert, key=key)]
|
ret += ['-cert {cert} -key {key}'.format(cert=cert, key=key)]
|
||||||
ret += ['-accept $SRV_PORT']
|
ret += ['-accept $SRV_PORT']
|
||||||
ciphersuites = ','.join(self.ciphersuites)
|
ciphersuites = ','.join(self.ciphersuites)
|
||||||
|
@ -253,7 +250,7 @@ class GnuTLSServ(TLSProgram):
|
||||||
'--http',
|
'--http',
|
||||||
'--disable-client-cert',
|
'--disable-client-cert',
|
||||||
'--debug=4']
|
'--debug=4']
|
||||||
for cert, key in self.certificates:
|
for _, cert, key in self.certificates:
|
||||||
ret += ['--x509certfile {cert} --x509keyfile {key}'.format(
|
ret += ['--x509certfile {cert} --x509keyfile {key}'.format(
|
||||||
cert=cert, key=key)]
|
cert=cert, key=key)]
|
||||||
priority_strings = ':+'.join(['NONE'] +
|
priority_strings = ':+'.join(['NONE'] +
|
||||||
|
@ -333,7 +330,8 @@ class MbedTLSCli(TLSProgram):
|
||||||
ret += [
|
ret += [
|
||||||
'server_addr=127.0.0.1 server_port=$SRV_PORT',
|
'server_addr=127.0.0.1 server_port=$SRV_PORT',
|
||||||
'debug_level=4 force_version=tls1_3']
|
'debug_level=4 force_version=tls1_3']
|
||||||
ret += ['ca_file={CAFILE}'.format(CAFILE=CAFILE[self._sig_alg])]
|
ret += ['ca_file={cafile}'.format(
|
||||||
|
cafile=CERTIFICATES[self._sig_alg].cafile)]
|
||||||
self.ciphersuites = list(set(self.ciphersuites))
|
self.ciphersuites = list(set(self.ciphersuites))
|
||||||
cipher = ','.join(self.ciphersuites)
|
cipher = ','.join(self.ciphersuites)
|
||||||
if cipher:
|
if cipher:
|
||||||
|
@ -479,8 +477,8 @@ def main():
|
||||||
print(*CLIENT_CLASSES.keys())
|
print(*CLIENT_CLASSES.keys())
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
print(generate_compat_test(server=args.server, client=args.client,
|
print(generate_compat_test(server=args.server, client=args.client, sig_alg=args.sig_alg,
|
||||||
sig_alg=args.sig_alg, cipher=args.cipher, named_group=args.named_group))
|
cipher=args.cipher, named_group=args.named_group))
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue