yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

rename ecdsa_secp*sha* to ecdsa_secp*

Browse source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-11-30 11:19:41 +08:00
parent 7f5e5adfa3
commit dda036d8e0
12 changed files with 647 additions and 442 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
tests/data_files/Makefile
View file

@ -1088,41 +1088,42 @@ cert_md5.crt: cert_md5.csr
all_final += cert_md5.crt
# TLSv1.3 test certificates
ecdsa_secp256r1_sha256.key: ec_256_prv.pem
ecdsa_secp256r1.key: ec_256_prv.pem
ln -s $< $@
ecdsa_secp256r1_sha256.csr: ecdsa_secp256r1_sha256.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
-key $< -out $@
all_intermediate += ecdsa_secp256r1_sha256.csr
ecdsa_secp256r1_sha256.crt: ecdsa_secp256r1_sha256.csr
$(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
-set_serial 77 -days 3653 -sha256 -in $< -out $@
all_final += ecdsa_secp256r1_sha256.crt ecdsa_secp256r1_sha256.key
tls13_certs: ecdsa_secp256r1_sha256.crt ecdsa_secp256r1_sha256.key
ecdsa_secp384r1_sha384.key: ec_384_prv.pem
ln -s $< $@
ecdsa_secp384r1_sha384.csr: ecdsa_secp384r1_sha384.key
ecdsa_secp256r1.csr: ecdsa_secp256r1.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
-key $< -out $@
all_intermediate += ecdsa_secp384r1_sha384.csr
ecdsa_secp384r1_sha384.crt: ecdsa_secp384r1_sha384.csr
all_intermediate += ecdsa_secp256r1.csr
ecdsa_secp256r1.crt: ecdsa_secp256r1.csr
$(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
-set_serial 77 -days 3653 -sha384 -in $< -out $@
all_final += ecdsa_secp384r1_sha384.crt ecdsa_secp384r1_sha384.key
tls13_certs: ecdsa_secp384r1_sha384.crt ecdsa_secp384r1_sha384.key
all_final += ecdsa_secp256r1.crt ecdsa_secp256r1.key
tls13_certs: ecdsa_secp256r1.crt ecdsa_secp256r1.key
ecdsa_secp521r1_sha512.key: ec_521_prv.pem
ecdsa_secp384r1.key: ec_384_prv.pem
ln -s $< $@
ecdsa_secp521r1_sha512.csr: ecdsa_secp521r1_sha512.key
ecdsa_secp384r1.csr: ecdsa_secp384r1.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
-key $< -out $@
all_intermediate += ecdsa_secp521r1_sha512.csr
ecdsa_secp521r1_sha512.crt: ecdsa_secp521r1_sha512.csr
all_intermediate += ecdsa_secp384r1.csr
ecdsa_secp384r1.crt: ecdsa_secp384r1.csr
$(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
-set_serial 77 -days 3653 -sha512 -in $< -out $@
all_final += ecdsa_secp521r1_sha512.crt ecdsa_secp521r1_sha512.key
tls13_certs: ecdsa_secp521r1_sha512.crt ecdsa_secp521r1_sha512.key
-set_serial 77 -days 3653 -sha384 -in $< -out $@
all_final += ecdsa_secp384r1.crt ecdsa_secp384r1.key
tls13_certs: ecdsa_secp384r1.crt ecdsa_secp384r1.key
ecdsa_secp521r1.key: ec_521_prv.pem
ln -s $< $@
ecdsa_secp521r1.csr: ecdsa_secp521r1.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
-key $< -out $@
all_intermediate += ecdsa_secp521r1.csr
ecdsa_secp521r1.crt: ecdsa_secp521r1.csr
$(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
-set_serial 77 -days 3653 -sha384 -in $< -out $@
all_final += ecdsa_secp521r1.crt ecdsa_secp521r1.key
tls13_certs: ecdsa_secp521r1.crt ecdsa_secp521r1.key
################################################################
#### Diffie-Hellman parameters

10
tests/data_files/ecdsa_secp256r1.crt Normal file
View file

@ -0,0 +1,10 @@
-----BEGIN CERTIFICATE-----
MIIBejCCAQACAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEz
MDAzMDgwMVoXDTMxMTIwMTAzMDgwMVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjO
PQMBBwNCAAR3cmVvgUs5knnV4fF4H6xvCZo8XKGw41NRg0sItl4LVyWQza+PdpNh
vPNKz8EeXgdOhCa93gS+bmU5RUSWF95FMAoGCCqGSM49BAMDA2gAMGUCMA06tTwD
M1t8Chka41h1JKu4d0RsGk0MoinT9MxTAE/61ScZh5lKspOKrcavJ0maUQIxAIuj
rarmd8+OyftTRp6Wpwwfpskdb7nm44YX6eZu/Odjfq/RAdhIcn4P9QXtOgVrbw==
-----END CERTIFICATE-----

0
tests/data_files/ecdsa_secp256r1_sha256.key → tests/data_files/ecdsa_secp256r1.key
View file

10
tests/data_files/ecdsa_secp256r1_sha256.crt
View file

@ -1,10 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBejCCAQACAU0wCgYIKoZIzj0EAwIwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEy
MjAzMTQyOVoXDTMxMTEyMzAzMTQyOVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjO
PQMBBwNCAAR3cmVvgUs5knnV4fF4H6xvCZo8XKGw41NRg0sItl4LVyWQza+PdpNh
vPNKz8EeXgdOhCa93gS+bmU5RUSWF95FMAoGCCqGSM49BAMCA2gAMGUCMQC2n8wV
FGkDUu0O1sUmTfZ9hxj9YxmddY3xStnicIVxIwRtGh1ZEinAUlAUFOVSKvcCMEGb
e9ap8blL/MIPywf6vr4WWo0GnTgD0XPwgVu8QrXwaHzhgF+x4S+qm3XLosgCjA==
-----END CERTIFICATE-----

11
tests/data_files/ecdsa_secp384r1.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBlzCCAR0CAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEz
MDAzMDgwMVoXDTMxMTIwMTAzMDgwMVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwdjAQBgcqhkjOPQIBBgUrgQQA
IgNiAATZxmK1C6KcpHmQRQ4EOur08MabFWdtES9iKnHJMFmvmZaRxWgNK0TREVed
sS9KQTou1cRfz7Z7W2PgC5Hr5Z0JprGsLAxCgqoSMX7VkU+Zm8SIuxMug0LMNvLK
XjN5x0cwCgYIKoZIzj0EAwMDaAAwZQIwNypsq0ahwMM7aFSS+RSTloH1D1+gIztz
Yq54Reth6gdh1IO5R5aNZi/YP3uVcI1mAjEAisjjz7vCeKwor+HCq9cBc2rzIlkY
5O6q4SCSgkqiCTnyFIqCassED9NPqho3KYM1
-----END CERTIFICATE-----

0
tests/data_files/ecdsa_secp384r1_sha384.key → tests/data_files/ecdsa_secp384r1.key
View file

11
tests/data_files/ecdsa_secp384r1_sha384.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBljCCAR0CAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEy
MjAzMTQyOVoXDTMxMTEyMzAzMTQyOVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwdjAQBgcqhkjOPQIBBgUrgQQA
IgNiAATZxmK1C6KcpHmQRQ4EOur08MabFWdtES9iKnHJMFmvmZaRxWgNK0TREVed
sS9KQTou1cRfz7Z7W2PgC5Hr5Z0JprGsLAxCgqoSMX7VkU+Zm8SIuxMug0LMNvLK
XjN5x0cwCgYIKoZIzj0EAwMDZwAwZAIwXT9d8T51CEKEEmAoIM+C5hpUR2wZA0h4
MhEBNztbMPZbmCDsYCMCSfPX8WZd0j0GAjAIc8t/78oYiB/JerLS6tft4QVi+x0x
DeTGA3ubd7Jv4f8slit7DCGwjcvj1Gst8uE=
-----END CERTIFICATE-----

12
tests/data_files/ecdsa_secp521r1.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBvjCCAUMCAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEz
MDAzMDgwMVoXDTMxMTIwMTAzMDgwMVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwgZswEAYHKoZIzj0CAQYFK4EE
ACMDgYYABAAd4ULVT2nrA47kt6+dPKB3Nv2c9xnrNU1ph57n88E2+w+/nwj4a+X6
Eo7BoFHT5sZD6Fraj/rPNmPCYL0shEtvVgDO6OSKnmXQnK3YnyNd7gXzuKZGvnFf
H2fVtDTg/yOh/Afvd0AZPkDu/287zf12WqkVUDNST+TyBfVETiksTC9qwTAKBggq
hkjOPQQDAwNpADBmAjEAlC7039gDSgm9Ba8cCnZLWucXbtCbhRGSvVcoElYke/pu
iwHkD1rVlnUmW3UKG587AjEAkIngapC9Hyc6MePmyafLYoLmbhDJMdR2DM4o+x8e
2ZXUu7uLPTdWBDxmu6plRNis
-----END CERTIFICATE-----

0
tests/data_files/ecdsa_secp521r1_sha512.key → tests/data_files/ecdsa_secp521r1.key
View file

12
tests/data_files/ecdsa_secp521r1_sha512.crt
View file

@ -1,12 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBvDCCAUMCAU0wCgYIKoZIzj0EAwQwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEy
MjAzMTQyOVoXDTMxMTEyMzAzMTQyOVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwgZswEAYHKoZIzj0CAQYFK4EE
ACMDgYYABAAd4ULVT2nrA47kt6+dPKB3Nv2c9xnrNU1ph57n88E2+w+/nwj4a+X6
Eo7BoFHT5sZD6Fraj/rPNmPCYL0shEtvVgDO6OSKnmXQnK3YnyNd7gXzuKZGvnFf
H2fVtDTg/yOh/Afvd0AZPkDu/287zf12WqkVUDNST+TyBfVETiksTC9qwTAKBggq
hkjOPQQDBANnADBkAjAxYbmIs+xKIvDgqE7uNOgqfVk4iEF9w5B4DQDXb7kbu4rg
4QvqPhyBhptFiJabe9kCMFF1FKuHSQoMmZ1/yjBZg8r4/P8xKSY8W9ujHdam3jWK
b8Ygw4ENklSl1cuHMLupMw==
-----END CERTIFICATE-----

951
tests/opt-testcases/tls13-compat.sh
View file

File diff suppressed because it is too large Load diff

23
tests/scripts/generate_tls13_compat_tests.py
View file

@ -23,6 +23,7 @@ Generate TLSv1.3 Compat test cases
"""
import sys
import os
import abc
import argparse
import itertools
@ -31,14 +32,14 @@ import itertools
CERTIFICATES = {
'ecdsa_secp256r1_sha256': (
'data_files/ecdsa_secp256r1_sha256.crt',
'data_files/ecdsa_secp256r1_sha256.key'),
'data_files/ecdsa_secp256r1.crt',
'data_files/ecdsa_secp256r1.key'),
'ecdsa_secp384r1_sha384': (
'data_files/ecdsa_secp384r1_sha384.crt',
'data_files/ecdsa_secp384r1_sha384.key'),
'data_files/ecdsa_secp384r1.crt',
'data_files/ecdsa_secp384r1.key'),
'ecdsa_secp521r1_sha512': (
'data_files/ecdsa_secp521r1_sha512.crt',
'data_files/ecdsa_secp521r1_sha512.key'),
'data_files/ecdsa_secp521r1.crt',
'data_files/ecdsa_secp521r1.key'),
'rsa_pss_rsae_sha256': (
'data_files/server2-sha256.crt', 'data_files/server2.key'
)
@ -256,7 +257,7 @@ class GnuTLSServ(TLSProgram):
ret += ['--x509certfile {cert} --x509keyfile {key}'.format(
cert=cert, key=key)]
priority_strings = ':+'.join(['NONE'] +
list(set(self.priority_strings)) +
list(sorted(self.priority_strings)) +
['VERS-TLS1.3'])
priority_strings += ':%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE'
ret += ['--priority={priority_strings}'.format(
@ -357,7 +358,7 @@ def generate_compat_test(server=None, client=None, cipher=None, # pylint: disab
"""
Generate test case with `ssl-opt.sh` format.
"""
name = 'TLS1.3 {client[0]}->{server[0]}: {cipher},{named_group},{sig_alg}'.format(
name = 'TLS 1.3 {client[0]}->{server[0]}: {cipher},{named_group},{sig_alg}'.format(
client=client, server=server, cipher=cipher, sig_alg=sig_alg, named_group=named_group)
server = SERVER_CLS[server](cipher, sig_alg, named_group)
client = CLIENT_CLS[client](cipher, sig_alg, named_group)
@ -402,6 +403,9 @@ SSL_OUTPUT_HEADER = '''#!/bin/sh
def main():
"""
Main function of this program
"""
parser = argparse.ArgumentParser()
parser.add_argument('-o', '--output', nargs='?',
@ -453,8 +457,9 @@ def main():
if args.generate_all_tls13_compat_tests:
if args.output:
with open(args.output, 'w', encoding="utf-8") as f:
f.write(SSL_OUTPUT_HEADER.format(filename=args.output))
f.write(SSL_OUTPUT_HEADER.format(filename=os.path.basename(args.output)))
f.write('\n\n'.join(get_all_test_cases()))
f.write('\n')
else:
print('\n'.join(get_all_test_cases()))
return 0