yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add rules to generate cert_example_multi_nocn.crt

Browse source 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv 2023-05-18 10:10:39 +08:00
parent d9ba29733e
commit e025cb2096
2 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
tests/data_files/Makefile
View file

@ -60,6 +60,14 @@ test-ca.key.der: $(test_ca_key_file_rsa)
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)" $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)"
all_final += test-ca.key.der all_final += test-ca.key.der
# This is only used for generating cert_example_multi_nocn.crt
test-ca_nocn.crt: $(test_ca_key_file_rsa)
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 selfsign=1 \
subject_key=$(test_ca_key_file_rsa) subject_pwd=$(test_ca_pwd_rsa) subject_name="C=NL" \
issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) issuer_name="C=NL" \
not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
all_intermediate += test-ca_nocn.crt
test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
all_final += test-ca-sha1.crt all_final += test-ca-sha1.crt
@ -99,6 +107,14 @@ parse_input/cert_example_multi.crt cert_example_multi.crt: cert_example_multi.cs
-passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 \ -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 \
-in $< > $@ -in $< > $@
cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem
$(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL'
all_intermediate += cert_example_multi_nocn.csr
cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt
$(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@
all_final += cert_example_multi_nocn.crt
parse_input/test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem parse_input/test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem
$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage
parse_input/test_csr_v3_subjectAltName.csr.der: rsa_pkcs1_1024_clear.pem parse_input/test_csr_v3_subjectAltName.csr.der: rsa_pkcs1_1024_clear.pem

5
tests/data_files/test-ca.opensslconf
View file

@ -41,6 +41,11 @@ DNS.3=*.example.org
[multiple_san] [multiple_san]
subjectAltName=@alt_names subjectAltName=@alt_names
[ext_multi_nocn]
basicConstraints = CA:false
keyUsage = digitalSignature, nonRepudiation, keyEncipherment
subjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144
[hw_module_name] [hw_module_name]
hwtype = OID:1.3.6.1.4.1.17.3 hwtype = OID:1.3.6.1.4.1.17.3
hwserial = OCT:123456 hwserial = OCT:123456