Gilles Peskine
885bcfc9d0
Merge pull request #7649 from yuhaoth/pr/add-command-for-server9-bad-saltlen
...
Add command for server9-bad-saltlen
2023-11-20 14:07:19 +00:00
Manuel Pégourié-Gonnard
964dee6b3f
Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509
...
X.509: Support driver-only cipher+aead
2023-11-06 09:10:57 +00:00
Dave Rodgman
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Pengyu Lv
2151ba55f6
test_suite_x509write: use plaintext key file
...
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 18:12:04 +08:00
Jerry Yu
6f21dd5694
move script to tests/scripts
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-24 15:45:41 +08:00
Jerry Yu
53a332d970
fix various issues
...
- rename file name from `early_data.txt` to `tls13_early_data.txt`
- fix typo issue
- remove redundant parameter
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-23 13:52:56 +08:00
Jerry Yu
2f3f968033
fix wrong typo and indent issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-18 15:07:10 +08:00
Jerry Yu
ca3790d653
Add server9-bad-saltlen generate command
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-18 15:07:09 +08:00
Jerry Yu
e649cecb43
Add data file for early data input
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:02:01 +08:00
Gilles Peskine
3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509
...
Accept numericoid hexstring x509
2023-09-13 08:54:33 +00:00
Gilles Peskine
2e38a0d603
More spelling corrections
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-12 19:19:31 +02:00
Agathiyan Bragadeesh
a0ba8aab2e
Add test for non ascii x509 subject name
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
dba8a641fe
Add and update tests for x509write and x509parse
...
Due to change in handling non-ascii characters, existing tests had to be
updated to handle the new implementation. New tests and certificates
are added to test the escaping functionality in edge cases.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:52 +01:00
Gilles Peskine
d686c2a822
Merge pull request #7971 from AgathiyanB/fix-data-files-makefile
...
Fix server1.crt.der in tests/data_files/Makefile
2023-08-21 14:43:07 +00:00
Gilles Peskine
dbd13c3689
Merge pull request #7662 from lpy4105/issue/renew_cert_2027-01-01
...
Updating crt/crl files due to expiry before 2027-01-01
2023-08-17 15:38:35 +00:00
Gilles Peskine
d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
...
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
2023-08-16 09:19:46 +00:00
Gilles Peskine
a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier
...
Fixed x509 certificate generation to conform to RFCs when using ECC key
2023-08-07 19:14:54 +00:00
Agathiyan Bragadeesh
8dc913899d
Fix server1.crt.der in makefile
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-24 10:44:00 +01:00
Andrzej Kurek
34ccd8d0b6
Test x509 csr SAN DN and RFC822 generation
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-07-07 08:18:43 -04:00
Jerry Yu
ba3eee7211
Add indent
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-06 10:16:15 +08:00
Jerry Yu
4d31022d90
Add missed intermediate file
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-06 10:16:14 +08:00
Jerry Yu
c5b2e284fa
Remove workaround code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-06 10:16:10 +08:00
Jerry Yu
2ef2e78837
Add commands for test_certs.h
...
And update target file
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-06 10:13:46 +08:00
Jerry Yu
5811869311
Add test_certs.h generate script
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-06 10:13:46 +08:00
Pengyu Lv
b687c03183
Fix the command for server9-sha*.crt
...
The new command could generate
parse_input/server9-sha*.crt correctly.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
49c56e651d
Add target for parse_input/cert_example_multi_nocn.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
19e949e644
Fix typo and long line format
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
736d2bb715
Update crl-rsa-pss-*.pem manually
...
The rules will be in a seperate PR.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Jerry Yu
59f392cd4d
upgrade server9-bad-saltlen.crt
...
Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core
output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"
subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
-passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
-set_serial 24 -days 3650 \
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
-sigopt rsa_mgf1_md:sha256 -sha256 \
-in server9.csr -out {output_filename}
''',shell=True)
with open(output_filename,'rb') as f:
_,_,der_bytes=pem.unarmor(f.read())
target_certificate=x509.Certificate.load(der_bytes)
with open(tmp_filename,'wb') as f:
f.write(target_certificate['tbs_certificate'].dump())
subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
-sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
shell=True)
with open(tmp1_filename,'rb') as f:
signature_value= core.OctetBitString(f.read())
with open(output_filename,'wb') as f:
target_certificate['signature_value']=signature_value
f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
4ad45c01b9
Update server9*.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
8c40c573b2
Add server9-bad-{mgfhash,saltlen}.crt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
b5ac935e44
Add rules to generate server9*.crt
...
Except for server9-bad-saltlen.crt and
server9-bad-mgfhash.crt.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Jerry Yu
4ca9520582
Update server1-nospace.crt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
Jerry Yu
0efdfcbfd3
Update v1 crt files
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
0d545a1815
Update cert_example_multi_nocn.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
e025cb2096
Add rules to generate cert_example_multi_nocn.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
d9ba29733e
Update server5.[e]ku-*.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
1ca5c0eae9
Add rules to generate server5.[e]ku-*.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
5b91dc7265
Update server2.ku-*.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
0063599e6f
Add rules to generate server2.ku-*.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
55ee7f8e13
Add rule for server2-badsign.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Jerry Yu
0f381fd02f
Update test-ca2.ku-*.crt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
Pengyu Lv
5a1dbf3d6e
Fix the rule for server5-ss-forgeca.crt
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-04 17:30:21 +08:00
Jerry Yu
affc294dfe
Add the rule and update server6-ss-child.crt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
Jerry Yu
4d69b29076
Update server5-selfsigned.crt
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
Andrzej Kurek
78ecf41f22
Change spaces to a tab in a makefile recipe
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-30 08:42:05 -04:00
Andrzej Kurek
03478d2b90
Merge branch 'development' into issue/7816/add-commands-for-files-in-parse_input
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-30 14:38:05 +02:00
Pengyu Lv
18730ddbcf
fix fragile way to refer to server1.req.sha256
...
The original varible $< is fragile especially
when there are multiple rules for the same
target.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-06-30 00:23:13 +08:00
Pengyu Lv
ab266491f0
Make parse_input targets depend on files in parse_input if possible
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-06-29 13:06:55 +08:00
Andrzej Kurek
7d55dd2356
Fix malformed directoryName extensions
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-29 10:36:44 +08:00