Jerry Yu
59f392cd4d
upgrade server9-bad-saltlen.crt
...
Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core
output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"
subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
-passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
-set_serial 24 -days 3650 \
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
-sigopt rsa_mgf1_md:sha256 -sha256 \
-in server9.csr -out {output_filename}
''',shell=True)
with open(output_filename,'rb') as f:
_,_,der_bytes=pem.unarmor(f.read())
target_certificate=x509.Certificate.load(der_bytes)
with open(tmp_filename,'wb') as f:
f.write(target_certificate['tbs_certificate'].dump())
subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
-sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
shell=True)
with open(tmp1_filename,'rb') as f:
signature_value= core.OctetBitString(f.read())
with open(output_filename,'wb') as f:
target_certificate['signature_value']=signature_value
f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-04 17:30:21 +08:00
