mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:15:37 +01:00
Merge remote-tracking branch 'public/pr/2429' into mbedtls-2.16
* public/pr/2429: Add ChangeLog entry for unused bits in bitstrings Improve docs for ASN.1 bitstrings and their usage Add tests for (named) bitstring to suite_asn1write Fix ASN1 bitstring writing
This commit is contained in:
commit
e6a3f57898
@ -26,6 +26,12 @@ Bugfix
|
|||||||
* Fix returning the value 1 when mbedtls_ecdsa_genkey failed.
|
* Fix returning the value 1 when mbedtls_ecdsa_genkey failed.
|
||||||
* Fix false failure in all.sh when backup files exist in include/mbedtls
|
* Fix false failure in all.sh when backup files exist in include/mbedtls
|
||||||
(e.g. config.h.bak). Fixed by Peter Kolbus (Garmin) #2407.
|
(e.g. config.h.bak). Fixed by Peter Kolbus (Garmin) #2407.
|
||||||
|
* Ensure that unused bits are zero when writing ASN.1 bitstrings when using
|
||||||
|
mbedtls_asn1_write_bitstring().
|
||||||
|
* Fix issue when writing the named bitstrings in KeyUsage and NsCertType
|
||||||
|
extensions in CSRs and CRTs that caused these bitstrings to not be encoded
|
||||||
|
correctly as trailing zeroes were not accounted for as unused bits in the
|
||||||
|
leading content octet. Fixes #1610.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Include configuration file in all header files that use configuration,
|
* Include configuration file in all header files that use configuration,
|
||||||
|
@ -205,6 +205,14 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty
|
|||||||
* \param key_usage key usage flags to set
|
* \param key_usage key usage flags to set
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
|
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
|
||||||
|
*
|
||||||
|
* \note The <code>decipherOnly</code> flag from the Key Usage
|
||||||
|
* extension is represented by bit 8 (i.e.
|
||||||
|
* <code>0x8000</code>), which cannot typically be represented
|
||||||
|
* in an unsigned char. Therefore, the flag
|
||||||
|
* <code>decipherOnly</code> (i.e.
|
||||||
|
* #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
|
||||||
|
* function.
|
||||||
*/
|
*/
|
||||||
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
|
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
|
||||||
|
|
||||||
|
@ -294,22 +294,28 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
|
|||||||
const unsigned char *buf, size_t bits )
|
const unsigned char *buf, size_t bits )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t len = 0, size;
|
size_t len = 0;
|
||||||
|
size_t unused_bits, byte_len;
|
||||||
|
|
||||||
size = ( bits / 8 ) + ( ( bits % 8 ) ? 1 : 0 );
|
byte_len = ( bits + 7 ) / 8;
|
||||||
|
unused_bits = ( byte_len * 8 ) - bits;
|
||||||
|
|
||||||
// Calculate byte length
|
if( *p < start || (size_t)( *p - start ) < byte_len + 1 )
|
||||||
//
|
|
||||||
if( *p < start || (size_t)( *p - start ) < size + 1 )
|
|
||||||
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
|
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
|
||||||
|
|
||||||
len = size + 1;
|
len = byte_len + 1;
|
||||||
(*p) -= size;
|
|
||||||
memcpy( *p, buf, size );
|
|
||||||
|
|
||||||
// Write unused bits
|
/* Write the bitstring. Ensure the unused bits are zeroed */
|
||||||
//
|
if( byte_len > 0 )
|
||||||
*--(*p) = (unsigned char) (size * 8 - bits);
|
{
|
||||||
|
byte_len--;
|
||||||
|
*--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 );
|
||||||
|
( *p ) -= byte_len;
|
||||||
|
memcpy( *p, buf, byte_len );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Write unused bits */
|
||||||
|
*--( *p ) = (unsigned char)unused_bits;
|
||||||
|
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
|
||||||
|
@ -218,26 +218,51 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SHA1_C */
|
#endif /* MBEDTLS_SHA1_C */
|
||||||
|
|
||||||
|
static size_t crt_get_unused_bits_for_named_bitstring( unsigned char bitstring,
|
||||||
|
size_t bit_offset )
|
||||||
|
{
|
||||||
|
size_t unused_bits;
|
||||||
|
|
||||||
|
/* Count the unused bits removing trailing 0s */
|
||||||
|
for( unused_bits = bit_offset; unused_bits < 8; unused_bits++ )
|
||||||
|
if( ( ( bitstring >> unused_bits ) & 0x1 ) != 0 )
|
||||||
|
break;
|
||||||
|
|
||||||
|
return( unused_bits );
|
||||||
|
}
|
||||||
|
|
||||||
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
|
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
|
||||||
unsigned int key_usage )
|
unsigned int key_usage )
|
||||||
{
|
{
|
||||||
unsigned char buf[4], ku;
|
unsigned char buf[4], ku;
|
||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
int ret;
|
int ret;
|
||||||
|
size_t unused_bits;
|
||||||
|
const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
|
||||||
|
MBEDTLS_X509_KU_NON_REPUDIATION |
|
||||||
|
MBEDTLS_X509_KU_KEY_ENCIPHERMENT |
|
||||||
|
MBEDTLS_X509_KU_DATA_ENCIPHERMENT |
|
||||||
|
MBEDTLS_X509_KU_KEY_AGREEMENT |
|
||||||
|
MBEDTLS_X509_KU_KEY_CERT_SIGN |
|
||||||
|
MBEDTLS_X509_KU_CRL_SIGN;
|
||||||
|
|
||||||
/* We currently only support 7 bits, from 0x80 to 0x02 */
|
/* Check that nothing other than the allowed flags is set */
|
||||||
if( ( key_usage & ~0xfe ) != 0 )
|
if( ( key_usage & ~allowed_bits ) != 0 )
|
||||||
return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
|
return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
|
||||||
|
|
||||||
c = buf + 4;
|
c = buf + 4;
|
||||||
ku = (unsigned char) key_usage;
|
ku = (unsigned char)key_usage;
|
||||||
|
unused_bits = crt_get_unused_bits_for_named_bitstring( ku, 1 );
|
||||||
|
ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 8 - unused_bits );
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 7 ) ) != 4 )
|
if( ret < 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
else if( ret < 3 || ret > 4 )
|
||||||
|
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
|
||||||
|
|
||||||
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
|
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
|
||||||
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
|
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
|
||||||
1, buf, 4 );
|
1, c, (size_t)ret );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
@ -249,16 +274,22 @@ int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
|
|||||||
{
|
{
|
||||||
unsigned char buf[4];
|
unsigned char buf[4];
|
||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
|
size_t unused_bits;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
c = buf + 4;
|
c = buf + 4;
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
|
unused_bits = crt_get_unused_bits_for_named_bitstring( ns_cert_type, 0 );
|
||||||
|
ret = mbedtls_asn1_write_bitstring( &c,
|
||||||
|
buf,
|
||||||
|
&ns_cert_type,
|
||||||
|
8 - unused_bits );
|
||||||
|
if( ret < 3 || ret > 4 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
|
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
|
||||||
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
|
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
|
||||||
0, buf, 4 );
|
0, c, (size_t)ret );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
|
@ -81,20 +81,39 @@ int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
|
|||||||
0, val, val_len );
|
0, val, val_len );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static size_t csr_get_unused_bits_for_named_bitstring( unsigned char bitstring,
|
||||||
|
size_t bit_offset )
|
||||||
|
{
|
||||||
|
size_t unused_bits;
|
||||||
|
|
||||||
|
/* Count the unused bits removing trailing 0s */
|
||||||
|
for( unused_bits = bit_offset; unused_bits < 8; unused_bits++ )
|
||||||
|
if( ( ( bitstring >> unused_bits ) & 0x1 ) != 0 )
|
||||||
|
break;
|
||||||
|
|
||||||
|
return( unused_bits );
|
||||||
|
}
|
||||||
|
|
||||||
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
|
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
|
||||||
{
|
{
|
||||||
unsigned char buf[4];
|
unsigned char buf[4];
|
||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
|
size_t unused_bits;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
c = buf + 4;
|
c = buf + 4;
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
|
unused_bits = csr_get_unused_bits_for_named_bitstring( key_usage, 0 );
|
||||||
|
ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 8 - unused_bits );
|
||||||
|
|
||||||
|
if( ret < 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
else if( ret < 3 || ret > 4 )
|
||||||
|
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
|
||||||
|
|
||||||
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
|
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
|
||||||
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
|
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
|
||||||
buf, 4 );
|
c, (size_t)ret );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
@ -106,16 +125,25 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
|
|||||||
{
|
{
|
||||||
unsigned char buf[4];
|
unsigned char buf[4];
|
||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
|
size_t unused_bits;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
c = buf + 4;
|
c = buf + 4;
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
|
unused_bits = csr_get_unused_bits_for_named_bitstring( ns_cert_type, 0 );
|
||||||
|
ret = mbedtls_asn1_write_bitstring( &c,
|
||||||
|
buf,
|
||||||
|
&ns_cert_type,
|
||||||
|
8 - unused_bits );
|
||||||
|
|
||||||
|
if( ret < 0 )
|
||||||
|
return( ret );
|
||||||
|
else if( ret < 3 || ret > 4 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
|
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
|
||||||
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
|
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
|
||||||
buf, 4 );
|
c, (size_t)ret );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
|
@ -65,7 +65,9 @@ int main( void )
|
|||||||
#define DFL_OUTPUT_FILENAME "cert.req"
|
#define DFL_OUTPUT_FILENAME "cert.req"
|
||||||
#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK"
|
#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK"
|
||||||
#define DFL_KEY_USAGE 0
|
#define DFL_KEY_USAGE 0
|
||||||
|
#define DFL_FORCE_KEY_USAGE 0
|
||||||
#define DFL_NS_CERT_TYPE 0
|
#define DFL_NS_CERT_TYPE 0
|
||||||
|
#define DFL_FORCE_NS_CERT_TYPE 0
|
||||||
#define DFL_MD_ALG MBEDTLS_MD_SHA256
|
#define DFL_MD_ALG MBEDTLS_MD_SHA256
|
||||||
|
|
||||||
#define USAGE \
|
#define USAGE \
|
||||||
@ -85,6 +87,8 @@ int main( void )
|
|||||||
" key_agreement\n" \
|
" key_agreement\n" \
|
||||||
" key_cert_sign\n" \
|
" key_cert_sign\n" \
|
||||||
" crl_sign\n" \
|
" crl_sign\n" \
|
||||||
|
" force_key_usage=0/1 default: off\n" \
|
||||||
|
" Add KeyUsage even if it is empty\n" \
|
||||||
" ns_cert_type=%%s default: (empty)\n" \
|
" ns_cert_type=%%s default: (empty)\n" \
|
||||||
" Comma-separated-list of values:\n" \
|
" Comma-separated-list of values:\n" \
|
||||||
" ssl_client\n" \
|
" ssl_client\n" \
|
||||||
@ -94,6 +98,8 @@ int main( void )
|
|||||||
" ssl_ca\n" \
|
" ssl_ca\n" \
|
||||||
" email_ca\n" \
|
" email_ca\n" \
|
||||||
" object_signing_ca\n" \
|
" object_signing_ca\n" \
|
||||||
|
" force_ns_cert_type=0/1 default: off\n" \
|
||||||
|
" Add NsCertType even if it is empty\n" \
|
||||||
" md=%%s default: SHA256\n" \
|
" md=%%s default: SHA256\n" \
|
||||||
" possible values:\n" \
|
" possible values:\n" \
|
||||||
" MD4, MD5, SHA1\n" \
|
" MD4, MD5, SHA1\n" \
|
||||||
@ -123,7 +129,9 @@ struct options
|
|||||||
const char *output_file; /* where to store the constructed key file */
|
const char *output_file; /* where to store the constructed key file */
|
||||||
const char *subject_name; /* subject name for certificate request */
|
const char *subject_name; /* subject name for certificate request */
|
||||||
unsigned char key_usage; /* key usage flags */
|
unsigned char key_usage; /* key usage flags */
|
||||||
|
int force_key_usage; /* Force adding the KeyUsage extension */
|
||||||
unsigned char ns_cert_type; /* NS cert type */
|
unsigned char ns_cert_type; /* NS cert type */
|
||||||
|
int force_ns_cert_type; /* Force adding NsCertType extension */
|
||||||
mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */
|
mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
@ -190,7 +198,9 @@ int main( int argc, char *argv[] )
|
|||||||
opt.output_file = DFL_OUTPUT_FILENAME;
|
opt.output_file = DFL_OUTPUT_FILENAME;
|
||||||
opt.subject_name = DFL_SUBJECT_NAME;
|
opt.subject_name = DFL_SUBJECT_NAME;
|
||||||
opt.key_usage = DFL_KEY_USAGE;
|
opt.key_usage = DFL_KEY_USAGE;
|
||||||
|
opt.force_key_usage = DFL_FORCE_KEY_USAGE;
|
||||||
opt.ns_cert_type = DFL_NS_CERT_TYPE;
|
opt.ns_cert_type = DFL_NS_CERT_TYPE;
|
||||||
|
opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE;
|
||||||
opt.md_alg = DFL_MD_ALG;
|
opt.md_alg = DFL_MD_ALG;
|
||||||
|
|
||||||
for( i = 1; i < argc; i++ )
|
for( i = 1; i < argc; i++ )
|
||||||
@ -292,6 +302,15 @@ int main( int argc, char *argv[] )
|
|||||||
q = r;
|
q = r;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "force_key_usage" ) == 0 )
|
||||||
|
{
|
||||||
|
switch( atoi( q ) )
|
||||||
|
{
|
||||||
|
case 0: opt.force_key_usage = 0; break;
|
||||||
|
case 1: opt.force_key_usage = 1; break;
|
||||||
|
default: goto usage;
|
||||||
|
}
|
||||||
|
}
|
||||||
else if( strcmp( p, "ns_cert_type" ) == 0 )
|
else if( strcmp( p, "ns_cert_type" ) == 0 )
|
||||||
{
|
{
|
||||||
while( q != NULL )
|
while( q != NULL )
|
||||||
@ -319,16 +338,25 @@ int main( int argc, char *argv[] )
|
|||||||
q = r;
|
q = r;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "force_ns_cert_type" ) == 0 )
|
||||||
|
{
|
||||||
|
switch( atoi( q ) )
|
||||||
|
{
|
||||||
|
case 0: opt.force_ns_cert_type = 0; break;
|
||||||
|
case 1: opt.force_ns_cert_type = 1; break;
|
||||||
|
default: goto usage;
|
||||||
|
}
|
||||||
|
}
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg );
|
mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg );
|
||||||
|
|
||||||
if( opt.key_usage )
|
if( opt.key_usage || opt.force_key_usage == 1 )
|
||||||
mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage );
|
mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage );
|
||||||
|
|
||||||
if( opt.ns_cert_type )
|
if( opt.ns_cert_type || opt.force_ns_cert_type == 1 )
|
||||||
mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
|
mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -16,7 +16,6 @@ FAKETIME ?= faketime
|
|||||||
MBEDTLS_CERT_WRITE ?= $(PWD)/../../programs/x509/cert_write
|
MBEDTLS_CERT_WRITE ?= $(PWD)/../../programs/x509/cert_write
|
||||||
MBEDTLS_CERT_REQ ?= $(PWD)/../../programs/x509/cert_req
|
MBEDTLS_CERT_REQ ?= $(PWD)/../../programs/x509/cert_req
|
||||||
|
|
||||||
|
|
||||||
## Build the generated test data. Note that since the final outputs
|
## Build the generated test data. Note that since the final outputs
|
||||||
## are committed to the repository, this target should do nothing on a
|
## are committed to the repository, this target should do nothing on a
|
||||||
## fresh checkout. Furthermore, since the generation is randomized,
|
## fresh checkout. Furthermore, since the generation is randomized,
|
||||||
@ -739,6 +738,37 @@ ec_prv.pk8param.pem: ec_prv.pk8param.der
|
|||||||
$(OPENSSL) pkey -in $< -inform DER -out $@
|
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||||
all_final += ec_prv.pk8param.pem
|
all_final += ec_prv.pk8param.pem
|
||||||
|
|
||||||
|
# server5*
|
||||||
|
|
||||||
|
# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
|
||||||
|
server5.req.ku.sha1: server5.key
|
||||||
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
||||||
|
all_final += server5.req.ku.sha1
|
||||||
|
|
||||||
|
################################################################
|
||||||
|
### Generate CSRs for X.509 write test suite
|
||||||
|
################################################################
|
||||||
|
|
||||||
|
server1.req.cert_type: server1.key
|
||||||
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
||||||
|
all_final += server1.req.cert_type
|
||||||
|
|
||||||
|
server1.req.key_usage: server1.key
|
||||||
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
||||||
|
all_final += server1.req.key_usage
|
||||||
|
|
||||||
|
server1.req.ku-ct: server1.key
|
||||||
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
||||||
|
all_final += server1.req.ku-ct
|
||||||
|
|
||||||
|
server1.req.key_usage_empty: server1.key
|
||||||
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1
|
||||||
|
all_final += server1.req.key_usage_empty
|
||||||
|
|
||||||
|
server1.req.cert_type_empty: server1.key
|
||||||
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1
|
||||||
|
all_final += server1.req.cert_type_empty
|
||||||
|
|
||||||
################################################################
|
################################################################
|
||||||
### Generate CSRs for X.509 write test suite
|
### Generate CSRs for X.509 write test suite
|
||||||
################################################################
|
################################################################
|
||||||
|
@ -11,10 +11,10 @@ lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
|||||||
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
||||||
o2AwXjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
|
o2AwXjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
|
||||||
BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zARBglghkgBhvhCAQEEBAMC
|
BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zARBglghkgBhvhCAQEEBAMC
|
||||||
AEAwDQYJKoZIhvcNAQEFBQADggEBAEQOk5Ejgu/GsxvMo+RknXcta5Qr6MiNo1EM
|
BkAwDQYJKoZIhvcNAQEFBQADggEBAK1WXZYd6k7/zE2NcszT6rxNaSixPZrDYzRt
|
||||||
G5Xrf++aaf4Mi38p5ZxWDxQDyBmutSnuJgzO+Dxe5w/RNojFa4ri4g5Zk8zwfIcQ
|
Iz5rpH33IHkCdR956/ExCcDMqGNVtKtBdr8kw3+jzyPQhwyHVPNv4C/cgt0C89Pf
|
||||||
8jR6a9DJtxarxDj/UqEzaiBa5MpxsbQqbmou7X7YW9LHDzmCgzbaabyWCuGYxvmh
|
qZLQGuEPVp1X4tzEY2Kno9c1tllLVzJdvz1mRhSb9z5CWQKNMT+8MMl3k+0NZ4LT
|
||||||
lDbcISST73G+vJEeExcBHyom/GV9TNcFAGa66YV/FtABg2tiy9znmUeMnZeYkC9S
|
NEx4gTZxYEsAGEuO/Yij9ctxp4RdSP585FXgiMC00ieMe/aJxlOIgpIhuWdu0KPP
|
||||||
05m6UstAU6pMdwiTpjZjovsTlAcmC76XmE/GpREhRvtGCKTb2pUi3agqsrapABmF
|
G5guYd4hQ9ZrGVOGdjv2cZbh4DuQOsCwU9in/e1RKFV6eMmyOdvLJ4jkTauwkGJG
|
||||||
EGZT9cpwkrl3cxh+jxAMEuhJLdEScDWHVsiNS5y9yxitWC4NqR4=
|
lCclZZQwzGawOiMl2OYPUia5bkaEsdE/0QW/lf36lco8CNjpUfY=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
@ -10,11 +10,11 @@ CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
|
|||||||
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
||||||
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
||||||
oz8wPTAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAR
|
oz8wPTAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAR
|
||||||
BglghkgBhvhCAQEEBAMCAEAwDQYJKoZIhvcNAQEFBQADggEBAJc3yZUS9X3/lb63
|
BglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADggEBAGl6bYCGKvDCvfSU
|
||||||
Nlt8rtXC45wbWZUoOK8N55IzEJC7FrttAStq24kq9QV0qiox8m1WLA+6xVaeZaXu
|
PTyaiFPNGXV98AnIG0Hu4EJjs1owBU/Yf8UdFbWJtOymR80SbzmeQ6rEIoY1oXDA
|
||||||
h2z3WlUlyCNaKqHEpuSYu/XQ0td6j3jCMj3VDSZGHnKgliQ9fkkt+waPVCAZldwj
|
o9Y8yRgW8t25Wmq/0DCu/5P0/L6asstLTxLG4qajClVwqDLEqZNixmq8QorAOtK1
|
||||||
rHsZibl2Dqzb3KttKqD1VyEVOUJ+saXRDJLFdK1M9nwdWMfOg/XE0WbqfVzw9COs
|
JngFA+A5jzc70Ikl9+Hbx/2SEMrCpo0QLSco7KDK7XpNOHbkRz2AqSm0se4jDMP1
|
||||||
08dJ6KL7SOvXtiOVQLNv7XN/2j+wF6+IoLDdLCDByj5VtK2q2vyVk5tpDJI1S696
|
Cwd2UtcpctIZEbECZo6S9WrVMqIhRF1Y5FeauBA2ORvGIHohaYJ9VzYWYXIp7N8d
|
||||||
dP8Zi7VbBTS9OlVC+Gw3CntDKZA8e215MNG6iBuEM2mgi4i0umo7mN8FoA1zusnE
|
QXGv+M7ffpZiERcRr8lxtboPnTXKlv1mLCEX7g+KuiJQUm4OGfTCd5VHzWM7O5Id
|
||||||
8mCO55Q=
|
b+IvZD0=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
@ -10,11 +10,11 @@ CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
|
|||||||
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
||||||
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
||||||
o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
|
o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
|
||||||
BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCAeAw
|
BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw
|
||||||
DQYJKoZIhvcNAQEFBQADggEBAE4sz3ghfpolZ0rH6Q3CWIYQ1Q+aGBwQiCCBsApP
|
DQYJKoZIhvcNAQEFBQADggEBAE6xegEHvwuQ8I4YCLX7oXmDJiDb7m2nMin+um0v
|
||||||
8qZd880Kt+BiEdSsaU16S8CIMdOcHGQGB7dXK9wdTWkIqaW9I7fRPgDNDIhJoYDD
|
TMqHAE3B9GvdWGUgMIEMf76ee7OMDzxfzM2vyNGemB0rn1djEv+knJBSdMQKD9X8
|
||||||
67h1P+cEQeXT9900H173nYlM1vL9zLcnmmqEO7j8jXSpsR5mcCMPkR52RqxweLJw
|
tkT8cPqMHlRMYYbFFkkZEOeqeihZXQdUORao9ZSXrokYwv+Fr+PAmiUJEmkZHbA1
|
||||||
LGPeSlA+DF0WbezJc28FUgXAl8Kxm3Od40exMeicHtfgCnIykH1NEW3gXpc91nFT
|
Gqp6tPfGxJ2ah50Og9oAPwyND6kvE2o++Dth2evjljPCPM2Gw5kjQGw3V9CAUyUo
|
||||||
RoNRdEAIGHMX5Dd5QDlt2vlaKNXFtcx2xUXXIi71YNQybH3p6KXayPMFQzrBwoXJ
|
KtLrtZdOeRHRCWCf3UQ/tYkG70tY/+grftrHqKB2E4qkmDiCPS9sEpa7jOGT6e4k
|
||||||
YHevmjUaw7UH31fULa1dtd/dWmp8cCaKB4vBr0DBJPiMJMw=
|
jGVeZFNZZ10mD2Svr3xl/60++c7yLxrquujo8NOTCVcshfs=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
@ -10,11 +10,11 @@ CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
|
|||||||
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
|
||||||
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
|
||||||
ozwwOjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAO
|
ozwwOjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAO
|
||||||
BgNVHQ8BAf8EBAMCAeAwDQYJKoZIhvcNAQEFBQADggEBALqfFzzWOViKBXoFhtcc
|
BgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQEFBQADggEBAKuveVlnjgJIkiH6HqZk
|
||||||
Ulzg1ShK20z3zeD6TL5Ss2+kMIGhvvvUMtcATIFa9LxZ//a0as1CACphxmrsqaju
|
+oGpLPxpcoMEMskzyFxTfjP4L2Mj798qydBbobyVJdH5p/sIpcHsI0xajM/dcZKS
|
||||||
LDvnXjWLB+e7pJPQ+4XixKmA3QoQI6sduH03/4eRp/Er/+zXD7+uapz+GimiExJt
|
7b28KVwxOk+87DtwCikFT+jzWPe8fzowqsNAaKtvtDQnLYh8u2tDT1vhABwgTVAy
|
||||||
mjW1Oz5n2Q7L9vQabqz0n9+8rM/chsfgipQSKmV0rXe/K1N4yuggh62r8kn9UaUR
|
aHCzs+nm3o36NPSN9K+wmI+r1KFnhjtyOQ++7M8wRRT5jrC+1tYicjsnVMu07yB5
|
||||||
TKm6HaMIFBrZNwMy8TAc3gSq5rqbN8/ONiCBpW/LvwTnd7fFSl7yeetAbj08gpu2
|
04C99Fa3MToilg66Jos95U3gBF5GbSfDXYtd3/etNMkUiG8FEZJlkhKbTO+4E03a
|
||||||
dkfYp/DK9Hs1KQFCi0u1pr9JIqFxNy6tUTO90ydq6QXj4E5yZhmitLPk5wPCozN+
|
X6+z2VojrAroYyO/F5ZlaC3/CsMQ8Zcate64nH/Lu/U78XAo8iKz5DLLOPBqodER
|
||||||
rIc=
|
z4A=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
@ -7,11 +7,11 @@ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
|
|||||||
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
||||||
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
||||||
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAkMCIGCSqGSIb3DQEJDjEV
|
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAkMCIGCSqGSIb3DQEJDjEV
|
||||||
MBMwEQYJYIZIAYb4QgEBBAQDAgBAMA0GCSqGSIb3DQEBBQUAA4IBAQCMX3H6BiGP
|
MBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqGSIb3DQEBBQUAA4IBAQBErZcEaEEO
|
||||||
VRvLu8UHIhsj9WgrGDRogOMVHOrQm+0fnGyxZa2UwftSZf2qLBZ+DmJStHabXibw
|
hLbRVuB3+N5by0mogdJsatJFSgW2/VztLvQBYu0O+VmTbZwCAWejA8U+cr6uPlyf
|
||||||
QuWA9BMVFDih5yGMhdzQC8iQQCjfYOS0sfhy7p76q89rVO0E9KAtvFH2ApbaDAck
|
b4lDqj3W+XykeK9bSzoSr1yNO2VAcE74Y0ZrSz2yXMfT5R9IyKqQZspaKD8MOmYH
|
||||||
m1WdQvYey2rYnT1ucHGdn017Iu1CaY8qnmh7Fhuov++69eGGG4MjRVT/7Ywufjo5
|
BqUH9o/phnGcaEG5xeSfhM1O/YNZuGnlLDQBGwT5puHOaLfjECvs8eZLopIWEBlD
|
||||||
Fn+JsMhj4IonP/jwKIUBskK15MkTQhKpyl5rQK/8v+7bWlsuqhiNPSYg6rgIrjmN
|
QkRlhYqZBwhGZ8D/TxqG4teFtnBX5FG7UoSSVuneBrkREQM7ElhtD9jCWjfMnqm1
|
||||||
QxxzqP5NLPdlS4ksN6zcuwdq21l+li8zakjbeUvyqZb7E6vTHJaNBOp7Y7jv25gG
|
59G84OycClwaKU7/Dm6zeMGDyFoMksBud7lyDHMhxvwSbzb1JR5v8iBsmVY2dhHt
|
||||||
5/PjwquYbKFr
|
Ot3Fx2be0gIr
|
||||||
-----END CERTIFICATE REQUEST-----
|
-----END CERTIFICATE REQUEST-----
|
||||||
|
17
tests/data_files/server1.req.cert_type_empty
Normal file
17
tests/data_files/server1.req.cert_type_empty
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICpDCCAYwCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
|
||||||
|
GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||||
|
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
|
||||||
|
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
|
||||||
|
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
|
||||||
|
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
||||||
|
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
||||||
|
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAjMCEGCSqGSIb3DQEJDjEU
|
||||||
|
MBIwEAYJYIZIAYb4QgEBBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBACU0LLDBIMgG
|
||||||
|
B7gyNANHv42RovhQdzmUulqJPHNHx3v9G17F00bEykJb/r3awW6l5fhY/6oPydsY
|
||||||
|
hnWEM6VVCUkJ6Zqm2/wE49uaNTbFd9JU4OywRBfjHHSTOGnYFg+BYSfwaIkSCkx2
|
||||||
|
kVhyklFm7My5wkyDPpFSU2tTfgsgaQMyTm93a2kxM7qJ/X3gFDG8o7R0vyojFVSI
|
||||||
|
mwsF9QsC6N9cygdFx23zCB0KsJ9KfmBqaTsdbKh8BsocYm5FJCw4WS/CBrCWBj+z
|
||||||
|
N7yEJj4SR5F+P7sFc5I0HANov5wQe8E3+WxxQt8jcqIje6DlaaGja44cXOzvFQyx
|
||||||
|
Hg/6H5EtBQc=
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
@ -7,11 +7,11 @@ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
|
|||||||
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
||||||
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
||||||
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAeMBwGCSqGSIb3DQEJDjEP
|
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAeMBwGCSqGSIb3DQEJDjEP
|
||||||
MA0wCwYDVR0PBAQDAgHgMA0GCSqGSIb3DQEBBQUAA4IBAQAIDkjGHokLINOSKAij
|
MA0wCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBBQUAA4IBAQBsJ3v1Ar2X28GJsRSJ
|
||||||
DuBWyW72udNBwSmRAFYDyNoybWX+KJLFckyReF1S0YRHXWOljwxERF6htUEqIJDI
|
WRQwFQwIbR/D0cHrwTf0ZfZttClytuc18JZlwkH3EG/rNkWaFp6MKIZoRMOBuSPc
|
||||||
vIzlXyV0YqHNmWEFpyRxyIllQ7X4NWnVm3zHYORx2utdy3EyNsNb4Rb/JNh6Qpqr
|
MNvvKIo4nPaeouDPruymx0gNenlyRL3D4OZpBO/BmQIQjbUKWFbzEnEqvwvMDUnG
|
||||||
27DB+frWaBYk27RPTdZz/ItZIicX8iHrAHL0aC6raQYvZfM1ybYehAh7Qx3asHKI
|
8w7UjPSFcxj2HzENr62HLPKKnVpL3nDXWK1a2A77KF9aMxyoWQ6FXb2xPD9cJjdo
|
||||||
XDcrbV50Kzrd0SgC4P6Z6/5C5uUL9AfcKnB2oj5VP2TM0BA6q+XRQFkJ3TO1UTLB
|
c1jwskQbgosQzKKwwp5yxq0zRD3EAGw4A78mgHMfgFprq9e9azaB0JeyFG2Vn0t0
|
||||||
lCKb9B1cIpVsT0YsOg/qptUh90zgd0x7FDa084ccwUJG73VXtHC6eioE4fbfrm5L
|
L+vfiDEVQ3eJXSCen1kEVyHRju8g53UcSgd+JicWFboFj2/mJBuyW6yM++RGA9B5
|
||||||
9BNK
|
Zd62
|
||||||
-----END CERTIFICATE REQUEST-----
|
-----END CERTIFICATE REQUEST-----
|
||||||
|
17
tests/data_files/server1.req.key_usage_empty
Normal file
17
tests/data_files/server1.req.key_usage_empty
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICnjCCAYYCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
|
||||||
|
GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||||
|
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
|
||||||
|
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
|
||||||
|
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
|
||||||
|
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
||||||
|
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
||||||
|
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAdMBsGCSqGSIb3DQEJDjEO
|
||||||
|
MAwwCgYDVR0PBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBAAqQ/EU/3oMt7YW4vWgm
|
||||||
|
0Q7F4v7DrFEoVMWfBzNWhMNIijzoaWKY8jwseZMzu8aCNQlJnM7c9FJF+OCgS7L5
|
||||||
|
0ctwzjfCOi5I5cKgqv8WpuMZWHXNtB7YtjUWIZVri/RazCncZEwJGCKQjmQYrGJm
|
||||||
|
Qmu2+D+DWY+nEW47ZfDH9jOJtatnREjSNsKzc44L9zUaEy3bi+m455XGH+ABmeb7
|
||||||
|
Iqmguh10xUyY6rEOFEuqvFyFr5g1eb53Rr5CQxGfw1j+2bbSh+rVb6Ehf9LAijyu
|
||||||
|
Ygqa91hGab/CjykS6HMrD91ouWtt2Rt3zCKo4Xxe8dlAszKB4W83M9OgDVVpiCfC
|
||||||
|
t3A=
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
@ -7,11 +7,11 @@ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
|
|||||||
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
|
||||||
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
|
||||||
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAxMC8GCSqGSIb3DQEJDjEi
|
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAxMC8GCSqGSIb3DQEJDjEi
|
||||||
MCAwCwYDVR0PBAQDAgHgMBEGCWCGSAGG+EIBAQQEAwIAQDANBgkqhkiG9w0BAQUF
|
MCAwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG9w0BAQUF
|
||||||
AAOCAQEAhDH3BQWViy67+9sdlrTvv0cIJ1IbogaM221MUasNIbfLi+KKfw50mzTa
|
AAOCAQEAWUMyIXHi4BbIxOeCD/Vtu9LGV8ENMV7dwYVEQcwrt1AHahtYgUtkoGcP
|
||||||
V/BCXPT+EzmOptBl+F2iZVQyr2c0nWbBZBHnykS3f0fgifm6yWVEYwJqxUC5+uxK
|
lOPqg1lbg22bu8dLPoY4HAzxCOAGs27otWL5LlE9M5QPH1RedEycmOuYrMl6K988
|
||||||
bZztsHocTuqODpqYILycYkFXCcY8ZFHmz9XZorpUVTpZULW33EmLee5/BYI7whkA
|
hfDBJ+OkgCShcM91+udrc0gpDEI7N01A+fmukQ6EiaQjIf7HME/EKQqhEuEQMXHC
|
||||||
bVoSNB5tAb8kGZQffDnGkHiRfu8dbbEnkPYqm/cerN+4yCh1v1CGFh2lMn4d5p0L
|
GBvdNuEF5BfV3aAYuT+xfdXDU2ZWwXXWAHGmVh3ntnhtEG6SnXSnBATU2wa4tpBd
|
||||||
o9GvMsPM8pxdffZWZI9T0JnlHwtAJDA5G/MFYJdHzLzcHpvDA99MdNO4DMAiUyWb
|
KLbEbcsiy2uj0OLJlvG6LqsNggtkD58GCGpLpaVxdW80yw+f/krwLpeyocE1KGcT
|
||||||
PCDL5e7mJ0lnBp8RppLBR7GEkznIQQ==
|
7eX+9yhLe9NIZojvevw+53dNE7BUfw==
|
||||||
-----END CERTIFICATE REQUEST-----
|
-----END CERTIFICATE REQUEST-----
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
-----BEGIN CERTIFICATE REQUEST-----
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
MIIBFzCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY
|
MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY
|
||||||
BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
|
BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
|
||||||
QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d
|
QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d
|
||||||
Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD
|
Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD
|
||||||
AgHAMAsGByqGSM49BAEFAANJADBGAiEA5MGFTJkpOtCV7bAx+N+t4gP3JDM9RH3W
|
AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg
|
||||||
mIXzSpcBwvACIQDf7f9ytclwouV1DQTFSUKxExIm48H60hk3lh19i3bGOw==
|
2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB
|
||||||
-----END CERTIFICATE REQUEST-----
|
-----END CERTIFICATE REQUEST-----
|
||||||
|
@ -1,78 +1,86 @@
|
|||||||
Certificate Request check Server1 SHA1
|
Certificate Request check Server1 SHA1
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 SHA224
|
Certificate Request check Server1 SHA224
|
||||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 SHA256
|
Certificate Request check Server1 SHA256
|
||||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 SHA384
|
Certificate Request check Server1 SHA384
|
||||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 SHA512
|
Certificate Request check Server1 SHA512
|
||||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 MD4
|
Certificate Request check Server1 MD4
|
||||||
depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 MD5
|
Certificate Request check Server1 MD5
|
||||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 key_usage
|
Certificate Request check Server1 key_usage
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0
|
||||||
|
|
||||||
|
Certificate Request check Server1 key_usage empty
|
||||||
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0
|
||||||
|
|
||||||
Certificate Request check Server1 ns_cert_type
|
Certificate Request check Server1 ns_cert_type
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
|
||||||
|
|
||||||
|
Certificate Request check Server1 ns_cert_type empty
|
||||||
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1
|
||||||
|
|
||||||
Certificate Request check Server1 key_usage + ns_cert_type
|
Certificate Request check Server1 key_usage + ns_cert_type
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER
|
x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
|
||||||
|
|
||||||
Certificate Request check Server5 ECDSA, key_usage
|
Certificate Request check Server5 ECDSA, key_usage
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
|
x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0
|
||||||
|
|
||||||
Certificate write check Server1 SHA1
|
Certificate write check Server1 SHA1
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:1:-1:"data_files/server1.crt":0
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, key_usage
|
Certificate write check Server1 SHA1, key_usage
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0:1:-1:"data_files/server1.key_usage.crt":0
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, ns_cert_type
|
Certificate write check Server1 SHA1, ns_cert_type
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:-1:"data_files/server1.cert_type.crt":0
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, version 1
|
Certificate write check Server1 SHA1, version 1
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, RSA_ALT
|
Certificate write check Server1 SHA1, RSA_ALT
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:-1:"data_files/server1.noauthid.crt":1
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, RSA_ALT, key_usage
|
Certificate write check Server1 SHA1, RSA_ALT, key_usage
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
|
Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:0:-1:"data_files/server1.cert_type_noauthid.crt":1
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1
|
||||||
|
|
||||||
Certificate write check Server1 SHA1, RSA_ALT, version 1
|
Certificate write check Server1 SHA1, RSA_ALT, version 1
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1
|
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1
|
||||||
|
|
||||||
X509 String to Names #1
|
X509 String to Names #1
|
||||||
mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0
|
mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0
|
||||||
|
@ -37,7 +37,8 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
|
|||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
|
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
|
||||||
void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
|
void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
|
||||||
int key_usage, int cert_type )
|
int key_usage, int set_key_usage, int cert_type,
|
||||||
|
int set_cert_type )
|
||||||
{
|
{
|
||||||
mbedtls_pk_context key;
|
mbedtls_pk_context key;
|
||||||
mbedtls_x509write_csr req;
|
mbedtls_x509write_csr req;
|
||||||
@ -59,9 +60,9 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
|
|||||||
mbedtls_x509write_csr_set_md_alg( &req, md_type );
|
mbedtls_x509write_csr_set_md_alg( &req, md_type );
|
||||||
mbedtls_x509write_csr_set_key( &req, &key );
|
mbedtls_x509write_csr_set_key( &req, &key );
|
||||||
TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
|
||||||
if( key_usage != 0 )
|
if( set_key_usage != 0 )
|
||||||
TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
|
||||||
if( cert_type != 0 )
|
if( set_cert_type != 0 )
|
||||||
TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
|
||||||
|
|
||||||
ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
|
ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
|
||||||
@ -100,7 +101,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
|||||||
char *subject_name, char *issuer_key_file,
|
char *subject_name, char *issuer_key_file,
|
||||||
char *issuer_pwd, char *issuer_name,
|
char *issuer_pwd, char *issuer_name,
|
||||||
char *serial_str, char *not_before, char *not_after,
|
char *serial_str, char *not_before, char *not_after,
|
||||||
int md_type, int key_usage, int cert_type, int auth_ident,
|
int md_type, int key_usage, int set_key_usage,
|
||||||
|
int cert_type, int set_cert_type, int auth_ident,
|
||||||
int ver, char *cert_check_file, int rsa_alt )
|
int ver, char *cert_check_file, int rsa_alt )
|
||||||
{
|
{
|
||||||
mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
|
mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
|
||||||
@ -168,9 +170,9 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
|||||||
TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
|
||||||
if( auth_ident )
|
if( auth_ident )
|
||||||
TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
|
||||||
if( key_usage != 0 )
|
if( set_key_usage != 0 )
|
||||||
TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
|
||||||
if( cert_type != 0 )
|
if( set_cert_type != 0 )
|
||||||
TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
|
TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user