diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 7b97eea72..f3165101a 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -336,6 +336,12 @@ server5-tricky-ip-san.crt: server5.key $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@ all_final += server5-tricky-ip-san.crt +rsa_single_san_uri.crt.der: rsa_single_san_uri.key + $(OPENSSL) req -x509 -outform der -nodes -days 7300 -newkey rsa:2048 -key $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" + +rsa_multiple_san_uri.crt.der: rsa_multiple_san_uri.key + $(OPENSSL) req -x509 -outform der -nodes -days 7300 -newkey rsa:2048 -key $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c, URI:urn:example.com:5ff40f78-9210-494f-8206-abcde1234567" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" + server10-badsign.crt: server10.crt { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ all_final += server10-badsign.crt @@ -365,12 +371,6 @@ rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@ all_final += rsa_pkcs8_2048_public.der -rsa_single_san_uri.crt: rsa_single_san_uri.key - $(OPENSSL) req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" - -rsa_multiple_san_uri.crt: rsa_multiple_san_uri.key - $(OPENSSL) req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c, URI:urn:example.com:5ff40f78-9210-494f-8206-abcde1234567" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" - ################################################################ #### Generate various RSA keys ################################################################ diff --git a/tests/data_files/rsa_multiple_san_uri.crt b/tests/data_files/rsa_multiple_san_uri.crt deleted file mode 100644 index ceda8f2c5..000000000 --- a/tests/data_files/rsa_multiple_san_uri.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDtjCCAp6gAwIBAgIULxROma15QuBZpLSG3KZTtcrOX0AwDQYJKoZIhvcNAQEL -BQAwOzELMAkGA1UEBhMCVUsxETAPBgNVBAoMCE1iZWQgVExTMRkwFwYDVQQDDBBN -YmVkIFRMUyBVUkkgU0FOMB4XDTIyMTIyODA4Mzc0NloXDTQyMTIyMzA4Mzc0Nlow -OzELMAkGA1UEBhMCVUsxETAPBgNVBAoMCE1iZWQgVExTMRkwFwYDVQQDDBBNYmVk -IFRMUyBVUkkgU0FOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3poS -TQijviHqJNAdKXN0FJMfgLsP9JZuLJczG0MAQsLaB6jHEdH/mrL3Q/1qZv6I6+5E -O5mN0fe8V9THT+OzAaxg8SwWvbog94iReK4OvNqbHEHSKZ0Ej2UHsAYBc/y/xzvJ -UD5QcbjF4g6udumddqA4/MqOSM9KUDufD6rbGhTW2zW8Z/teFW6Y7ucIcyYbS10E -T+P00ZoQbXGSzdddMy/sF+1YxsENniKUQhooIpNxX/lSCHe/CHMFfaj9HPyJE3ke -4rZtUAK1rfSmltfbRl7XQdaB1HLQA/oP+sPWp231mp9jhO2DEMYmHQcRREl/0Zrg -6RKyyIWJabtaF0pPCQIDAQABo4GxMIGuMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXg -MHUGA1UdEQRuMGyGNHVybjpleGFtcGxlLmNvbTo1ZmY0MGY3OC05MjEwLTQ5NGYt -ODIwNi1jMmMwODJmMDYwOWOGNHVybjpleGFtcGxlLmNvbTo1ZmY0MGY3OC05MjEw -LTQ5NGYtODIwNi1hYmNkZTEyMzQ1NjcwHQYDVR0OBBYEFKmGzddKZIFyozb1WrKj -2GXUOg3WMA0GCSqGSIb3DQEBCwUAA4IBAQAV3+vEBnTFcvxSnMSQmNXuSWPaomed -eoT7p5mbdKBiHGv/XoAaAF/WJUGz3dLKtfg0fPOIDPI/Diuyx2eaVHHzPYRW++W0 -wdx1VyAEfTnPexutol5hYMaSonr6wp6V509utwfXAYm8iMMAcHOpljgiGznY5DoB -5qykEAt1Y9jsjhf1Ih/7Q6rVc3I+w8AG5nrJ56MZQBjdOa6xV+8++RJwzuhiSb8E -iDEccpYkfrOOsMl5UZIsSm2BtWp4CRSigWgmN+LSpIfm/zYVYoQYrkjdWx3YhGVB -+xWW1Q/UQhQYtJ8vw9xw/vYWTVWaQDdA22d9XNxLakzwhPDX1OOCJJNy ------END CERTIFICATE----- diff --git a/tests/data_files/rsa_multiple_san_uri.crt.der b/tests/data_files/rsa_multiple_san_uri.crt.der new file mode 100644 index 000000000..ac5fab293 Binary files /dev/null and b/tests/data_files/rsa_multiple_san_uri.crt.der differ diff --git a/tests/data_files/rsa_multiple_san_uri.key b/tests/data_files/rsa_multiple_san_uri.key new file mode 100644 index 000000000..c8c3492bb --- /dev/null +++ b/tests/data_files/rsa_multiple_san_uri.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCxc5q8z8XR6vH2 +1Ko29Mk3dOKpSOrX9Tb5HtmCQMoKIxnTUQrNkVeOQtiQt6XZo05cbA6Z87kWDgGJ +P/5Lxofrx13Rp1xZzZ+0AAPfvUCY5tzZwmicQWvu9st6JwTyaLTCzSt0cPTUs5Hi +hJt9RzSW6GTk5ANjjgoewOMhwh5f84JRURJ2INZjz4namBGe/9f14ZHxKWuxl5in ++z582rSEhLXrPLbaKjT3Jphff51xsusC+pP0xNqkAcrGJ+/Jk0Vk6ClRCd40ZcTB +4SkOqsZ8/uGWnradkrN74PoMMnSKKOuxlsVMPfzMkrlMbuazO4nK/osTAnoSqMUv +COBdXkTtAgMBAAECggEANVlTIQa6K3UeD546GlGXmQOcDVbtu8VuJJFgxScjVs7c +uco4nDrg/tUb9M4xn2/YZDLcZO6AK6BEV/YURsXGIV2L2DcfraQDKoOCpqZoIE/v +/8vR1YBZqbsqy2ulshdGmPZD5Tr8cGIYLui9MnnQ1rnBc4sVdb3DTyGgZ4rLxP6X +0BoHw+LQA0wwSbE/NW71qmeDSEDkSkUQISVg6Rp06U0PZaJAWtYoBNKGAsDGAhjc +vVTXE5B9d+3yOM0InCWFsM/bUvaUv/yxxTcZnVq9Lji3KwDhy63F99pUaFnV6Rf2 +3CKO3VHegWSwMcnYaBbufDqWPHuEDSlZ0nRhrbrKRQKBgQD6dQd0xPHfxIz5l+AC +1kPHIsUKPEirrJKTVHlxQwT0yVpD+yUkF95HY6NgHVHKnRP9qicqr3raIfA01VQc +y+lhXo6xUAqYsKvB9m4njERFWMTCVSVU30Klhic/s4R/1abKlvkax1SiQFIRStqC +onsZ0M1Isw69/I8Yha3mzv/gvwKBgQC1YPXnd5dZmdbe0UibBWjU5X6AQGt+oxL+ ++6EP3EfuRmYI3i3r2bdbB3ELd95f8tgV0UagmjQfFoigBsuRfbhrQEPSHMBWYpAV ++TZKxUvmpJXwLEgxcPv7VTTvxw0qL1u1s/dX6WBfEOUgVzPgcp+IJGEr1MZekTqt +P65coDpZUwKBgAmrLuiBGd1Lly2jgVBauS8c1oJ4pU2LUfVCE5Ydwjk49LUfIuXr +zfbvj8UMHLY3rifiw7RQJev5124StjaOYKoTnmqV7nLKjzbjroj0T0ZmEOJ3qwNF +wyrkrOs2oOzWcKPthBxWiZvh48krHJhicWIjv2kJEI6hC10k+/unDhW9AoGAZyRg +MeRb+OP2wHaapy0IVCi9Kwl3F2h8oOtOx8ooTWNTGq/dxUTlc6pjqnXbyww5vQ5o +72NBSHxz7SxwDqhDexnsd0tKRNV/wj8ZlKNlah8l9JH568OoR2BI3iF/ZwHPUSCq +Ax//YZAl+6IbKgOEnNKzP02cEKLdjy+rY5jqFWkCgYEAmEl4mg1IGoVDM6d3iIPP +JLz5DghV8kP++99vFrJx07D6e/uhzojR73Ye+fq69Vy0yjGXpaRPwwHfvPzDA1hm +ir7rJWsbbskR+iTn2yKvIpB1wBI1u0SQ4lnJ1ZIVJPVlh4yA29JvPT7/7/2nQ/s6 +v0N2oKrfaiKc7BjCz3eYW4Q= +-----END PRIVATE KEY----- diff --git a/tests/data_files/rsa_single_san_uri.crt b/tests/data_files/rsa_single_san_uri.crt deleted file mode 100644 index 0c5b1ca6e..000000000 --- a/tests/data_files/rsa_single_san_uri.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDfjCCAmagAwIBAgIUWWuPuKBmp/e7Jt4G3JAjp97z0NkwDQYJKoZIhvcNAQEL -BQAwOzELMAkGA1UEBhMCVUsxETAPBgNVBAoMCE1iZWQgVExTMRkwFwYDVQQDDBBN -YmVkIFRMUyBVUkkgU0FOMB4XDTIyMTIyNzE3MDUwMVoXDTQyMTIyMjE3MDUwMVow -OzELMAkGA1UEBhMCVUsxETAPBgNVBAoMCE1iZWQgVExTMRkwFwYDVQQDDBBNYmVk -IFRMUyBVUkkgU0FOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigYQ -brVSGf/AyTscC8GSiXPnl0PpJzwvQe0c2oVhX/GB8F++m9FT4msoc6i50KNmcuCO -l52w0lY1+XWkm6+FoqeOm5Vfj2fLrsDed2jomI6T5n68QOtbWZNluCbBbDpnAZbo -QCUwHHjrPSc8h76kxEbX7luPOUaG6cyN/eG+HPY6XLRxDUbqFl9q/WsVkAfm5jO5 -7Oa3j4NfnIbFyuHbQXCmCdBq+4sLW3eKAvp2PyKvB601evOMtmUoX4SrWBTI/rfS -8Z6DqJN+V2afOameP/JiuQbc8GvKwOYLRKjdH8bJZ3GUdxTdOAvFhxfUxQIo7aup -nlLGHLdJUPUurV6dywIDAQABo3oweDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DA/ -BgNVHREEODA2hjR1cm46ZXhhbXBsZS5jb206NWZmNDBmNzgtOTIxMC00OTRmLTgy -MDYtYzJjMDgyZjA2MDljMB0GA1UdDgQWBBSDgDX0Y5xPkSAbqVeJ491MzU9jZDAN -BgkqhkiG9w0BAQsFAAOCAQEAFYXiBh3La7vmEj3uTpzGvNBMtJdiXK6C5IgRnARI -5jye0m3AMK9EJEKrE0144PWOKahirxgznCbPPxL86xfC552Wzu2+ARlXBs+XVQnh -c/IQ7NzCw6Pwtg8hFP0Qhjmp4rMvVjbHH8uPBaefx0wDO80f/VOC3xIPqVHA8U9X -Q8+dBPcv1iHaZ8gBx+lTZVaRSzAciNkPFRv5X/GAcnhIWQFBJD0XTlH4SgdsW4O6 -0Oqo4qbHPxPf5zx3ZtX0zG13+/wiPAMvZyjemCMtsentiJt0+a5n+9X3b2lhEq58 -yy5d8aax9EXT5TAguKP7kV1sglSlJcIzmKXb4MCdTYfdfg== ------END CERTIFICATE----- diff --git a/tests/data_files/rsa_single_san_uri.crt.der b/tests/data_files/rsa_single_san_uri.crt.der new file mode 100644 index 000000000..22308c6f4 Binary files /dev/null and b/tests/data_files/rsa_single_san_uri.crt.der differ diff --git a/tests/data_files/rsa_single_san_uri.key b/tests/data_files/rsa_single_san_uri.key new file mode 100644 index 000000000..bb6c0ca6b --- /dev/null +++ b/tests/data_files/rsa_single_san_uri.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCng06zdlkhYiBK +43H+cK+vkHYvvRA2RtWbLMw+9rV9IrdGQ+iQQ/X1SZfDl2hWUiKTpabcuGYzY38H +lXW4UXwTB36KEe7G3yF/fbvYzNsdUCAVOzNs/0EMvXJeD/Dm5CBMEsG6V0ovHmkc +c80fQYQiSxgjpWyRpKdP+z/2imGph9onuu7EWOpAXGArozlLL5OixQ2dmutsc5ap +hfgwq6za00uKsFifolRtAhiH86N0vjiAJkzZR83uBlI285sj5+EzRrtjVv+kgsLW +gLDlj3bgsuKQDfxWhe+mpy2PIJ41kqktCz1qew3wyHI2ysE+6htHYQMNbCtkRMdX +/4t1yx95AgMBAAECggEAIIhn6IK7nLgp/WFe6kOIW1h7G5pkY6YuJgz1PeU8Kilr +3sGhkSMhyZmZV+s34EvjWzl4xrUpZCGWsipcyodIyYlTEg2ZihYbs17/9IMUqwS8 +tmLhAfIw+ABzDcGaz7zOaPfbmA0L40rMrzHuTHu05dQfxAyEoWSQ+f+Z1I/bl8jy +GdXQVtqZzqJcWXbXt+3+B4f2/d7K5xzb7lv/8zhAf/zoG9srMByPa6/Do5rVas5Q +NmzJPwXngxE5dJcHsWU4FkHbSbJj0khW858MJ4o5Ddw5ZOPimqlcmpClb01wCdXf +13o2ozKGE/xq3InU7MA4ad0tLMdEM8R7yhUZ9Xe/gQKBgQDYXt4BhiamnSl1tHR8 +MiiyzkcZuVH04/A6FsnUhcbQF9iCqO9szw50k0z7DVIGS9dSY9kmMdEcpsX6m2XC +XfEsxHBm0wmJqLUGq3UzM6oDsyZG1fkTg+eMzbVO0sv4xdhJLPpmsck5yJ8t0TxB +8gIS9yNEw7+w6rZhgSRsMT+WhQKBgQDGMZ0qIdFi1Ae7ueTcBCe+cjgmTG9nXq6+ +qRokU63rPP9y8XTVD6hRmviMRl4skt0F39yGJ7janIQnOBrf2DVEX4Mcf0sY4vDJ +msDV5jkbzgbAEas0ejO4h+dpRqa4mUiU1JR/Pb1jZHNOg7ZfTw45WPqBGsLTEpAt +OsKVUgbZZQKBgCIe+8WjwS6fNC2SspfvVQm1i/Lbjbgfxf9zHor8ObkROZyJRZCU +KoRpwkcI97l0dlVQ16q1SnPJPQljPi3joKfdppggia2CxGFz4nybliEVPGEJV0kj +kP1cZ04x4eauVIhdpnNRcBlDsQ6Jo4YGwxr4jEBI2k7tBKvlsLe7IHr9AoGAeJmi +IAwaBIAvAH16lKL2qD2Ki0uBkq4buSrfHHHK59TjQEdLJ4byjk21pm3/SjJHyhZR +c1TieCw7gj3ypHlE2IkiGAohYVBe4t6HLuF7qL6yfteBjVo69LPGDdqPAs9LSj0c +61xfTQbH32PoapCJgD3zmPH20Ud/cfZKh2A1iL0CgYEAwQgGxHVo+/d3BhLQvQHt +64fE+qrZA5oWWwBh8EzR+98eOnDCF3Gm6chrEs9boOzlwxr9LU4TgiBnpyYrQCEw +AdOA9dhYz91d+chJZjKo635Y9byN9rutr3/EfqZLxWL73k1y5LNAYL+jyAab0Jsw +l2xG6PNj5rItkgO3j50qA7s= +-----END PRIVATE KEY----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 4e6c55dbe..28ba0776b 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -123,12 +123,12 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA x509_cert_info:"data_files/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \:\n dNSName \: www.shotokan-braunschweig.de\n dNSName \: www.massimo-abate.eu\n \n \nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, Subject Alt Name with uniformResourceIdentifier -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/rsa_single_san_uri.crt":"cert. version \: 3\nserial number \: 59\:6B\:8F\:B8\:A0\:66\:A7\:F7\:BB\:26\:DE\:06\:DC\:90\:23\:A7\:DE\:F3\:D0\:D9\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nissued on \: 2022-12-27 17\:05\:01\nexpires on \: 2042-12-22 17\:05\:01\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +x509_cert_info:"data_files/rsa_single_san_uri.crt.der":"cert. version \: 3\nserial number \: 6F\:75\:EB\:E9\:6D\:25\:BC\:88\:82\:62\:A3\:E0\:68\:A7\:37\:3B\:EC\:75\:8F\:9C\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nissued on \: 2023-02-14 10\:38\:05\nexpires on \: 2043-02-09 10\:38\:05\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, Subject Alt Name with two uniformResourceIdentifiers -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/rsa_multiple_san_uri.crt":"cert. version \: 3\nserial number \: 2F\:14\:4E\:99\:AD\:79\:42\:E0\:59\:A4\:B4\:86\:DC\:A6\:53\:B5\:CA\:CE\:5F\:40\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nissued on \: 2022-12-28 08\:37\:46\nexpires on \: 2042-12-23 08\:37\:46\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-abcde1234567\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" +depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +x509_cert_info:"data_files/rsa_multiple_san_uri.crt.der":"cert. version \: 3\nserial number \: 08\:E2\:93\:18\:91\:26\:D8\:46\:88\:90\:10\:4F\:B5\:86\:CB\:C4\:78\:E6\:EA\:0D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nissued on \: 2023-02-14 10\:37\:50\nexpires on \: 2043-02-09 10\:37\:50\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-abcde1234567\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, RSA Certificate Policy any depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA