From dbb7b467d214948e1bf2332feeaaf4cabdeaa408 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 24 May 2023 18:00:54 +0800
Subject: [PATCH] Add server9-bad-saltlen generate command

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile                      | 15 +++++++++++----
 tests/data_files/opensslcnf/server9.crt.v3_ext |  4 ++++
 2 files changed, 15 insertions(+), 4 deletions(-)
 create mode 100644 tests/data_files/opensslcnf/server9.crt.v3_ext

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index f67db0712..ae8f990e5 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -513,10 +513,6 @@ server9-with-ca.crt: server9.crt $(test_ca_crt)
 	cat $^ > $@
 all_final += server9-with-ca.crt
 
-# FIXME: This file needs special sequence. It should be update manually
-server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
-	false
-
 server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
 	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
 		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
@@ -526,6 +522,17 @@ server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
 		-in $< -out $@
 all_final += server9-bad-mgfhash.crt
 
+server9-bad-saltlen.crt: server9.csr \
+						$(test_ca_crt) $(test_ca_key_file_rsa) \
+						opensslcnf/server9.crt.v3_ext \
+						../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py
+	../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py --ca-name test-ca \
+		--ca-password $(test_ca_pwd_rsa) --csr server9.csr \
+		--openssl-extfile opensslcnf/server9.crt.v3_ext \
+		--anounce_saltlen 0xde --actual_saltlen 0x20 \
+		--output $@
+all_final += server9-bad-saltlen.crt
+
 # server10*
 
 server10.crt: server10.key test-int-ca3.crt test-int-ca3.key
diff --git a/tests/data_files/opensslcnf/server9.crt.v3_ext b/tests/data_files/opensslcnf/server9.crt.v3_ext
new file mode 100644
index 000000000..f8d201bea
--- /dev/null
+++ b/tests/data_files/opensslcnf/server9.crt.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:false
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+