cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-08-23 04:51:13 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,298 Commits 7 Branches 115 Tags
Commit Graph

18298 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pengyu Lv
343ff1200d Fix typo and long line format 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
ea8027921b Update crl-rsa-pss-*.pem manually 
The rules will be in a seperate PR.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
a69934f249 upgrade server9-bad-saltlen.crt 
Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core

output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"

subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
        -passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
        -set_serial 24 -days 3650 \
        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
        -sigopt rsa_mgf1_md:sha256 -sha256 \
        -in server9.csr -out {output_filename}
''',shell=True)

with open(output_filename,'rb') as f:
    _,_,der_bytes=pem.unarmor(f.read())
    target_certificate=x509.Certificate.load(der_bytes)

with open(tmp_filename,'wb') as f:
    f.write(target_certificate['tbs_certificate'].dump())

subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
                        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
                        -sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
                        shell=True)

with open(tmp1_filename,'rb') as f:
    signature_value= core.OctetBitString(f.read())

with open(output_filename,'wb') as f:
    target_certificate['signature_value']=signature_value
    f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
33536d170e Update server9*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
3ed1653df4 Add server9-bad-{mgfhash,saltlen}.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
4ac61a92cc Add rules to generate server9*.crt 
Except for server9-bad-saltlen.crt and
server9-bad-mgfhash.crt.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
7d7b735514 Update server1-nospace.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
4e573497d7 Update v1 crt files 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
124b75a09a Update cert_example_multi_nocn.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
5539dcb2d4 Add rules to generate cert_example_multi_nocn.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
fce773e0e9 Update server5.[e]ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
0158966a73 Add rules to generate server5.[e]ku-*.crt 
Since cert_write in mbedtls-2.28 doesn't support
write ext_key_usage extension, the commands are
added just for alignment with development.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
5a4cc39f39 Update server2.ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
4b7447cf45 Add rules to generate server2.ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
6acdd5c624 Add rule for server2-badsign.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
233c93b44d Update test-ca2.ku-*.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
34cfc35ce9 Fix the rule for server5-ss-forgeca.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
8e0cc70e38 Add the rule and update server6-ss-child.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
2aa312b136 Update server5-selfsigned.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
e1136d5eb4 Update test-ca2.crt[.der] and server5.crt[.der] 
Update these files to match the data in `library/certs.c`.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 10:17:21 +08:00
Gilles Peskine
d5f4039227
Merge pull request #7739 from davidhorstmann-arm/2.28-fix-iar-typo 
[Backport 2.28] Fix typo in CMakeList.txt in IAR compiler flags
 2023-06-15 19:23:56 +02:00
David Horstmann
7435651068 Reword changelog entry 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-15 14:09:05 +01:00
Pengyu Lv
41bb446d12 Update TEST_CA_CRT_EC_PEM and TEST_CA_CRT_EC_DER 
To retain the ABI compatibility, we need the DER
data to be in the exact size of 520 bytes. So,
these data are regenerated by unsetting the
'critical' flag of 'basic_constraints' extension,
though the extension should be critical for this
CA according to RFC5280 section 4.2.1.9.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-15 15:41:30 +08:00
Pengyu Lv
04da85f0f4 Update TEST_SRV_CRT_EC_PEM and TEST_SRV_CRT_EC_DER 
Regenerate server5.crt[.der] until we got the
DER data in the size of 547 bytes to maintain
the ABI compatibility.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-15 13:01:35 +08:00
Pengyu Lv
1fca541a5f Remove redundant PHONY targets 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-14 09:55:51 +08:00
Pengyu Lv
a640339243 Fix long line format 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-14 09:55:51 +08:00
Pengyu Lv
14f59bfca8 Update cert macros in library/certs.c 
This commit manually updates:
  - TEST_CA_CRT_EC_PEM
  - TEST_CA_CRT_EC_DER
  - TEST_SRV_CRT_EC_PEM
  - TEST_SRV_CRT_EC_DER

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-14 09:55:41 +08:00
Bence Szépkúti
b1e2ff7377
Merge pull request #7751 from davidhorstmann-arm/2.28-build-docs-realfull 
[Backport 2.28] Build the docs in realfull config
 2023-06-13 15:04:36 +02:00
Waleed Elmelegy
558bdc3f42 Add crypt_and_hash decrypt issue to Changelog 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-13 12:15:30 +01:00
Waleed Elmelegy
c451b4ae11 Replace function calls in crypt_and_hash program with locals 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-13 12:15:04 +01:00
Waleed Elmelegy
6eb4626e3f Fix crypt_and_hash decrypt issue when used with stream cipher 
crypt_and_hash decryption fails when used with a stream cipher
mode of operation due to the input not being multiple of block
size, this only applies to block cipher modes and not stream
ciphers.This change exempts CTR, CFB & OFB modes from this check.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-13 12:09:42 +01:00
Pengyu Lv
9dbd1df175 Update crl-ec-sha*.pem, crl.pem, crl_cat_*.pem 
This commit updates the files manually, the rules
of generating these files will be upload in other
PR.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:51:08 +08:00
Pengyu Lv
8569c876a4 Add rules to generate crl_cat* 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:50:58 +08:00
Pengyu Lv
dc66d3a34c Update server10*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:49:02 +08:00
Pengyu Lv
f23ecc1941 Update server8*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:48:31 +08:00
Pengyu Lv
3ff09ec78f Update server7*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:47:47 +08:00
Pengyu Lv
d5be96c4c7 Update test-int-ca*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:45:39 +08:00
Pengyu Lv
fe50030b5b Add rules to generate test-int-ca{2,3}.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:45:14 +08:00
David Horstmann
ab28649202 Whitespace-align with development branch 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-13 10:43:32 +01:00
Pengyu Lv
bb0fd701ad Update test-ca2_cat-*.crt and test-ca_cat*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:42:04 +08:00
Pengyu Lv
e106de0ebb Update server6.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:41:11 +08:00
Pengyu Lv
e340675475 Update test-ca[1|2].crt[.der] 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:39:02 +08:00
Pengyu Lv
d8893ccb9b Update server5[-der*|-sha*].crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:38:24 +08:00
Pengyu Lv
381186b853 Add rules to generate test-ca2_cat-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:36:32 +08:00
Pengyu Lv
43ad9848db Add rules to generate server10*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:35:10 +08:00
David Horstmann
926854c4e0 Build the docs in realfull config 
Ensure that all possible config options are documented by building the
docs in the realfull config on Read The Docs.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-13 10:33:18 +01:00
Pengyu Lv
4217429a46 Add rules to generate server8*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:30:10 +08:00
Pengyu Lv
30cd6b0964 Add rules to generate server7*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:27:20 +08:00
Jerry Yu
324a43b4ac Add rules to generate server6.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-13 17:24:11 +08:00
Jerry Yu
fa4ef28c00 Add rules to generate server5-sha*.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-13 17:22:45 +08:00