cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-07 22:27:01 -04:00
Code Issues Packages Projects Releases Wiki Activity
17,827 Commits 7 Branches 115 Tags
Commit Graph

17827 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jerry Yu
a69934f249 upgrade server9-bad-saltlen.crt 
Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core

output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"

subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
        -passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
        -set_serial 24 -days 3650 \
        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
        -sigopt rsa_mgf1_md:sha256 -sha256 \
        -in server9.csr -out {output_filename}
''',shell=True)

with open(output_filename,'rb') as f:
    _,_,der_bytes=pem.unarmor(f.read())
    target_certificate=x509.Certificate.load(der_bytes)

with open(tmp_filename,'wb') as f:
    f.write(target_certificate['tbs_certificate'].dump())

subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
                        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
                        -sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
                        shell=True)

with open(tmp1_filename,'rb') as f:
    signature_value= core.OctetBitString(f.read())

with open(output_filename,'wb') as f:
    target_certificate['signature_value']=signature_value
    f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
33536d170e Update server9*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
3ed1653df4 Add server9-bad-{mgfhash,saltlen}.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
4ac61a92cc Add rules to generate server9*.crt 
Except for server9-bad-saltlen.crt and
server9-bad-mgfhash.crt.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
7d7b735514 Update server1-nospace.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
4e573497d7 Update v1 crt files 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
124b75a09a Update cert_example_multi_nocn.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
5539dcb2d4 Add rules to generate cert_example_multi_nocn.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
fce773e0e9 Update server5.[e]ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
0158966a73 Add rules to generate server5.[e]ku-*.crt 
Since cert_write in mbedtls-2.28 doesn't support
write ext_key_usage extension, the commands are
added just for alignment with development.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
5a4cc39f39 Update server2.ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
4b7447cf45 Add rules to generate server2.ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
6acdd5c624 Add rule for server2-badsign.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
233c93b44d Update test-ca2.ku-*.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
34cfc35ce9 Fix the rule for server5-ss-forgeca.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
8e0cc70e38 Add the rule and update server6-ss-child.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
2aa312b136 Update server5-selfsigned.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
e1136d5eb4 Update test-ca2.crt[.der] and server5.crt[.der] 
Update these files to match the data in `library/certs.c`.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 10:17:21 +08:00
Pengyu Lv
41bb446d12 Update TEST_CA_CRT_EC_PEM and TEST_CA_CRT_EC_DER 
To retain the ABI compatibility, we need the DER
data to be in the exact size of 520 bytes. So,
these data are regenerated by unsetting the
'critical' flag of 'basic_constraints' extension,
though the extension should be critical for this
CA according to RFC5280 section 4.2.1.9.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-15 15:41:30 +08:00
Pengyu Lv
04da85f0f4 Update TEST_SRV_CRT_EC_PEM and TEST_SRV_CRT_EC_DER 
Regenerate server5.crt[.der] until we got the
DER data in the size of 547 bytes to maintain
the ABI compatibility.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-15 13:01:35 +08:00
Pengyu Lv
1fca541a5f Remove redundant PHONY targets 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-14 09:55:51 +08:00
Pengyu Lv
a640339243 Fix long line format 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-14 09:55:51 +08:00
Pengyu Lv
14f59bfca8 Update cert macros in library/certs.c 
This commit manually updates:
  - TEST_CA_CRT_EC_PEM
  - TEST_CA_CRT_EC_DER
  - TEST_SRV_CRT_EC_PEM
  - TEST_SRV_CRT_EC_DER

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-14 09:55:41 +08:00
Pengyu Lv
9dbd1df175 Update crl-ec-sha*.pem, crl.pem, crl_cat_*.pem 
This commit updates the files manually, the rules
of generating these files will be upload in other
PR.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:51:08 +08:00
Pengyu Lv
8569c876a4 Add rules to generate crl_cat* 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:50:58 +08:00
Pengyu Lv
dc66d3a34c Update server10*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:49:02 +08:00
Pengyu Lv
f23ecc1941 Update server8*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:48:31 +08:00
Pengyu Lv
3ff09ec78f Update server7*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:47:47 +08:00
Pengyu Lv
d5be96c4c7 Update test-int-ca*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:45:39 +08:00
Pengyu Lv
fe50030b5b Add rules to generate test-int-ca{2,3}.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:45:14 +08:00
Pengyu Lv
bb0fd701ad Update test-ca2_cat-*.crt and test-ca_cat*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:42:04 +08:00
Pengyu Lv
e106de0ebb Update server6.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:41:11 +08:00
Pengyu Lv
e340675475 Update test-ca[1|2].crt[.der] 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:39:02 +08:00
Pengyu Lv
d8893ccb9b Update server5[-der*|-sha*].crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:38:24 +08:00
Pengyu Lv
381186b853 Add rules to generate test-ca2_cat-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:36:32 +08:00
Pengyu Lv
43ad9848db Add rules to generate server10*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:35:10 +08:00
Pengyu Lv
4217429a46 Add rules to generate server8*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:30:10 +08:00
Pengyu Lv
30cd6b0964 Add rules to generate server7*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:27:20 +08:00
Jerry Yu
324a43b4ac Add rules to generate server6.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-13 17:24:11 +08:00
Jerry Yu
fa4ef28c00 Add rules to generate server5-sha*.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-13 17:22:45 +08:00
Jerry Yu
c2d694e367 Add server5-der*crt generate command 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-13 17:20:01 +08:00
Jerry Yu
111f4353f7 Add rules to generate server5[-badsign].crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-13 17:08:45 +08:00
Pengyu Lv
be8faab205 Update server3.crt and server4.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:06:37 +08:00
Pengyu Lv
746e2d133d Add rules to generate server4.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 17:05:10 +08:00
Pengyu Lv
a3d7bb8059 Add rules to generate server3.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 16:49:19 +08:00
Pengyu Lv
f287e2a528 Mark all_intermediate as intermediate files 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-13 16:45:11 +08:00
Gilles Peskine
8eaf2d2ac9
Merge pull request #7707 from davidhorstmann-arm/2.28-gitignore-compile-commands-json 
[Backport 2.28] Add clangd compilation databases to gitignore
 2023-06-08 14:37:16 +02:00
Gilles Peskine
5b7a4b4bf0
Merge pull request #7684 from daverodgman/armclang-fix-2.28 
2.28 backport - Fix armclang compile fail
 2023-06-08 14:36:21 +02:00
David Horstmann
67e54b1684 Add clangd compilation databases to gitignore 
The clangd language server uses a file called compile_commands.json to
interpret the source tree. This is generated by CMake and must be
present in the source tree in order to use clangd properly.

Add this to the gitignore to improve the developer experience for users
of clangd.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-07 15:30:41 +01:00
Dave Rodgman
c2e225be81 Add armclang build test 
Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>
 2023-06-05 21:29:35 -04:00