Mbed-TLS/mbedtls-framework
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls-framework.git synced 2026-06-05 21:15:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

data_files: add server11-rsa-signed.crt

Browse Source 
This is almost identical to "server5-rsa-signed.crt" in the sense that it
includes an EC public key and it's signed with an RSA one.
The main difference compared to "server5-rsa-signed.crt" is that in this
case we're using a secp256k1 key, instead the companion one uses a
secp256r1. The important thing here is that the "k1" type does not belong
to "suite-b", while "r1" does.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti
2025-11-28 09:39:50 +01:00
parent 75e471a66f
commit 85cbd7ae63
2 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
data_files/Makefile
+12
View File
@@ -636,6 +636,18 @@ server10_int3_spurious_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_
cat $^ > $@
all_final += server10_int3_spurious_int-ca2.crt
# server11 *
# This is basically identical to "server5-rsa-signed.crt" but using a secp256k1
# key instead of secp256r1 one in order not to fall in the list of allowed curves
# for suite-b profile.
server11-rsa-signed.crt: server11.key
$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \
issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
not_before=20190210144406 not_after=20290210144406 \
md=SHA1 version=3 output_file=$@
all_final += server11-rsa-signed.crt
rsa_pkcs1_2048_public.pem: server8.key
$(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@
all_final += rsa_pkcs1_2048_public.pem
data_files/server11-rsa-signed.crt
+15
View File
@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICaTCCAVGgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBWMBAGByqGSM49AgEG
BSuBBAAKA0IABITn/L3s9+4MXRDenn1V/4T4B0igjlPW52BKcl5ZNS5jMqDOOUjl
zXShWMqz2Izhsa29cxsTOZN8eT4p8BedD6ujTTBLMAkGA1UdEwQCMAAwHQYDVR0O
BBYEFE8fs/ywDn6xlnYK1tDkG/lCZ0ZmMB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnV
ppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQAyVbsxPW8wUqo23j0KinXKJIFJ
KakGvPiQsl7cV+go9W2kJSlUKBtaUcdZQpQsm3FLnDMhz9j1VBSic46/msH2I7Cv
eUrPlmP9Y1spYCuUo3c/tOyAPhgwVFdNWuYTwPRD+D2yugQMhnggoemaYzu+Mw0z
FTbY/kXSsW47n8qbHbE5kvo40lGFSPmcbvJDMGwfw1o2adQm43Zce4uxL4WbC6Y6
8FvkMmyFBRVRKnt1ViIyaeEjlgCVxhfUZO8kvy9So86m2xZtQTuEFHN/Cn7xdRLG
GILYv5GAbYXNcrzfpz9UyU9VUGLKJIHpmrmKBUl8GsV0z9bSIApiE+wDq+F7
-----END CERTIFICATE-----