mirror of
https://github.com/Mbed-TLS/mbedtls-framework.git
synced 2026-06-06 05:25:18 +00:00
Merge pull request #242 from valeriosetti/issue568-framework
[framework] Remove support for secp192[k|r]1 curves
This commit is contained in:
Valerio Setti
@@ -469,6 +469,17 @@ server5-selfsigned.crt: server5.key
|
||||
-out $@
|
||||
all_final += server5-selfsigned.crt
|
||||
|
||||
# Create a certificate which is almost identical to "server3.crt", i.e.
|
||||
# it contains a public EC key and it is signed with RSA. The main difference
|
||||
# compared to "server3.crt" is that in this case we use a secp256r1 key ("server5.key")
|
||||
# instead of secp192r1 one that is used in "server3.crt".
|
||||
parse_input/server5-rsa-signed.crt server5-rsa-signed.crt: server5.key
|
||||
$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \
|
||||
issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
|
||||
not_before=20251201101530 not_after=20351201101530 \
|
||||
md=SHA256 version=3 output_file=$@
|
||||
all_final += server5-rsa-signed.crt
|
||||
|
||||
parse_input/server5-othername.crt.der: server5.key
|
||||
$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -outform der -out $@
|
||||
|
||||
@@ -625,6 +636,18 @@ server10_int3_spurious_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_
|
||||
cat $^ > $@
|
||||
all_final += server10_int3_spurious_int-ca2.crt
|
||||
|
||||
# server11 *
|
||||
|
||||
# This is basically identical to "server5-rsa-signed.crt" but using a secp256k1
|
||||
# key instead of secp256r1 one in order not to fall in the list of allowed curves
|
||||
# for suite-b profile.
|
||||
server11-rsa-signed.crt: server11.key
|
||||
$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \
|
||||
issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
|
||||
not_before=20251201101530 not_after=20351201101530 \
|
||||
md=SHA1 version=3 output_file=$@
|
||||
all_final += server11-rsa-signed.crt
|
||||
|
||||
rsa_pkcs1_2048_public.pem: server8.key
|
||||
$(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@
|
||||
all_final += rsa_pkcs1_2048_public.pem
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICbDCCAVSgAwIBAgIBDTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
|
||||
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
||||
MjUxMjAxMTAxNTMwWhcNMzUxMjAxMTAxNTMwWjA0MQswCQYDVQQGEwJOTDERMA8G
|
||||
A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
|
||||
CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
|
||||
2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jTTBLMAkGA1UdEwQCMAAwHQYD
|
||||
VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFLRa5KWz3tJS
|
||||
9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IBAQBFbdhHbGhpR2TXjHDMqRTx
|
||||
epceYFPm0bL8h/gWUMsZ196DgrInm4u42txiWX6Ckekv/yeEOUEx90faACLmGGfk
|
||||
1QwWWVGShgUcl5d6DljtgTTx6jHiH3tHbcG8Rmmfmh+DKZ/4wjQ80FgbW7gEUyis
|
||||
xizhFI8+gYH6aT4fdYicyIzysul/0FF3c9nzn+Mt+VRzaPIAYgIujkQAiJO4/QB8
|
||||
2wuET09K9uWeHseXbjQ8O7yPnIpimX7G3TrUwBKb0QEE9IoDTbHjnxM0nxWkPSht
|
||||
wCZFuTfCcnjBi5ps+KJE2iJeK4D5zjS42VX08/ysFViejtY4vUMz3SXrulGg7NKE
|
||||
-----END CERTIFICATE-----
|
||||
@@ -0,0 +1,15 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICaTCCAVGgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
|
||||
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
||||
MjUxMjAxMTAxNTMwWhcNMzUxMjAxMTAxNTMwWjA0MQswCQYDVQQGEwJOTDERMA8G
|
||||
A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBWMBAGByqGSM49AgEG
|
||||
BSuBBAAKA0IABITn/L3s9+4MXRDenn1V/4T4B0igjlPW52BKcl5ZNS5jMqDOOUjl
|
||||
zXShWMqz2Izhsa29cxsTOZN8eT4p8BedD6ujTTBLMAkGA1UdEwQCMAAwHQYDVR0O
|
||||
BBYEFE8fs/ywDn6xlnYK1tDkG/lCZ0ZmMB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnV
|
||||
ppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQAC/yhdzzdYHCSmvg+Hp9UjWR4l
|
||||
7g2g+AjeecH3zPNwzXXoFTMQh9oVNlwJf0Kohit24GTfkOu9jgDFm2Os5HQudLJj
|
||||
QBxdN5D/hCa7ZMT5ing8CFYPoMovlJBqFwtVVVNs+zTGwnij3el+96fTm/qXg2+L
|
||||
DjulIeKmxylY8RZxbEZfOpaC/krWvYlVrX2OWE0/FsTFJQDYLIJF1mJi90+lbIKN
|
||||
vn68o5WLRahn9Om20AE3ZLshBsMtprkXo7IR/P8bPzGaaC/WZ13A7rI6ZSsRGKKr
|
||||
sWZ0fOLEXylcbzaEhkNEPcKUQTFs9JzcvS5Z0sP8bB8nAtQgRzwFhW9rqFyc
|
||||
-----END CERTIFICATE-----
|
||||
@@ -0,0 +1,5 @@
|
||||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHQCAQEEIDzXde5ZiqF4VOJ4mFFJyzLOPz0RHkeJdF9quDdy67oGoAcGBSuBBAAK
|
||||
oUQDQgAEhOf8vez37gxdEN6efVX/hPgHSKCOU9bnYEpyXlk1LmMyoM45SOXNdKFY
|
||||
yrPYjOGxrb1zGxM5k3x5PinwF50Pqw==
|
||||
-----END EC PRIVATE KEY-----
|
||||
@@ -0,0 +1,15 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICbDCCAVSgAwIBAgIBDTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
|
||||
MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
||||
MjUxMjAxMTAxNTMwWhcNMzUxMjAxMTAxNTMwWjA0MQswCQYDVQQGEwJOTDERMA8G
|
||||
A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
|
||||
CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
|
||||
2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jTTBLMAkGA1UdEwQCMAAwHQYD
|
||||
VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFLRa5KWz3tJS
|
||||
9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IBAQBFbdhHbGhpR2TXjHDMqRTx
|
||||
epceYFPm0bL8h/gWUMsZ196DgrInm4u42txiWX6Ckekv/yeEOUEx90faACLmGGfk
|
||||
1QwWWVGShgUcl5d6DljtgTTx6jHiH3tHbcG8Rmmfmh+DKZ/4wjQ80FgbW7gEUyis
|
||||
xizhFI8+gYH6aT4fdYicyIzysul/0FF3c9nzn+Mt+VRzaPIAYgIujkQAiJO4/QB8
|
||||
2wuET09K9uWeHseXbjQ8O7yPnIpimX7G3TrUwBKb0QEE9IoDTbHjnxM0nxWkPSht
|
||||
wCZFuTfCcnjBi5ps+KJE2iJeK4D5zjS42VX08/ysFViejtY4vUMz3SXrulGg7NKE
|
||||
-----END CERTIFICATE-----
|
||||
Reference in New Issue
Block a user