- use SHA-256 instead of SHA-1 for "server5-rsa-signed.crt". This change is
not applied to "server11.crt" because the goal there is to have as many
features as possible which are _not_ part of suite-b (and SHA-1 is not
part of it).
- move start/end dates forward so that certificates are valid for the
next 10 years.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is almost identical to "server5-rsa-signed.crt" in the sense that it
includes an EC public key and it's signed with an RSA one.
The main difference compared to "server5-rsa-signed.crt" is that in this
case we're using a secp256k1 key, instead the companion one uses a
secp256r1. The important thing here is that the "k1" type does not belong
to "suite-b", while "r1" does.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is a secp256k1 EC key. The goal is to use it in tests where a key
that does not belong to the "suite-b" list is required.
For example it can be used as counterpart of "server5.key" since this one
is secp256r1 and this curve type belong to "suite-b".
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is basically identical to "server3.crt", i.e. it contains an EC public
key and it's signed by a RSA one. The difference is that in this case
we're using a secp256r1 EC key, instead of the secp192r1 that was used
in "server3.crt".
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
- there was already a SEC1 formatted EC file for secp256r1 so
ec_256_prv.sec1.der was useless;
- all other ec_256_[pub|priv] files should be generated starting from
ec_256_prv.pem
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Previously the file format was PEM even though the extension suggests it
should be DER. This commit set the correct format.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The previous key had only 518 bits for E. Being not a multiple of 8
this didn't allow the key to be imported into PSA.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Before this commit, if I run 'make test' in an Mbed TLS work tree,
then afterwards 'git status' lists the framework submodule as unclean
(untracked files) which I find annoying.
Signed-off-by: Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Valerio Setti