diff --git a/tests/data_files/test_certs.h.jinja2 b/tests/data_files/test_certs.h.jinja2 new file mode 100644 index 0000000000..390ea088fc --- /dev/null +++ b/tests/data_files/test_certs.h.jinja2 @@ -0,0 +1,54 @@ +/* + * X.509 test certificates + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ +/* *INDENT-OFF* */ + +{% for mode, name, value in macros %} + {% if mode == 'string' %} +/* This is taken from {{value}}. */ +/* BEGIN FILE string macro {{name}} {{value}} */ +#define {{name}}{{ '\\' | put_to_column(position=80-9-name|length)}} + {% for line in value | read_lines %} + "{{line}}\r\n"{% if not loop.last %}{{ '\\' | put_to_column(position=80-10-1-line|length)}} + {% endif %} + {% endfor %} + +/* END FILE */ + {% endif %} + {% if mode == 'binary' %} +/* This is generated from {{value}}. */ +/* BEGIN FILE binary macro {{name}} {{value}} */ +#define {{name}} {% raw -%} { {%- endraw %} {{ '\\' | put_to_column(position=80-11-name|length)}} + {% for line in value | read_as_c_array %} + {% if not loop.last %} + {{line}},{{ '\\' | put_to_column(position=80-9-line|length)}} + {% else %} + {{line}}{{ '\\' | put_to_column(position=80-8-line|length)}} + {% endif %} + {% endfor %} +{% raw -%} } {%- endraw %} + +/* END FILE */ + {% endif %} + {% if mode == 'password' %} +#define {{name}} "{{value}}" + {% endif %} + +{% endfor %} diff --git a/tests/scripts/generate_test_cert_macros.py b/tests/scripts/generate_test_cert_macros.py new file mode 100755 index 0000000000..c7395f145b --- /dev/null +++ b/tests/scripts/generate_test_cert_macros.py @@ -0,0 +1,147 @@ +#!/usr/bin/env python3 + +""" +Generate `tests/src/test_certs.h` which includes certficaties/keys/certificate list for testing. +""" + +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import os +import sys +import argparse +import jinja2 + +MACROS = [ + ("comment1", None, None), + ("string", "TEST_CA_CRT_EC_PEM", "tests/data_files/test-ca2.crt"), + ("binary", "TEST_CA_CRT_EC_DER", "tests/data_files/test-ca2.crt.der"), + ("string", "TEST_CA_KEY_EC_PEM", "tests/data_files/test-ca2.key.enc"), + ("password", "TEST_CA_PWD_EC_PEM", "PolarSSLTest"), + ("binary", "TEST_CA_KEY_EC_DER", "tests/data_files/test-ca2.key.der"), + ("string", "TEST_CA_CRT_RSA_SHA256_PEM", + "tests/data_files/test-ca-sha256.crt"), + ("binary", "TEST_CA_CRT_RSA_SHA256_DER", + "tests/data_files/test-ca-sha256.crt.der"), + ("string", "TEST_CA_CRT_RSA_SHA1_PEM", "tests/data_files/test-ca-sha1.crt"), + ("binary", "TEST_CA_CRT_RSA_SHA1_DER", "tests/data_files/test-ca-sha1.crt.der"), + ("string", "TEST_CA_KEY_RSA_PEM", "tests/data_files/test-ca.key"), + ("password", "TEST_CA_PWD_RSA_PEM", "PolarSSLTest"), + ("binary", "TEST_CA_KEY_RSA_DER", "tests/data_files/test-ca.key.der"), + ("comment2", None, None), + ("string", "TEST_SRV_CRT_EC_PEM", "tests/data_files/server5.crt"), + ("binary", "TEST_SRV_CRT_EC_DER", "tests/data_files/server5.crt.der"), + ("string", "TEST_SRV_KEY_EC_PEM", "tests/data_files/server5.key"), + ("binary", "TEST_SRV_KEY_EC_DER", "tests/data_files/server5.key.der"), + ("string", "TEST_SRV_CRT_RSA_SHA256_PEM", + "tests/data_files/server2-sha256.crt"), + ("binary", "TEST_SRV_CRT_RSA_SHA256_DER", + "tests/data_files/server2-sha256.crt.der"), + ("string", "TEST_SRV_CRT_RSA_SHA1_PEM", "tests/data_files/server2.crt"), + ("binary", "TEST_SRV_CRT_RSA_SHA1_DER", "tests/data_files/server2.crt.der"), + ("string", "TEST_SRV_KEY_RSA_PEM", "tests/data_files/server2.key"), + ("binary", "TEST_SRV_KEY_RSA_DER", "tests/data_files/server2.key.der"), + ("comment3", None, None), + ("string", "TEST_CLI_CRT_EC_PEM", "tests/data_files/cli2.crt"), + ("binary", "TEST_CLI_CRT_EC_DER", "tests/data_files/cli2.crt.der"), + ("string", "TEST_CLI_KEY_EC_PEM", "tests/data_files/cli2.key"), + ("binary", "TEST_CLI_KEY_EC_DER", "tests/data_files/cli2.key.der"), + ("string", "TEST_CLI_CRT_RSA_PEM", "tests/data_files/cli-rsa-sha256.crt"), + ("binary", "TEST_CLI_CRT_RSA_DER", "tests/data_files/cli-rsa-sha256.crt.der"), + ("string", "TEST_CLI_KEY_RSA_PEM", "tests/data_files/cli-rsa.key"), + ("binary", "TEST_CLI_KEY_RSA_DER", "tests/data_files/cli-rsa.key.der") +] + + +class CustomAction(argparse.Action): + def __call__(self, parser, namespace, values, option_string): + if not hasattr(namespace, 'values'): + setattr(namespace, 'values', []) + macro_name, filename = values + if self.dest in ('string', 'binary') and not os.path.exists(filename): + raise argparse.ArgumentError( + None, '`{}`: Input file does not exist.'.format(filename)) + namespace.values.append((self.dest, macro_name, filename)) + + +def custom_type(value): + ret = value.split('=', 1) + if len(ret) != 2: + raise argparse.ArgumentTypeError( + '`{}` is not MACRO=value format'.format(value)) + return ret + + +def build_argparser(parser): + parser.description = __doc__ + parser.add_argument('--string', type=custom_type, action=CustomAction, + metavar='MACRO_NAME=path/to/file', help='PEM to C string. ') + parser.add_argument('--binary', type=custom_type, action=CustomAction, metavar='MACRO_NAME=path/to/file', + help='DER to C arrary.') + parser.add_argument('--password', type=custom_type, action=CustomAction, + metavar='MACRO_NAME=password', help='Password to C string.') + parser.add_argument('--output', type=str, required=True) + + +def main(): + parser = argparse.ArgumentParser() + build_argparser(parser) + args = parser.parse_args() + return generate(**vars(args)) + + # sys.exit(0) + + +def generate(values=[],output=None, **kwargs): + this_dir = os.path.dirname(os.path.abspath(__file__)) + project_root = os.path.abspath(os.path.join(this_dir, '..', '..')) + template_loader = jinja2.FileSystemLoader( + searchpath=os.path.join(this_dir, '..', 'data_files')) + template_env = jinja2.Environment( + loader=template_loader, lstrip_blocks=True, trim_blocks=True) + + def read_as_c_array(filename): + with open(filename, 'rb') as f: + data = f.read(12) + while data: + yield ', '.join(['{:#04x}'.format(b) for b in data]) + data = f.read(12) + + def read_lines(filename): + with open(filename) as f: + try: + for line in f: + yield line.strip() + except: + print(filename) + raise + + def put_to_column(value, position=0): + return ' '*position + value + + template_env.filters['read_as_c_array'] = read_as_c_array + template_env.filters['read_lines'] = read_lines + template_env.filters['put_to_column'] = put_to_column + + template = template_env.get_template('test_certs.h.jinja2') + + with open(output, 'w') as f: + f.write(template.render(macros=values)) + + +if __name__ == '__main__': + sys.exit(main())