mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-10 15:45:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use extension .csr.der to indicate format

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2023-01-25 10:33:26 +01:00
parent f0e25c72d9
commit 92cce3fe6d
25 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
tests/data_files/Makefile
View File

@ -93,51 +93,51 @@ cert_example_multi.csr: rsa_pkcs1_1024_clear.pem
cert_example_multi.crt: cert_example_multi.csr
$(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
test_csr_v3_keyUsage.csr: rsa_pkcs1_1024_clear.pem
test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem
$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage
test_csr_v3_subjectAltName.csr: rsa_pkcs1_1024_clear.pem
test_csr_v3_subjectAltName.csr.der: rsa_pkcs1_1024_clear.pem
$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_subjectAltName
test_csr_v3_nsCertType.csr: rsa_pkcs1_1024_clear.pem
test_csr_v3_nsCertType.csr.der: rsa_pkcs1_1024_clear.pem
$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_nsCertType
test_csr_v3_all.csr: rsa_pkcs1_1024_clear.pem
test_csr_v3_all.csr.der: rsa_pkcs1_1024_clear.pem
$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_all
test_csr_v3_all_malformed_extensions_sequence_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extensions_sequence_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/300B0603551D0F040403/200B0603551D0F040403/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_id_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_id_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/0603551D0F0404030201/0703551D0F0404030201/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_data_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_data_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/050403020102302F0603/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_data_len1.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_data_len1.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040503020102302F0603/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_data_len2.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_data_len2.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040303020102302F0603/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/03020102302F0603551D/04020102302F0603551D/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3026A02406082B060105/4026A02406082B060105/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/04020780300D06092A86/03020780300D06092A86/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_duplicated_extension.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_duplicated_extension.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551D0F/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_extension_type_oid.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_extension_type_oid.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551DFF/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_sequence_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_sequence_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/406006092A864886F70D/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_id_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_id_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D0109/07092A864886F70D0109/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_extension_request.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_extension_request.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/2A864886F70D01090E/2A864886F70D01090F/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/31533051300B0603551D/32533051300B0603551D/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3151300B0603551D0F04/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_len1.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_len1.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/306106092A864886F70D/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_len2.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_len2.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/305906092A864886F70D/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3052300B0603551D0F04/" | xxd -r -p ) > $@
test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr: test_csr_v3_all.csr
test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der: test_csr_v3_all.csr.der
(hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@
$(test_ca_key_file_rsa_alt):test-ca.opensslconf

0
tests/data_files/test_csr_v3_all.csr → tests/data_files/test_csr_v3_all.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_extension_request.csr → tests/data_files/test_csr_v3_all_malformed_attributes_extension_request.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr → tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr → tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr → tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr → tests/data_files/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_id_tag.csr → tests/data_files/test_csr_v3_all_malformed_attributes_id_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_len1.csr → tests/data_files/test_csr_v3_all_malformed_attributes_len1.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_len2.csr → tests/data_files/test_csr_v3_all_malformed_attributes_len2.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_attributes_sequence_tag.csr → tests/data_files/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_duplicated_extension.csr → tests/data_files/test_csr_v3_all_malformed_duplicated_extension.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_data_len1.csr → tests/data_files/test_csr_v3_all_malformed_extension_data_len1.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_data_len2.csr → tests/data_files/test_csr_v3_all_malformed_extension_data_len2.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_data_tag.csr → tests/data_files/test_csr_v3_all_malformed_extension_data_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_id_tag.csr → tests/data_files/test_csr_v3_all_malformed_extension_id_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr → tests/data_files/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr → tests/data_files/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr → tests/data_files/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extension_type_oid.csr → tests/data_files/test_csr_v3_all_malformed_extension_type_oid.csr.der
View File

0
tests/data_files/test_csr_v3_all_malformed_extensions_sequence_tag.csr → tests/data_files/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der
View File

0
tests/data_files/test_csr_v3_keyUsage.csr → tests/data_files/test_csr_v3_keyUsage.csr.der
View File

0
tests/data_files/test_csr_v3_nsCertType.csr → tests/data_files/test_csr_v3_nsCertType.csr.der
View File

0
tests/data_files/test_csr_v3_subjectAltName.csr → tests/data_files/test_csr_v3_subjectAltName.csr.der
View File

10
tests/suites/test_suite_x509parse.data
View File

@ -352,19 +352,19 @@ mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version \: 1\nsu
X509 CSR Information v3 extensions #1 (all)
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/test_csr_v3_all.csr":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\ncert. type \: SSL Client\nkey usage \: CRL Sign\n"
mbedtls_x509_csr_info:"data_files/test_csr_v3_all.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\ncert. type \: SSL Client\nkey usage \: CRL Sign\n"
X509 CSR Information v3 extensions #2 (nsCertType only)
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/test_csr_v3_nsCertType.csr":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\ncert. type \: SSL Server\n"
mbedtls_x509_csr_info:"data_files/test_csr_v3_nsCertType.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\ncert. type \: SSL Server\n"
X509 CSR Information v3 extensions #3 (subjectAltName only)
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/test_csr_v3_subjectAltName.csr":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n"
mbedtls_x509_csr_info:"data_files/test_csr_v3_subjectAltName.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n"
X509 CSR Information v3 extensions #4 (keyUsage only)
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/test_csr_v3_keyUsage.csr":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Key Encipherment\n"
mbedtls_x509_csr_info:"data_files/test_csr_v3_keyUsage.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Key Encipherment\n"
X509 Verify Information: empty
x509_verify_info:0:"":""
@ -2680,7 +2680,7 @@ mbedtls_x509_csr_parse:"308201193081bf0201003034310b3009060355040613024e4c311130
X509 CSR ASN.1 (invalid version overflow)
mbedtls_x509_csr_parse:"3008300602047fffffff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION
# Used test_csr_v3_all.csr as a base for malforming CSR extenstions/attributes
# Used test_csr_v3_all.csr.der as a base for malforming CSR extenstions/attributes
# Please see makefile for data_files to check malformation details (test_csr_v3_all_malformed_xxx.csr files)
X509 CSR ASN.1 (attributes: invalid sequence tag)
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO