diff options
Diffstat (limited to 'FreeRTOS-Plus/Source/WolfSSL/gencertbuf.pl')
-rw-r--r-- | FreeRTOS-Plus/Source/WolfSSL/gencertbuf.pl | 156 |
1 files changed, 147 insertions, 9 deletions
diff --git a/FreeRTOS-Plus/Source/WolfSSL/gencertbuf.pl b/FreeRTOS-Plus/Source/WolfSSL/gencertbuf.pl index d3d116695..6b71fffad 100644 --- a/FreeRTOS-Plus/Source/WolfSSL/gencertbuf.pl +++ b/FreeRTOS-Plus/Source/WolfSSL/gencertbuf.pl @@ -15,35 +15,95 @@ use warnings; # output C header file to write cert/key buffers to my $outputFile = "./wolfssl/certs_test.h"; +# ecc keys and certs to be converted +# Used with HAVE_ECC && USE_CERT_BUFFERS_256 + +my @fileList_ecc = ( + [ "./certs/ecc-client-key.der", "ecc_clikey_der_256" ], + [ "./certs/ecc-client-keyPub.der", "ecc_clikeypub_der_256" ], + [ "./certs/client-ecc-cert.der", "cliecc_cert_der_256" ], + [ "./certs/ecc-key.der", "ecc_key_der_256" ], + [ "./certs/ecc-keyPub.der", "ecc_key_pub_der_256" ], + [ "./certs/server-ecc-comp.der", "serv_ecc_comp_der_256" ], + [ "./certs/server-ecc-rsa.der", "serv_ecc_rsa_der_256" ], + [ "./certs/server-ecc.der", "serv_ecc_der_256" ], + [ "./certs/ca-ecc-key.der", "ca_ecc_key_der_256" ], + [ "./certs/ca-ecc-cert.der", "ca_ecc_cert_der_256" ], + [ "./certs/ca-ecc384-key.der", "ca_ecc_key_der_384" ], + [ "./certs/ca-ecc384-cert.der", "ca_ecc_cert_der_384" ] + ); + + +# ed25519 keys and certs +# Used with HAVE_ED25519 define. +my @fileList_ed = ( + [ "./certs/ed25519/server-ed25519.der", "server_ed25519_cert" ], + [ "./certs/ed25519/server-ed25519-key.der", "server_ed25519_key" ], + [ "./certs/ed25519/ca-ed25519.der", "ca_ed25519_cert" ], + [ "./certs/ed25519/client-ed25519.der", "client_ed25519_cert" ], + [ "./certs/ed25519/client-ed25519-key.der", "client_ed25519_key" ] + ); + # 1024-bit certs/keys to be converted # Used with USE_CERT_BUFFERS_1024 define. my @fileList_1024 = ( [ "./certs/1024/client-key.der", "client_key_der_1024" ], + [ "./certs/1024/client-keyPub.der", "client_keypub_der_1024" ], [ "./certs/1024/client-cert.der", "client_cert_der_1024" ], [ "./certs/1024/dh1024.der", "dh_key_der_1024" ], [ "./certs/1024/dsa1024.der", "dsa_key_der_1024" ], - [ "./certs/1024/rsa1024.der", "rsa_key_der_1024" ] + [ "./certs/1024/rsa1024.der", "rsa_key_der_1024" ], + [ "./certs/1024/ca-key.der", "ca_key_der_1024"], + [ "./certs/1024/ca-cert.der", "ca_cert_der_1024" ], + [ "./certs/1024/server-key.der", "server_key_der_1024" ], + [ "./certs/1024/server-cert.der", "server_cert_der_1024" ] ); # 2048-bit certs/keys to be converted # Used with USE_CERT_BUFFERS_2048 define. - my @fileList_2048 = ( [ "./certs/client-key.der", "client_key_der_2048" ], + [ "./certs/client-keyPub.der", "client_keypub_der_2048" ], [ "./certs/client-cert.der", "client_cert_der_2048" ], [ "./certs/dh2048.der", "dh_key_der_2048" ], [ "./certs/dsa2048.der", "dsa_key_der_2048" ], [ "./certs/rsa2048.der", "rsa_key_der_2048" ], + [ "./certs/ca-key.der", "ca_key_der_2048" ], [ "./certs/ca-cert.der", "ca_cert_der_2048" ], + [ "./certs/ca-cert-chain.der", "ca_cert_chain_der" ], [ "./certs/server-key.der", "server_key_der_2048" ], [ "./certs/server-cert.der", "server_cert_der_2048" ] ); +# 3072-bit certs/keys to be converted +# Used with USE_CERT_BUFFERS_3072 define. +my @fileList_3072 = ( + [ "./certs/dh3072.der", "dh_key_der_3072" ], + [ "./certs/dsa3072.der", "dsa_key_der_3072" ], + [ "./certs/rsa3072.der", "rsa_key_der_3072" ], + [ "./certs/3072/client-key.der", "client_key_der_3072" ], + [ "./certs/3072/client-keyPub.der", "client_keypub_der_3072" ], + [ "./certs/3072/client-cert.der", "client_cert_der_3072" ], + ); + +# 4096-bit certs/keys to be converted +# Used with USE_CERT_BUFFERS_4096 define. +my @fileList_4096 = ( + [ "./certs/4096/client-key.der", "client_key_der_4096" ], + [ "./certs/4096/client-keyPub.der", "client_keypub_der_4096" ], + [ "./certs/4096/client-cert.der", "client_cert_der_4096" ], + [ "./certs/dh4096.der", "dh_key_der_4096" ], + ); + # ---------------------------------------------------------------------------- +my $num_ecc = @fileList_ecc; +my $num_ed = @fileList_ed; my $num_1024 = @fileList_1024; my $num_2048 = @fileList_2048; +my $num_3072 = @fileList_3072; +my $num_4096 = @fileList_4096; # open our output file, "+>" creates and/or truncates open OUT_FILE, "+>", $outputFile or die $!; @@ -52,6 +112,7 @@ print OUT_FILE "/* certs_test.h */\n\n"; print OUT_FILE "#ifndef WOLFSSL_CERTS_TEST_H\n"; print OUT_FILE "#define WOLFSSL_CERTS_TEST_H\n\n"; + # convert and print 1024-bit cert/keys print OUT_FILE "#ifdef USE_CERT_BUFFERS_1024\n\n"; for (my $i = 0; $i < $num_1024; $i++) { @@ -66,9 +127,11 @@ for (my $i = 0; $i < $num_1024; $i++) { print OUT_FILE "};\n"; print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; } +print OUT_FILE "#endif /* USE_CERT_BUFFERS_1024 */\n\n"; + # convert and print 2048-bit certs/keys -print OUT_FILE "#elif defined(USE_CERT_BUFFERS_2048)\n\n"; +print OUT_FILE "#ifdef USE_CERT_BUFFERS_2048\n\n"; for (my $i = 0; $i < $num_2048; $i++) { my $fname = $fileList_2048[$i][0]; @@ -82,7 +145,63 @@ for (my $i = 0; $i < $num_2048; $i++) { print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; } -print OUT_FILE "#endif /* USE_CERT_BUFFERS_1024 */\n\n"; + +print OUT_FILE "#endif /* USE_CERT_BUFFERS_2048 */\n\n"; + + +# convert and print 3072-bit certs/keys +print OUT_FILE "#ifdef USE_CERT_BUFFERS_3072\n\n"; +for (my $i = 0; $i < $num_3072; $i++) { + + my $fname = $fileList_3072[$i][0]; + my $sname = $fileList_3072[$i][1]; + + print OUT_FILE "/* $fname, 3072-bit */\n"; + print OUT_FILE "static const unsigned char $sname\[] =\n"; + print OUT_FILE "{\n"; + file_to_hex($fname); + print OUT_FILE "};\n"; + print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; +} + +print OUT_FILE "#endif /* USE_CERT_BUFFERS_3072 */\n\n"; + + +# convert and print 4096-bit certs/keys +print OUT_FILE "#ifdef USE_CERT_BUFFERS_4096\n\n"; +for (my $i = 0; $i < $num_4096; $i++) { + + my $fname = $fileList_4096[$i][0]; + my $sname = $fileList_4096[$i][1]; + + print OUT_FILE "/* $fname, 4096-bit */\n"; + print OUT_FILE "static const unsigned char $sname\[] =\n"; + print OUT_FILE "{\n"; + file_to_hex($fname); + print OUT_FILE "};\n"; + print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; +} + +print OUT_FILE "#endif /* USE_CERT_BUFFERS_4096 */\n\n"; + + +# convert and print 256-bit cert/keys +print OUT_FILE "#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)\n\n"; +for (my $i = 0; $i < $num_ecc; $i++) { + + my $fname = $fileList_ecc[$i][0]; + my $sname = $fileList_ecc[$i][1]; + + print OUT_FILE "/* $fname, ECC */\n"; + print OUT_FILE "static const unsigned char $sname\[] =\n"; + print OUT_FILE "{\n"; + file_to_hex($fname); + print OUT_FILE "};\n"; + print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; +} +print OUT_FILE "#endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */\n\n"; + + print OUT_FILE "/* dh1024 p */ static const unsigned char dh_p[] = { @@ -103,7 +222,24 @@ static const unsigned char dh_p[] = static const unsigned char dh_g[] = { 0x02, -};\n\n\n"; +};\n\n"; + +# convert and print ed25519 cert/keys +print OUT_FILE "#if defined(HAVE_ED25519)\n\n"; +for (my $i = 0; $i < $num_ed; $i++) { + + my $fname = $fileList_ed[$i][0]; + my $sname = $fileList_ed[$i][1]; + + print OUT_FILE "/* $fname, ED25519 */\n"; + print OUT_FILE "static const unsigned char $sname\[] =\n"; + print OUT_FILE "{\n"; + file_to_hex($fname); + print OUT_FILE "};\n"; + print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; +} +print OUT_FILE "#endif /* HAVE_ED25519 */\n\n"; + print OUT_FILE "#endif /* WOLFSSL_CERTS_TEST_H */\n\n"; # close certs_test.h file @@ -122,14 +258,17 @@ sub file_to_hex { for (my $i = 0, my $j = 1; $i < $fileLen; $i++, $j++) { if ($j == 1) { - print OUT_FILE "\t"; + print OUT_FILE " "; + } + if ($j != 1) { + print OUT_FILE " "; } read($fp, $byte, 1) or die "Error reading $fileName"; my $output = sprintf("0x%02X", ord($byte)); print OUT_FILE $output; if ($i != ($fileLen - 1)) { - print OUT_FILE ", "; + print OUT_FILE ","; } if ($j == 10) { @@ -140,6 +279,5 @@ sub file_to_hex { print OUT_FILE "\n"; - close($fp); + close($fp); } - |