Merge CAFILE and Certificate
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py
index 20dd8c4..913db9e 100755
--- a/tests/scripts/generate_tls13_compat_tests.py
+++ b/tests/scripts/generate_tls13_compat_tests.py
@@ -27,30 +27,25 @@
import abc
import argparse
import itertools
-
+from collections import namedtuple
# pylint: disable=useless-super-delegation
+# define certificates configuration entry
+Certificate = namedtuple("Certificate", ['cafile', 'certfile', 'keyfile'])
+# define the certificate parameters for signature algorithms
CERTIFICATES = {
- 'ecdsa_secp256r1_sha256': (
- 'data_files/ecdsa_secp256r1.crt',
- 'data_files/ecdsa_secp256r1.key'),
- 'ecdsa_secp384r1_sha384': (
- 'data_files/ecdsa_secp384r1.crt',
- 'data_files/ecdsa_secp384r1.key'),
- 'ecdsa_secp521r1_sha512': (
- 'data_files/ecdsa_secp521r1.crt',
- 'data_files/ecdsa_secp521r1.key'),
- 'rsa_pss_rsae_sha256': (
- 'data_files/server2-sha256.crt', 'data_files/server2.key'
- )
-}
-
-
-CAFILE = {
- 'ecdsa_secp256r1_sha256': 'data_files/test-ca2.crt',
- 'ecdsa_secp384r1_sha384': 'data_files/test-ca2.crt',
- 'ecdsa_secp521r1_sha512': 'data_files/test-ca2.crt',
- 'rsa_pss_rsae_sha256': 'data_files/test-ca_cat12.crt'
+ 'ecdsa_secp256r1_sha256': Certificate('data_files/test-ca2.crt',
+ 'data_files/ecdsa_secp256r1.crt',
+ 'data_files/ecdsa_secp256r1.key'),
+ 'ecdsa_secp384r1_sha384': Certificate('data_files/test-ca2.crt',
+ 'data_files/ecdsa_secp384r1.crt',
+ 'data_files/ecdsa_secp384r1.key'),
+ 'ecdsa_secp521r1_sha512': Certificate('data_files/test-ca2.crt',
+ 'data_files/ecdsa_secp521r1.crt',
+ 'data_files/ecdsa_secp521r1.key'),
+ 'rsa_pss_rsae_sha256': Certificate('data_files/test-ca_cat12.crt',
+ 'data_files/server2-sha256.crt', 'data_files/server2.key'
+ )
}
CIPHER_SUITE_IANA_VALUE = {
@@ -160,7 +155,9 @@
def cmd(self):
ret = ['$O_NEXT_SRV_NO_CERT']
- for cert, key in self.certificates:
+ for i in self.certificates:
+ print(i)
+ for _, cert, key in self.certificates:
ret += ['-cert {cert} -key {key}'.format(cert=cert, key=key)]
ret += ['-accept $SRV_PORT']
ciphersuites = ','.join(self.ciphersuites)
@@ -253,7 +250,7 @@
'--http',
'--disable-client-cert',
'--debug=4']
- for cert, key in self.certificates:
+ for _, cert, key in self.certificates:
ret += ['--x509certfile {cert} --x509keyfile {key}'.format(
cert=cert, key=key)]
priority_strings = ':+'.join(['NONE'] +
@@ -333,7 +330,8 @@
ret += [
'server_addr=127.0.0.1 server_port=$SRV_PORT',
'debug_level=4 force_version=tls1_3']
- ret += ['ca_file={CAFILE}'.format(CAFILE=CAFILE[self._sig_alg])]
+ ret += ['ca_file={cafile}'.format(
+ cafile=CERTIFICATES[self._sig_alg].cafile)]
self.ciphersuites = list(set(self.ciphersuites))
cipher = ','.join(self.ciphersuites)
if cipher:
@@ -479,8 +477,8 @@
print(*CLIENT_CLASSES.keys())
return 0
- print(generate_compat_test(server=args.server, client=args.client,
- sig_alg=args.sig_alg, cipher=args.cipher, named_group=args.named_group))
+ print(generate_compat_test(server=args.server, client=args.client, sig_alg=args.sig_alg,
+ cipher=args.cipher, named_group=args.named_group))
return 0