commit b7b40b494d78d36e27647a7f321244fa17236140
author Jerry Yu <jerry.h.yu@arm.com> Sun Apr 23 17:49:39 2023 +0800
committer Pengyu Lv <pengyu.lv@arm.com> Mon May 29 20:55:40 2023 +0800
tree b7f3e897eed4f1c7e7db34a115e29a37269bb3e9
parent 543d912495716bd4499af7845e48b154f8d3d7db

Add rules to generate server5[-badsign].crt

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

tests/data_files/Makefile

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 1af3132..7e1d94b 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1173,6 +1173,19 @@
 
 # server5*
 
+server5.csr: server5.key
+	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+					-key $< -out $@
+all_intermediate += server5.csr
+server5.crt: server5.csr
+	$(OPENSSL) x509 -req -CA $(test_ca_crt_cat21) -CAkey $(test_ca_key_file_ec) \
+				-extfile server5.crt.openssl.v3_ext -set_serial 9 -days 3650 -sha256 -in $< -out $@
+all_final += server5.crt
+
+server5-badsign.crt: server5.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server5-badsign.crt
+
 # The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
 server5.req.ku.sha1: server5.key
 	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1

tests/data_files/server5.crt.openssl.v3_ext

diff --git a/tests/data_files/server5.crt.openssl.v3_ext b/tests/data_files/server5.crt.openssl.v3_ext
new file mode 100644
index 0000000..594e90a
--- /dev/null
+++ b/tests/data_files/server5.crt.openssl.v3_ext
@@ -0,0 +1,3 @@
+basicConstraints = CA:false
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always