diff --git a/library/certs.c b/library/certs.c index b07fd8a3a..bd5026010 100644 --- a/library/certs.c +++ b/library/certs.c @@ -42,6 +42,29 @@ * */ +/* Use CRTs with Secp256r1 curve if enabled. + * Otherwise, fall back to previous EC test + * certificates. */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + +/* This is taken from tests/data_files/test-ca3.crt.pem */ +/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca3.crt.pem */ +/* END FILE */ + +/* This is generated from tests/data_files/test-ca3.crt.der using `xxd -i`. */ +/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca3.crt.der */ +/* END FILE */ + +/* This is taken from tests/data_files/test-ca3.key.pem */ +/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM tests/data_files/test-ca3.key.pem */ +/* END FILE */ + +/* This is generated from tests/data_files/test-ca3.key.der using `xxd -i`. */ +/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER tests/data_files/test-ca3.key.der */ +/* END FILE */ + +#else /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + /* This is taken from tests/data_files/test-ca2.crt */ /* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca2.crt */ #define TEST_CA_CRT_EC_PEM \ @@ -154,6 +177,10 @@ } /* END FILE */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +#define TEST_CA_PWD_EC_PEM "PolarSSLTest" + /* This is taken from tests/data_files/test-ca-sha256.crt. */ /* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM tests/data_files/test-ca-sha256.crt */ #define TEST_CA_CRT_RSA_SHA256_PEM \ @@ -513,6 +540,29 @@ * - multiple EC curve types */ +/* Use CRTs with Secp256r1 curve if enabled. + * Otherwise, fall back to previous EC test + * certificates. */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + +/* This is taken from tests/data_files/server11.crt.pem. */ +/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server11.crt.pem */ +/* END FILE */ + +/* This is generated from tests/data_files/server11.crt.der using `xxd -i`. */ +/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server11.crt.der */ +/* END FILE */ + +/* This is taken from tests/data_files/server11.key.pem. */ +/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM tests/data_files/server11.key.pem */ +/* END FILE */ + +/* This is generated from tests/data_files/server11.key.der using `xxd -i`. */ +/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER tests/data_files/server11.key.der */ +/* END FILE */ + +#else /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + /* This is taken from tests/data_files/server5.crt. */ /* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server5.crt */ #define TEST_SRV_CRT_EC_PEM \ @@ -611,6 +661,8 @@ } /* END FILE */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + /* This is taken from tests/data_files/server2-sha256.crt. */ /* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM tests/data_files/server2-sha256.crt */ #define TEST_SRV_CRT_RSA_SHA256_PEM \ @@ -962,6 +1014,29 @@ * - multiple EC curve types */ +/* Use CRTs with Secp256r1 curve if enabled. + * Otherwise, fall back to previous EC test + * certificates. */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + +/* This is taken from tests/data_files/cli3.crt. */ +/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM tests/data_files/cli3.crt.pem */ +/* END FILE */ + +/* This is generated from tests/data_files/cli3.crt.der using `xxd -i`. */ +/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER tests/data_files/cli3.crt.der */ +/* END FILE */ + +/* This is taken from tests/data_files/cli3.key.pem. */ +/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM tests/data_files/cli3.key.pem */ +/* END FILE */ + +/* This is generated from tests/data_files/cli3.key.der using `xxd -i`. */ +/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER tests/data_files/cli3.key.der */ +/* END FILE */ + +#else /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + /* This is taken from tests/data_files/cli2.crt. */ /* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM tests/data_files/cli2.crt */ #define TEST_CLI_CRT_EC_PEM \ @@ -1061,6 +1136,8 @@ } /* END FILE */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + /* This is taken from tests/data_files/cli-rsa-sha256.crt. */ /* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM tests/data_files/cli-rsa-sha256.crt */ #define TEST_CLI_CRT_RSA_PEM \