summaryrefslogtreecommitdiffstats
path: root/third_party/rust/cose/tools
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/rust/cose/tools')
-rw-r--r--third_party/rust/cose/tools/certs/certs.md9
-rwxr-xr-xthird_party/rust/cose/tools/certs/certs.sh21
-rw-r--r--third_party/rust/cose/tools/certs/ee-p256.certspec6
-rw-r--r--third_party/rust/cose/tools/certs/ee-p256.keyspec1
-rw-r--r--third_party/rust/cose/tools/certs/ee-p384.certspec6
-rw-r--r--third_party/rust/cose/tools/certs/ee-p521.certspec6
-rw-r--r--third_party/rust/cose/tools/certs/ee-rsa.certspec3
-rw-r--r--third_party/rust/cose/tools/certs/int-p256.certspec8
-rw-r--r--third_party/rust/cose/tools/certs/int-rsa.certspec5
-rw-r--r--third_party/rust/cose/tools/certs/root-p256.certspec8
-rw-r--r--third_party/rust/cose/tools/certs/root-rsa.certspec5
11 files changed, 78 insertions, 0 deletions
diff --git a/third_party/rust/cose/tools/certs/certs.md b/third_party/rust/cose/tools/certs/certs.md
new file mode 100644
index 0000000000..ef8a53909e
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/certs.md
@@ -0,0 +1,9 @@
+## This folder holds everything to generate certificates and keys for tests
+
+Scripts in this folder require a copy of [mozilla-central](https://hg.mozilla.org/mozilla-central/) and use scripts from `security/manager/ssl/tests/unit`. The default path for `MOZILLA_CENTRAL` is next to the root of this project.
+
+The helper script `certs.sh` sets all necessary paths and generates certificates.
+The following command generates the end-entity certificate with P256, ECDSA, SHA256.
+
+ MOZILLA_CENTRAL=<path to mc> ./certs.sh < ee-p256.certspec
+
diff --git a/third_party/rust/cose/tools/certs/certs.sh b/third_party/rust/cose/tools/certs/certs.sh
new file mode 100755
index 0000000000..b6f4db679c
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/certs.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+cwd=$(cd $(dirname $0); pwd -P)
+MOZILLA_CENTRAL=${MOZILLA_CENTRAL:-"$cwd/../../../mc"}
+script_path="$MOZILLA_CENTRAL/security/manager/ssl/tests/unit"
+
+python_path="$MOZILLA_CENTRAL/third_party/python/pyasn1/"
+python_path="$python_path:$MOZILLA_CENTRAL/third_party/python/pyasn1-modules/"
+python_path="$python_path:$MOZILLA_CENTRAL/third_party/python/PyECC/"
+python_path="$python_path:$MOZILLA_CENTRAL/third_party/python/mock-1.0.0/"
+python_path="$python_path:$MOZILLA_CENTRAL/third_party/python/rsa/"
+
+gen_cert() {
+ PYTHONPATH=$python_path "$script_path"/pycert.py "$@" > /tmp/cert.pem
+ openssl x509 -in /tmp/cert.pem -out /tmp/cert.der -outform DER
+ xxd -ps /tmp/cert.der | sed 's/\([0-9A-Fa-f]\{2\}\)/0x\1, /g' \
+ | tr -d '\n'
+ echo ""
+}
+
+gen_cert "${@:1}"
diff --git a/third_party/rust/cose/tools/certs/ee-p256.certspec b/third_party/rust/cose/tools/certs/ee-p256.certspec
new file mode 100644
index 0000000000..59d1312987
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/ee-p256.certspec
@@ -0,0 +1,6 @@
+issuer:int-p256
+subject:ee-p256
+issuerKey:secp256r1
+subjectKey:secp256r1
+signature:ecdsaWithSHA256
+validity:3650 \ No newline at end of file
diff --git a/third_party/rust/cose/tools/certs/ee-p256.keyspec b/third_party/rust/cose/tools/certs/ee-p256.keyspec
new file mode 100644
index 0000000000..562d46f945
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/ee-p256.keyspec
@@ -0,0 +1 @@
+secp256r1 \ No newline at end of file
diff --git a/third_party/rust/cose/tools/certs/ee-p384.certspec b/third_party/rust/cose/tools/certs/ee-p384.certspec
new file mode 100644
index 0000000000..19be32edb2
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/ee-p384.certspec
@@ -0,0 +1,6 @@
+issuer:int-p256
+subject:ee-p384
+issuerKey:secp256r1
+subjectKey:secp384r1
+signature:ecdsaWithSHA256
+validity:3650 \ No newline at end of file
diff --git a/third_party/rust/cose/tools/certs/ee-p521.certspec b/third_party/rust/cose/tools/certs/ee-p521.certspec
new file mode 100644
index 0000000000..b6cec39b08
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/ee-p521.certspec
@@ -0,0 +1,6 @@
+issuer:int-p256
+subject:ee-p521
+issuerKey:secp256r1
+subjectKey:secp521r1
+signature:ecdsaWithSHA256
+validity:3650 \ No newline at end of file
diff --git a/third_party/rust/cose/tools/certs/ee-rsa.certspec b/third_party/rust/cose/tools/certs/ee-rsa.certspec
new file mode 100644
index 0000000000..27a0ff3bca
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/ee-rsa.certspec
@@ -0,0 +1,3 @@
+issuer:int-rsa
+subject:ee-rsa
+validity:3650
diff --git a/third_party/rust/cose/tools/certs/int-p256.certspec b/third_party/rust/cose/tools/certs/int-p256.certspec
new file mode 100644
index 0000000000..8fec3584db
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/int-p256.certspec
@@ -0,0 +1,8 @@
+issuer:root-p256
+subject:int-p256
+issuerKey:secp256k1
+subjectKey:secp256r1
+signature:ecdsaWithSHA256
+extension:basicConstraints:cA,
+extension:keyUsage:cRLSign,keyCertSign
+validity:3650 \ No newline at end of file
diff --git a/third_party/rust/cose/tools/certs/int-rsa.certspec b/third_party/rust/cose/tools/certs/int-rsa.certspec
new file mode 100644
index 0000000000..e79c1ecc53
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/int-rsa.certspec
@@ -0,0 +1,5 @@
+issuer:root-rsa
+subject:int-rsa
+extension:basicConstraints:cA,
+extension:keyUsage:cRLSign,keyCertSign
+validity:3650
diff --git a/third_party/rust/cose/tools/certs/root-p256.certspec b/third_party/rust/cose/tools/certs/root-p256.certspec
new file mode 100644
index 0000000000..e44d96e226
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/root-p256.certspec
@@ -0,0 +1,8 @@
+issuer:root-p256
+subject:root-p256
+issuerKey:secp256r1
+subjectKey:secp256r1
+signature:ecdsaWithSHA256
+extension:basicConstraints:cA,
+extension:keyUsage:cRLSign,keyCertSign
+validity:3650 \ No newline at end of file
diff --git a/third_party/rust/cose/tools/certs/root-rsa.certspec b/third_party/rust/cose/tools/certs/root-rsa.certspec
new file mode 100644
index 0000000000..39454648fa
--- /dev/null
+++ b/third_party/rust/cose/tools/certs/root-rsa.certspec
@@ -0,0 +1,5 @@
+issuer:root-rsa
+subject:root-rsa
+extension:basicConstraints:cA,
+extension:keyUsage:cRLSign,keyCertSign
+validity:3650