Home Explore Help
Register Sign In
OWEALs
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
2
0
Fork 0
Files Issues 8 Wiki
Tree: f48e2067ae
Branches Tags
wolfssl
/
gencertbuf.pl

gencertbuf.pl 7.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246 
  1. #!/usr/bin/perl
    2. 

  2. 

  3. # gencertbuf.pl
    4. 

  4. # version 1.1
    5. 

  5. # Updated 07/01/2014
    6. 

  6. #
    7. 

  7. # Copyright (C) 2006-2015 wolfSSL Inc.
    8. 

  8. #
    9. 

  9. 

  10. use strict;
    11. 

  11. use warnings;
    12. 

  12. 

  13. # ---- SCRIPT SETTINGS -------------------------------------------------------
    14. 

  14. 

  15. # output C header file to write cert/key buffers to
    16. 

  16. my $outputFile = "./wolfssl/certs_test.h";
    17. 

  17. 

  18. # ecc keys and certs to be converted
    19. 

  19. # Used with HAVE_ECC && USE_CERT_BUFFERS_256
    20. 

  20. 

  21. my @fileList_ecc = (
    22. 

  22.         [ "./certs/ecc-client-key.der",    "ecc_clikey_der_256" ],
    23. 

  23.         [ "./certs/ecc-client-keyPub.der", "ecc_clikeypub_der_256" ],
    24. 

  24.         [ "./certs/client-ecc-cert.der",   "cliecc_cert_der_256" ],
    25. 

  25.         [ "./certs/ecc-key.der",           "ecc_key_der_256" ],
    26. 

  26.         [ "./certs/ecc-keyPub.der",        "ecc_key_pub_der_256" ],
    27. 

  27.         [ "./certs/server-ecc-comp.der",   "serv_ecc_comp_der_256" ],
    28. 

  28.         [ "./certs/server-ecc-rsa.der",    "serv_ecc_rsa_der_256" ],
    29. 

  29.         [ "./certs/server-ecc.der",        "serv_ecc_der_256" ],
    30. 

  30.         [ "./certs/ca-ecc-key.der",        "ca_ecc_key_der_256" ],
    31. 

  31.         [ "./certs/ca-ecc-cert.der",       "ca_ecc_cert_der_256" ],
    32. 

  32.         [ "./certs/ca-ecc384-key.der",     "ca_ecc_key_der_384" ],
    33. 

  33.         [ "./certs/ca-ecc384-cert.der",    "ca_ecc_cert_der_384" ]
    34. 

  34.         );
    35. 

  35. 

  36. 

  37. # ed25519 keys and certs
    38. 

  38. # Used with HAVE_ED25519 define.
    39. 

  39. my @fileList_ed = (
    40. 

  40.         [ "./certs/ed25519/server-ed25519.der",    "server_ed25519_cert" ],
    41. 

  41.         [ "./certs/ed25519/ca-ed25519.der",        "ca_ed25519_cert" ]
    42. 

  42.         );
    43. 

  43. 

  44. # 1024-bit certs/keys to be converted
    45. 

  45. # Used with USE_CERT_BUFFERS_1024 define.
    46. 

  46. 

  47. my @fileList_1024 = (
    48. 

  48.         [ "./certs/1024/client-key.der", "client_key_der_1024" ],
    49. 

  49.         [ "./certs/1024/client-keyPub.der", "client_keypub_der_1024" ],
    50. 

  50.         [ "./certs/1024/client-cert.der", "client_cert_der_1024" ],
    51. 

  51.         [ "./certs/1024/dh1024.der", "dh_key_der_1024" ],
    52. 

  52.         [ "./certs/1024/dsa1024.der", "dsa_key_der_1024" ],
    53. 

  53.         [ "./certs/1024/rsa1024.der", "rsa_key_der_1024" ],
    54. 

  54.         [ "./certs/1024/ca-key.der", "ca_key_der_1024"],
    55. 

  55.         [ "./certs/1024/ca-cert.der", "ca_cert_der_1024" ],
    56. 

  56.         [ "./certs/1024/server-key.der", "server_key_der_1024" ],
    57. 

  57.         [ "./certs/1024/server-cert.der", "server_cert_der_1024" ]
    58. 

  58.         );
    59. 

  59. 

  60. # 2048-bit certs/keys to be converted
    61. 

  61. # Used with USE_CERT_BUFFERS_2048 define.
    62. 

  62. 

  63. my @fileList_2048 = (
    64. 

  64.         [ "./certs/client-key.der", "client_key_der_2048" ],
    65. 

  65.         [ "./certs/client-keyPub.der", "client_keypub_der_2048" ],
    66. 

  66.         [ "./certs/client-cert.der", "client_cert_der_2048" ],
    67. 

  67.         [ "./certs/dh2048.der", "dh_key_der_2048" ],
    68. 

  68.         [ "./certs/dsa2048.der", "dsa_key_der_2048" ],
    69. 

  69.         [ "./certs/rsa2048.der", "rsa_key_der_2048" ],
    70. 

  70.         [ "./certs/ca-key.der", "ca_key_der_2048" ],
    71. 

  71.         [ "./certs/ca-cert.der", "ca_cert_der_2048" ],
    72. 

  72.         [ "./certs/ca-cert-chain.der", "ca_cert_chain_der" ],
    73. 

  73.         [ "./certs/server-key.der", "server_key_der_2048" ],
    74. 

  74.         [ "./certs/server-cert.der", "server_cert_der_2048" ]
    75. 

  75.         );
    76. 

  76. 

  77. my @fileList_3072 = (
    78. 

  78.         [ "./certs/dh3072.der", "dh_key_der_3072" ],
    79. 

  79.         [ "./certs/dsa3072.der", "dsa_key_der_3072" ],
    80. 

  80.         [ "./certs/rsa3072.der", "rsa_key_der_3072" ],
    81. 

  81.         );
    82. 

  82. 

  83. # ----------------------------------------------------------------------------
    84. 

  84. 

  85. my $num_ecc = @fileList_ecc;
    86. 

  86. my $num_ed = @fileList_ed;
    87. 

  87. my $num_1024 = @fileList_1024;
    88. 

  88. my $num_2048 = @fileList_2048;
    89. 

  89. my $num_3072 = @fileList_3072;
    90. 

  90. 

  91. # open our output file, "+>" creates and/or truncates
    92. 

  92. open OUT_FILE, "+>", $outputFile  or die $!;
    93. 

  93. 

  94. print OUT_FILE "/* certs_test.h */\n\n";
    95. 

  95. print OUT_FILE "#ifndef WOLFSSL_CERTS_TEST_H\n";
    96. 

  96. print OUT_FILE "#define WOLFSSL_CERTS_TEST_H\n\n";
    97. 

  97. 

  98. 

  99. # convert and print 1024-bit cert/keys
    100. 

  100. print OUT_FILE "#ifdef USE_CERT_BUFFERS_1024\n\n";
    101. 

  101. for (my $i = 0; $i < $num_1024; $i++) {
    102. 

  102. 

  103.     my $fname = $fileList_1024[$i][0];
    104. 

  104.     my $sname = $fileList_1024[$i][1];
    105. 

  105. 

  106.     print OUT_FILE "/* $fname, 1024-bit */\n";
    107. 

  107.     print OUT_FILE "static const unsigned char $sname\[] =\n";
    108. 

  108.     print OUT_FILE "{\n";
    109. 

  109.     file_to_hex($fname);
    110. 

  110.     print OUT_FILE "};\n";
    111. 

  111.     print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
    112. 

  112. }
    113. 

  113. print OUT_FILE "#endif /* USE_CERT_BUFFERS_1024 */\n\n";
    114. 

  114. 

  115. 

  116. # convert and print 2048-bit certs/keys
    117. 

  117. print OUT_FILE "#ifdef USE_CERT_BUFFERS_2048\n\n";
    118. 

  118. for (my $i = 0; $i < $num_2048; $i++) {
    119. 

  119. 

  120.     my $fname = $fileList_2048[$i][0];
    121. 

  121.     my $sname = $fileList_2048[$i][1];
    122. 

  122. 

  123.     print OUT_FILE "/* $fname, 2048-bit */\n";
    124. 

  124.     print OUT_FILE "static const unsigned char $sname\[] =\n";
    125. 

  125.     print OUT_FILE "{\n";
    126. 

  126.     file_to_hex($fname);
    127. 

  127.     print OUT_FILE "};\n";
    128. 

  128.     print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
    129. 

  129. }
    130. 

  130. 

  131. 

  132. print OUT_FILE "#endif /* USE_CERT_BUFFERS_2048 */\n\n";
    133. 

  133. 

  134. 

  135. # convert and print 3072-bit certs/keys
    136. 

  136. print OUT_FILE "#ifdef USE_CERT_BUFFERS_3072\n\n";
    137. 

  137. for (my $i = 0; $i < $num_3072; $i++) {
    138. 

  138. 

  139.     my $fname = $fileList_3072[$i][0];
    140. 

  140.     my $sname = $fileList_3072[$i][1];
    141. 

  141. 

  142.     print OUT_FILE "/* $fname, 3072-bit */\n";
    143. 

  143.     print OUT_FILE "static const unsigned char $sname\[] =\n";
    144. 

  144.     print OUT_FILE "{\n";
    145. 

  145.     file_to_hex($fname);
    146. 

  146.     print OUT_FILE "};\n";
    147. 

  147.     print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
    148. 

  148. }
    149. 

  149. 

  150. print OUT_FILE "#endif /* USE_CERT_BUFFERS_3072 */\n\n";
    151. 

  151. 

  152. 

  153. # convert and print 256-bit cert/keys
    154. 

  154. print OUT_FILE "#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)\n\n";
    155. 

  155. for (my $i = 0; $i < $num_ecc; $i++) {
    156. 

  156. 

  157.     my $fname = $fileList_ecc[$i][0];
    158. 

  158.     my $sname = $fileList_ecc[$i][1];
    159. 

  159. 

  160.     print OUT_FILE "/* $fname, ECC */\n";
    161. 

  161.     print OUT_FILE "static const unsigned char $sname\[] =\n";
    162. 

  162.     print OUT_FILE "{\n";
    163. 

  163.     file_to_hex($fname);
    164. 

  164.     print OUT_FILE "};\n";
    165. 

  165.     print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
    166. 

  166. }
    167. 

  167. print OUT_FILE "#endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */\n\n";
    168. 

  168. 

  169. 

  170. print OUT_FILE "/* dh1024 p */
    171. 

  171. static const unsigned char dh_p[] =
    172. 

  172. {
    173. 

  173.     0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
    174. 

  174.     0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
    175. 

  175.     0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
    176. 

  176.     0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
    177. 

  177.     0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
    178. 

  178.     0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
    179. 

  179.     0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
    180. 

  180.     0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
    181. 

  181.     0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
    182. 

  182.     0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
    183. 

  183.     0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
    184. 

  184. };
    185. 

  185. 

  186. /* dh1024 g */
    187. 

  187. static const unsigned char dh_g[] =
    188. 

  188. {
    189. 

  189.   0x02,
    190. 

  190. };\n\n";
    191. 

  191. 

  192. # convert and print ed25519 cert/keys
    193. 

  193. print OUT_FILE "#if defined(HAVE_ED25519)\n\n";
    194. 

  194. for (my $i = 0; $i < $num_ed; $i++) {
    195. 

  195. 

  196.     my $fname = $fileList_ed[$i][0];
    197. 

  197.     my $sname = $fileList_ed[$i][1];
    198. 

  198. 

  199.     print OUT_FILE "/* $fname, ED25519 */\n";
    200. 

  200.     print OUT_FILE "static const unsigned char $sname\[] =\n";
    201. 

  201.     print OUT_FILE "{\n";
    202. 

  202.     file_to_hex($fname);
    203. 

  203.     print OUT_FILE "};\n";
    204. 

  204.     print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
    205. 

  205. }
    206. 

  206. print OUT_FILE "#endif /* HAVE_ED25519 */\n\n";
    207. 

  207. 

  208. print OUT_FILE "#endif /* WOLFSSL_CERTS_TEST_H */\n\n";
    209. 

  209. 

  210. # close certs_test.h file
    211. 

  211. close OUT_FILE or die $!;
    212. 

  212. 

  213. # print file as hex, comma-separated, as needed by C buffer
    214. 

  214. sub file_to_hex {
    215. 

  215.     my $fileName = $_[0];
    216. 

  216. 

  217.     open my $fp, "<", $fileName or die $!;
    218. 

  218.     binmode($fp);
    219. 

  219. 

  220.     my $fileLen = -s $fileName;
    221. 

  221.     my $byte;
    222. 

  222. 

  223.     for (my $i = 0, my $j = 1; $i < $fileLen; $i++, $j++)
    224. 

  224.     {
    225. 

  225.         if ($j == 1) {
    226. 

  226.             print OUT_FILE "\t";
    227. 

  227.         }
    228. 

  228.         read($fp, $byte, 1) or die "Error reading $fileName";
    229. 

  229.         my $output = sprintf("0x%02X", ord($byte));
    230. 

  230.         print OUT_FILE $output;
    231. 

  231. 

  232.         if ($i != ($fileLen - 1)) {
    233. 

  233.             print OUT_FILE ", ";
    234. 

  234.         }
    235. 

  235. 

  236.         if ($j == 10) {
    237. 

  237.             $j = 0;
    238. 

  238.             print OUT_FILE "\n";
    239. 

  239.         }
    240. 

  240.     }
    241. 

  241. 

  242.     print OUT_FILE "\n";
    243. 

  243. 

  244.     close($fp);
    245. 

  245. }
    246. 

  246.