Skip to content

Commit 446e243

Browse files
author
Adrian Cruceru
committed
Update keys and provide script to update them in the future
as_bytes() needed everywhere since the nightly from CI is too old to have as_bytes() on const in keys.rs
1 parent 7750efa commit 446e243

15 files changed

+272
-290
lines changed

mbedtls/examples/client.rs

+1-1
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ use support::keys;
2727
fn result_main(addr: &str) -> TlsResult<()> {
2828
let entropy = Arc::new(entropy_new());
2929
let rng = Arc::new(CtrDrbg::new(entropy, None)?);
30-
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT)?);
30+
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT.as_bytes())?);
3131
let mut config = Config::new(Endpoint::Client, Transport::Stream, Preset::Default);
3232
config.set_rng(rng);
3333
config.set_ca_list(cert, None);

mbedtls/examples/server.rs

+2-2
Original file line numberDiff line numberDiff line change
@@ -38,8 +38,8 @@ fn listen<E, F: FnMut(TcpStream) -> Result<(), E>>(mut handle_client: F) -> Resu
3838
fn result_main() -> TlsResult<()> {
3939
let entropy = entropy_new();
4040
let rng = Arc::new(CtrDrbg::new(Arc::new(entropy), None)?);
41-
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT)?);
42-
let key = Arc::new(Pk::from_private_key(keys::PEM_KEY, None)?);
41+
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT.as_bytes())?);
42+
let key = Arc::new(Pk::from_private_key(keys::PEM_KEY.as_bytes(), None)?);
4343
let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default);
4444
config.set_rng(rng);
4545
config.push_cert(cert, key)?;

mbedtls/tests/client_server.rs

+3-3
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ fn client(
3434
exp_version: Option<Version>) -> TlsResult<()> {
3535
let entropy = Arc::new(entropy_new());
3636
let rng = Arc::new(CtrDrbg::new(entropy, None)?);
37-
let cacert = Arc::new(Certificate::from_pem_multiple(keys::ROOT_CA_CERT)?);
37+
let cacert = Arc::new(Certificate::from_pem_multiple(keys::ROOT_CA_CERT.as_bytes())?);
3838
let expected_flags = VerifyError::empty();
3939
#[cfg(feature = "time")]
4040
let expected_flags = expected_flags | VerifyError::CERT_EXPIRED;
@@ -90,8 +90,8 @@ fn server(
9090
) -> TlsResult<()> {
9191
let entropy = entropy_new();
9292
let rng = Arc::new(CtrDrbg::new(Arc::new(entropy), None)?);
93-
let cert = Arc::new(Certificate::from_pem_multiple(keys::EXPIRED_CERT)?);
94-
let key = Arc::new(Pk::from_private_key(keys::EXPIRED_KEY, None)?);
93+
let cert = Arc::new(Certificate::from_pem_multiple(keys::EXPIRED_CERT.as_bytes())?);
94+
let key = Arc::new(Pk::from_private_key(keys::EXPIRED_KEY.as_bytes(), None)?);
9595
let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default);
9696
config.set_rng(rng);
9797
config.set_min_version(min_version)?;

mbedtls/tests/hyper.rs

+3-84
Original file line numberDiff line numberDiff line change
@@ -436,88 +436,7 @@ mod tests {
436436
}
437437

438438

439-
// Signed by ROOT_CA below
440-
pub const PEM_CERT: &'static [u8] = b"-----BEGIN CERTIFICATE-----
441-
MIIEGzCCAgOgAwIBAgIKElgwWDKDQhBIOTANBgkqhkiG9w0BAQsFADARMQ8wDQYD
442-
VQQDEwZSb290Q0EwIBcNMjAwNTA4MDkxNDMwWhgPMjEwMDA0MTkwOTE0MzBaMBox
443-
GDAWBgNVBAMMD21iZWR0bHMuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
444-
ADCCAQoCggEBAN/SZjoB4zxaOxgtCjC6c88Y8twUUtNoNJu+D2X1vjoEEmeh0CCA
445-
x6fvyDbZE7kad5pTVHWdiaepodWzTf4GcuGKa0qP0jwitDuqBoqraDxYT9saQd4I
446-
rh8tPanoDQO2V6iewJT59EFxwC6pry+EWPox1UuKzd66x5a+yTq4d7ybkgBjoico
447-
+0I4m+4BxZNPmZDSdIZpgfMANGvTZCLt/x4gypqotHH//8sssucJJgMwD+YybYis
448-
wtRCt+Atw2YUQe0JhLs8nMTRQXqREBpz250hITpNsior4PhNsjiMElEFqx0ZmT84
449-
tQW6lpJ5Yz297xAeUXrdVl+DrvvdhfrqJJ8CAwEAAaNqMGgwHQYDVR0OBBYEFJvl
450-
m+3MJ2eYR9dGydOY0QNRRMaAMDkGA1UdIwQyMDCAFIkuNd0n1URsu71cJCyBnQwO
451-
MsqLoRWkEzARMQ8wDQYDVQQDEwZSb290Q0GCAQEwDAYDVR0TAQH/BAIwADANBgkq
452-
hkiG9w0BAQsFAAOCAgEAGbkSdZL5BC46GTGSR09lEh+cZ2o4fP6uSbkyT4xEPRWx
453-
fNMLZeEJPVzZkar5tVDnpBb3gAoArHIn6ePPiTssYUD/3yN7ZL6YFn4Bg0VBig8e
454-
ZWzQT6BiAmXKRY7JtDdgnhggxfo1x1bwW0r3qz/BYeC1cdqbC9CRmTPFNIKFhZyY
455-
fC1BQ49dI/prfiBlgGO/bIDZfzMNC9b5b7g5aKVQH1e1ViGkRKL4l6tIKp/pL7Nx
456-
1e1H/f2cl33rm+kTvkH5H02Z+Fg2tVnx2xPxMIkpGOnhtrh5H48xT1oxqcZ/ySmp
457-
W7xiCt4QAW7DafRLwhsMhKSxcBxHEl4mRTX2pz5BV5yyq/rTGDRFQAlzBUEteLh3
458-
fCPsdYOQEQMdPUzx3VAieaHSbR424kcd5Iw3uMBCk2NzyLxbIWKA4Q+9XFIacEdh
459-
TFO2Z/pvkTWMOo1yKzC8NM26QT/o0USgtHBIc2F8FlGEYBLZXvqtOeKJ5mneyLR/
460-
jnAr18OJv+/DPPSv4qB6LpF+CAQFm0pZisqZdwsMBRgWQ3wml/A+lOLmiajNB3gk
461-
XfzmCVga7Kik6cjP0ExV7rRvvQ9akWgsMLYJm28Ck6k3Nl3AsfiAGf5kFj5VlBrd
462-
Ecs4CTdh5ZsL2pDU+QmWsqRNdN+Kz1IVX7fLvR48MgpKZhK+d97/P37e1kEtXoo=
463-
-----END CERTIFICATE-----\0";
464-
465-
pub const PEM_KEY: &'static [u8] = b"-----BEGIN PRIVATE KEY-----
466-
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDf0mY6AeM8WjsY
467-
LQowunPPGPLcFFLTaDSbvg9l9b46BBJnodAggMen78g22RO5GneaU1R1nYmnqaHV
468-
s03+BnLhimtKj9I8IrQ7qgaKq2g8WE/bGkHeCK4fLT2p6A0DtleonsCU+fRBccAu
469-
qa8vhFj6MdVLis3euseWvsk6uHe8m5IAY6InKPtCOJvuAcWTT5mQ0nSGaYHzADRr
470-
02Qi7f8eIMqaqLRx///LLLLnCSYDMA/mMm2IrMLUQrfgLcNmFEHtCYS7PJzE0UF6
471-
kRAac9udISE6TbIqK+D4TbI4jBJRBasdGZk/OLUFupaSeWM9ve8QHlF63VZfg677
472-
3YX66iSfAgMBAAECggEAL/Pq9Picj7yhNo/HxCLeVvt4ZNBx4ltMEiYJNIYO6G0g
473-
6FURuzT8Ea3czmt5v0m9YDIEQWKsMGC2jItq5UbKbCn0zLe9iibBSJsn5aPNpEgj
474-
a8TXYdOoQoO112YhC6+QXk8M4Z4fx7mwPA8cumh3i7sLgLDPZK3Nvy1G/a6x8JVZ
475-
g3W1Oyrbn29z1XANTAj2Q0NrdTogKUgNOLYRWB9SeONCnWQmxtzx3jlUIGSn5J9T
476-
RBQo5ZIhRqOOe8Td3coU+OJ+Z2g7XETTlU3hYmi70/PeXaRxq3k9sX95LtnjgduK
477-
r2H0KNxyhCmC8cdXL5ogBfnnLColW4Ya1/vyN7sAIQKBgQDwPYJcz3636j8xh1Pt
478-
U4kxfA4ozqDOXK6jnl6ujhYfwhAghEEFqV2yWYkQbLkkQu2ewRuQxNYLCT+O6WBH
479-
DF8uoYBtbdH47MLM+TuLUnglHEC1qwwaO62Eb+2cn5f1i5Z/mLQOG3uxlnSPbIC5
480-
2mEpKmWqdFJAGwOF3/rbVr+88QKBgQDugSqpXgIg4RR3rRzUZog/ReieoG+cf2WO
481-
rHfmIXBSACktfoQMlrgO/sD2zq1sjQXSUNbQCzMV7kIrLrb+Y7xtZljFJj3wSG/k
482-
LQBJy1qk7uVfoFfndmYgrkb7+aNkMR0KrqEZPuS3bmXcD2BUzzgYsD9LoC5nD55U
483-
EAnKGRE6jwKBgQCmtpiLnXZbXJQj47xrGig/jc4ppVJUQl7yrkkYKwPRYBNe7UhO
484-
DH038gg6vKgyMLvDClD9woqit/VCUFN+mmhG7M45ohcu/eYk5ePbSAyV/CgvqZZJ
485-
chZ0rFOg9+M1A3wZ6bcxfwL0dutGSE6AKrp4HbLVeclGMTjdo1Pq+CUwkQKBgQDU
486-
MWEGTFgybm4qR38lzY8cVBMwxeZm4sU1GWaW/VsT6Ya5Lh1HofRhiu+c5aZPtGvg
487-
gQGNGNm7gj2mc6plS9DBuFP0GyDyHVBHPm5KOT0NDmpOGLb8fE9Cdis7VQ+0PSns
488-
bg9wCY+tTvAayCdZbP8on+3AV+PQ14lyms5K2uCEKwKBgQCrpoMycTrB2KOczWNp
489-
kZouBK4tU5rGjBj3/0p+wHszyCOtiX5sdBT66eRHYY/t9YcOTWA8w3OO/8sj4X4d
490-
nMsuXM/jD/NWW9JD9+vPUQz4db5evhQBNIkOG4FIRnSh15pDIcEeLxEamNV82fRS
491-
26jlsLNCILTT9RsfswR3U+1GuA==
492-
-----END PRIVATE KEY-----\0";
493-
494-
pub const ROOT_CA_CERT: &'static [u8] = b"-----BEGIN CERTIFICATE-----
495-
MIIE4jCCAsqgAwIBAgIBATANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZSb290
496-
Q0EwHhcNMTkwOTA1MTg0NTMyWhcNMjEwMzA1MTg0NTI2WjARMQ8wDQYDVQQDEwZS
497-
b290Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD6AOBz7HbIi8w3
498-
Wjjk16oglHRQcICTkvgfl6gbGuSjOoVHmOAn2EWT9AuXtcyNcVFyk90h0dsadqkJ
499-
Enrk3BkTJQmtGW0u5UvcI+famYjZDvYQpGcgXBFmrH7/g/BN4v5VvdrXxUVy6Uyv
500-
Ql60yG7JxlMY8K2OMV13bOpABXhnG/zNr1hCPLQWu52Mn3M1nudFBZff7tZz4dBo
501-
YoMeXkIWQ3t2wypD3WunlQcuGxNOCcXONZRDzeUidh/Yv/4tTggZe8KAnEngKb86
502-
KwKAhVjinGIN2C+ISpKsDurDxhExA2Na6+EbtLEgkI9AeoBz6tIjt/yv/inil+Du
503-
fEDSmG+P97oY1GNcZMkftjjJd0u57YWz0Ck5bfHdgploh/1VHGdoC677MDWJOb31
504-
O3mGdpTiBHP2Gh6Xwm8NuZc+tQSPVr/GaYg7slLBl/7GWU9QGjr9DGj/qYozD8tT
505-
cazIHFh9zDP4XC+a+D+3lMA5EMfvVmDmr2QZJoiKBrxbNXXZ0QQcc+Wr9jFBBx/i
506-
BRlpnxr+EDG+Q7nFnbG6x1DkvKhc1KDGBhq/HDb5bBVSr7Pjl2FMNh8HVX64mDbA
507-
7clQJHa1rIjB+HxtZB5DNKQbRobyrWgkTpi5XHPhMw966zrhBWgOdAh+PSeq9FEf
508-
Y0w328/EBWGqIg3rRMOvDAQpbojNdwIDAQABo0UwQzAOBgNVHQ8BAf8EBAMCAQYw
509-
EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUiS413SfVRGy7vVwkLIGdDA4y
510-
yoswDQYJKoZIhvcNAQELBQADggIBAHcRzQhesOTpFG4KINJyzZf7a5lrc8kayTaL
511-
lzSXW1pEl3/OFiMvOayjDq+yVAJB+5j3WZu8AOTFuZ4pBjz2I1hdIt5F2asqnVN3
512-
8ymuC7t4gNAQGhWJldnsL58iTYGlxFciiT/8QSHJJjYRkKxyhF08Oj3Zbs13J4xc
513-
ENLmwCZMFait+qm7aX3idnUa1XMGO26ioQOi0uEVqu9N4p62OQKd/76vmnaqmIAw
514-
5s47DaaUi7DeiBguLZrNzfZcJTAHNM5VxCjsXW4PieN6mJhQSar40794n7HLHxtG
515-
Xc5UdxT3nLclEAviDJFubA1N/szWtu4vdfehdAKCXkIjwoUEVEOpPYEeYr27JFlP
516-
kaxezxswwxY2UD0MZq21FhO7SpVQdmmvfoJvjQwIsiyoa9UNzC6mTqsJPjln+2mK
517-
p6WHzX+E6GeA7Ng6CyvJsHRsqbQdJ0OXHm4GIG2Z05r4AgBtvI6hkhSfAotBt3Xi
518-
lo5BEO6SbUnPYo03zD4x/76c4j/uZLYxy2n+Qrlm2KTQIUu7KEsKdUnLAxjWYePH
519-
VxcYz0/9Z5H4OzhW4J1Qd6OBW0dqETLlMJauPX5DV/slyYQQasPStEJGgiDiKG+B
520-
Jpjv6PefPTqZawP6gPoGmhF4UyMRWZ+NgqLft1uXTHhrHdnrZFag1oPLjxWFs5hx
521-
pElsC4v+
522-
-----END CERTIFICATE-----\0";
439+
pub const PEM_KEY: &'static [u8] = concat!(include_str!("./support/keys/user.key"),"\0").as_bytes();
440+
pub const PEM_CERT: &'static [u8] = concat!(include_str!("./support/keys/user.crt"),"\0").as_bytes();
441+
pub const ROOT_CA_CERT: &'static [u8] = concat!(include_str!("./support/keys/ca.crt"),"\0").as_bytes();
523442
}

mbedtls/tests/ssl_conf_ca_cb.rs

+4-4
Original file line numberDiff line numberDiff line change
@@ -74,10 +74,10 @@ mod test {
7474

7575
let ca_callback =
7676
|_: &MbedtlsList<Certificate>| -> TlsResult<MbedtlsList<Certificate>> {
77-
Ok(Certificate::from_pem_multiple(keys::ROOT_CA_CERT).unwrap())
77+
Ok(Certificate::from_pem_multiple(keys::ROOT_CA_CERT.as_bytes()).unwrap())
7878
};
7979
let c = thread::spawn(move || super::client(c, ca_callback).unwrap());
80-
let s = thread::spawn(move || super::server(s, keys::PEM_CERT, keys::PEM_KEY).unwrap());
80+
let s = thread::spawn(move || super::server(s, keys::PEM_CERT.as_bytes(), keys::PEM_KEY.as_bytes()).unwrap());
8181
c.join().unwrap();
8282
s.join().unwrap();
8383
}
@@ -93,7 +93,7 @@ mod test {
9393
let result = super::client(c, ca_callback);
9494
assert_eq!(result, Err(Error::X509CertVerifyFailed));
9595
});
96-
let s = thread::spawn(move || super::server(s, keys::PEM_CERT, keys::PEM_KEY).unwrap());
96+
let s = thread::spawn(move || super::server(s, keys::PEM_CERT.as_bytes(), keys::PEM_KEY.as_bytes()).unwrap());
9797
c.join().unwrap();
9898
s.join().unwrap();
9999
}
@@ -116,7 +116,7 @@ mod test {
116116
let result = super::client(c, self_signed_ca_callback);
117117
assert_eq!(result, Err(Error::X509CertVerifyFailed));
118118
});
119-
let s = thread::spawn(move || super::server(s, keys::PEM_CERT, keys::PEM_KEY).unwrap());
119+
let s = thread::spawn(move || super::server(s, keys::PEM_CERT.as_bytes(), keys::PEM_KEY.as_bytes()).unwrap());
120120
c.join().unwrap();
121121
s.join().unwrap();
122122
}

mbedtls/tests/ssl_conf_verify.rs

+3-3
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ enum Test {
3535
fn client(conn: TcpStream, test: Test) -> TlsResult<()> {
3636
let entropy = entropy_new();
3737
let rng = Arc::new(CtrDrbg::new(Arc::new(entropy), None)?);
38-
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT)?);
38+
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT.as_bytes())?);
3939

4040
let verify_test = test.clone();
4141
let verify_callback = move |_crt: &Certificate, _depth: i32, verify_flags: &mut VerifyError| {
@@ -76,8 +76,8 @@ fn client(conn: TcpStream, test: Test) -> TlsResult<()> {
7676
fn server(conn: TcpStream) -> TlsResult<()> {
7777
let entropy = entropy_new();
7878
let rng = Arc::new(CtrDrbg::new(Arc::new(entropy), None)?);
79-
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT)?);
80-
let key = Arc::new(Pk::from_private_key(keys::PEM_KEY, None)?);
79+
let cert = Arc::new(Certificate::from_pem_multiple(keys::PEM_CERT.as_bytes())?);
80+
let key = Arc::new(Pk::from_private_key(keys::PEM_KEY.as_bytes(), None)?);
8181
let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default);
8282
config.set_rng(rng);
8383
config.push_cert(cert, key)?;

0 commit comments

Comments
 (0)