From 0c81ffd31a70a320b5038f6f81a24a3b68120241 Mon Sep 17 00:00:00 2001
From: Damien George <damien@micropython.org>
Date: Wed, 3 Jan 2024 16:34:58 +1100
Subject: [PATCH] tests/multi_net: Generate smaller certs with 2048-bit RSA.

Otherwise running the tests can take a long time when the server is a slow
target (RP2040 takes 23 seconds for a handshake when using 4096-bit RSA).

Also add instructions on how to generate elliptic curve key/certs.

Signed-off-by: Damien George <damien@micropython.org>
---
 tests/README.md              |  10 ++++++++--
 tests/multi_net/rsa_cert.der | Bin 1421 -> 867 bytes
 tests/multi_net/rsa_key.der  | Bin 2347 -> 1217 bytes
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/tests/README.md b/tests/README.md
index 083269d6e8..47fcacf409 100644
--- a/tests/README.md
+++ b/tests/README.md
@@ -181,9 +181,9 @@ SSL/TLS tests in `multi_net` and `net_inet` use a
 self-signed key/cert pair that is randomly generated and to be used for
 testing/demonstration only. You should always generate your own key/cert.
 
-To generate a new self-signed key/cert pair with openssl do:
+To generate a new self-signed RSA key/cert pair with openssl do:
 ```
-$ openssl req -x509 -newkey rsa:4096 -keyout rsa_key.pem -out rsa_cert.pem -days 365 -nodes
+$ openssl req -x509 -newkey rsa:2048 -keyout rsa_key.pem -out rsa_cert.pem -days 365 -nodes -subj '/CN=micropython.local/O=MicroPython/C=AU'
 ```
 In this case CN is: micropython.local
 
@@ -192,3 +192,9 @@ Convert them to DER format:
 $ openssl rsa -in rsa_key.pem -out rsa_key.der -outform DER
 $ openssl x509 -in rsa_cert.pem -out rsa_cert.der -outform DER
 ```
+
+To test elliptic curve key/cert pairs, create a key then a certificate using:
+```
+$ openssl ecparam -name prime256v1 -genkey -noout -out ec_key.der -outform DER
+$ openssl req -new -x509 -key ec_key.der -out ec_cert.der -outform DER -days 365 -nodes -subj '/CN=micropython.local/O=MicroPython/C=AU'
+```
diff --git a/tests/multi_net/rsa_cert.der b/tests/multi_net/rsa_cert.der
index 24ed957eb2c5a21ec4e351abce0c802645462b02..8fae71d4baa8cd3e2be3f3d2bedb62ebb33e371c 100644
GIT binary patch
literal 867
zcmXqLVvaXxVsc-=%*4pVBoe@|NlMGet2}@2#kEB;9S?HiSmzq>vT<s)d9;1!Wn|=L
zWiYTelroTDV-96u<`K-zOfJeVs4U6I&(q7vPfpA+6fqD2$#L;;`-0>Gz;cG%2Am*K
zHen{mPy;z}ULz9&Ljz+2Q)6R8lPDn96v#D#aw)f<iBSpJ(TuDN%uS5^3<gb%Tue=j
zj0`8Xa)q=kE0tqa*6!7L+OtKYbA?b)><#_zlU&U8&swe%nkG{sq}SoG|LsT9g{#{8
zW=@nSvD+?GvVu!}iovWW=VN9D{SnJ}$QcvTc<tqd>7FGA9(+|e-L7_V?T^DD(LvkZ
zd`a7|@8qUv>9n{>=eC^LYtNzXp%ir3t@PeGM~!Tm>W8~eR6Lcgnz@SU3Zs?LQa;v*
zpJwU@ug<QS8ZTp)!MV+T-lclo$Wu+nnx7rmQ=FaU_PqUdguBxlIo$(?>h>Ra+I@I~
zYHrnMo#u)6YPcNk7AJ+Y>+ZF^k;mM|@8VT8Rbc57j~#x7a~DicE9m0<Q}nSd(mm|%
zy$cs)+2u@Y7UXy`F*7nSE)F&bG>`?xiYy<C7>me{CboTN+dt>tj^5PtSm*4FMhg)o
z19_0NGK++PSOazi{2&FwjEw(TSPhtg6mqZw(+V)y85vx>R%pDOyRS>O?zZhcA2v3*
z&F9_x1M-*MZ+mj%b(*;9!{tIx%Z_qBd0$mG%X-4}!>mrFC#+^?o{CcS6a9IcrA1mW
z=+%xSokBZC<BE6pT&g;LMt94&*c<yec+D}W)|8mzw7u!RT<;q9>D(4)!VC9o+fi5j
zw?Xo$%(Mvw>^6Uw?0tK~``()!KbGz9Sfx5$s_MrzY3>K9e;*Xduzox*9{NRl;byCn
z5B1M%>vcn}^c-g`cx0ip$MMhojD{_YoGUql0~!*p1ubBnnD2Eoa}x9ai5U$~?)@-!
wth)C8UfZti-<K<Y{t-K8Rs5Yz*O;ui3#G$Cvo;lQo!`5ONg?4WvqgU#0Ar|Ap#T5?

literal 1421
zcmXqLV(m0&VlG_3%*4pVBqD9Qpj(t7?v+|BcleH7GaI!wm7F%<W#iOp^Jx3d%gD&h
z%3u&;$Zf#M#vIDRCd}j*YA9?V2;y+?a0Tb*rs@WlB$lKaiWmri1i5&)eKV7b@&hVM
zGV=2br3@rMqRc#kxggO3u&7>6esW@tft)z6k+Gqnp{0S5k)@G&6p(8H<eEddG_tjc
zNeS6|jI0dIO-%d@22D&{OifIT4ENrdSMcpwQpfM;y}<bOvq_isn0xVU{GuARUoGo8
zi$bH=JKk>n3tJ`Fy)Mj<@xN%K`$BBmnODsnEgSN~F28;<=R=r4z_%agu73aW(Uv1y
zqkPsh_uapq9sayFW9g>87YomAO1M$Cn87f0=8?Pe6PkWZOxZf&e%sWwS0#++ryJZm
z@*!I8o2iG<Y%Y%`1Jh0B=AR9$!&a%v-njGO5MPe0rf|u@)^(}XCUX>uWNH`}Zk~KH
z*C$^4#H0JCYFBsW>96p87kp`V?p}eg>HG^Dl|^5?n>%Uq>B$eaCSNMq&wjTuf$t0R
zPFbH9B97e}=hto8e#1d7<=d6dlbY`vv3&Z+`0204{8)vGoA30eZM!FbMZ<Se$uEly
zYv=zt*Z(gq-TKja1HXrxYHHT3`f{r5;|mwbXD|3exbE6bJnJ@-`Q^E7d$nbZPc5Bw
zI#ldj*8#rb>q`T7r(T|YZ9R*lT;n0W>?<YLr!UxZWyYg)g}n*u{3md4T)%Wq)$zq<
z>Ne#jry@#TCI9X_-oCm(!O=x`q0}Vp_3`_5zI)|A-}AJ5>g+HHwo77j_g$!Q4(*xH
zGv#5*#D7vsXD99WY$MoWYJF!$Oh=J^>XQbQiTp(drUx!tSIpGV%-=Zq+%Z#*78PrT
z{eeze7v^tg)V_J@N?``GllFs)g7?<E6#jMMwD!Z7`72x|WH|GMsO;sw$i&RZz_>Wr
zAkaV-m~v(LSj1RFYAv;zR=atc{jDugN}CdzrRn;&*FYX5t;`}}Al86g0Y6BAFeBrC
z7FGjhAcdUlfVm2o>=+r=IUEpu{OVrs>JxsC!`IBs^sBix=gGoNsU1wk7n8yTXD!#?
zw5q#BPGjc2#V;}$-9GtFvoddrnY_Ow#QjdzhS~9&?&-3pgf~8ykFj%Rlr1@XtmCba
z=w`-*!gWQa*Xt{<?{54seK*U3p7Rdu;ziP$k6ul*+hit^$U6PrJNLTlVz=x1_6e@L
zJg30)OH<_irM?~QGV<x7bA!$az7~{Uz|OJ!I)@DV-$_@!cCS1BUpnBNe!gi(_@%G0
zGSyMb?xyWLeCSz-Wu0!Y!J3uL{y+Yf%z2q{ob8|W#vOrN=JO6t<gGi$By`v}Y!SQt
z_D?Y#|1?`Oo_JiaJIrm;UpuSA%#ulL*{!O+e^+^b_b9Fimir^xSMNOIN7ct(=}VJx
zIW9Y=?2m1I(cp0Z^W~4Xk}_@|IQ1*#tIL5@3;tzOS6mR?+`8_<!oTxBUO%*{D`Xza
zL1Aqt`PLO-4r|s39-AW8I)CSu#CLc9uhe?Xyg8=GIJlskt@mlfU8ce~)pak+R#sFp
z_i6_1<29<7v|9goyV!>7tG4V^zIuHo>-Qhq7WOzjN&9z9zh&FgskN^jO!HmcVz%MI
zSw9X&wZvV&r*{1QTafWLhhuf6fRy+BN3v7T@;z8}{ce}tMGbZtzC#z1@8teUmY5f~
oKXy{&^Rnwn_9aopUmohkXixC8eR#|{+jyP`L#Ldb>0yCz0E4|}w*UYD

diff --git a/tests/multi_net/rsa_key.der b/tests/multi_net/rsa_key.der
index 5a4666402a6a5e7b34bded6c3dd5b59bd49e4d18..c2cfb76d207e7afb33394bbcaf5525d7382dc2b6 100644
GIT binary patch
literal 1217
zcmV;y1U~yPf&{$+0RS)!1_>&LNQU<f0RaI800e>rr!ay9qXGc{0)hbn0LZlpRD`B=
z9t9&SjV$Giv?z(F5>j2*FZYr}H!saOt`e3UbP_IzNWbmzHKD49j+v1dbUwEdbf^j^
zlrWm)&s>>O{1#~830zcx*6GlfNp!&A^&rcKCef|<!&F;Rw(Rs~u)fK%TN`FxlFqcu
zy*~&iNFq|hMs?oKK`3h+d*Qptc;y><nW_TR0Xj0J4h2~GHYdT=n|zgD96o3Xwm+WI
ze=S+cg2sd9z`S#7YDVXW>sUuZ>>e$^!hXNN<%`3xC2e~1EQ68Wd<sC_b7EA7ExkS1
zZUcr7L`r&<5T&F@xK1&hpqFNFiV6I3@rGGPR^8sv&>aUJHGH6KNdf}_009Dm0RSW}
zE{uuQ59_yeU6yxmaqG|;@P|zO$;j){93}3e3Ng(4?rA0!=}%+%+OL*V4Op>iEQDAA
z+<Vss?U$1yc=y0_i#QTG8OHoG=d1iaGv{;qi4x~DiAsPa;$S1j%A{KsyQD<mOB{_=
z=-Pr5sf)Yc7G<=0Lgiw<C1fp&5qTM}YbTXM!oEu1g}9(&obJBkh#52GE?W#WoyQxn
z6ZT1MegY#NL$U)!qRj+$fSqSEi*K4p3&L!n)6^7Ua7lt6KuyXEzRLop#Ti$@ZWusV
zDHrq_y!;Y~Vx-)1V{g@_D=C`R-1}UOg$NJHMwOJgw{fV&Qdl-5gC-8Xi}?b9fdK3t
z+^yDBF{93qA2uy0N&=ZEQ5YB}avf6E^P?)RZ<acTC^*mbVabb6fF74Jzx=2$mi1si
zGL$JBlJ6BXOg=o2OuMlWlxS$jCLsh_^xY{&7A0!ut03Y#Os@IRcX>uBBMa|DdLj^L
zh2>yytH@+-8JoegV^T#X1+$KCb{_(PfdJW>=*RfG!M;vGYUSVov*B)gB2e0lZJ`Ot
z{m-JTH`87cEMkJFkmPGH8{9`dhN8^bciA$-J=V6fn#a~2FJRRUe}rMH$}fUo9PtXs
zP@5c3YA(E?dApGqU>9Vw|Ii<8LgQ%}$MtF_7}?!8LBAO-^`8Z&-xqhL{)rW4K$il6
zfHW#`SlXmXKSpq(<fcDka)p7}z_<Np0l|KW-#?qcJ#l)_(G+Nkek+g(-#AKF4lCYh
zOPA9AimNtLRSera2>1GJX?`k09(o_0b?5Ih;PkL=P9OV3+=Kqp=SX|q8D{;-r)F9^
zopAt`tYM8J_NVcODA_lcw&Gq79%ojH!vcYT3@6|#6O{pctq5>^NartdKW4Xs2Et=`
zWPh0>88$zp8Wb<kjP>`b8s@|osShE~L|i?ZuYf|E6!)=&%1lFFNN1Ps06N8gqwCa?
z4uvEmmJn0!Dsg7Wc#(kwt%h`(-nNd;|5pZCibaOl+{eJYc^;i2_5ka!cIl`*W-6f{
z0)c@5#<6P*4-tn^u^N#BUGa_+Bhj_x8=HnWhab^MWBD<<iGjdTuI*Se^{-ILA>g_)
zfWDZ7Aax0^@U*8#QrcEUcV8%n1x<kn<e(220x|dX)NCfw?Vl3s`BF}%@2#zhNxHWn
f7G%7Ni6SARKjeJo|32fsp|%A0fItwWJ4>#c*n>Jm

literal 2347
zcmV+`3Dov5f(a)A0RRGm0s#Qt?l*W2yrg~)K}(=B>*kWuyf;b?vGgTYzb0ze1R#MH
z?hT7C(6tx`O3;`bPth_h=oXgD>Vt@cuy0n=>*Sp9RuEA3_|Db$^zl6iYbbY`mPfn#
z=EL)?Xr;1_=%LQCVAy`605N5m#ND4@g7}eSwUFP2m95nnGoNQL-o)@*9`-dzGMfrW
zf-p6*H#hSzJ65VC9oXFP!VYX5DHC+Tg|20LG@KxE9DD(xvy;hfOkXR=;@`@BtBGze
zs7>xu(z|WF5LTBDp@Ab6=<c18v&)m<wPVtBzX#oUU=H*HxgAXC6hVt9&#tn!*gzg+
z_SEx|gWoa)^8Nwx{V1PZAb8pCFP666AJiyKl63kwu&tl`&X4|PXFKB0FizpJe0;2`
z^vZVe=tLRj=nqs1-9C}cMwtWY&bGZP95c$Ln#)xd&WgYebJwL&yJgdx)~^IX9)ZFR
zYt(etm!Q1VnBr$3y<o0SkPES|rJQ=lqc$fzcQndabn0XKj>m_qa3DcMEuk8cE3aR^
zx$f#upGnIfWt&zQ2GSOtzR-L_Rg92~l;LEN{u(09lDP9c5rj26+?ZU5axZ1%fFzL*
zaxgW((>r*XC@F8Tlg`F92!td%0KZW}D$t*|0V~<c)NyD7LM!0W5#Frn6Z*)@E8*#H
zs6>!xLk?6Vy$jI-0|5X50)hemAuly*WO>Yjn+UE{#HUg}U8$%>-5@iXli1A>4Du~l
zlHXoC6C=vkG`qC<et7Q^bqm~jpp%||P3_L$mpGj#)I5+!i2m>xcOJ9fBrMfWnLdA=
zLW`TzyFD_fsqzzFi((uxMvc+xSA!S~Lg=AL&A78$$UX-e9Z^JpL&8>#2&5Zp^+Gf8
zK~ilyc`n{jCz_kcKX^Ey1T4W4CB+sDK9$2aAnO=mWw_rk%^-lf)3>Q2v-5W0Am=k2
z6VTpK(iI?ob{!n{Kv}M*ng7eizeWqWsbyB~b6g`0S^mJXC3B0(1#**2Cvx~^=nzEy
z9g5!|zZn5|`_2hgX&`q$U&#iV{E6^ZW7tff>kr;rSgX%9f?YyiG>tC8&!UR)d>XJw
zG&4{b(2y&1E2#|r+k6zTx~Ue>eq4Pf)Fv@YWo;ArAc*u<0B_X0ldgpEE-d&rb2V-x
zi$*wq^|%|Onu3H0&<tm#%Grt^#_`L5PK$#C)RhbB#EkgWHjQQ$p<b}Ux|Jktkj$<H
zJt8$ojt$d!G#VmsB$3-iU*Ps-Ho5>}qM<`D;Bem+{umwc^W=#uJv-acEC65b93Xh>
za(+uPAe=MR#Nt=8W{$4I)?N{y;3RtL>K;4ghtX216nlfw^9=sW7~Qs(2l`|nOuJE=
z7y#U}O)ca7NEE>Wf&l>l^l9pp`hF%31L6wnEy|keTNMj}eyFH2$_&`6V4-8s+ZNKQ
zH?u(MS9>R3G3sdjrk8HAtkTS!j}&eg4ovZVj0=g6xNd>B2b7I%tXGR9tssavXqIGl
zn|`1xeEVW<l6q=W0#@2jg!hIPmf|CVj9K+>^TZweHKEGPna@WH<4RK-^HK8obSl_-
zuQ=n_(MfS`kRycdCc1plL-3VIb4R_L-fH0W{7svwl+Y4OYbGHpVU?Ty6(vgZ(sO7N
zqgIp#l`I}2aU>wI3nG1#{S~vv#$)pVp0yc6LN#tDqf(pMjUeaXX5LUCn-7-NkN-qf
z)JP$G*!Al3JP$B&0)hbn0O^01L#>?8-%Gk0FWD1~9ynrMFAjCPD(?J1MKjt0+Hv)8
zya%0earf<Y`)G6mg#@TByt#$*TN&b3Vpi(9!m!1GHgcR+uup7_1g53=>e?tx)yHcs
zJ72hs$F8E4bpi35X##aSr6<?BcN<wz#Qhftd3H^p1dl||EQcbak$Of-Fk(TkFyhmd
zY53#K+f>l*#fqy^L&<zhr;+fkRz$7)3A!O<pfHO~_0Lm}EBtK3J9~qm?H$1aGPK1C
znwMsz5|CC)&&H^9=)$T~?XcFtpb*wldVL<513LOTBC3d^2*xUk$qp}=-AKqhy+_WR
z4HJtMc93xv!%81PVFH2y0DlA%{(JV;yY1AdtMg777qwx?Yj%4Zec5)mn#fAl-jN*H
zInZ2vUCTV12Hut39t2k^75uJ8+YFc|W~BGyf5j=W!C0+D2jdQwIO>^995F<A#wWxO
zO?w?-3wV|TUq=iI`8<32Q{3C_c?--{d*FyyerSdOw=)0pu0%L($%VrBQOqw$KhD_w
zOEicw5LqJospE<<=(&Teo$K1U8NZ(fu;Bex4?m#oMnS2k_&ub-6ckW(lA~6T4++g9
z#~|4|Z}?Hi4@(f`R9s&EI8hbYDfhLtai9{ZAVlU9YSH_8HlmvOC94nFK)s%7T5ZhG
zta0~JKiODgQz&5+VFH2y07>0%0G;1Sa~=hiTP2jG!?l`-SLS~o;)xH7RapJffj}dm
zvKq#hsImc&og;zodK~KqJ@kTyWqw|_Z48Or;?e-<%S@hNUJe2b>NmZyy|ta9Vai|u
zLlYR%;UqzlejQ6qYkIenQopm~J>HD=?G_V1KMhH#AxI%WSeds!e>v+KbqnA#hlhFJ
zeo~p;`A~0n*-h}gX>CWr2oZ+O-^7A7GxCYG$7d7jX{1<=rXPq{ifo)qKsR+`IG--&
z7ujV(>I`=PERJuZ>@Ena+&N(Ohp0>BbCWqHwtD5omPyn{p7QZ(P6!Ill+pcW8H%a3
zd;Na4A9uPAwP3MYfdYa70RXRrEzi;etr@_jX-6g57dLhDAgaY@dy6{=vx)(vB`)o_
zwQkqe{$H(61G6P3i@fuAoaz?;#1@SCR7e-Z92ErjG(#cO3wat=06*Mteh?OZE)0Iw
z?S{iYRCIxyg!5k#PWDcOCB%y%UZ4ga6j9$1@P#OT#sXhh(c~@<2e|f|Z}VTUXTy!6
zHuTgpQzJ&(0DOGIr3@vELQz}T9NAnv5TUn*rN+~{trGV5L?giXKd0;hBF320EEXLF
z0BeuCxZ5ls_?NlGyfLV=oqp91{1<L!GH+hYUv3yTJFJGV)S(q}v5m#s>2#JD{a5X5
R=4H2VfSVY8Uv66Pf#LLHc!2-_