From 5547a7b4bd35b5b0202f2886bc220225c19e10cf Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Fri, 8 Jun 2018 17:38:11 +1000
Subject: [PATCH] Fix private-only keys and make them script generated

---
 certs/ed25519/ca-ed25519-priv.der     | Bin 0 -> 48 bytes
 certs/ed25519/ca-ed25519-priv.pem     |   3 +++
 certs/ed25519/client-ed25519-priv.der | Bin 48 -> 48 bytes
 certs/ed25519/client-ed25519-priv.pem |   2 +-
 certs/ed25519/gen-ed25519.sh          |  14 ++++++++++++++
 certs/ed25519/include.am              |   4 ++++
 certs/ed25519/root-ed25519-priv.der   | Bin 0 -> 48 bytes
 certs/ed25519/root-ed25519-priv.pem   |   3 +++
 certs/ed25519/server-ed25519-priv.der | Bin 48 -> 48 bytes
 certs/ed25519/server-ed25519-priv.pem |   2 +-
 10 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 certs/ed25519/ca-ed25519-priv.der
 create mode 100644 certs/ed25519/ca-ed25519-priv.pem
 create mode 100644 certs/ed25519/root-ed25519-priv.der
 create mode 100644 certs/ed25519/root-ed25519-priv.pem

diff --git a/certs/ed25519/ca-ed25519-priv.der b/certs/ed25519/ca-ed25519-priv.der
new file mode 100644
index 0000000000000000000000000000000000000000..1618c73b2c4c48b4b29a857314ca023582f5b0c1
GIT binary patch
literal 48
zcmXreV`5}5U}a<0PAy<jVo_i^-TX?_<K8@L`PE!Tdfn*~`lUr|o@PrEV)w^)#!M&z
E02<{EcmMzZ

literal 0
HcmV?d00001

diff --git a/certs/ed25519/ca-ed25519-priv.pem b/certs/ed25519/ca-ed25519-priv.pem
new file mode 100644
index 000000000..7edc455eb
--- /dev/null
+++ b/certs/ed25519/ca-ed25519-priv.pem
@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIALLg+oVSN6eOx+rCjIui2cYL3VyBkk2pWBdv1+JXJBy
+-----END PRIVATE KEY-----
diff --git a/certs/ed25519/client-ed25519-priv.der b/certs/ed25519/client-ed25519-priv.der
index e5a27a4117330b059cf37c364e9a802dcefbd0f4..6ca194a933fb8e812f0cd15c613a80cf7dc3bbda 100644
GIT binary patch
literal 48
zcmXreV`5}5U}a<0PAy<jVo^|EY@%g)W%rJUcW%7lKe*uHqL`m-A6#Osr~B@`?`6H%
F4*+a>6Au6Y

literal 48
zcmXreV`5}5U}a<0PAy<jVo?yBYuXcauXCC8u^HA;Y#AvN9i*BQWOX#22j1N^uWyk6
E04mrItN;K2

diff --git a/certs/ed25519/client-ed25519-priv.pem b/certs/ed25519/client-ed25519-priv.pem
index 22f1d7de5..0104b1620 100644
--- a/certs/ed25519/client-ed25519-priv.pem
+++ b/certs/ed25519/client-ed25519-priv.pem
@@ -1,3 +1,3 @@
 -----BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEIBGdNYxa3ommO8aYO1oGaGSRQBqDYB0sKOdR3bqejqIQ
+MC4CAQAwBQYDK2VwBCIEICejNCo11Lu44dzY7A/BoNGiXPkG8ERdO5dNvd9KO6NO
 -----END PRIVATE KEY-----
diff --git a/certs/ed25519/gen-ed25519.sh b/certs/ed25519/gen-ed25519.sh
index 5bf72adc4..87aa71a42 100755
--- a/certs/ed25519/gen-ed25519.sh
+++ b/certs/ed25519/gen-ed25519.sh
@@ -16,3 +16,17 @@ popd
 mv ${EXAMPLE}/*.pem .
 mv ${EXAMPLE}/*.der .
 
+convert() {
+    echo -en "\x30\x2e" > ${NAME}-ed25519-priv.der
+    head -c 48 ${NAME}-ed25519-key.der | tail -c 46 >> ${NAME}-ed25519-priv.der
+
+    echo "-----BEGIN PRIVATE KEY-----" > ${NAME}-ed25519-priv.pem
+    openssl base64 -in ${NAME}-ed25519-priv.der >> ${NAME}-ed25519-priv.pem
+    echo "-----END PRIVATE KEY-----" >> ${NAME}-ed25519-priv.pem
+}
+
+NAME=server convert
+NAME=client convert
+NAME=root convert
+NAME=ca convert
+
diff --git a/certs/ed25519/include.am b/certs/ed25519/include.am
index ce3fb8081..3bd79c6d1 100644
--- a/certs/ed25519/include.am
+++ b/certs/ed25519/include.am
@@ -7,6 +7,8 @@ EXTRA_DIST += \
          certs/ed25519/ca-ed25519.pem \
          certs/ed25519/ca-ed25519-key.der \
          certs/ed25519/ca-ed25519-key.pem \
+         certs/ed25519/ca-ed25519-priv.der \
+         certs/ed25519/ca-ed25519-priv.pem \
          certs/ed25519/client-ed25519.der \
          certs/ed25519/client-ed25519.pem \
          certs/ed25519/client-ed25519-key.der \
@@ -17,6 +19,8 @@ EXTRA_DIST += \
          certs/ed25519/root-ed25519.pem \
          certs/ed25519/root-ed25519-key.der \
          certs/ed25519/root-ed25519-key.pem \
+         certs/ed25519/root-ed25519-priv.der \
+         certs/ed25519/root-ed25519-priv.pem \
          certs/ed25519/server-ed25519.der \
          certs/ed25519/server-ed25519.pem \
          certs/ed25519/server-ed25519-key.der \
diff --git a/certs/ed25519/root-ed25519-priv.der b/certs/ed25519/root-ed25519-priv.der
new file mode 100644
index 0000000000000000000000000000000000000000..6ca194a933fb8e812f0cd15c613a80cf7dc3bbda
GIT binary patch
literal 48
zcmXreV`5}5U}a<0PAy<jVo^|EY@%g)W%rJUcW%7lKe*uHqL`m-A6#Osr~B@`?`6H%
F4*+a>6Au6Y

literal 0
HcmV?d00001

diff --git a/certs/ed25519/root-ed25519-priv.pem b/certs/ed25519/root-ed25519-priv.pem
new file mode 100644
index 000000000..0104b1620
--- /dev/null
+++ b/certs/ed25519/root-ed25519-priv.pem
@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEICejNCo11Lu44dzY7A/BoNGiXPkG8ERdO5dNvd9KO6NO
+-----END PRIVATE KEY-----
diff --git a/certs/ed25519/server-ed25519-priv.der b/certs/ed25519/server-ed25519-priv.der
index a157ffd09cc1f70cdf39cf828741a8b2e1e0d946..2245c976d7fb955535195698835545bab2c05cde 100644
GIT binary patch
literal 48
zcmXreV`5}5U}a<0PAy<jVo_kyKl*=H--S#2nfuE6PqZ}@wof;F<gn)c?g^qnc`6Gn
E0c;);cK`qY

literal 48
zcmXreV`5}5U}a<0PAy<jVo|v9vTT#R{P&L1uXle`9rHBEdpZB~TsiFn67P4Hc0Mal
F2LOwA6q5h|

diff --git a/certs/ed25519/server-ed25519-priv.pem b/certs/ed25519/server-ed25519-priv.pem
index 6f1e1312f..86b0d2843 100644
--- a/certs/ed25519/server-ed25519-priv.pem
+++ b/certs/ed25519/server-ed25519-priv.pem
@@ -1,3 +1,3 @@
 -----BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEINjpdrI/H/eIdfXd+HrGSTBu6Z/LnR4rwBjvu3WJ5ndn
+MC4CAQAwBQYDK2VwBCIEIAIvxf+6jtDSvwOOdo/IhoBxh5cx4kCs37uQFVJuJKE5
 -----END PRIVATE KEY-----