Merge pull request #100 from arduino/remove-ca

Remove deprecated Arduino trust anchor
arduino · Jan 29, 2025 · d9b59c6 · d9b59c6
2 parents 844a234 + 94611c6
commit d9b59c6
Showing 1 changed file with 5 additions and 38 deletions.
diff --git a/arduino/libraries/ArduinoBearSSL/src/BearSSLTrustAnchors.h b/arduino/libraries/ArduinoBearSSL/src/BearSSLTrustAnchors.h
@@ -34,8 +34,7 @@
 //
 //   brssl ta *.cer
 
-//iot.arduino.cc:8883
-//iot.oniudra.cc:8883
+//iot.arduino.cc:8885
 static const unsigned char TA0_DN[] = {
   0x30, 0x45, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
   0x02, 0x55, 0x53, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A,
@@ -46,25 +45,6 @@ static const unsigned char TA0_DN[] = {
 };
 
 static const unsigned char TA0_EC_Q[] = {
-  0x04, 0x6D, 0x77, 0x6C, 0x5A, 0xCF, 0x61, 0x1C, 0x7D, 0x44, 0x98, 0x51,
-  0xF2, 0x5E, 0xE1, 0x02, 0x40, 0x77, 0xB7, 0x9C, 0xBD, 0x49, 0xA2, 0xA3,
-  0x8C, 0x4E, 0xAB, 0x5E, 0x98, 0xAC, 0x82, 0xFC, 0x69, 0x5B, 0x44, 0x22,
-  0x77, 0xB4, 0x4D, 0x2E, 0x8E, 0xDF, 0x2A, 0x71, 0xC1, 0x39, 0x6C, 0xD6,
-  0x39, 0x14, 0xBD, 0xD9, 0x6B, 0x18, 0x4B, 0x4B, 0xEC, 0xB3, 0xD5, 0xEE,
-  0x42, 0x89, 0x89, 0x55, 0x22
-};
-
-//iot.arduino.cc:8885
-static const unsigned char TA1_DN[] = {
-  0x30, 0x45, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
-  0x02, 0x55, 0x53, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A,
-  0x13, 0x0E, 0x41, 0x72, 0x64, 0x75, 0x69, 0x6E, 0x6F, 0x20, 0x4C, 0x4C,
-  0x43, 0x20, 0x55, 0x53, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
-  0x0B, 0x13, 0x02, 0x49, 0x54, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
-  0x04, 0x03, 0x13, 0x07, 0x41, 0x72, 0x64, 0x75, 0x69, 0x6E, 0x6F
-};
-
-static const unsigned char TA1_EC_Q[] = {
   0x04, 0xA1, 0xE1, 0x53, 0x6C, 0x35, 0x52, 0x1A, 0x33, 0x0D, 0xE8, 0x2B,
   0xAC, 0x5B, 0x12, 0xC1, 0x8F, 0x50, 0x37, 0xB3, 0x3E, 0x64, 0x9B, 0xA0,
   0xEE, 0x27, 0x02, 0x35, 0xC7, 0x8D, 0x5A, 0x10, 0x45, 0xD0, 0xCA, 0xF5,
@@ -74,7 +54,7 @@ static const unsigned char TA1_EC_Q[] = {
 };
 
 //iot.oniudra.cc:8885
-static const unsigned char TA2_DN[] = {
+static const unsigned char TA1_DN[] = {
   0x30, 0x45, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
   0x02, 0x55, 0x53, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A,
   0x13, 0x0E, 0x41, 0x72, 0x64, 0x75, 0x69, 0x6E, 0x6F, 0x20, 0x4C, 0x4C,
@@ -83,7 +63,7 @@ static const unsigned char TA2_DN[] = {
   0x04, 0x03, 0x13, 0x07, 0x41, 0x72, 0x64, 0x75, 0x69, 0x6E, 0x6F
 };
 
-static const unsigned char TA2_EC_Q[] = {
+static const unsigned char TA1_EC_Q[] = {
   0x04, 0x11, 0x70, 0x34, 0xE0, 0xC3, 0x3E, 0x00, 0xBD, 0x0B, 0x59, 0x03,
   0x98, 0xA0, 0x5B, 0x6B, 0x0B, 0x50, 0xDF, 0x51, 0x66, 0x4E, 0xE7, 0x40,
   0x5D, 0x5A, 0x46, 0x48, 0xE5, 0x30, 0x70, 0x35, 0xF9, 0xF3, 0x6C, 0xFC,
@@ -92,7 +72,7 @@ static const unsigned char TA2_EC_Q[] = {
   0xAE, 0xA6, 0x4C, 0x06, 0x48
 };
 
-static const br_x509_trust_anchor ArduinoIoTCloudTrustAnchor[3] = {
+static const br_x509_trust_anchor ArduinoIoTCloudTrustAnchor[2] = {
   {
     { (unsigned char *)TA0_DN, sizeof TA0_DN },
     BR_X509_TA_CA,
@@ -118,22 +98,9 @@ static const br_x509_trust_anchor ArduinoIoTCloudTrustAnchor[3] = {
         }
       }
     }
-  },
-  {
-    { (unsigned char *)TA2_DN, sizeof TA2_DN },
-    BR_X509_TA_CA,
-    {
-      BR_KEYTYPE_EC,
-      {
-        .ec = {
-          BR_EC_secp256r1,
-          (unsigned char *)TA2_EC_Q, sizeof TA2_EC_Q,
-        }
-      }
-    }
   }
 };
 
-#define ArduinoIoTCloudTrustAnchor_NUM (3)
+#define ArduinoIoTCloudTrustAnchor_NUM (2)
 
 #endif /* _BEAR_SSL_TRUST_ANCHOR_H_ */