deb/wolfssl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Upstream version 3.13.0+dfsg

Browse Source
This commit is contained in:
Mario Fetka
2018-02-19 12:29:49 +01:00
parent 1893aafd38
commit e07619e148
472 changed files with 168552 additions and 31827 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
certs/ca-ecc-cert.der Executable file
View File

Binary file not shown.

53
certs/ca-ecc-cert.pem Executable file
View File

@@ -0,0 +1,53 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
97:b4:bd:16:78:f8:47:f2
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Oct 20 18:19:06 2017 GMT
Not After : Oct 15 18:19:06 2037 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:02:d3:d9:6e:d6:01:8e:45:c8:b9:90:31:e5:c0:
4c:e3:9e:ad:29:38:98:ba:10:d6:e9:09:2a:80:a9:
2e:17:2a:b9:8a:bf:33:83:46:e3:95:0b:e4:77:40:
b5:3b:43:45:33:0f:61:53:7c:37:44:c1:cb:fc:80:
ca:e8:43:ea:a7
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
X509v3 Authority Key Identifier:
keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:32:26:81:e4:15:ec:e3:aa:d3:e5:b8:2a:ca:a3:
06:a7:04:97:d8:43:7f:d4:94:47:f8:18:0d:93:52:23:8b:08:
02:21:00:e1:9e:34:d0:92:ee:56:0d:23:38:4a:20:bc:cf:11:
c3:33:77:96:81:56:2b:ca:c4:d5:c6:65:5d:36:73:2f:ba
-----BEGIN CERTIFICATE-----
MIICijCCAjCgAwIBAgIJAJe0vRZ4+EfyMAoGCCqGSM49BAMCMIGXMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNzEwMjAxODE5MDZaFw0zNzEwMTUxODE5MDZaMIGXMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwH
d29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xm
c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqG
SM49AgEGCCqGSM49AwEHA0IABALT2W7WAY5FyLmQMeXATOOerSk4mLoQ1ukJKoCp
LhcquYq/M4NG45UL5HdAtTtDRTMPYVN8N0TBy/yAyuhD6qejYzBhMB0GA1UdDgQW
BBRWjprD8ELeGLlFVW75k8/qw/OlITAfBgNVHSMEGDAWgBRWjprD8ELeGLlFVW75
k8/qw/OlITAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjO
PQQDAgNIADBFAiAyJoHkFezjqtPluCrKowanBJfYQ3/UlEf4GA2TUiOLCAIhAOGe
NNCS7lYNIzhKILzPEcMzd5aBVivKxNXGZV02cy+6
-----END CERTIFICATE-----

BIN
certs/ca-ecc-key.der Executable file
View File

Binary file not shown.

5
certs/ca-ecc-key.pem Executable file
View File

@@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgAuEzmHeXrEpZbSib
bqCTmwdxi01gY4WZ5rsWcOkK9oChRANCAAQC09lu1gGORci5kDHlwEzjnq0pOJi6
ENbpCSqAqS4XKrmKvzODRuOVC+R3QLU7Q0UzD2FTfDdEwcv8gMroQ+qn
-----END PRIVATE KEY-----

BIN
certs/ca-ecc384-cert.der Executable file
View File

Binary file not shown.

58
certs/ca-ecc384-cert.pem Executable file
View File

@@ -0,0 +1,58 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f5:e1:8f:f1:4b:a6:83:8e
Signature Algorithm: ecdsa-with-SHA384
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Oct 20 18:19:06 2017 GMT
Not After : Oct 15 18:19:06 2037 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:ee:82:d4:39:9a:b1:27:82:f4:d7:ea:c6:bc:03:
1d:4d:83:61:f4:03:ae:7e:bd:d8:5a:a5:b9:f0:8e:
a2:a5:da:ce:87:3b:5a:ab:44:16:9c:f5:9f:62:dd:
f6:20:cd:9c:76:3c:40:b1:3f:97:17:df:59:f6:cd:
de:cd:46:35:c0:ed:5e:2e:48:b6:66:91:71:74:b7:
0c:3f:b9:9a:b7:83:bd:93:3f:5f:50:2d:70:3f:de:
35:25:e1:90:3b:86:e0
ASN1 OID: secp384r1
NIST CURVE: P-384
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E0:C3:26:4C:18:D4:72:BB:D2:84:8C:9C:0A:05:92:80:12:53:52
X509v3 Authority Key Identifier:
keyid:AB:E0:C3:26:4C:18:D4:72:BB:D2:84:8C:9C:0A:05:92:80:12:53:52
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA384
30:65:02:30:17:dd:b9:a5:e0:ec:8a:03:8b:66:45:69:ad:5e:
ad:32:bc:45:4c:89:85:3f:a1:dd:a4:74:4b:5d:08:65:1b:d8:
07:00:49:5d:ef:10:fc:eb:8f:64:a8:62:99:88:20:59:02:31:
00:94:40:64:29:86:d0:00:76:1c:98:23:9c:b7:9b:be:78:73:
3a:88:be:52:00:3f:e3:81:36:d9:14:22:3d:9e:a2:8a:4a:56:
9c:c4:3f:5f:88:2e:b1:a7:6c:4d:0e:cc:92
-----BEGIN CERTIFICATE-----
MIICxzCCAk2gAwIBAgIJAPXhj/FLpoOOMAoGCCqGSM49BAMDMIGXMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNzEwMjAxODE5MDZaFw0zNzEwMTUxODE5MDZaMIGXMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwH
d29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xm
c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqG
SM49AgEGBSuBBAAiA2IABO6C1DmasSeC9NfqxrwDHU2DYfQDrn692FqlufCOoqXa
zoc7WqtEFpz1n2Ld9iDNnHY8QLE/lxffWfbN3s1GNcDtXi5ItmaRcXS3DD+5mreD
vZM/X1AtcD/eNSXhkDuG4KNjMGEwHQYDVR0OBBYEFKvgwyZMGNRyu9KEjJwKBZKA
ElNSMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKAElNSMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2gAMGUCMBfduaXg7IoD
i2ZFaa1erTK8RUyJhT+h3aR0S10IZRvYBwBJXe8Q/OuPZKhimYggWQIxAJRAZCmG
0AB2HJgjnLebvnhzOoi+UgA/44E22RQiPZ6iikpWnMQ/X4gusadsTQ7Mkg==
-----END CERTIFICATE-----

BIN
certs/ca-ecc384-key.der Executable file
View File

Binary file not shown.

6
certs/ca-ecc384-key.pem Executable file
View File

@@ -0,0 +1,6 @@
-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB7FuPW0oGUbIrdqHju
x36zxdHbLvPtDkiFsfLhejlWwPFiEg81tzm8nCXAduv+VXChZANiAATugtQ5mrEn
gvTX6sa8Ax1Ng2H0A65+vdhapbnwjqKl2s6HO1qrRBac9Z9i3fYgzZx2PECxP5cX
31n2zd7NRjXA7V4uSLZmkXF0tww/uZq3g72TP19QLXA/3jUl4ZA7huA=
-----END PRIVATE KEY-----

108
certs/client-cert-3072.pem Normal file
View File

@@ -0,0 +1,108 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
c9:72:2a:eb:e8:4a:47:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Aug 11 05:14:40 2017 GMT
Not After : May 7 05:14:40 2020 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (3072 bit)
Modulus:
00:c1:00:b0:1a:0a:ba:88:03:cc:92:d6:f7:2e:0d:
ad:be:60:f4:a4:53:a3:dc:f9:b6:48:6c:21:33:cf:
7c:a0:c5:35:37:1a:5f:7e:65:33:07:b4:9a:d1:2e:
b2:ed:35:a1:c8:67:b3:db:39:05:8d:aa:81:74:00:
85:22:72:f8:7d:39:47:53:00:56:71:cf:82:d7:fc:
a2:7d:a0:6e:10:a2:96:db:cc:8e:e4:2d:9d:9d:5b:
4a:43:5e:cb:3d:48:72:af:f4:6a:da:34:2f:ed:99:
c1:1b:fb:4c:56:8a:a0:66:8c:fb:5d:10:d5:5b:0f:
96:04:d9:c5:b1:55:f5:88:76:db:d3:da:a1:dc:e9:
ee:d1:67:dd:bf:54:50:07:ef:2f:79:fb:4e:59:2a:
bf:92:0d:80:6f:7b:ec:79:65:9a:c3:08:c0:4f:c6:
6b:33:bf:9d:4d:af:f9:83:af:25:42:4c:93:f1:9f:
d6:33:7d:d4:85:2a:77:44:1d:1f:ca:d3:22:ab:69:
50:35:d8:47:3e:f7:9c:a8:e3:f9:84:60:9e:36:10:
02:5c:9c:1f:33:1c:e6:bb:d0:5f:28:63:27:4c:b5:
1c:71:b3:f4:7a:33:aa:45:70:a9:54:88:70:07:0e:
45:4f:b1:7f:2a:fd:bf:31:da:97:96:c8:55:49:f2:
c3:b6:e6:08:78:ca:40:8b:2e:5d:8e:4e:6c:65:6b:
57:f4:1d:ee:41:b6:ed:24:0d:38:f2:40:bd:7d:59:
6b:c5:d6:67:e2:12:9b:10:05:fe:eb:40:1d:c5:73:
75:ac:e9:9c:07:63:72:e4:c5:04:fe:c9:17:13:bf:
04:02:0e:44:e9:9d:59:6e:7e:63:38:e6:db:31:21:
28:5e:82:20:36:ad:26:fe:ba:6d:af:57:2e:32:aa:
a6:2c:54:b4:25:50:11:ac:25:8b:84:1b:7b:5d:ae:
df:e1:c4:32:3a:b4:60:6c:16:ef:9c:2c:a8:67:d0:
53:f5:c8:97:9a:9e:81:25:e6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B8:8A:0E:1D:E7:2B:22:BA:2D:F4:54:DD:7E:D4:63:8A:AB:E7:95
X509v3 Authority Key Identifier:
keyid:FA:B8:8A:0E:1D:E7:2B:22:BA:2D:F4:54:DD:7E:D4:63:8A:AB:E7:95
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_3072/OU=Programming-3072/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:C9:72:2A:EB:E8:4A:47:E7
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
b3:20:83:3d:56:e2:b9:a6:8f:a9:46:fe:ad:9f:c7:d5:e2:dc:
db:78:1e:4c:ca:d5:bd:38:5d:20:bc:18:f9:a0:33:7e:09:df:
89:61:15:85:6d:80:78:3d:b4:6b:30:e6:f3:8a:8f:b2:5d:a0:
6b:41:51:24:1c:4c:5e:db:0d:af:6d:56:12:1b:91:01:ed:0e:
1c:1a:15:95:8f:99:1f:7f:e7:65:e7:0a:fe:24:0c:e0:a1:1f:
16:7f:55:2e:48:98:97:3f:98:a7:90:1f:20:ec:b6:16:fa:2a:
d2:91:3a:5f:83:df:cd:a3:51:37:19:69:c3:be:c9:35:bb:32:
47:e9:e5:30:1f:cd:27:ac:4d:05:31:d9:06:33:5c:6e:f5:bb:
22:b6:7c:68:3d:82:f2:c0:2e:00:34:d9:ed:ba:fc:f5:39:04:
53:32:b7:bb:ff:c6:a1:bc:50:8e:d5:43:b6:48:07:8b:3d:47:
4a:f7:22:f1:c3:4d:3d:db:d4:ca:e6:77:4d:94:7c:79:36:df:
81:de:a7:fc:24:0e:7c:ec:72:2e:4d:b2:dc:7c:93:98:29:62:
8b:67:0a:dd:c5:2f:ea:e1:b0:1d:d2:9d:91:74:30:3f:14:10:
03:95:36:1b:02:2a:84:22:51:fa:26:fb:a4:a7:a7:d0:3f:12:
0d:bc:14:c8:cd:60:a1:53:44:e3:5b:7a:63:ee:3e:50:f8:4a:
ea:0a:2e:c2:9d:69:0c:4b:c6:ea:cd:b2:0d:d0:de:13:09:c9:
f9:d5:7c:e4:f4:b1:55:8f:59:9e:86:b9:51:77:ad:35:06:35:
fa:2c:76:06:41:b9:21:13:dd:94:02:34:66:e0:21:86:8e:08:
9d:06:71:f2:bc:c3:34:10:ff:3d:d4:0c:70:8a:3c:bb:8a:ea:
af:a1:b3:63:78:95:e4:c8:54:3c:87:c5:b4:97:7a:19:a3:59:
75:ac:d6:5b:48:47:55:e8:24:20:fa:e8:2b:66:5d:6a:17:47:
ce:38:93:a7:d1:ed
-----BEGIN CERTIFICATE-----
MIIFyjCCBDKgAwIBAgIJAMlyKuvoSkfnMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG
A1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFtbWluZy0zMDcyMRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb20wHhcNMTcwODExMDUxNDQwWhcNMjAwNTA3MDUxNDQwWjCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT
BgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3MjEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAwQCwGgq6
iAPMktb3Lg2tvmD0pFOj3Pm2SGwhM898oMU1NxpffmUzB7Sa0S6y7TWhyGez2zkF
jaqBdACFInL4fTlHUwBWcc+C1/yifaBuEKKW28yO5C2dnVtKQ17LPUhyr/Rq2jQv
7ZnBG/tMVoqgZoz7XRDVWw+WBNnFsVX1iHbb09qh3Onu0Wfdv1RQB+8veftOWSq/
kg2Ab3vseWWawwjAT8ZrM7+dTa/5g68lQkyT8Z/WM33UhSp3RB0fytMiq2lQNdhH
PvecqOP5hGCeNhACXJwfMxzmu9BfKGMnTLUccbP0ejOqRXCpVIhwBw5FT7F/Kv2/
MdqXlshVSfLDtuYIeMpAiy5djk5sZWtX9B3uQbbtJA048kC9fVlrxdZn4hKbEAX+
60AdxXN1rOmcB2Ny5MUE/skXE78EAg5E6Z1Zbn5jOObbMSEoXoIgNq0m/rptr1cu
MqqmLFS0JVARrCWLhBt7Xa7f4cQyOrRgbBbvnCyoZ9BT9ciXmp6BJebHAgMBAAGj
ggEHMIIBAzAdBgNVHQ4EFgQU+riKDh3nKyK6LfRU3X7UY4qr55UwgdMGA1UdIwSB
yzCByIAU+riKDh3nKyK6LfRU3X7UY4qr55WhgaSkgaEwgZ4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3
b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1taW5nLTMwNzIxGDAWBgNVBAMM
D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv
bYIJAMlyKuvoSkfnMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBALMg
gz1W4rmmj6lG/q2fx9Xi3Nt4HkzK1b04XSC8GPmgM34J34lhFYVtgHg9tGsw5vOK
j7JdoGtBUSQcTF7bDa9tVhIbkQHtDhwaFZWPmR9/52XnCv4kDOChHxZ/VS5ImJc/
mKeQHyDsthb6KtKROl+D382jUTcZacO+yTW7Mkfp5TAfzSesTQUx2QYzXG71uyK2
fGg9gvLALgA02e26/PU5BFMyt7v/xqG8UI7VQ7ZIB4s9R0r3IvHDTT3b1Mrmd02U
fHk234Hep/wkDnzsci5Nstx8k5gpYotnCt3FL+rhsB3SnZF0MD8UEAOVNhsCKoQi
Ufom+6Snp9A/Eg28FMjNYKFTRONbemPuPlD4SuoKLsKdaQxLxurNsg3Q3hMJyfnV
fOT0sVWPWZ6GuVF3rTUGNfosdgZBuSET3ZQCNGbgIYaOCJ0GcfK8wzQQ/z3UDHCK
PLuK6q+hs2N4leTIVDyHxbSXehmjWXWs1ltIR1XoJCD66CtmXWoXR844k6fR7Q==
-----END CERTIFICATE-----

40
certs/client-key-3072.pem Normal file
View File

@@ -0,0 +1,40 @@
-----BEGIN PRIVATE KEY-----
MIIG/wIBADANBgkqhkiG9w0BAQEFAASCBukwggblAgEAAoIBgQDBALAaCrqIA8yS
1vcuDa2+YPSkU6Pc+bZIbCEzz3ygxTU3Gl9+ZTMHtJrRLrLtNaHIZ7PbOQWNqoF0
AIUicvh9OUdTAFZxz4LX/KJ9oG4QopbbzI7kLZ2dW0pDXss9SHKv9GraNC/tmcEb
+0xWiqBmjPtdENVbD5YE2cWxVfWIdtvT2qHc6e7RZ92/VFAH7y95+05ZKr+SDYBv
e+x5ZZrDCMBPxmszv51Nr/mDryVCTJPxn9YzfdSFKndEHR/K0yKraVA12Ec+95yo
4/mEYJ42EAJcnB8zHOa70F8oYydMtRxxs/R6M6pFcKlUiHAHDkVPsX8q/b8x2peW
yFVJ8sO25gh4ykCLLl2OTmxla1f0He5Btu0kDTjyQL19WWvF1mfiEpsQBf7rQB3F
c3Ws6ZwHY3LkxQT+yRcTvwQCDkTpnVlufmM45tsxIShegiA2rSb+um2vVy4yqqYs
VLQlUBGsJYuEG3tdrt/hxDI6tGBsFu+cLKhn0FP1yJeanoEl5scCAwEAAQKCAYA4
2WMFyLM47SWM+xTD0/OhaB2naZuSs1sl6fO9txgWowARwwrtyBFH68LOatr5VBrb
VPB9WkZwfBC1gpG0m/jlqcGAiVDtJRp9VETojCDfdYTKKW7Nd0I93234eiuTWYuu
mGgA7e5QJkHjZBoQQ7ULf+tqdlLiB61AsISyv4cbMyd9N6EF2UInHFkMymDodWOe
oo9pZFYZRzDVpcL53xu+5wz+couRKpfDElqEl0p6ROQu/82wTRgUQXXv8kQzEg1Z
Ccm9D66IPLHviG19utUSNll2Fq3i7V88It+NFzBp4yzNvoXOiUFWwDoqHUve2ifV
UDKITEE8Zh3Cm/UGdbNk+lkMOu5tmE0l1tOe2F+9RAjB1SnN8qxMqgMnmftEKYja
3Do9feU0H2ZmKfK6dfECB7NsuVg9mI66Dew0rjQJ0oRG1+qqvPgHROcVnMBMmeU1
bsF2yV2RWCc/4RFuAEi0VM2SgYOst5Voa+Os15rFxZ3APC+FqDmzYyyKVfXpgMEC
gcEA7NuwxVGiseKGVZXG1/JJm86hCNkyAFMx1soGQDXyCZfTKFTwuJr+rImkOLnj
J8i5cGa8v8E8obH/bMeM6hI8qsJ5jr1yHluZBGOy+VNmeV1pCLpCeXF/enn9gTq4
m+X6SCxCn/SQdnr1Z5HT9yTcsWSzKk+T7uVKCZomfmBJyK3hhYsUsCaE0eQjgGfm
yY/HKFVni/wmYLxnDwrMNtIK6aBA3cRrUr8MG8DZDVdourXMUo+G61kEaAV2Wu2R
QrEzAoHBANCZrjOcPOZ5ojRmvqIiwX39U5Ucu9gkYvi63fJgzUcZKoH67D4pK1T7
lvQ93hVnno0tKW16+lUS7EkQs4xmSPK07jQn0xYOkTcBnu4b/lkSIaFouecFd+ls
XKlMz9VR91s89Hnuz0qXL7gpO2D9/bfonAXTsQyyTgNK3opwA4J0AKT+9PUTehGe
pT7OtupGMh7osuNzX7v/9L5VBz24ZOiI35yypOnK/DHJDKzXnXGBxHhEwmdAQe0T
BKMQ8nDcHQKBwQDCdCpQFJFpUPvQT8KLj1J3I9B5Hzc5pROJrxoqpR8sWQT2W6W1
KSpkJCw6lgGzq8rySKY1F0Pby/JTMBC0Kny8BCUf1tBVtAWP4PoSTzIV+WY90Ay6
/z8VIgnJipf9BXXQwuV/xJzFaHUIrmRCxnSY/n9JAUQGISADehaYMhzhMD+yD1jQ
tQ7d8lpjFOoYGH380wDLoBsx1/sUEl1NtGtZGkOmzZb+u/II5u5LUbOddZtlPIgb
t10yuSlNxTQ4eJkCgcEAgxbg23wm5Wuw3J9o03lmAWgOe5mIDqenLso4KlZdCn4t
MWvfxJyYp5pH3gt3IhpxECU+cJek84ulw7DkNKoe06+SNmKEi8rxxRCWsOoUqCL1
0Xp/wUe1eJJplNc5kMQm30ZqGKpTyHtEOMZok2ZqaIWcbyj+jY0L65PEUFleSz/d
G9NBWzY3MxVwoQzE9GrSmov/x2I82mdahbXnjAjyGRPS+qVlb6rpW9wNxBzny2oS
bsY/KSW/iF24P0WqJfSdAoHBAMrAqYYkbFVboqKXci8ngzrBIPTweUaQetseywd3
EsBoCuIub/zOHrXPyEHpQpsWBoyCs7/wFy+e2E8qWJ9GBqVaUdpO1PQbgDBTg3C4
lx91pXJ9wHFFMX7evHYLFLLce6ofhrRDch97aFvdDP0dB7fh32FRUyJzPQwVXOcL
OEyaN2q+5mTLVIohiiryb6SmsD2qbAzym32/826Fku2zwX8j2xdCP/AkdnIPz/L0
H3pgMZYSzYmd0dbSva225DqVew==
-----END PRIVATE KEY-----

30
certs/crl/caEcc384Crl.pem Executable file
View File

@@ -0,0 +1,30 @@
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Oct 20 18:19:08 2017 GMT
Next Update: Jul 16 18:19:08 2020 GMT
CRL extensions:
X509v3 Authority Key Identifier:
keyid:AB:E0:C3:26:4C:18:D4:72:BB:D2:84:8C:9C:0A:05:92:80:12:53:52
X509v3 CRL Number:
8193
No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA256
30:65:02:31:00:ad:70:4b:08:03:b6:ab:d4:9e:8d:dd:2a:05:
ec:07:6b:86:61:08:69:08:1e:01:02:42:22:5f:a9:6d:4f:de:
20:6b:aa:a0:8f:e4:0a:8e:40:7c:cf:84:fb:10:50:01:90:02:
30:50:35:d3:6c:44:bd:ad:56:9d:3e:47:09:ac:b8:0d:db:5c:
54:f2:1c:25:fb:d2:cb:63:2b:9e:17:a3:1e:0b:ba:15:a8:65:
7e:5b:94:c0:11:f4:e2:c9:f1:25:ba:08:26
-----BEGIN X509 CRL-----
MIIBcjCB+QIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx
FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE3MTAyMDE4MTkwOFoX
DTIwMDcxNjE4MTkwOFqgMDAuMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA
ElNSMAsGA1UdFAQEAgIgATAKBggqhkjOPQQDAgNoADBlAjEArXBLCAO2q9Sejd0q
BewHa4ZhCGkIHgECQiJfqW1P3iBrqqCP5AqOQHzPhPsQUAGQAjBQNdNsRL2tVp0+
RwmsuA3bXFTyHCX70stjK54Xox4LuhWoZX5blMAR9OLJ8SW6CCY=
-----END X509 CRL-----

28
certs/crl/caEccCrl.pem Executable file
View File

@@ -0,0 +1,28 @@
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Oct 20 18:19:08 2017 GMT
Next Update: Jul 16 18:19:08 2020 GMT
CRL extensions:
X509v3 Authority Key Identifier:
keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
X509v3 CRL Number:
8192
No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:51:84:45:49:4b:69:3a:e0:84:d2:9c:e4:62:c9:
4c:30:83:ba:3e:5a:f6:ea:2c:54:50:17:26:4d:fc:82:5f:d2:
02:21:00:e5:6b:a6:1c:e3:83:07:cd:59:04:66:00:a0:76:77:
11:d8:82:76:fd:a9:2d:cc:3a:db:3a:0f:b5:1a:a6:f3:a8
-----BEGIN X509 CRL-----
MIIBUjCB+QIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx
FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE3MTAyMDE4MTkwOFoX
DTIwMDcxNjE4MTkwOFqgMDAuMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD
86UhMAsGA1UdFAQEAgIgADAKBggqhkjOPQQDAgNIADBFAiBRhEVJS2k64ITSnORi
yUwwg7o+WvbqLFRQFyZN/IJf0gIhAOVrphzjgwfNWQRmAKB2dxHYgnb9qS3MOts6
D7UapvOo
-----END X509 CRL-----

80
certs/crl/crl2.pem Normal file
View File

@@ -0,0 +1,80 @@
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Aug 11 20:07:38 2016 GMT
Next Update: May 8 20:07:38 2019 GMT
CRL extensions:
X509v3 CRL Number:
1
Revoked Certificates:
Serial Number: 02
Revocation Date: Aug 11 20:07:38 2016 GMT
Signature Algorithm: sha256WithRSAEncryption
35:c6:7f:57:9a:e5:86:5a:15:1a:e2:e5:2b:9f:54:79:2a:58:
51:a2:12:0c:4e:53:58:eb:99:e3:c2:ee:2b:d7:23:e4:3c:4d:
0a:ab:ae:71:9b:ce:b1:c1:75:a1:b6:e5:32:5f:10:b0:72:28:
2e:74:b1:99:dd:47:53:20:f6:9a:83:5c:bd:20:b0:aa:df:32:
f6:95:54:98:9e:59:96:55:7b:0a:74:be:94:66:44:b7:32:82:
f0:eb:16:f8:30:86:16:9f:73:43:98:82:b5:5e:ad:58:c0:c8:
79:da:ad:b1:b4:d7:fb:34:c1:cc:3a:67:af:a4:56:5a:70:5c:
2d:1f:73:16:78:92:01:06:e3:2c:fb:f1:ba:d5:8f:f9:be:dd:
e1:4a:ce:de:ca:e6:2d:96:09:24:06:40:9e:10:15:2e:f2:cd:
85:d6:84:88:db:9c:4a:7b:75:7a:06:0e:40:02:20:60:7e:91:
f7:92:53:1e:34:7a:ea:ee:df:e7:cd:a8:9e:a6:61:b4:56:50:
4d:dc:b1:78:0d:86:cf:45:c3:a6:0a:b9:88:2c:56:a7:b1:d3:
d3:0d:44:aa:93:a4:05:4d:ce:9f:01:b0:c6:1e:e4:ea:6b:92:
6f:93:dd:98:cf:fb:1d:06:72:ac:d4:99:e7:f2:b4:11:57:bd:
9d:63:e5:dc
-----BEGIN X509 CRL-----
MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE2MDgxMTIwMDczOFoX
DTE5MDUwODIwMDczOFowFDASAgECFw0xNjA4MTEyMDA3MzhaoA4wDDAKBgNVHRQE
AwIBATANBgkqhkiG9w0BAQsFAAOCAQEANcZ/V5rlhloVGuLlK59UeSpYUaISDE5T
WOuZ48LuK9cj5DxNCquucZvOscF1obblMl8QsHIoLnSxmd1HUyD2moNcvSCwqt8y
9pVUmJ5ZllV7CnS+lGZEtzKC8OsW+DCGFp9zQ5iCtV6tWMDIedqtsbTX+zTBzDpn
r6RWWnBcLR9zFniSAQbjLPvxutWP+b7d4UrO3srmLZYJJAZAnhAVLvLNhdaEiNuc
Snt1egYOQAIgYH6R95JTHjR66u7f582onqZhtFZQTdyxeA2Gz0XDpgq5iCxWp7HT
0w1EqpOkBU3OnwGwxh7k6muSb5PdmM/7HQZyrNSZ5/K0EVe9nWPl3A==
-----END X509 CRL-----
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Aug 11 20:07:38 2016 GMT
Next Update: May 8 20:07:38 2019 GMT
CRL extensions:
X509v3 CRL Number:
3
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
14:85:d5:c8:db:62:74:48:94:5e:dc:52:0f:5e:43:8b:29:83:
32:e0:7a:4c:5c:76:e3:7e:c1:87:74:40:b2:6f:f8:33:4c:2c:
32:08:f0:5f:d9:85:b3:20:05:34:5d:15:4d:ba:45:bc:2d:9c:
ae:40:d0:d8:9a:b3:a1:4f:0b:94:ce:c4:23:c6:bf:a2:f8:a6:
02:4c:6d:ad:5a:59:b3:83:55:dd:37:91:f6:75:d4:6f:83:5f:
1c:29:94:cd:01:09:dc:38:d8:6c:c0:9f:1e:76:9d:f9:8f:70:
0d:48:e5:99:82:90:3a:36:f1:33:17:69:73:8a:ee:a7:22:4c:
58:93:a1:dc:59:b9:44:8f:88:99:0b:c4:d3:74:aa:02:9a:84:
36:48:d8:a0:05:73:bc:14:32:1e:76:23:85:c5:94:56:b2:2c:
61:3b:07:d7:bd:0c:27:f7:d7:23:40:bd:0c:6c:c7:e0:f7:28:
74:67:98:20:93:72:16:b6:6e:67:3f:9e:c9:34:c5:64:09:bf:
b1:ab:87:0c:80:b6:1f:89:d8:0e:67:c2:c7:19:df:ee:9f:b2:
e6:fb:64:3d:82:7a:47:e2:8d:a3:93:1d:29:f6:94:db:83:2f:
b6:0a:a0:da:77:e3:56:ec:d7:d2:22:3c:88:4d:4a:87:de:b5:
1c:eb:7b:08
-----BEGIN X509 CRL-----
MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNjA4
MTEyMDA3MzhaFw0xOTA1MDgyMDA3MzhaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG
9w0BAQsFAAOCAQEAFIXVyNtidEiUXtxSD15DiymDMuB6TFx2437Bh3RAsm/4M0ws
MgjwX9mFsyAFNF0VTbpFvC2crkDQ2JqzoU8LlM7EI8a/ovimAkxtrVpZs4NV3TeR
9nXUb4NfHCmUzQEJ3DjYbMCfHnad+Y9wDUjlmYKQOjbxMxdpc4rupyJMWJOh3Fm5
RI+ImQvE03SqApqENkjYoAVzvBQyHnYjhcWUVrIsYTsH170MJ/fXI0C9DGzH4Pco
dGeYIJNyFrZuZz+eyTTFZAm/sauHDIC2H4nYDmfCxxnf7p+y5vtkPYJ6R+KNo5Md
KfaU24Mvtgqg2nfjVuzX0iI8iE1Kh961HOt7CA==
-----END X509 CRL-----

22
certs/crl/gencrls.sh
View File

@@ -55,6 +55,28 @@ mv tmp crl.revoked
# remove revoked so next time through the normal CA won't have server revoked
cp blank.index.txt demoCA/index.txt
# caEccCrl
openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
# metadata
openssl crl -in caEccCrl.pem -text > tmp
mv tmp caEccCrl.pem
# install (only needed if working outside wolfssl)
#cp caEccCrl.pem ~/wolfssl/certs/crl/caEccCrl.pem
# caEcc384Crl
openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
# metadata
openssl crl -in caEcc384Crl.pem -text > tmp
mv tmp caEcc384Crl.pem
# install (only needed if working outside wolfssl)
#cp caEcc384Crl.pem ~/wolfssl/certs/crl/caEcc384Crl.pem
# cliCrl
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out cliCrl.pem -keyfile ../client-key.pem -cert ../client-cert.pem

7
certs/crl/include.am
View File

@@ -6,9 +6,10 @@ EXTRA_DIST += \
certs/crl/crl.pem \
certs/crl/cliCrl.pem \
certs/crl/eccSrvCRL.pem \
certs/crl/eccCliCRL.pem
certs/crl/eccCliCRL.pem \
certs/crl/crl2.pem \
certs/crl/caEccCrl.pem \
certs/crl/caEcc384Crl.pem
EXTRA_DIST += \
certs/crl/crl.revoked

11
certs/dh3072.pem Normal file
View File

@@ -0,0 +1,11 @@
-----BEGIN DH PARAMETERS-----
MIIBiAKCAYEAiRt1P4S2Ee0h8QgPuAbJo8lB21rI+IJzD+uJHlQYvuZIQZ76wgxQ
Z8NdtfUPI2pDM5HZQPNmxpn/l7Z7rydyO59+WBgUn5FuKxHBV0knNnjhCWicBVqs
5gA4vpV0gVMo8K3ftYccchdO7ACRIqrkiNf1PR8DEy0c+95ZaK3gF6Hujcy//s8k
Qu0m3SnQTmI8hTYbX2pHiCHlG4UKLOkv4CD8Hc1VZvWsMgCOo+nt+zWn5nZTQsZ3
d6uQmXzC7MkYSjz0EXUng72ewo8jq1JG4lJdmgTDFR9pnHJpWVLUaT0ZdzYlrwdx
gt63JGCCanK77bZ2rn68fS9zSwQW1aTzAyb78817d358jWWupdxs43DSKWvy63bJ
5UYYElewVaV8zUGTJpn3pcU0vll53gpXXyH4mFLwL3tXtp38QKZV+6/ZFpsgT6ij
CwRI43cixMxXFDOi8JrjEr3/covuUvPJWcKia6V1SFGCDnr//kHNfGPSU6gRA7kD
B/5mOF+iPpwbAgEC
-----END DH PARAMETERS-----

8
certs/ecc-privOnlyCert.pem Normal file
View File

@@ -0,0 +1,8 @@
-----BEGIN CERTIFICATE-----
MIIBJDCByaADAgECAgEAMAwGCCqGSM49BAMCBQAwGjELMAkGA1UEChMCV1IxCzAJBgNVBAYTAkRF
MB4XDTE3MDIwNjE0NTY0MVoXDTE4MDIwNjE0NTY0MVowGjELMAkGA1UEChMCV1IxCzAJBgNVBAYT
AkRFMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJcD9Frgr8rgKHt2szmJSfFgKYH1Xddq9EcHV
KupUa3bmPTb33VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAMBggqhkjOPQQDAgUAA0gAMEUC
IDnBQOHgHIudh7nFB0wG/WFMoUutVFN0uQPbVJSWwbQHAiEAmw25n+eEMgMK4Gi7qH1lzxm11WX0
jM1gxQSGZTaja8s=
-----END CERTIFICATE-----

4
certs/ecc-privOnlyKey.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN PRIVATE KEY-----
MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCBmlE/nixmHCpmplUopbqNEo+jJE40p
wfkxzH01tAWqcQ==
-----END PRIVATE KEY-----

4
certs/ecc-privkey.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN EC PRIVATE KEY-----
MDECAQEEIEW2aQJznGyFoThbcujox6zEA41TNQT6bCjcNI3hqAmMoAoGCCqGSM49
AwEH
-----END EC PRIVATE KEY-----

51
certs/ecc/genecc.sh Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
# run from wolfssl root
rm ./certs/ecc/*.old
rm ./certs/ecc/index.txt*
rm ./certs/ecc/serial
rm ./certs/ecc/crlnumber
touch ./certs/ecc/index.txt
echo 1000 > ./certs/ecc/serial
echo 2000 > ./certs/ecc/crlnumber
# generate ECC 256-bit CA
openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1
openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
openssl x509 -in ./certs/ca-ecc-cert.pem -inform PEM -out ./certs/ca-ecc-cert.der -outform DER
openssl ec -in ./certs/ca-ecc-key.pem -inform PEM -out ./certs/ca-ecc-key.der -outform DER
rm ./certs/ca-ecc-key.par
# generate ECC 384-bit CA
openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1
openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER
openssl ec -in ./certs/ca-ecc384-key.pem -inform PEM -out ./certs/ca-ecc384-key.der -outform DER
rm ./certs/ca-ecc384-key.par
# Generate ECC 256-bit server cert
openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pem -out ./certs/server-ecc-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/server-ecc-req.pem -CA ./certs/ca-ecc-cert.pem -CAkey ./certs/ca-ecc-key.pem -CAcreateserial -out ./certs/server-ecc.pem -sha256
# Sign server certificate
openssl ca -config ./certs/ecc/wolfssl.cnf -extensions server_cert -days 3650 -notext -md sha256 -in ./certs/server-ecc-req.pem -out ./certs/server-ecc.pem
openssl x509 -in ./certs/server-ecc.pem -outform der -out ./certs/server-ecc.der
rm ./certs/server-ecc-req.pem
# Gen CRL
openssl ca -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEccCrl.pem -keyfile ./certs/ca-ecc-key.pem -cert ./certs/ca-ecc-cert.pem
openssl ca -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEcc384Crl.pem -keyfile ./certs/ca-ecc384-key.pem -cert ./certs/ca-ecc384-cert.pem
# Also manually need to:
# 1. Copy ./certs/server-ecc.der into ./certs/test/server-cert-ecc-badsig.der `cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der`
# 2. Modify last byte so its invalidates signature in ./certs/test/server-cert-ecc-badsig.der
# 3. Covert bad cert to pem `openssl x509 -inform der -in ./certs/test/server-cert-ecc-badsig.der -outform pem -out ./certs/test/server-cert-ecc-badsig.pem`
# 4. Update AKID's for CA's in test.c certext_test() function akid_ecc.

8
certs/ecc/include.am Normal file
View File

@@ -0,0 +1,8 @@
# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
certs/ecc/genecc.sh \
certs/ecc/wolfssl.cnf

109
certs/ecc/wolfssl.cnf Normal file
View File

@@ -0,0 +1,109 @@
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = .
certs = $dir/certs
new_certs_dir = $dir/certs
database = $dir/certs/ecc/index.txt
serial = $dir/certs/ecc/serial
RANDFILE = $dir/private/.rand
# The root key and root certificate.
private_key = $dir/certs/ca-ecc-key.pem
certificate = $dir/certs/ca-ecc-cert.pem
# For certificate revocation lists.
crlnumber = $dir/certs/ecc/crlnumber
crl_extensions = crl_ext
default_crl_days = 1000
# SHA-1 is deprecated, so use SHA-2 instead.
default_md = sha256
name_opt = ca_default
cert_opt = ca_default
default_days = 3650
preserve = no
policy = policy_loose
[ policy_strict ]
# The root CA should only sign intermediate certificates that match.
# See the POLICY FORMAT section of `man ca`.
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ policy_loose ]
# Allow the intermediate CA to sign a more diverse range of certificates.
# See the POLICY FORMAT section of the `ca` man page.
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
# Options for the `req` tool (`man req`).
default_bits = 2048
distinguished_name = req_distinguished_name
string_mask = utf8only
# SHA-1 is deprecated, so use SHA-2 instead.
default_md = sha256
# Extension to add when the -x509 option is used.
x509_extensions = v3_ca
[ req_distinguished_name ]
countryName = US
stateOrProvinceName = Washington
localityName = Seattle
0.organizationName = wolfSSL
organizationalUnitName = Development
commonName = www.wolfssl.com
emailAddress = info@wolfssl.com
[ v3_ca ]
# Extensions for a typical CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ v3_intermediate_ca ]
# Extensions for a typical intermediate CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true, pathlen:0
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ usr_cert ]
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = client, email
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, emailProtection
[ server_cert ]
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = server
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = serverAuth
[ crl_ext ]
# Extension for CRLs (`man x509v3_config`).
authorityKeyIdentifier=keyid:always

BIN
certs/ed25519/ca-ed25519-key.der Normal file
View File

Binary file not shown.

4
certs/ed25519/ca-ed25519-key.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEIE3EyZVR/gbofvUgIsCeuA3yZ9E7DbTQxW7HMDYQhbxl
oSIEIEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
-----END EDDSA PRIVATE KEY-----

BIN
certs/ed25519/ca-ed25519.der Normal file
View File

Binary file not shown.

15
certs/ed25519/ca-ed25519.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICWTCCAgugAwIBAgIIAfbhPrx5oYUwBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGdMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UE
BAwCQ0ExEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbTAqMAUGAytlcAMhAEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
o2EwXzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBSS1Qva8QSLuaGLAwKfWAA1Ngd6
yTAfBgNVHSMEGDAWgBSGwCfpnvqFwf3jb/xUWXI3xzOSuzAPBgNVHQ8BAf8EBQMC
AcYAMAUGAytlcANBACIbBhfAEXQfZNGj9nsGABoLUI7rsWOSRbrc4sFoFCMMbiyV
PLEcGSeYUD5VUczESVivuUZP7ZxXOAQp1KkS/gg=
-----END CERTIFICATE-----

BIN
certs/ed25519/client-ed25519-key.der Normal file
View File

Binary file not shown.

4
certs/ed25519/client-ed25519-key.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEIBGdNYxa3ommO8aYO1oGaGSRQBqDYB0sKOdR3bqejqIQ
oSIEIDY9UZ60w5FgsDoJuIdapQUPW1PlZBc+cLkNZhKk5fFR
-----END EDDSA PRIVATE KEY-----

BIN
certs/ed25519/client-ed25519.der Normal file
View File

Binary file not shown.

15
certs/ed25519/client-ed25519.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICUTCCAgOgAwIBAgIIAckQps/YSE8wBQYDK2VwMIGhMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEPMA0GA1UEBAwGY2xp
ZW50MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgwFgYDVQQD
DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b20wIhgPMjAxNzA1MjgyMzI2MjlaGA8yMDE5MDUyOTIzMjYyOVowgaExCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ8wDQYD
VQQEDAZjbGllbnQxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTAqMAUGAytlcAMhADY9UZ60w5FgsDoJuIdapQUPW1PlZBc+cLkN
ZhKk5fFRo1MwUTAdBgNVHQ4EFgQUppdwk1xpkyuWMh6Heza6k5opV/EwHwYDVR0j
BBgwFoAUppdwk1xpkyuWMh6Heza6k5opV/EwDwYDVR0PAQH/BAUDAgbAADAFBgMr
ZXADQQCUo3bb4Zv2vjs09vniOoogAIHBlj4tOdodJ/vVfSFRGfo5MTbFOa4RmAvZ
kz+W324RkBsIl8R8ksENe87bJwAP
-----END CERTIFICATE-----

BIN
certs/ed25519/root-ed25519-key.der Normal file
View File

Binary file not shown.

4
certs/ed25519/root-ed25519-key.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEIFwOftlJ9QL4yEBIBh9UmTRwCu+A6puPK9OFmVk0A19P
oSIEIKZgKbt92EfL1B7QbQ9XANgqH1BqQrxd5bgZZbLfJK9Q
-----END EDDSA PRIVATE KEY-----

BIN
certs/ed25519/root-ed25519.der Normal file
View File

Binary file not shown.

15
certs/ed25519/root-ed25519.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICWzCCAg2gAwIBAgIIAcUx7uhNOB4wBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGfMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE
BAwEUm9vdDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tMCowBQYDK2VwAyEApmApu33YR8vUHtBtD1cA2CofUGpCvF3luBllst8k
r1CjYTBfMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFIbAJ+me+oXB/eNv/FRZcjfH
M5K7MB8GA1UdIwQYMBaAFIbAJ+me+oXB/eNv/FRZcjfHM5K7MA8GA1UdDwEB/wQF
AwIBxgAwBQYDK2VwA0EAGj129Ed4mXezQYuGBMzeglOtvFvz3UqPLBGTRI49gqqw
2/VnVoX532VvhensyCrk3/tRluh1wMnenEQlncm/CQ==
-----END CERTIFICATE-----

BIN
certs/ed25519/server-ed25519-key.der Normal file
View File

Binary file not shown.

4
certs/ed25519/server-ed25519-key.pem Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEINjpdrI/H/eIdfXd+HrGSTBu6Z/LnR4rwBjvu3WJ5ndn
oSIEIBowiBhHL5faBPSk471sDBa5SMHRQteOkoSgdCpDng4p
-----END EDDSA PRIVATE KEY-----

BIN
certs/ed25519/server-ed25519.der Normal file
View File

Binary file not shown.

30
certs/ed25519/server-ed25519.pem Normal file
View File

@@ -0,0 +1,30 @@
-----BEGIN CERTIFICATE-----
MIICSzCCAf2gAwIBAgIIAdCSEGpaRlcwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UEBAwCQ0Ex
EDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAi
GA8yMDE3MDUyODIzMjYyOVoYDzIwMTkwNTI5MjMyNjI5WjCBnzELMAkGA1UEBhMC
VVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xDTALBgNVBAQM
BExlYWYxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbTAqMAUGAytlcAMhABowiBhHL5faBPSk471sDBa5SMHRQteOkoSgdCpDng4p
o1MwUTAdBgNVHQ4EFgQU9rKEGpW0cDJT/tnrmymAS9a18cAwHwYDVR0jBBgwFoAU
ktUL2vEEi7mhiwMCn1gANTYHeskwDwYDVR0PAQH/BAUDAgbAADAFBgMrZXADQQAS
VncMlkKY2skVbE5IlQUd0Hgy+IZGmkabZIsxsBlrd5mL//wCNgULaTeHYnXaUCwt
XVKUPwCdGEVvNxKO9OQA
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICWTCCAgugAwIBAgIIAfbhPrx5oYUwBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGdMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UE
BAwCQ0ExEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbTAqMAUGAytlcAMhAEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
o2EwXzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBSS1Qva8QSLuaGLAwKfWAA1Ngd6
yTAfBgNVHSMEGDAWgBSGwCfpnvqFwf3jb/xUWXI3xzOSuzAPBgNVHQ8BAf8EBQMC
AcYAMAUGAytlcANBACIbBhfAEXQfZNGj9nsGABoLUI7rsWOSRbrc4sFoFCMMbiyV
PLEcGSeYUD5VUczESVivuUZP7ZxXOAQp1KkS/gg=
-----END CERTIFICATE-----

21
certs/external/baltimore-cybertrust-root.pem vendored Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
-----END CERTIFICATE-----

23
certs/external/ca-digicert-ev.pem vendored Normal file
View File

@@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
+OkuE6N36B9K
-----END CERTIFICATE-----

22
certs/external/ca-globalsign-root-r2.pem vendored
View File

@@ -1,22 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
-----END CERTIFICATE-----

21
certs/external/ca-globalsign-root-r3.pem vendored Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4
MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8
RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT
gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm
KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd
QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ
XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o
LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU
RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp
jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
WD9f
-----END CERTIFICATE-----

28
certs/external/ca-verisign-g5.pem vendored
View File

@@ -1,28 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----

4
certs/external/include.am vendored
View File

@@ -3,5 +3,5 @@
#
EXTRA_DIST += \
certs/external/ca-globalsign-root-r2.pem \
certs/external/ca-verisign-g5.pem
certs/external/ca-globalsign-root-r3.pem \
certs/external/baltimore-cybertrust-root.pem

47
certs/include.am Normal file → Executable file
View File

@@ -9,6 +9,7 @@ EXTRA_DIST += \
certs/client-keyEnc.pem \
certs/client-key.pem \
certs/ecc-key.pem \
certs/ecc-privkey.pem \
certs/ecc-keyPkcs8Enc.pem \
certs/ecc-key-comp.pem \
certs/ecc-keyPkcs8.pem \
@@ -20,10 +21,12 @@ EXTRA_DIST += \
certs/dh2048.pem \
certs/server-cert.pem \
certs/server-ecc.pem \
certs/server-ecc-self.pem \
certs/server-ecc-comp.pem \
certs/server-ecc-rsa.pem \
certs/server-keyEnc.pem \
certs/server-key.pem \
certs/server-keyPkcs8.der \
certs/server-keyPkcs8Enc12.pem \
certs/server-keyPkcs8Enc2.pem \
certs/server-keyPkcs8Enc.pem \
@@ -32,7 +35,12 @@ EXTRA_DIST += \
certs/server-revoked-key.pem \
certs/wolfssl-website-ca.pem \
certs/test-servercert.p12 \
certs/dsaparams.pem
certs/dsaparams.pem \
certs/ecc-privOnlyKey.pem \
certs/ecc-privOnlyCert.pem \
certs/dh3072.pem \
certs/client-cert-3072.pem \
certs/client-key-3072.pem
EXTRA_DIST += \
certs/ca-key.der \
certs/ca-cert.der \
@@ -51,11 +59,46 @@ EXTRA_DIST += \
certs/server-cert.der \
certs/server-ecc-comp.der \
certs/server-ecc.der \
certs/server-ecc-self.der \
certs/server-ecc-rsa.der \
certs/server-cert-chain.der
certs/server-cert-chain.der
EXTRA_DIST += \
certs/ed25519/ca-ed25519.der \
certs/ed25519/ca-ed25519-key.der \
certs/ed25519/ca-ed25519-key.pem \
certs/ed25519/ca-ed25519.pem \
certs/ed25519/client-ed25519.der \
certs/ed25519/client-ed25519-key.der \
certs/ed25519/client-ed25519-key.pem \
certs/ed25519/client-ed25519.pem \
certs/ed25519/root-ed25519.der \
certs/ed25519/root-ed25519-key.der \
certs/ed25519/root-ed25519-key.pem \
certs/ed25519/root-ed25519.pem \
certs/ed25519/server-ed25519.der \
certs/ed25519/server-ed25519-key.der \
certs/ed25519/server-ed25519-key.pem \
certs/ed25519/server-ed25519.pem
# ECC CA prime256v1
EXTRA_DIST += \
certs/ca-ecc-cert.der \
certs/ca-ecc-cert.pem \
certs/ca-ecc-key.der \
certs/ca-ecc-key.pem
# ECC CA SECP384R1
EXTRA_DIST += \
certs/ca-ecc384-cert.der \
certs/ca-ecc384-cert.pem \
certs/ca-ecc384-key.der \
certs/ca-ecc384-key.pem
dist_doc_DATA+= certs/taoCert.txt
EXTRA_DIST+= certs/ntru-key.raw
include certs/test/include.am
include certs/test-pathlen/include.am
include certs/test/include.am
include certs/ecc/include.am

12
certs/ocsp/include.am
View File

@@ -3,15 +3,11 @@
#
EXTRA_DIST += \
certs/ocsp/index0.txt \
certs/ocsp/index1.txt \
certs/ocsp/index2.txt \
certs/ocsp/index3.txt \
certs/ocsp/index-ca-and-intermediate-cas.txt \
certs/ocsp/index-intermediate1-ca-issued-certs.txt \
certs/ocsp/index-intermediate3-ca-issued-certs.txt \
certs/ocsp/index-intermediate3-ca-issued-certs.txt \
certs/ocsp/openssl.cnf \
certs/ocsp/ocspd0.sh \
certs/ocsp/ocspd1.sh \
certs/ocsp/ocspd2.sh \
certs/ocsp/ocspd3.sh \
certs/ocsp/intermediate1-ca-key.pem \
certs/ocsp/intermediate1-ca-cert.pem \
certs/ocsp/intermediate2-ca-key.pem \

0
certs/ocsp/index0.txt → certs/ocsp/index-ca-and-intermediate-cas.txt
View File

0
certs/ocsp/index1.txt → certs/ocsp/index-intermediate1-ca-issued-certs.txt
View File

0
certs/ocsp/index2.txt → certs/ocsp/index-intermediate2-ca-issued-certs.txt
View File

0
certs/ocsp/index3.txt → certs/ocsp/index-intermediate3-ca-issued-certs.txt
View File

8
certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
openssl ocsp -port 22221 -nmin 1 \
-index certs/ocsp/index-intermediate1-ca-issued-certs.txt \
-rsigner certs/ocsp/intermediate1-ca-cert.pem \
-rkey certs/ocsp/intermediate1-ca-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \
$@

8
certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
openssl ocsp -port 22221 -nmin 1 \
-index certs/ocsp/index-intermediate1-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \
$@

8
certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
openssl ocsp -port 22222 -nmin 1 \
-index certs/ocsp/index-intermediate2-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate2-ca-cert.pem \
$@

8
certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
openssl ocsp -port 22223 -nmin 1 \
-index certs/ocsp/index-intermediate3-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate3-ca-cert.pem \
$@

8
certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
openssl ocsp -port 22220 -nmin 1 \
-index certs/ocsp/index-ca-and-intermediate-cas.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/root-ca-cert.pem \
$@

8
certs/ocsp/ocspd0.sh
View File

@@ -1,8 +0,0 @@
#!/bin/sh
openssl ocsp -port 22220 -nmin 1 \
-index certs/ocsp/index0.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/root-ca-cert.pem \
$@

8
certs/ocsp/ocspd1.sh
View File

@@ -1,8 +0,0 @@
#!/bin/sh
openssl ocsp -port 22221 -nmin 1 \
-index certs/ocsp/index1.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \
$@

8
certs/ocsp/ocspd2.sh
View File

@@ -1,8 +0,0 @@
#!/bin/sh
openssl ocsp -port 22222 -nmin 1 \
-index certs/ocsp/index2.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate2-ca-cert.pem \
$@

8
certs/ocsp/ocspd3.sh
View File

@@ -1,8 +0,0 @@
#!/bin/sh
openssl ocsp -port 22223 -nmin 1 \
-index certs/ocsp/index3.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate3-ca-cert.pem \
$@

52
certs/renewcerts.sh
View File

@@ -16,6 +16,7 @@
# 1024/client-cert.pem
# server-ecc-comp.pem
# client-ca.pem
# test/digsigku.pem
# updates the following crls:
# crl/cliCrl.pem
# crl/crl.pem
@@ -53,6 +54,24 @@ function run_renewcerts(){
openssl x509 -in client-cert.pem -text > tmp.pem
mv tmp.pem client-cert.pem
############################################################
#### update the self-signed (3072-bit) client-cert.pem #####
############################################################
echo "Updating 3072-bit client-cert.pem"
echo ""
#pipe the following arguments to openssl req...
echo -e "US\nMontana\nBozeman\nwolfSSL_3072\nProgramming-3072\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -newkey rsa:3072 -keyout client-key-3072.pem -nodes -out client-cert-3072.csr
openssl x509 -req -in client-cert-3072.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey client-key-3072.pem -out client-cert-3072.pem
rm client-cert-3072.csr
openssl x509 -in client-cert-3072.pem -text > tmp.pem
mv tmp.pem client-cert-3072.pem
############################################################
#### update the self-signed (1024-bit) client-cert.pem #####
############################################################
@@ -128,6 +147,23 @@ function run_renewcerts(){
cat ca_tmp.pem >> server-revoked-cert.pem
rm ca_tmp.pem
###########################################################
########## update and sign server-duplicate-policy.pem ####
###########################################################
echo "Updating server-duplicate-policy.pem"
echo ""
#pipe the following arguments to openssl req...
echo -e "US\nMontana\nBozeman\nwolfSSL\ntesting duplicate policy\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-key.pem -nodes > ./test/server-duplicate-policy-req.pem
openssl x509 -req -in ./test/server-duplicate-policy-req.pem -extfile wolfssl.cnf -extensions policy_test -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > ./test/server-duplicate-policy.pem
rm ./test/server-duplicate-policy-req.pem
openssl x509 -in ca-cert.pem -text > ca_tmp.pem
openssl x509 -in ./test/server-duplicate-policy.pem -text > srv_tmp.pem
mv srv_tmp.pem ./test/server-duplicate-policy.pem
cat ca_tmp.pem >> ./test/server-duplicate-policy.pem
rm ca_tmp.pem
###########################################################
#### update and sign (1024-bit) server-cert.pem ###########
###########################################################
echo "Updating 1024-bit server-cert.pem"
@@ -208,6 +244,22 @@ function run_renewcerts(){
echo ""
cat client-cert.pem client-ecc-cert.pem > client-ca.pem
############################################################
###### update the self-signed test/digsigku.pem ##########
############################################################
echo "Updating test/digsigku.pem"
echo ""
#pipe the following arguments to openssl req...
echo -e "US\nWashington\nSeattle\nFoofarah\nArglebargle\nfoobarbaz\ninfo@worlss.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes -sha1 -out digsigku.csr
openssl x509 -req -in digsigku.csr -days 1000 -extfile wolfssl.cnf -extensions digsigku -signkey ecc-key.pem -sha1 -set_serial 16393466893990650224 -out digsigku.pem
rm digsigku.csr
openssl x509 -in digsigku.pem -text > tmp.pem
mv tmp.pem digsigku.pem
mv digsigku.pem test/digsigku.pem
############################################################
########## make .der files from .pem files #################
############################################################

22
certs/renewcerts/wolfssl.cnf
View File

@@ -148,6 +148,28 @@ subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
# Test of rejecting duplicate policy extension OIDs
[ policy_test ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints=CA:FALSE
certificatePolicies=1.2.3.4,@policy_add
[ policy_add ]
policyIdentifier=1.2.3.4
CPS.1="www.wolfssl.com"
userNotice.1=@policy_usr
[ policy_usr ]
explicitText="Test of duplicate OIDs with different qualifiers"
# create certificate without the digitalSignature bit set and uses sha1 sig
[ digsigku ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints=critical, CA:TRUE
keyUsage=critical, nonRepudiation, keyEncipherment
#tsa default
[ tsa ]
default_tsa = tsa_config1

BIN
certs/server-ecc-self.der Normal file
View File

Binary file not shown.

56
certs/server-ecc-self.pem Normal file
View File

@@ -0,0 +1,56 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ef:46:c7:a4:9b:bb:60:d3
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Aug 11 20:07:38 2016 GMT
Not After : May 8 20:07:38 2019 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92:
21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
0b:80:34:89:d8
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
X509v3 Authority Key Identifier:
keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:EF:46:C7:A4:9B:BB:60:D3
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:f1:d0:a6:3e:83:33:24:d1:7a:05:5f:1e:0e:
bd:7d:6b:33:e9:f2:86:f3:f3:3d:a9:ef:6a:87:31:b3:b7:7e:
50:02:21:00:f0:60:dd:ce:a2:db:56:ec:d9:f4:e4:e3:25:d4:
b0:c9:25:7d:ca:7a:5d:ba:c4:b2:f6:7d:04:c7:bd:62:c9:20
-----BEGIN CERTIFICATE-----
MIIDEDCCArWgAwIBAgIJAO9Gx6Sbu2DTMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTYwODEx
MjAwNzM4WhcNMTkwNTA4MjAwNzM4WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
f/DPGNqREQI0huggWDMLgDSJ2KOB9zCB9DAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
SiUCI++yiTAwgcQGA1UdIwSBvDCBuYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZWk
gZIwgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbYIJAO9Gx6Sbu2DTMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIh
APHQpj6DMyTRegVfHg69fWsz6fKG8/M9qe9qhzGzt35QAiEA8GDdzqLbVuzZ9OTj
JdSwySV9ynpdusSy9n0Ex71iySA=
-----END CERTIFICATE-----

BIN
certs/server-ecc.der Normal file → Executable file
View File

Binary file not shown.

68
certs/server-ecc.pem Normal file → Executable file
View File

@@ -1,13 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ef:46:c7:a4:9b:bb:60:d3
Serial Number: 4096 (0x1000)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Aug 11 20:07:38 2016 GMT
Not After : May 8 20:07:38 2019 GMT
Not Before: Oct 20 18:19:06 2017 GMT
Not After : Oct 18 18:19:06 2027 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -21,36 +20,43 @@ Certificate:
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
X509v3 Authority Key Identifier:
keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:EF:46:C7:A4:9B:BB:60:D3
keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:97:B4:BD:16:78:F8:47:F2
X509v3 Basic Constraints:
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:f1:d0:a6:3e:83:33:24:d1:7a:05:5f:1e:0e:
bd:7d:6b:33:e9:f2:86:f3:f3:3d:a9:ef:6a:87:31:b3:b7:7e:
50:02:21:00:f0:60:dd:ce:a2:db:56:ec:d9:f4:e4:e3:25:d4:
b0:c9:25:7d:ca:7a:5d:ba:c4:b2:f6:7d:04:c7:bd:62:c9:20
30:46:02:21:00:be:b8:58:f0:e4:15:01:1f:df:70:54:73:4a:
6c:40:1f:77:a8:b4:eb:52:1e:bf:f5:0d:b1:33:ca:6a:c4:76:
b9:02:21:00:97:08:de:2c:28:c1:45:71:b6:2c:54:87:98:63:
76:a8:21:34:90:a8:f7:9e:3f:fc:02:b0:e7:d3:09:31:27:e4
-----BEGIN CERTIFICATE-----
MIIDEDCCArWgAwIBAgIJAO9Gx6Sbu2DTMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTYwODEx
MjAwNzM4WhcNMTkwNTA4MjAwNzM4WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
f/DPGNqREQI0huggWDMLgDSJ2KOB9zCB9DAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
SiUCI++yiTAwgcQGA1UdIwSBvDCBuYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZWk
gZIwgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbYIJAO9Gx6Sbu2DTMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIh
APHQpj6DMyTRegVfHg69fWsz6fKG8/M9qe9qhzGzt35QAiEA8GDdzqLbVuzZ9OTj
JdSwySV9ynpdusSy9n0Ex71iySA=
MIIDUDCCAvWgAwIBAgICEAAwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE3MTAy
MDE4MTkwNloXDTI3MTAxODE4MTkwNlowgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGlj
MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
IX/wzxjakRECNIboIFgzC4A0idijggE1MIIBMTAJBgNVHRMEAjAAMBEGCWCGSAGG
+EIBAQQEAwIGQDAdBgNVHQ4EFgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgcwGA1Ud
IwSBxDCBwYAUVo6aw/BC3hi5RVVu+ZPP6sPzpSGhgZ2kgZowgZcxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3
LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA
l7S9Fnj4R/IwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoG
CCqGSM49BAMCA0kAMEYCIQC+uFjw5BUBH99wVHNKbEAfd6i061Iev/UNsTPKasR2
uQIhAJcI3iwowUVxtixUh5hjdqghNJCo954//AKw59MJMSfk
-----END CERTIFICATE-----

BIN
certs/server-keyPkcs8.der Normal file
View File

Binary file not shown.

18
certs/test/cert-ext-ia.cfg Normal file
View File

@@ -0,0 +1,18 @@
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
inhibitAnyPolicy = critical,1
nsComment = "Testing inhibit any"

BIN
certs/test/cert-ext-ia.der Normal file
View File

Binary file not shown.

18
certs/test/cert-ext-nc.cfg Normal file
View File

@@ -0,0 +1,18 @@
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
nameConstraints = critical,permitted;email:.wolfssl.com
nsComment = "Testing name constraints"

BIN
certs/test/cert-ext-nc.der Normal file
View File

Binary file not shown.

BIN
certs/test/cert-ext-ns.der Normal file
View File

Binary file not shown.

41
certs/test/digsigku.pem
View File

@@ -1,17 +1,16 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e3:81:4b:48:a5:70:61:70
Signature Algorithm: ecdsa-with-SHA1
Serial Number: 16393466893990650224 (0xe3814b48a5706170)
Signature Algorithm: ecdsa-with-SHA1
Issuer: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com
Validity
Not Before: Sep 10 00:45:36 2014 GMT
Not After : Jun 6 00:45:36 2017 GMT
Not Before: May 3 00:07:20 2017 GMT
Not After : Jan 28 00:07:20 2020 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
EC Public Key:
Public-Key: (256 bit)
pub:
04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
@@ -19,34 +18,40 @@ Certificate:
21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
0b:80:34:89:d8
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
X509v3 Authority Key Identifier:
keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
DirName:/C=US/ST=Washington/L=Seattle/O=Foofarah/OU=Arglebargle/CN=foobarbaz/emailAddress=info@worlss.com
serial:E3:81:4B:48:A5:70:61:70
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Non Repudiation, Key Encipherment
Signature Algorithm: ecdsa-with-SHA1
30:46:02:21:00:f4:36:ee:86:21:d5:c7:1f:2d:0d:bb:29:ae:
c1:74:ff:a3:ce:41:fe:cb:93:eb:ff:ef:fe:e3:4d:20:e5:18:
65:02:21:00:b1:39:13:12:e2:b5:19:f2:8f:5b:40:ac:7a:5c:
e2:a6:e3:d3:e6:9f:79:3c:29:d8:c6:7d:88:f4:60:0c:48:00
30:46:02:21:00:fe:d6:30:36:fb:43:39:51:d7:4a:02:24:5e:
b4:b1:11:e3:83:66:00:fc:24:12:1a:7e:a8:05:77:ca:f7:24:
2d:02:21:00:fb:59:c3:e9:6e:9b:f6:a2:46:0b:d8:ad:33:fb:
89:2d:80:d6:1d:68:1f:f7:d7:93:f1:0b:7a:6b:81:f5:af:62
-----BEGIN CERTIFICATE-----
MIICfTCCAiOgAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
MIIDKTCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYD
VQQKDAhGb29mYXJhaDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZv
b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTE0MDkx
MDAwNDUzNloXDTE3MDYwNjAwNDUzNlowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTE3MDUw
MzAwMDcyMFoXDTIwMDEyODAwMDcyMFowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhGb29mYXJh
aDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZvb2JhcmJhejEeMBwG
CSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFb
l5Ihf/DPGNqREQI0huggWDMLgDSJ2KNjMGEwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
K0olAiPvsokwMB8GA1UdIwQYMBaAFF1dJu+sfjb5m3YVK0olAiPvsokwMA8GA1Ud
EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgVgMAkGByqGSM49BAEDSQAwRgIhAPQ2
7oYh1ccfLQ27Ka7BdP+jzkH+y5Pr/+/+400g5RhlAiEAsTkTEuK1GfKPW0Cselzi
puPT5p95PCnYxn2I9GAMSAA=
l5Ihf/DPGNqREQI0huggWDMLgDSJ2KOCAQ0wggEJMB0GA1UdDgQWBBRdXSbvrH42
+Zt2FStKJQIj77KJMDCBxgYDVR0jBIG+MIG7gBRdXSbvrH42+Zt2FStKJQIj77KJ
MKGBl6SBlDCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAO
BgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEZvb2ZhcmFoMRQwEgYDVQQLDAtBcmds
ZWJhcmdsZTESMBAGA1UEAwwJZm9vYmFyYmF6MR4wHAYJKoZIhvcNAQkBFg9pbmZv
QHdvcmxzcy5jb22CCQDjgUtIpXBhcDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
/wQEAwIFYDAJBgcqhkjOPQQBA0kAMEYCIQD+1jA2+0M5UddKAiRetLER44NmAPwk
Ehp+qAV3yvckLQIhAPtZw+lum/aiRgvYrTP7iS2A1h1oH/fXk/ELemuB9a9i
-----END CERTIFICATE-----

69
certs/test/gen-ext-certs.sh Normal file
View File

@@ -0,0 +1,69 @@
#!/bin/sh
TMP="/tmp/`basename $0`"
gen_cert() {
openssl req -x509 -keyform DER -key certs/server-key.der \
-outform DER -out $OUT -config $CONFIG \
>$TMP 2>&1
if [ "$?" = "0" -a -f $OUT ]; then
echo "Created: $OUT"
else
cat $TMP
echo "Failed: $OUT"
fi
rm $TMP
}
OUT=certs/test/cert-ext-nc.der
KEYFILE=certs/test/cert-ext-nc-key.der
CONFIG=certs/test/cert-ext-nc.cfg
tee >$CONFIG <<EOF
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
nameConstraints = critical,permitted;email:.wolfssl.com
nsComment = "Testing name constraints"
EOF
gen_cert
OUT=certs/test/cert-ext-ia.der
KEYFILE=certs/test/cert-ext-ia-key.der
CONFIG=certs/test/cert-ext-ia.cfg
tee >$CONFIG <<EOF
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
inhibitAnyPolicy = critical,1
nsComment = "Testing inhibit any"
EOF
gen_cert

19
certs/test/include.am Normal file
View File

@@ -0,0 +1,19 @@
# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
certs/test/cert-ext-ia.cfg \
certs/test/cert-ext-ia.der \
certs/test/cert-ext-nc.cfg \
certs/test/cert-ext-nc.der \
certs/test/cert-ext-ns.der \
certs/test/gen-ext-certs.sh \
certs/test/server-duplicate-policy.pem
# The certs/server-cert with the last byte (signature byte) changed
EXTRA_DIST += \
certs/test/server-cert-rsa-badsig.der \
certs/test/server-cert-rsa-badsig.pem \
certs/test/server-cert-ecc-badsig.der \
certs/test/server-cert-ecc-badsig.pem

BIN
certs/test/server-cert-ecc-badsig.der Executable file
View File

Binary file not shown.

20
certs/test/server-cert-ecc-badsig.pem Executable file
View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDUDCCAvWgAwIBAgICEAAwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE3MTAy
MDE4MTkwNloXDTI3MTAxODE4MTkwNlowgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGlj
MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
IX/wzxjakRECNIboIFgzC4A0idijggE1MIIBMTAJBgNVHRMEAjAAMBEGCWCGSAGG
+EIBAQQEAwIGQDAdBgNVHQ4EFgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgcwGA1Ud
IwSBxDCBwYAUVo6aw/BC3hi5RVVu+ZPP6sPzpSGhgZ2kgZowgZcxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3
LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA
l7S9Fnj4R/IwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoG
CCqGSM49BAMCA0kAMEYCIQC+uFjw5BUBH99wVHNKbEAfd6i061Iev/UNsTPKasR2
uQIhAJcI3iwowUVxtixUh5hjdqghNJCo954//AKw59MJMSfl
-----END CERTIFICATE-----

BIN
certs/test/server-cert-rsa-badsig.der Normal file
View File

Binary file not shown.

27
certs/test/server-cert-rsa-badsig.pem Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTYwODEx
MjAwNzM3WhcNMTkwNTA4MjAwNzM3WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hn
f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X
GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM
QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq
0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ
6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU
sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj
s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h
MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK
Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tggkAt7aQM2YbayMwDAYDVR0TBAUwAwEB/zAN
BgkqhkiG9w0BAQsFAAOCAQEAUf4q3wd+Q8pmjRXEK9tXsgZtDZBm/6UknBTvgfKk
q5mpakkgpdJx5xw8mQfHR/zolrT1QjDOOQFL0cLovJWEh85VXZefz3jzVpulCG2s
9qVcxO8+KjmmSCYpey3gzaaMV0gLuzEywr/ZQ0xHJRiBqMkzgkGbumGG14STFyQl
NspNY2tPlXnYYOAe9azBiqGxfoWOhyAvCDGtXsZKyGH0ngceoiLtc3yF7vpi3FA2
qv3HnaoYBPvqzCxom7OpwpbYwcxafvcNngjgnSmLhEaP05Fqtbh6XMxPVQG4mkig
lEPKJUdSCvf0vrDRcW2lUkplULKtTh3gbAHY+0OA5uQMOA==
-----END CERTIFICATE-----

182
certs/test/server-duplicate-policy.pem Normal file
View File

@@ -0,0 +1,182 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Mar 10 20:37:22 2017 GMT
Not After : Dec 5 20:37:22 2019 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=testing duplicate policy, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75:
f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab:
64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e:
86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25:
4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c:
34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6:
8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc:
40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8:
dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3:
e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9:
64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0:
c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77:
ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4:
b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22:
a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f:
ad:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:9C:86:DC:5C:A7:73:35:83
X509v3 Basic Constraints:
CA:FALSE
X509v3 Certificate Policies:
Policy: 1.2.3.4
Policy: 1.2.3.4
CPS: www.wolfssl.com
User Notice:
Explicit Text: Test of duplicate OIDs with different qualifiers
Signature Algorithm: sha256WithRSAEncryption
82:59:1f:4c:a7:19:9f:e7:ab:cc:51:21:da:ef:4f:73:75:22:
6c:db:55:83:c4:35:c7:40:69:49:46:45:56:78:06:03:76:d8:
3b:6c:75:aa:2c:a5:c0:61:e8:5c:c0:2b:ed:66:a9:66:c0:b3:
37:83:23:c5:2c:b2:45:59:61:84:be:dd:44:72:00:7a:6b:f9:
50:89:31:66:a7:84:46:74:0f:bb:5b:05:0d:1f:2d:4d:b4:dc:
69:2c:e2:a0:fd:5e:93:14:c7:ce:a2:6e:50:61:8f:73:94:a0:
7a:65:e5:9d:76:f0:1b:1c:da:da:72:3e:f9:8c:4d:c0:4a:cb:
24:e8:40:51:a1:37:9c:e7:87:1a:0e:cd:a6:7f:54:39:65:5f:
63:64:04:60:5e:cc:1d:a6:71:78:1f:44:32:32:f9:27:0d:23:
75:95:01:0b:0d:f3:90:ec:e2:7e:df:0f:43:96:e4:32:c3:b4:
e2:df:87:12:97:a1:1e:f1:c8:73:fe:5e:ea:55:5c:f7:4b:88:
2e:31:6c:52:ff:b3:05:85:f7:fe:e7:ac:f6:74:a8:4f:8e:96:
88:5f:73:5a:f1:77:9d:b9:16:a3:53:e2:4a:5b:e2:5e:2b:88:
1c:a8:b8:ee:e2:ee:72:cb:b2:51:ab:c2:90:5f:15:df:1c:ff:
fd:0d:95:20
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTcwMzEw
MjAzNzIyWhcNMTkxMjA1MjAzNzIyWjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxITAf
BgNVBAsMGHRlc3RpbmcgZHVwbGljYXRlIHBvbGljeTEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8
JDC4lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh
5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4
c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPh
bV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KX
c+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQAB
o4IBcjCCAW4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSME
gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAJyG3Fyn
czWDMAkGA1UdEwQCMAAwdgYDVR0gBG8wbTAFBgMqAwQwZAYDKgMEMF0wGwYIKwYB
BQUHAgEWD3d3dy53b2xmc3NsLmNvbTA+BggrBgEFBQcCAjAyGjBUZXN0IG9mIGR1
cGxpY2F0ZSBPSURzIHdpdGggZGlmZmVyZW50IHF1YWxpZmllcnMwDQYJKoZIhvcN
AQELBQADggEBAIJZH0ynGZ/nq8xRIdrvT3N1ImzbVYPENcdAaUlGRVZ4BgN22Dts
daospcBh6FzAK+1mqWbAszeDI8UsskVZYYS+3URyAHpr+VCJMWanhEZ0D7tbBQ0f
LU203Gks4qD9XpMUx86iblBhj3OUoHpl5Z128Bsc2tpyPvmMTcBKyyToQFGhN5zn
hxoOzaZ/VDllX2NkBGBezB2mcXgfRDIy+ScNI3WVAQsN85Ds4n7fD0OW5DLDtOLf
hxKXoR7xyHP+XupVXPdLiC4xbFL/swWF9/7nrPZ0qE+Olohfc1rxd525FqNT4kpb
4l4riByouO7i7nLLslGrwpBfFd8c//0NlSA=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11278944607300433283 (0x9c86dc5ca7733583)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Mar 10 20:37:22 2017 GMT
Not After : Dec 5 20:37:22 2019 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:9C:86:DC:5C:A7:73:35:83
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
10:6b:75:29:65:17:7e:78:ae:85:2e:b7:a4:50:98:69:74:f9:
50:a1:8e:2c:9f:b0:43:66:a1:e0:42:32:38:15:5f:2e:cc:cc:
c4:b9:7c:b5:c2:bc:59:24:49:17:ad:1c:e4:6e:dc:70:e3:93:
fc:69:dd:04:7b:41:dd:08:f0:13:ee:2a:cb:6f:cf:af:d4:96:
3c:44:50:29:45:60:89:cd:ec:5f:c1:bb:b0:03:61:74:b3:29:
ad:df:e9:7c:d9:f2:18:22:45:e7:3d:d4:72:37:2c:b4:18:7d:
34:ca:55:00:0d:89:d0:f7:3e:81:4d:da:02:4c:2b:a6:61:4b:
bf:b1:ec:73:11:6a:53:a3:0a:0f:20:04:5d:17:67:b1:a6:a2:
37:a8:f5:ea:78:6d:00:8b:64:16:62:0a:6f:44:94:15:9e:4d:
15:0c:33:f0:ba:9d:e2:be:69:6f:12:9f:69:95:39:ba:97:9e:
c3:af:22:ad:f2:f2:3b:67:81:1a:99:d2:02:89:86:6d:8f:92:
98:32:dd:c1:fa:2e:38:03:2e:fc:02:a5:e7:b8:dc:94:3b:88:
15:4a:09:80:98:61:b4:5e:07:b5:87:57:f4:a0:91:5c:7e:89:
f5:89:16:f2:7a:15:52:1b:55:26:7c:59:d2:d0:23:e3:0e:12:
b1:99:f9:6b
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJAJyG3FynczWDMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNzAzMTAyMDM3MjJaFw0xOTEyMDUyMDM3MjJaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAnIbcXKdzNYMwDAYD
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAEGt1KWUXfniuhS63pFCYaXT5
UKGOLJ+wQ2ah4EIyOBVfLszMxLl8tcK8WSRJF60c5G7ccOOT/GndBHtB3QjwE+4q
y2/Pr9SWPERQKUVgic3sX8G7sANhdLMprd/pfNnyGCJF5z3UcjcstBh9NMpVAA2J
0Pc+gU3aAkwrpmFLv7HscxFqU6MKDyAEXRdnsaaiN6j16nhtAItkFmIKb0SUFZ5N
FQwz8Lqd4r5pbxKfaZU5upeew68irfLyO2eBGpnSAomGbY+SmDLdwfouOAMu/AKl
57jclDuIFUoJgJhhtF4HtYdX9KCRXH6J9YkW8noVUhtVJnxZ0tAj4w4SsZn5aw==
-----END CERTIFICATE-----