From 4d9dbc9ec3a4effcb164ec9a0fe0d1b10b57b86a Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 21 Jan 2020 22:16:54 -0800 Subject: [PATCH 1/5] Adds 3072-bit RSA tests using `USE_CERT_BUFFERS_3072`. --- certs/3072/client-cert.der | Bin 0 -> 1532 bytes certs/3072/client-cert.pem | 111 ++++++++++++ certs/3072/client-key.der | Bin 0 -> 1768 bytes certs/3072/client-key.pem | 39 +++++ certs/3072/include.am | 7 + certs/4096/include.am | 8 +- certs/include.am | 3 +- certs/renewcerts.sh | 24 +++ gencertbuf.pl | 3 +- wolfcrypt/src/sp_int.c | 3 +- wolfcrypt/test/test.c | 25 +-- wolfssl/certs_test.h | 343 +++++++++++++++++++++++++++++++++++++ 12 files changed, 548 insertions(+), 18 deletions(-) create mode 100644 certs/3072/client-cert.der create mode 100644 certs/3072/client-cert.pem create mode 100644 certs/3072/client-key.der create mode 100644 certs/3072/client-key.pem create mode 100644 certs/3072/include.am diff --git a/certs/3072/client-cert.der b/certs/3072/client-cert.der new file mode 100644 index 0000000000000000000000000000000000000000..1d3e14212b4c29148f675fd8aec36cbe632681e3 GIT binary patch literal 1532 zcmXqLV*O#z#FDUpnTe5!NkpHGeZ{sf?*t|~-+Smb^T>qCXCE&b@Un4gwRyCC=VfH% zW@RvFoM*^wz{$oO%EBhh6dG(OV893BaPYAE=I50p<|V>J*m>BU@~cvF6Y~s34TM2z zxOjNV^K;UIgMH$S4a|)UB@M(u!rVLp0Y&-gMTxn&nR)5DU?~X$F_0894}W=ixgJPY zadD1ba(=F%yn!s-L7a?Y0-1Sf`3^`54CKUljSLJ7jf@OTO$|*fqQrTPj0_D7Euh@N z?|~-9MaY59$jZRn#MsYZ(8Soq)Wq1xu*NbVqrc*Z!0e1^mmkgv%ZPGJdc4_jLuiBe zh7PgW52lyIJ5?4t-Jkq<)!cWw`K$J*PiQ$1d;E>(tC%#|f;qu4yB2PaIBC~6yT~?= ziHTuOYFN`^r7axsTJP`Ay71gEQZ1TWCOPr{)l4HvwmNwDU{gRKuQslPfUv~=QhyFXLdA_EUR7v9!h z9e?RSn0}lr(_ulK``;OF?QIP)HHtra;%C+T&hN~8b(OI!O{N0>a%b<~@$OMlyIP!n zfPMwfi(>zdtZQmZPX75N*R|n`(fRPR3nRKb`FF3BZCkywzc*ZRQ&ioOS7)|QtFpE@ zd+$NwpOb9;lcUb9)q1RJXBq3*%qY+Qu)gfL#;vgT`|qfkI_z6}++yt#wl$|-1in7- zBZEn2_Ck?8KN8!nhg~oJvU+!x;^hvdEzk4oCqCsn#^HJIm2gDSf>l;O&6r)oqkx^p&D$LkAg*{)jZsyw^ncdo~* zc3Yq9i|z0KZxKJZ^u{lfyEAPKyj>TGWOYnFrTQr5>aG`a-(SxtW1Zw7IZ3ec&_6*> z-)k59jb!4j9d$T16{X5NZDX3Ud9J~&NT-DxADrKL+S_KdlSpAeA_Kt?G@Tz=b74R?#8M=L8O>hS8mCb-F~^6w<`0BIqt=)-%%F1 zUHzO%Snv20$83jkOJN%{Z) literal 0 HcmV?d00001 diff --git a/certs/3072/client-cert.pem b/certs/3072/client-cert.pem new file mode 100644 index 000000000..4359a8817 --- /dev/null +++ b/certs/3072/client-cert.pem @@ -0,0 +1,111 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 2f:06:07:a8:b6:f4:ee:10:91:43:de:e1:46:99:c4:90:79:e6:f1:d1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Jan 22 05:51:48 2020 GMT + Not After : Oct 18 05:51:48 2022 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (3072 bit) + Modulus: + 00:ac:39:50:68:8f:78:f8:10:9b:68:96:d3:e1:9c: + 56:68:5a:41:62:e3:b3:41:b0:55:80:17:b0:88:16: + 9b:e0:97:74:5f:42:79:73:42:df:93:f3:aa:9d:ee: + 2d:6f:aa:bc:27:90:84:c0:5d:c7:ec:49:ea:5c:66: + 1d:70:9c:53:5c:ba:a1:b3:58:c9:3e:8e:9b:72:3d: + 6e:02:02:00:9c:65:56:82:a3:22:b4:08:5f:2a:ef: + df:9a:d0:e7:31:59:26:5b:0b:1c:63:61:ff:d5:69: + 32:19:06:7e:0f:40:3c:7a:1e:c8:fc:58:6c:64:ae: + 10:3d:a8:23:ff:8e:1a:ca:6a:82:e2:f9:01:64:2c: + 97:a0:1a:89:a0:74:d3:b6:05:11:f2:62:06:48:2a: + f7:66:ce:c1:85:e1:d2:27:ea:ca:12:a5:91:97:3e: + fc:94:06:59:51:c0:e7:13:b6:87:7b:5f:d2:c0:56: + 2f:5e:1d:02:c3:11:2c:df:f7:01:da:bd:85:54:35: + 32:5f:c5:c8:f9:7a:9f:89:f7:03:0e:7e:79:5d:04: + 82:35:10:fe:6d:9b:bf:b8:ee:e2:62:87:26:5e:2f: + 50:2f:78:0c:e8:73:4f:88:6a:d6:26:a4:c9:fc:fa: + 1e:8a:b0:f4:32:cf:57:cd:a1:58:8a:49:0f:bb:a9: + 1d:86:ab:b9:8f:8d:57:19:b2:5a:7e:a4:ea:cc:b7: + 96:7a:3b:38:cd:de:e0:61:fc:c9:06:8f:93:5a:ce: + ad:2a:e3:2d:3e:39:5d:41:83:01:1f:0f:e1:7f:76: + c7:28:da:56:ef:bf:dc:26:35:40:be:ad:c7:38:ad: + a4:06:ac:ca:e8:51:eb:c0:f8:68:02:2c:9b:a1:14: + bc:f8:61:86:d7:56:d7:73:f4:ab:bb:6a:21:d3:88: + 22:b4:e7:6f:7f:91:e5:0e:c6:08:49:de:ea:13:58: + 72:a0:aa:3a:f9:36:03:45:57:5e:87:d2:73:65:c4: + 8c:a3:ee:c9:d6:73:7c:96:41:93 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 3D:D1:84:C2:AF:B0:20:49:BC:74:87:41:38:AB:BA:D2:D4:0C:A3:A8 + X509v3 Authority Key Identifier: + keyid:3D:D1:84:C2:AF:B0:20:49:BC:74:87:41:38:AB:BA:D2:D4:0C:A3:A8 + DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_3072/OU=Programming-3072/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:2F:06:07:A8:B6:F4:EE:10:91:43:DE:E1:46:99:C4:90:79:E6:F1:D1 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Alternative Name: + DNS:example.com + Signature Algorithm: sha256WithRSAEncryption + 04:f5:e0:e5:75:6b:cf:ee:19:ef:3c:b5:b6:78:ce:b2:c3:f2: + 3e:0d:3f:b7:6d:59:7d:b6:7e:6a:91:0f:85:ac:ca:56:30:3c: + 3f:5d:30:10:7c:5e:7f:98:b2:9d:95:04:e1:ee:c0:9e:1b:01: + 39:cb:02:05:b9:9b:02:88:eb:d0:ad:06:d5:39:2d:24:e6:dc: + 4e:ce:8c:36:7d:b6:8e:1d:e8:b7:ef:ff:b4:17:c1:a5:d8:fa: + 34:dd:99:3d:30:4b:45:a2:14:6a:88:93:ca:25:e2:5c:d5:ba: + e8:9d:ef:d7:68:76:05:92:48:19:92:11:79:c2:fe:11:49:4d: + d6:d1:8f:32:1c:5f:3b:41:2c:08:b2:72:65:1c:e5:86:02:94: + b3:9d:30:da:59:42:a1:b0:1e:00:92:93:6e:0d:27:cf:df:d8: + cf:2b:cd:cb:8c:ff:b5:6f:83:92:27:00:58:59:a2:0b:91:b0: + 39:ca:a8:78:fd:83:56:4f:a1:6e:c3:e0:2b:ae:ef:3c:09:04: + f0:9b:5b:00:d3:ed:b6:06:f6:9c:da:af:61:68:8f:e3:2a:c3: + 85:20:66:2c:ac:dd:65:37:36:c2:2f:ba:b8:90:66:6e:9e:58: + a2:4b:d6:a7:30:c8:c9:6c:bd:13:40:a0:ca:59:7c:c5:86:9c: + 55:c5:68:c7:0c:7f:94:73:a5:4b:eb:f1:27:96:b5:f9:69:6b: + 2b:b6:62:d7:3a:0d:40:65:f0:0d:de:91:77:d4:f6:bb:13:7b: + 4a:55:8f:7e:49:65:89:37:46:05:2f:90:14:73:0d:2d:1e:a4: + d4:bb:4e:6d:29:da:79:6e:73:08:de:5f:27:dc:23:14:db:7b: + e7:02:13:2e:c7:94:19:f3:7d:2e:c4:8a:69:ba:f5:ba:62:c2: + 88:b5:cb:c7:92:a2:8a:e3:69:10:6e:c5:b8:b2:10:7e:b6:0c: + 71:2a:c3:e9:71:0c:a2:8b:9a:1d:2c:4e:21:68:53:51:6d:0c: + d2:b4:4b:50:4b:0a +-----BEGIN CERTIFICATE----- +MIIF+DCCBGCgAwIBAgIULwYHqLb07hCRQ97hRpnEkHnm8dEwDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1t +aW5nLTMwNzIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMDAxMjIwNTUxNDhaFw0yMjEwMTgwNTUx +NDhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFt +bWluZy0zMDcyMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK +AoIBgQCsOVBoj3j4EJtoltPhnFZoWkFi47NBsFWAF7CIFpvgl3RfQnlzQt+T86qd +7i1vqrwnkITAXcfsSepcZh1wnFNcuqGzWMk+jptyPW4CAgCcZVaCoyK0CF8q79+a +0OcxWSZbCxxjYf/VaTIZBn4PQDx6Hsj8WGxkrhA9qCP/jhrKaoLi+QFkLJegGomg +dNO2BRHyYgZIKvdmzsGF4dIn6soSpZGXPvyUBllRwOcTtod7X9LAVi9eHQLDESzf +9wHavYVUNTJfxcj5ep+J9wMOfnldBII1EP5tm7+47uJihyZeL1AveAzoc0+IatYm +pMn8+h6KsPQyz1fNoViKSQ+7qR2Gq7mPjVcZslp+pOrMt5Z6OzjN3uBh/MkGj5Na +zq0q4y0+OV1BgwEfD+F/dsco2lbvv9wmNUC+rcc4raQGrMroUevA+GgCLJuhFLz4 +YYbXVtdz9Ku7aiHTiCK0529/keUOxghJ3uoTWHKgqjr5NgNFV16H0nNlxIyj7snW +c3yWQZMCAwEAAaOCASowggEmMB0GA1UdDgQWBBQ90YTCr7AgSbx0h0E4q7rS1Ayj +qDCB3gYDVR0jBIHWMIHTgBQ90YTCr7AgSbx0h0E4q7rS1AyjqKGBpKSBoTCBnjEL +MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x +FTATBgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3 +MjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv +QHdvbGZzc2wuY29tghQvBgeotvTuEJFD3uFGmcSQeebx0TAMBgNVHRMEBTADAQH/ +MBYGA1UdEQQPMA2CC2V4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBgQAE9eDl +dWvP7hnvPLW2eM6yw/I+DT+3bVl9tn5qkQ+FrMpWMDw/XTAQfF5/mLKdlQTh7sCe +GwE5ywIFuZsCiOvQrQbVOS0k5txOzow2fbaOHei37/+0F8Gl2Po03Zk9MEtFohRq +iJPKJeJc1brone/XaHYFkkgZkhF5wv4RSU3W0Y8yHF87QSwIsnJlHOWGApSznTDa +WUKhsB4AkpNuDSfP39jPK83LjP+1b4OSJwBYWaILkbA5yqh4/YNWT6Fuw+Arru88 +CQTwm1sA0+22Bvac2q9haI/jKsOFIGYsrN1lNzbCL7q4kGZunliiS9anMMjJbL0T +QKDKWXzFhpxVxWjHDH+Uc6VL6/EnlrX5aWsrtmLXOg1AZfAN3pF31Pa7E3tKVY9+ +SWWJN0YFL5AUcw0tHqTUu05tKdp5bnMI3l8n3CMU23vnAhMux5QZ830uxIppuvW6 +YsKItcvHkqKK42kQbsW4shB+tgxxKsPpcQyii5odLE4haFNRbQzStEtQSwo= +-----END CERTIFICATE----- diff --git a/certs/3072/client-key.der b/certs/3072/client-key.der new file mode 100644 index 0000000000000000000000000000000000000000..be253d2f009f91cda20f85d30285f793b7faccf3 GIT binary patch literal 1768 zcmXqLVtc~G$iURZ*vPQPG9aVB;)lTOjA@r2&I!wia!h)>*>OW?gZPFHvDpu%m&7|& z7CYUa{CU;fce?qj_NY&2IS_mNjpwVFG}(eV!7;lQZjLx<*EhS!HjjykVNPmT(_*D9 z9PwK3@6WpM+%Qrtnp-A0@&DCKBT2S8eg~T>xf6dPa#Gd_*sf6i-zRk{tLf2C#uT0D z3#2+1lw97%D)=dh%|q*Z+PQ)6aF&;PK#?6}6Qu=o4#sF^zKTYKDM?Gm;%r(OiUKJX)hNoV##kv%^W z+pdRQFaEN6cb4Mi4y7&6^Xn%*C%unVJ|I93)F_e?8^lxs3OIsLpS1-rXl(`J_6hE`9UviLF!4$3wZS%L`=c z&=3u*P?~n*R3)7ac>)ks$b+T&Ns)Vv$VdLd~7#!)f5G5_4X_? z$C|5O8fCaGUyCeX#%LbkarIdEENMn2`34hL&S(1#CAUA^b?dd%hO=LnO-x>+@udG% z-8U|;LdB&Y3wWh(7NnGf>(764WwO}ucRvoy5Au>Tyt~(n=HMz zPj=nE@bR-vPRsr6QB%&})P418%Y})0<)RY2*}JrOK2Dl@jfHia#i0kwbyI%a=dqgH z{IH`rK7GP`?FR{crwoKo%|BnAd*kf8pVRKfeQ`hO^Q^z#Sj)m-{Z+3@ceXRrTr_(U zv^kDnxP17iPI6BBrFB|M+Mbt{Ot{Emo+9;@HJNnLhaIX(dAqnakq8XA6uDU++m%?A^){utDa_e(GSxT$`UfXd=^c+ zqxHAM_^Gfi_o?*g?3Iz_()o9D=6%&J-5;;@Z%HRVJj*#fMP&6W?i-I*XeFCYcvt`G z+|u{;tJ~dYyPD3r)$`?Y7x(OEuO{tgeYnQX^!D3S*=>_vYgYcSKNR6$l-3>=@PEJE z-j`GM8}4h@eV-!7mu@v@%B^Ug9@}?w&rZ7Mz?5osQu=G1AN!Vi5k6+UwhylHcNV=k z-VE}?skck*BiHz>U9HSCwPC?}Q}Nr+>x&$9VzxN9x)sllck46@3%3gN_Wqi7SF~dG`?ul~@9=9Qj3oRZcdFsHj+#N=6m&C>0SvfP!EW4)ZJ>Wx3x%}d_9E&iwbaxTw;jZBRP z@{fJ7yS4V)#ela8UUs(U9FG))h5*j?a z%=X_as@r(^t89w6+Ed%~O7U-R{`iZ#)7s{4sh3t`G;Y70RsU_)_JdPigQ8(W zu0jTHO{41-Jtek3$G4qv(Bb`8dsP2kW6-Tb_Uj*bOKs(eOmN+h%4~a6=6_(|B@06> z$&h42*(1-q)}6Tg^5J`%hw=u?s`j3HbSddl)XTD!HLE3s+k2NLE;9>nw@!(iyK8=W zQC3^aG7dw>%O0H8aXIl}q4jI)4ynKE`e+{b-LqkFYKh?8<@OMLn^>2T0WBrqx5qw`)T0Thx`C;>ve(k?4 zdd*I4VRc)7*c|0Kz1N86`l{s{UM|VH$auS5>-+sThnQnSSELnJu3Wu$eWv+8$F0Ge zHyzm6VDju?^}6)qpTqwN?WtH*%Dbj=f{5q8?7+uQ+%^gLvStZ2X!Tn<@mZ^A2gH6} zUa#NO**^bAwH#|+X)}vynipHR?Vl#|>BjFl0)38Eckjx+Uz+~r t-(uaBe?Px7{jz+|&%!f155z}A@0FT&oFl#FcwqFt$3OPT9lxY89RRM+Y;^zt literal 0 HcmV?d00001 diff --git a/certs/3072/client-key.pem b/certs/3072/client-key.pem new file mode 100644 index 000000000..24de8ddb2 --- /dev/null +++ b/certs/3072/client-key.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEArDlQaI94+BCbaJbT4ZxWaFpBYuOzQbBVgBewiBab4Jd0X0J5 +c0Lfk/Oqne4tb6q8J5CEwF3H7EnqXGYdcJxTXLqhs1jJPo6bcj1uAgIAnGVWgqMi +tAhfKu/fmtDnMVkmWwscY2H/1WkyGQZ+D0A8eh7I/FhsZK4QPagj/44aymqC4vkB +ZCyXoBqJoHTTtgUR8mIGSCr3Zs7BheHSJ+rKEqWRlz78lAZZUcDnE7aHe1/SwFYv +Xh0CwxEs3/cB2r2FVDUyX8XI+XqfifcDDn55XQSCNRD+bZu/uO7iYocmXi9QL3gM +6HNPiGrWJqTJ/PoeirD0Ms9XzaFYikkPu6kdhqu5j41XGbJafqTqzLeWejs4zd7g +YfzJBo+TWs6tKuMtPjldQYMBHw/hf3bHKNpW77/cJjVAvq3HOK2kBqzK6FHrwPho +AiyboRS8+GGG11bXc/Sru2oh04gitOdvf5HlDsYISd7qE1hyoKo6+TYDRVdeh9Jz +ZcSMo+7J1nN8lkGTAgMBAAECggGAQBl02/XKSEmmDd9VLPtLDbvJ6kxlQ2Wl7O7k +PUJs8cJtBadwHH4fSKnALtefAZjCPteDETXWWxOHrqwy+N62CCVOWboJ7MaXBIXo +k8a7A3qUIDsnh2o2QXzV9IEcCznrFKemATdQSNXGV5obAQIfgDRFCea/MRm34bra +6xqwzfWmkWOsKOSP6n72CkpxIaXxcA0b2XBkdFcvn+zUkxbH7vjAn1JKH63dQJhT +aPreogSgJAXvy09w37lcwl7kyc0PXkt3u4RpVJhBt5wOONj385/v5Zu2S9Z6ZfVp ++sITcGwopCms2b/sai7t5Lrf0PHzPGyE37dalM/ZLerqtNCRLncVGA1ruioM8ZKd +1gQFtjjC4KctZPjfDDqTg+GIg19nkJ8r4GCOyjATyp/Pe23Yze75lt1e9EfJTOaP +fzMqODCv1Up5RwbMlkQpjGArCMfQ08PFLGNsh9KuKqSG53Z0kNEEN2Qa7QjZmAca +mAuJmaSwjBoQ6+z07jzEAMwwnEMBAoHBANlD9ix4JtLnFacKiF7bLa/GqW9ziDtq +CB/1gLUuKYty+DXIIxgcDQ44grtbL7RcTiQFp0x5SImNHB0KLP7Zmd8lii346y/a +G2PhzQmXZBSr6gvY4qgqYzWQ7n/qzqXvf6uHR5tFNZrajPTTigub5uqSuwXhrD41 +2+1lHbaS6yl5+D/CWEAyZodWUP+/Pr3plL8xvoct72QeDmc6nJTaWwyMPe6dzZLe +QAJlNskb9X5OB7R/FA4DLobwRV/coujHgwKBwQDK7aU/WaxMrasjApWAoK81F9vn +f3JBLFy0Q4VGc59Y6UCL7LDvhkwx3shsdHWi22X0UMaZonDetiLCARVJE6DiIHhE +7B9CsyUJznUTdTYRRyw8FR/wVNUYrmEHrD2DRgOMv2MmqBl8/94geNDacC69+pbd +FXib7+0XkG8UNVCOHXiwiqBTEBVkzEcFtsZIwF20SxpfuJ51zcNkZogQnIuHFDTm +YDylt4EdC3mTXUpCen8z8D6eY722X/lHpwpJcLECgcBvxvQ+2q32sWbFYrjYPGEb +3tRK/6BmGN4HOzI1hINhOAwU91t+yue4mkBADeDUJO0awUHaKUe1ZMDC+/o8P01X +raOSlU7Cdq7Cy2fGeHnH3M5zu+iYZf5Wj7L0YqRgYIBJija/3nJ+sdP1HWQXJuU9 +Z7IKi5knBGSalPwdcybDVvnuK5llpchz9meDvCuWXzbkyr3gJDTWSFRWraPjPRe8 +s+Yk/lDGL8u0r8fo3ZaGnbR/GyYBM4fban/2mrfBlOsCgcEAsG0gaA18gUXULiIG +/Me2zEAsDf59xS/egVLawj+v4EsatQxZYEWwZQM92Rz/UVHSODEqGVRjMR3E5kqu +yNPp4e884R8wpnq9zuLSYtJa6XapfKsZE4eNpWGmNleHO2RZnbqfZ3JqhoSmCDFB +00gJO15sX1ZVf61+wifuivE3UfdJgKNldBHdp776WHtptMKaNS++hE4sZls4b0e9 +MEQKAqyMuWYeFC2QcUIStw46i8WYZf2PU4F/5NlYDvWpOeRhAoHBALOUjyv9hC6D +QoZWfrX4PMUMy70yDNeqp7DppGrRAduHKvff7MIDXVWoZnN5qau9r2k3/kG1U7Oy +wLGANObhe65nx/NX/hK8eKp1Dax5kBRJ/mtR4+RGshBNBWoSgCqPOUIOOyQrUF3z +p38vgomHn/h7HgVudYMENWZKBlc5qyELlEFqKsfemEWPlhzy2PucEI5Bet3dHe+l +Z+z+oy2p/fPuNfSnvPlxzLnAX1hbvRqexwhnfMdRW77j+L4ex9Iolw== +-----END RSA PRIVATE KEY----- diff --git a/certs/3072/include.am b/certs/3072/include.am new file mode 100644 index 000000000..524dc0277 --- /dev/null +++ b/certs/3072/include.am @@ -0,0 +1,7 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + certs/3072/client-cert.pem \ + certs/3072/client-key.pem diff --git a/certs/4096/include.am b/certs/4096/include.am index 0c8305299..e0d7b5968 100644 --- a/certs/4096/include.am +++ b/certs/4096/include.am @@ -3,7 +3,7 @@ # EXTRA_DIST += \ - certs/4096/client-cert.pem \ - certs/4096/client-key.pem - - + certs/4096/client-cert.der \ + certs/4096/client-cert.pem \ + certs/4096/client-key.der \ + certs/4096/client-key.pem diff --git a/certs/include.am b/certs/include.am index 728adf8e4..4e6f6df09 100644 --- a/certs/include.am +++ b/certs/include.am @@ -64,7 +64,7 @@ EXTRA_DIST += \ certs/dh2048.der \ certs/dh3072.der \ certs/rsa2048.der \ - certs/rsa-pub-2048.pem \ + certs/rsa-pub-2048.pem \ certs/rsa3072.der \ certs/dsa2048.der \ certs/dsa3072.der \ @@ -100,6 +100,7 @@ dist_doc_DATA+= certs/taoCert.txt EXTRA_DIST+= certs/ntru-key.raw include certs/1024/include.am +include certs/3072/include.am include certs/4096/include.am include certs/crl/include.am include certs/ecc/include.am diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 662bc4b3e..93d232f0f 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -165,6 +165,29 @@ run_renewcerts(){ mv ./1024/tmp.pem ./1024/client-cert.pem echo "End of section" echo "---------------------------------------------------------------------" + ############################################################ + #### update the self-signed (3072-bit) client-cert.pem ##### + ############################################################ + echo "Updating 3072-bit client-cert.pem" + echo "" + #pipe the following arguments to openssl req... + echo -e "US\\nMontana\\nBozeman\\nwolfSSL_3072\\nProgramming-3072\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ./3072/client-key.pem -config ./wolfssl.cnf -nodes -out ./3072/client-cert.csr + check_result $? "Step 1" + + openssl x509 -req -in ./3072/client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ./3072/client-key.pem -out ./3072/client-cert.pem + check_result $? "Step 2" + rm ./3072/client-cert.csr + + openssl x509 -in ./3072/client-cert.pem -text > ./3072/tmp.pem + check_result $? "Step 3" + mv ./3072/tmp.pem ./3072/client-cert.pem + + openssl x509 -in ./3072/client-key.pem -outform der -out ./3072/client-key.der + openssl x509 -in ./3072/client-cert.pem -outform der -out ./3072/client-cert.der + + echo "End of section" + echo "---------------------------------------------------------------------" + ############################################################ #### update the self-signed (4096-bit) client-cert.pem ##### ############################################################ @@ -184,6 +207,7 @@ run_renewcerts(){ mv ./4096/tmp.pem ./4096/client-cert.pem echo "End of section" echo "---------------------------------------------------------------------" + ############################################################ ########## update the self-signed ca-cert.pem ############## ############################################################ diff --git a/gencertbuf.pl b/gencertbuf.pl index 6891f1fb0..65880c318 100755 --- a/gencertbuf.pl +++ b/gencertbuf.pl @@ -81,6 +81,8 @@ my @fileList_3072 = ( [ "./certs/dh3072.der", "dh_key_der_3072" ], [ "./certs/dsa3072.der", "dsa_key_der_3072" ], [ "./certs/rsa3072.der", "rsa_key_der_3072" ], + [ "./certs/3072/client-key.der", "client_key_der_3072" ], + [ "./certs/3072/client-cert.der", "client_cert_der_3072" ], ); # ---------------------------------------------------------------------------- @@ -249,4 +251,3 @@ sub file_to_hex { close($fp); } - diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index f9a957cbe..91e7c9e38 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -931,7 +931,7 @@ int sp_set_int(sp_int* a, unsigned long b) } else { a->used = 1; - a->dp[0] = b; + a->dp[0] = (sp_int_digit)b; } return MP_OKAY; @@ -2127,4 +2127,3 @@ word32 CheckRunTimeSettings(void) } #endif /* WOLFSSL_SP_MATH */ - diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 01cc17585..fdb5be3b4 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -221,7 +221,7 @@ #if defined(NO_FILESYSTEM) #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ - !defined(USE_CERT_BUFFERS_4096) + !defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096) #define USE_CERT_BUFFERS_2048 #endif #if !defined(USE_CERT_BUFFERS_256) @@ -1518,11 +1518,7 @@ int asn_test(void) const byte* datePart; #ifndef NO_ASN_TIME struct tm timearg; - #ifdef WORD64_AVAILABLE - word64 now; - #else - word32 now; - #endif + time_t now; #endif ret = wc_GetDateInfo(dateBuf, (int)sizeof(dateBuf), &datePart, &format, @@ -9280,7 +9276,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) /* Generated Test Certs */ #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ - !defined(NO_ASN) + !defined(USE_CERT_BUFFERS_3072) && !defined(NO_ASN) #ifndef NO_RSA static const char* clientKey = CERT_ROOT "client-key.der"; static const char* clientCert = CERT_ROOT "client-cert.der"; @@ -10663,7 +10659,7 @@ done: } #endif -#define RSA_TEST_BYTES 256 +#define RSA_TEST_BYTES 384 #ifdef WC_RSA_PSS static int rsa_pss_test(WC_RNG* rng, RsaKey* key) @@ -11815,8 +11811,8 @@ int rsa_test(void) #ifndef NO_SIG_WRAPPER int modLen; #endif -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) \ - && !defined(NO_FILESYSTEM) +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + !defined(USE_CERT_BUFFERS_3072) && !defined(NO_FILESYSTEM) XFILE file; XFILE file2; #endif @@ -11859,6 +11855,10 @@ int rsa_test(void) bytes = (size_t)sizeof_client_key_der_2048; if (bytes < (size_t)sizeof_client_cert_der_2048) bytes = (size_t)sizeof_client_cert_der_2048; +#elif defined(USE_CERT_BUFFERS_3072) + bytes = (size_t)sizeof_client_key_der_3072; + if (bytes < (size_t)sizeof_client_cert_der_3072) + bytes = (size_t)sizeof_client_cert_der_3072; #else bytes = FOURK_BUF; #endif @@ -11876,6 +11876,8 @@ int rsa_test(void) XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024); #elif defined(USE_CERT_BUFFERS_2048) XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048); +#elif defined(USE_CERT_BUFFERS_3072) + XMEMCPY(tmp, client_key_der_3072, (size_t)sizeof_client_key_der_3072); #elif !defined(NO_FILESYSTEM) file = XFOPEN(clientKey, "rb"); if (!file) { @@ -12440,6 +12442,9 @@ int rsa_test(void) #elif defined(USE_CERT_BUFFERS_2048) XMEMCPY(tmp, client_cert_der_2048, (size_t)sizeof_client_cert_der_2048); bytes = (size_t)sizeof_client_cert_der_2048; +#elif defined(USE_CERT_BUFFERS_3072) + XMEMCPY(tmp, client_cert_der_3072, (size_t)sizeof_client_cert_der_3072); + bytes = (size_t)sizeof_client_cert_der_3072; #elif !defined(NO_FILESYSTEM) file2 = XFOPEN(clientCert, "rb"); if (!file2) { diff --git a/wolfssl/certs_test.h b/wolfssl/certs_test.h index deefb57e2..c46ea066e 100644 --- a/wolfssl/certs_test.h +++ b/wolfssl/certs_test.h @@ -2308,6 +2308,349 @@ static const unsigned char rsa_key_der_3072[] = }; static const int sizeof_rsa_key_der_3072 = sizeof(rsa_key_der_3072); +/* ./certs/3072/client-key.der, 3072-bit */ +static const unsigned char client_key_der_3072[] = +{ + 0x30, 0x82, 0x06, 0xE4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x81, 0x00, 0xAC, 0x39, 0x50, 0x68, 0x8F, 0x78, 0xF8, 0x10, + 0x9B, 0x68, 0x96, 0xD3, 0xE1, 0x9C, 0x56, 0x68, 0x5A, 0x41, + 0x62, 0xE3, 0xB3, 0x41, 0xB0, 0x55, 0x80, 0x17, 0xB0, 0x88, + 0x16, 0x9B, 0xE0, 0x97, 0x74, 0x5F, 0x42, 0x79, 0x73, 0x42, + 0xDF, 0x93, 0xF3, 0xAA, 0x9D, 0xEE, 0x2D, 0x6F, 0xAA, 0xBC, + 0x27, 0x90, 0x84, 0xC0, 0x5D, 0xC7, 0xEC, 0x49, 0xEA, 0x5C, + 0x66, 0x1D, 0x70, 0x9C, 0x53, 0x5C, 0xBA, 0xA1, 0xB3, 0x58, + 0xC9, 0x3E, 0x8E, 0x9B, 0x72, 0x3D, 0x6E, 0x02, 0x02, 0x00, + 0x9C, 0x65, 0x56, 0x82, 0xA3, 0x22, 0xB4, 0x08, 0x5F, 0x2A, + 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, 0x31, 0x59, 0x26, 0x5B, 0x0B, + 0x1C, 0x63, 0x61, 0xFF, 0xD5, 0x69, 0x32, 0x19, 0x06, 0x7E, + 0x0F, 0x40, 0x3C, 0x7A, 0x1E, 0xC8, 0xFC, 0x58, 0x6C, 0x64, + 0xAE, 0x10, 0x3D, 0xA8, 0x23, 0xFF, 0x8E, 0x1A, 0xCA, 0x6A, + 0x82, 0xE2, 0xF9, 0x01, 0x64, 0x2C, 0x97, 0xA0, 0x1A, 0x89, + 0xA0, 0x74, 0xD3, 0xB6, 0x05, 0x11, 0xF2, 0x62, 0x06, 0x48, + 0x2A, 0xF7, 0x66, 0xCE, 0xC1, 0x85, 0xE1, 0xD2, 0x27, 0xEA, + 0xCA, 0x12, 0xA5, 0x91, 0x97, 0x3E, 0xFC, 0x94, 0x06, 0x59, + 0x51, 0xC0, 0xE7, 0x13, 0xB6, 0x87, 0x7B, 0x5F, 0xD2, 0xC0, + 0x56, 0x2F, 0x5E, 0x1D, 0x02, 0xC3, 0x11, 0x2C, 0xDF, 0xF7, + 0x01, 0xDA, 0xBD, 0x85, 0x54, 0x35, 0x32, 0x5F, 0xC5, 0xC8, + 0xF9, 0x7A, 0x9F, 0x89, 0xF7, 0x03, 0x0E, 0x7E, 0x79, 0x5D, + 0x04, 0x82, 0x35, 0x10, 0xFE, 0x6D, 0x9B, 0xBF, 0xB8, 0xEE, + 0xE2, 0x62, 0x87, 0x26, 0x5E, 0x2F, 0x50, 0x2F, 0x78, 0x0C, + 0xE8, 0x73, 0x4F, 0x88, 0x6A, 0xD6, 0x26, 0xA4, 0xC9, 0xFC, + 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, 0x32, 0xCF, 0x57, 0xCD, 0xA1, + 0x58, 0x8A, 0x49, 0x0F, 0xBB, 0xA9, 0x1D, 0x86, 0xAB, 0xB9, + 0x8F, 0x8D, 0x57, 0x19, 0xB2, 0x5A, 0x7E, 0xA4, 0xEA, 0xCC, + 0xB7, 0x96, 0x7A, 0x3B, 0x38, 0xCD, 0xDE, 0xE0, 0x61, 0xFC, + 0xC9, 0x06, 0x8F, 0x93, 0x5A, 0xCE, 0xAD, 0x2A, 0xE3, 0x2D, + 0x3E, 0x39, 0x5D, 0x41, 0x83, 0x01, 0x1F, 0x0F, 0xE1, 0x7F, + 0x76, 0xC7, 0x28, 0xDA, 0x56, 0xEF, 0xBF, 0xDC, 0x26, 0x35, + 0x40, 0xBE, 0xAD, 0xC7, 0x38, 0xAD, 0xA4, 0x06, 0xAC, 0xCA, + 0xE8, 0x51, 0xEB, 0xC0, 0xF8, 0x68, 0x02, 0x2C, 0x9B, 0xA1, + 0x14, 0xBC, 0xF8, 0x61, 0x86, 0xD7, 0x56, 0xD7, 0x73, 0xF4, + 0xAB, 0xBB, 0x6A, 0x21, 0xD3, 0x88, 0x22, 0xB4, 0xE7, 0x6F, + 0x7F, 0x91, 0xE5, 0x0E, 0xC6, 0x08, 0x49, 0xDE, 0xEA, 0x13, + 0x58, 0x72, 0xA0, 0xAA, 0x3A, 0xF9, 0x36, 0x03, 0x45, 0x57, + 0x5E, 0x87, 0xD2, 0x73, 0x65, 0xC4, 0x8C, 0xA3, 0xEE, 0xC9, + 0xD6, 0x73, 0x7C, 0x96, 0x41, 0x93, 0x02, 0x03, 0x01, 0x00, + 0x01, 0x02, 0x82, 0x01, 0x80, 0x40, 0x19, 0x74, 0xDB, 0xF5, + 0xCA, 0x48, 0x49, 0xA6, 0x0D, 0xDF, 0x55, 0x2C, 0xFB, 0x4B, + 0x0D, 0xBB, 0xC9, 0xEA, 0x4C, 0x65, 0x43, 0x65, 0xA5, 0xEC, + 0xEE, 0xE4, 0x3D, 0x42, 0x6C, 0xF1, 0xC2, 0x6D, 0x05, 0xA7, + 0x70, 0x1C, 0x7E, 0x1F, 0x48, 0xA9, 0xC0, 0x2E, 0xD7, 0x9F, + 0x01, 0x98, 0xC2, 0x3E, 0xD7, 0x83, 0x11, 0x35, 0xD6, 0x5B, + 0x13, 0x87, 0xAE, 0xAC, 0x32, 0xF8, 0xDE, 0xB6, 0x08, 0x25, + 0x4E, 0x59, 0xBA, 0x09, 0xEC, 0xC6, 0x97, 0x04, 0x85, 0xE8, + 0x93, 0xC6, 0xBB, 0x03, 0x7A, 0x94, 0x20, 0x3B, 0x27, 0x87, + 0x6A, 0x36, 0x41, 0x7C, 0xD5, 0xF4, 0x81, 0x1C, 0x0B, 0x39, + 0xEB, 0x14, 0xA7, 0xA6, 0x01, 0x37, 0x50, 0x48, 0xD5, 0xC6, + 0x57, 0x9A, 0x1B, 0x01, 0x02, 0x1F, 0x80, 0x34, 0x45, 0x09, + 0xE6, 0xBF, 0x31, 0x19, 0xB7, 0xE1, 0xBA, 0xDA, 0xEB, 0x1A, + 0xB0, 0xCD, 0xF5, 0xA6, 0x91, 0x63, 0xAC, 0x28, 0xE4, 0x8F, + 0xEA, 0x7E, 0xF6, 0x0A, 0x4A, 0x71, 0x21, 0xA5, 0xF1, 0x70, + 0x0D, 0x1B, 0xD9, 0x70, 0x64, 0x74, 0x57, 0x2F, 0x9F, 0xEC, + 0xD4, 0x93, 0x16, 0xC7, 0xEE, 0xF8, 0xC0, 0x9F, 0x52, 0x4A, + 0x1F, 0xAD, 0xDD, 0x40, 0x98, 0x53, 0x68, 0xFA, 0xDE, 0xA2, + 0x04, 0xA0, 0x24, 0x05, 0xEF, 0xCB, 0x4F, 0x70, 0xDF, 0xB9, + 0x5C, 0xC2, 0x5E, 0xE4, 0xC9, 0xCD, 0x0F, 0x5E, 0x4B, 0x77, + 0xBB, 0x84, 0x69, 0x54, 0x98, 0x41, 0xB7, 0x9C, 0x0E, 0x38, + 0xD8, 0xF7, 0xF3, 0x9F, 0xEF, 0xE5, 0x9B, 0xB6, 0x4B, 0xD6, + 0x7A, 0x65, 0xF5, 0x69, 0xFA, 0xC2, 0x13, 0x70, 0x6C, 0x28, + 0xA4, 0x29, 0xAC, 0xD9, 0xBF, 0xEC, 0x6A, 0x2E, 0xED, 0xE4, + 0xBA, 0xDF, 0xD0, 0xF1, 0xF3, 0x3C, 0x6C, 0x84, 0xDF, 0xB7, + 0x5A, 0x94, 0xCF, 0xD9, 0x2D, 0xEA, 0xEA, 0xB4, 0xD0, 0x91, + 0x2E, 0x77, 0x15, 0x18, 0x0D, 0x6B, 0xBA, 0x2A, 0x0C, 0xF1, + 0x92, 0x9D, 0xD6, 0x04, 0x05, 0xB6, 0x38, 0xC2, 0xE0, 0xA7, + 0x2D, 0x64, 0xF8, 0xDF, 0x0C, 0x3A, 0x93, 0x83, 0xE1, 0x88, + 0x83, 0x5F, 0x67, 0x90, 0x9F, 0x2B, 0xE0, 0x60, 0x8E, 0xCA, + 0x30, 0x13, 0xCA, 0x9F, 0xCF, 0x7B, 0x6D, 0xD8, 0xCD, 0xEE, + 0xF9, 0x96, 0xDD, 0x5E, 0xF4, 0x47, 0xC9, 0x4C, 0xE6, 0x8F, + 0x7F, 0x33, 0x2A, 0x38, 0x30, 0xAF, 0xD5, 0x4A, 0x79, 0x47, + 0x06, 0xCC, 0x96, 0x44, 0x29, 0x8C, 0x60, 0x2B, 0x08, 0xC7, + 0xD0, 0xD3, 0xC3, 0xC5, 0x2C, 0x63, 0x6C, 0x87, 0xD2, 0xAE, + 0x2A, 0xA4, 0x86, 0xE7, 0x76, 0x74, 0x90, 0xD1, 0x04, 0x37, + 0x64, 0x1A, 0xED, 0x08, 0xD9, 0x98, 0x07, 0x1A, 0x98, 0x0B, + 0x89, 0x99, 0xA4, 0xB0, 0x8C, 0x1A, 0x10, 0xEB, 0xEC, 0xF4, + 0xEE, 0x3C, 0xC4, 0x00, 0xCC, 0x30, 0x9C, 0x43, 0x01, 0x02, + 0x81, 0xC1, 0x00, 0xD9, 0x43, 0xF6, 0x2C, 0x78, 0x26, 0xD2, + 0xE7, 0x15, 0xA7, 0x0A, 0x88, 0x5E, 0xDB, 0x2D, 0xAF, 0xC6, + 0xA9, 0x6F, 0x73, 0x88, 0x3B, 0x6A, 0x08, 0x1F, 0xF5, 0x80, + 0xB5, 0x2E, 0x29, 0x8B, 0x72, 0xF8, 0x35, 0xC8, 0x23, 0x18, + 0x1C, 0x0D, 0x0E, 0x38, 0x82, 0xBB, 0x5B, 0x2F, 0xB4, 0x5C, + 0x4E, 0x24, 0x05, 0xA7, 0x4C, 0x79, 0x48, 0x89, 0x8D, 0x1C, + 0x1D, 0x0A, 0x2C, 0xFE, 0xD9, 0x99, 0xDF, 0x25, 0x8A, 0x2D, + 0xF8, 0xEB, 0x2F, 0xDA, 0x1B, 0x63, 0xE1, 0xCD, 0x09, 0x97, + 0x64, 0x14, 0xAB, 0xEA, 0x0B, 0xD8, 0xE2, 0xA8, 0x2A, 0x63, + 0x35, 0x90, 0xEE, 0x7F, 0xEA, 0xCE, 0xA5, 0xEF, 0x7F, 0xAB, + 0x87, 0x47, 0x9B, 0x45, 0x35, 0x9A, 0xDA, 0x8C, 0xF4, 0xD3, + 0x8A, 0x0B, 0x9B, 0xE6, 0xEA, 0x92, 0xBB, 0x05, 0xE1, 0xAC, + 0x3E, 0x35, 0xDB, 0xED, 0x65, 0x1D, 0xB6, 0x92, 0xEB, 0x29, + 0x79, 0xF8, 0x3F, 0xC2, 0x58, 0x40, 0x32, 0x66, 0x87, 0x56, + 0x50, 0xFF, 0xBF, 0x3E, 0xBD, 0xE9, 0x94, 0xBF, 0x31, 0xBE, + 0x87, 0x2D, 0xEF, 0x64, 0x1E, 0x0E, 0x67, 0x3A, 0x9C, 0x94, + 0xDA, 0x5B, 0x0C, 0x8C, 0x3D, 0xEE, 0x9D, 0xCD, 0x92, 0xDE, + 0x40, 0x02, 0x65, 0x36, 0xC9, 0x1B, 0xF5, 0x7E, 0x4E, 0x07, + 0xB4, 0x7F, 0x14, 0x0E, 0x03, 0x2E, 0x86, 0xF0, 0x45, 0x5F, + 0xDC, 0xA2, 0xE8, 0xC7, 0x83, 0x02, 0x81, 0xC1, 0x00, 0xCA, + 0xED, 0xA5, 0x3F, 0x59, 0xAC, 0x4C, 0xAD, 0xAB, 0x23, 0x02, + 0x95, 0x80, 0xA0, 0xAF, 0x35, 0x17, 0xDB, 0xE7, 0x7F, 0x72, + 0x41, 0x2C, 0x5C, 0xB4, 0x43, 0x85, 0x46, 0x73, 0x9F, 0x58, + 0xE9, 0x40, 0x8B, 0xEC, 0xB0, 0xEF, 0x86, 0x4C, 0x31, 0xDE, + 0xC8, 0x6C, 0x74, 0x75, 0xA2, 0xDB, 0x65, 0xF4, 0x50, 0xC6, + 0x99, 0xA2, 0x70, 0xDE, 0xB6, 0x22, 0xC2, 0x01, 0x15, 0x49, + 0x13, 0xA0, 0xE2, 0x20, 0x78, 0x44, 0xEC, 0x1F, 0x42, 0xB3, + 0x25, 0x09, 0xCE, 0x75, 0x13, 0x75, 0x36, 0x11, 0x47, 0x2C, + 0x3C, 0x15, 0x1F, 0xF0, 0x54, 0xD5, 0x18, 0xAE, 0x61, 0x07, + 0xAC, 0x3D, 0x83, 0x46, 0x03, 0x8C, 0xBF, 0x63, 0x26, 0xA8, + 0x19, 0x7C, 0xFF, 0xDE, 0x20, 0x78, 0xD0, 0xDA, 0x70, 0x2E, + 0xBD, 0xFA, 0x96, 0xDD, 0x15, 0x78, 0x9B, 0xEF, 0xED, 0x17, + 0x90, 0x6F, 0x14, 0x35, 0x50, 0x8E, 0x1D, 0x78, 0xB0, 0x8A, + 0xA0, 0x53, 0x10, 0x15, 0x64, 0xCC, 0x47, 0x05, 0xB6, 0xC6, + 0x48, 0xC0, 0x5D, 0xB4, 0x4B, 0x1A, 0x5F, 0xB8, 0x9E, 0x75, + 0xCD, 0xC3, 0x64, 0x66, 0x88, 0x10, 0x9C, 0x8B, 0x87, 0x14, + 0x34, 0xE6, 0x60, 0x3C, 0xA5, 0xB7, 0x81, 0x1D, 0x0B, 0x79, + 0x93, 0x5D, 0x4A, 0x42, 0x7A, 0x7F, 0x33, 0xF0, 0x3E, 0x9E, + 0x63, 0xBD, 0xB6, 0x5F, 0xF9, 0x47, 0xA7, 0x0A, 0x49, 0x70, + 0xB1, 0x02, 0x81, 0xC0, 0x6F, 0xC6, 0xF4, 0x3E, 0xDA, 0xAD, + 0xF6, 0xB1, 0x66, 0xC5, 0x62, 0xB8, 0xD8, 0x3C, 0x61, 0x1B, + 0xDE, 0xD4, 0x4A, 0xFF, 0xA0, 0x66, 0x18, 0xDE, 0x07, 0x3B, + 0x32, 0x35, 0x84, 0x83, 0x61, 0x38, 0x0C, 0x14, 0xF7, 0x5B, + 0x7E, 0xCA, 0xE7, 0xB8, 0x9A, 0x40, 0x40, 0x0D, 0xE0, 0xD4, + 0x24, 0xED, 0x1A, 0xC1, 0x41, 0xDA, 0x29, 0x47, 0xB5, 0x64, + 0xC0, 0xC2, 0xFB, 0xFA, 0x3C, 0x3F, 0x4D, 0x57, 0xAD, 0xA3, + 0x92, 0x95, 0x4E, 0xC2, 0x76, 0xAE, 0xC2, 0xCB, 0x67, 0xC6, + 0x78, 0x79, 0xC7, 0xDC, 0xCE, 0x73, 0xBB, 0xE8, 0x98, 0x65, + 0xFE, 0x56, 0x8F, 0xB2, 0xF4, 0x62, 0xA4, 0x60, 0x60, 0x80, + 0x49, 0x8A, 0x36, 0xBF, 0xDE, 0x72, 0x7E, 0xB1, 0xD3, 0xF5, + 0x1D, 0x64, 0x17, 0x26, 0xE5, 0x3D, 0x67, 0xB2, 0x0A, 0x8B, + 0x99, 0x27, 0x04, 0x64, 0x9A, 0x94, 0xFC, 0x1D, 0x73, 0x26, + 0xC3, 0x56, 0xF9, 0xEE, 0x2B, 0x99, 0x65, 0xA5, 0xC8, 0x73, + 0xF6, 0x67, 0x83, 0xBC, 0x2B, 0x96, 0x5F, 0x36, 0xE4, 0xCA, + 0xBD, 0xE0, 0x24, 0x34, 0xD6, 0x48, 0x54, 0x56, 0xAD, 0xA3, + 0xE3, 0x3D, 0x17, 0xBC, 0xB3, 0xE6, 0x24, 0xFE, 0x50, 0xC6, + 0x2F, 0xCB, 0xB4, 0xAF, 0xC7, 0xE8, 0xDD, 0x96, 0x86, 0x9D, + 0xB4, 0x7F, 0x1B, 0x26, 0x01, 0x33, 0x87, 0xDB, 0x6A, 0x7F, + 0xF6, 0x9A, 0xB7, 0xC1, 0x94, 0xEB, 0x02, 0x81, 0xC1, 0x00, + 0xB0, 0x6D, 0x20, 0x68, 0x0D, 0x7C, 0x81, 0x45, 0xD4, 0x2E, + 0x22, 0x06, 0xFC, 0xC7, 0xB6, 0xCC, 0x40, 0x2C, 0x0D, 0xFE, + 0x7D, 0xC5, 0x2F, 0xDE, 0x81, 0x52, 0xDA, 0xC2, 0x3F, 0xAF, + 0xE0, 0x4B, 0x1A, 0xB5, 0x0C, 0x59, 0x60, 0x45, 0xB0, 0x65, + 0x03, 0x3D, 0xD9, 0x1C, 0xFF, 0x51, 0x51, 0xD2, 0x38, 0x31, + 0x2A, 0x19, 0x54, 0x63, 0x31, 0x1D, 0xC4, 0xE6, 0x4A, 0xAE, + 0xC8, 0xD3, 0xE9, 0xE1, 0xEF, 0x3C, 0xE1, 0x1F, 0x30, 0xA6, + 0x7A, 0xBD, 0xCE, 0xE2, 0xD2, 0x62, 0xD2, 0x5A, 0xE9, 0x76, + 0xA9, 0x7C, 0xAB, 0x19, 0x13, 0x87, 0x8D, 0xA5, 0x61, 0xA6, + 0x36, 0x57, 0x87, 0x3B, 0x64, 0x59, 0x9D, 0xBA, 0x9F, 0x67, + 0x72, 0x6A, 0x86, 0x84, 0xA6, 0x08, 0x31, 0x41, 0xD3, 0x48, + 0x09, 0x3B, 0x5E, 0x6C, 0x5F, 0x56, 0x55, 0x7F, 0xAD, 0x7E, + 0xC2, 0x27, 0xEE, 0x8A, 0xF1, 0x37, 0x51, 0xF7, 0x49, 0x80, + 0xA3, 0x65, 0x74, 0x11, 0xDD, 0xA7, 0xBE, 0xFA, 0x58, 0x7B, + 0x69, 0xB4, 0xC2, 0x9A, 0x35, 0x2F, 0xBE, 0x84, 0x4E, 0x2C, + 0x66, 0x5B, 0x38, 0x6F, 0x47, 0xBD, 0x30, 0x44, 0x0A, 0x02, + 0xAC, 0x8C, 0xB9, 0x66, 0x1E, 0x14, 0x2D, 0x90, 0x71, 0x42, + 0x12, 0xB7, 0x0E, 0x3A, 0x8B, 0xC5, 0x98, 0x65, 0xFD, 0x8F, + 0x53, 0x81, 0x7F, 0xE4, 0xD9, 0x58, 0x0E, 0xF5, 0xA9, 0x39, + 0xE4, 0x61, 0x02, 0x81, 0xC1, 0x00, 0xB3, 0x94, 0x8F, 0x2B, + 0xFD, 0x84, 0x2E, 0x83, 0x42, 0x86, 0x56, 0x7E, 0xB5, 0xF8, + 0x3C, 0xC5, 0x0C, 0xCB, 0xBD, 0x32, 0x0C, 0xD7, 0xAA, 0xA7, + 0xB0, 0xE9, 0xA4, 0x6A, 0xD1, 0x01, 0xDB, 0x87, 0x2A, 0xF7, + 0xDF, 0xEC, 0xC2, 0x03, 0x5D, 0x55, 0xA8, 0x66, 0x73, 0x79, + 0xA9, 0xAB, 0xBD, 0xAF, 0x69, 0x37, 0xFE, 0x41, 0xB5, 0x53, + 0xB3, 0xB2, 0xC0, 0xB1, 0x80, 0x34, 0xE6, 0xE1, 0x7B, 0xAE, + 0x67, 0xC7, 0xF3, 0x57, 0xFE, 0x12, 0xBC, 0x78, 0xAA, 0x75, + 0x0D, 0xAC, 0x79, 0x90, 0x14, 0x49, 0xFE, 0x6B, 0x51, 0xE3, + 0xE4, 0x46, 0xB2, 0x10, 0x4D, 0x05, 0x6A, 0x12, 0x80, 0x2A, + 0x8F, 0x39, 0x42, 0x0E, 0x3B, 0x24, 0x2B, 0x50, 0x5D, 0xF3, + 0xA7, 0x7F, 0x2F, 0x82, 0x89, 0x87, 0x9F, 0xF8, 0x7B, 0x1E, + 0x05, 0x6E, 0x75, 0x83, 0x04, 0x35, 0x66, 0x4A, 0x06, 0x57, + 0x39, 0xAB, 0x21, 0x0B, 0x94, 0x41, 0x6A, 0x2A, 0xC7, 0xDE, + 0x98, 0x45, 0x8F, 0x96, 0x1C, 0xF2, 0xD8, 0xFB, 0x9C, 0x10, + 0x8E, 0x41, 0x7A, 0xDD, 0xDD, 0x1D, 0xEF, 0xA5, 0x67, 0xEC, + 0xFE, 0xA3, 0x2D, 0xA9, 0xFD, 0xF3, 0xEE, 0x35, 0xF4, 0xA7, + 0xBC, 0xF9, 0x71, 0xCC, 0xB9, 0xC0, 0x5F, 0x58, 0x5B, 0xBD, + 0x1A, 0x9E, 0xC7, 0x08, 0x67, 0x7C, 0xC7, 0x51, 0x5B, 0xBE, + 0xE3, 0xF8, 0xBE, 0x1E, 0xC7, 0xD2, 0x28, 0x97 +}; +static const int sizeof_client_key_der_3072 = sizeof(client_key_der_3072); + +/* ./certs/3072/client-cert.der, 3072-bit */ +static const unsigned char client_cert_der_3072[] = +{ + 0x30, 0x82, 0x05, 0xF8, 0x30, 0x82, 0x04, 0x60, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x2F, 0x06, 0x07, 0xA8, 0xB6, + 0xF4, 0xEE, 0x10, 0x91, 0x43, 0xDE, 0xE1, 0x46, 0x99, 0xC4, + 0x90, 0x79, 0xE6, 0xF1, 0xD1, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, + 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, + 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x31, 0x32, + 0x32, 0x30, 0x35, 0x35, 0x31, 0x34, 0x38, 0x5A, 0x17, 0x0D, + 0x32, 0x32, 0x31, 0x30, 0x31, 0x38, 0x30, 0x35, 0x35, 0x31, + 0x34, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, + 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, + 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, + 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, + 0x01, 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, + 0x68, 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, + 0x9C, 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, + 0x55, 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, + 0x5F, 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, + 0xEE, 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, + 0xC7, 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, + 0x5C, 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, + 0x3D, 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, + 0x22, 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, + 0x31, 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, + 0x69, 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, + 0xC8, 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, + 0xFF, 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, + 0x2C, 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, + 0x11, 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, + 0x85, 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, + 0x3E, 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, + 0x87, 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, + 0xC3, 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, + 0x35, 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, + 0x03, 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, + 0x6D, 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, + 0x2F, 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, + 0xD6, 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, + 0x32, 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, + 0xA9, 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, + 0x5A, 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, + 0xCD, 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, + 0xCE, 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, + 0x01, 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, + 0xEF, 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, + 0xAD, 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, + 0x68, 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, + 0xD7, 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, + 0x88, 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, + 0x08, 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, + 0xF9, 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, + 0xC4, 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, + 0x93, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x2A, + 0x30, 0x82, 0x01, 0x26, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x0E, 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, + 0xB0, 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, + 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xDE, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, + 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, + 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, + 0xA8, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, + 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, + 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, + 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, + 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, + 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, + 0x2F, 0x06, 0x07, 0xA8, 0xB6, 0xF4, 0xEE, 0x10, 0x91, 0x43, + 0xDE, 0xE1, 0x46, 0x99, 0xC4, 0x90, 0x79, 0xE6, 0xF1, 0xD1, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x0F, 0x30, 0x0D, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x81, 0x00, 0x04, 0xF5, + 0xE0, 0xE5, 0x75, 0x6B, 0xCF, 0xEE, 0x19, 0xEF, 0x3C, 0xB5, + 0xB6, 0x78, 0xCE, 0xB2, 0xC3, 0xF2, 0x3E, 0x0D, 0x3F, 0xB7, + 0x6D, 0x59, 0x7D, 0xB6, 0x7E, 0x6A, 0x91, 0x0F, 0x85, 0xAC, + 0xCA, 0x56, 0x30, 0x3C, 0x3F, 0x5D, 0x30, 0x10, 0x7C, 0x5E, + 0x7F, 0x98, 0xB2, 0x9D, 0x95, 0x04, 0xE1, 0xEE, 0xC0, 0x9E, + 0x1B, 0x01, 0x39, 0xCB, 0x02, 0x05, 0xB9, 0x9B, 0x02, 0x88, + 0xEB, 0xD0, 0xAD, 0x06, 0xD5, 0x39, 0x2D, 0x24, 0xE6, 0xDC, + 0x4E, 0xCE, 0x8C, 0x36, 0x7D, 0xB6, 0x8E, 0x1D, 0xE8, 0xB7, + 0xEF, 0xFF, 0xB4, 0x17, 0xC1, 0xA5, 0xD8, 0xFA, 0x34, 0xDD, + 0x99, 0x3D, 0x30, 0x4B, 0x45, 0xA2, 0x14, 0x6A, 0x88, 0x93, + 0xCA, 0x25, 0xE2, 0x5C, 0xD5, 0xBA, 0xE8, 0x9D, 0xEF, 0xD7, + 0x68, 0x76, 0x05, 0x92, 0x48, 0x19, 0x92, 0x11, 0x79, 0xC2, + 0xFE, 0x11, 0x49, 0x4D, 0xD6, 0xD1, 0x8F, 0x32, 0x1C, 0x5F, + 0x3B, 0x41, 0x2C, 0x08, 0xB2, 0x72, 0x65, 0x1C, 0xE5, 0x86, + 0x02, 0x94, 0xB3, 0x9D, 0x30, 0xDA, 0x59, 0x42, 0xA1, 0xB0, + 0x1E, 0x00, 0x92, 0x93, 0x6E, 0x0D, 0x27, 0xCF, 0xDF, 0xD8, + 0xCF, 0x2B, 0xCD, 0xCB, 0x8C, 0xFF, 0xB5, 0x6F, 0x83, 0x92, + 0x27, 0x00, 0x58, 0x59, 0xA2, 0x0B, 0x91, 0xB0, 0x39, 0xCA, + 0xA8, 0x78, 0xFD, 0x83, 0x56, 0x4F, 0xA1, 0x6E, 0xC3, 0xE0, + 0x2B, 0xAE, 0xEF, 0x3C, 0x09, 0x04, 0xF0, 0x9B, 0x5B, 0x00, + 0xD3, 0xED, 0xB6, 0x06, 0xF6, 0x9C, 0xDA, 0xAF, 0x61, 0x68, + 0x8F, 0xE3, 0x2A, 0xC3, 0x85, 0x20, 0x66, 0x2C, 0xAC, 0xDD, + 0x65, 0x37, 0x36, 0xC2, 0x2F, 0xBA, 0xB8, 0x90, 0x66, 0x6E, + 0x9E, 0x58, 0xA2, 0x4B, 0xD6, 0xA7, 0x30, 0xC8, 0xC9, 0x6C, + 0xBD, 0x13, 0x40, 0xA0, 0xCA, 0x59, 0x7C, 0xC5, 0x86, 0x9C, + 0x55, 0xC5, 0x68, 0xC7, 0x0C, 0x7F, 0x94, 0x73, 0xA5, 0x4B, + 0xEB, 0xF1, 0x27, 0x96, 0xB5, 0xF9, 0x69, 0x6B, 0x2B, 0xB6, + 0x62, 0xD7, 0x3A, 0x0D, 0x40, 0x65, 0xF0, 0x0D, 0xDE, 0x91, + 0x77, 0xD4, 0xF6, 0xBB, 0x13, 0x7B, 0x4A, 0x55, 0x8F, 0x7E, + 0x49, 0x65, 0x89, 0x37, 0x46, 0x05, 0x2F, 0x90, 0x14, 0x73, + 0x0D, 0x2D, 0x1E, 0xA4, 0xD4, 0xBB, 0x4E, 0x6D, 0x29, 0xDA, + 0x79, 0x6E, 0x73, 0x08, 0xDE, 0x5F, 0x27, 0xDC, 0x23, 0x14, + 0xDB, 0x7B, 0xE7, 0x02, 0x13, 0x2E, 0xC7, 0x94, 0x19, 0xF3, + 0x7D, 0x2E, 0xC4, 0x8A, 0x69, 0xBA, 0xF5, 0xBA, 0x62, 0xC2, + 0x88, 0xB5, 0xCB, 0xC7, 0x92, 0xA2, 0x8A, 0xE3, 0x69, 0x10, + 0x6E, 0xC5, 0xB8, 0xB2, 0x10, 0x7E, 0xB6, 0x0C, 0x71, 0x2A, + 0xC3, 0xE9, 0x71, 0x0C, 0xA2, 0x8B, 0x9A, 0x1D, 0x2C, 0x4E, + 0x21, 0x68, 0x53, 0x51, 0x6D, 0x0C, 0xD2, 0xB4, 0x4B, 0x50, + 0x4B, 0x0A +}; +static const int sizeof_client_cert_der_3072 = sizeof(client_cert_der_3072); + #endif /* USE_CERT_BUFFERS_3072 */ #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) From e3e862c8b68baa6eac384b9d57df55a34da3a20c Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 21 Jan 2020 22:25:11 -0800 Subject: [PATCH 2/5] Test case fixes for sig wrapper test and DH. --- wolfcrypt/test/test.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index fdb5be3b4..0eba6ccf2 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -9299,6 +9299,9 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #endif #endif #endif /* !NO_RSA */ +#endif /* !USE_CERT_BUFFER_* */ +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + !defined(NO_ASN) #ifndef NO_DH static const char* dhKey = CERT_ROOT "dh2048.der"; #endif @@ -10123,6 +10126,8 @@ static int rsa_export_key_test(RsaKey* key) } #endif /* !HAVE_FIPS && !USER_RSA && !NO_ASN */ +#define RSA_TEST_BYTES 384 + #ifndef NO_SIG_WRAPPER static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng) { @@ -10146,7 +10151,7 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng) 0xa6, 0x58, 0x0a, 0x33, 0x0b, 0x84, 0x5f, 0x5f }; word32 inLen = (word32)XSTRLEN((char*)in); - byte out[256]; + byte out[RSA_TEST_BYTES]; /* Parameter Validation testing. */ ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_NONE, key, keyLen); @@ -10659,8 +10664,6 @@ done: } #endif -#define RSA_TEST_BYTES 384 - #ifdef WC_RSA_PSS static int rsa_pss_test(WC_RNG* rng, RsaKey* key) { From 2a5c623c97973be49bd6cd2e505917c33c105cd6 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 22 Jan 2020 08:15:34 -0800 Subject: [PATCH 3/5] Fix for RSA without SHA512 build error. Fix or renew cert PEM to DER. --- certs/renewcerts.sh | 2 +- wolfcrypt/src/rsa.c | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 93d232f0f..5bea56062 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -182,7 +182,7 @@ run_renewcerts(){ check_result $? "Step 3" mv ./3072/tmp.pem ./3072/client-cert.pem - openssl x509 -in ./3072/client-key.pem -outform der -out ./3072/client-key.der + openssl rsa -in ./3072/client-key.pem -outform der -out ./3072/client-key.der openssl x509 -in ./3072/client-cert.pem -outform der -out ./3072/client-cert.der echo "End of section" diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 2f0595cba..5ffb3b98c 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1467,7 +1467,10 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen, { int ret; byte* tmp; - int hLen, i, maskLen, orig_bits = bits; + int hLen, i, maskLen; +#ifdef WOLFSSL_SHA512 + int orig_bits = bits; +#endif #if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY) byte tmp_buf[RSA_MAX_SIZE/8]; tmp = tmp_buf; From 84a878bda20ede9061b2ef9f9f083596161e2499 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 22 Jan 2020 09:11:00 -0800 Subject: [PATCH 4/5] Fix for include .am issue. --- certs/3072/include.am | 2 ++ certs/4096/include.am | 8 ++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/certs/3072/include.am b/certs/3072/include.am index 524dc0277..20c982376 100644 --- a/certs/3072/include.am +++ b/certs/3072/include.am @@ -3,5 +3,7 @@ # EXTRA_DIST += \ + certs/3072/client-cert.der \ certs/3072/client-cert.pem \ + certs/3072/client-key.der \ certs/3072/client-key.pem diff --git a/certs/4096/include.am b/certs/4096/include.am index e0d7b5968..0c8305299 100644 --- a/certs/4096/include.am +++ b/certs/4096/include.am @@ -3,7 +3,7 @@ # EXTRA_DIST += \ - certs/4096/client-cert.der \ - certs/4096/client-cert.pem \ - certs/4096/client-key.der \ - certs/4096/client-key.pem + certs/4096/client-cert.pem \ + certs/4096/client-key.pem + + From b022b651b3676d276a9e37a7c43889694d28aee4 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 22 Jan 2020 10:04:53 -0800 Subject: [PATCH 5/5] wolfCrypt test fixes for hard coded "256" byte buffers to support 3072-bit RSA. Requires PR #2755 --- wolfcrypt/test/test.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 0eba6ccf2..46ec9e26f 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -9955,12 +9955,14 @@ int decodedCertCache_test(void) #endif /* defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) */ +#define RSA_TEST_BYTES 384 + #if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) static int rsa_flatten_test(RsaKey* key) { int ret; - byte e[256]; - byte n[256]; + byte e[RSA_TEST_BYTES]; + byte n[RSA_TEST_BYTES]; word32 eSz = sizeof(e); word32 nSz = sizeof(n); @@ -10056,13 +10058,13 @@ static int rsa_export_key_test(RsaKey* key) int ret; byte e[3]; word32 eSz = sizeof(e); - byte n[256]; + byte n[RSA_TEST_BYTES]; word32 nSz = sizeof(n); - byte d[256]; + byte d[RSA_TEST_BYTES]; word32 dSz = sizeof(d); - byte p[128]; + byte p[RSA_TEST_BYTES/2]; word32 pSz = sizeof(p); - byte q[128]; + byte q[RSA_TEST_BYTES/2]; word32 qSz = sizeof(q); word32 zero = 0; @@ -10126,8 +10128,6 @@ static int rsa_export_key_test(RsaKey* key) } #endif /* !HAVE_FIPS && !USER_RSA && !NO_ASN */ -#define RSA_TEST_BYTES 384 - #ifndef NO_SIG_WRAPPER static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng) {