From bd1ff08aa993756ac19708629ceed90920a2f959 Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Mon, 29 Dec 2014 11:53:25 -0700 Subject: [PATCH] certs name changes --- certs/crl/gencrls.sh | 32 +++++++++--------- certs/renewcerts.sh | 34 ++++++++++---------- certs/renewcerts/{cyassl.cnf => wolfssl.cnf} | 12 +++---- certs/server-keyPkcs8Enc.pem | 2 +- 4 files changed, 40 insertions(+), 40 deletions(-) rename certs/renewcerts/{cyassl.cnf => wolfssl.cnf} (95%) diff --git a/certs/crl/gencrls.sh b/certs/crl/gencrls.sh index f17089043..2afbecfe1 100755 --- a/certs/crl/gencrls.sh +++ b/certs/crl/gencrls.sh @@ -5,53 +5,53 @@ # caCrl -openssl ca -config ../renewcerts/cyassl.cnf -gencrl -crldays 365 -out crl.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem +openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 365 -out crl.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem # metadata openssl crl -in crl.pem -text > tmp mv tmp crl.pem -# install (only needed if working outside cyassl) -#cp crl.pem ~/cyassl/certs/crl/crl.pem +# install (only needed if working outside wolfssl) +#cp crl.pem ~/wolfssl/certs/crl/crl.pem # caCrl server revoked -openssl ca -config ../renewcerts/cyassl.cnf -revoke ../server-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem +openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem # caCrl server revoked generation -openssl ca -config ../renewcerts/cyassl.cnf -gencrl -crldays 365 -out crl.revoked -keyfile ../ca-key.pem -cert ../ca-cert.pem +openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 365 -out crl.revoked -keyfile ../ca-key.pem -cert ../ca-cert.pem # metadata openssl crl -in crl.revoked -text > tmp mv tmp crl.revoked -# install (only needed if working outside cyassl) -#cp crl.revoked ~/cyassl/certs/crl/crl.revoked +# install (only needed if working outside wolfssl) +#cp crl.revoked ~/wolfssl/certs/crl/crl.revoked # remove revoked so next time through the normal CA won't have server revoked cp blank.index.txt demoCA/index.txt # cliCrl -openssl ca -config ../renewcerts/cyassl.cnf -gencrl -crldays 365 -out cliCrl.pem -keyfile ../client-key.pem -cert ../client-cert.pem +openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 365 -out cliCrl.pem -keyfile ../client-key.pem -cert ../client-cert.pem # metadata openssl crl -in cliCrl.pem -text > tmp mv tmp cliCrl.pem -# install (only needed if working outside cyassl) -#cp cliCrl.pem ~/cyassl/certs/crl/cliCrl.pem +# install (only needed if working outside wolfssl) +#cp cliCrl.pem ~/wolfssl/certs/crl/cliCrl.pem # eccCliCRL -openssl ca -config ../renewcerts/cyassl.cnf -gencrl -crldays 365 -out eccCliCRL.pem -keyfile ../ecc-client-key.pem -cert ../client-ecc-cert.pem +openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 365 -out eccCliCRL.pem -keyfile ../ecc-client-key.pem -cert ../client-ecc-cert.pem # metadata openssl crl -in eccCliCRL.pem -text > tmp mv tmp eccCliCRL.pem -# install (only needed if working outside cyassl) -#cp eccCliCRL.pem ~/cyassl/certs/crl/eccCliCRL.pem +# install (only needed if working outside wolfssl) +#cp eccCliCRL.pem ~/wolfssl/certs/crl/eccCliCRL.pem # eccSrvCRL -openssl ca -config ../renewcerts/cyassl.cnf -gencrl -crldays 365 -out eccSrvCRL.pem -keyfile ../ecc-key.pem -cert ../server-ecc.pem +openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 365 -out eccSrvCRL.pem -keyfile ../ecc-key.pem -cert ../server-ecc.pem # metadata openssl crl -in eccSrvCRL.pem -text > tmp mv tmp eccSrvCRL.pem -# install (only needed if working outside cyassl) -#cp eccSrvCRL.pem ~/cyassl/certs/crl/eccSrvCRL.pem +# install (only needed if working outside wolfssl) +#cp eccSrvCRL.pem ~/wolfssl/certs/crl/eccSrvCRL.pem diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 5fe1eef0c..1c213f39f 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -8,7 +8,7 @@ function run_renewcerts(){ cd certs/ echo "" #move the custom cnf into our working directory - cp renewcerts/cyassl.cnf cyassl.cnf + cp renewcerts/wolfssl.cnf wolfssl.cnf # To generate these all in sha1 add the flag "-sha1" on appropriate lines # That is all lines beginning with: "openssl req" @@ -22,7 +22,7 @@ function run_renewcerts(){ echo -e "US\nMontana\nBozeman\nwolfSSL\nProgramming\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key client-key.pem -nodes -out client-cert.csr - openssl x509 -req -in client-cert.csr -days 1000 -extfile cyassl.cnf -extensions cyassl_opts -signkey client-key.pem -out client-cert.pem + openssl x509 -req -in client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey client-key.pem -out client-cert.pem rm client-cert.csr openssl x509 -in client-cert.pem -text > tmp.pem @@ -35,7 +35,7 @@ function run_renewcerts(){ #pipe the following arguments to openssl req... echo -e "US\nMontana\nBozeman\nSawtooth\nConsulting\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ca-key.pem -nodes -out ca-cert.csr - openssl x509 -req -in ca-cert.csr -days 1000 -extfile cyassl.cnf -extensions cyassl_opts -signkey ca-key.pem -out ca-cert.pem + openssl x509 -req -in ca-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ca-key.pem -out ca-cert.pem rm ca-cert.csr openssl x509 -in ca-cert.pem -text > tmp.pem @@ -48,7 +48,7 @@ function run_renewcerts(){ #pipe the following arguments to openssl req... echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-key.pem -nodes > server-req.pem - openssl x509 -req -in server-req.pem -extfile cyassl.cnf -extensions cyassl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem + openssl x509 -req -in server-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem rm server-req.pem @@ -64,7 +64,7 @@ function run_renewcerts(){ echo "" echo -e "US\nMontana\nBozeman\nElliptic - RSAsig\nECC-RSAsig\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes > server-ecc-req.pem - openssl x509 -req -in server-ecc-req.pem -extfile cyassl.cnf -extensions cyassl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-ecc-rsa.pem + openssl x509 -req -in server-ecc-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-ecc-rsa.pem rm server-ecc-req.pem @@ -79,7 +79,7 @@ function run_renewcerts(){ openssl x509 -inform PEM -in ca-cert.pem -outform DER -out ca-cert.der openssl x509 -inform PEM -in client-cert.pem -outform DER -out client-cert.der openssl x509 -inform PEM -in server-cert.pem -outform DER -out server-cert.der - echo "Changing directory to cyassl root..." + echo "Changing directory to wolfssl root..." echo "" cd ../ echo "Execute ./gencertbuf.pl..." @@ -89,7 +89,7 @@ function run_renewcerts(){ ########## generate the new crls ########################### ############################################################ - echo "Change directory to cyassl/certs" + echo "Change directory to wolfssl/certs" echo "" cd certs echo "We are back in the certs directory" @@ -118,12 +118,12 @@ function run_renewcerts(){ echo "Performing final steps, cleaning up the file system..." echo "" - rm ../cyassl.cnf + rm ../wolfssl.cnf rm blank.index.txt rm index.* rm crlnumber* rm -r demoCA - echo "Removed ../cyassl.cnf, blank.index.txt, index.*, crlnumber*, demoCA/" + echo "Removed ../wolfssl.cnf, blank.index.txt, index.*, crlnumber*, demoCA/" echo "" } @@ -131,7 +131,7 @@ function run_renewcerts(){ #function for restoring a previous configure state function restore_config(){ mv tmp.status config.status - mv tmp.options.h cyassl/options.h + mv tmp.options.h wolfssl/options.h make clean make -j 8 } @@ -149,14 +149,14 @@ function move_ntru(){ #start in root. cd ../ #if HAVE_NTRU already defined && there is no argument -if grep HAVE_NTRU "cyassl/options.h" && [ -z "$1" ] +if grep HAVE_NTRU "wolfssl/options.h" && [ -z "$1" ] then #run the function to renew the certs run_renewcerts - # run_renewcerts will end in the cyassl/certs/crl dir, backup to root. + # run_renewcerts will end in the wolfssl/certs/crl dir, backup to root. cd ../../ - echo "changed directory to cyassl root directory." + echo "changed directory to wolfssl root directory." echo "" ############################################################ @@ -197,7 +197,7 @@ else echo "Saving the configure state" echo "" cp config.status tmp.status - cp cyassl/options.h tmp.options.h + cp wolfssl/options.h tmp.options.h echo "Running make clean" echo "" @@ -217,11 +217,11 @@ else # ntru in the default location # if now defined - if grep HAVE_NTRU "cyassl/options.h"; then + if grep HAVE_NTRU "wolfssl/options.h"; then run_renewcerts - #run_renewcerts leaves us in cyassl/certs/crl, backup to root + #run_renewcerts leaves us in wolfssl/certs/crl, backup to root cd ../../ - echo "changed directory to cyassl root directory." + echo "changed directory to wolfssl root directory." echo "" move_ntru diff --git a/certs/renewcerts/cyassl.cnf b/certs/renewcerts/wolfssl.cnf similarity index 95% rename from certs/renewcerts/cyassl.cnf rename to certs/renewcerts/wolfssl.cnf index 585c635ad..7decf9ef9 100644 --- a/certs/renewcerts/cyassl.cnf +++ b/certs/renewcerts/wolfssl.cnf @@ -1,5 +1,5 @@ # -# cyassl configuration file +# wolfssl configuration file # HOME = . RANDFILE = $ENV::HOME/.rnd @@ -20,7 +20,7 @@ default_ca = CA_default # The default ca section [ CA_default ] #################################################################### -# CHANGE THIS LINE TO BE YOUR CYASSL_ROOT DIRECTORY # +# CHANGE THIS LINE TO BE YOUR WOLFSSL_ROOT DIRECTORY # # # dir = $HOME./.. # #################################################################### @@ -115,12 +115,12 @@ unstructuredName = An optional company name # These extensions are added when 'ca' signs a request. [ usr_cert ] basicConstraints=CA:FALSE -nsComment = "cyaSSL Generated Certificate using openSSL command line utility." +nsComment = "wolfSSL Generated Certificate using openSSL command line utility." subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer -#cyassl extensions -[cyassl_opts] +#wolfssl extensions +[wolfssl_opts] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:true @@ -143,7 +143,7 @@ authorityKeyIdentifier=keyid:always # These extensions should be added when creating a proxy certificate [ proxy_cert_ext ] basicConstraints=CA:FALSE -nsComment = "cyaSSL Generated Certificate using openSSL command line utility" +nsComment = "wolfSSL Generated Certificate using openSSL command line utility" subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo diff --git a/certs/server-keyPkcs8Enc.pem b/certs/server-keyPkcs8Enc.pem index 4be31a326..76f4424df 100644 --- a/certs/server-keyPkcs8Enc.pem +++ b/certs/server-keyPkcs8Enc.pem @@ -17,7 +17,7 @@ gnrwMDO3JvH89CwlHRizVSQl59ViqEMGLmbHThcMqkEOkFphB2xox7/IOVyp6cFn mY0ZCrbhdX+L6t5jiyq/4us5bzF7FOBYsJr6n1Rm9b8eeOL693y/6uM3CvTJcTOb 5RqWiHgTgmefeOeUQ0/dVgvEOIWz2yqBQmHKiB4+0CGGIRwUOXBrTKSLilumsjQe qGhJ6yw25VIpdXsMD1WVviczgRTNYjdldIJoHQdvpCEAhQ1RR3rkuIPniTumJFmY -CnjfNqjtkaZWIN1nOCmcu50tswksWEEFEfkcP1xyzhr3EVCYAoFncLTp5vHBtdmg +CnjfNqjtkaZWIN1nOCmcu50tswksWEEFEfkcP1xyzhr3EVWOLFoFncLTp5vHBtdmg 6KBdar40/OFGAcbDGDX1g3XEEi6jHmy0Lyz7M3DwESgaMgwzscsQLr+wMITk1IUN yfiXHl1CQjGxhDj8KoAhdDjjPENkSlCSd1vEO+lg1/IFb1dtnL2DJp6BQt9/VLHo Fp3pdZ7r95H20+pEhCZp0HXLNo1o8xjJQ5RWUCs1Zc1cauDOAh8lAjps6MBxTa3a