diff --git a/certs/ed25519/ca-ed25519-key.der b/certs/ed25519/ca-ed25519-key.der index 819013780..f1dfb912e 100644 Binary files a/certs/ed25519/ca-ed25519-key.der and b/certs/ed25519/ca-ed25519-key.der differ diff --git a/certs/ed25519/ca-ed25519-key.pem b/certs/ed25519/ca-ed25519-key.pem index f964dca0f..0eb5c3ca4 100644 --- a/certs/ed25519/ca-ed25519-key.pem +++ b/certs/ed25519/ca-ed25519-key.pem @@ -1,4 +1,3 @@ ------BEGIN EDDSA PRIVATE KEY----- -MFICAQAwBQYDK2VwBCIEIAw37caag1d0w0pY63b7oe9Frg8SA0rLDtnWWDl7MafZ -oSIEIKqWfWdx1/6tqF8UGL4C0BV+gGS5IXuyP3x0bv/1hOKB ------END EDDSA PRIVATE KEY----- +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAQjt6+YLP+d8Z3fPwMilt+v12T2jCwuBsR67CVWisDU0= +-----END PUBLIC KEY----- diff --git a/certs/ed25519/ca-ed25519-priv.der b/certs/ed25519/ca-ed25519-priv.der index 47edd8f90..4d7e9b5bf 100644 Binary files a/certs/ed25519/ca-ed25519-priv.der and b/certs/ed25519/ca-ed25519-priv.der differ diff --git a/certs/ed25519/ca-ed25519-priv.pem b/certs/ed25519/ca-ed25519-priv.pem index a1c81d93c..da2e90598 100644 --- a/certs/ed25519/ca-ed25519-priv.pem +++ b/certs/ed25519/ca-ed25519-priv.pem @@ -1,3 +1,3 @@ -----BEGIN PRIVATE KEY----- -MC4CAQAwBQYDK2VwBCIEIAw37caag1d0w0pY63b7oe9Frg8SA0rLDtnWWDl7MafZ +MC4CAQAwBQYDK2VwBCIEIPhVt7ZJP5mciOPFQmqkR0rkldrbv/inQp0O59BXjxZp -----END PRIVATE KEY----- diff --git a/certs/ed25519/ca-ed25519.der b/certs/ed25519/ca-ed25519.der index 8b7788d0d..d46aa7926 100644 Binary files a/certs/ed25519/ca-ed25519.der and b/certs/ed25519/ca-ed25519.der differ diff --git a/certs/ed25519/ca-ed25519.pem b/certs/ed25519/ca-ed25519.pem index c8abf6880..7b645aaf3 100644 --- a/certs/ed25519/ca-ed25519.pem +++ b/certs/ed25519/ca-ed25519.pem @@ -1,15 +1,47 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: ED25519 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Mar 10 06:49:03 2021 GMT + Not After : Dec 5 06:49:03 2023 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: ED25519 + ED25519 Public-Key: + pub: + 42:3b:7a:f9:82:cf:f9:df:19:dd:f3:f0:32:29:6d: + fa:fd:76:4f:68:c2:c2:e0:6c:47:ae:c2:55:68:ac: + 0d:4d + X509v3 extensions: + X509v3 Subject Key Identifier: + 74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9 + X509v3 Authority Key Identifier: + keyid:FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE + + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + Signature Algorithm: ED25519 + da:fe:58:53:89:43:85:98:35:dc:13:1c:a3:f1:1f:8d:26:be: + b6:a2:fc:b7:fe:9c:b9:35:69:31:7e:d4:b9:11:45:16:a2:29: + 35:a9:74:a7:97:da:7e:71:4f:b1:72:5d:75:17:ac:e3:f6:b8: + ce:1e:e4:8a:95:ba:cd:1d:ce:0d -----BEGIN CERTIFICATE----- -MIICVDCCAgagAwIBAgIQQAiKTYWESER1OSfza785ITAFBgMrZXAwgZkxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD -VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j -b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZcxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD -VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCowBQYDK2VwAyEAqpZ9Z3HX/q2oXxQYvgLQFX6AZLkhe7I/fHRu//WE4oGjYDBe -MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFG6LDcksWUNgr6UyhWz1dPO6VJvMMB8G -A1UdIwQYMBaAFBl6CabmJl9fBlLOYyRaj1xxPbt3MA4GA1UdDwEB/wQEAwIBxjAF -BgMrZXADQQC7w3pxbsKWWTZl1BQDkNAauSRVUoKYgLK67OcsHMYTpbjNLan5jeT+ -3z62i4fbzNBLDJD89XUSjtqQt1LRoE0F +MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk +MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDMx +MDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk +MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh +AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU +dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW +77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA +2v5YU4lDhZg13BMco/EfjSa+tqL8t/6cuTVpMX7UuRFFFqIpNal0p5fafnFPsXJd +dRes4/a4zh7kipW6zR3ODQ== -----END CERTIFICATE----- diff --git a/certs/ed25519/client-ed25519-key.der b/certs/ed25519/client-ed25519-key.der index 0672c15f1..70cd43c5f 100644 Binary files a/certs/ed25519/client-ed25519-key.der and b/certs/ed25519/client-ed25519-key.der differ diff --git a/certs/ed25519/client-ed25519-key.pem b/certs/ed25519/client-ed25519-key.pem index f9742bdbd..134666eaa 100644 --- a/certs/ed25519/client-ed25519-key.pem +++ b/certs/ed25519/client-ed25519-key.pem @@ -1,4 +1,3 @@ ------BEGIN EDDSA PRIVATE KEY----- -MFICAQAwBQYDK2VwBCIEICkn2+pW4KyBhuv1IuoymGLEqp9hTFcALhcvKrmHgkhs -oSIEIE6fglljSpes+m6VbFo7Uuuj2ef2J7uJ+3e046zCCGrA ------END EDDSA PRIVATE KEY----- +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEA5ldbExvHURRr7Tv10fqrnmy26wIJo5n1br+dPP5UOeY= +-----END PUBLIC KEY----- diff --git a/certs/ed25519/client-ed25519-priv.der b/certs/ed25519/client-ed25519-priv.der index 0ee0ad288..eaf16472f 100644 Binary files a/certs/ed25519/client-ed25519-priv.der and b/certs/ed25519/client-ed25519-priv.der differ diff --git a/certs/ed25519/client-ed25519-priv.pem b/certs/ed25519/client-ed25519-priv.pem index 214c1eaaa..d7c8a771a 100644 --- a/certs/ed25519/client-ed25519-priv.pem +++ b/certs/ed25519/client-ed25519-priv.pem @@ -1,3 +1,3 @@ -----BEGIN PRIVATE KEY----- -MC4CAQAwBQYDK2VwBCIEICkn2+pW4KyBhuv1IuoymGLEqp9hTFcALhcvKrmHgkhs +MC4CAQAwBQYDK2VwBCIEIJK1TOyvgca7AdbV3r03l1rSxvbDhbU75uTsMunHylLr -----END PRIVATE KEY----- diff --git a/certs/ed25519/client-ed25519.der b/certs/ed25519/client-ed25519.der index f9d6fe85d..adfdaa58e 100644 Binary files a/certs/ed25519/client-ed25519.der and b/certs/ed25519/client-ed25519.der differ diff --git a/certs/ed25519/client-ed25519.pem b/certs/ed25519/client-ed25519.pem index b340a1265..809742d6b 100644 --- a/certs/ed25519/client-ed25519.pem +++ b/certs/ed25519/client-ed25519.pem @@ -1,15 +1,57 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 40:66:c6:11:bc:00:f8:51:f9:e4:4b:bb:0b:ad:c1:09:38:b0:4a:e4 + Signature Algorithm: ED25519 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Mar 10 06:49:03 2021 GMT + Not After : Dec 5 06:49:03 2023 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: ED25519 + ED25519 Public-Key: + pub: + e6:57:5b:13:1b:c7:51:14:6b:ed:3b:f5:d1:fa:ab: + 9e:6c:b6:eb:02:09:a3:99:f5:6e:bf:9d:3c:fe:54: + 39:e6 + X509v3 extensions: + X509v3 Subject Key Identifier: + FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A + X509v3 Authority Key Identifier: + keyid:FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A + DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed25519/OU=Client-ed25519/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:40:66:C6:11:BC:00:F8:51:F9:E4:4B:BB:0B:AD:C1:09:38:B0:4A:E4 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Alternative Name: + DNS:example.com, IP Address:127.0.0.1 + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + Signature Algorithm: ED25519 + e0:87:e2:ce:d3:87:77:9d:f7:44:c0:73:00:ff:07:6d:2e:90: + 90:5c:bf:30:46:9c:75:a9:48:50:8a:da:09:0f:a8:a8:04:b4: + 33:c8:f4:28:61:9e:c2:a5:19:b7:70:1e:69:cd:49:5c:9a:f3: + 81:e0:de:38:b3:37:ff:33:bb:07 -----BEGIN CERTIFICATE----- -MIICTDCCAf6gAwIBAgIQFcHfya6OWie0wxPOBaz6TDAFBgMrZXAwgZsxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ8wDQYD -VQQEDAZjbGllbnQxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkx -GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEZMBcGA1UEBQAQaW5mb0B3b2xmc3Ns -LmNvbTAiGA8yMDIxMDIwOTE5NTAwNFoYDzIwMjMwMjEwMTk1MDA0WjCBmzELMAkG -A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xDzAN -BgNVBAQMBmNsaWVudDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUx -OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZz -c2wuY29tMCowBQYDK2VwAyEATp+CWWNKl6z6bpVsWjtS66PZ5/Ynu4n7d7TjrMII -asCjUjBQMB0GA1UdDgQWBBQxmyle67rNf5gcL3e47pgvKH2Z+DAfBgNVHSMEGDAW -gBQxmyle67rNf5gcL3e47pgvKH2Z+DAOBgNVHQ8BAf8EBAMCBsAwBQYDK2VwA0EA -2DDJOFXo02UBBQyoCvcK5n21/GJmFQiwlQQICFMzq//6xYm8eYtNN/RkCnBDysvj -p6jnAwZw6/MMujoxC3PtCg== +MIIDVDCCAwagAwIBAgIUQGbGEbwA+FH55Eu7C63BCTiwSuQwBQYDK2VwMIGfMQsw +CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY +MBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUx +OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv +QHdvbGZzc2wuY29tMB4XDTIxMDMxMDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZ8x +CzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFu +MRgwFgYDVQQKDA93b2xmU1NMX2VkMjU1MTkxFzAVBgNVBAsMDkNsaWVudC1lZDI1 +NTE5MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb20wKjAFBgMrZXADIQDmV1sTG8dRFGvtO/XR+quebLbrAgmj +mfVuv508/lQ55qOCAVAwggFMMB0GA1UdDgQWBBT+QV4+geIuRrM+R4mQ1MK0jhHW +ijCB3wYDVR0jBIHXMIHUgBT+QV4+geIuRrM+R4mQ1MK0jhHWiqGBpaSBojCBnzEL +MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x +GDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOQ2xpZW50LWVkMjU1 +MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m +b0B3b2xmc3NsLmNvbYIUQGbGEbwA+FH55Eu7C63BCTiwSuQwDAYDVR0TBAUwAwEB +/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEF +BQcDAQYIKwYBBQUHAwIwBQYDK2VwA0EA4IfiztOHd533RMBzAP8HbS6QkFy/MEac +dalIUIraCQ+oqAS0M8j0KGGewqUZt3Aeac1JXJrzgeDeOLM3/zO7Bw== -----END CERTIFICATE----- diff --git a/certs/ed25519/root-ed25519-key.der b/certs/ed25519/root-ed25519-key.der index 230709878..cc03be2a1 100644 Binary files a/certs/ed25519/root-ed25519-key.der and b/certs/ed25519/root-ed25519-key.der differ diff --git a/certs/ed25519/root-ed25519-key.pem b/certs/ed25519/root-ed25519-key.pem index 6d6b2d8ec..eb8a72ce1 100644 --- a/certs/ed25519/root-ed25519-key.pem +++ b/certs/ed25519/root-ed25519-key.pem @@ -1,4 +1,3 @@ ------BEGIN EDDSA PRIVATE KEY----- -MFICAQAwBQYDK2VwBCIEIPUBUd1CTNITOelSbDQlzuGA30xv42CVcvpe92sq7N+o -oSIEIIgura+qJ+c7nKcbmd2OK5+dL++bfwkNtP5Cs9JL+nwO ------END EDDSA PRIVATE KEY----- +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEA6bNvfHCKq8pUIE5kdjwaT/f6Xkr/89u5ZC0QpQxaP9o= +-----END PUBLIC KEY----- diff --git a/certs/ed25519/root-ed25519-priv.der b/certs/ed25519/root-ed25519-priv.der index 2c51356eb..3cab31329 100644 Binary files a/certs/ed25519/root-ed25519-priv.der and b/certs/ed25519/root-ed25519-priv.der differ diff --git a/certs/ed25519/root-ed25519-priv.pem b/certs/ed25519/root-ed25519-priv.pem index 18efe8f48..6f725f119 100644 --- a/certs/ed25519/root-ed25519-priv.pem +++ b/certs/ed25519/root-ed25519-priv.pem @@ -1,3 +1,3 @@ -----BEGIN PRIVATE KEY----- -MC4CAQAwBQYDK2VwBCIEIPUBUd1CTNITOelSbDQlzuGA30xv42CVcvpe92sq7N+o +MC4CAQAwBQYDK2VwBCIEIFcyr6XNVwsNpxIoY6ENIWmuvF/LJs2xkuvuxmoPrf1w -----END PRIVATE KEY----- diff --git a/certs/ed25519/root-ed25519.der b/certs/ed25519/root-ed25519.der index 3e481a16b..76117a27e 100644 Binary files a/certs/ed25519/root-ed25519.der and b/certs/ed25519/root-ed25519.der differ diff --git a/certs/ed25519/root-ed25519.pem b/certs/ed25519/root-ed25519.pem index cdb9bb22e..05720a367 100644 --- a/certs/ed25519/root-ed25519.pem +++ b/certs/ed25519/root-ed25519.pem @@ -1,15 +1,48 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3c:8f:b8:f9:5c:f1:81:97:76:e0:cc:04:c6:f6:77:7b:4f:92:4c:c6 + Signature Algorithm: ED25519 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Mar 10 06:49:03 2021 GMT + Not After : Dec 5 06:49:03 2023 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: ED25519 + ED25519 Public-Key: + pub: + e9:b3:6f:7c:70:8a:ab:ca:54:20:4e:64:76:3c:1a: + 4f:f7:fa:5e:4a:ff:f3:db:b9:64:2d:10:a5:0c:5a: + 3f:da + X509v3 extensions: + X509v3 Subject Key Identifier: + FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE + X509v3 Authority Key Identifier: + keyid:FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE + + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + Signature Algorithm: ED25519 + 44:f7:5d:ad:c0:68:5e:0c:af:c5:dd:da:a4:f9:34:4f:33:4f: + b3:db:bb:b6:36:67:f4:4d:63:a5:61:e8:b8:98:b7:e7:d3:52: + 8b:fb:ca:61:97:db:34:55:63:a8:27:e8:22:16:b6:a9:f1:8d: + 0e:f8:d1:56:08:45:b6:40:d9:09 -----BEGIN CERTIFICATE----- -MIICVjCCAgigAwIBAgIQYlI7cNFaPvFoHcYXLFMPzTAFBgMrZXAwgZkxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD -VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j -b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZkxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD -VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j -b20wKjAFBgMrZXADIQCILq2vqifnO5ynG5ndjiufnS/vm38JDbT+QrPSS/p8DqNg -MF4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUGXoJpuYmX18GUs5jJFqPXHE9u3cw -HwYDVR0jBBgwFoAUGXoJpuYmX18GUs5jJFqPXHE9u3cwDgYDVR0PAQH/BAQDAgHG -MAUGAytlcANBAOzVbL+V/Ik567gy9xUG5NwC1PE/SXEl6pNWTewxHAj8wU1IkDLT -FLYfC9ezVkWy9aOYaLH79T63Hl/tIahybgc= +MIICYTCCAhOgAwIBAgIUPI+4+VzxgZd24MwExvZ3e0+STMYwBQYDK2VwMIGdMQsw +CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY +MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx +GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 +b2xmc3NsLmNvbTAeFw0yMTAzMTAwNjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGdMQsw +CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY +MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx +GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 +b2xmc3NsLmNvbTAqMAUGAytlcAMhAOmzb3xwiqvKVCBOZHY8Gk/3+l5K//PbuWQt +EKUMWj/ao2MwYTAdBgNVHQ4EFgQU+rpbdh3xHR1NdEjYmDtW77MU894wHwYDVR0j +BBgwFoAU+rpbdh3xHR1NdEjYmDtW77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAYYwBQYDK2VwA0EARPddrcBoXgyvxd3apPk0TzNPs9u7tjZn9E1j +pWHouJi359NSi/vKYZfbNFVjqCfoIha2qfGNDvjRVghFtkDZCQ== -----END CERTIFICATE----- diff --git a/certs/ed25519/server-ed25519-cert.pem b/certs/ed25519/server-ed25519-cert.pem index d9d035a52..2006b538d 100644 --- a/certs/ed25519/server-ed25519-cert.pem +++ b/certs/ed25519/server-ed25519-cert.pem @@ -1,30 +1,52 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: ED25519 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Mar 10 06:49:03 2021 GMT + Not After : Dec 5 06:49:03 2023 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: ED25519 + ED25519 Public-Key: + pub: + 23:aa:4d:60:50:e0:13:d3:3a:ed:ab:f6:a9:cc:4a: + fe:d7:4d:2f:d2:5b:1a:10:05:ef:5a:41:25:ce:1b: + 53:78 + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:29:81:E7:90:6F:B9:60:F8:AF:CC:15:7A:AE:D7:A1:F4:B4:86:BA + X509v3 Authority Key Identifier: + keyid:74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9 + + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: critical + Digital Signature, Key Encipherment, Key Agreement + X509v3 Extended Key Usage: + TLS Web Server Authentication + Netscape Cert Type: + SSL Server + Signature Algorithm: ED25519 + f3:c2:ef:8b:55:65:4f:bc:e3:df:fc:d8:a1:ad:8e:43:07:73: + c8:58:c3:46:0a:c1:f1:4d:3f:fb:3d:78:e6:76:58:26:ce:d7: + 59:55:ec:c5:b5:b4:05:ed:f9:d4:97:69:66:d6:2c:1b:43:5a: + 51:5c:be:10:28:95:c4:96:af:00 -----BEGIN CERTIFICATE----- -MIICRjCCAfigAwIBAgIQQyBFY/XbM3h5GPnWdnTeajAFBgMrZXAwgZcxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD -VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCIYDzIwMjEwMjA5MTk1MDA0WhgPMjAyMzAyMTAxOTUwMDRaMIGZMQswCQYDVQQG -EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE -BAwETGVhZjEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCowBQYDK2VwAyEAi/OP+P/p9GU5NF71Iny3X/19LSd1vDHlmtPu8us3ryijUjBQ -MB0GA1UdDgQWBBQp8hOvwv+m0cj7fJgvDhEuOGSijjAfBgNVHSMEGDAWgBRuiw3J -LFlDYK+lMoVs9XTzulSbzDAOBgNVHQ8BAf8EBAMCBsAwBQYDK2VwA0EAo/sGXBKn -xIvogGi7VbdCmq1KbS04WEC2Kiu6DI22jOpQecqeUQ+iJ+Ua7tIlSsv0NPqqraq8 -KKxhcSh1nWQbDQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICVDCCAgagAwIBAgIQQAiKTYWESER1OSfza785ITAFBgMrZXAwgZkxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD -VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j -b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZcxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD -VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCowBQYDK2VwAyEAqpZ9Z3HX/q2oXxQYvgLQFX6AZLkhe7I/fHRu//WE4oGjYDBe -MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFG6LDcksWUNgr6UyhWz1dPO6VJvMMB8G -A1UdIwQYMBaAFBl6CabmJl9fBlLOYyRaj1xxPbt3MA4GA1UdDwEB/wQEAwIBxjAF -BgMrZXADQQC7w3pxbsKWWTZl1BQDkNAauSRVUoKYgLK67OcsHMYTpbjNLan5jeT+ -3z62i4fbzNBLDJD89XUSjtqQt1LRoE0F +MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk +MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTAzMTAw +NjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH +TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1 +NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw +AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O +BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK +NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM +MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQDzwu+LVWVP +vOPf/NihrY5DB3PIWMNGCsHxTT/7PXjmdlgmztdZVezFtbQF7fnUl2lm1iwbQ1pR +XL4QKJXElq8A -----END CERTIFICATE----- diff --git a/certs/ed25519/server-ed25519-key.der b/certs/ed25519/server-ed25519-key.der index e522ba1c2..0bdd0dd69 100644 Binary files a/certs/ed25519/server-ed25519-key.der and b/certs/ed25519/server-ed25519-key.der differ diff --git a/certs/ed25519/server-ed25519-key.pem b/certs/ed25519/server-ed25519-key.pem index b64ae01fe..f99c16453 100644 --- a/certs/ed25519/server-ed25519-key.pem +++ b/certs/ed25519/server-ed25519-key.pem @@ -1,4 +1,3 @@ ------BEGIN EDDSA PRIVATE KEY----- -MFICAQAwBQYDK2VwBCIEIHyd6hRAi4voY3m+UTepnRnoKo50DlIF3i9js6EkbTEG -oSIEIIvzj/j/6fRlOTRe9SJ8t1/9fS0ndbwx5ZrT7vLrN68o ------END EDDSA PRIVATE KEY----- +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3g= +-----END PUBLIC KEY----- diff --git a/certs/ed25519/server-ed25519-priv.der b/certs/ed25519/server-ed25519-priv.der index b25e2969d..23acaaf1b 100644 Binary files a/certs/ed25519/server-ed25519-priv.der and b/certs/ed25519/server-ed25519-priv.der differ diff --git a/certs/ed25519/server-ed25519-priv.pem b/certs/ed25519/server-ed25519-priv.pem index 20f443f28..9fdbd2ede 100644 --- a/certs/ed25519/server-ed25519-priv.pem +++ b/certs/ed25519/server-ed25519-priv.pem @@ -1,3 +1,3 @@ -----BEGIN PRIVATE KEY----- -MC4CAQAwBQYDK2VwBCIEIHyd6hRAi4voY3m+UTepnRnoKo50DlIF3i9js6EkbTEG +MC4CAQAwBQYDK2VwBCIEII6YRLBUgcY6R9j7wza/GXBhCSN24xxvgziuSVXFnoci -----END PRIVATE KEY----- diff --git a/certs/ed25519/server-ed25519.der b/certs/ed25519/server-ed25519.der index ce580d991..dbc551d44 100644 Binary files a/certs/ed25519/server-ed25519.der and b/certs/ed25519/server-ed25519.der differ diff --git a/certs/ed25519/server-ed25519.pem b/certs/ed25519/server-ed25519.pem index d9d035a52..d8d2277e7 100644 --- a/certs/ed25519/server-ed25519.pem +++ b/certs/ed25519/server-ed25519.pem @@ -1,30 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: ED25519 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Mar 10 06:49:03 2021 GMT + Not After : Dec 5 06:49:03 2023 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: ED25519 + ED25519 Public-Key: + pub: + 23:aa:4d:60:50:e0:13:d3:3a:ed:ab:f6:a9:cc:4a: + fe:d7:4d:2f:d2:5b:1a:10:05:ef:5a:41:25:ce:1b: + 53:78 + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:29:81:E7:90:6F:B9:60:F8:AF:CC:15:7A:AE:D7:A1:F4:B4:86:BA + X509v3 Authority Key Identifier: + keyid:74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9 + + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: critical + Digital Signature, Key Encipherment, Key Agreement + X509v3 Extended Key Usage: + TLS Web Server Authentication + Netscape Cert Type: + SSL Server + Signature Algorithm: ED25519 + f3:c2:ef:8b:55:65:4f:bc:e3:df:fc:d8:a1:ad:8e:43:07:73: + c8:58:c3:46:0a:c1:f1:4d:3f:fb:3d:78:e6:76:58:26:ce:d7: + 59:55:ec:c5:b5:b4:05:ed:f9:d4:97:69:66:d6:2c:1b:43:5a: + 51:5c:be:10:28:95:c4:96:af:00 -----BEGIN CERTIFICATE----- -MIICRjCCAfigAwIBAgIQQyBFY/XbM3h5GPnWdnTeajAFBgMrZXAwgZcxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD -VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCIYDzIwMjEwMjA5MTk1MDA0WhgPMjAyMzAyMTAxOTUwMDRaMIGZMQswCQYDVQQG -EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE -BAwETGVhZjEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCowBQYDK2VwAyEAi/OP+P/p9GU5NF71Iny3X/19LSd1vDHlmtPu8us3ryijUjBQ -MB0GA1UdDgQWBBQp8hOvwv+m0cj7fJgvDhEuOGSijjAfBgNVHSMEGDAWgBRuiw3J -LFlDYK+lMoVs9XTzulSbzDAOBgNVHQ8BAf8EBAMCBsAwBQYDK2VwA0EAo/sGXBKn -xIvogGi7VbdCmq1KbS04WEC2Kiu6DI22jOpQecqeUQ+iJ+Ua7tIlSsv0NPqqraq8 -KKxhcSh1nWQbDQ== +MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk +MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTAzMTAw +NjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH +TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1 +NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw +AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O +BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK +NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM +MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQDzwu+LVWVP +vOPf/NihrY5DB3PIWMNGCsHxTT/7PXjmdlgmztdZVezFtbQF7fnUl2lm1iwbQ1pR +XL4QKJXElq8A -----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: ED25519 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Mar 10 06:49:03 2021 GMT + Not After : Dec 5 06:49:03 2023 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: ED25519 + ED25519 Public-Key: + pub: + 42:3b:7a:f9:82:cf:f9:df:19:dd:f3:f0:32:29:6d: + fa:fd:76:4f:68:c2:c2:e0:6c:47:ae:c2:55:68:ac: + 0d:4d + X509v3 extensions: + X509v3 Subject Key Identifier: + 74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9 + X509v3 Authority Key Identifier: + keyid:FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE + + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + Signature Algorithm: ED25519 + da:fe:58:53:89:43:85:98:35:dc:13:1c:a3:f1:1f:8d:26:be: + b6:a2:fc:b7:fe:9c:b9:35:69:31:7e:d4:b9:11:45:16:a2:29: + 35:a9:74:a7:97:da:7e:71:4f:b1:72:5d:75:17:ac:e3:f6:b8: + ce:1e:e4:8a:95:ba:cd:1d:ce:0d -----BEGIN CERTIFICATE----- -MIICVDCCAgagAwIBAgIQQAiKTYWESER1OSfza785ITAFBgMrZXAwgZkxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD -VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j -b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZcxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD -VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG -A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t -MCowBQYDK2VwAyEAqpZ9Z3HX/q2oXxQYvgLQFX6AZLkhe7I/fHRu//WE4oGjYDBe -MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFG6LDcksWUNgr6UyhWz1dPO6VJvMMB8G -A1UdIwQYMBaAFBl6CabmJl9fBlLOYyRaj1xxPbt3MA4GA1UdDwEB/wQEAwIBxjAF -BgMrZXADQQC7w3pxbsKWWTZl1BQDkNAauSRVUoKYgLK67OcsHMYTpbjNLan5jeT+ -3z62i4fbzNBLDJD89XUSjtqQt1LRoE0F +MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk +MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDMx +MDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk +MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh +AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU +dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW +77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA +2v5YU4lDhZg13BMco/EfjSa+tqL8t/6cuTVpMX7UuRFFFqIpNal0p5fafnFPsXJd +dRes4/a4zh7kipW6zR3ODQ== -----END CERTIFICATE----- diff --git a/src/internal.c b/src/internal.c index f96ef6975..7e3c838a0 100644 --- a/src/internal.c +++ b/src/internal.c @@ -24108,9 +24108,14 @@ int SendClientKeyExchange(WOLFSSL* ssl) } else #endif + #ifdef HAVE_ECC if (ssl->ctx->EccSharedSecretCb != NULL) { break; } + else + #endif + { + } #endif /* HAVE_PK_CALLBACKS */ #ifdef HAVE_CURVE25519 diff --git a/tests/test-ed25519.conf b/tests/test-ed25519.conf index 342a476b6..d6cc898e7 100644 --- a/tests/test-ed25519.conf +++ b/tests/test-ed25519.conf @@ -2,7 +2,7 @@ -v 3 -l ECDHE-ECDSA-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem --k ./certs/ed25519/server-ed25519-key.pem +-k ./certs/ed25519/server-ed25519-priv.pem -d # client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 @@ -28,7 +28,7 @@ -v 3 -l ECDHE-ECDSA-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem --k ./certs/ed25519/server-ed25519-key.pem +-k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem -V # Remove -V when CRL for ED25519 certificates available. @@ -37,7 +37,7 @@ -v 3 -l ECDHE-ECDSA-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem --k ./certs/ed25519/client-ed25519-key.pem +-k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem -C @@ -45,7 +45,7 @@ -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem --k ./certs/ed25519/server-ed25519-key.pem +-k ./certs/ed25519/server-ed25519-priv.pem -d # client TLSv1.3 TLS13-AES128-GCM-SHA256 @@ -59,7 +59,7 @@ -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem --k ./certs/ed25519/server-ed25519-key.pem +-k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem -V # Remove -V when CRL for ED25519 certificates available. @@ -68,7 +68,7 @@ -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem --k ./certs/ed25519/client-ed25519-key.pem +-k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem -C diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 1091d3f48..f68eaa4f8 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -56,6 +56,10 @@ static THREAD_RETURN simple_test(func_args*); #else static void simple_test(func_args*); #endif +static int test_tls(func_args* server_args); +static void show_ciphers(void); +static void cleanup_output(void); +static int validate_cleanup_output(void); enum { NUMARGS = 3 @@ -79,6 +83,7 @@ char* myoptarg = NULL; #endif /* NO_TESTSUITE_MAIN_DRIVER */ #ifdef HAVE_STACK_SIZE +/* Wrap TLS echo client to free thread locals. */ static void *echoclient_test_wrapper(void* args) { echoclient_test(args); @@ -108,8 +113,9 @@ int testsuite_test(int argc, char** argv) int num = 6; #endif #ifdef HAVE_STACK_SIZE - void *serverThreadStackContext = 0; + void *serverThreadStackContext = NULL; #endif + int ret; #ifdef HAVE_WNR if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) { @@ -158,94 +164,42 @@ int testsuite_test(int argc, char** argv) if (server_args.return_code != 0) return server_args.return_code; /* Echo input wolfSSL client server test */ #ifdef HAVE_STACK_SIZE - StackSizeCheck_launch(&server_args, echoserver_test, &serverThread, &serverThreadStackContext); + StackSizeCheck_launch(&server_args, echoserver_test, &serverThread, + &serverThreadStackContext); #else start_thread(echoserver_test, &server_args, &serverThread); #endif - wait_tcp_ready(&server_args); - { - func_args echo_args; - char* myArgv[NUMARGS]; - char arg[3][32]; + /* Create unique file name */ + outputName = mymktemp(tempName, len, num); + if (outputName == NULL) { + printf("Could not create unique file name"); + return EXIT_FAILURE; + } - myArgv[0] = arg[0]; - myArgv[1] = arg[1]; - myArgv[2] = arg[2]; + ret = test_tls(&server_args); + if (ret != 0) { + cleanup_output(); + return ret; + } - echo_args.argc = 3; - echo_args.argv = myArgv; - - /* Create unique file name */ - outputName = mymktemp(tempName, len, num); - if (outputName == NULL) { - printf("Could not create unique file name"); - return EXIT_FAILURE; - } - - strcpy(arg[0], "testsuite"); - strcpy(arg[1], "input"); - strcpy(arg[2], outputName); - - /* Share the signal, it has the new port number in it. */ - echo_args.signal = server_args.signal; - - /* make sure OK */ - - #ifdef HAVE_STACK_SIZE - fputs("echoclient_test #1: ", stdout); - StackSizeCheck(&echo_args, echoclient_test_wrapper); - #else - echoclient_test(&echo_args); - #endif - if (echo_args.return_code != 0) return echo_args.return_code; - -#ifdef WOLFSSL_DTLS - wait_tcp_ready(&server_args); + /* Server won't quit unless TLS test has worked. */ +#ifdef HAVE_STACK_SIZE + fputs("reaping echoserver_test: ", stdout); + StackSizeCheck_reap(serverThread, serverThreadStackContext); +#else + join_thread(serverThread); #endif - /* send quit to echoserver */ - echo_args.argc = 2; - strcpy(echo_args.argv[1], "quit"); - - #ifdef HAVE_STACK_SIZE - fputs("echoclient_test #2: ", stdout); - StackSizeCheck(&echo_args, echoclient_test_wrapper); - #else - echoclient_test(&echo_args); - #endif - if (echo_args.return_code != 0) return echo_args.return_code; - #ifdef HAVE_STACK_SIZE - fputs("reaping echoserver_test: ", stdout); - StackSizeCheck_reap(serverThread, serverThreadStackContext); - #else - join_thread(serverThread); - #endif - if (server_args.return_code != 0) return server_args.return_code; + if (server_args.return_code != 0) { + cleanup_output(); + return server_args.return_code; } - /* show ciphers */ - { - char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE]; - XMEMSET(ciphers, 0, sizeof(ciphers)); - wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1); - printf("ciphers = %s\n", ciphers); - } + show_ciphers(); - /* validate output equals input */ - { - #ifndef NO_SHA256 - byte input[WC_SHA256_DIGEST_SIZE]; - byte output[WC_SHA256_DIGEST_SIZE]; - - file_test("input", input); - file_test(outputName, output); - #endif - remove(outputName); - #ifndef NO_SHA256 - if (memcmp(input, output, sizeof(input)) != 0) - return EXIT_FAILURE; - #endif - } + ret = validate_cleanup_output(); + if (ret != 0) + return EXIT_FAILURE; wolfSSL_Cleanup(); FreeTcpReady(&ready); @@ -270,6 +224,114 @@ int testsuite_test(int argc, char** argv) } #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) +/* Perform a basic TLS handshake. + * + * First connection to echo a file. + * Second to tell TLS server to quit. + * + * @param [in,out] server_args Object sent to server thread. + * @return 0 on success. + * @return echoclient error return code on failure. + */ +static int test_tls(func_args* server_args) +{ + func_args echo_args; + char* myArgv[NUMARGS]; + char arg[3][32]; + + /* Set up command line arguments for echoclient to send input file + * and write echoed data to temporary output file. */ + myArgv[0] = arg[0]; + myArgv[1] = arg[1]; + myArgv[2] = arg[2]; + + echo_args.argc = 3; + echo_args.argv = myArgv; + + strcpy(arg[0], "testsuite"); + strcpy(arg[1], "input"); + strcpy(arg[2], outputName); + + /* Share the signal, it has the new port number in it. */ + echo_args.signal = server_args->signal; + + /* Ready to execute client - wait for server to be ready. */ + wait_tcp_ready(server_args); + + /* Do a client TLS connection. */ +#ifdef HAVE_STACK_SIZE + fputs("echoclient_test #1: ", stdout); + StackSizeCheck(&echo_args, echoclient_test_wrapper); +#else + echoclient_test(&echo_args); +#endif + if (echo_args.return_code != 0) + return echo_args.return_code; + +#ifdef WOLFSSL_DTLS + /* Ensure server is ready for UDP data. */ + wait_tcp_ready(server_args); +#endif + + /* Next client connection - send quit to shutdown server. */ + echo_args.argc = 2; + strcpy(echo_args.argv[1], "quit"); + + /* Do a client TLS connection. */ +#ifdef HAVE_STACK_SIZE + fputs("echoclient_test #2: ", stdout); + StackSizeCheck(&echo_args, echoclient_test_wrapper); +#else + echoclient_test(&echo_args); +#endif + if (echo_args.return_code != 0) + return echo_args.return_code; + + return 0; +} + +/* Show cipher suites available. */ +static void show_ciphers() +{ + char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE]; + XMEMSET(ciphers, 0, sizeof(ciphers)); + wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1); + printf("ciphers = %s\n", ciphers); +} + +/* Cleanup temporary output file. */ +static void cleanup_output() +{ + remove(outputName); +} + +/* Validate output equals input using a hash. Remove temporary output file. + * + * @return 0 on success. + * @return 1 on failure. + */ +static int validate_cleanup_output() +{ +#ifndef NO_SHA256 + byte input[WC_SHA256_DIGEST_SIZE]; + byte output[WC_SHA256_DIGEST_SIZE]; + + file_test("input", input); + file_test(outputName, output); +#endif + cleanup_output(); +#ifndef NO_SHA256 + if (memcmp(input, output, sizeof(input)) != 0) + return 1; +#endif + return 0; +} + +/* Simple server. + * + * @param [in] args Object for server data in thread. + * @return Return code. + */ #ifdef HAVE_STACK_SIZE static THREAD_RETURN simple_test(func_args* args) #else @@ -313,13 +375,13 @@ static void simple_test(func_args* args) strcpy(argvc[0], "SimpleClient"); cliArgs.argv = cliArgv; cliArgs.return_code = 0; - #ifndef USE_WINDOWS_API - cliArgs.argc = NUMARGS; - strcpy(argvc[1], "-p"); - snprintf(argvc[2], sizeof(argvc[2]), "%d", svrArgs.signal->port); - #else - cliArgs.argc = 1; - #endif +#ifndef USE_WINDOWS_API + cliArgs.argc = NUMARGS; + strcpy(argvc[1], "-p"); + snprintf(argvc[2], sizeof(argvc[2]), "%d", svrArgs.signal->port); +#else + cliArgs.argc = 1; +#endif client_test(&cliArgs); if (cliArgs.return_code != 0) { @@ -339,6 +401,10 @@ static void simple_test(func_args* args) #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ +/* Wait for the server to be ready for a connection. + * + * @param [in] args Object to send to thread. + */ void wait_tcp_ready(func_args* args) { #if defined(_POSIX_THREADS) && !defined(__MINGW32__) @@ -355,6 +421,12 @@ void wait_tcp_ready(func_args* args) } +/* Start a thread. + * + * @param [in] fun Function to executre in thread. + * @param [in] args Object to send to function in thread. + * @param [out] thread Handle to thread. + */ void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) { #if defined(_POSIX_THREADS) && !defined(__MINGW32__) @@ -377,6 +449,10 @@ void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) } +/* Join thread to wait for completion. + * + * @param [in] thread Handle to thread. + */ void join_thread(THREAD_TYPE thread) { #if defined(_POSIX_THREADS) && !defined(__MINGW32__) @@ -400,6 +476,11 @@ void join_thread(THREAD_TYPE thread) #ifndef NO_SHA256 +/* Create SHA-256 hash of the file based on filename. + * + * @param [in] file Name of file. + * @parma [out] check Buffer to hold SHA-256 hash. + */ void file_test(const char* file, byte* check) { FILE* f; @@ -455,16 +536,18 @@ char* myoptarg = NULL; int main(int argc, char** argv) { - func_args server_args; + func_args wolfcrypt_test_args; - server_args.argc = argc; - server_args.argv = argv; + wolfcrypt_test_args.argc = argc; + wolfcrypt_test_args.argv = argv; wolfSSL_Init(); ChangeToWolfRoot(); - wolfcrypt_test(&server_args); - if (server_args.return_code != 0) return server_args.return_code; + /* No TLS - only doing cryptographic algorithm testing. */ + wolfcrypt_test(&wolfcrypt_test_args); + if (wolfcrypt_test_args.return_code != 0) + return wolfcrypt_test_args.return_code; wolfSSL_Cleanup(); printf("\nAll tests passed!\n"); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index eaea3dfb4..8c06ceb27 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2978,31 +2978,31 @@ struct WOLFSSL_CTX { CallbackEccSign EccSignCb; /* User EccSign Callback handler */ CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */ - #ifdef HAVE_ED25519 - /* User Ed25519Sign Callback handler */ - CallbackEd25519Sign Ed25519SignCb; - /* User Ed25519Verify Callback handler */ - CallbackEd25519Verify Ed25519VerifyCb; - #endif - #ifdef HAVE_CURVE25519 - /* User X25519 KeyGen Callback Handler */ - CallbackX25519KeyGen X25519KeyGenCb; - /* User X25519 SharedSecret Callback handler */ - CallbackX25519SharedSecret X25519SharedSecretCb; - #endif - #ifdef HAVE_ED448 - /* User Ed448Sign Callback handler */ - CallbackEd448Sign Ed448SignCb; - /* User Ed448Verify Callback handler */ - CallbackEd448Verify Ed448VerifyCb; - #endif - #ifdef HAVE_CURVE448 - /* User X448 KeyGen Callback Handler */ - CallbackX448KeyGen X448KeyGenCb; - /* User X448 SharedSecret Callback handler */ - CallbackX448SharedSecret X448SharedSecretCb; - #endif #endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 + /* User Ed25519Sign Callback handler */ + CallbackEd25519Sign Ed25519SignCb; + /* User Ed25519Verify Callback handler */ + CallbackEd25519Verify Ed25519VerifyCb; + #endif + #ifdef HAVE_CURVE25519 + /* User X25519 KeyGen Callback Handler */ + CallbackX25519KeyGen X25519KeyGenCb; + /* User X25519 SharedSecret Callback handler */ + CallbackX25519SharedSecret X25519SharedSecretCb; + #endif + #ifdef HAVE_ED448 + /* User Ed448Sign Callback handler */ + CallbackEd448Sign Ed448SignCb; + /* User Ed448Verify Callback handler */ + CallbackEd448Verify Ed448VerifyCb; + #endif + #ifdef HAVE_CURVE448 + /* User X448 KeyGen Callback Handler */ + CallbackX448KeyGen X448KeyGenCb; + /* User X448 SharedSecret Callback handler */ + CallbackX448SharedSecret X448SharedSecretCb; + #endif #ifndef NO_DH CallbackDhAgree DhAgreeCb; /* User DH Agree Callback handler */ #endif @@ -4358,27 +4358,27 @@ struct WOLFSSL { #endif #ifdef HAVE_PK_CALLBACKS #ifdef HAVE_ECC - void* EccKeyGenCtx; /* EccKeyGen Callback Context */ - void* EccSignCtx; /* Ecc Sign Callback Context */ - void* EccVerifyCtx; /* Ecc Verify Callback Context */ - void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ - #ifdef HAVE_ED25519 - void* Ed25519SignCtx; /* ED25519 Sign Callback Context */ - void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */ - #endif - #ifdef HAVE_CURVE25519 - void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ - void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ - #endif - #ifdef HAVE_ED448 - void* Ed448SignCtx; /* ED448 Sign Callback Context */ - void* Ed448VerifyCtx; /* ED448 Verify Callback Context */ - #endif - #ifdef HAVE_CURVE448 - void* X448KeyGenCtx; /* X448 KeyGen Callback Context */ - void* X448SharedSecretCtx; /* X448 Pms Callback Context */ - #endif + void* EccKeyGenCtx; /* EccKeyGen Callback Context */ + void* EccSignCtx; /* Ecc Sign Callback Context */ + void* EccVerifyCtx; /* Ecc Verify Callback Context */ + void* EccSharedSecretCtx; /* Ecc Pms Callback Context */ #endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 + void* Ed25519SignCtx; /* ED25519 Sign Callback Context */ + void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */ + #endif + #ifdef HAVE_CURVE25519 + void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */ + void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */ + #endif + #ifdef HAVE_ED448 + void* Ed448SignCtx; /* ED448 Sign Callback Context */ + void* Ed448VerifyCtx; /* ED448 Verify Callback Context */ + #endif + #ifdef HAVE_CURVE448 + void* X448KeyGenCtx; /* X448 KeyGen Callback Context */ + void* X448SharedSecretCtx; /* X448 Pms Callback Context */ + #endif #ifndef NO_DH void* DhAgreeCtx; /* DH Pms Callback Context */ #endif /* !NO_DH */ diff --git a/wolfssl/test.h b/wolfssl/test.h index bf945a019..d8e5adce6 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -3088,6 +3088,8 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, return ret; } +#endif /* HAVE_ECC */ + #ifdef HAVE_ED25519 static WC_INLINE int myEd25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) @@ -3410,8 +3412,6 @@ static WC_INLINE int myX448SharedSecret(WOLFSSL* ssl, curve448_key* otherKey, } #endif /* HAVE_CURVE448 */ -#endif /* HAVE_ECC */ - #ifndef NO_DH static WC_INLINE int myDhCallback(WOLFSSL* ssl, struct DhKey* key, const unsigned char* priv, unsigned int privSz,