diff --git a/certs/crl/caEcc384Crl.pem b/certs/crl/caEcc384Crl.pem index ab0833e06..cf3f9a1b1 100644 --- a/certs/crl/caEcc384Crl.pem +++ b/certs/crl/caEcc384Crl.pem @@ -1,10 +1,10 @@ -----BEGIN X509 CRL----- -MIIBcjCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM +MIIBcTCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX -DTI2MDkwODIyMTkzM1qgLzAtMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA -ElNSMAoGA1UdFAQDAgEMMAoGCCqGSM49BAMCA2kAMGYCMQDiAhgtXMrlvYjxh1+q -uqluR12ThFI1k8wTdFiGF0yToo3zpoxbaN5w33vBYVUZzCYCMQD76v5cIfO8RUBc -f5tVsV7n7fGhwMPREOw0f0nmtl+qwNWSDDegMLtTdZyYF9ERdV0= +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTI0MDEwOTAwMzQzMFoX +DTI2MTAwNTAwMzQzMFqgLzAtMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA +ElNSMAoGA1UdFAQDAgEMMAoGCCqGSM49BAMCA2gAMGUCMQCjqo2bmsEzvBpsVBfA +7CXvvAoldG0sFKW75EvAUOFZYWC92/GDULxTxzOGqg81B5ICMEeFr+vl+RMQZfju +ZY3eOC5PKW4z1LwneOUyoKu2joHBENLhsD+tSixSHumx+kmh2g== -----END X509 CRL----- diff --git a/certs/crl/caEccCrl.pem b/certs/crl/caEccCrl.pem index 4729407bc..8574c307d 100644 --- a/certs/crl/caEccCrl.pem +++ b/certs/crl/caEccCrl.pem @@ -1,10 +1,10 @@ -----BEGIN X509 CRL----- -MIIBUTCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM +MIIBUDCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX -DTI2MDkwODIyMTkzM1qgLzAtMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD -86UhMAoGA1UdFAQDAgELMAoGCCqGSM49BAMCA0gAMEUCICFj5IcBuGatpURtIwMU -hSKkP11GeUUb5crLMcBKI2u9AiEArWyOTYXvODOGebzJONGEy7UQ9d+HUba3ROqc -aGu35HE= +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTI0MDEwOTAwMzQzMFoX +DTI2MTAwNTAwMzQzMFqgLzAtMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD +86UhMAoGA1UdFAQDAgELMAoGCCqGSM49BAMCA0cAMEQCIFuy1ACI/xzHowxHb4+6 +Ey9EPuLVgbvwLmVVSnDiwEkAAiB8BrOHHUMxK0ZFMZoAdRBgE/p32q9FdJJfAO0n +VnFcxg== -----END X509 CRL----- diff --git a/certs/crl/cliCrl.pem b/certs/crl/cliCrl.pem index 00c485372..e20203ef7 100644 --- a/certs/crl/cliCrl.pem +++ b/certs/crl/cliCrl.pem @@ -2,41 +2,41 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 8 Revoked Certificates: Serial Number: 02 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Signature Algorithm: sha256WithRSAEncryption - 74:17:9b:40:81:d2:a0:f3:26:68:44:5b:f8:a2:6c:3f:7e:71: - 75:a2:7f:c6:e6:71:cb:f9:08:57:42:cd:3e:3f:ab:cd:0c:85: - 36:45:58:8b:59:28:81:d9:b0:6b:10:4a:d0:7d:59:ad:cf:53: - 05:cb:13:c7:c1:ec:65:64:6b:4d:e6:87:0b:ae:06:60:ab:8a: - 3c:ae:c1:7d:ed:8f:ee:09:02:7a:3a:f2:21:bf:89:ef:cd:14: - b1:03:64:2d:b2:b6:45:15:da:2d:ee:2d:c0:15:3b:a8:01:a8: - 4f:30:61:ae:99:b9:16:07:b5:8b:71:8f:38:ac:69:82:39:90: - 92:ff:d6:41:33:3b:92:5b:f2:dd:56:5a:8f:82:d1:1f:76:ee: - ca:01:a2:ac:c0:22:41:dd:6e:e1:ce:06:b0:6f:bc:e2:da:91: - 11:c1:a0:41:16:7d:ba:7e:a1:53:13:14:4b:54:3b:b9:44:cf: - 4f:1c:ef:ce:a8:bd:e8:ab:ba:de:97:f7:b7:7d:4f:ab:7a:e7: - 73:65:97:a1:d9:a3:f3:92:f1:95:06:6d:52:7b:6e:fd:26:56: - 55:83:c7:71:f7:a4:8f:9a:2c:52:04:dd:9f:85:ab:9c:88:e1: - 30:c6:4a:88:7d:20:1b:c6:47:8b:82:cc:9d:0f:51:69:b1:90: - b2:8a:9c:74 + 52:11:97:57:04:d7:e2:14:1f:c4:7f:a2:d8:cf:4c:b7:5b:0c: + d3:ac:ca:29:10:74:09:2f:3d:fb:4d:75:3e:32:21:5a:0f:41: + 5f:cc:e7:98:f8:ea:8e:e2:c9:57:60:b6:a3:b0:70:10:18:b9: + 86:a3:65:1e:3a:88:13:df:44:18:15:51:00:f6:33:d6:ab:90: + 18:93:df:ac:7d:15:5c:6a:63:55:d1:4d:41:37:03:89:86:65: + fa:fb:d7:b1:73:db:c3:43:08:ff:89:94:89:b1:b4:ad:96:78: + 52:92:50:8c:0a:5d:ca:29:8b:e0:bc:ca:88:c0:7a:52:48:d3: + cf:09:03:08:5f:a1:b9:16:b0:55:5e:11:60:7f:73:9a:98:05: + 54:97:bf:eb:0e:04:61:4f:b4:40:23:61:9a:07:69:78:fc:16: + de:f4:54:04:cf:f0:2b:07:8d:51:9e:6b:b5:77:c4:13:2c:a3: + 40:99:ed:fa:f4:00:4a:45:36:da:52:9d:dc:88:66:3e:03:f0: + 20:ce:54:a4:56:58:a8:9e:30:78:e8:42:2d:a8:0f:9b:c4:a9: + ab:13:c2:4e:ec:be:2e:99:16:56:2f:22:86:96:27:1d:30:80: + 7d:a5:f8:45:ef:93:b4:63:13:96:4f:6a:df:a0:11:3b:52:be: + 93:03:7a:81 -----BEGIN X509 CRL----- MIICDjCB9wIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEy -MTMyMjE5MzNaFw0yNjA5MDgyMjE5MzNaMBQwEgIBAhcNMjMxMjEzMjIxOTMzWqAO -MAwwCgYDVR0UBAMCAQgwDQYJKoZIhvcNAQELBQADggEBAHQXm0CB0qDzJmhEW/ii -bD9+cXWif8bmccv5CFdCzT4/q80MhTZFWItZKIHZsGsQStB9Wa3PUwXLE8fB7GVk -a03mhwuuBmCrijyuwX3tj+4JAno68iG/ie/NFLEDZC2ytkUV2i3uLcAVO6gBqE8w -Ya6ZuRYHtYtxjzisaYI5kJL/1kEzO5Jb8t1WWo+C0R927soBoqzAIkHdbuHOBrBv -vOLakRHBoEEWfbp+oVMTFEtUO7lEz08c786oveirut6X97d9T6t653Nll6HZo/OS -8ZUGbVJ7bv0mVlWDx3H3pI+aLFIE3Z+Fq5yI4TDGSoh9IBvGR4uCzJ0PUWmxkLKK -nHQ= +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yNDAx +MDkwMDM0MzBaFw0yNjEwMDUwMDM0MzBaMBQwEgIBAhcNMjQwMTA5MDAzNDMwWqAO +MAwwCgYDVR0UBAMCAQgwDQYJKoZIhvcNAQELBQADggEBAFIRl1cE1+IUH8R/otjP +TLdbDNOsyikQdAkvPftNdT4yIVoPQV/M55j46o7iyVdgtqOwcBAYuYajZR46iBPf +RBgVUQD2M9arkBiT36x9FVxqY1XRTUE3A4mGZfr717Fz28NDCP+JlImxtK2WeFKS +UIwKXcopi+C8yojAelJI088JAwhfobkWsFVeEWB/c5qYBVSXv+sOBGFPtEAjYZoH +aXj8Ft70VATP8CsHjVGea7V3xBMso0CZ7fr0AEpFNtpSndyIZj4D8CDOVKRWWKie +MHjoQi2oD5vEqasTwk7svi6ZFlYvIoaWJx0wgH2l+EXvk7RjE5ZPat+gETtSvpMD +eoE= -----END X509 CRL----- diff --git a/certs/crl/crl.der b/certs/crl/crl.der index c6ec65c4b..7ce490cda 100644 Binary files a/certs/crl/crl.der and b/certs/crl/crl.der differ diff --git a/certs/crl/crl.pem b/certs/crl/crl.pem index a4a09f0a3..583128748 100644 --- a/certs/crl/crl.pem +++ b/certs/crl/crl.pem @@ -2,40 +2,40 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 2 Revoked Certificates: Serial Number: 02 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Signature Algorithm: sha256WithRSAEncryption - 48:36:98:18:42:9c:0c:81:51:19:75:4b:26:9a:e0:07:18:89: - a2:a1:bd:b6:4e:91:f2:44:93:1a:50:a1:8f:72:1f:c4:ae:99: - 81:c5:00:3a:94:03:de:00:24:98:d4:2c:17:e5:ba:f2:29:3a: - 43:c8:23:ba:73:6a:5c:99:5d:ba:80:dd:bd:4f:cd:53:a6:cf: - 33:11:31:30:27:e2:d2:31:06:65:b8:3e:cf:fe:00:21:ff:0d: - 18:4f:fc:fd:d5:80:75:72:7c:2e:44:c1:a1:26:a6:8a:88:c8: - c0:66:1a:d4:99:36:ca:8f:67:42:8f:7c:f2:1a:e7:1b:d0:90: - 05:22:0d:29:d3:35:57:23:8c:bb:d2:53:c1:a8:00:3c:d4:b3: - 97:23:8a:4f:1d:8b:c9:73:6a:96:40:b0:a4:b1:c7:de:06:4d: - a3:5d:6a:d2:f5:5c:1e:f0:21:0f:d1:fd:21:89:e2:9e:3d:c1: - b2:f0:0f:5e:79:1e:47:48:92:bf:eb:96:28:ad:0b:89:5e:3b: - ed:97:29:bb:8d:24:c2:e6:26:e5:33:ef:88:17:c1:1a:97:fa: - 51:44:a2:cc:b2:64:e5:5c:94:54:ed:3b:7d:8f:34:4a:4b:d3: - ca:62:f9:20:00:86:26:ea:1b:a9:b4:df:8f:f4:4d:d8:3e:95: - aa:3b:43:1c + b3:6f:ed:72:d2:73:6a:77:bf:3a:55:bc:54:18:6a:71:bc:6a: + cc:cd:5d:90:f5:64:8d:1b:f0:e0:48:7b:f2:7b:06:86:53:63: + 9b:d8:24:15:10:b1:19:96:9b:d2:75:a8:25:a2:35:a9:14:d6: + d5:5e:53:e3:34:9d:f2:8b:07:19:9b:1f:f1:02:0f:04:46:e8: + b8:b6:f2:8d:c7:c0:15:3e:3e:8e:96:73:15:1e:62:f6:4e:2a: + f7:aa:a0:91:80:12:7f:81:0c:65:cc:38:be:58:6c:14:a5:21: + a1:8d:f7:8a:b9:24:f4:2d:ca:c0:67:43:0b:c8:1c:b4:7d:12: + 7f:a2:1b:19:0e:94:cf:7b:9f:75:a0:08:9a:67:3f:87:89:3e: + f8:58:a5:8a:1b:2d:da:9b:d0:1b:18:92:c3:d2:6a:d7:1c:fc: + 45:69:77:c3:57:65:75:99:9e:47:2a:20:25:ef:90:f2:5f:3b: + 7d:9c:7d:00:ea:92:54:eb:0b:e7:17:af:24:1a:f9:7c:83:50: + 68:1d:dc:5b:60:12:a7:52:78:d9:a9:b0:1f:59:48:36:c7:a6: + 97:34:c7:87:3f:ae:fd:a9:56:5d:48:cc:89:7a:79:60:8f:9b: + 2b:63:3c:b3:04:1d:5f:f7:20:d2:fd:f2:51:b1:96:93:13:5b: + ab:74:82:8b -----BEGIN X509 CRL----- MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX -DTI2MDkwODIyMTkzM1owFDASAgECFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE -AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEASDaYGEKcDIFRGXVLJprgBxiJoqG9tk6R -8kSTGlChj3IfxK6ZgcUAOpQD3gAkmNQsF+W68ik6Q8gjunNqXJlduoDdvU/NU6bP -MxExMCfi0jEGZbg+z/4AIf8NGE/8/dWAdXJ8LkTBoSamiojIwGYa1Jk2yo9nQo98 -8hrnG9CQBSINKdM1VyOMu9JTwagAPNSzlyOKTx2LyXNqlkCwpLHH3gZNo11q0vVc -HvAhD9H9IYninj3BsvAPXnkeR0iSv+uWKK0LiV477Zcpu40kwuYm5TPviBfBGpf6 -UUSizLJk5VyUVO07fY80SkvTymL5IACGJuobqbTfj/RN2D6VqjtDHA== +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTI0MDEwOTAwMzQzMFoX +DTI2MTAwNTAwMzQzMFowFDASAgECFw0yNDAxMDkwMDM0MzBaoA4wDDAKBgNVHRQE +AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAs2/tctJzane/OlW8VBhqcbxqzM1dkPVk +jRvw4Eh78nsGhlNjm9gkFRCxGZab0nWoJaI1qRTW1V5T4zSd8osHGZsf8QIPBEbo +uLbyjcfAFT4+jpZzFR5i9k4q96qgkYASf4EMZcw4vlhsFKUhoY33irkk9C3KwGdD +C8gctH0Sf6IbGQ6Uz3ufdaAImmc/h4k++Filihst2pvQGxiSw9Jq1xz8RWl3w1dl +dZmeRyogJe+Q8l87fZx9AOqSVOsL5xevJBr5fINQaB3cW2ASp1J42amwH1lINsem +lzTHhz+u/alWXUjMiXp5YI+bK2M8swQdX/cg0v3yUbGWkxNbq3SCiw== -----END X509 CRL----- diff --git a/certs/crl/crl.revoked b/certs/crl/crl.revoked index 73252614b..9dfc67fd1 100644 --- a/certs/crl/crl.revoked +++ b/certs/crl/crl.revoked @@ -2,43 +2,43 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 3 Revoked Certificates: Serial Number: 01 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Serial Number: 02 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Signature Algorithm: sha256WithRSAEncryption - 72:6e:a4:64:36:6b:e8:e0:c5:1d:98:ef:ab:7e:7a:14:f2:8d: - 99:d0:57:4b:76:ac:f4:89:60:cd:89:23:9d:01:34:f3:83:e5: - 82:21:b3:48:c4:42:25:7f:ea:9f:74:5f:e8:b8:d6:71:bb:a2: - 39:d8:ef:46:a8:13:ba:7d:44:ab:d6:13:65:18:de:b5:03:85: - a7:c6:4f:0a:a0:6a:78:ba:7b:f7:ce:6e:ba:1c:ef:6f:b1:04: - a8:ac:c6:de:3b:76:77:3e:3d:8b:ae:8b:2b:7e:c9:4f:77:31: - 7f:1f:f5:04:2c:e9:cf:a1:56:c2:59:e9:be:49:9f:e8:67:a3: - 42:66:05:21:02:64:82:b2:74:a7:4b:89:89:7d:43:1a:41:fd: - 53:8c:d6:4f:27:04:2a:48:6b:9e:62:fa:4a:42:83:22:53:3f: - 53:07:4f:bc:cd:8d:8d:cc:15:c6:ff:3c:af:7d:db:ab:dd:fa: - 8f:65:86:86:2a:89:5e:3f:d5:4b:39:80:78:3f:6e:38:3b:6d: - a5:5e:2c:9e:1d:2f:9c:62:12:b1:34:f2:95:64:37:dc:4b:20: - dc:27:f3:de:81:67:b2:04:b0:14:b9:47:e3:65:e3:2f:35:27: - c2:fc:22:db:24:bd:04:58:88:17:e3:42:3c:a5:ef:53:39:15: - 54:52:ac:a1 + 35:50:96:da:71:71:90:d5:b7:37:5a:a6:b9:09:07:2f:af:c9: + e0:02:32:6a:43:6e:20:ec:20:a4:ac:d0:39:a9:19:35:d0:d2: + 6f:bb:d1:cd:46:10:a7:cb:8a:be:0a:02:a2:91:f5:29:74:ee: + 34:83:a3:8c:a0:ca:39:af:94:4a:23:d7:56:57:6b:cc:c6:eb: + b0:ce:9f:0a:e1:b0:a8:12:6b:6a:8b:21:73:22:6f:49:41:cd: + fd:85:44:d1:fa:52:6b:2f:b2:2b:02:e7:43:0e:f1:92:bc:15: + 8f:22:28:49:25:69:93:d8:50:10:2f:93:e2:f5:b0:31:5c:eb: + 1a:35:e2:40:83:25:87:55:4d:c0:85:06:37:9e:23:44:80:a1: + f9:e2:eb:9c:90:28:7a:71:d8:55:a2:8b:70:32:31:33:26:70: + fe:1d:11:d5:4b:c1:04:47:19:59:44:8f:0b:0a:ec:d6:62:40: + 8a:6f:67:2e:6a:50:38:54:35:c9:f8:d5:ec:e8:ae:93:88:3d: + a0:40:81:2c:e0:fe:f7:c8:68:24:8e:41:04:88:af:94:82:97: + 75:e5:69:4c:22:1d:f9:67:53:a3:4c:a3:db:bf:55:08:e7:3a: + 07:67:a2:28:25:63:af:f8:0e:c7:d3:c1:77:ef:20:20:20:63: + 9e:5c:22:81 -----BEGIN X509 CRL----- MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEyMTMyMjE5MzNa -Fw0yNjA5MDgyMjE5MzNaMCgwEgIBARcNMjMxMjEzMjIxOTMzWjASAgECFw0yMzEy -MTMyMjE5MzNaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAcm6k -ZDZr6ODFHZjvq356FPKNmdBXS3as9IlgzYkjnQE084PlgiGzSMRCJX/qn3Rf6LjW -cbuiOdjvRqgTun1Eq9YTZRjetQOFp8ZPCqBqeLp7985uuhzvb7EEqKzG3jt2dz49 -i66LK37JT3cxfx/1BCzpz6FWwlnpvkmf6GejQmYFIQJkgrJ0p0uJiX1DGkH9U4zW -TycEKkhrnmL6SkKDIlM/UwdPvM2NjcwVxv88r33bq936j2WGhiqJXj/VSzmAeD9u -ODttpV4snh0vnGISsTTylWQ33Esg3Cfz3oFnsgSwFLlH42XjLzUnwvwi2yS9BFiI -F+NCPKXvUzkVVFKsoQ== +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yNDAxMDkwMDM0MzBa +Fw0yNjEwMDUwMDM0MzBaMCgwEgIBARcNMjQwMTA5MDAzNDMwWjASAgECFw0yNDAx +MDkwMDM0MzBaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEANVCW +2nFxkNW3N1qmuQkHL6/J4AIyakNuIOwgpKzQOakZNdDSb7vRzUYQp8uKvgoCopH1 +KXTuNIOjjKDKOa+USiPXVldrzMbrsM6fCuGwqBJraoshcyJvSUHN/YVE0fpSay+y +KwLnQw7xkrwVjyIoSSVpk9hQEC+T4vWwMVzrGjXiQIMlh1VNwIUGN54jRICh+eLr +nJAoenHYVaKLcDIxMyZw/h0R1UvBBEcZWUSPCwrs1mJAim9nLmpQOFQ1yfjV7Oiu +k4g9oECBLOD+98hoJI5BBIivlIKXdeVpTCId+WdTo0yj279VCOc6B2eiKCVjr/gO +x9PBd+8gICBjnlwigQ== -----END X509 CRL----- diff --git a/certs/crl/crl2.der b/certs/crl/crl2.der index c6ec65c4b..7ce490cda 100644 Binary files a/certs/crl/crl2.der and b/certs/crl/crl2.der differ diff --git a/certs/crl/crl2.pem b/certs/crl/crl2.pem index eb71f194a..f722481ba 100644 --- a/certs/crl/crl2.pem +++ b/certs/crl/crl2.pem @@ -2,79 +2,79 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 2 Revoked Certificates: Serial Number: 02 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Signature Algorithm: sha256WithRSAEncryption - 48:36:98:18:42:9c:0c:81:51:19:75:4b:26:9a:e0:07:18:89: - a2:a1:bd:b6:4e:91:f2:44:93:1a:50:a1:8f:72:1f:c4:ae:99: - 81:c5:00:3a:94:03:de:00:24:98:d4:2c:17:e5:ba:f2:29:3a: - 43:c8:23:ba:73:6a:5c:99:5d:ba:80:dd:bd:4f:cd:53:a6:cf: - 33:11:31:30:27:e2:d2:31:06:65:b8:3e:cf:fe:00:21:ff:0d: - 18:4f:fc:fd:d5:80:75:72:7c:2e:44:c1:a1:26:a6:8a:88:c8: - c0:66:1a:d4:99:36:ca:8f:67:42:8f:7c:f2:1a:e7:1b:d0:90: - 05:22:0d:29:d3:35:57:23:8c:bb:d2:53:c1:a8:00:3c:d4:b3: - 97:23:8a:4f:1d:8b:c9:73:6a:96:40:b0:a4:b1:c7:de:06:4d: - a3:5d:6a:d2:f5:5c:1e:f0:21:0f:d1:fd:21:89:e2:9e:3d:c1: - b2:f0:0f:5e:79:1e:47:48:92:bf:eb:96:28:ad:0b:89:5e:3b: - ed:97:29:bb:8d:24:c2:e6:26:e5:33:ef:88:17:c1:1a:97:fa: - 51:44:a2:cc:b2:64:e5:5c:94:54:ed:3b:7d:8f:34:4a:4b:d3: - ca:62:f9:20:00:86:26:ea:1b:a9:b4:df:8f:f4:4d:d8:3e:95: - aa:3b:43:1c + b3:6f:ed:72:d2:73:6a:77:bf:3a:55:bc:54:18:6a:71:bc:6a: + cc:cd:5d:90:f5:64:8d:1b:f0:e0:48:7b:f2:7b:06:86:53:63: + 9b:d8:24:15:10:b1:19:96:9b:d2:75:a8:25:a2:35:a9:14:d6: + d5:5e:53:e3:34:9d:f2:8b:07:19:9b:1f:f1:02:0f:04:46:e8: + b8:b6:f2:8d:c7:c0:15:3e:3e:8e:96:73:15:1e:62:f6:4e:2a: + f7:aa:a0:91:80:12:7f:81:0c:65:cc:38:be:58:6c:14:a5:21: + a1:8d:f7:8a:b9:24:f4:2d:ca:c0:67:43:0b:c8:1c:b4:7d:12: + 7f:a2:1b:19:0e:94:cf:7b:9f:75:a0:08:9a:67:3f:87:89:3e: + f8:58:a5:8a:1b:2d:da:9b:d0:1b:18:92:c3:d2:6a:d7:1c:fc: + 45:69:77:c3:57:65:75:99:9e:47:2a:20:25:ef:90:f2:5f:3b: + 7d:9c:7d:00:ea:92:54:eb:0b:e7:17:af:24:1a:f9:7c:83:50: + 68:1d:dc:5b:60:12:a7:52:78:d9:a9:b0:1f:59:48:36:c7:a6: + 97:34:c7:87:3f:ae:fd:a9:56:5d:48:cc:89:7a:79:60:8f:9b: + 2b:63:3c:b3:04:1d:5f:f7:20:d2:fd:f2:51:b1:96:93:13:5b: + ab:74:82:8b -----BEGIN X509 CRL----- MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX -DTI2MDkwODIyMTkzM1owFDASAgECFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE -AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEASDaYGEKcDIFRGXVLJprgBxiJoqG9tk6R -8kSTGlChj3IfxK6ZgcUAOpQD3gAkmNQsF+W68ik6Q8gjunNqXJlduoDdvU/NU6bP -MxExMCfi0jEGZbg+z/4AIf8NGE/8/dWAdXJ8LkTBoSamiojIwGYa1Jk2yo9nQo98 -8hrnG9CQBSINKdM1VyOMu9JTwagAPNSzlyOKTx2LyXNqlkCwpLHH3gZNo11q0vVc -HvAhD9H9IYninj3BsvAPXnkeR0iSv+uWKK0LiV477Zcpu40kwuYm5TPviBfBGpf6 -UUSizLJk5VyUVO07fY80SkvTymL5IACGJuobqbTfj/RN2D6VqjtDHA== +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTI0MDEwOTAwMzQzMFoX +DTI2MTAwNTAwMzQzMFowFDASAgECFw0yNDAxMDkwMDM0MzBaoA4wDDAKBgNVHRQE +AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAs2/tctJzane/OlW8VBhqcbxqzM1dkPVk +jRvw4Eh78nsGhlNjm9gkFRCxGZab0nWoJaI1qRTW1V5T4zSd8osHGZsf8QIPBEbo +uLbyjcfAFT4+jpZzFR5i9k4q96qgkYASf4EMZcw4vlhsFKUhoY33irkk9C3KwGdD +C8gctH0Sf6IbGQ6Uz3ufdaAImmc/h4k++Filihst2pvQGxiSw9Jq1xz8RWl3w1dl +dZmeRyogJe+Q8l87fZx9AOqSVOsL5xevJBr5fINQaB3cW2ASp1J42amwH1lINsem +lzTHhz+u/alWXUjMiXp5YI+bK2M8swQdX/cg0v3yUbGWkxNbq3SCiw== -----END X509 CRL----- Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 1 No Revoked Certificates. Signature Algorithm: sha256WithRSAEncryption - 38:bd:b1:ed:0c:8b:5d:f2:e3:de:48:7b:03:16:a7:09:4c:98: - 03:9d:a7:50:1d:56:57:a6:6f:e1:7d:4c:32:31:f3:55:28:4a: - d3:b5:55:a7:7d:f8:43:46:cf:7c:64:66:2e:0e:bc:e6:43:41: - c1:b8:b4:a0:db:68:92:3b:d4:a1:ef:47:44:fe:f6:e4:33:45: - 18:62:cb:e5:04:44:44:07:83:e4:62:c4:d0:52:63:94:b0:1a: - 43:bf:01:91:de:05:66:ae:6d:88:78:94:d9:c6:5e:a9:28:52: - 93:2b:24:00:3f:d3:f7:6c:ca:27:b6:9b:8e:8f:61:a3:ac:3b: - e5:62:54:09:6f:c5:52:fb:87:9a:36:e0:51:14:5d:52:f9:42: - 48:f1:18:20:bf:b3:98:c2:d4:a2:55:9e:7e:42:9b:01:59:fc: - 64:3c:bb:05:46:09:ab:16:8a:f8:08:b7:f7:3d:01:8e:1b:60: - ba:e0:8f:e8:fe:6b:38:bc:23:af:52:31:bc:f3:a0:60:71:c4: - 9a:29:49:46:5b:c2:f8:ff:c9:f6:8a:1a:c6:5c:9f:e5:bb:c0: - bf:6e:7b:26:8b:5a:6a:91:80:82:40:2e:48:96:b7:6a:8f:74: - 75:6d:54:d7:4d:2a:81:7f:01:02:bd:6e:cf:37:50:de:bb:52: - b6:40:eb:ad + 48:97:27:ce:47:2d:c9:e5:a9:7d:ac:6a:36:29:92:0d:bf:b7: + 17:04:cb:7b:1c:a1:ce:e8:45:6d:c8:b9:a2:81:16:74:9d:b1: + b5:06:5f:46:64:06:74:e4:6a:79:13:27:a2:ed:f4:7e:73:0b: + c4:6e:99:9a:35:a7:8b:02:69:92:6d:80:da:dd:5c:fd:05:e0: + 0e:4b:ee:5b:55:5c:a7:d0:c2:83:f3:41:62:86:f1:b3:f2:67: + 48:6b:b2:3e:3f:b2:1d:aa:63:54:3a:43:62:9a:9e:87:ef:49: + 36:dc:29:36:74:8b:7d:d7:04:b8:38:6d:55:5a:56:db:a1:72: + cf:bd:9f:cc:b4:59:f4:65:06:fb:a4:80:48:98:1c:1f:c9:b8: + c6:b2:3e:47:c5:2f:f3:f4:ca:45:97:4c:20:08:72:90:5f:c3: + e9:b8:4d:04:4b:1c:43:7d:b0:e3:34:59:9c:5f:db:ad:c3:87: + 11:3f:eb:8c:75:5f:2f:b8:84:12:c1:73:f1:ec:f8:2e:36:b9: + 5d:3e:a9:9d:70:dd:24:84:77:de:29:b8:73:39:70:6b:44:91: + cb:bf:b5:fc:b8:6f:93:75:8c:58:f4:aa:79:8f:70:24:5d:75: + 19:e7:9a:08:6a:8e:cd:8d:cc:17:d2:6f:76:d5:40:99:1c:e8: + 53:99:4e:f0 -----BEGIN X509 CRL----- MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEy -MTMyMjE5MzNaFw0yNjA5MDgyMjE5MzNaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG -9w0BAQsFAAOCAQEAOL2x7QyLXfLj3kh7AxanCUyYA52nUB1WV6Zv4X1MMjHzVShK -07VVp334Q0bPfGRmLg685kNBwbi0oNtokjvUoe9HRP725DNFGGLL5QRERAeD5GLE -0FJjlLAaQ78Bkd4FZq5tiHiU2cZeqShSkyskAD/T92zKJ7abjo9ho6w75WJUCW/F -UvuHmjbgURRdUvlCSPEYIL+zmMLUolWefkKbAVn8ZDy7BUYJqxaK+Ai39z0Bjhtg -uuCP6P5rOLwjr1IxvPOgYHHEmilJRlvC+P/J9ooaxlyf5bvAv257JotaapGAgkAu -SJa3ao90dW1U100qgX8BAr1uzzdQ3rtStkDrrQ== +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yNDAx +MDkwMDM0MzBaFw0yNjEwMDUwMDM0MzBaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG +9w0BAQsFAAOCAQEASJcnzkctyeWpfaxqNimSDb+3FwTLexyhzuhFbci5ooEWdJ2x +tQZfRmQGdORqeRMnou30fnMLxG6ZmjWniwJpkm2A2t1c/QXgDkvuW1Vcp9DCg/NB +Yobxs/JnSGuyPj+yHapjVDpDYpqeh+9JNtwpNnSLfdcEuDhtVVpW26Fyz72fzLRZ +9GUG+6SASJgcH8m4xrI+R8Uv8/TKRZdMIAhykF/D6bhNBEscQ32w4zRZnF/brcOH +ET/rjHVfL7iEEsFz8ez4Lja5XT6pnXDdJIR33im4czlwa0SRy7+1/Lhvk3WMWPSq +eY9wJF11GeeaCGqOzY3MF9JvdtVAmRzoU5lO8A== -----END X509 CRL----- diff --git a/certs/crl/crl_rsapss.pem b/certs/crl/crl_rsapss.pem index d98db4108..fab27b611 100644 --- a/certs/crl/crl_rsapss.pem +++ b/certs/crl/crl_rsapss.pem @@ -1,16 +1,53 @@ +Certificate Revocation List (CRL): + Version 2 (0x1) + Signature Algorithm: rsassaPss + Hash Algorithm: sha256 + Mask Algorithm: mgf1 with sha256 + Salt Length: 0x20 + Trailer Field: 0xBC (default) + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT + CRL extensions: + X509v3 CRL Number: + 13 +Revoked Certificates: + Serial Number: 01 + Revocation Date: Jan 9 00:34:30 2024 GMT + Signature Algorithm: rsassaPss + Hash Algorithm: sha256 + Mask Algorithm: mgf1 with sha256 + Salt Length: 0x20 + Trailer Field: 0xBC (default) + + 68:74:81:f0:7e:55:bb:ea:38:4e:ae:d5:b2:b6:c2:6a:53:fa: + 2a:23:07:d0:b8:76:66:74:cb:ba:e7:b2:66:ac:19:1d:b5:ba: + ab:e7:de:f2:84:10:e5:df:57:ea:19:f4:2c:af:d8:61:b3:09: + 31:e4:b3:94:08:65:52:03:b4:5c:7b:d0:44:37:59:df:d3:13: + 09:f7:da:34:a1:d0:8d:e8:c7:73:05:60:15:a2:ef:a1:94:31: + 0b:a7:ee:3d:25:12:19:6a:e5:29:30:3c:97:82:ed:a5:db:f3: + 54:7f:2a:73:c2:be:0d:25:30:9b:d4:c0:77:99:db:55:dd:d2: + f7:88:d0:8b:74:66:00:65:14:d6:c6:4c:a8:de:cf:54:19:bf: + 3a:d9:6a:80:4a:85:87:f6:ec:3d:3d:01:67:54:ea:82:7f:d5: + c3:37:3b:c3:d0:82:ce:01:30:bf:30:a0:c2:04:70:ab:5b:02: + 05:2f:ca:f1:e2:49:d3:50:04:e4:f2:77:08:16:5a:45:95:6c: + c9:80:72:a7:e6:b6:97:d4:22:5d:b7:f9:3a:5e:d0:be:6a:53: + 44:35:fc:e9:45:3b:56:4a:1d:06:38:8e:5b:1b:fe:a2:0b:5b: + c2:5d:5e:99:84:7e:ba:c4:5c:b5:43:1d:a2:9b:b3:05:bd:33: + 38:8e:2c:e8 -----BEGIN X509 CRL----- -MIICbjCCASYCAQEwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NM -X1JTQS1QU1MxFTATBgNVBAsMDFJvb3QtUlNBLVBTUzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yNDAx -MDUyMjM0MDNaFw0yNjEwMDEyMjM0MDNaMBQwEgIBAhcNMjQwMTA1MjIzNDAzWqAO -MAwwCgYDVR0UBAMCAQMwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY -BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEBADcOR4Ay7OIHoQeH9AJ9 -y26uPqALflnmCTv8uUKkPhWvPoXZpAF7Sq0xCFAyYxbEtonLV0yQMWlPJWYtr3w8 -R6GIa+9A2iFR0MiDD/pppgIem+aP2DK72HObH96CgM5vRLlQ3ti8g72wfVVTZdi5 -G6QX1tZH8M8FMRcGyyiFeMaA1fLVry0uAyer9bIqPQ1JZ7VE1GzFnVByQ+BtPK8b -8OSIZud1VvxgETKYkRjvzA+fOwz/J4sum2MS4oLMXZ4DOt3RKDzqXc8o5NpZGOah -ViGgZLWhsCeuBqmJV9+gHJUDv4EFnE4UE6U75qZvkKgSvYxNL7u9sNSU8tu7a+Ay -oxw= +MIICgzCCATsCAQEwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASAwgbIxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NM +X1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJ +k/IsZAEBDAd3b2xmU1NMFw0yNDAxMDkwMDM0MzBaFw0yNjEwMDUwMDM0MzBaMBQw +EgIBARcNMjQwMTA5MDAzNDMwWqAOMAwwCgYDVR0UBAMCAQ0wPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC +ASADggEBAGh0gfB+VbvqOE6u1bK2wmpT+iojB9C4dmZ0y7rnsmasGR21uqvn3vKE +EOXfV+oZ9Cyv2GGzCTHks5QIZVIDtFx70EQ3Wd/TEwn32jSh0I3ox3MFYBWi76GU +MQun7j0lEhlq5SkwPJeC7aXb81R/KnPCvg0lMJvUwHeZ21Xd0veI0It0ZgBlFNbG +TKjez1QZvzrZaoBKhYf27D09AWdU6oJ/1cM3O8PQgs4BML8woMIEcKtbAgUvyvHi +SdNQBOTydwgWWkWVbMmAcqfmtpfUIl23+Tpe0L5qU0Q1/OlFO1ZKHQY4jlsb/qIL +W8JdXpmEfrrEXLVDHaKbswW9MziOLOg= -----END X509 CRL----- diff --git a/certs/crl/eccCliCRL.pem b/certs/crl/eccCliCRL.pem index 86fa84a0f..f7a8c1778 100644 --- a/certs/crl/eccCliCRL.pem +++ b/certs/crl/eccCliCRL.pem @@ -2,25 +2,25 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 9 Revoked Certificates: Serial Number: 02 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:21:00:dc:a7:bf:34:1b:68:b6:54:0c:38:8d:46:41: - 84:bf:fa:f0:96:00:89:a6:81:4a:0f:15:12:ef:15:98:f7:51: - 95:02:20:08:57:33:0d:c1:a5:c6:83:63:49:96:8c:71:41:7b: - 40:92:67:80:d6:23:62:2a:c2:f2:43:5a:92:9b:9b:d6:83 + 30:45:02:20:3b:07:f1:6c:fb:19:62:f2:56:2a:5c:21:a3:7d: + bf:06:33:3e:b4:53:01:f3:f5:0e:e6:ca:f5:b9:26:7e:4d:ca: + 02:21:00:dd:04:d6:b1:18:01:b7:d6:ca:d9:7b:29:53:cf:9e: + ad:38:ef:fa:70:2c:41:74:ba:ce:e6:77:1f:22:86:f0:e3 -----BEGIN X509 CRL----- MIIBPDCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3 -DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIx -OTMzWjAUMBICAQIXDTIzMTIxMzIyMTkzM1qgDjAMMAoGA1UdFAQDAgEJMAoGCCqG -SM49BAMCA0gAMEUCIQDcp780G2i2VAw4jUZBhL/68JYAiaaBSg8VEu8VmPdRlQIg -CFczDcGlxoNjSZaMcUF7QJJngNYjYirC8kNakpub1oM= +DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjQwMTA5MDAzNDMwWhcNMjYxMDA1MDAz +NDMwWjAUMBICAQIXDTI0MDEwOTAwMzQzMFqgDjAMMAoGA1UdFAQDAgEJMAoGCCqG +SM49BAMCA0gAMEUCIDsH8Wz7GWLyVipcIaN9vwYzPrRTAfP1DubK9bkmfk3KAiEA +3QTWsRgBt9bK2XspU8+erTjv+nAsQXS6zuZ3HyKG8OM= -----END X509 CRL----- diff --git a/certs/crl/eccSrvCRL.pem b/certs/crl/eccSrvCRL.pem index 8cd5091ca..2b6bc71ce 100644 --- a/certs/crl/eccSrvCRL.pem +++ b/certs/crl/eccSrvCRL.pem @@ -2,25 +2,25 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com - Last Update: Dec 13 22:19:33 2023 GMT - Next Update: Sep 8 22:19:33 2026 GMT + Last Update: Jan 9 00:34:30 2024 GMT + Next Update: Oct 5 00:34:30 2026 GMT CRL extensions: X509v3 CRL Number: 10 Revoked Certificates: Serial Number: 02 - Revocation Date: Dec 13 22:19:33 2023 GMT + Revocation Date: Jan 9 00:34:30 2024 GMT Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:21:00:a9:26:ab:1a:4a:be:5c:92:da:9d:17:0a:b5: - f6:40:ea:84:93:ce:57:b8:af:68:75:e8:e9:de:a7:27:e7:79: - 48:02:20:11:d4:03:97:19:2a:28:04:70:28:bb:5e:6a:b7:f6: - 32:90:f1:92:ff:48:7c:cf:e7:94:0f:ce:63:de:f8:fc:6c + 30:45:02:20:4e:83:3e:21:ee:69:a6:f2:7e:87:45:10:5c:60: + ad:24:49:1e:0f:9e:1f:81:03:00:43:a9:e6:1b:63:27:3f:6b: + 02:21:00:b2:7f:bd:3d:af:c4:f5:ff:82:3f:b7:6a:56:25:7c: + 07:85:54:d9:19:44:42:60:b4:8a:e3:55:f4:a4:96:c7:d1 -----BEGIN X509 CRL----- MIIBPzCB5gIBATAKBggqhkjOPQQDAjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4 -MjIxOTMzWjAUMBICAQIXDTIzMTIxMzIyMTkzM1qgDjAMMAoGA1UdFAQDAgEKMAoG -CCqGSM49BAMCA0gAMEUCIQCpJqsaSr5cktqdFwq19kDqhJPOV7ivaHXo6d6nJ+d5 -SAIgEdQDlxkqKARwKLtearf2MpDxkv9IfM/nlA/OY974/Gw= +SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjQwMTA5MDAzNDMwWhcNMjYxMDA1 +MDAzNDMwWjAUMBICAQIXDTI0MDEwOTAwMzQzMFqgDjAMMAoGA1UdFAQDAgEKMAoG +CCqGSM49BAMCA0gAMEUCIE6DPiHuaabyfodFEFxgrSRJHg+eH4EDAEOp5htjJz9r +AiEAsn+9Pa/E9f+CP7dqViV8B4VU2RlEQmC0iuNV9KSWx9E= -----END X509 CRL----- diff --git a/certs/crl/extra-crls/ca-int-cert-revoked.pem b/certs/crl/extra-crls/ca-int-cert-revoked.pem index 16b02cd91..598502aee 100644 --- a/certs/crl/extra-crls/ca-int-cert-revoked.pem +++ b/certs/crl/extra-crls/ca-int-cert-revoked.pem @@ -2,12 +2,12 @@ MIICBTCB7gIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX -DTI2MDkwODIyMTkzM1owFTATAgIQABcNMjMxMjEzMjIxOTMzWqAOMAwwCgYDVR0U -BAMCAQUwDQYJKoZIhvcNAQELBQADggEBACmOUprDH201Mv2gW5wiighBTzH10Lwv -tKJtoehgsTPgsWPk7BaDTsgzLqrk5g7Nlhe1by5UNGgRbHNBzK+TQgeOtdEE0npr -PITh7Kmtk8rAKygYjDHPtamJLc0oJcpRkVIB7PiyKs8LUlVr+Cv3m6F5I9K5pxc8 -9FXVlrVfAuN8KDC68SPlmpCsWh8v11lXRyy7sMg/ScLvBxTYiehe54kS/IUnjx1E -eKbgRGKf0alznvdQizMhkX4XJ1gbxdeAzbxO0vsCdgevj4uSyizYKzuMkilqzure -KGgSLade8ZwS952XPRLHGmPEeVfaDs5qdXBC6Ov9Tg+IVfmY9FO2Tp4= +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTI0MDEwOTAwMzQzMFoX +DTI2MTAwNTAwMzQzMFowFTATAgIQABcNMjQwMTA5MDAzNDMwWqAOMAwwCgYDVR0U +BAMCAQUwDQYJKoZIhvcNAQELBQADggEBAHeXXNQirv4s301n52RKjlA2GgYMtqKU +pNmZhFVY91LH4JUb93+iHfeBACD7ELUF0lHY6WEk26cL9JU3+2PKE/CqhmLtmtLE +hksE55zfOep+WzeQrngJTEJrsS5ptkCI38NX7uzOn1PC5bX70LdzC4v8wZpZuxCf +VVgORds34s8Hdwq5Scx2qdgip3XTPoxJYIG+iBRp1zg9DM/RIOgCtSISkB9AU2wJ +obFgLNAuhJue6swyo4rj++V6g38ojrZoknwmgZ3qIo4AwZt5o1UhVBkJbXYpbyi6 +bDlDuvJ2SNoaAcGsNjT8Opy61ti729wI/hOqUDn0WqsinFhljpRqW04= -----END X509 CRL----- diff --git a/certs/crl/extra-crls/general-server-crl.pem b/certs/crl/extra-crls/general-server-crl.pem index d547b88fb..eab9266e7 100644 --- a/certs/crl/extra-crls/general-server-crl.pem +++ b/certs/crl/extra-crls/general-server-crl.pem @@ -2,12 +2,12 @@ MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX -DTI2MDkwODIyMTkzM1owFDASAgEBFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE -AwIBBDANBgkqhkiG9w0BAQsFAAOCAQEAkoJhgjUEmUasZKFCVTZ0yLC+AoCpm10E -den4O2yCm6N6NNlOuCbJr34iHSFHeS4Dal0phM6fl6wQTiC5zdVlG4Tnq+RlBVNk -/15jGnjTH20bEc+2KS855GvTe9LhP/HgwS1usLhfR8YwVMSFL2NbFO+HEMD9ULx5 -UkGg9I9ehAcp42uR8RpWkeoLoWzbiw+YaBNZPdzYIylW4RqeLX3D+QhDGEnk3pR/ -Zvl3NcmLKMghXy9hMFEqu0A/G0lC5U2Oo+7jWcjO2Kn8QzCfbXrieIJ/0R4i2tUj -wtmZ4mKVqaD66x/mSXYPpX52p5RTD7R3k+04w9FzLk73LuM69WQr5w== +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTI0MDEwOTAwMzQzMFoX +DTI2MTAwNTAwMzQzMFowFDASAgEBFw0yNDAxMDkwMDM0MzBaoA4wDDAKBgNVHRQE +AwIBBDANBgkqhkiG9w0BAQsFAAOCAQEAWFcHDGDzEVttKWzvWv88rkJhBQihzcbm +I5qlXrccNXrC+7fqHcXp2crCE0o75tnrXkcAL7YWeKcO1SkfIuyd84N73JrEECmf +MaJEVgQrGmuqyLk8p3cq+Rqomyc1KxpxIzUkX7BL6ZCMZGWvvybcA51F+zX+9cMa +jAFR7Ta9byN+TyrDDxecqhGgs/hjfTdXg2NABZjLjFZ3Eo4JO7aio6DgCygIncZX +46xDMqYnl0fOl6+GNBmRdt16O3LXNRFJyvFx/sXBmAVa3/Sfq7UoF+zyT/k0zInu +qfwBkM/hdrpfH2ZyzyDHC4/NXOv/tLZWfbakXAUWZpRx04Wyi8WKyw== -----END X509 CRL----- diff --git a/certs/crl/gencrls.sh b/certs/crl/gencrls.sh index bb48b5387..98deb7e45 100755 --- a/certs/crl/gencrls.sh +++ b/certs/crl/gencrls.sh @@ -56,10 +56,6 @@ echo "Step 3" openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out crl.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem check_result $? -echo "Step 3 RSA-PSS" -openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out crl_rsapss.pem -keyfile ../rsapss/root-rsapss-priv.pem -cert ../rsapss/root-rsapss.pem -check_result $? - # metadata echo "Step 4" openssl crl -in crl.pem -text > tmp @@ -206,4 +202,21 @@ echo "Step 26" openssl crl -in crl.pem -inform PEM -out crl.der -outform DER openssl crl -in crl2.pem -inform PEM -out crl2.der -outform DER +# clear state for RSA-PSS revoke +cp blank.index.txt demoCA/index.txt + +echo "Step 27 RSA-PSS revoke" +openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../rsapss/server-rsapss.pem -keyfile ../rsapss/ca-rsapss-priv.pem -cert ../rsapss/ca-rsapss.pem +check_result $? + +echo "Step 28 RSA-PSS" +openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out crl_rsapss.pem -keyfile ../rsapss/ca-rsapss-priv.pem -cert ../rsapss/ca-rsapss.pem +check_result $? + +# metadata +echo "Step 29" +openssl crl -in crl_rsapss.pem -text > tmp +check_result $? +mv tmp crl_rsapss.pem + exit 0 diff --git a/src/crl.c b/src/crl.c index 9a49f219f..8a617dd34 100644 --- a/src/crl.c +++ b/src/crl.c @@ -138,6 +138,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff, crle->tbsSz = dcrl->sigIndex - dcrl->certBegin; crle->signatureSz = dcrl->sigLength; crle->signatureOID = dcrl->signatureOID; + crle->sigParamsSz = dcrl->sigParamsLength; crle->toBeSigned = (byte*)XMALLOC(crle->tbsSz, heap, DYNAMIC_TYPE_CRL_ENTRY); if (crle->toBeSigned == NULL) @@ -149,6 +150,20 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff, crle->toBeSigned = NULL; return -1; } + + if (dcrl->sigParamsLength > 0) { + crle->sigParams = (byte*)XMALLOC(crle->sigParamsSz, heap, + DYNAMIC_TYPE_CRL_ENTRY); + if (crle->sigParams== NULL) { + XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY); + crle->toBeSigned = NULL; + XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY); + crle->signature = NULL; + return -1; + } + XMEMCPY(crle->sigParams, buff + dcrl->sigParamsIndex, + crle->sigParamsSz); + } XMEMCPY(crle->toBeSigned, buff + dcrl->certBegin, crle->tbsSz); XMEMCPY(crle->signature, dcrl->signature, crle->signatureSz); #ifndef NO_SKID @@ -206,6 +221,8 @@ static void CRL_Entry_free(CRL_Entry* crle, void* heap) XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY); if (crle->toBeSigned != NULL) XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY); + if (crle->sigParams != NULL) + XFREE(crle->sigParams, heap, DYNAMIC_TYPE_CRL_ENTRY); #if defined(OPENSSL_EXTRA) if (crle->issuer != NULL) { FreeX509Name(crle->issuer); @@ -338,16 +355,19 @@ static int VerifyCRLE(const WOLFSSL_CRL* crl, CRL_Entry* crle) ret = VerifyCRL_Signature(&sigCtx, crle->toBeSigned, crle->tbsSz, crle->signature, crle->signatureSz, crle->signatureOID, + #ifdef WC_RSA_PSS + crle->sigParams, crle->sigParamsSz, + #else + NULL, 0, + #endif + ca, crl->heap); - /* @TODO RSA PSS params */ NULL, 0, - - ca, - crl->heap); - - if (ret == 0) + if (ret == 0) { crle->verified = 1; - else + } + else { crle->verified = ret; + } return ret; } @@ -739,11 +759,15 @@ static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap) DYNAMIC_TYPE_CRL_ENTRY); dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap, DYNAMIC_TYPE_CRL_ENTRY); - if (dupl->toBeSigned == NULL || dupl->signature == NULL) { + dupl->sigParams = (byte*)XMALLOC(dupl->sigParamsSz, heap, + DYNAMIC_TYPE_CRL_ENTRY); + if (dupl->toBeSigned == NULL || dupl->signature == NULL || + dupl->sigParams == NULL) { CRL_Entry_free(dupl, heap); return NULL; } XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz); + XMEMCPY(dupl->sigParams, ent->sigParams, dupl->sigParamsSz); XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz); } else { @@ -751,6 +775,10 @@ static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap) dupl->tbsSz = 0; dupl->signature = NULL; dupl->signatureSz = 0; +#ifdef WC_RSA_PSS + dupl->sigParams = NULL; + dupl->sigParamsSz = 0; +#endif #if !defined(NO_SKID) && !defined(NO_ASN) dupl->extAuthKeyIdSet = 0; #endif diff --git a/tests/api.c b/tests/api.c index 194a3607b..b878fcd14 100644 --- a/tests/api.c +++ b/tests/api.c @@ -3046,7 +3046,7 @@ static int test_wolfSSL_CertManagerCRL(void) const char* crl2 = "./certs/crl/crl2.pem"; #ifdef WC_RSA_PSS const char* crl_rsapss = "./certs/crl/crl_rsapss.pem"; - const char* ca_rsapss = "certs/rsapss/root-rsapss.pem"; + const char* ca_rsapss = "certs/rsapss/ca-rsapss.pem"; #endif const unsigned char crl_buff[] = { 0x30, 0x82, 0x02, 0x04, 0x30, 0x81, 0xed, 0x02, @@ -54537,6 +54537,9 @@ static int test_wolfSSL_X509_load_crl_file(void) "./certs/crl/caEccCrl.pem", "./certs/crl/eccCliCRL.pem", "./certs/crl/eccSrvCRL.pem", + #ifdef WC_RSA_PSS + "./certs/crl/crl_rsapss.pem", + #endif "" }; char der[][100] = { @@ -54552,6 +54555,10 @@ static int test_wolfSSL_X509_load_crl_file(void) ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem", X509_FILETYPE_PEM), 1); +#ifdef WC_RSA_PSS + ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/rsapss/ca-rsapss.pem", + X509_FILETYPE_PEM), 1); +#endif ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/server-revoked-cert.pem", X509_FILETYPE_PEM), 1); if (store) { @@ -54572,6 +54579,11 @@ static int test_wolfSSL_X509_load_crl_file(void) ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), CRL_CERT_REVOKED); +#ifdef WC_RSA_PSS + ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, + "certs/rsapss/server-rsapss-cert.pem", WOLFSSL_FILETYPE_PEM), + CRL_CERT_REVOKED); +#endif } /* once feeing store */ X509_STORE_free(store); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index d32e8d6ed..2291e0c4d 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2500,8 +2500,8 @@ struct CRL_Entry { word32 signatureSz; word32 signatureOID; #ifdef WC_RSA_PSS - word32 sigParamsIndex; /* start of signature parameters */ - word32 sigParamsLength; /* length of signature parameters */ + word32 sigParamsSz; /* length of signature parameters */ + byte* sigParams; /* buffer with signature parameters */ #endif #if !defined(NO_SKID) && !defined(NO_ASN) byte extAuthKeyIdSet;